From b5ca6876d32efabcce6d38a1973026af538a9a3a Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 15 Nov 2022 13:05:10 +0100 Subject: [PATCH 001/114] buildsys: drop PERLMOD_PRODUCT variable it's not used anymore Signed-off-by: Wolfgang Bumiller --- Makefile | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/Makefile b/Makefile index 3ddafd06..ae2fa497 100644 --- a/Makefile +++ b/Makefile @@ -1,9 +1,5 @@ CARGO ?= cargo -define to_upper -$(shell echo "$(1)" | tr '[:lower:]' '[:upper:]') -endef - ifeq ($(BUILD_MODE), release) CARGO_BUILD_ARGS += --release DEBUG_LIBPATH := @@ -42,8 +38,7 @@ endif .PHONY: pve pmg pve pmg: - @PERLMOD_PRODUCT=$(call to_upper,$@) \ - $(CARGO) build $(CARGO_BUILD_ARGS) -p $@-rs + $(CARGO) build $(CARGO_BUILD_ARGS) -p $@-rs .PHONY: gen gen: From 3c86999734766d73b4baca4876b64f980ac47e5a Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 15 Nov 2022 13:05:50 +0100 Subject: [PATCH 002/114] buildsys: move package_template to defines.mk Signed-off-by: Wolfgang Bumiller --- Makefile | 11 ++--------- defines.mk | 8 ++++++++ 2 files changed, 10 insertions(+), 9 deletions(-) create mode 100644 defines.mk diff --git a/Makefile b/Makefile index ae2fa497..e296ec16 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,5 @@ +include defines.mk + CARGO ?= cargo ifeq ($(BUILD_MODE), release) @@ -7,15 +9,6 @@ else DEBUG_LIBPATH := "-L./target/debug", endif -define package_template - sed -r \ - -e 's/\{\{PRODUCT\}\}/$(1)/g;' \ - -e 's/\{\{LIBRARY\}\}/$(2)/g;' \ - -e 's|\{\{DEBUG_LIBPATH\}\}|$(DEBUG_LIBPATH)|g;' \ - Proxmox/Lib/template.pm \ - >Proxmox/Lib/$(1).pm -endef - define upload_template cd build; \ dcmd --deb lib$(1)-rs-perl*.changes \ diff --git a/defines.mk b/defines.mk new file mode 100644 index 00000000..fd389ca3 --- /dev/null +++ b/defines.mk @@ -0,0 +1,8 @@ +define package_template + sed -r \ + -e 's/\{\{PRODUCT\}\}/$(1)/g;' \ + -e 's/\{\{LIBRARY\}\}/$(2)/g;' \ + -e 's|\{\{DEBUG_LIBPATH\}\}|$(DEBUG_LIBPATH)|g;' \ + Proxmox/Lib/template.pm \ + >Proxmox/Lib/$(1).pm +endef From 807651bc7bcabeaa6a962cbfef1d3284da5d4108 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 15 Nov 2022 13:06:47 +0100 Subject: [PATCH 003/114] buildsys: include defines.mk in pve-rs and pmg-rs Signed-off-by: Wolfgang Bumiller --- Makefile | 1 + pmg-rs/Makefile | 1 + pve-rs/Makefile | 1 + 3 files changed, 3 insertions(+) diff --git a/Makefile b/Makefile index e296ec16..26277e51 100644 --- a/Makefile +++ b/Makefile @@ -62,6 +62,7 @@ build: cp -a ./pve-rs ./build cp -a ./pmg-rs ./build cp -a ./Proxmox ./build + cp defines.mk ./build $(MAKE) BUILD_MODE=release -C build -f ../Makefile gen mkdir -p ./build/pve-rs/Proxmox/Lib mv ./build/Proxmox/Lib/PVE.pm ./build/pve-rs/Proxmox/Lib/PVE.pm diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index 405f6c9d..5ecaf5f7 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -1,3 +1,4 @@ +include ../defines.mk include /usr/share/dpkg/default.mk PACKAGE=libpmg-rs-perl diff --git a/pve-rs/Makefile b/pve-rs/Makefile index e22d1bbf..7f54cccb 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -1,3 +1,4 @@ +include ../defines.mk include /usr/share/dpkg/default.mk PACKAGE=libpve-rs-perl From 6b2814d612214f8a7cbd96de4cd1355cefb3b0ef Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 15 Nov 2022 13:09:27 +0100 Subject: [PATCH 004/114] buildsys: generate Proxmox::Lib within the product Makefiles Signed-off-by: Wolfgang Bumiller --- Makefile | 10 ++++------ defines.mk | 2 +- pmg-rs/Makefile | 8 ++++++-- pve-rs/Makefile | 8 ++++++-- 4 files changed, 17 insertions(+), 11 deletions(-) diff --git a/Makefile b/Makefile index 26277e51..c19b2168 100644 --- a/Makefile +++ b/Makefile @@ -35,8 +35,6 @@ pve pmg: .PHONY: gen gen: - $(call package_template,PMG,pmg_rs) - $(call package_template,PVE,pve_rs) perl ./scripts/genpackage.pl Common \ Proxmox::RS::APT::Repositories \ Proxmox::RS::CalendarEvent \ @@ -64,13 +62,13 @@ build: cp -a ./Proxmox ./build cp defines.mk ./build $(MAKE) BUILD_MODE=release -C build -f ../Makefile gen - mkdir -p ./build/pve-rs/Proxmox/Lib - mv ./build/Proxmox/Lib/PVE.pm ./build/pve-rs/Proxmox/Lib/PVE.pm - mkdir -p ./build/pmg-rs/Proxmox/Lib - mv ./build/Proxmox/Lib/PMG.pm ./build/pmg-rs/Proxmox/Lib/PMG.pm mv ./build/PVE ./build/pve-rs mv ./build/PMG ./build/pmg-rs mv ./build/Proxmox ./build/common/pkg +# The template.pm is required by the products to produce their Proxmox::Lib + mkdir ./build/Proxmox + mkdir ./build/Proxmox/Lib + cp ./Proxmox/Lib/template.pm ./build/Proxmox/Lib # So the common packages end up in ./build, rather than ./build/common mv ./build/common/pkg ./build/common-pkg diff --git a/defines.mk b/defines.mk index fd389ca3..b83abbf9 100644 --- a/defines.mk +++ b/defines.mk @@ -3,6 +3,6 @@ define package_template -e 's/\{\{PRODUCT\}\}/$(1)/g;' \ -e 's/\{\{LIBRARY\}\}/$(2)/g;' \ -e 's|\{\{DEBUG_LIBPATH\}\}|$(DEBUG_LIBPATH)|g;' \ - Proxmox/Lib/template.pm \ + $(3)Proxmox/Lib/template.pm \ >Proxmox/Lib/$(1).pm endef diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index 5ecaf5f7..0961172a 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -21,11 +21,15 @@ ifeq ($(BUILD_MODE), release) CARGO_BUILD_ARGS += --release endif -all: +all: Proxmox/Lib/PMG.pm ifneq ($(BUILD_MODE), skip) cargo build $(CARGO_BUILD_ARGS) endif +Proxmox/Lib/PMG.pm: ../Proxmox/Lib/template.pm + mkdir -p Proxmox/Lib + $(call package_template,PMG,pmg_rs,../) + # always re-create this dir # but also copy the local target/ and PMG/ dirs as a build-cache .PHONY: build @@ -35,7 +39,7 @@ build: rsync -a debian Makefile Cargo.toml Cargo.lock src target PMG build/ .PHONY: install -install: target/release/libpmg_rs.so +install: target/release/libpmg_rs.so Proxmox/Lib/PMG.pm install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto install -m644 target/release/libpmg_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpmg_rs.so install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index 7f54cccb..a63a42ba 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -22,11 +22,15 @@ ifeq ($(BUILD_MODE), release) CARGO_BUILD_ARGS += --release endif -all: +all: Proxmox/Lib/PVE.pm ifneq ($(BUILD_MODE), skip) cargo build $(CARGO_BUILD_ARGS) endif +Proxmox/Lib/PVE.pm: ../Proxmox/Lib/template.pm + mkdir -p Proxmox/Lib + $(call package_template,PVE,pve_rs,../) + # always re-create this dir # but also copy the local target/ and PVE/ dirs as a build-cache .PHONY: build @@ -36,7 +40,7 @@ build: rsync -a debian Makefile Cargo.toml Cargo.lock src target PVE build/ .PHONY: install -install: target/release/libpve_rs.so +install: target/release/libpve_rs.so Proxmox/Lib/PVE.pm install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto install -m644 target/release/libpve_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpve_rs.so install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) From 6583f4d8409bf40ee0d2d36bdb2085c47d27b0bd Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 15 Nov 2022 13:16:51 +0100 Subject: [PATCH 005/114] buildsys: generate .pm files in packages Signed-off-by: Wolfgang Bumiller --- Makefile | 21 --------------------- common/pkg/Makefile | 11 +++++++++-- common/scripts | 1 + pmg-rs/Makefile | 10 +++++++++- pve-rs/Makefile | 11 +++++++++-- 5 files changed, 28 insertions(+), 26 deletions(-) create mode 120000 common/scripts diff --git a/Makefile b/Makefile index c19b2168..0a0befbd 100644 --- a/Makefile +++ b/Makefile @@ -33,24 +33,6 @@ endif pve pmg: $(CARGO) build $(CARGO_BUILD_ARGS) -p $@-rs -.PHONY: gen -gen: - perl ./scripts/genpackage.pl Common \ - Proxmox::RS::APT::Repositories \ - Proxmox::RS::CalendarEvent \ - Proxmox::RS::Subscription - perl ./scripts/genpackage.pl PVE \ - PVE::RS::APT::Repositories \ - PVE::RS::OpenId \ - PVE::RS::ResourceScheduling::Static \ - PVE::RS::TFA - perl ./scripts/genpackage.pl PMG \ - PMG::RS::APT::Repositories \ - PMG::RS::Acme \ - PMG::RS::CSR \ - PMG::RS::OpenId \ - PMG::RS::TFA - build: rm -rf build mkdir build @@ -61,9 +43,6 @@ build: cp -a ./pmg-rs ./build cp -a ./Proxmox ./build cp defines.mk ./build - $(MAKE) BUILD_MODE=release -C build -f ../Makefile gen - mv ./build/PVE ./build/pve-rs - mv ./build/PMG ./build/pmg-rs mv ./build/Proxmox ./build/common/pkg # The template.pm is required by the products to produce their Proxmox::Lib mkdir ./build/Proxmox diff --git a/common/pkg/Makefile b/common/pkg/Makefile index 8c71a0a6..bf22a7b4 100644 --- a/common/pkg/Makefile +++ b/common/pkg/Makefile @@ -12,11 +12,18 @@ DEB=${PACKAGE}_${DEB_VERSION}_${ARCH}.deb DESTDIR= -all: +# Point to any generated pm file (Proxmox/ dir is already present in this package) +Proxmox/RS/CalendarEvent.pm: ../scripts/genpackage.pl + perl ../scripts/genpackage.pl Common \ + Proxmox::RS::APT::Repositories \ + Proxmox::RS::CalendarEvent \ + Proxmox::RS::Subscription + +all: Proxmox/RS/CalendarEvent.pm true .PHONY: install -install: +install: Proxmox/RS/CalendarEvent.pm install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) find PVE \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' find Proxmox \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' diff --git a/common/scripts b/common/scripts new file mode 120000 index 00000000..a339954d --- /dev/null +++ b/common/scripts @@ -0,0 +1 @@ +../scripts \ No newline at end of file diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index 0961172a..0143caa4 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -26,6 +26,14 @@ ifneq ($(BUILD_MODE), skip) cargo build $(CARGO_BUILD_ARGS) endif +PMG: ../scripts/genpackage.pl + perl ../scripts/genpackage.pl PMG \ + PMG::RS::APT::Repositories \ + PMG::RS::Acme \ + PMG::RS::CSR \ + PMG::RS::OpenId \ + PMG::RS::TFA + Proxmox/Lib/PMG.pm: ../Proxmox/Lib/template.pm mkdir -p Proxmox/Lib $(call package_template,PMG,pmg_rs,../) @@ -39,7 +47,7 @@ build: rsync -a debian Makefile Cargo.toml Cargo.lock src target PMG build/ .PHONY: install -install: target/release/libpmg_rs.so Proxmox/Lib/PMG.pm +install: target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto install -m644 target/release/libpmg_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpmg_rs.so install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index a63a42ba..68ff6dc8 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -22,11 +22,18 @@ ifeq ($(BUILD_MODE), release) CARGO_BUILD_ARGS += --release endif -all: Proxmox/Lib/PVE.pm +all: PVE Proxmox/Lib/PVE.pm ifneq ($(BUILD_MODE), skip) cargo build $(CARGO_BUILD_ARGS) endif +PVE: ../scripts/genpackage.pl + perl ../scripts/genpackage.pl PVE \ + PVE::RS::APT::Repositories \ + PVE::RS::OpenId \ + PVE::RS::ResourceScheduling::Static \ + PVE::RS::TFA + Proxmox/Lib/PVE.pm: ../Proxmox/Lib/template.pm mkdir -p Proxmox/Lib $(call package_template,PVE,pve_rs,../) @@ -40,7 +47,7 @@ build: rsync -a debian Makefile Cargo.toml Cargo.lock src target PVE build/ .PHONY: install -install: target/release/libpve_rs.so Proxmox/Lib/PVE.pm +install: target/release/libpve_rs.so Proxmox/Lib/PVE.pm PVE install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto install -m644 target/release/libpve_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpve_rs.so install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) From 08eba82025b08e9d77a822c2fa3a7815bff3f6e7 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 15 Nov 2022 13:25:21 +0100 Subject: [PATCH 006/114] package template: introduce libdirs() method Signed-off-by: Wolfgang Bumiller --- Proxmox/Lib/template.pm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Proxmox/Lib/template.pm b/Proxmox/Lib/template.pm index d7cee5f6..d7fbbf3e 100644 --- a/Proxmox/Lib/template.pm +++ b/Proxmox/Lib/template.pm @@ -28,12 +28,15 @@ sub library { return '{{LIBRARY}}'; } +# Keep on a single line, modified by testsuite! +sub libdirs { return (map "-L$_/auto", @INC); } + sub load : prototype($) { my ($pkg) = @_; my $mod_name = $pkg->library(); - my @dirs = (map "-L$_/auto", @INC); + my @dirs = $pkg->libdirs(); my $mod_file = DynaLoader::dl_findfile({{DEBUG_LIBPATH}}@dirs, $mod_name); die "failed to locate shared library for $mod_name (lib${mod_name}.so)\n" if !$mod_file; From 13e3d8b87e46c9d24007f4c2284e5c0c1f3f1fcf Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 15 Nov 2022 13:35:23 +0100 Subject: [PATCH 007/114] pve: build test stub of Proxmox::Lib::PVE for tests this replaces the libdirs() sub with one containing: - ../target (for when run from build/pve-rs) - ../../target (for when run from toplevel/pve-rs This way we can run 'make check' both from within `pve-rs` as well as from the package building process. Signed-off-by: Wolfgang Bumiller --- pve-rs/Makefile | 10 ++++++++++ pve-rs/test/Makefile | 9 +++++++-- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index 68ff6dc8..e452772b 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -20,11 +20,18 @@ PM_DIR := PVE ifeq ($(BUILD_MODE), release) CARGO_BUILD_ARGS += --release +TARGET_DIR=release +else +TARGET_DIR=debug endif all: PVE Proxmox/Lib/PVE.pm ifneq ($(BUILD_MODE), skip) cargo build $(CARGO_BUILD_ARGS) + mkdir -p test/Proxmox/Lib + sed -r -e \ + 's@^sub libdirs.*$$@sub libdirs { return ("../target/$(TARGET_DIR)", "../../target/$(TARGET_DIR)"); }@' \ + Proxmox/Lib/PVE.pm >test/Proxmox/Lib/PVE.pm endif PVE: ../scripts/genpackage.pl @@ -38,6 +45,9 @@ Proxmox/Lib/PVE.pm: ../Proxmox/Lib/template.pm mkdir -p Proxmox/Lib $(call package_template,PVE,pve_rs,../) +check: all + $(MAKE) -C test test + # always re-create this dir # but also copy the local target/ and PVE/ dirs as a build-cache .PHONY: build diff --git a/pve-rs/test/Makefile b/pve-rs/test/Makefile index dc0a5bd1..29dc9557 100644 --- a/pve-rs/test/Makefile +++ b/pve-rs/test/Makefile @@ -1,4 +1,9 @@ .PHONY: test -test: +test: Proxmox/Lib/PVE.pm @echo "-- running pve-rs tests --" - ./resource_scheduling.pl + perl -I. -I.. -I../.. ./resource_scheduling.pl + +# The test stub, we don't know where to look for the library from in here! +Proxmox/Lib/PVE.pm: + @echo "run 'make' in the pve-rs/ dir first" + @exit 1 From 8126db8a17e3279d9683e7a562b3e2fbbe89bcce Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 15 Nov 2022 13:45:58 +0100 Subject: [PATCH 008/114] drop comment about running tests during build Signed-off-by: Wolfgang Bumiller --- pve-rs/test/resource_scheduling.pl | 7 ------- 1 file changed, 7 deletions(-) diff --git a/pve-rs/test/resource_scheduling.pl b/pve-rs/test/resource_scheduling.pl index de01ebe4..4f5105f8 100755 --- a/pve-rs/test/resource_scheduling.pl +++ b/pve-rs/test/resource_scheduling.pl @@ -5,13 +5,6 @@ use warnings; use Test::More; -# FIXME ensure that the just built library is loaded rather than the installed one and add a test -# target to pve-rs/Makefile afterwards. Issue is that the loader looks into an $PATH/auto directory, -# so it's not enough to use lib qw(../target/release) -# Also might be a good idea to test for existence of the files to avoid surprises if the directory -# structure changes in the future. -#use lib qw(..); -#use lib qw(../target/release); use PVE::RS::ResourceScheduling::Static; my $static = PVE::RS::ResourceScheduling::Static->new(); From f6b244dfb3270642da8320ae7f7c74e66d2712eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= Date: Thu, 5 Jan 2023 13:16:26 +0100 Subject: [PATCH 009/114] update to nix 0.26 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit and proxmox-sys using it Signed-off-by: Fabian Grünbichler --- pmg-rs/Cargo.toml | 4 ++-- pmg-rs/debian/control | 4 ++-- pve-rs/Cargo.toml | 6 +++--- pve-rs/debian/control | 6 +++--- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 903ed3b7..6800f408 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -23,7 +23,7 @@ anyhow = "1.0" hex = "0.4" http = "0.2.7" libc = "0.2" -nix = "0.24" +nix = "0.26" openssl = "0.10.40" serde = "1.0" serde_bytes = "0.11.3" @@ -36,6 +36,6 @@ proxmox-acme-rs = { version = "0.4", features = ["client"] } proxmox-apt = "0.9" proxmox-http = { version = "0.7", features = ["client-sync", "client-trait"] } proxmox-subscription = "0.3" -proxmox-sys = "0.4" +proxmox-sys = "0.4.2" proxmox-tfa = { version = "2.1", features = ["api"] } proxmox-time = "1.1.3" diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 5af088b0..88631583 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -12,7 +12,7 @@ Build-Depends: librust-hex-0.4+default-dev, librust-http-0.2+default-dev (>= 0.2.7-~~), librust-libc-0.2+default-dev, - librust-nix-0.24+default-dev, + librust-nix-0.26+default-dev, librust-openssl-0.10+default-dev (>= 0.10.40-~~), librust-perlmod-0.13+default-dev, librust-perlmod-0.13+exporter-dev, @@ -23,7 +23,7 @@ Build-Depends: librust-proxmox-http-0.7+client-trait-dev, librust-proxmox-http-0.7+default-dev, librust-proxmox-subscription-0.3+default-dev, - librust-proxmox-sys-0.4+default-dev, + librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), librust-proxmox-tfa-2+api-dev (>= 2.1-~~), librust-proxmox-tfa-2+default-dev (>= 2.1-~~), librust-proxmox-time-1+default-dev (>= 1.1.3-~~), diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 6a56d3a0..aa32aeb7 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -21,7 +21,7 @@ base64 = "0.13" hex = "0.4" http = "0.2.7" libc = "0.2" -nix = "0.24" +nix = "0.26" openssl = "0.10.40" serde = "1.0" serde_bytes = "0.11" @@ -32,9 +32,9 @@ perlmod = { version = "0.13", features = [ "exporter" ] } proxmox-apt = "0.9" proxmox-http = { version = "0.7", features = ["client-sync", "client-trait"] } -proxmox-openid = "0.9.5" +proxmox-openid = "0.9.8" proxmox-resource-scheduling = "0.1" proxmox-subscription = "0.3" -proxmox-sys = "0.4" +proxmox-sys = "0.4.2" proxmox-tfa = { version = "2.1", features = ["api"] } proxmox-time = "1.1.3" diff --git a/pve-rs/debian/control b/pve-rs/debian/control index 6120116d..e0882841 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -13,7 +13,7 @@ Build-Depends: librust-hex-0.4+default-dev, librust-http-0.2+default-dev (>= 0.2.7-~~), librust-libc-0.2+default-dev, - librust-nix-0.24+default-dev, + librust-nix-0.26+default-dev, librust-openssl-0.10+default-dev (>= 0.10.40-~~), librust-perlmod-0.13+default-dev, librust-perlmod-0.13+exporter-dev, @@ -21,10 +21,10 @@ Build-Depends: librust-proxmox-http-0.7+client-sync-dev, librust-proxmox-http-0.7+client-trait-dev, librust-proxmox-http-0.7+default-dev, - librust-proxmox-openid-0.9+default-dev (>= 0.9.5-~~), + librust-proxmox-openid-0.9+default-dev (>= 0.9.8-~~), librust-proxmox-resource-scheduling-0.1+default-dev, librust-proxmox-subscription-0.3+default-dev, - librust-proxmox-sys-0.4+default-dev, + librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), librust-proxmox-tfa-2+api-dev (>= 2.1-~~), librust-proxmox-tfa-2+default-dev (>= 2.1-~~), librust-proxmox-time-1+default-dev (>= 1.1.3-~~), From c7c39407187530f4f7f08b65641a4eaca920b8a4 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Tue, 21 Feb 2023 10:29:46 +0100 Subject: [PATCH 010/114] initialize logging when shared library is loaded This commit sets up logging by hooking into module loading/bootstraping process to call a new `init` function exported by the `Proxmox::Lib::{PVE,PMG}` module, which initializes `env_logger` with its default settings. This allows us to use `log::*` macros from Rust code. Signed-off-by: Lukas Wagner --- Proxmox/Lib/template.pm | 6 +++++- common/src/logger.rs | 6 ++++++ common/src/mod.rs | 1 + pmg-rs/Cargo.toml | 1 + pmg-rs/src/lib.rs | 10 ++++++++++ pve-rs/Cargo.toml | 1 + pve-rs/src/lib.rs | 10 ++++++++++ 7 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 common/src/logger.rs diff --git a/Proxmox/Lib/template.pm b/Proxmox/Lib/template.pm index d7fbbf3e..9eb10cfb 100644 --- a/Proxmox/Lib/template.pm +++ b/Proxmox/Lib/template.pm @@ -66,6 +66,10 @@ sub bootstrap { $boot->(); } -BEGIN { __PACKAGE__->load(); } +BEGIN { + __PACKAGE__->load(); + __PACKAGE__->bootstrap(); + init(); +} 1; diff --git a/common/src/logger.rs b/common/src/logger.rs new file mode 100644 index 00000000..36dc8565 --- /dev/null +++ b/common/src/logger.rs @@ -0,0 +1,6 @@ +/// Initialize logging. Should only be called once +pub fn init() { + if let Err(e) = env_logger::try_init() { + eprintln!("could not set up env_logger: {e}"); + } +} diff --git a/common/src/mod.rs b/common/src/mod.rs index b8b843e7..6c86ac00 100644 --- a/common/src/mod.rs +++ b/common/src/mod.rs @@ -1,3 +1,4 @@ pub mod apt; mod calendar_event; +pub mod logger; mod subscription; diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 6800f408..2d9ea296 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -20,6 +20,7 @@ crate-type = [ "cdylib" ] [dependencies] anyhow = "1.0" +env_logger = "0.9" hex = "0.4" http = "0.2.7" libc = "0.2" diff --git a/pmg-rs/src/lib.rs b/pmg-rs/src/lib.rs index af894166..5914bc9e 100644 --- a/pmg-rs/src/lib.rs +++ b/pmg-rs/src/lib.rs @@ -5,3 +5,13 @@ pub mod acme; pub mod apt; pub mod csr; pub mod tfa; + +#[perlmod::package(name = "Proxmox::Lib::PMG", lib = "pmg_rs")] +mod export { + use crate::common; + + #[export] + pub fn init() { + common::logger::init(); + } +} diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index aa32aeb7..6c921c46 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -18,6 +18,7 @@ crate-type = [ "cdylib" ] anyhow = "1.0" base32 = "0.4" base64 = "0.13" +env_logger = "0.9" hex = "0.4" http = "0.2.7" libc = "0.2" diff --git a/pve-rs/src/lib.rs b/pve-rs/src/lib.rs index 562a4d40..671aad02 100644 --- a/pve-rs/src/lib.rs +++ b/pve-rs/src/lib.rs @@ -7,3 +7,13 @@ pub mod apt; pub mod openid; pub mod resource_scheduling; pub mod tfa; + +#[perlmod::package(name = "Proxmox::Lib::PVE", lib = "pve_rs")] +mod export { + use crate::common; + + #[export] + pub fn init() { + common::logger::init(); + } +} From 29181c7a0e2ef372a24738a86b7c68a70b75e33e Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 7 Mar 2023 12:40:49 +0100 Subject: [PATCH 011/114] use workspace dependencies Signed-off-by: Wolfgang Bumiller --- Cargo.toml | 27 +++++++++++++++++++++++++++ Makefile | 1 + pmg-rs/Cargo.toml | 38 +++++++++++++++++++------------------- pve-rs/Cargo.toml | 44 ++++++++++++++++++++++---------------------- 4 files changed, 69 insertions(+), 41 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index b49a5912..fc260b77 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -5,6 +5,33 @@ members = [ "pmg-rs", ] +[workspace.dependencies] +anyhow = "1.0" +base32 = "0.4" +base64 = "0.13" +env_logger = "0.9" +hex = "0.4" +http = "0.2.7" +libc = "0.2" +nix = "0.26" +openssl = "0.10.40" +serde = "1.0" +serde_bytes = "0.11" +serde_json = "1.0" +url = "2" + +perlmod = { version = "0.13", features = [ "exporter" ] } + +proxmox-acme-rs = { version = "0.4", features = ["client"] } +proxmox-apt = "0.9" +proxmox-http = { version = "0.8", features = ["client-sync", "client-trait"] } +proxmox-openid = "0.9.8" +proxmox-resource-scheduling = "0.1" +proxmox-subscription = "0.3" +proxmox-sys = "0.4.2" +proxmox-tfa = { version = "3", features = ["api"] } +proxmox-time = "1.1.3" + [patch.crates-io] # proxmox-tfa requires -time and -uuid as well, so enable *all* or *none* of them #proxmox-tfa = { path = "../proxmox/proxmox-tfa" } diff --git a/Makefile b/Makefile index 0a0befbd..00bb32b6 100644 --- a/Makefile +++ b/Makefile @@ -37,6 +37,7 @@ build: rm -rf build mkdir build echo system >build/rust-toolchain + cp -a ./Cargo.toml ./build cp -a ./scripts ./build cp -a ./common ./build cp -a ./pve-rs ./build diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 2d9ea296..f751d657 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -19,24 +19,24 @@ exclude = [ crate-type = [ "cdylib" ] [dependencies] -anyhow = "1.0" -env_logger = "0.9" -hex = "0.4" -http = "0.2.7" -libc = "0.2" -nix = "0.26" -openssl = "0.10.40" -serde = "1.0" -serde_bytes = "0.11.3" -serde_json = "1.0" -url = "2" +anyhow.workspace = true +env_logger.workspace = true +hex.workspace = true +http.workspace = true +libc.workspace = true +nix.workspace = true +openssl.workspace = true +serde.workspace = true +serde_bytes.workspace = true +serde_json.workspace = true +url.workspace = true -perlmod = { version = "0.13", features = [ "exporter" ] } +perlmod.workspace = true -proxmox-acme-rs = { version = "0.4", features = ["client"] } -proxmox-apt = "0.9" -proxmox-http = { version = "0.7", features = ["client-sync", "client-trait"] } -proxmox-subscription = "0.3" -proxmox-sys = "0.4.2" -proxmox-tfa = { version = "2.1", features = ["api"] } -proxmox-time = "1.1.3" +proxmox-acme-rs.workspace = true +proxmox-apt.workspace = true +proxmox-http.workspace = true +proxmox-subscription.workspace = true +proxmox-sys.workspace = true +proxmox-tfa.workspace = true +proxmox-time.workspace = true diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 6c921c46..807b6782 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -15,27 +15,27 @@ exclude = [ crate-type = [ "cdylib" ] [dependencies] -anyhow = "1.0" -base32 = "0.4" -base64 = "0.13" -env_logger = "0.9" -hex = "0.4" -http = "0.2.7" -libc = "0.2" -nix = "0.26" -openssl = "0.10.40" -serde = "1.0" -serde_bytes = "0.11" -serde_json = "1.0" -url = "2" +anyhow.workspace = true +base32.workspace = true +base64.workspace = true +env_logger.workspace = true +hex.workspace = true +http.workspace = true +libc.workspace = true +nix.workspace = true +openssl.workspace = true +serde.workspace = true +serde_bytes.workspace = true +serde_json.workspace = true +url.workspace = true -perlmod = { version = "0.13", features = [ "exporter" ] } +perlmod.workspace = true -proxmox-apt = "0.9" -proxmox-http = { version = "0.7", features = ["client-sync", "client-trait"] } -proxmox-openid = "0.9.8" -proxmox-resource-scheduling = "0.1" -proxmox-subscription = "0.3" -proxmox-sys = "0.4.2" -proxmox-tfa = { version = "2.1", features = ["api"] } -proxmox-time = "1.1.3" +proxmox-apt.workspace = true +proxmox-http.workspace = true +proxmox-openid.workspace = true +proxmox-resource-scheduling.workspace = true +proxmox-subscription.workspace = true +proxmox-sys.workspace = true +proxmox-tfa.workspace = true +proxmox-time.workspace = true From bd90bdf49544540c53b0a7e635052f1ec7d5efdf Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 7 Mar 2023 12:42:08 +0100 Subject: [PATCH 012/114] bump d/control Signed-off-by: Wolfgang Bumiller --- pmg-rs/debian/control | 13 +++++++------ pve-rs/debian/control | 11 ++++++----- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 88631583..ca22f0a5 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -9,6 +9,7 @@ Build-Depends: rustc:native , libstd-rust-dev , librust-anyhow-1+default-dev, + librust-env-logger-0.9+default-dev, librust-hex-0.4+default-dev, librust-http-0.2+default-dev (>= 0.2.7-~~), librust-libc-0.2+default-dev, @@ -19,16 +20,16 @@ Build-Depends: librust-proxmox-acme-rs-0.4+client-dev, librust-proxmox-acme-rs-0.4+default-dev, librust-proxmox-apt-0.9+default-dev, - librust-proxmox-http-0.7+client-sync-dev, - librust-proxmox-http-0.7+client-trait-dev, - librust-proxmox-http-0.7+default-dev, + librust-proxmox-http-0.8+client-sync-dev, + librust-proxmox-http-0.8+client-trait-dev, + librust-proxmox-http-0.8+default-dev, librust-proxmox-subscription-0.3+default-dev, librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), - librust-proxmox-tfa-2+api-dev (>= 2.1-~~), - librust-proxmox-tfa-2+default-dev (>= 2.1-~~), + librust-proxmox-tfa-3+api-dev, + librust-proxmox-tfa-3+default-dev, librust-proxmox-time-1+default-dev (>= 1.1.3-~~), librust-serde-1+default-dev, - librust-serde-bytes-0.11+default-dev (>= 0.11.3-~~), + librust-serde-bytes-0.11+default-dev, librust-serde-json-1+default-dev, librust-url-2+default-dev, Standards-Version: 4.3.0 diff --git a/pve-rs/debian/control b/pve-rs/debian/control index e0882841..fca5786d 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -10,6 +10,7 @@ Build-Depends: librust-anyhow-1+default-dev, librust-base32-0.4+default-dev, librust-base64-0.13+default-dev, + librust-env-logger-0.9+default-dev, librust-hex-0.4+default-dev, librust-http-0.2+default-dev (>= 0.2.7-~~), librust-libc-0.2+default-dev, @@ -18,15 +19,15 @@ Build-Depends: librust-perlmod-0.13+default-dev, librust-perlmod-0.13+exporter-dev, librust-proxmox-apt-0.9+default-dev, - librust-proxmox-http-0.7+client-sync-dev, - librust-proxmox-http-0.7+client-trait-dev, - librust-proxmox-http-0.7+default-dev, + librust-proxmox-http-0.8+client-sync-dev, + librust-proxmox-http-0.8+client-trait-dev, + librust-proxmox-http-0.8+default-dev, librust-proxmox-openid-0.9+default-dev (>= 0.9.8-~~), librust-proxmox-resource-scheduling-0.1+default-dev, librust-proxmox-subscription-0.3+default-dev, librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), - librust-proxmox-tfa-2+api-dev (>= 2.1-~~), - librust-proxmox-tfa-2+default-dev (>= 2.1-~~), + librust-proxmox-tfa-3+api-dev, + librust-proxmox-tfa-3+default-dev, librust-proxmox-time-1+default-dev (>= 1.1.3-~~), librust-serde-1+default-dev, librust-serde-bytes-0.11+default-dev, From 9fdb289df227cc11581e22a0617ca368655c4345 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 7 Mar 2023 12:48:46 +0100 Subject: [PATCH 013/114] update to new tfa crate Signed-off-by: Wolfgang Bumiller --- pmg-rs/src/tfa.rs | 31 +++++++++++++++---------------- pve-rs/src/tfa.rs | 31 +++++++++++++++---------------- 2 files changed, 30 insertions(+), 32 deletions(-) diff --git a/pmg-rs/src/tfa.rs b/pmg-rs/src/tfa.rs index 7dbfdaef..249202f1 100644 --- a/pmg-rs/src/tfa.rs +++ b/pmg-rs/src/tfa.rs @@ -18,7 +18,8 @@ use nix::errno::Errno; use nix::sys::stat::Mode; pub(self) use proxmox_tfa::api::{ - RecoveryState, TfaChallenge, TfaConfig, TfaResponse, U2fConfig, WebauthnConfig, + RecoveryState, TfaChallenge, TfaConfig, TfaResponse, U2fConfig, UserChallengeAccess, + WebauthnConfig, }; #[perlmod::package(name = "PMG::RS::TFA")] @@ -105,7 +106,7 @@ mod export { ) -> Result { let this: &Tfa = (&raw_this).try_into()?; let mut inner = this.inner.lock().unwrap(); - inner.u2f_registration_challenge(UserAccess::new(&raw_this)?, userid, description) + inner.u2f_registration_challenge(&UserAccess::new(&raw_this)?, userid, description) } /// Finish a u2f registration. This updates temporary data in `/run` and therefore the config @@ -120,7 +121,7 @@ mod export { ) -> Result { let this: &Tfa = (&raw_this).try_into()?; let mut inner = this.inner.lock().unwrap(); - inner.u2f_registration_finish(UserAccess::new(&raw_this)?, userid, challenge, response) + inner.u2f_registration_finish(&UserAccess::new(&raw_this)?, userid, challenge, response) } /// Check if a user has any TFA entries of a given type. @@ -203,7 +204,7 @@ mod export { let this: &Tfa = (&raw_this).try_into()?; let mut inner = this.inner.lock().unwrap(); match inner.authentication_challenge( - UserAccess::new(&raw_this)?, + &UserAccess::new(&raw_this)?, userid, origin.as_ref(), )? { @@ -246,7 +247,7 @@ mod export { let mut inner = this.inner.lock().unwrap(); inner .verify( - UserAccess::new(&raw_this)?, + &UserAccess::new(&raw_this)?, userid, &challenge, response, @@ -314,7 +315,7 @@ mod export { let this: &Tfa = (&raw_this).try_into()?; methods::add_tfa_entry( &mut this.inner.lock().unwrap(), - UserAccess::new(&raw_this)?, + &UserAccess::new(&raw_this)?, userid, description, totp, @@ -440,9 +441,7 @@ fn challenge_data_path(userid: &str, debug: bool) -> PathBuf { } impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { - type Data = UserChallengeData; - - fn open(&self, userid: &str) -> Result { + fn open(&self, userid: &str) -> Result, Error> { if self.is_debug() { mkdir("./local-tfa-challenges", 0o700)?; } else { @@ -485,15 +484,15 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { } }; - Ok(UserChallengeData { + Ok(Box::new(UserChallengeData { inner, path, lock: file, - }) + })) } /// `open` without creating the file if it doesn't exist, to finish WA authentications. - fn open_no_create(&self, userid: &str) -> Result, Error> { + fn open_no_create(&self, userid: &str) -> Result>, Error> { let path = challenge_data_path(userid, self.is_debug()); let mut file = match std::fs::OpenOptions::new() @@ -514,11 +513,11 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { format_err!