mirror of
https://github.com/juanfont/headscale.git
synced 2025-11-10 01:20:58 +01:00
d49ae71a80
This commit fixes the UNIQUE constraint on the pre_auth_keys.prefix column to allow multiple legacy keys (with NULL or empty prefix) while still enforcing uniqueness for new bcrypt-based keys. Changes: - Modified migration to create partial unique index with WHERE clause - Updated schema.sql to match migration - Added comprehensive test (TestMultipleLegacyKeysAllowed) to verify: * Multiple legacy keys with empty prefix can coexist * New bcrypt keys have unique prefixes * Duplicate non-empty prefixes are rejected - Fixed lint issues (errcheck, intrange) - Fixed hardening: position-based parsing instead of separator-based - Added validation for empty string, length, separator, and character set The partial index uses: WHERE prefix IS NOT NULL AND prefix != '' This allows unlimited legacy keys (backward compatibility) while preventing duplicate prefixes for new keys (security). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| sqliteconfig | ||
| testdata | ||
| api_key_test.go | ||
| api_key.go | ||
| db_test.go | ||
| db.go | ||
| ephemeral_garbage_collector_test.go | ||
| ip_test.go | ||
| ip.go | ||
| node_test.go | ||
| node.go | ||
| policy.go | ||
| preauth_keys_test.go | ||
| preauth_keys.go | ||
| schema.sql | ||
| suite_test.go | ||
| text_serialiser.go | ||
| users_test.go | ||
| users.go | ||