From b8055a4fc058ae67324965517d0dbf6de43c4c34 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Fabian=20Gr=C3=BCnbichler?= Date: Wed, 19 Jun 2019 11:46:19 +0200 Subject: [PATCH] ticket: add comments about auth key mtime MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit we cannot fully close this window, and don't need to anyway since we apply +-300s when calculating ticket age ranges, but documenting where mtime is used and what we expect seems like a good idea for future readers. Signed-off-by: Fabian Grünbichler --- PVE/AccessControl.pm | 3 +++ 1 file changed, 3 insertions(+) diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm index 0132268..6ac99ac 100644 --- a/PVE/AccessControl.pm +++ b/PVE/AccessControl.pm @@ -171,6 +171,7 @@ sub rotate_authkey { if ($old) { eval { my $pem = $old->get_public_key_x509_string(); + # mtime is used for caching and ticket age range calculation PVE::Tools::file_set_contents($pve_auth_key_files->{pubold}, $pem); }; die "Failed to store old auth key: $@\n" if $@; @@ -178,6 +179,8 @@ sub rotate_authkey { eval { my $pem = $new->get_public_key_x509_string(); + # mtime is used for caching and ticket age range calculation, + # should be close to that of pubold above PVE::Tools::file_set_contents($pve_auth_key_files->{pub}, $pem); }; if ($@) { -- 2.39.2