Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wireguard Peer API - PATCH action returns 400 status if "mask" in "allowedips" is set to 0 #595

Closed
nick-diama opened this issue Nov 5, 2024 · 1 comment · Fixed by #596
Closed

Wireguard Peer API - PATCH action returns 400 status if "mask" in "allowedips" is set to 0 #595

nick-diama opened this issue Nov 5, 2024 · 1 comment · Fixed by #596
Labels
bug Something isn't working

Comments

@nick-diama
Copy link

nick-diama commented Nov 5, 2024
edited
Loading

Describe the bug
Setting "allowedips" to a peer with "address": "0.0.0.0" and "mask": 0 fails with response status 400

To Reproduce
Steps to reproduce the behavior:

  1. call /api/v2/vpn/wireguard/peer api with "address": "0.0.0.0" and "mask": 0 set to the object in "allowedips" array.
    curl -X 'PATCH'
    'https://REDACTED/api/v2/vpn/wireguard/peer'
    -H 'accept: application/json'
    -H 'x-api-key: REDACTED'
    -H 'Content-Type: application/json'
    -d '{
    "id": 1,
    "enabled": false,
    "tun": "tun_wg0",
    "endpoint": "REDACTED",
    "port": "51820",
    "descr": "",
    "persistentkeepalive": 5,
    "publickey": "REDACTED",
    "presharedkey": "",
    "allowedips": [
    {
    "address": "0.0.0.0",
    "mask": 0,
    "descr": ""
    }
    ]
    }'

Expected behavior
Since via the GUI the user is allowed to enter in Allowed IPs 0.0.0.0 and in Mask 0, the expected behavior would for the API to return status 200.

Screenshots or Response
{
"code": 400,
"status": "bad request",
"response_id": "NUMERIC_RANGE_VALIDATOR_MINIMUM_CONSTRAINT",
"message": "Field allowedips encountered a nested validation error: Field mask must be greater than or equal to 1. Received 0",
"data": []
}

pfSense Version & Package Version:

  • pfSense Version: 2.7.2
  • Package Version v2.2.1

Affected Endpoints:

  • URL: /api/v2/vpn/wireguard/peer

Additional context
The issue is reported when using PATCH action.
I assume the same will occur when using POST action.
I also assume that this will also happen in:

  • URL: /api/v2/vpn/wireguard/peer/allowed_ip
  • URL: /api/v2/vpn/wireguard/peers
@jaredhendrickson13
Copy link
Owner

Good catch, I'll get a fix for this in the next patch.

Thanks!

@jaredhendrickson13 jaredhendrickson13 added the bug Something isn't working label Nov 5, 2024
jaredhendrickson13 added a commit that referenced this issue Nov 6, 2024
@jaredhendrickson13
fix: reducde WireGuardPeerAllowedIP::$mask minimum to 0 #595
655a07c
jaredhendrickson13 added a commit that referenced this issue Nov 6, 2024
@jaredhendrickson13
fix: reduce WireGuardPeerAllowedIP::$mask minimum to 0 #595
4c2cd72
@jaredhendrickson13 jaredhendrickson13 mentioned this issue Nov 9, 2024
Merged
@jaredhendrickson13 jaredhendrickson13 linked a pull request Nov 9, 2024 that will close this issue
v2.2.2 Fixes #596
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

v2.2.2 Fixes jaredhendrickson13/pfsense-api
2 participants
@nick-diama @jaredhendrickson13