("failed to read challenge data for user {}: {}", userid, err) })?; - Ok(Some(UserChallengeData { + Ok(Some(Box::new(UserChallengeData { inner, path, lock: file, - })) + }))) } fn remove(&self, userid: &str) -> Result { @@ -546,7 +545,7 @@ impl proxmox_tfa::api::UserChallengeAccess for UserChallengeData { &mut self.inner } - fn save(self) -> Result<(), Error> { + fn save(&mut self) -> Result<(), Error> { UserChallengeData::save(self) } } @@ -591,7 +590,7 @@ impl UserChallengeData { /// /// This currently consumes selfe as we never perform more than 1 insertion/removal, and this /// way also unlocks early. - fn save(mut self) -> Result<(), Error> { + fn save(&mut self) -> Result<(), Error> { self.rewind()?; serde_json::to_writer(&mut &self.lock, &self.inner).map_err(|err| { diff --git a/pve-rs/src/tfa.rs b/pve-rs/src/tfa.rs index c5023384..316df481 100644 --- a/pve-rs/src/tfa.rs +++ b/pve-rs/src/tfa.rs @@ -21,7 +21,8 @@ use nix::sys::stat::Mode; use serde_json::Value as JsonValue; pub(self) use proxmox_tfa::api::{ - RecoveryState, TfaChallenge, TfaConfig, TfaResponse, TfaUserData, U2fConfig, WebauthnConfig, + RecoveryState, TfaChallenge, TfaConfig, TfaResponse, TfaUserData, U2fConfig, + UserChallengeAccess, WebauthnConfig, }; #[perlmod::package(name = "PVE::RS::TFA")] @@ -173,7 +174,7 @@ mod export { ) -> Result { let this: &Tfa = (&raw_this).try_into()?; let mut inner = this.inner.lock().unwrap(); - inner.u2f_registration_challenge(UserAccess::new(&raw_this)?, userid, description) + inner.u2f_registration_challenge(&UserAccess::new(&raw_this)?, userid, description) } /// Finish a u2f registration. This updates temporary data in `/run` and therefore the config @@ -188,7 +189,7 @@ mod export { ) -> Result { let this: &Tfa = (&raw_this).try_into()?; let mut inner = this.inner.lock().unwrap(); - inner.u2f_registration_finish(UserAccess::new(&raw_this)?, userid, challenge, response) + inner.u2f_registration_finish(&UserAccess::new(&raw_this)?, userid, challenge, response) } /// Check if a user has any TFA entries of a given type. @@ -249,7 +250,7 @@ mod export { let this: &Tfa = (&raw_this).try_into()?; let mut inner = this.inner.lock().unwrap(); match inner.authentication_challenge( - UserAccess::new(&raw_this)?, + &UserAccess::new(&raw_this)?, userid, origin.as_ref(), )? { @@ -292,7 +293,7 @@ mod export { let mut inner = this.inner.lock().unwrap(); inner .verify( - UserAccess::new(&raw_this)?, + &UserAccess::new(&raw_this)?, userid, &challenge, response, @@ -360,7 +361,7 @@ mod export { let this: &Tfa = (&raw_this).try_into()?; methods::add_tfa_entry( &mut this.inner.lock().unwrap(), - UserAccess::new(&raw_this)?, + &UserAccess::new(&raw_this)?, userid, description, totp, @@ -841,9 +842,7 @@ fn challenge_data_path(userid: &str, debug: bool) -> PathBuf { } impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { - type Data = UserChallengeData; - - fn open(&self, userid: &str) -> Result { + fn open(&self, userid: &str) -> Result, Error> { if self.is_debug() { mkdir("./local-tfa-challenges", 0o700)?; } else { @@ -886,15 +885,15 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { } }; - Ok(UserChallengeData { + Ok(Box::new(UserChallengeData { inner, path, lock: file, - }) + })) } /// `open` without creating the file if it doesn't exist, to finish WA authentications. - fn open_no_create(&self, userid: &str) -> Result, Error> { + fn open_no_create(&self, userid: &str) -> Result>, Error> { let path = challenge_data_path(userid, self.is_debug()); let mut file = match std::fs::OpenOptions::new() @@ -915,11 +914,11 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { format_err!("failed to read challenge data for user {}: {}", userid, err) })?; - Ok(Some(UserChallengeData { + Ok(Some(Box::new(UserChallengeData { inner, path, lock: file, - })) + }))) } fn remove(&self, userid: &str) -> Result { @@ -947,7 +946,7 @@ impl proxmox_tfa::api::UserChallengeAccess for UserChallengeData { &mut self.inner } - fn save(self) -> Result<(), Error> { + fn save(&mut self) -> Result<(), Error> { UserChallengeData::save(self) } } @@ -992,7 +991,7 @@ impl UserChallengeData { /// /// This currently consumes selfe as we never perform more than 1 insertion/removal, and this /// way also unlocks early. - fn save(mut self) -> Result<(), Error> { + fn save(&mut self) -> Result<(), Error> { self.rewind()?; serde_json::to_writer(&mut &self.lock, &self.inner).map_err(|err| { From 0648876946a34d564ee68919dfd02cb642d0d365 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 21 Mar 2023 12:54:50 +0100 Subject: [PATCH 014/114] buildsys: fix 'target/' path in install target The target/ dir is relative to the workspace Cargo.toml file. Signed-off-by: Wolfgang Bumiller --- pmg-rs/Makefile | 4 ++-- pve-rs/Makefile | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index 0143caa4..6748979c 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -47,9 +47,9 @@ build: rsync -a debian Makefile Cargo.toml Cargo.lock src target PMG build/ .PHONY: install -install: target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG +install: ../target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto - install -m644 target/release/libpmg_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpmg_rs.so + install -m644 ../target/release/libpmg_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpmg_rs.so install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib install -m644 Proxmox/Lib/PMG.pm $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib/PMG.pm diff --git a/pve-rs/Makefile b/pve-rs/Makefile index e452772b..d04868da 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -57,9 +57,9 @@ build: rsync -a debian Makefile Cargo.toml Cargo.lock src target PVE build/ .PHONY: install -install: target/release/libpve_rs.so Proxmox/Lib/PVE.pm PVE +install: ../target/release/libpve_rs.so Proxmox/Lib/PVE.pm PVE install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto - install -m644 target/release/libpve_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpve_rs.so + install -m644 ../target/release/libpve_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpve_rs.so install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib install -m644 Proxmox/Lib/PVE.pm $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib/PVE.pm From 24702d447221d994a779c19b0dcc46f01ac8f9e6 Mon Sep 17 00:00:00 2001 From: Fiona Ebner Date: Tue, 21 Mar 2023 13:33:44 +0100 Subject: [PATCH 015/114] pve: test: resource scheduling: use dedicated functions for tests Signed-off-by: Fiona Ebner --- pve-rs/test/resource_scheduling.pl | 85 +++++++++++++++++------------- 1 file changed, 48 insertions(+), 37 deletions(-) diff --git a/pve-rs/test/resource_scheduling.pl b/pve-rs/test/resource_scheduling.pl index 4f5105f8..9c48178f 100755 --- a/pve-rs/test/resource_scheduling.pl +++ b/pve-rs/test/resource_scheduling.pl @@ -7,43 +7,54 @@ use Test::More; use PVE::RS::ResourceScheduling::Static; -my $static = PVE::RS::ResourceScheduling::Static->new(); -is(scalar($static->list_nodes()->@*), 0, 'node list empty'); -$static->add_node("A", 10, 100_000_000_000); -is(scalar($static->list_nodes()->@*), 1, '1 node added'); -$static->add_node("B", 20, 200_000_000_000); -is(scalar($static->list_nodes()->@*), 2, '2nd node'); -$static->add_node("C", 30, 300_000_000_000); -is(scalar($static->list_nodes()->@*), 3, '3rd node'); -$static->remove_node("C"); -is(scalar($static->list_nodes()->@*), 2, '3rd removed should be 2'); -ok($static->contains_node("A"), 'should contain a node A'); -ok($static->contains_node("B"), 'should contain a node B'); -ok(!$static->contains_node("C"), 'should not contain a node C'); - -my $service = { - maxcpu => 4, - maxmem => 20_000_000_000, -}; - -for (my $i = 0; $i < 15; $i++) { - my $score_list = $static->score_nodes_to_start_service($service); - - # imitate HA manager - my $scores = { map { $_->[0] => -$_->[1] } $score_list->@* }; - my @nodes = sort { - $scores->{$a} <=> $scores->{$b} || $a cmp $b - } keys $scores->%*; - - if ($i % 3 == 2) { - is($nodes[0], "A", 'first should be A'); - is($nodes[1], "B", 'second should be A'); - } else { - is($nodes[0], "B", 'first should be B'); - is($nodes[1], "A", 'second should be A'); - } - - $static->add_service_usage_to_node($nodes[0], $service); +sub test_basic { + my $static = PVE::RS::ResourceScheduling::Static->new(); + is(scalar($static->list_nodes()->@*), 0, 'node list empty'); + $static->add_node("A", 10, 100_000_000_000); + is(scalar($static->list_nodes()->@*), 1, '1 node added'); + $static->add_node("B", 20, 200_000_000_000); + is(scalar($static->list_nodes()->@*), 2, '2nd node'); + $static->add_node("C", 30, 300_000_000_000); + is(scalar($static->list_nodes()->@*), 3, '3rd node'); + $static->remove_node("C"); + is(scalar($static->list_nodes()->@*), 2, '3rd removed should be 2'); + ok($static->contains_node("A"), 'should contain a node A'); + ok($static->contains_node("B"), 'should contain a node B'); + ok(!$static->contains_node("C"), 'should not contain a node C'); } +sub test_balance { + my $static = PVE::RS::ResourceScheduling::Static->new(); + $static->add_node("A", 10, 100_000_000_000); + $static->add_node("B", 20, 200_000_000_000); + + my $service = { + maxcpu => 4, + maxmem => 20_000_000_000, + }; + + for (my $i = 0; $i < 15; $i++) { + my $score_list = $static->score_nodes_to_start_service($service); + + # imitate HA manager + my $scores = { map { $_->[0] => -$_->[1] } $score_list->@* }; + my @nodes = sort { + $scores->{$a} <=> $scores->{$b} || $a cmp $b + } keys $scores->%*; + + if ($i % 3 == 2) { + is($nodes[0], "A", 'first should be A'); + is($nodes[1], "B", 'second should be A'); + } else { + is($nodes[0], "B", 'first should be B'); + is($nodes[1], "A", 'second should be A'); + } + + $static->add_service_usage_to_node($nodes[0], $service); + } +} + +test_basic(); +test_balance(); + done_testing(); From 2246577a5d20be04a3ad59841b4e97120333d4e8 Mon Sep 17 00:00:00 2001 From: Fiona Ebner Date: Tue, 21 Mar 2023 13:33:45 +0100 Subject: [PATCH 016/114] pve: test: resource scheduling: add test with overcommitted node which will fail with librust-proxmox-resource-scheduling-dev=0.1.0-1 Reported-by: Dominik Csapak Signed-off-by: Fiona Ebner --- pve-rs/test/resource_scheduling.pl | 33 ++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/pve-rs/test/resource_scheduling.pl b/pve-rs/test/resource_scheduling.pl index 9c48178f..fbedfe16 100755 --- a/pve-rs/test/resource_scheduling.pl +++ b/pve-rs/test/resource_scheduling.pl @@ -54,7 +54,40 @@ sub test_balance { } } +sub test_overcommitted { + my $static = PVE::RS::ResourceScheduling::Static->new(); + $static->add_node("A", 4, 4_102_062_080); + $static->add_node("B", 4, 4_102_062_080); + $static->add_node("C", 4, 4_102_053_888); + $static->add_node("D", 4, 4_102_053_888); + + my $service = { + maxcpu => 1, + maxmem => 536_870_912, + }; + + $static->add_service_usage_to_node("A", $service); + $static->add_service_usage_to_node("A", $service); + $static->add_service_usage_to_node("A", $service); + $static->add_service_usage_to_node("B", $service); + $static->add_service_usage_to_node("A", $service); + + my $score_list = $static->score_nodes_to_start_service($service); + + # imitate HA manager + my $scores = { map { $_->[0] => -$_->[1] } $score_list->@* }; + my @nodes = sort { + $scores->{$a} <=> $scores->{$b} || $a cmp $b + } keys $scores->%*; + + is($nodes[0], "C", 'first should be C'); + is($nodes[1], "D", 'second should be D'); + is($nodes[2], "B", 'third should be B'); + is($nodes[3], "A", 'fourth should be A'); +} + test_basic(); test_balance(); +test_overcommitted(); done_testing(); From ea6ae50fffc54752beb659df62683274144a9cec Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Tue, 21 Mar 2023 15:26:40 +0100 Subject: [PATCH 017/114] bump proxmox-resource-scheduling dependency to 0.2 Signed-off-by: Thomas Lamprecht --- Cargo.toml | 2 +- pve-rs/debian/control | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index fc260b77..d96701cb 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -26,7 +26,7 @@ proxmox-acme-rs = { version = "0.4", features = ["client"] } proxmox-apt = "0.9" proxmox-http = { version = "0.8", features = ["client-sync", "client-trait"] } proxmox-openid = "0.9.8" -proxmox-resource-scheduling = "0.1" +proxmox-resource-scheduling = "0.2" proxmox-subscription = "0.3" proxmox-sys = "0.4.2" proxmox-tfa = { version = "3", features = ["api"] } diff --git a/pve-rs/debian/control b/pve-rs/debian/control index fca5786d..17e495b4 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -23,7 +23,7 @@ Build-Depends: librust-proxmox-http-0.8+client-trait-dev, librust-proxmox-http-0.8+default-dev, librust-proxmox-openid-0.9+default-dev (>= 0.9.8-~~), - librust-proxmox-resource-scheduling-0.1+default-dev, + librust-proxmox-resource-scheduling-0.2+default-dev, librust-proxmox-subscription-0.3+default-dev, librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), librust-proxmox-tfa-3+api-dev, From df8e411e1d797e9bbe5a0062d308e6bf1243fb35 Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Tue, 21 Mar 2023 15:30:34 +0100 Subject: [PATCH 018/114] bump version to 0.7.4 Signed-off-by: Thomas Lamprecht --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/changelog | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 807b6782..0108eb25 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.7.3" +version = "0.7.4" authors = ["Proxmox Support Team "] edition = "2018" license = "AGPL-3" diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index 39767349..864c151f 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,18 @@ +libpve-rs-perl (0.7.4) bullseye; urgency=medium + + * initialize logging when shared library is loaded + + * update to new TFA crate + + * bump proxmox-resource-scheduling dependency to 0.2 to pull in a fix for + usage calculation for homogeneous nodes + + * pve: test: resource scheduling: add test with overcommitted node + + * update nix to 0.26 + + -- Proxmox Support Team Tue, 21 Mar 2023 15:28:08 +0100 + libpve-rs-perl (0.7.3) bullseye; urgency=medium * add PVE::RS::ResourceScheduling::Static and tests From 2fad118858d2a7f974c50a980939ed48ce051189 Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Tue, 21 Mar 2023 17:58:45 +0100 Subject: [PATCH 019/114] bump version to 0.7.5 Signed-off-by: Thomas Lamprecht --- Cargo.toml | 2 +- pve-rs/debian/changelog | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index d96701cb..94e29d5d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -26,7 +26,7 @@ proxmox-acme-rs = { version = "0.4", features = ["client"] } proxmox-apt = "0.9" proxmox-http = { version = "0.8", features = ["client-sync", "client-trait"] } proxmox-openid = "0.9.8" -proxmox-resource-scheduling = "0.2" +proxmox-resource-scheduling = "0.2.1" proxmox-subscription = "0.3" proxmox-sys = "0.4.2" proxmox-tfa = { version = "3", features = ["api"] } diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index 864c151f..d4de83d9 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,11 @@ +libpve-rs-perl (0.7.5) bullseye; urgency=medium + + * update proxmox-resource-scheduling