Skip to content
Snippets Groups Projects
Verified Commit 3944d356 authored by Nik | Klampfradler's avatar Nik | Klampfradler
Browse files

[Cache] Fix access to static global CACHE

parent 2881338e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/cache.rs
+ 10
5
View file @ 3944d356
...@@ -17,6 +17,7 @@ use crate::BASE_NAME; ...@@ -17,6 +17,7 @@ use crate::BASE_NAME;
use lazy_static::lazy_static; use lazy_static::lazy_static;
use std::collections::HashMap; use std::collections::HashMap;
use std::sync::{Mutex, MutexGuard};
use libc::{geteuid, seteuid, getpwnam, uid_t}; use libc::{geteuid, seteuid, getpwnam, uid_t};
use std::ffi::CString; use std::ffi::CString;
...@@ -33,10 +34,9 @@ use serde::Serialize; ...@@ -33,10 +34,9 @@ use serde::Serialize;
use serde::de::DeserializeOwned; use serde::de::DeserializeOwned;
use serde_json; use serde_json;
const TOKEN_DEFAULT_EXPIRES: u64 = 24 * 60 * 60;
const USER_TOKEN_FILENAME: &str = "user_token.json"; const USER_TOKEN_FILENAME: &str = "user_token.json";
struct Cache { pub struct Cache {
user_tokens: HashMap<String, BasicTokenResponse>, user_tokens: HashMap<String, BasicTokenResponse>,
original_euid: uid_t, original_euid: uid_t,
} }
...@@ -194,9 +194,10 @@ impl Cache { ...@@ -194,9 +194,10 @@ impl Cache {
match self.place_user_cache_file(owner, USER_TOKEN_FILENAME.to_string()) { match self.place_user_cache_file(owner, USER_TOKEN_FILENAME.to_string()) {
Ok(path) => { Ok(path) => {
debug!("Deleting cache file for {}", owner); debug!("Deleting cache file for {}", owner);
fs::remove_file(path) fs::remove_file(path).ok();
()
}, },
Err(e) => Err(e) Err(e) => ()
}; };
self.restore_privileges(); self.restore_privileges();
} }
...@@ -221,5 +222,9 @@ fn save_json<O: Serialize>(path: PathBuf, obj: O) -> Result<(), io::Error> { ...@@ -221,5 +222,9 @@ fn save_json<O: Serialize>(path: PathBuf, obj: O) -> Result<(), io::Error> {
} }
lazy_static! { lazy_static! {
pub static ref CACHE: Cache = Cache::new(); static ref CACHE: Mutex<Cache> = Mutex::new(Cache::new());
}
pub fn get_cache() -> MutexGuard<'static, Cache> {
CACHE.lock().unwrap()
} }
src/pam.rs
+ 2
2
View file @ 3944d356
...@@ -24,7 +24,7 @@ use crate::oauth::get_access_token_password; ...@@ -24,7 +24,7 @@ use crate::oauth::get_access_token_password;
use crate::logging::setup_log; use crate::logging::setup_log;
use crate::cache::CACHE; use crate::cache::get_cache;
use pamsm::{PamServiceModule, Pam, PamFlag, PamError, PamLibExt}; use pamsm::{PamServiceModule, Pam, PamFlag, PamError, PamLibExt};
...@@ -90,7 +90,7 @@ impl PamServiceModule for PamOidc { ...@@ -90,7 +90,7 @@ impl PamServiceModule for PamOidc {
match get_access_token_password(conf, "pam", username.to_string(), password.to_string(), PamError::SERVICE_ERR, PamError::AUTH_ERR) { match get_access_token_password(conf, "pam", username.to_string(), password.to_string(), PamError::SERVICE_ERR, PamError::AUTH_ERR) {
Ok(t) => { Ok(t) => {
info!("Authenticated {} using Resource Owner Password Grant", username); info!("Authenticated {} using Resource Owner Password Grant", username);
CACHE.save_user_token(&username.to_string(), t.into()); get_cache().save_user_token(&username.to_string(), t.into());
return PamError::SUCCESS; return PamError::SUCCESS;
}, },
Err(e) => { Err(e) => {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment