tyler
/
proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

src/api2/access.rs: authenticate_user() - add ticket login

This commit is contained in:
Dietmar Maurer 2019-03-05 12:53:59 +01:00
parent e5662b04e9
commit f8f94534d4
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/api2/access.rs
View File

@ -12,6 +12,18 @@ use serde_json::{json, Value};
fn authenticate_user(username: &str, password: &str) -> Result<(), Error> {
let ticket_lifetime = tools::ticket::TICKET_LIFETIME;
if password.starts_with("PBS:") {
if let Ok((_age, Some(ticket_username))) = tools::ticket::verify_rsa_ticket(public_auth_key(), "PBS", password, None, -300, ticket_lifetime) {
if ticket_username == username {
return Ok(());
} else {
bail!("ticket login failed - wrong username");
}
}
}
if username == "root@pam" {
let mut auth = pam::Authenticator::with_password("proxmox-backup-auth").unwrap();
auth.get_handler().set_credentials("root", password);