dependency to 0.2.1 to pull in an + improvement for with services where CPU should matter more if there is no + memory load at all + + -- Proxmox Support Team Tue, 21 Mar 2023 17:58:22 +0100 + libpve-rs-perl (0.7.4) bullseye; urgency=medium * initialize logging when shared library is loaded From 856ab916b15dff03a39ad78afdc2beda89d91ed2 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 21 Mar 2023 15:40:08 +0100 Subject: [PATCH 020/114] buildsys: drop old deb building from pmg,pve Makefiles Signed-off-by: Wolfgang Bumiller --- pmg-rs/Makefile | 16 +--------------- pve-rs/Makefile | 16 +--------------- 2 files changed, 2 insertions(+), 30 deletions(-) diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index 6748979c..8ca1cb76 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -38,14 +38,6 @@ Proxmox/Lib/PMG.pm: ../Proxmox/Lib/template.pm mkdir -p Proxmox/Lib $(call package_template,PMG,pmg_rs,../) -# always re-create this dir -# but also copy the local target/ and PMG/ dirs as a build-cache -.PHONY: build -build: - rm -rf build - cargo build --release - rsync -a debian Makefile Cargo.toml Cargo.lock src target PMG build/ - .PHONY: install install: ../target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto @@ -55,17 +47,11 @@ install: ../target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG install -m644 Proxmox/Lib/PMG.pm $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib/PMG.pm find $(PM_DIR) \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' -.PHONY: deb -deb: $(MAIN_DEB) -$(MAIN_DEB): build - cd build; dpkg-buildpackage -b -us -uc --no-pre-clean - lintian $(DEBS) - distclean: clean clean: cargo clean - rm -rf *.deb *.dsc *.tar.gz *.buildinfo *.changes Cargo.lock build + rm -rf *.deb *.dsc *.tar.gz *.buildinfo *.changes Cargo.lock find . -name '*~' -exec rm {} ';' .PHONY: dinstall diff --git a/pve-rs/Makefile b/pve-rs/Makefile index d04868da..9d12d58e 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -48,14 +48,6 @@ Proxmox/Lib/PVE.pm: ../Proxmox/Lib/template.pm check: all $(MAKE) -C test test -# always re-create this dir -# but also copy the local target/ and PVE/ dirs as a build-cache -.PHONY: build -build: - rm -rf build - cargo build --release - rsync -a debian Makefile Cargo.toml Cargo.lock src target PVE build/ - .PHONY: install install: ../target/release/libpve_rs.so Proxmox/Lib/PVE.pm PVE install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto @@ -65,17 +57,11 @@ install: ../target/release/libpve_rs.so Proxmox/Lib/PVE.pm PVE install -m644 Proxmox/Lib/PVE.pm $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib/PVE.pm find $(PM_DIR) \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' -.PHONY: deb -deb: $(MAIN_DEB) -$(MAIN_DEB): build - cd build; dpkg-buildpackage -b -us -uc --no-pre-clean - lintian $(DEBS) - distclean: clean clean: cargo clean - rm -rf *.deb *.dsc *.tar.gz *.buildinfo *.changes Cargo.lock build + rm -rf *.deb *.dsc *.tar.gz *.buildinfo *.changes Cargo.lock find . -name '*~' -exec rm {} ';' .PHONY: dinstall From 187d43394d66f4175f1fc5261b2f8610a4f30225 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Fri, 28 Apr 2023 12:37:50 +0200 Subject: [PATCH 021/114] use more workspace variables, upgrade edition Signed-off-by: Wolfgang Bumiller --- Cargo.toml | 6 ++++++ pmg-rs/Cargo.toml | 12 +++++------- pve-rs/Cargo.toml | 7 ++++--- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 94e29d5d..dc7b02dd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -5,6 +5,12 @@ members = [ "pmg-rs", ] +[workspace.package] +authors = ["Proxmox Support Team "] +edition = "2021" +license = "AGPL-3" +repository = "https://git.proxmox.com/?p=proxmox.git" + [workspace.dependencies] anyhow = "1.0" base32 = "0.4" diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index f751d657..4e176af9 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -1,14 +1,12 @@ [package] name = "pmg-rs" version = "0.6.2" -authors = [ - "Proxmox Support Team ", - "Wolfgang Bumiller ", - "Fabian Ebner ", -] -edition = "2018" -license = "AGPL-3" description = "PMG parts which have been ported to rust" +authors.workspace = true +edition.workspace = true +license.workspace = true +repository.workspace = true + exclude = [ "build", "debian", diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 0108eb25..2468df2f 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,11 +1,12 @@ [package] name = "pve-rs" version = "0.7.4" -authors = ["Proxmox Support Team "] -edition = "2018" -license = "AGPL-3" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" +authors.workspace = true +edition.workspace = true +license.workspace = true +repository.workspace = true exclude = [ "debian", From 72140ad5166a9a438dac562c774c9abb90cb1b99 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 18 Apr 2023 11:26:04 +0200 Subject: [PATCH 022/114] update to new tfa crate Signed-off-by: Wolfgang Bumiller --- pmg-rs/src/tfa.rs | 31 ++++++++------- pve-rs/src/tfa.rs | 99 ++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 102 insertions(+), 28 deletions(-) diff --git a/pmg-rs/src/tfa.rs b/pmg-rs/src/tfa.rs index 249202f1..6e5207e0 100644 --- a/pmg-rs/src/tfa.rs +++ b/pmg-rs/src/tfa.rs @@ -32,7 +32,7 @@ mod export { use url::Url; use perlmod::Value; - use proxmox_tfa::api::methods; + use proxmox_tfa::api::{methods, TfaResult}; use super::{TfaConfig, UserAccess}; @@ -221,10 +221,7 @@ mod export { .unwrap() .users .get(userid) - .and_then(|user| { - let state = user.recovery_state(); - state.is_available().then(move || state) - }) + .and_then(|user| user.recovery_state()) } /// Takes the TFA challenge string (which is a json object) and verifies ther esponse against @@ -245,15 +242,17 @@ mod export { let challenge: super::TfaChallenge = serde_json::from_str(challenge)?; let response: super::TfaResponse = response.parse()?; let mut inner = this.inner.lock().unwrap(); - inner - .verify( - &UserAccess::new(&raw_this)?, - userid, - &challenge, - response, - origin.as_ref(), - ) - .map(|save| save.needs_saving()) + let result = inner.verify( + &UserAccess::new(&raw_this)?, + userid, + &challenge, + response, + origin.as_ref(), + ); + match result { + TfaResult::Success { needs_saving } => Ok(needs_saving), + _ => bail!("TFA authentication failed"), + } } /// DEBUG HELPER: Get the current TOTP value for a given TOTP URI. @@ -528,6 +527,10 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { Err(err) => Err(err.into()), } } + + fn check_valid_totp_code(&self, _: &str, _: i64) -> bool { + todo!() + } } /// Container of `TfaUserChallenges` with the corresponding file lock guard. diff --git a/pve-rs/src/tfa.rs b/pve-rs/src/tfa.rs index 316df481..dcba4857 100644 --- a/pve-rs/src/tfa.rs +++ b/pve-rs/src/tfa.rs @@ -35,7 +35,7 @@ mod export { use url::Url; use perlmod::Value; - use proxmox_tfa::api::methods; + use proxmox_tfa::api::{methods, TfaResult}; use super::{TfaConfig, UserAccess}; @@ -267,10 +267,7 @@ mod export { .unwrap() .users .get(userid) - .and_then(|user| { - let state = user.recovery_state(); - state.is_available().then(move || state) - }) + .and_then(|user| user.recovery_state()) } /// Takes the TFA challenge string (which is a json object) and verifies ther esponse against @@ -278,6 +275,8 @@ mod export { /// /// NOTE: This returns a boolean whether the config data needs to be *saved* after this call /// (to use up recovery keys!). + /// + /// WARNING: This method is now deprecated, as it failures were communicated via croaking. #[export] fn authentication_verify( #[raw] raw_this: Value, @@ -291,15 +290,81 @@ mod export { let challenge: super::TfaChallenge = serde_json::from_str(challenge)?; let response: super::TfaResponse = response.parse()?; let mut inner = this.inner.lock().unwrap(); - inner - .verify( - &UserAccess::new(&raw_this)?, - userid, - &challenge, - response, - origin.as_ref(), - ) - .map(|save| save.needs_saving()) + let result = inner.verify( + &UserAccess::new(&raw_this)?, + userid, + &challenge, + response, + origin.as_ref(), + ); + match result { + TfaResult::Success { needs_saving } => Ok(needs_saving), + _ => bail!("TFA authentication failed"), + } + } + + /// Takes the TFA challenge string (which is a json object) and verifies ther esponse against + /// it. + /// + /// NOTE: This returns a boolean whether the config data needs to be *saved* after this call + /// (to use up recovery keys!). + /// + /// Returns a result hash of the form: + /// ```text + /// { + /// "result": bool, // whether TFA was successful + /// "needs-saving": bool, // whether the user config needs saving + /// "tfa-limit-reached": bool, // whether the TFA limit was reached (config needs saving) + /// "totp-limit-reached": bool, // whether the TOTP limit was reached (config needs saving) + /// } + /// ``` + #[export] + fn authentication_verify2( + #[raw] raw_this: Value, + //#[try_from_ref] this: &Tfa, + userid: &str, + challenge: &str, //super::TfaChallenge, + response: &str, + origin: Option, + ) -> Result { + let this: &Tfa = (&raw_this).try_into()?; + let challenge: super::TfaChallenge = serde_json::from_str(challenge)?; + let response: super::TfaResponse = response.parse()?; + let mut inner = this.inner.lock().unwrap(); + let result = inner.verify( + &UserAccess::new(&raw_this)?, + userid, + &challenge, + response, + origin.as_ref(), + ); + Ok(match result { + TfaResult::Success { needs_saving } => TfaReturnValue { + result: true, + needs_saving, + ..Default::default() + }, + TfaResult::Locked => TfaReturnValue::default(), + TfaResult::Failure { + needs_saving, + totp_limit_reached, + tfa_limit_reached, + } => TfaReturnValue { + result: false, + needs_saving, + totp_limit_reached, + tfa_limit_reached, + }, + }) + } + + #[derive(Default, serde::Serialize)] + #[serde(rename_all = "kebab-case")] + struct TfaReturnValue { + result: bool, + needs_saving: bool, + totp_limit_reached: bool, + tfa_limit_reached: bool, } /// DEBUG HELPER: Get the current TOTP value for a given TOTP URI. @@ -515,6 +580,7 @@ fn decode_old_entry(ty: &[u8], data: &[u8], user: &str) -> Result user_data.totp.extend( decode_old_oath_entry(value, user)? .into_iter() + .map(proxmox_tfa::api::TotpEntry::new) .map(move |entry| proxmox_tfa::api::TfaEntry::from_parts(info.clone(), entry)), ), b"yubico" => user_data.yubico.extend( @@ -929,6 +995,11 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { Err(err) => Err(err.into()), } } + + /// TODO: Enable this once we can consider most clusters to support the new format. + fn enable_lockout() -> bool { + false + } } /// Container of `TfaUserChallenges` with the corresponding file lock guard. From e885772926fd716cb67124cac5ae63349f854cf0 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Thu, 20 Apr 2023 09:51:09 +0200 Subject: [PATCH 023/114] bump proxmox-tfa to 4 Signed-off-by: Wolfgang Bumiller --- Cargo.toml | 2 +- pmg-rs/debian/control | 4 +-- pmg-rs/src/tfa.rs | 66 +++++++++++++++++++++++++++++++++++++++++-- pve-rs/debian/control | 6 ++-- pve-rs/src/tfa.rs | 5 +--- 5 files changed, 71 insertions(+), 12 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index dc7b02dd..85af95d8 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -35,7 +35,7 @@ proxmox-openid = "0.9.8" proxmox-resource-scheduling = "0.2.1" proxmox-subscription = "0.3" proxmox-sys = "0.4.2" -proxmox-tfa = { version = "3", features = ["api"] } +proxmox-tfa = { version = "4", features = ["api"] } proxmox-time = "1.1.3" [patch.crates-io] diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index ca22f0a5..8d4a1256 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -25,8 +25,8 @@ Build-Depends: librust-proxmox-http-0.8+default-dev, librust-proxmox-subscription-0.3+default-dev, librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), - librust-proxmox-tfa-3+api-dev, - librust-proxmox-tfa-3+default-dev, + librust-proxmox-tfa-4+api-dev, + librust-proxmox-tfa-4+default-dev, librust-proxmox-time-1+default-dev (>= 1.1.3-~~), librust-serde-1+default-dev, librust-serde-bytes-0.11+default-dev, diff --git a/pmg-rs/src/tfa.rs b/pmg-rs/src/tfa.rs index 6e5207e0..a14f1eee 100644 --- a/pmg-rs/src/tfa.rs +++ b/pmg-rs/src/tfa.rs @@ -255,6 +255,67 @@ mod export { } } + /// Takes the TFA challenge string (which is a json object) and verifies ther esponse against + /// it. + /// + /// Returns a result hash of the form: + /// ```text + /// { + /// "result": bool, // whether TFA was successful + /// "needs-saving": bool, // whether the user config needs saving + /// "tfa-limit-reached": bool, // whether the TFA limit was reached (config needs saving) + /// "totp-limit-reached": bool, // whether the TOTP limit was reached (config needs saving) + /// } + /// ``` + #[export] + fn authentication_verify2( + #[raw] raw_this: Value, + //#[try_from_ref] this: &Tfa, + userid: &str, + challenge: &str, //super::TfaChallenge, + response: &str, + origin: Option, + ) -> Result { + let this: &Tfa = (&raw_this).try_into()?; + let challenge: super::TfaChallenge = serde_json::from_str(challenge)?; + let response: super::TfaResponse = response.parse()?; + let mut inner = this.inner.lock().unwrap(); + let result = inner.verify( + &UserAccess::new(&raw_this)?, + userid, + &challenge, + response, + origin.as_ref(), + ); + Ok(match result { + TfaResult::Success { needs_saving } => TfaReturnValue { + result: true, + needs_saving, + ..Default::default() + }, + TfaResult::Locked => TfaReturnValue::default(), + TfaResult::Failure { + needs_saving, + totp_limit_reached, + tfa_limit_reached, + } => TfaReturnValue { + result: false, + needs_saving, + totp_limit_reached, + tfa_limit_reached, + }, + }) + } + + #[derive(Default, serde::Serialize)] + #[serde(rename_all = "kebab-case")] + struct TfaReturnValue { + result: bool, + needs_saving: bool, + totp_limit_reached: bool, + tfa_limit_reached: bool, + } + /// DEBUG HELPER: Get the current TOTP value for a given TOTP URI. #[export] fn get_current_totp_value(otp_uri: &str) -> Result { @@ -528,8 +589,9 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { } } - fn check_valid_totp_code(&self, _: &str, _: i64) -> bool { - todo!() + // TODO: enable once we have UI/API admin stuff to unlock locked accounts + fn enable_lockout(&self) -> bool { + false } } diff --git a/pve-rs/debian/control b/pve-rs/debian/control index 17e495b4..b15ae7cc 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -23,11 +23,11 @@ Build-Depends: librust-proxmox-http-0.8+client-trait-dev, librust-proxmox-http-0.8+default-dev, librust-proxmox-openid-0.9+default-dev (>= 0.9.8-~~), - librust-proxmox-resource-scheduling-0.2+default-dev, + librust-proxmox-resource-scheduling-0.2+default-dev (>= 0.2.1-~~), librust-proxmox-subscription-0.3+default-dev, librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), - librust-proxmox-tfa-3+api-dev, - librust-proxmox-tfa-3+default-dev, + librust-proxmox-tfa-4+api-dev, + librust-proxmox-tfa-4+default-dev, librust-proxmox-time-1+default-dev (>= 1.1.3-~~), librust-serde-1+default-dev, librust-serde-bytes-0.11+default-dev, diff --git a/pve-rs/src/tfa.rs b/pve-rs/src/tfa.rs index dcba4857..aab7f2e7 100644 --- a/pve-rs/src/tfa.rs +++ b/pve-rs/src/tfa.rs @@ -306,9 +306,6 @@ mod export { /// Takes the TFA challenge string (which is a json object) and verifies ther esponse against /// it. /// - /// NOTE: This returns a boolean whether the config data needs to be *saved* after this call - /// (to use up recovery keys!). - /// /// Returns a result hash of the form: /// ```text /// { @@ -997,7 +994,7 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { } /// TODO: Enable this once we can consider most clusters to support the new format. - fn enable_lockout() -> bool { + fn enable_lockout(&self) -> bool { false } } From 932d602d33acadd44740f4c1a6437653e427eaf2 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 9 May 2023 11:29:05 +0200 Subject: [PATCH 024/114] major build system upgrade - Add a 'common' symlink inside pve-rs/pmg-rs - Have the `build/` target replace it with a dir and copy `common/src` into it. - Depend on perlmod-bin to generate the perl package files. now pve-rs and pmg-rs can be built directly from within via dpkg-buildpackage Signed-off-by: Wolfgang Bumiller --- Makefile | 16 ++-- Proxmox/Lib/template.pm | 75 ------------------- common/pkg/Makefile | 11 ++- {Proxmox => common/pkg/Proxmox}/Lib/Common.pm | 0 common/scripts | 1 - defines.mk | 8 -- pmg-rs/Makefile | 35 +++++---- pmg-rs/common | 1 + pmg-rs/debian/control | 1 + pmg-rs/src/lib.rs | 2 +- pve-rs/Makefile | 28 ++++--- pve-rs/common | 1 + pve-rs/debian/control | 1 + pve-rs/src/lib.rs | 2 +- scripts/genpackage.pl | 32 -------- 15 files changed, 57 insertions(+), 157 deletions(-) delete mode 100644 Proxmox/Lib/template.pm rename {Proxmox => common/pkg/Proxmox}/Lib/Common.pm (100%) delete mode 120000 common/scripts delete mode 100644 defines.mk create mode 120000 pmg-rs/common create mode 120000 pve-rs/common delete mode 100755 scripts/genpackage.pl diff --git a/Makefile b/Makefile index 00bb32b6..a1ed278e 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,3 @@ -include defines.mk - CARGO ?