[pve-devel] [PATCH access-control] fix vnc ticket verification without authkey lifetime

Dominik Csapak d.csapak at proxmox.com
Mon Mar 18 10:39:56 CET 2019


since $authkey_lifetime is currently set to 0, we have to check this,
else we always fail to verify the VNC ticket

Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
 PVE/AccessControl.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 6cfc841..51ef3ee 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -327,7 +327,7 @@ sub verify_vnc_ticket {
     my $secret_data = "$username:$path";
 
     my ($rsa_pub, $rsa_mtime) = get_pubkey();
-    if (!$rsa_pub || (time() - $rsa_mtime > $authkey_lifetime)) {
+    if (!$rsa_pub || (time() - $rsa_mtime > $authkey_lifetime && $authkey_lifetime > 0)) {
 	if ($noerr) {
 	    return undef;
 	} else {
-- 
2.11.0




More information about the pve-devel mailing list