From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 9C37A1FF394 for ; Mon, 3 Jun 2024 11:01:55 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 1D2A51E2F8; Mon, 3 Jun 2024 11:02:25 +0200 (CEST) Date: Mon, 3 Jun 2024 11:02:21 +0200 From: Wolfgang Bumiller To: Shannon Sterz Message-ID: References: <20240523112559.257547-1-s.sterz@proxmox.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20240523112559.257547-1-s.sterz@proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL 0.090 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pbs-devel] applied: [PATCH proxmox-backup] auth: add locking to `PbsAuthenticator` to avoid race conditions X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Backup Server development discussion Cc: pbs-devel@lists.proxmox.com Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" applied, thanks On Thu, May 23, 2024 at 01:25:59PM GMT, Shannon Sterz wrote: > currently we don't lock the shadow file when removing or storing a > password. by adding locking here we avoid a situation where storing > and/or removing a password concurrently could lead to a race > condition. in this scenario it is possible that a password isn't > persisted or a password isn't removed. we already do this for > the "token.shadow" file, so just use the same mechanism here. > > Signed-off-by: Shannon Sterz > --- > src/auth.rs | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/src/auth.rs b/src/auth.rs > index 21468d4b..5134e41e 100644 > --- a/src/auth.rs > +++ b/src/auth.rs > @@ -9,6 +9,7 @@ use std::pin::Pin; > use anyhow::{bail, Error}; > use futures::Future; > use once_cell::sync::{Lazy, OnceCell}; > +use pbs_config::open_backup_lockfile; > use proxmox_router::http_bail; > use serde_json::json; > > @@ -31,6 +32,7 @@ pub const TERM_PREFIX: &str = "PBSTERM"; > struct PbsAuthenticator; > > pub(crate) const SHADOW_CONFIG_FILENAME: &str = configdir!("/shadow.json"); > +pub(crate) const SHADOW_LOCK_FILENAME: &str = configdir!("/shadow.json.lock"); > > impl Authenticator for PbsAuthenticator { > fn authenticate_user<'a>( > @@ -69,6 +71,8 @@ impl Authenticator for PbsAuthenticator { > _client_ip: Option<&IpAddr>, > ) -> Result<(), Error> { > let enc_password = proxmox_sys::crypt::encrypt_pw(password)?; > + > + let _guard = open_backup_lockfile(SHADOW_LOCK_FILENAME, None, true); > let mut data = proxmox_sys::fs::file_get_json(SHADOW_CONFIG_FILENAME, Some(json!({})))?; > data[username.as_str()] = enc_password.into(); > > @@ -85,6 +89,8 @@ impl Authenticator for PbsAuthenticator { > } > > fn remove_password(&self, username: &UsernameRef) -> Result<(), Error> { > + let _guard = open_backup_lockfile(SHADOW_LOCK_FILENAME, None, true); > + > let mut data = proxmox_sys::fs::file_get_json(SHADOW_CONFIG_FILENAME, Some(json!({})))?; > if let Some(map) = data.as_object_mut() { > map.remove(username.as_str()); > -- > 2.39.2 _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel