token-validator: better calculate IP contained

2021-03-03 18:44:26 +01:00 · 2021-03-03 18:44:26 +01:00 · d28b14fa50
parent 6fcdc44952
commit d28b14fa50
3 changed files with 11 additions and 2 deletions
--- a/libadlin/tunnel.go
+++ b/libadlin/tunnel.go
@ -12,10 +12,19 @@ import (
 	"time"
 )

+const StdNetmask = 80
+
 func StudentIP(idstd int64) net.IP {
 	return net.ParseIP(fmt.Sprintf("2a01:e0a:2b:2252:%x::", idstd))
 }

+func StudentNet(idstd int64) *net.IPNet {
+	return &net.IPNet{
+		IP:   StudentIP(idstd),
+		Mask: net.CIDRMask(StdNetmask, 128),
+	}
+}
+
 type WGDump struct {
 	PubKey     string
 	PSK        string
--- a/token-validator/domain.go
+++ b/token-validator/domain.go
@ -246,7 +246,7 @@ func AddAssociatedDomains(student adlin.Student, aaaa net.IP) (err error) {

 	if aaaa == nil {
 		aaaa = net.ParseIP(adlin.StudentIP(student.Id).String() + "1")
-	} else if !strings.HasPrefix(aaaa.String(), adlin.StudentIP(student.Id).String()) {
+	} else if !adlin.StudentNet(student.Id).Contains(aaaa) {
 		return errors.New("The associated IP has to be in your IP range.")
 	}

--- a/token-validator/wg.go
+++ b/token-validator/wg.go
@ -63,7 +63,7 @@ func getTunnelInfo(student int64) TunnelInfo {
 		SrvPubKey: srv_pubkey,
 		SrvPort:   42912,
 		CltIPv6:   adlin.StudentIP(student),
-		CltRange:  80,
+		CltRange:  adlin.StdNetmask,
 		SrvGW6:    "2a01:e0a:2b:2252::1",
 	}
 }