to shrink the window between the two file_set_contents calls. we don't need the mtimes to line up exactly since we have 300s of uncertainty anyway, but generating an RSA key could take a while ;)
Signed-off-by: Fabian Grünbichler <f.gruenbich...@proxmox.com> --- PVE/AccessControl.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm index fff2df2..0132268 100644 --- a/PVE/AccessControl.pm +++ b/PVE/AccessControl.pm @@ -166,6 +166,7 @@ sub rotate_authkey { return if check_authkey(); my $old = get_pubkey(); + my $new = Crypt::OpenSSL::RSA->generate_key(2048); if ($old) { eval { @@ -175,7 +176,6 @@ sub rotate_authkey { die "Failed to store old auth key: $@\n" if $@; } - my $new = Crypt::OpenSSL::RSA->generate_key(2048); eval { my $pem = $new->get_public_key_x509_string(); PVE::Tools::file_set_contents($pve_auth_key_files->{pub}, $pem); -- 2.20.1 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel