On 7/8/19 2:36 PM, Fabian Grünbichler wrote: > to fix an issue where valid tickets could be rejected 5 minutes after a > key rotation, where the minimum age is exactly 0 seconds. > > thanks Dominik for triaging! > > Signed-off-by: Fabian Grünbichler <f.gruenbich...@proxmox.com> > (cherry picked from commit 5bb966fe5d6f3f6a30e86724c024f80ebebacfba) > --- > this cherry-pick was missed, already applied in master > > PVE/AccessControl.pm | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm > index fc519f1..908cccb 100644 > --- a/PVE/AccessControl.pm > +++ b/PVE/AccessControl.pm > @@ -294,7 +294,7 @@ sub verify_ticket { > return undef if !$rsa_pub; > > my ($min, $max) = $get_ticket_age_range->($now, $rsa_mtime, $old); > - return undef if !$min; > + return undef if !defined($min); > > return PVE::Ticket::verify_rsa_ticket( > $rsa_pub, 'PVE', $ticket, undef, $min, $max, 1); > applied, thanks!
_______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel