Revert "Sanitize path to prevent directory traversal"

This reverts commit 2cdf6ef53e.
2025-03-01 10:31:47 +00:00 · 2024-03-08 11:27:44 +01:00
parent 2cdf6ef53e
commit 79d33db2bf
2 changed files with 7 additions and 10 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@ yarn-error.log
 includes/config.php
 rootCA.pem
 vendor
+.env
--- a/api/modules/wireguard.py
+++ b/api/modules/wireguard.py
@@ -1,6 +1,5 @@
 import subprocess
 import re
-import os

 def configs():
    #ignore symlinks, because wg0.conf is in production the main config, but in insiders it is a symlink
@@ -25,16 +24,13 @@ def client_config_list(client_config):
    if not re.match(pattern, client_config):
        raise ValueError("Invalid client_config")

-    # sanitize path to prevent directory traversal
-    client_config = os.path.basename(client_config)
-
-    config_path = os.path.join("/etc/wireguard/", client_config)
-    if not os.path.exists(config_path):
+    config_path = f"/etc/wireguard/{client_config}"
+    try:
+        with open(config_path, 'r') as f:
+            output = f.read().strip()
+            return output.split('\n')
+    except FileNotFoundError:
        raise FileNotFoundError("Client configuration file not found")

-    with open(config_path, 'r') as f:
-        output = f.read().strip()
-        return output.split('\n')
-
 #TODO: where is the logfile??
 #TODO: is service connected?