]> git.proxmox.com Git - pve-access-control.git/commit
projects / pve-access-control.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 931e5bc) | patch
authenticate_2nd_new: only lock tfa config for recovery keys
authorDominik Csapak <d.csapak@proxmox.com>
Fri, 21 Oct 2022 08:31:15 +0000 (10:31 +0200)
committerWolfgang Bumiller <w.bumiller@proxmox.com>
Fri, 21 Oct 2022 08:44:03 +0000 (10:44 +0200)
commit680953712740c5f1c96810c819a03a1649901786
treec3b5febeb465203f7ce5592b1a6c8a133ab4f692tree
parent931e5bc19f98d4ce1654d39fa0b2ae4a4723b528commit | diff
authenticate_2nd_new: only lock tfa config for recovery keys

we currently only need to lock the tfa config when we got a recovery key
as a tfa challenge response, since that's the only thing that can
actually change the tfa config (every other method only reads from
there).

so to do that, factor out the code that was inside the lock, and call it
with/without lock depending on the tfa challenge response

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
src/PVE/AccessControl.pm diff | blob | blame | history
Access control framework