GitHub/ergo
3
0
Fork 0
mirror of https://github.com/ergochat/ergo.git synced 2026-04-11 18:08:06 +02:00
Code Issues Projects Releases Wiki Activity

fix handling of invalid API bearer tokens (#2380)

Browse Source 
Not doing a pointfix since this only affects obvious misconfigurations of Ergo
(our attempt to be defensive against those misconfigurations failed)
This commit is contained in:
Shivaram Lingamneni 2026-04-10 10:32:09 -07:00 committed by GitHub
parent cbbe18314a
commit 5bb94efaf6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
irc/config.go
View File

@ -1032,12 +1032,12 @@ func (config *Config) processAPI() (err error) {
return errors.New("config.api.enabled is true, but listener address is empty")
}
config.API.bearerTokenBytes = make([][]byte, len(config.API.BearerTokens))
for i, tok := range config.API.BearerTokens {
config.API.bearerTokenBytes = make([][]byte, 0, len(config.API.BearerTokens))
for _, tok := range config.API.BearerTokens {
if tok == "" || tok == "example" {
continue
}
config.API.bearerTokenBytes[i] = []byte(tok)
config.API.bearerTokenBytes = append(config.API.bearerTokenBytes, []byte(tok))
}
var tlsConfig *tls.Config