proxmox-backup/src
Stefan Reiter c4c4b5a3ef auth: 'crypt' is not thread safe
According to crypt(3):
"crypt places its result in a static storage area, which will be
overwritten by subsequent calls to crypt. It is not safe to call crypt
from multiple threads simultaneously."

This means that multiple login calls as a PBS-realm user can collide and
produce intermittent authentication failures. A visible case is for
file-restore, where VMs with many disks lead to just as many auth-calls
at the same time, as the GUI tries to expand each tree element on load.

Instead, use the thread-safe variant 'crypt_r', which places the result
into a pre-allocated buffer of type 'crypt_data'. The C struct is laid
out according to 'lib/crypt.h.in' and the man page mentioned above.

Use the opportunity and make both arguments to the rust 'crypt' function
take a &[u8].

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2021-07-12 18:38:48 +02:00
..
acme acme: nit code cleanup 2021-07-03 21:44:13 +02:00
api2 Revert "api: access: domains: add ExtraRealmInfo and RealmInfo structs" 2021-07-12 09:53:07 +02:00
backup move more api types for the client 2021-07-09 15:17:53 +02:00
bin change tape drive lock path 2021-07-12 17:26:49 +02:00
client client: import updates 2021-07-09 15:32:12 +02:00
config config: acl: add PRIV_REALM_ALLOCATE 2021-07-09 15:36:54 +02:00
pxar add pbs-datastore module 2021-07-06 15:11:52 +02:00
rrd clippy: more misc fixes 2021-01-26 09:54:55 +01:00
server rest: log response: avoid unnecessary mut on variable 2021-07-11 13:05:19 +02:00
tape tape: changer: sg_pt: query element types separately 2021-07-12 18:19:26 +02:00
tools move some tools used by the client 2021-07-09 15:17:52 +02:00
auth_helpers.rs split out pbs-buildcfg module 2021-07-06 12:00:14 +02:00
auth.rs auth: 'crypt' is not thread safe 2021-07-12 18:38:48 +02:00
lib.rs move chunk_store to pbs-datastore 2021-07-07 14:37:47 +02:00