app/vppn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity

Audit changes.

Browse Source
This commit is contained in:
jdl
2026-06-13 18:07:21 +02:00
parent 8983c0d651
commit 68f01f9823
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
hub/handler.go
View File

@@ -1,6 +1,7 @@
package hub package hub
import ( import (
"crypto/subtle"
"errors" "errors"
"log" "log"
"net/http" "net/http"
@@ -64,7 +65,7 @@ func (app *App) handlePeer(pattern string, fn peerHandlerFunc) {
} }
peer, err := app.api.Peer_GetByAPIKey(apiKey) peer, err := app.api.Peer_GetByAPIKey(apiKey)
if err != nil { if err != nil || subtle.ConstantTimeCompare([]byte(peer.APIKey), []byte(apiKey)) != 1 {
http.Error(w, "Not authorized", http.StatusUnauthorized) http.Error(w, "Not authorized", http.StatusUnauthorized)
return return
} }