diff --git a/handler/routes.go b/handler/routes.go index f418a61..4c3b666 100644 --- a/handler/routes.go +++ b/handler/routes.go @@ -162,8 +162,8 @@ func NewClient(db store.IStore) echo.HandlerFunc { // validate extra AllowedIPs if util.ValidateAllowedIPs(client.ExtraAllowedIPs) == false { - log.Warnf("Invalid Extra AllowedIPs input from user: %v", client.ExtraAllowedIPs) - return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Extra AllowedIPs must be in CIDR format"}) + log.Warnf("Invalid Extra AllowedIPs input from user: %v", client.ExtraAllowedIPs) + return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Extra AllowedIPs must be in CIDR format"}) } // gen ID @@ -280,10 +280,10 @@ func UpdateClient(db store.IStore) echo.HandlerFunc { return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Allowed IPs must be in CIDR format"}) } - if util.ValidateAllowedIPs(_client.ExtraAllowedIPs) == false { - log.Warnf("Invalid Allowed IPs input from user: %v", _client.ExtraAllowedIPs) - return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Extra Allowed IPs must be in CIDR format"}) - } + if util.ValidateExtraAllowedIPs(_client.ExtraAllowedIPs) == false { + log.Warnf("Invalid Allowed IPs input from user: %v", _client.ExtraAllowedIPs) + return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Extra Allowed IPs must be in CIDR format"}) + } // map new data client.Name = _client.Name @@ -640,7 +640,7 @@ func SuggestIPAllocation(db store.IStore) echo.HandlerFunc { fmt.Sprintf("Cannot suggest ip allocation: failed to get available ip from network %s", cidr), }) } - if (strings.Contains(ip, ":")) { + if strings.Contains(ip, ":") { suggestedIPs = append(suggestedIPs, fmt.Sprintf("%s/128", ip)) } else { suggestedIPs = append(suggestedIPs, fmt.Sprintf("%s/32", ip)) diff --git a/templates/wg.conf b/templates/wg.conf index f128148..4005952 100644 --- a/templates/wg.conf +++ b/templates/wg.conf @@ -20,5 +20,5 @@ PostDown = {{ .serverConfig.Interface.PostDown }} [Peer] PublicKey = {{ .Client.PublicKey }} PresharedKey = {{ .Client.PresharedKey }} -AllowedIPs = {{$first :=true}}{{range .Client.AllocatedIPs }}{{if $first}}{{$first = false}}{{else}},{{end}}{{.}}{{end}}{{$first :=true}}{{range .Client.ExtraAllowedIPs }},{{.}}{{end}} +AllowedIPs = {{$first :=true}}{{range .Client.AllocatedIPs }}{{if $first}}{{$first = false}}{{else}},{{end}}{{.}}{{end}}{{range .Client.ExtraAllowedIPs }}{{if ne . ""}},{{.}}{{else}}{{end}}{{end}} {{end}}{{end}} diff --git a/util/util.go b/util/util.go index aad0c7b..7622918 100644 --- a/util/util.go +++ b/util/util.go @@ -76,12 +76,18 @@ func ValidateCIDR(cidr string) bool { } // ValidateCIDRList to validate a list of network CIDR -func ValidateCIDRList(cidrs []string) bool { +func ValidateCIDRList(cidrs []string, allowEmpty bool) bool { for _, cidr := range cidrs { - if len(cidr) > 0 { - if ValidateCIDR(cidr) == false { - return false - } + if allowEmpty { + if len(cidr) > 0 { + if ValidateCIDR(cidr) == false { + return false + } + } + } else { + if ValidateCIDR(cidr) == false { + return false + } } } return true @@ -89,7 +95,15 @@ func ValidateCIDRList(cidrs []string) bool { // ValidateAllowedIPs to validate allowed ip addresses in CIDR format func ValidateAllowedIPs(cidrs []string) bool { - if ValidateCIDRList(cidrs) == false { + if ValidateCIDRList(cidrs, false) == false { + return false + } + return true +} + +// ValidateExtraAllowedIPs to validate extra Allowed ip addresses, allowing empty strings +func ValidateExtraAllowedIPs(cidrs []string) bool { + if ValidateCIDRList(cidrs, true) == false { return false } return true @@ -97,7 +111,7 @@ func ValidateAllowedIPs(cidrs []string) bool { // ValidateServerAddresses to validate allowed ip addresses in CIDR format func ValidateServerAddresses(cidrs []string) bool { - if ValidateCIDRList(cidrs) == false { + if ValidateCIDRList(cidrs, false) == false { return false } return true