From ab909d12e7b53ae4f6a7c0c629095674b21d6b65 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Wed, 15 Mar 2023 21:22:34 +0100
Subject: [PATCH] Don't include KeySign on tunnel v2

---
 token-validator/wg.go | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/token-validator/wg.go b/token-validator/wg.go
index ec44ba4..2bca040 100644
--- a/token-validator/wg.go
+++ b/token-validator/wg.go
@@ -152,8 +152,11 @@ PersistentKeepalive = 5
 # MyNetwork=%s/%d
 # GWIPv6=%s
 # MyLogin=%s
-# KeySign=%s
-`, base64.StdEncoding.EncodeToString(tinfo.SrvPubKey), "82.64.31.248", tinfo.SrvPort, tinfo.CltIPv6, token.SuffixIP, 64, tinfo.CltIPv6, tinfo.CltRange, tinfo.SrvGW6, student.Login, base64.StdEncoding.EncodeToString(token.GenKeySign()))))
+`, base64.StdEncoding.EncodeToString(tinfo.SrvPubKey), "82.64.31.248", tinfo.SrvPort, tinfo.CltIPv6, token.SuffixIP, 64, tinfo.CltIPv6, tinfo.CltRange, tinfo.SrvGW6, student.Login)))
+	if version > 2 {
+		w.Write([]byte(fmt.Sprintf(`# KeySign=%s`, base64.StdEncoding.EncodeToString(token.GenKeySign()))))
+	}
+
 }
 
 func updateWgTunnel(student *adlin.Student, ps httprouter.Params, body []byte) (interface{}, error) {