X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=blobdiff_plain;f=PVE%2FAccessControl.pm;h=013226819579cb79be45d8749f478a5d88bc21e3;hp=5de060dfced07b7d370ee451e5388a7de68bbe99;hb=e770e6672fdb54c30a787d71043a84b010a8e67f;hpb=243262f1853e94bd02d0614a1ae76442ec1e85e9

diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 5de060d..0132268 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -166,6 +166,7 @@ sub rotate_authkey {
 	return if check_authkey();
 
 	my $old = get_pubkey();
+	my $new = Crypt::OpenSSL::RSA->generate_key(2048);
 
 	if ($old) {
 	    eval {
@@ -175,7 +176,6 @@ sub rotate_authkey {
 	    die "Failed to store old auth key: $@\n" if $@;
 	}
 
-	my $new = Crypt::OpenSSL::RSA->generate_key(2048);
 	eval {
 	    my $pem = $new->get_public_key_x509_string();
 	    PVE::Tools::file_set_contents($pve_auth_key_files->{pub}, $pem);
@@ -283,7 +283,7 @@ sub verify_ticket {
 	return undef if !$rsa_pub;
 
 	my ($min, $max) = $get_ticket_age_range->($now, $rsa_mtime, $old);
-	return undef if !$min;
+	return undef if !defined($min);
 
 	return PVE::Ticket::verify_rsa_ticket(
 	    $rsa_pub, 'PVE', $ticket, undef, $min, $max, 1);