proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-06-15 16:59:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ticket: reorder calls when rotating

Browse Source 
to shrink the window between the two file_set_contents calls. we don't
need the mtimes to line up exactly since we have 300s of uncertainty
anyway, but generating an RSA key could take a while ;)

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2019-06-19 11:46:18 +02:00 committed by Thomas Lamprecht
parent 5bb966fe5d
commit e770e6672f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
PVE/AccessControl.pm
View File

@ -166,6 +166,7 @@ sub rotate_authkey {
return if check_authkey(); return if check_authkey();
my $old = get_pubkey(); my $old = get_pubkey();
my $new = Crypt::OpenSSL::RSA->generate_key(2048);
if ($old) { if ($old) {
eval { eval {
@ -175,7 +176,6 @@ sub rotate_authkey {
die "Failed to store old auth key: $@\n" if $@; die "Failed to store old auth key: $@\n" if $@;
} }
my $new = Crypt::OpenSSL::RSA->generate_key(2048);
eval { eval {
my $pem = $new->get_public_key_x509_string(); my $pem = $new->get_public_key_x509_string();
PVE::Tools::file_set_contents($pve_auth_key_files->{pub}, $pem); PVE::Tools::file_set_contents($pve_auth_key_files->{pub}, $pem);