Obsolete
/
libipc-old
Archived
3
0
Fork 0

Authd: new_uid split into two fn.

master
Philippe Pittoli 2023-02-04 01:18:58 +01:00
parent 6564f934e1
commit 007d329f83
3 changed files with 13 additions and 4 deletions

View File

@ -64,6 +64,13 @@ class AuthD::Service < IPC
digest.hexfinal digest.hexfinal
end end
# new_uid reads the last given UID and returns it incremented.
# Splitting the retrieval and record of new user ids allows to
# only increment when an user fully registers, thus avoiding a
# Denial of Service attack.
#
# WARNING: to record this new UID, new_uid_commit must be called.
# WARNING: new_uid isn't thread safe.
def new_uid def new_uid
begin begin
uid = File.read(@last_uid_file).to_i uid = File.read(@last_uid_file).to_i
@ -72,10 +79,12 @@ class AuthD::Service < IPC
end end
uid += 1 uid += 1
end
# new_uid_commit records the new UID.
# WARNING: new_uid_commit isn't thread safe.
def new_uid_commit(uid : Int)
File.write @last_uid_file, uid.to_s File.write @last_uid_file, uid.to_s
uid
end end
def handle_request(event : IPC::Event) def handle_request(event : IPC::Event)

View File

@ -44,7 +44,7 @@ class AuthD::Request
user.date_registration = Time.local user.date_registration = Time.local
authd.users << user authd.users << user
authd.new_uid_commit uid
Response::UserAdded.new user.to_public Response::UserAdded.new user.to_public
end end
end end

View File

@ -76,7 +76,7 @@ class AuthD::Request
# add the user only if we were able to send the confirmation mail # add the user only if we were able to send the confirmation mail
authd.users << user authd.users << user
authd.new_uid_commit uid
Response::UserAdded.new user.to_public Response::UserAdded.new user.to_public
end end
end end