From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <d.whyte@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 4120261652
 for <pbs-devel@lists.proxmox.com>; Wed, 21 Oct 2020 09:52:57 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 2EE6615778
 for <pbs-devel@lists.proxmox.com>; Wed, 21 Oct 2020 09:52:27 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [212.186.127.180])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 6EF721576C
 for <pbs-devel@lists.proxmox.com>; Wed, 21 Oct 2020 09:52:26 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 3CF3645E7C
 for <pbs-devel@lists.proxmox.com>; Wed, 21 Oct 2020 09:52:26 +0200 (CEST)
Date: Wed, 21 Oct 2020 09:52:02 +0200 (CEST)
From: Dylan Whyte <d.whyte@proxmox.com>
To: Dietmar Maurer <dietmar@proxmox.com>,
 Proxmox Backup Server development discussion <pbs-devel@lists.proxmox.com>
Message-ID: <1697482264.331.1603266722757@webmail.proxmox.com>
In-Reply-To: <48157714.325.1603262623854@webmail.proxmox.com>
References: <20201020092916.11547-1-d.whyte@proxmox.com>
 <48157714.325.1603262623854@webmail.proxmox.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.4-Rev11
X-Originating-Client: open-xchange-appsuite
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.021 Adjusted score from AWL reputation of From: address
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_DNSWL_MED        -2.3 Sender listed at https://www.dnswl.org/,
 medium trust
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [proxmox.com]
Subject: Re: [pbs-devel] [PATCH proxmox-backup] fix #3038: check user before
 renewing ticket
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
 <pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2020 07:52:57 -0000

All working now, thanks!
> On 21.10.2020 08:43 Dietmar Maurer <dietmar@proxmox.com> wrote:
> 
>  
> This fix is not really correct. I applied it wit a followup patch.
> Please can you test my fix?
> 
> comments inline:
> 
> > On 10/20/2020 11:29 AM Dylan Whyte <d.whyte@proxmox.com> wrote:
> > 
> >  
> > Fixes a bug in which the userid of the ticket cache is updated,
> > when a user connects, but the ticket itself is not.
> > This means a newly connected user has a previously connected
> > user's ticket and thus, cannot do anything, as the client will
> > attempt to use the invalid ticket.
> > 
> > e.g. if john@pbs connected to the server first, followed by
> > mike@pbs, the following would be stored in the ticket cache.
> > 
> > {
> >   "localhost": {
> >     "mike@pbs": {
> >       "ticket": "PBS:john@pbs:AAAA",
> >       "timestamp": 1601039326,
> >       "token": "BBBB"
> >     }
> >   }
> > }
> > 
> > Signed-off-by: Dylan Whyte <d.whyte@proxmox.com>
> > ---
> >  src/client/http_client.rs | 12 +++++++-----
> >  1 file changed, 7 insertions(+), 5 deletions(-)
> > 
> > diff --git a/src/client/http_client.rs b/src/client/http_client.rs
> > index e3d18604..02a58c2d 100644
> > --- a/src/client/http_client.rs
> > +++ b/src/client/http_client.rs
> > @@ -219,11 +219,13 @@ fn store_ticket_info(prefix: &str, server: &str, username: &str, ticket: &str, t
> >  
> >      let empty = serde_json::map::Map::new();
> >      for (server, info) in data.as_object().unwrap_or(&empty) {
> > -        for (_user, uinfo) in info.as_object().unwrap_or(&empty) {
> > -            if let Some(timestamp) = uinfo["timestamp"].as_i64() {
> > -                let age = now - timestamp;
> > -                if age < ticket_lifetime {
> > -                    new_data[server][username] = uinfo.clone();
> > +        for (user, uinfo) in info.as_object().unwrap_or(&empty) {
> > +            if user == username {
> 
> not needed
> 
> > +                if let Some(timestamp) = uinfo["timestamp"].as_i64() {
> > +                    let age = now - timestamp;
> > +                    if age < ticket_lifetime {
> > +                        new_data[server][username] = uinfo.clone();
> 
>  new_data[server][user] = uinfo.clone();
> 
> > +                    }
> >                  }
> >              }
> >          }
> > -- 
> > 2.20.1
> > 
> > 
> > 
> > _______________________________________________
> > pbs-devel mailing list
> > pbs-devel@lists.proxmox.com
> > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel