From a494489ffac76d977c2733c8d33112bf95235ea3 Mon Sep 17 00:00:00 2001 From: Colin Adler Date: Mon, 27 Jun 2022 15:31:18 -0500 Subject: [PATCH] fix: use valid ip mask in api keys when remote address is ipv6 (#2695) --- coderd/httpmw/apikey.go | 3 ++- coderd/users.go | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/coderd/httpmw/apikey.go b/coderd/httpmw/apikey.go index 05ad040042..467bcacea4 100644 --- a/coderd/httpmw/apikey.go +++ b/coderd/httpmw/apikey.go @@ -172,10 +172,11 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h if remoteIP == nil { remoteIP = net.IPv4(0, 0, 0, 0) } + bitlen := len(remoteIP) * 8 key.IPAddress = pqtype.Inet{ IPNet: net.IPNet{ IP: remoteIP, - Mask: remoteIP.DefaultMask(), + Mask: net.CIDRMask(bitlen, bitlen), }, Valid: true, } diff --git a/coderd/users.go b/coderd/users.go index c8ac9aa27c..282f653ef3 100644 --- a/coderd/users.go +++ b/coderd/users.go @@ -815,6 +815,7 @@ func (api *API) createAPIKey(rw http.ResponseWriter, r *http.Request, params dat if ip == nil { ip = net.IPv4(0, 0, 0, 0) } + bitlen := len(ip) * 8 key, err := api.Database.InsertAPIKey(r.Context(), database.InsertAPIKeyParams{ ID: keyID, UserID: params.UserID, @@ -822,7 +823,7 @@ func (api *API) createAPIKey(rw http.ResponseWriter, r *http.Request, params dat IPAddress: pqtype.Inet{ IPNet: net.IPNet{ IP: ip, - Mask: ip.DefaultMask(), + Mask: net.CIDRMask(bitlen, bitlen), }, Valid: true, },