Skip to content

Commit a494489

Browse files
coadlercoadler
authored
fix: use valid ip mask in api keys when remote address is ipv6 (#2695)
1 parent 69f27ef commit a494489

File tree

2 files changed

+4
-2
lines changed

2 files changed

+4
-2
lines changed

coderd/httpmw/apikey.go

+2-1
Original file line numberDiff line numberDiff line change
@@ -172,10 +172,11 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
172172
if remoteIP == nil {
173173
remoteIP = net.IPv4(0, 0, 0, 0)
174174
}
175+
bitlen := len(remoteIP) * 8
175176
key.IPAddress = pqtype.Inet{
176177
IPNet: net.IPNet{
177178
IP: remoteIP,
178-
Mask: remoteIP.DefaultMask(),
179+
Mask: net.CIDRMask(bitlen, bitlen),
179180
},
180181
Valid: true,
181182
}

coderd/users.go

+2-1
Original file line numberDiff line numberDiff line change
@@ -815,14 +815,15 @@ func (api *API) createAPIKey(rw http.ResponseWriter, r *http.Request, params dat
815815
if ip == nil {
816816
ip = net.IPv4(0, 0, 0, 0)
817817
}
818+
bitlen := len(ip) * 8
818819
key, err := api.Database.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{
819820
ID: keyID,
820821
UserID: params.UserID,
821822
LifetimeSeconds: params.LifetimeSeconds,
822823
IPAddress: pqtype.Inet{
823824
IPNet: net.IPNet{
824825
IP: ip,
825-
Mask: ip.DefaultMask(),
826+
Mask: net.CIDRMask(bitlen, bitlen),
826827
},
827828
Valid: true,
828829
},

0 commit comments

Comments
 (0)