= cargo ifeq ($(BUILD_MODE), release) @@ -38,17 +36,15 @@ build: mkdir build echo system >build/rust-toolchain cp -a ./Cargo.toml ./build - cp -a ./scripts ./build cp -a ./common ./build cp -a ./pve-rs ./build cp -a ./pmg-rs ./build - cp -a ./Proxmox ./build - cp defines.mk ./build - mv ./build/Proxmox ./build/common/pkg -# The template.pm is required by the products to produce their Proxmox::Lib - mkdir ./build/Proxmox - mkdir ./build/Proxmox/Lib - cp ./Proxmox/Lib/template.pm ./build/Proxmox/Lib +# Replace the symlinks with copies of the common code in pve/pmg: + cd build; for i in pve pmg; do \ + rm ./$$i-rs/common ; \ + mkdir ./$$i-rs/common ; \ + cp -R ./common/src ./$$i-rs/common/src ; \ + done # So the common packages end up in ./build, rather than ./build/common mv ./build/common/pkg ./build/common-pkg diff --git a/Proxmox/Lib/template.pm b/Proxmox/Lib/template.pm deleted file mode 100644 index 9eb10cfb..00000000 --- a/Proxmox/Lib/template.pm +++ /dev/null @@ -1,75 +0,0 @@ -package Proxmox::Lib::{{PRODUCT}}; - -=head1 NAME - -Proxmox::Lib::{{PRODUCT}} - base module for {{PRODUCT}} rust bindings - -=head1 SYNOPSIS - - package {{PRODUCT}}::RS::SomeBindings; - - use base 'Proxmox::Lib::{{PRODUCT}}'; - - BEGIN { __PACKAGE__->bootstrap(); } - - 1; - -=head1 DESCRIPTION - -This is the base module of all {{PRODUCT}} bindings. -Its job is to ensure the 'lib{{LIBRARY}}.so' library is loaded and provide a 'bootstrap' class -method to load the actual code. - -=cut - -use DynaLoader; - -sub library { - return '{{LIBRARY}}'; -} - -# Keep on a single line, modified by testsuite! -sub libdirs { return (map "-L$_/auto", @INC); } - -sub load : prototype($) { - my ($pkg) = @_; - - my $mod_name = $pkg->library(); - - my @dirs = $pkg->libdirs(); - my $mod_file = DynaLoader::dl_findfile({{DEBUG_LIBPATH}}@dirs, $mod_name); - die "failed to locate shared library for $mod_name (lib${mod_name}.so)\n" if !$mod_file; - - my $lib = DynaLoader::dl_load_file($mod_file) - or die "failed to load library '$mod_file'\n"; - - my $data = ($::{'proxmox-rs-library'} //= {}); - $data->{$mod_name} = $lib; - $data->{-current} //= $lib; - $data->{-package} //= $pkg; -} - -sub bootstrap { - my ($pkg) = @_; - - my $mod_name = $pkg->library(); - - my $bootstrap_name = 'boot_' . ($pkg =~ s/::/__/gr); - - my $lib = $::{'proxmox-rs-library'} - or die "rust library not available for '{PRODUCT}'\n"; - $lib = $lib->{$mod_name}; - - my $sym = DynaLoader::dl_find_symbol($lib, $bootstrap_name); - die "failed to locate '$bootstrap_name'\n" if !defined $sym; - my $boot = DynaLoader::dl_install_xsub($bootstrap_name, $sym, "src/FIXME.rs"); - $boot->(); -} - -BEGIN { - __PACKAGE__->load(); - __PACKAGE__->bootstrap(); - init(); -} - -1; diff --git a/common/pkg/Makefile b/common/pkg/Makefile index bf22a7b4..88ab0849 100644 --- a/common/pkg/Makefile +++ b/common/pkg/Makefile @@ -12,9 +12,15 @@ DEB=${PACKAGE}_${DEB_VERSION}_${ARCH}.deb DESTDIR= +PERLMOD_GENPACKAGE := /usr/lib/perlmod/genpackage.pl \ + --lib=- \ + --lib-tag=proxmox \ + --lib-package=Proxmox::Lib::Common \ + --lib-prefix=Proxmox + # Point to any generated pm file (Proxmox/ dir is already present in this package) -Proxmox/RS/CalendarEvent.pm: ../scripts/genpackage.pl - perl ../scripts/genpackage.pl Common \ +Proxmox/RS/CalendarEvent.pm: + $(PERLMOD_GENPACKAGE) \ Proxmox::RS::APT::Repositories \ Proxmox::RS::CalendarEvent \ Proxmox::RS::Subscription @@ -27,7 +33,6 @@ install: Proxmox/RS/CalendarEvent.pm install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) find PVE \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' find Proxmox \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' - rm $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/Proxmox/Lib/template.pm' .PHONY: deb deb: $(DEB) diff --git a/Proxmox/Lib/Common.pm b/common/pkg/Proxmox/Lib/Common.pm similarity index 100% rename from Proxmox/Lib/Common.pm rename to common/pkg/Proxmox/Lib/Common.pm diff --git a/common/scripts b/common/scripts deleted file mode 120000 index a339954d..00000000 --- a/common/scripts +++ /dev/null @@ -1 +0,0 @@ -../scripts \ No newline at end of file diff --git a/defines.mk b/defines.mk deleted file mode 100644 index b83abbf9..00000000 --- a/defines.mk +++ /dev/null @@ -1,8 +0,0 @@ -define package_template - sed -r \ - -e 's/\{\{PRODUCT\}\}/$(1)/g;' \ - -e 's/\{\{LIBRARY\}\}/$(2)/g;' \ - -e 's|\{\{DEBUG_LIBPATH\}\}|$(DEBUG_LIBPATH)|g;' \ - $(3)Proxmox/Lib/template.pm \ - >Proxmox/Lib/$(1).pm -endef diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index 8ca1cb76..28e1ea84 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -1,4 +1,3 @@ -include ../defines.mk include /usr/share/dpkg/default.mk PACKAGE=libpmg-rs-perl @@ -17,26 +16,34 @@ DESTDIR= PM_DIR := PMG -ifeq ($(BUILD_MODE), release) -CARGO_BUILD_ARGS += --release -endif +PERLMOD_GENPACKAGE := /usr/lib/perlmod/genpackage.pl \ + --lib=pmg_rs \ + --lib-tag=proxmox \ + --lib-package=Proxmox::Lib::PMG \ + --lib-prefix=PMG -all: Proxmox/Lib/PMG.pm -ifneq ($(BUILD_MODE), skip) - cargo build $(CARGO_BUILD_ARGS) -endif - -PMG: ../scripts/genpackage.pl - perl ../scripts/genpackage.pl PMG \ +PERLMOD_PACKAGES := \ PMG::RS::APT::Repositories \ PMG::RS::Acme \ PMG::RS::CSR \ PMG::RS::OpenId \ PMG::RS::TFA -Proxmox/Lib/PMG.pm: ../Proxmox/Lib/template.pm - mkdir -p Proxmox/Lib - $(call package_template,PMG,pmg_rs,../) +ifeq ($(BUILD_MODE), release) +CARGO_BUILD_ARGS += --release +TARGET_DIR=release +else +TARGET_DIR=debug +endif + +all: +ifneq ($(BUILD_MODE), skip) + cargo build $(CARGO_BUILD_ARGS) +endif + +PMG: Proxmox/Lib/PMG.pm +Proxmox/Lib/PMG.pm: + $(PERLMOD_GENPACKAGE) $(PERLMOD_PACKAGES) .PHONY: install install: ../target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG diff --git a/pmg-rs/common b/pmg-rs/common new file mode 120000 index 00000000..60d3b0a6 --- /dev/null +++ b/pmg-rs/common @@ -0,0 +1 @@ +../common \ No newline at end of file diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 8d4a1256..f0b31a63 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -5,6 +5,7 @@ Maintainer: Proxmox Support Team Build-Depends: debhelper (>= 12), dh-cargo (>= 24), + perlmod-bin, cargo:native , rustc:native , libstd-rust-dev , diff --git a/pmg-rs/src/lib.rs b/pmg-rs/src/lib.rs index 5914bc9e..86331365 100644 --- a/pmg-rs/src/lib.rs +++ b/pmg-rs/src/lib.rs @@ -1,4 +1,4 @@ -#[path = "../../common/src/mod.rs"] +#[path = "../common/src/mod.rs"] pub mod common; pub mod acme; diff --git a/pve-rs/Makefile b/pve-rs/Makefile index 9d12d58e..dd422e4f 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -1,4 +1,3 @@ -include ../defines.mk include /usr/share/dpkg/default.mk PACKAGE=libpve-rs-perl @@ -18,6 +17,18 @@ DESTDIR= PM_DIR := PVE +PERLMOD_GENPACKAGE := /usr/lib/perlmod/genpackage.pl \ + --lib=pve_rs \ + --lib-tag=proxmox \ + --lib-package=Proxmox::Lib::PVE \ + --lib-prefix=PVE + +PERLMOD_PACKAGES := \ + PVE::RS::APT::Repositories \ + PVE::RS::OpenId \ + PVE::RS::ResourceScheduling::Static \ + PVE::RS::TFA + ifeq ($(BUILD_MODE), release) CARGO_BUILD_ARGS += --release TARGET_DIR=release @@ -25,7 +36,7 @@ else TARGET_DIR=debug endif -all: PVE Proxmox/Lib/PVE.pm +all: PVE ifneq ($(BUILD_MODE), skip) cargo build $(CARGO_BUILD_ARGS) mkdir -p test/Proxmox/Lib @@ -34,16 +45,9 @@ ifneq ($(BUILD_MODE), skip) Proxmox/Lib/PVE.pm >test/Proxmox/Lib/PVE.pm endif -PVE: ../scripts/genpackage.pl - perl ../scripts/genpackage.pl PVE \ - PVE::RS::APT::Repositories \ - PVE::RS::OpenId \ - PVE::RS::ResourceScheduling::Static \ - PVE::RS::TFA - -Proxmox/Lib/PVE.pm: ../Proxmox/Lib/template.pm - mkdir -p Proxmox/Lib - $(call package_template,PVE,pve_rs,../) +PVE: Proxmox/Lib/PVE.pm +Proxmox/Lib/PVE.pm: + $(PERLMOD_GENPACKAGE) $(PERLMOD_PACKAGES) check: all $(MAKE) -C test test diff --git a/pve-rs/common b/pve-rs/common new file mode 120000 index 00000000..60d3b0a6 --- /dev/null +++ b/pve-rs/common @@ -0,0 +1 @@ +../common \ No newline at end of file diff --git a/pve-rs/debian/control b/pve-rs/debian/control index b15ae7cc..fed874c8 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -4,6 +4,7 @@ Priority: optional Build-Depends: debhelper (>= 12), dh-cargo (>= 24), + perlmod-bin, cargo:native , rustc:native , libstd-rust-dev , diff --git a/pve-rs/src/lib.rs b/pve-rs/src/lib.rs index 671aad02..fc31b3aa 100644 --- a/pve-rs/src/lib.rs +++ b/pve-rs/src/lib.rs @@ -1,6 +1,6 @@ //! Rust library for the Proxmox VE code base. -#[path = "../../common/src/mod.rs"] +#[path = "../common/src/mod.rs"] pub mod common; pub mod apt; diff --git a/scripts/genpackage.pl b/scripts/genpackage.pl deleted file mode 100755 index ee7d98bf..00000000 --- a/scripts/genpackage.pl +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/env perl - -# Create a perl package given a product and package name. - -use strict; -use warnings; - -use File::Path qw(make_path); - -my $product = shift @ARGV or die "missing product name (PVE, PMG or Common)\n"; - -die "missing package name\n" if !@ARGV; - -for my $package (@ARGV) { - my $path = ($package =~ s@::@/@gr) . ".pm"; - - print "Generating $path\n"; - - $path =~ m@^(.*)/[^/]+@; - make_path($1, { mode => 0755 }); - - open(my $fh, '>', $path) or die "failed to open '$path' for writing: $!\n"; - - print {$fh} <<"EOF"; -package $package; -use base 'Proxmox::Lib::$product'; -BEGIN { __PACKAGE__->bootstrap(); } -1; -EOF - - close($fh); -} From 29d2ac1e7683f01ff4076e88a5fb33711da324e6 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 10 May 2023 13:21:21 +0200 Subject: [PATCH 025/114] bump pve-rs to 0.7.6 Signed-off-by: Wolfgang Bumiller --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/changelog | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 2468df2f..4b47c60e 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.7.4" +version = "0.7.6" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" authors.workspace = true diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index d4de83d9..663fddc5 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,12 @@ +libpve-rs-perl (0.7.6) bullseye; urgency=medium + + * update to new tfa crate + + * introduce new authentication_verify2 call to utilize the totp/tfa locking + capabilities of the TFA API + + -- Proxmox Support Team Wed, 10 May 2023 10:54:10 +0200 + libpve-rs-perl (0.7.5) bullseye; urgency=medium * update proxmox-resource-scheduling dependency to 0.2.1 to pull in an From b56f09dbaa6b29a1d13eaf892fdebe0cd5c5d816 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 16 May 2023 14:28:25 +0200 Subject: [PATCH 026/114] buildsys: pve: add dsc target, derive distribution automatically Signed-off-by: Wolfgang Bumiller --- pve-rs/Makefile | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index dd422e4f..8428f45b 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -1,3 +1,4 @@ +include /usr/share/dpkg/pkg-info.mk include /usr/share/dpkg/default.mk PACKAGE=libpve-rs-perl @@ -12,6 +13,7 @@ PERL_INSTALLVENDORLIB != perl -MConfig -e 'print $$Config{installvendorlib};' MAIN_DEB=${PACKAGE}_${DEB_VERSION}_${ARCH}.deb DBGSYM_DEB=${PACKAGE}-dbgsym_${DEB_VERSION}_${ARCH}.deb DEBS=$(MAIN_DEB) $(DBGSYM_DEB) +DSC=${PACKAGE}_${DEB_VERSION_UPSTREAM_REVISION}.dsc DESTDIR= @@ -73,7 +75,17 @@ dinstall: ${DEBS} dpkg -i ${DEBS} .PHONY: upload +upload: UPLOAD_DIST ?= $(DEB_DISTRIBUTION) upload: ${DEBS} # check if working directory is clean git diff --exit-code --stat && git diff --exit-code --stat --staged - tar cf - ${DEBS} | ssh -X repoman@repo.proxmox.com upload --product pve --dist bullseye + tar cf - ${DEBS} | ssh -X repoman@repo.proxmox.com upload --product pve --dist $(DEB_DISTRIBUTION) + +.PHONY: dsc +dsc: ${DSC} +${DSC}: ${BUILDDIR} + cd ${BUILDDIR}; dpkg-buildpackage -S -us -uc -d + lintian ${DSC} + +sbuild: $(DSC) + sbuild $(DSC) From 34a0068618e92371b75f36558217cf5ea3a25428 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 17 May 2023 09:03:49 +0200 Subject: [PATCH 027/114] undo rust workspace change in preparation for .dsc builds The library ending up a level above the actual code just makes .dsc/sbuild building very inconvenient, and pve-rs and pmg-rs often grow independently from one another. All we need is the common code available. Signed-off-by: Wolfgang Bumiller --- Cargo.toml | 45 ---------------------------------------- Makefile | 51 +++++++++------------------------------------- pmg-rs/Cargo.toml | 47 +++++++++++++++++++++--------------------- pve-rs/Cargo.toml | 52 +++++++++++++++++++++++------------------------ 4 files changed, 60 insertions(+), 135 deletions(-) delete mode 100644 Cargo.toml diff --git a/Cargo.toml b/Cargo.toml deleted file mode 100644 index 85af95d8..00000000 --- a/Cargo.toml +++ /dev/null @@ -1,45 +0,0 @@ -[workspace] -exclude = [ "build", "common-src", "perl", "scripts" ] -members = [ - "pve-rs", - "pmg-rs", -] - -[workspace.package] -authors = ["Proxmox Support Team "] -edition = "2021" -license = "AGPL-3" -repository = "https://git.proxmox.com/?p=proxmox.git" - -[workspace.dependencies] -anyhow = "1.0" -base32 = "0.4" -base64 = "0.13" -env_logger = "0.9" -hex = "0.4" -http = "0.2.7" -libc = "0.2" -nix = "0.26" -openssl = "0.10.40" -serde = "1.0" -serde_bytes = "0.11" -serde_json = "1.0" -url = "2" - -perlmod = { version = "0.13", features = [ "exporter" ] } - -proxmox-acme-rs = { version = "0.4", features = ["client"] } -proxmox-apt = "0.9" -proxmox-http = { version = "0.8", features = ["client-sync", "client-trait"] } -proxmox-openid = "0.9.8" -proxmox-resource-scheduling = "0.2.1" -proxmox-subscription = "0.3" -proxmox-sys = "0.4.2" -proxmox-tfa = { version = "4", features = ["api"] } -proxmox-time = "1.1.3" - -[patch.crates-io] -# proxmox-tfa requires -time and -uuid as well, so enable *all* or *none* of them -#proxmox-tfa = { path = "../proxmox/proxmox-tfa" } -#proxmox-time = { path = "../proxmox/proxmox-time" } -#proxmox-uuid = { path = "../proxmox/proxmox-uuid" } diff --git a/Makefile b/Makefile index a1ed278e..bffe2c99 100644 --- a/Makefile +++ b/Makefile @@ -2,19 +2,9 @@ CARGO ?