[pve-devel] applied: [PATCH access-control] fix vnc ticket verification without authkey lifetime

Thomas Lamprecht t.lamprecht at proxmox.com
Mon Mar 18 10:44:17 CET 2019


On 3/18/19 10:39 AM, Dominik Csapak wrote:
> since $authkey_lifetime is currently set to 0, we have to check this,
> else we always fail to verify the VNC ticket
> 
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
>  PVE/AccessControl.pm | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
> index 6cfc841..51ef3ee 100644
> --- a/PVE/AccessControl.pm
> +++ b/PVE/AccessControl.pm
> @@ -327,7 +327,7 @@ sub verify_vnc_ticket {
>      my $secret_data = "$username:$path";
>  
>      my ($rsa_pub, $rsa_mtime) = get_pubkey();
> -    if (!$rsa_pub || (time() - $rsa_mtime > $authkey_lifetime)) {
> +    if (!$rsa_pub || (time() - $rsa_mtime > $authkey_lifetime && $authkey_lifetime > 0)) {
>  	if ($noerr) {
>  	    return undef;
>  	} else {
> 

applied, thanks for the quick fix!



More information about the pve-devel mailing list