personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2025-11-22 16:34:25 +01:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

HostInfo.remoteCidr should only be populated with the entire vpn ip address issued in the certificate (#1494)

Browse Source
This commit is contained in:
Nate Brown
2025-10-07 18:35:58 -04:00
committed by GitHub
parent 22af56f156
commit 9f692175e1
2 changed files with 37 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
hostmap.go
View File

@@ -714,8 +714,7 @@ func (i *HostInfo) CreateRemoteCIDR(c *cert.NebulaCertificate) {
//TODO: IPV6-WORK what to do when ip is invalid?
nip, _ := netip.AddrFromSlice(ip.IP)
nip = nip.Unmap()
bits, _ := ip.Mask.Size()
remoteCidr.Insert(netip.PrefixFrom(nip, bits), struct{}{})
remoteCidr.Insert(netip.PrefixFrom(nip, nip.BitLen()), struct{}{})
}
for _, n := range c.Details.Subnets {