= cargo ifeq ($(BUILD_MODE), release) CARGO_BUILD_ARGS += --release -DEBUG_LIBPATH := else -DEBUG_LIBPATH := "-L./target/debug", endif -define upload_template - cd build; \ - dcmd --deb lib$(1)-rs-perl*.changes \ - | grep -v '.changes$$' \ - | tar -cf "$@.tar" -T-; \ - cat "$@.tar" | ssh -X repoman@repo.proxmox.com upload --product $(2) --dist bullseye -endef - .PHONY: all all: ifeq ($(BUILD_TARGET), pve) @@ -27,10 +17,6 @@ else @echo " - make pmg" endif -.PHONY: pve pmg -pve pmg: - $(CARGO) build $(CARGO_BUILD_ARGS) -p $@-rs - build: rm -rf build mkdir build @@ -47,30 +33,13 @@ build: done # So the common packages end up in ./build, rather than ./build/common mv ./build/common/pkg ./build/common-pkg - -pve-deb: build - cd ./build/pve-rs && dpkg-buildpackage -b -uc -us - touch $@ - -pmg-deb: build - cd ./build/pmg-rs && dpkg-buildpackage -b -uc -us - touch $@ - -common-deb: build - cd ./build/common-pkg && dpkg-buildpackage -b -uc -us - touch $@ - -pve-upload: pve-deb - $(call upload_template,pve,pve) -pmg-upload: pmg-deb - $(call upload_template,pmg,pmg) - -# need to put into variable to ensure comma isn't interpreted as param separator on call -common_target=pve,pmg -common-upload: common-deb - $(call upload_template,proxmox,$(common_target)) - -.PHONY: clean -clean: - cargo clean - rm -rf ./build ./PVE ./PMG ./pve-deb ./pmg-deb ./common-deb +# Copy the workspace root into the sources + mkdir build/pve-rs/.workspace + cp -t build/pve-rs/.workspace Cargo.toml + sed -i -e '/\[package\]/a\workspace = ".workspace"' build/pve-rs/Cargo.toml +# Clear the member array and replace it with ".." + sed -i -e '/^members = \[/,/^]$$/d' build/pve-rs/.workspace/Cargo.toml + sed -i -e '/^\[workspace\]/a\members = [ ".." ]' build/pve-rs/.workspace/Cargo.toml +# Copy the cargo config + mkdir build/pve-rs/.cargo + cp -t build/pve-rs/.cargo .cargo/config diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 4e176af9..e3e2a6b9 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -2,10 +2,11 @@ name = "pmg-rs" version = "0.6.2" description = "PMG parts which have been ported to rust" -authors.workspace = true -edition.workspace = true -license.workspace = true -repository.workspace = true +homepage = "https://www.proxmox.com" +authors = ["Proxmox Support Team "] +edition = "2021" +license = "AGPL-3" +repository = "https://git.proxmox.com/?p=proxmox.git" exclude = [ "build", @@ -17,24 +18,24 @@ exclude = [ crate-type = [ "cdylib" ] [dependencies] -anyhow.workspace = true -env_logger.workspace = true -hex.workspace = true -http.workspace = true -libc.workspace = true -nix.workspace = true -openssl.workspace = true -serde.workspace = true -serde_bytes.workspace = true -serde_json.workspace = true -url.workspace = true +anyhow = "1.0" +env_logger = "0.9" +hex = "0.4" +http = "0.2.7" +libc = "0.2" +nix = "0.26" +openssl = "0.10.40" +serde = "1.0" +serde_bytes = "0.11" +serde_json = "1.0" +url = "2" -perlmod.workspace = true +perlmod = { version = "0.13", features = [ "exporter" ] } -proxmox-acme-rs.workspace = true -proxmox-apt.workspace = true -proxmox-http.workspace = true -proxmox-subscription.workspace = true -proxmox-sys.workspace = true -proxmox-tfa.workspace = true -proxmox-time.workspace = true +proxmox-acme-rs = { version = "0.4", features = ["client"] } +proxmox-apt = "0.9" +proxmox-http = { version = "0.8", features = ["client-sync", "client-trait"] } +proxmox-subscription = "0.3" +proxmox-sys = "0.4.2" +proxmox-tfa = { version = "4", features = ["api"] } +proxmox-time = "1.1.3" diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 4b47c60e..a6ec5780 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -3,10 +3,10 @@ name = "pve-rs" version = "0.7.6" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" -authors.workspace = true -edition.workspace = true -license.workspace = true -repository.workspace = true +authors = ["Proxmox Support Team "] +edition = "2021" +license = "AGPL-3" +repository = "https://git.proxmox.com/?p=proxmox.git" exclude = [ "debian", @@ -16,27 +16,27 @@ exclude = [ crate-type = [ "cdylib" ] [dependencies] -anyhow.workspace = true -base32.workspace = true -base64.workspace = true -env_logger.workspace = true -hex.workspace = true -http.workspace = true -libc.workspace = true -nix.workspace = true -openssl.workspace = true -serde.workspace = true -serde_bytes.workspace = true -serde_json.workspace = true -url.workspace = true +anyhow = "1.0" +base32 = "0.4" +base64 = "0.13" +env_logger = "0.9" +hex = "0.4" +http = "0.2.7" +libc = "0.2" +nix = "0.26" +openssl = "0.10.40" +serde = "1.0" +serde_bytes = "0.11" +serde_json = "1.0" +url = "2" -perlmod.workspace = true +perlmod = { version = "0.13", features = [ "exporter" ] } -proxmox-apt.workspace = true -proxmox-http.workspace = true -proxmox-openid.workspace = true -proxmox-resource-scheduling.workspace = true -proxmox-subscription.workspace = true -proxmox-sys.workspace = true -proxmox-tfa.workspace = true -proxmox-time.workspace = true +proxmox-apt = "0.9" +proxmox-http = { version = "0.8", features = ["client-sync", "client-trait"] } +proxmox-openid = "0.9.8" +proxmox-resource-scheduling = "0.3.0" +proxmox-subscription = "0.3" +proxmox-sys = "0.4.2" +proxmox-tfa = { version = "4", features = ["api"] } +proxmox-time = "1.1.3" From f8630041596b9403610e3c8704cf95cad097753f Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 17 May 2023 09:37:31 +0200 Subject: [PATCH 028/114] buildsys: make pve-rs sbuild compatible Signed-off-by: Wolfgang Bumiller --- {.cargo => pve-rs/.cargo}/config | 0 pve-rs/Makefile | 45 ++++++++++++++++++-------------- pve-rs/debian/compat | 1 - pve-rs/debian/control | 2 +- 4 files changed, 26 insertions(+), 22 deletions(-) rename {.cargo => pve-rs/.cargo}/config (100%) delete mode 100644 pve-rs/debian/compat diff --git a/.cargo/config b/pve-rs/.cargo/config similarity index 100% rename from .cargo/config rename to pve-rs/.cargo/config diff --git a/pve-rs/Makefile b/pve-rs/Makefile index 8428f45b..16c3907b 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -1,5 +1,4 @@ include /usr/share/dpkg/pkg-info.mk -include /usr/share/dpkg/default.mk PACKAGE=libpve-rs-perl export PERLMOD_PRODUCT=PVE @@ -10,10 +9,11 @@ export GITVERSION:=$(shell git rev-parse HEAD) PERL_INSTALLVENDORARCH != perl -MConfig -e 'print $$Config{installvendorarch};' PERL_INSTALLVENDORLIB != perl -MConfig -e 'print $$Config{installvendorlib};' -MAIN_DEB=${PACKAGE}_${DEB_VERSION}_${ARCH}.deb -DBGSYM_DEB=${PACKAGE}-dbgsym_${DEB_VERSION}_${ARCH}.deb +MAIN_DEB=$(PACKAGE)_$(DEB_VERSION)_$(ARCH).deb +DBGSYM_DEB=$(PACKAGE)-dbgsym_$(DEB_VERSION)_$(ARCH).deb DEBS=$(MAIN_DEB) $(DBGSYM_DEB) -DSC=${PACKAGE}_${DEB_VERSION_UPSTREAM_REVISION}.dsc +DSC=$(PACKAGE)_$(DEB_VERSION_UPSTREAM_REVISION).dsc +BUILDDIR ?= $(PACKAGE)-$(DEB_VERSION_UPSTREAM) DESTDIR= @@ -39,13 +39,11 @@ TARGET_DIR=debug endif all: PVE -ifneq ($(BUILD_MODE), skip) cargo build $(CARGO_BUILD_ARGS) mkdir -p test/Proxmox/Lib sed -r -e \ - 's@^sub libdirs.*$$@sub libdirs { return ("../target/$(TARGET_DIR)", "../../target/$(TARGET_DIR)"); }@' \ + 's@^sub libdirs.*$$@sub libdirs { return ("./target/$(TARGET_DIR)", "./../target/$(TARGET_DIR)"); }@' \ Proxmox/Lib/PVE.pm >test/Proxmox/Lib/PVE.pm -endif PVE: Proxmox/Lib/PVE.pm Proxmox/Lib/PVE.pm: @@ -55,37 +53,44 @@ check: all $(MAKE) -C test test .PHONY: install -install: ../target/release/libpve_rs.so Proxmox/Lib/PVE.pm PVE +install: target/release/libpve_rs.so Proxmox/Lib/PVE.pm PVE install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto - install -m644 ../target/release/libpve_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpve_rs.so + install -m644 target/release/libpve_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpve_rs.so install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib install -m644 Proxmox/Lib/PVE.pm $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib/PVE.pm find $(PM_DIR) \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' -distclean: clean - clean: cargo clean - rm -rf *.deb *.dsc *.tar.gz *.buildinfo *.changes Cargo.lock + rm -rf *.deb *.dsc *.tar.gz *.buildinfo *.changes Cargo.lock *.tar.?z *.build + rm -rf $(PACKAGE)-[0-9]*/ find . -name '*~' -exec rm {} ';' .PHONY: dinstall -dinstall: ${DEBS} - dpkg -i ${DEBS} +dinstall: $(DEBS) + dpkg -i $(DEBS) .PHONY: upload upload: UPLOAD_DIST ?= $(DEB_DISTRIBUTION) -upload: ${DEBS} +upload: $(DEBS) # check if working directory is clean git diff --exit-code --stat && git diff --exit-code --stat --staged - tar cf - ${DEBS} | ssh -X repoman@repo.proxmox.com upload --product pve --dist $(DEB_DISTRIBUTION) + tar cf - $(DEBS) | ssh -X repoman@repo.proxmox.com upload --product pve --dist $(DEB_DISTRIBUTION) + +$(BUILDDIR): src debian test common/src Cargo.toml Makefile .cargo/config + rm -rf $(BUILDDIR) $(BUILDDIR).tmp + mkdir $(BUILDDIR).tmp + mkdir $(BUILDDIR).tmp/common + cp -a -t $(BUILDDIR).tmp src debian test Cargo.toml Makefile .cargo + cp -a -t $(BUILDDIR).tmp/common common/src + mv $(BUILDDIR).tmp $(BUILDDIR) .PHONY: dsc -dsc: ${DSC} -${DSC}: ${BUILDDIR} - cd ${BUILDDIR}; dpkg-buildpackage -S -us -uc -d - lintian ${DSC} +dsc: $(DSC) +$(DSC): $(BUILDDIR) + cd $(BUILDDIR); PATH="/usr/local/bin:/usr/bin" dpkg-buildpackage -S -us -uc -d + lintian $(DSC) sbuild: $(DSC) sbuild $(DSC) diff --git a/pve-rs/debian/compat b/pve-rs/debian/compat deleted file mode 100644 index f599e28b..00000000 --- a/pve-rs/debian/compat +++ /dev/null @@ -1 +0,0 @@ -10 diff --git a/pve-rs/debian/control b/pve-rs/debian/control index fed874c8..90bdd5d6 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -2,7 +2,7 @@ Source: libpve-rs-perl Section: perl Priority: optional Build-Depends: - debhelper (>= 12), + debhelper-compat (= 13), dh-cargo (>= 24), perlmod-bin, cargo:native , From 1b499b76116bda81ed4ff2a89c17bb0cb2944e39 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 16 May 2023 14:29:16 +0200 Subject: [PATCH 029/114] bump pve-rs to 0.8.0 Signed-off-by: Wolfgang Bumiller --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/changelog | 6 ++++++ pve-rs/debian/control | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index a6ec5780..9012909a 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.7.6" +version = "0.8.0" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index 663fddc5..be29742c 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,9 @@ +libpve-rs-perl (0.8.0) bookworm; urgency=medium + + * rebuild for Debian 12 Bookworm based release series + + -- Proxmox Support Team Tue, 16 May 2023 14:26:52 +0200 + libpve-rs-perl (0.7.6) bullseye; urgency=medium * update to new tfa crate diff --git a/pve-rs/debian/control b/pve-rs/debian/control index 90bdd5d6..c6847fd6 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -24,7 +24,7 @@ Build-Depends: librust-proxmox-http-0.8+client-trait-dev, librust-proxmox-http-0.8+default-dev, librust-proxmox-openid-0.9+default-dev (>= 0.9.8-~~), - librust-proxmox-resource-scheduling-0.2+default-dev (>= 0.2.1-~~), + librust-proxmox-resource-scheduling-0.3+default-dev, librust-proxmox-subscription-0.3+default-dev, librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), librust-proxmox-tfa-4+api-dev, From 3255c3b59cb4ce4739103da50ec0e67527fe91b1 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 17 May 2023 15:43:28 +0200 Subject: [PATCH 030/114] buildsys: pmg-rs: dsc and sbuild updates Signed-off-by: Wolfgang Bumiller --- pmg-rs/.cargo/config | 5 +++++ pmg-rs/Makefile | 43 +++++++++++++++++++++++++++++++------------ pmg-rs/debian/compat | 1 - pmg-rs/debian/control | 3 +-- 4 files changed, 37 insertions(+), 15 deletions(-) create mode 100644 pmg-rs/.cargo/config delete mode 100644 pmg-rs/debian/compat diff --git a/pmg-rs/.cargo/config b/pmg-rs/.cargo/config new file mode 100644 index 00000000..3b5b6e48 --- /dev/null +++ b/pmg-rs/.cargo/config @@ -0,0 +1,5 @@ +[source] +[source.debian-packages] +directory = "/usr/share/cargo/registry" +[source.crates-io] +replace-with = "debian-packages" diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index 28e1ea84..6d14e0e4 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -1,4 +1,4 @@ -include /usr/share/dpkg/default.mk +include /usr/share/dpkg/pkg-info.mk PACKAGE=libpmg-rs-perl @@ -8,9 +8,11 @@ export GITVERSION:=$(shell git rev-parse HEAD) PERL_INSTALLVENDORARCH != perl -MConfig -e 'print $$Config{installvendorarch};' PERL_INSTALLVENDORLIB != perl -MConfig -e 'print $$Config{installvendorlib};' -MAIN_DEB=${PACKAGE}_${DEB_VERSION}_${ARCH}.deb -DBGSYM_DEB=${PACKAGE}-dbgsym_${DEB_VERSION}_${ARCH}.deb +MAIN_DEB=$(PACKAGE)_$(DEB_VERSION)_$(ARCH).deb +DBGSYM_DEB=$(PACKAGE)-dbgsym_$(DEB_VERSION)_$(ARCH).deb DEBS=$(MAIN_DEB) $(DBGSYM_DEB) +DSC=$(PACKAGE)_$(DEB_VERSION_UPSTREAM_REVISION).dsc +BUILDDIR ?= $(PACKAGE)-$(DEB_VERSION_UPSTREAM) DESTDIR= @@ -36,19 +38,17 @@ else TARGET_DIR=debug endif -all: -ifneq ($(BUILD_MODE), skip) +all: PMG cargo build $(CARGO_BUILD_ARGS) -endif PMG: Proxmox/Lib/PMG.pm Proxmox/Lib/PMG.pm: $(PERLMOD_GENPACKAGE) $(PERLMOD_PACKAGES) .PHONY: install -install: ../target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG +install: target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto - install -m644 ../target/release/libpmg_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpmg_rs.so + install -m644 target/release/libpmg_rs.so $(DESTDIR)$(PERL_INSTALLVENDORARCH)/auto/libpmg_rs.so install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB) install -d -m755 $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib install -m644 Proxmox/Lib/PMG.pm $(DESTDIR)$(PERL_INSTALLVENDORLIB)/Proxmox/Lib/PMG.pm @@ -59,14 +59,33 @@ distclean: clean clean: cargo clean rm -rf *.deb *.dsc *.tar.gz *.buildinfo *.changes Cargo.lock + rm -rf $(PACKAGE)-[0-9]*/ find . -name '*~' -exec rm {} ';' .PHONY: dinstall -dinstall: ${DEBS} - dpkg -i ${DEBS} +dinstall: $(DEBS) + dpkg -i $(DEBS) .PHONY: upload -upload: ${DEBS} +upload: UPLOAD_DIST ?= $(DEB_DISTRIBUTION) +upload: $(DEBS) # check if working directory is clean git diff --exit-code --stat && git diff --exit-code --stat --staged - tar cf - ${DEBS} | ssh -X repoman@repo.proxmox.com upload --product pmg --dist bullseye + tar cf - $(DEBS) | ssh -X repoman@repo.proxmox.com upload --product pmg --dist $(DEB_DISTRIBUTION) + +$(BUILDDIR): src debian common/src Cargo.toml Makefile .cargo/config + rm -rf $(BUILDDIR) $(BUILDDIR).tmp + mkdir $(BUILDDIR).tmp + mkdir $(BUILDDIR).tmp/common + cp -a -t $(BUILDDIR).tmp src debian Cargo.toml Makefile .cargo + cp -a -t $(BUILDDIR).tmp/common common/src + mv $(BUILDDIR).tmp $(BUILDDIR) + +.PHONY: dsc +dsc: $(DSC) +$(DSC): $(BUILDDIR) + cd $(BUILDDIR); PATH="/usr/local/bin:/usr/bin" dpkg-buildpackage -S -us -uc -d + lintian $(DSC) + +sbuild: $(DSC) + sbuild $(DSC) diff --git a/pmg-rs/debian/compat b/pmg-rs/debian/compat deleted file mode 100644 index 48082f72..00000000 --- a/pmg-rs/debian/compat +++ /dev/null @@ -1 +0,0 @@ -12 diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index f0b31a63..8f7910fa 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -3,12 +3,11 @@ Section: perl Priority: optional Maintainer: Proxmox Support Team Build-Depends: - debhelper (>= 12), + debhelper-compat (= 13), dh-cargo (>= 24), perlmod-bin, cargo:native , rustc:native , - libstd-rust-dev , librust-anyhow-1+default-dev, librust-env-logger-0.9+default-dev, librust-hex-0.4+default-dev, From 4917bd4ead20f3ebf54c4e025a856d0ba7509cf2 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 17 May 2023 15:49:08 +0200 Subject: [PATCH 031/114] bump proxmox-rs-perl to 0.3.0, pmg-rs to 0.7.0 Signed-off-by: Wolfgang Bumiller --- common/pkg/Makefile | 34 +++++++++++++++++++++++++++++----- common/pkg/debian/changelog | 6 ++++++ common/pkg/debian/compat | 1 - common/pkg/debian/control | 3 ++- pmg-rs/debian/changelog | 6 ++++++ 5 files changed, 43 insertions(+), 7 deletions(-) delete mode 100644 common/pkg/debian/compat diff --git a/common/pkg/Makefile b/common/pkg/Makefile index 88ab0849..9d7a5581 100644 --- a/common/pkg/Makefile +++ b/common/pkg/Makefile @@ -1,4 +1,4 @@ -include /usr/share/dpkg/default.mk +include /usr/share/dpkg/pkg-info.mk PACKAGE=libproxmox-rs-perl @@ -8,7 +8,9 @@ export GITVERSION:=$(shell git rev-parse HEAD) PERL_INSTALLVENDORARCH != perl -MConfig -e 'print $$Config{installvendorarch};' PERL_INSTALLVENDORLIB != perl -MConfig -e 'print $$Config{installvendorlib};' -DEB=${PACKAGE}_${DEB_VERSION}_${ARCH}.deb +DEB=$(PACKAGE)_$(DEB_VERSION)_$(ARCH).deb +DSC=$(PACKAGE)_$(DEB_VERSION_UPSTREAM_REVISION).dsc +BUILDDIR ?= $(PACKAGE)-$(DEB_VERSION_UPSTREAM) DESTDIR= @@ -34,8 +36,30 @@ install: Proxmox/RS/CalendarEvent.pm find PVE \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' find Proxmox \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' +$(BUILDDIR): debian PVE Proxmox Makefile + rm -rf $(BUILDDIR) $(BUILDDIR).tmp + mkdir $(BUILDDIR).tmp + cp -t $(BUILDDIR).tmp -a debian PVE Proxmox Makefile + mv $(BUILDDIR).tmp $(BUILDDIR) + .PHONY: deb deb: $(DEB) -$(DEB): build - cd build; dpkg-buildpackage -b -us -uc --no-pre-clean - lintian $(DEBS) +$(DEB): $(BUILDDIR) + cd $(BUILDDIR); dpkg-buildpackage -b -us -uc --no-pre-clean + lintian $(DEB) + +.PHONY: dsc +dsc: $(DSC) +$(DSC): $(BUILDDIR) + cd $(BUILDDIR); dpkg-buildpackage -S -us -uc -d + lintian $(DSC) + +sbuild: $(DSC) + sbuild $(DSC) + +.PHONY: upload +upload: UPLOAD_DIST ?= $(DEB_DISTRIBUTION) +upload: $(DEB) + # check if working directory is clean + git diff --exit-code --stat && git diff --exit-code --stat --staged + tar cf - $(DEB) | ssh -X repoman@repo.proxmox.com upload --product pve,pmg --dist $(DEB_DISTRIBUTION) diff --git a/common/pkg/debian/changelog b/common/pkg/debian/changelog index 1593980b..30891260 100644 --- a/common/pkg/debian/changelog +++ b/common/pkg/debian/changelog @@ -1,3 +1,9 @@ +libproxmox-rs-perl (0.3.0) bullseye; urgency=medium + + * rebuild for Debian 12 Bookworm based release series + + -- Proxmox Support Team Wed, 17 May 2023 15:48:41 +0200 + libproxmox-rs-perl (0.2.1) bullseye; urgency=medium * update to proxmox-subscription 0.3 / proxmox-http 0.7 diff --git a/common/pkg/debian/compat b/common/pkg/debian/compat deleted file mode 100644 index 48082f72..00000000 --- a/common/pkg/debian/compat +++ /dev/null @@ -1 +0,0 @@ -12 diff --git a/common/pkg/debian/control b/common/pkg/debian/control index ff819c0d..cf158614 100644 --- a/common/pkg/debian/control +++ b/common/pkg/debian/control @@ -2,7 +2,8 @@ Source: libproxmox-rs-perl Section: perl Priority: optional Build-Depends: - debhelper (>= 12), + debhelper-compat (= 13), + perlmod-bin, Maintainer: Proxmox Support Team Standards-Version: 4.5.1 Vcs-Git: git://git.proxmox.com/git/proxmox-perl-rs.git diff --git a/pmg-rs/debian/changelog b/pmg-rs/debian/changelog index 90f61b1c..f7fdf2b1 100644 --- a/pmg-rs/debian/changelog +++ b/pmg-rs/debian/changelog @@ -1,3 +1,9 @@ +libpmg-rs-perl (0.7.0) bullseye; urgency=medium + + * rebuild for Debian 12 Bookworm based release series + + -- Proxmox Support Team Wed, 17 May 2023 15:48:43 +0200 + libpmg-rs-perl (0.6.2) bullseye; urgency=medium * update to proxmox-subscription 0.3 / proxmox-http 0.7 From 6beb0ffa6bbd93d9436a2e42e99c48b9f1076ff0 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 17 May 2023 15:57:02 +0200 Subject: [PATCH 032/114] buildsys: add missing deb targets Signed-off-by: Wolfgang Bumiller --- pmg-rs/Makefile | 6 ++++++ pve-rs/Makefile | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index 6d14e0e4..9c765207 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -81,6 +81,12 @@ $(BUILDDIR): src debian common/src Cargo.toml Makefile .cargo/config cp -a -t $(BUILDDIR).tmp/common common/src mv $(BUILDDIR).tmp $(BUILDDIR) +.PHONY: deb +deb: $(DEBS) +$(DEBS): $(BUILDDIR) + cd $(BUILDDIR); PATH="/usr/local/bin:/usr/bin" dpkg-buildpackage -b -us -uc + lintian $(DEBS) + .PHONY: dsc dsc: $(DSC) $(DSC): $(BUILDDIR) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index 16c3907b..741cac5d 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -86,6 +86,12 @@ $(BUILDDIR): src debian test common/src Cargo.toml Makefile .cargo/config cp -a -t $(BUILDDIR).tmp/common common/src mv $(BUILDDIR).tmp $(BUILDDIR) +.PHONY: deb +deb: $(DEBS) +$(DEBS): $(BUILDDIR) + cd $(BUILDDIR); PATH="/usr/local/bin:/usr/bin" dpkg-buildpackage -b -us -uc + lintian $(DEBS) + .PHONY: dsc dsc: $(DSC) $(DSC): $(BUILDDIR) From c0bc3436ee11e1b1f8429d07015b7a1d89a347c5 Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Thu, 18 May 2023 11:43:46 +0200 Subject: [PATCH 033/114] pmg: d/changelog: fixup distribution to bookworm this release got uploaded to bookworm only. Signed-off-by: Thomas Lamprecht --- pmg-rs/debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pmg-rs/debian/changelog b/pmg-rs/debian/changelog index f7fdf2b1..53b2c3bd 100644 --- a/pmg-rs/debian/changelog +++ b/pmg-rs/debian/changelog @@ -1,4 +1,4 @@ -libpmg-rs-perl (0.7.0) bullseye; urgency=medium +libpmg-rs-perl (0.7.0) bookworm; urgency=medium * rebuild for Debian 12 Bookworm based release series From f7a9ddfdfdb3ff8f1ab9dc22dc1ce70026a694f5 Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Thu, 18 May 2023 11:59:07 +0200 Subject: [PATCH 034/114] buildsys: cleanup and expand clean target Signed-off-by: Thomas Lamprecht --- pmg-rs/Makefile | 4 +--- pve-rs/Makefile | 3 +-- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index 9c765207..d738337c 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -55,12 +55,10 @@ install: target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG find $(PM_DIR) \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' distclean: clean - clean: cargo clean - rm -rf *.deb *.dsc *.tar.gz *.buildinfo *.changes Cargo.lock + rm -f *.deb *.dsc *.tar.* *.build *.buildinfo *.changes Cargo.lock rm -rf $(PACKAGE)-[0-9]*/ - find . -name '*~' -exec rm {} ';' .PHONY: dinstall dinstall: $(DEBS) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index 741cac5d..de35c699 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -63,9 +63,8 @@ install: target/release/libpve_rs.so Proxmox/Lib/PVE.pm PVE clean: cargo clean - rm -rf *.deb *.dsc *.tar.gz *.buildinfo *.changes Cargo.lock *.tar.?z *.build + rm -f *.deb *.dsc *.tar.* *.build *.buildinfo *.changes Cargo.lock rm -rf $(PACKAGE)-[0-9]*/ - find . -name '*~' -exec rm {} ';' .PHONY: dinstall dinstall: $(DEBS) From 0d049201e9661ab9b3fcac96b46b8240496d6c8a Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Thu, 18 May 2023 12:26:20 +0200 Subject: [PATCH 035/114] pmg: refresh d/control and note that debcargo.toml isn't canonical source Also run `wrap-and-sort -tkn` Signed-off-by: Thomas Lamprecht --- pmg-rs/debian/control | 67 +++++++++++++++++++------------------ pmg-rs/debian/debcargo.toml | 27 +++++++++++++-- 2 files changed, 59 insertions(+), 35 deletions(-) diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 8f7910fa..97769783 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -1,43 +1,46 @@ Source: libpmg-rs-perl Section: perl Priority: optional +Build-Depends: cargo:native , + debhelper-compat (= 13), + dh-cargo (>= 25), + librust-anyhow-1+default-dev , + librust-env-logger-0.9+default-dev , + librust-hex-0.4+default-dev , + librust-http-0.2+default-dev (>= 0.2.7-~~) , + librust-libc-0.2+default-dev , + librust-nix-0.26+default-dev , + librust-openssl-0.10+default-dev (>= 0.10.40-~~) , + librust-perlmod-0.13+default-dev , + librust-perlmod-0.13+exporter-dev , + librust-proxmox-acme-rs-0.4+client-dev , + librust-proxmox-acme-rs-0.4+default-dev , + librust-proxmox-apt-0.9+default-dev , + librust-proxmox-http-0.8+client-sync-dev , + librust-proxmox-http-0.8+client-trait-dev , + librust-proxmox-http-0.8+default-dev , + librust-proxmox-subscription-0.3+default-dev , + librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~) , + librust-proxmox-tfa-4+api-dev , + librust-proxmox-tfa-4+default-dev , + librust-proxmox-time-1+default-dev (>= 1.1.3-~~) , + librust-serde-1+default-dev , + librust-serde-bytes-0.11+default-dev , + librust-serde-json-1+default-dev , + librust-url-2+default-dev , + libstd-rust-dev , + perlmod-bin, + rustc:native , Maintainer: Proxmox Support Team -Build-Depends: - debhelper-compat (= 13), - dh-cargo (>= 24), - perlmod-bin, - cargo:native , - rustc:native , - librust-anyhow-1+default-dev, - librust-env-logger-0.9+default-dev, - librust-hex-0.4+default-dev, - librust-http-0.2+default-dev (>= 0.2.7-~~), - librust-libc-0.2+default-dev, - librust-nix-0.26+default-dev, - librust-openssl-0.10+default-dev (>= 0.10.40-~~), - librust-perlmod-0.13+default-dev, - librust-perlmod-0.13+exporter-dev, - librust-proxmox-acme-rs-0.4+client-dev, - librust-proxmox-acme-rs-0.4+default-dev, - librust-proxmox-apt-0.9+default-dev, - librust-proxmox-http-0.8+client-sync-dev, - librust-proxmox-http-0.8+client-trait-dev, - librust-proxmox-http-0.8+default-dev, - librust-proxmox-subscription-0.3+default-dev, - librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), - librust-proxmox-tfa-4+api-dev, - librust-proxmox-tfa-4+default-dev, - librust-proxmox-time-1+default-dev (>= 1.1.3-~~), - librust-serde-1+default-dev, - librust-serde-bytes-0.11+default-dev, - librust-serde-json-1+default-dev, - librust-url-2+default-dev, -Standards-Version: 4.3.0 +Standards-Version: 4.6.1 +Vcs-Git: git://git.proxmox.com/git/proxmox-perl-rs.git +Vcs-Browser: https://git.proxmox.com/?p=proxmox-perl-rs.git Homepage: https://www.proxmox.com Package: libpmg-rs-perl Architecture: any -Depends: ${perl:Depends}, +Depends: ${misc:Depends}, + ${perl:Depends}, ${shlibs:Depends}, Description: Components of Proxmox Mail Gateway which have been ported to Rust. Contains parts of Proxmox Mail Gateway which have been ported to, or newly diff --git a/pmg-rs/debian/debcargo.toml b/pmg-rs/debian/debcargo.toml index 8aa085f5..76092e49 100644 --- a/pmg-rs/debian/debcargo.toml +++ b/pmg-rs/debian/debcargo.toml @@ -1,10 +1,31 @@ +# WARNING: this is *NOT* use as canonical source for d/control, but rather occasionally used via +# an invocation like: +# make clean +# rm debian/control +# debcargo package --config debian/debcargo.toml --changelog-ready --no-overlay-write-back --directory libpmg-rs-perl-0.7.1 pmg-rs 0.7.1 +# mv libpmg-rs-perl-0.7.1/debian/control debian/control +# to semi.manually refresh the control file +# +# NOTE: debcargo thinks this is a source package, but it isn't! Drop provides, the dependencies of +# the binary package on rust source packages, Multi-Arch same, and other things that do not make +# sense for a combined perl + arch-dependent library package. + overlay = "." crate_src_path = ".." maintainer = "Proxmox Support Team " [source] section = "perl" -vcs_git = "git://git.proxmox.com/git/proxmox.git" -vcs_browser = "https://git.proxmox.com/?p=proxmox.git" +vcs_git = "git://git.proxmox.com/git/proxmox-perl-rs.git" +vcs_browser = "https://git.proxmox.com/?p=proxmox-perl-rs.git" +build_depends = [ + "perlmod-bin", +] -[packages.libpmg-rs-perl] +[packages.bin] +name = "libpmg-rs-perl" +summary = "Components of Proxmox Mail Gateway which have been ported to Rust." +description = """ +Contains parts of Proxmox Mail Gateway which have been ported to, or newly +implemented in the Rust programming language. +""" From 6b92c01349904804e2ee478ab57c0012fdcf7867 Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Thu, 18 May 2023 12:01:56 +0200 Subject: [PATCH 036/114] pmg: bump version to 0.7.1 as the cargo one wasn't bumped, d/changelog still listed bullseye as distribution for the original 0.7.0 upload and d/control was a bit dusted, so to avoid any confusion just re-bumped with no actual code change. Signed-off-by: Thomas Lamprecht --- pmg-rs/Cargo.toml | 2 +- pmg-rs/debian/changelog | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index e3e2a6b9..aade999e 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pmg-rs" -version = "0.6.2" +version = "0.7.1" description = "PMG parts which have been ported to rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pmg-rs/debian/changelog b/pmg-rs/debian/changelog index 53b2c3bd..09a945e0 100644 --- a/pmg-rs/debian/changelog +++ b/pmg-rs/debian/changelog @@ -1,8 +1,8 @@ -libpmg-rs-perl (0.7.0) bookworm; urgency=medium +libpmg-rs-perl (0.7.1) bookworm; urgency=medium * rebuild for Debian 12 Bookworm based release series - -- Proxmox Support Team Wed, 17 May 2023 15:48:43 +0200 + -- Proxmox Support Team Thu, 18 May 2023 12:01:08 +0200 libpmg-rs-perl (0.6.2) bullseye; urgency=medium From a53d4737d399927c5cc2439369cae7ce09c61bbc Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Thu, 18 May 2023 12:30:23 +0200 Subject: [PATCH 037/114] common: d/changelog: fixup distribution to bookworm got (correctly) uploaded to bookworm, not bullseye Signed-off-by: Thomas Lamprecht --- common/pkg/debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/pkg/debian/changelog b/common/pkg/debian/changelog index 30891260..aeb227fb 100644 --- a/common/pkg/debian/changelog +++ b/common/pkg/debian/changelog @@ -1,4 +1,4 @@ -libproxmox-rs-perl (0.3.0) bullseye; urgency=medium +libproxmox-rs-perl (0.3.0) bookworm; urgency=medium * rebuild for Debian 12 Bookworm based release series From e3d4bb03c9fc5fa9212757434c955366b4f7b42c Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Thu, 18 May 2023 12:45:44 +0200 Subject: [PATCH 038/114] common: wrap-and-sort & refresh Signed-off-by: Thomas Lamprecht --- common/pkg/debian/control | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/common/pkg/debian/control b/common/pkg/debian/control index cf158614..6fdf25e3 100644 --- a/common/pkg/debian/control +++ b/common/pkg/debian/control @@ -1,11 +1,9 @@ Source: libproxmox-rs-perl Section: perl Priority: optional -Build-Depends: - debhelper-compat (= 13), - perlmod-bin, +Build-Depends: debhelper-compat (= 13), perlmod-bin, Maintainer: Proxmox Support Team -Standards-Version: 4.5.1 +Standards-Version: 4.6.2 Vcs-Git: git://git.proxmox.com/git/proxmox-perl-rs.git Vcs-Browser: https://git.proxmox.com/?p=proxmox-perl-rs.git Homepage: https://www.proxmox.com @@ -15,15 +13,12 @@ Package: libproxmox-rs-perl Architecture: any # always bump both versioned Depends and Breaks, otherwise systems with both # libpmg-rs-perl and libpve-rs-perl might load an outdated lib and break -Depends: - ${misc:Depends}, - ${perl:Depends}, - ${shlibs:Depends}, - libpve-rs-perl (>= 0.7.2) | libpmg-rs-perl (>= 0.6.2), -Breaks: - libpve-rs-perl (<< 0.7.2), - libpmg-rs-perl (<< 0.6.2), -Replaces: libpve-rs-perl (<< 0.6.0) -Description: PVE/PMG common parts which have been ported to Rust - Perl packages - Contains the perl side of modules provided by the libraries of both libpve-rs-perl and - libpmg-rs-perl, loading whichever is available. +Depends: libpve-rs-perl (>= 0.7.2) | libpmg-rs-perl (>= 0.6.2), + ${misc:Depends}, + ${perl:Depends}, + ${shlibs:Depends}, +Breaks: libpmg-rs-perl (<< 0.6.2), libpve-rs-perl (<< 0.7.2), +Replaces: libpve-rs-perl (<< 0.6.0), +Description: PVE/PMG common perl parts for Rust perlmod bindings + Contains the perl side of modules provided by the libraries of both + libpve-rs-perl and libpmg-rs-perl, loading whichever is available. From 181b19e2efa0b53ccc223311330e57147efa14c1 Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Thu, 18 May 2023 12:46:27 +0200 Subject: [PATCH 039/114] buildsys: add clean target for common package Signed-off-by: Thomas Lamprecht --- common/pkg/Makefile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/common/pkg/Makefile b/common/pkg/Makefile index 9d7a5581..7232f0c8 100644 --- a/common/pkg/Makefile +++ b/common/pkg/Makefile @@ -63,3 +63,7 @@ upload: $(DEB) # check if working directory is clean git diff --exit-code --stat && git diff --exit-code --stat --staged tar cf - $(DEB) | ssh -X repoman@repo.proxmox.com upload --product pve,pmg --dist $(DEB_DISTRIBUTION) + +clean: + rm -f *.deb *.dsc *.tar.