personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2026-02-14 00:34:22 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

remove the requirement for a cert-v2 certificate to have an IPv4 Network to have IPv4 UnsafeNetworks

Browse Source
This commit is contained in:
JackDoan
2026-01-20 10:18:15 -06:00
parent e5f60fa54f
commit 43bdf9066e
1 changed files with 0 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cert/cert_v2.go
View File

@@ -396,7 +396,6 @@ func (c *certificateV2) validate() error {
return NewErrInvalidCertificateProperties("non-CA certificate must contain at least 1 network")
}
hasV4Networks := false
hasV6Networks := false
for _, network := range c.details.networks {
if !network.IsValid() || !network.Addr().IsValid() {
@@ -415,7 +414,6 @@ func (c *certificateV2) validate() error {
return NewErrInvalidCertificateProperties("4in6 networks are not allowed: %s", network)
}
hasV4Networks = hasV4Networks || network.Addr().Is4()
hasV6Networks = hasV6Networks || network.Addr().Is6()
}
@@ -439,10 +437,6 @@ func (c *certificateV2) validate() error {
if !hasV6Networks {
return NewErrInvalidCertificateProperties("IPv6 unsafe networks require an IPv6 address assignment: %s", network)
}
} else if network.Addr().Is4() {
if !hasV4Networks {
return NewErrInvalidCertificateProperties("IPv4 unsafe networks require an IPv4 address assignment: %s", network)
}
}
}
}