* [pbs-devel] [PATCH proxmox-backup] rest: check for disabled token (user)
@ 2020-11-11 10:47 Fabian Grünbichler
2020-11-11 11:22 ` [pbs-devel] applied: " Thomas Lamprecht
0 siblings, 1 reply; 2+ messages in thread
From: Fabian Grünbichler @ 2020-11-11 10:47 UTC (permalink / raw)
To: pbs-devel
when authenticating a token, and not just when authenticating a
user/ticket.
Reported-By: Dominik Jäger <d.jaeger@proxmox.com>
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
src/server/rest.rs | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/server/rest.rs b/src/server/rest.rs
index ea87c9c8..da110507 100644
--- a/src/server/rest.rs
+++ b/src/server/rest.rs
@@ -623,6 +623,10 @@ fn check_auth(
.ok_or_else(|| format_err!("failed to split API token header"))?;
let tokenid: Authid = tokenid.parse()?;
+ if !user_info.is_active_auth_id(&tokenid) {
+ bail!("user account or token disabled or expired.");
+ }
+
let tokensecret = parts.next()
.ok_or_else(|| format_err!("failed to split API token header"))?;
let tokensecret = percent_decode_str(tokensecret)
--
2.20.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pbs-devel] applied: [PATCH proxmox-backup] rest: check for disabled token (user)
2020-11-11 10:47 [pbs-devel] [PATCH proxmox-backup] rest: check for disabled token (user) Fabian Grünbichler
@ 2020-11-11 11:22 ` Thomas Lamprecht
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2020-11-11 11:22 UTC (permalink / raw)
To: Proxmox Backup Server development discussion, Fabian Grünbichler
On 11.11.20 11:47, Fabian Grünbichler wrote:
> when authenticating a token, and not just when authenticating a
> user/ticket.
>
> Reported-By: Dominik Jäger <d.jaeger@proxmox.com>
>
> Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
> ---
> src/server/rest.rs | 4 ++++
> 1 file changed, 4 insertions(+)
>
>
applied, thanks!
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-11-11 11:23 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-11 10:47 [pbs-devel] [PATCH proxmox-backup] rest: check for disabled token (user) Fabian Grünbichler
2020-11-11 11:22 ` [pbs-devel] applied: " Thomas Lamprecht
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal