fix(wireguard): resolve 500 parse failure on encrypted file upload stream memory buffers

2026-03-10 11:53:20 +07:00 · 2026-03-10 11:53:20 +07:00 · 66dc95bc6b
commit 66dc95bc6b
parent 787e3bb243
2 changed files with 16 additions and 12 deletions
--- a/backend/internal/wireguard-fs.js
+++ b/backend/internal/wireguard-fs.js
@ -67,11 +67,22 @@ export default {
 		const iv = crypto.randomBytes(16);
 		const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
-		// We will write the IV to the very beginning of the file, followed by encrypted data
+		return new Promise((resolve, reject) => {
-		const encryptedBuffer = Buffer.concat([iv, cipher.update(fileBuffer), cipher.final()]);
+			const writeStream = fs.createWriteStream(filePath);
-		await fs.promises.writeFile(filePath, encryptedBuffer);
+			writeStream.on("error", (err) => reject(err));
-		return { success: true, name: safeFilename };
+			writeStream.on("finish", () => resolve({ success: true, name: safeFilename }));
 			// Write the 16-byte IV first
 			writeStream.write(iv);
 			// Pipe the cipher output to the file
 			cipher.pipe(writeStream);
 			// Write the actual file buffer into the cipher
 			cipher.write(fileBuffer);
 			cipher.end();
 		});
 	},
 	/**
--- a/backend/routes/wireguard.js
+++ b/backend/routes/wireguard.js
@ -4,7 +4,6 @@ import internalWireguard from "../internal/wireguard.js";
 import internalWireguardFs from "../internal/wireguard-fs.js";
 import internalAuditLog from "../internal/audit-log.js";
 import jwtdecode from "../lib/express/jwt-decode.js";
 import fileUpload from "express-fileupload";
 import db from "../db.js";
 const router = express.Router({
@ -16,12 +15,6 @@ const router = express.Router({
 // Protect all WireGuard routes
 router.use(jwtdecode());
 // Enable File Uploads for the File Manager endpoints
 router.use(fileUpload({
 	limits: { fileSize: 500 * 1024 * 1024 }, // 500MB max limit
 	abortOnLimit: true
 }));
 /**
 * GET /api/wireguard
 * Get WireGuard interfaces info