use Crypt::OpenSSL::RSA;
use PMG::Utils;
+use PMG::Config;
my $min_ticket_lifetime = -60*5; # allow 5 minutes time drift
my $max_ticket_lifetime = 60*60*2; # 2 hours
$rsa_pub, 'PMGVNC', $ticket, $secret_data, -20, 40, $noerr);
}
+# Note: we only encode $pmail into the ticket,
+# and add '@quarantine' in verify_quarantine_ticket()
sub assemble_quarantine_ticket {
my ($pmail) = @_;
return PVE::Ticket::assemble_rsa_ticket($rsa_priv, 'PMGQUAR', $pmail);
}
+my $quarantine_lifetime;
+
+my $get_quarantine_lifetime = sub {
+
+ return $quarantine_lifetime if defined($quarantine_lifetime);
+
+ my $cfg = PMG::Config->new();
+
+ $quarantine_lifetime = $cfg->get('spamquar', 'lifetime');
+
+ return $quarantine_lifetime;
+};
+
sub verify_quarantine_ticket {
- my ($ticket, $lifetime, $noerr) = @_;
+ my ($ticket, $noerr) = @_;
my $rsa_pub = PVE::INotify::read_file('auth_pub_key');
- return PVE::Ticket::verify_rsa_ticket(
+ my $lifetime = $get_quarantine_lifetime->();
+
+ my ($username, $age) = PVE::Ticket::verify_rsa_ticket(
$rsa_pub, 'PMGQUAR', $ticket, undef, -20, $lifetime*86400, $noerr);
+
+ $username = "$username\@quarantine" if defined($username);
+
+ return wantarray ? ($username, $age) : $username;
}
1;
projects / pmg-api.git / blobdiff