Scope down the allowedIps so there are no conflicts

2026-02-01 15:49:08 +00:00 · 2025-04-22 22:18:50 -04:00
parent 475a431859
commit 0c370e4299
2 changed files with 2 additions and 2 deletions
--- a/server/routers/newt/handleGetConfigMessage.ts
+++ b/server/routers/newt/handleGetConfigMessage.ts
@@ -133,7 +133,7 @@ export const handleGetConfigMessage: MessageHandler = async (context) => {

                return {
                    publicKey: client.clients.pubKey!,
-                    allowedIps: [client.clients.subnet!],
+                    allowedIps: [`${client.clients.subnet.split('/')[0]}/32`], // we want to only allow from that client
                    endpoint: client.clientSites.isRelayed
                        ? ""
                        : client.clients.endpoint! // if its relayed it should be localhost
--- a/server/routers/olm/handleOlmRegisterMessage.ts
+++ b/server/routers/olm/handleOlmRegisterMessage.ts
@@ -141,7 +141,7 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
            );
            await addPeer(site.siteId, {
                publicKey: publicKey,
-                allowedIps: [client.subnet],
+                allowedIps: [`${client.subnet.split('/')[0]}/32`], // we want to only allow from that client
                endpoint: client.endpoint
            });
        } else {