* *.build *.buildinfo *.changes + rm -rf $(PACKAGE)-[0-9]*/ From f7bb45a38b40e35c6c5821d310b04f998e81b87b Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Thu, 18 May 2023 13:07:28 +0200 Subject: [PATCH 040/114] pve: update & wrap-and-sort d/control Signed-off-by: Thomas Lamprecht --- pve-rs/debian/control | 79 ++++++++++++++++++++----------------------- 1 file changed, 37 insertions(+), 42 deletions(-) diff --git a/pve-rs/debian/control b/pve-rs/debian/control index c6847fd6..a8bbad3b 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -1,41 +1,40 @@ Source: libpve-rs-perl Section: perl Priority: optional -Build-Depends: - debhelper-compat (= 13), - dh-cargo (>= 24), - perlmod-bin, - cargo:native , - rustc:native , - libstd-rust-dev , - librust-anyhow-1+default-dev, - librust-base32-0.4+default-dev, - librust-base64-0.13+default-dev, - librust-env-logger-0.9+default-dev, - librust-hex-0.4+default-dev, - librust-http-0.2+default-dev (>= 0.2.7-~~), - librust-libc-0.2+default-dev, - librust-nix-0.26+default-dev, - librust-openssl-0.10+default-dev (>= 0.10.40-~~), - librust-perlmod-0.13+default-dev, - librust-perlmod-0.13+exporter-dev, - librust-proxmox-apt-0.9+default-dev, - librust-proxmox-http-0.8+client-sync-dev, - librust-proxmox-http-0.8+client-trait-dev, - librust-proxmox-http-0.8+default-dev, - librust-proxmox-openid-0.9+default-dev (>= 0.9.8-~~), - librust-proxmox-resource-scheduling-0.3+default-dev, - librust-proxmox-subscription-0.3+default-dev, - librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~), - librust-proxmox-tfa-4+api-dev, - librust-proxmox-tfa-4+default-dev, - librust-proxmox-time-1+default-dev (>= 1.1.3-~~), - librust-serde-1+default-dev, - librust-serde-bytes-0.11+default-dev, - librust-serde-json-1+default-dev, - librust-url-2+default-dev, +Build-Depends: cargo:native , + debhelper-compat (= 13), + dh-cargo (>= 25), + librust-anyhow-1+default-dev , + librust-base32-0.4+default-dev , + librust-base64-0.13+default-dev , + librust-env-logger-0.9+default-dev , + librust-hex-0.4+default-dev , + librust-http-0.2+default-dev (>= 0.2.7-~~) , + librust-libc-0.2+default-dev , + librust-nix-0.26+default-dev , + librust-openssl-0.10+default-dev (>= 0.10.40-~~) , + librust-perlmod-0.13+default-dev , + librust-perlmod-0.13+exporter-dev , + librust-proxmox-apt-0.9+default-dev , + librust-proxmox-http-0.8+client-sync-dev , + librust-proxmox-http-0.8+client-trait-dev , + librust-proxmox-http-0.8+default-dev , + librust-proxmox-openid-0.9+default-dev (>= 0.9.8-~~) , + librust-proxmox-resource-scheduling-0.3+default-dev , + librust-proxmox-subscription-0.3+default-dev , + librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~) , + librust-proxmox-tfa-4+api-dev , + librust-proxmox-tfa-4+default-dev , + librust-proxmox-time-1+default-dev (>= 1.1.3-~~) , + librust-serde-1+default-dev , + librust-serde-bytes-0.11+default-dev , + librust-serde-json-1+default-dev , + librust-url-2+default-dev , + libstd-rust-dev , + perlmod-bin, + rustc:native , Maintainer: Proxmox Support Team -Standards-Version: 4.5.1 +Standards-Version: 4.6.1 Vcs-Git: git://git.proxmox.com/git/proxmox-perl-rs.git Vcs-Browser: https://git.proxmox.com/?p=proxmox-perl-rs.git Homepage: https://www.proxmox.com @@ -43,14 +42,10 @@ Rules-Requires-Root: no Package: libpve-rs-perl Architecture: any -Depends: - ${misc:Depends}, - ${perl:Depends}, - ${shlibs:Depends}, -Breaks: - libpve-access-control (<< 7.1-3), - libpve-common-perl (<< 7.1-4), - pve-manager (<< 7.1-11), +Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, +Breaks: libpve-access-control (<< 7.1-3), + libpve-common-perl (<< 7.1-4), + pve-manager (<< 7.1-11), Description: PVE parts which have been ported to Rust - Rust source code This package contains the source for the Rust pve-rs crate, packaged by debcargo for use with cargo and dh-cargo. From a4610c6a0f2ed9c119b9bfd27a7324d25e608bd0 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 24 May 2023 16:05:33 +0200 Subject: [PATCH 041/114] bump proxmox-apt,http,openid,subscription,sys crate dependencies Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 8 +++---- pmg-rs/debian/control | 48 +++++++++++++++++++-------------------- pve-rs/Cargo.toml | 10 ++++----- pve-rs/debian/control | 52 +++++++++++++++++++++---------------------- 4 files changed, 59 insertions(+), 59 deletions(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index aade999e..ed668827 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -33,9 +33,9 @@ url = "2" perlmod = { version = "0.13", features = [ "exporter" ] } proxmox-acme-rs = { version = "0.4", features = ["client"] } -proxmox-apt = "0.9" -proxmox-http = { version = "0.8", features = ["client-sync", "client-trait"] } -proxmox-subscription = "0.3" -proxmox-sys = "0.4.2" +proxmox-apt = "0.10" +proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } +proxmox-subscription = "0.4" +proxmox-sys = "0.5" proxmox-tfa = { version = "4", features = ["api"] } proxmox-time = "1.1.3" diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 97769783..bde32a9b 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -4,30 +4,30 @@ Priority: optional Build-Depends: cargo:native , debhelper-compat (= 13), dh-cargo (>= 25), - librust-anyhow-1+default-dev , - librust-env-logger-0.9+default-dev , - librust-hex-0.4+default-dev , - librust-http-0.2+default-dev (>= 0.2.7-~~) , - librust-libc-0.2+default-dev , - librust-nix-0.26+default-dev , - librust-openssl-0.10+default-dev (>= 0.10.40-~~) , - librust-perlmod-0.13+default-dev , - librust-perlmod-0.13+exporter-dev , - librust-proxmox-acme-rs-0.4+client-dev , - librust-proxmox-acme-rs-0.4+default-dev , - librust-proxmox-apt-0.9+default-dev , - librust-proxmox-http-0.8+client-sync-dev , - librust-proxmox-http-0.8+client-trait-dev , - librust-proxmox-http-0.8+default-dev , - librust-proxmox-subscription-0.3+default-dev , - librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~) , - librust-proxmox-tfa-4+api-dev , - librust-proxmox-tfa-4+default-dev , - librust-proxmox-time-1+default-dev (>= 1.1.3-~~) , - librust-serde-1+default-dev , - librust-serde-bytes-0.11+default-dev , - librust-serde-json-1+default-dev , - librust-url-2+default-dev , + librust-anyhow-1+default-dev, + librust-env-logger-0.9+default-dev, + librust-hex-0.4+default-dev, + librust-http-0.2+default-dev (>= 0.2.7-~~), + librust-libc-0.2+default-dev, + librust-nix-0.26+default-dev, + librust-openssl-0.10+default-dev (>= 0.10.40-~~), + librust-perlmod-0.13+default-dev, + librust-perlmod-0.13+exporter-dev, + librust-proxmox-acme-rs-0.4+client-dev, + librust-proxmox-acme-rs-0.4+default-dev, + librust-proxmox-apt-0.10+default-dev, + librust-proxmox-http-0.9+client-sync-dev, + librust-proxmox-http-0.9+client-trait-dev, + librust-proxmox-http-0.9+default-dev, + librust-proxmox-subscription-0.4+default-dev, + librust-proxmox-sys-0.5+default-dev, + librust-proxmox-tfa-4+api-dev, + librust-proxmox-tfa-4+default-dev, + librust-proxmox-time-1+default-dev (>= 1.1.3-~~), + librust-serde-1+default-dev, + librust-serde-bytes-0.11+default-dev, + librust-serde-json-1+default-dev, + librust-url-2+default-dev, libstd-rust-dev , perlmod-bin, rustc:native , diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 9012909a..a91b24e9 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -32,11 +32,11 @@ url = "2" perlmod = { version = "0.13", features = [ "exporter" ] } -proxmox-apt = "0.9" -proxmox-http = { version = "0.8", features = ["client-sync", "client-trait"] } -proxmox-openid = "0.9.8" +proxmox-apt = "0.10" +proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } +proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" -proxmox-subscription = "0.3" -proxmox-sys = "0.4.2" +proxmox-subscription = "0.4" +proxmox-sys = "0.5" proxmox-tfa = { version = "4", features = ["api"] } proxmox-time = "1.1.3" diff --git a/pve-rs/debian/control b/pve-rs/debian/control index a8bbad3b..54d2dc5b 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -4,32 +4,32 @@ Priority: optional Build-Depends: cargo:native , debhelper-compat (= 13), dh-cargo (>= 25), - librust-anyhow-1+default-dev , - librust-base32-0.4+default-dev , - librust-base64-0.13+default-dev , - librust-env-logger-0.9+default-dev , - librust-hex-0.4+default-dev , - librust-http-0.2+default-dev (>= 0.2.7-~~) , - librust-libc-0.2+default-dev , - librust-nix-0.26+default-dev , - librust-openssl-0.10+default-dev (>= 0.10.40-~~) , - librust-perlmod-0.13+default-dev , - librust-perlmod-0.13+exporter-dev , - librust-proxmox-apt-0.9+default-dev , - librust-proxmox-http-0.8+client-sync-dev , - librust-proxmox-http-0.8+client-trait-dev , - librust-proxmox-http-0.8+default-dev , - librust-proxmox-openid-0.9+default-dev (>= 0.9.8-~~) , - librust-proxmox-resource-scheduling-0.3+default-dev , - librust-proxmox-subscription-0.3+default-dev , - librust-proxmox-sys-0.4+default-dev (>= 0.4.2-~~) , - librust-proxmox-tfa-4+api-dev , - librust-proxmox-tfa-4+default-dev , - librust-proxmox-time-1+default-dev (>= 1.1.3-~~) , - librust-serde-1+default-dev , - librust-serde-bytes-0.11+default-dev , - librust-serde-json-1+default-dev , - librust-url-2+default-dev , + librust-anyhow-1+default-dev, + librust-base32-0.4+default-dev, + librust-base64-0.13+default-dev, + librust-env-logger-0.9+default-dev, + librust-hex-0.4+default-dev, + librust-http-0.2+default-dev (>= 0.2.7-~~), + librust-libc-0.2+default-dev, + librust-nix-0.26+default-dev, + librust-openssl-0.10+default-dev (>= 0.10.40-~~), + librust-perlmod-0.13+default-dev, + librust-perlmod-0.13+exporter-dev, + librust-proxmox-apt-0.10+default-dev, + librust-proxmox-http-0.9+client-sync-dev, + librust-proxmox-http-0.9+client-trait-dev, + librust-proxmox-http-0.9+default-dev, + librust-proxmox-openid-0.10+default-dev, + librust-proxmox-resource-scheduling-0.3+default-dev, + librust-proxmox-subscription-0.4+default-dev, + librust-proxmox-sys-0.5+default-dev, + librust-proxmox-tfa-4+api-dev, + librust-proxmox-tfa-4+default-dev, + librust-proxmox-time-1+default-dev (>= 1.1.3-~~), + librust-serde-1+default-dev, + librust-serde-bytes-0.11+default-dev, + librust-serde-json-1+default-dev, + librust-url-2+default-dev, libstd-rust-dev , perlmod-bin, rustc:native , From 10472bc265b2406cff1b94954c51c6ddb9578dbd Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 31 May 2023 14:15:29 +0200 Subject: [PATCH 042/114] pve-rs: bump proxmox-tfa dep to 4.0.1 Signed-off-by: Wolfgang Bumiller --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/control | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index a91b24e9..c97a8c3c 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -38,5 +38,5 @@ proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" proxmox-subscription = "0.4" proxmox-sys = "0.5" -proxmox-tfa = { version = "4", features = ["api"] } +proxmox-tfa = { version = "4.0.1", features = ["api"] } proxmox-time = "1.1.3" diff --git a/pve-rs/debian/control b/pve-rs/debian/control index 54d2dc5b..a7ad9e29 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -23,8 +23,8 @@ Build-Depends: cargo:native , librust-proxmox-resource-scheduling-0.3+default-dev, librust-proxmox-subscription-0.4+default-dev, librust-proxmox-sys-0.5+default-dev, - librust-proxmox-tfa-4+api-dev, - librust-proxmox-tfa-4+default-dev, + librust-proxmox-tfa-4+api-dev (>= 4.0.1-~~), + librust-proxmox-tfa-4+default-dev (>= 4.0.1-~~), librust-proxmox-time-1+default-dev (>= 1.1.3-~~), librust-serde-1+default-dev, librust-serde-bytes-0.11+default-dev, From 590af894ef342bc561aa703745b22b3ab2abbe58 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Fri, 26 May 2023 12:19:55 +0200 Subject: [PATCH 043/114] pve: enable tfa lockout, add api_unlock_tfa method Signed-off-by: Wolfgang Bumiller --- pve-rs/src/tfa.rs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/pve-rs/src/tfa.rs b/pve-rs/src/tfa.rs index aab7f2e7..e879ceca 100644 --- a/pve-rs/src/tfa.rs +++ b/pve-rs/src/tfa.rs @@ -484,6 +484,14 @@ mod export { Err(methods::EntryNotFound) => bail!("no such entry"), } } + + #[export] + fn api_unlock_tfa(#[try_from_ref] this: &Tfa, userid: &str) -> Result { + Ok(methods::unlock_tfa( + &mut this.inner.lock().unwrap(), + userid, + )?) + } } /// Version 1 format of `/etc/pve/priv/tfa.cfg` @@ -993,9 +1001,8 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { } } - /// TODO: Enable this once we can consider most clusters to support the new format. fn enable_lockout(&self) -> bool { - false + true } } From 3037864e4d6796b42534ba2d9be1d40a401e240a Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 31 May 2023 14:18:13 +0200 Subject: [PATCH 044/114] bump pve-rs to 0.8.1 Signed-off-by: Wolfgang Bumiller --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/changelog | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index c97a8c3c..8dd3282a 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.8.0" +version = "0.8.1" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index be29742c..260a0e53 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,14 @@ +libpve-rs-perl (0.8.1) bookworm; urgency=medium + + * bump proxmox-apt,http,openid,subscription,sys crates to their bookworm + versions + + * bump proxmox-tfa to 4.0.1 to include the unlock API + + * enable TFA lockout and provide the `api_unlock_tfa` call + + -- Proxmox Support Team Wed, 31 May 2023 14:17:31 +0200 + libpve-rs-perl (0.8.0) bookworm; urgency=medium * rebuild for Debian 12 Bookworm based release series From 15e7531f3c1f7e1a26f56627dd4ba050163894cd Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Sun, 4 Jun 2023 18:34:02 +0200 Subject: [PATCH 045/114] pve: bump version to 0.8.2 Signed-off-by: Thomas Lamprecht --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/changelog | 6 ++++++ pve-rs/debian/control | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 8dd3282a..4d7a1c7c 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.8.1" +version = "0.8.2" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index 260a0e53..918f2886 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,9 @@ +libpve-rs-perl (0.8.2) bookworm; urgency=medium + + * update proxmox-apt which updated repositories info for bookworm + + -- Proxmox Support Team Sun, 04 Jun 2023 18:33:42 +0200 + libpve-rs-perl (0.8.1) bookworm; urgency=medium * bump proxmox-apt,http,openid,subscription,sys crates to their bookworm diff --git a/pve-rs/debian/control b/pve-rs/debian/control index a7ad9e29..bcff9cfa 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -15,7 +15,7 @@ Build-Depends: cargo:native , librust-openssl-0.10+default-dev (>= 0.10.40-~~), librust-perlmod-0.13+default-dev, librust-perlmod-0.13+exporter-dev, - librust-proxmox-apt-0.10+default-dev, + librust-proxmox-apt-0.10+default-dev (>= 0.10.1~), librust-proxmox-http-0.9+client-sync-dev, librust-proxmox-http-0.9+client-trait-dev, librust-proxmox-http-0.9+default-dev, From d0cab6371a674acc492e103e55d4305a667104af Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Wed, 24 May 2023 15:56:25 +0200 Subject: [PATCH 046/114] log: set default log level to 'info', add product specific logging env var Logging behaviour can be overridden by the {PMG,PVE}_LOG environment variable. This commit also disables styled output and timestamps in log messages, since we usually log to the journal anyway. The log output is configured to match with other log messages in task logs. Signed-off-by: Lukas Wagner --- common/src/logger.rs | 12 ++++++++++-- pmg-rs/src/lib.rs | 2 +- pve-rs/src/lib.rs | 2 +- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/common/src/logger.rs b/common/src/logger.rs index 36dc8565..3c9a0751 100644 --- a/common/src/logger.rs +++ b/common/src/logger.rs @@ -1,6 +1,14 @@ +use env_logger::{Builder, Env}; +use std::io::Write; + /// Initialize logging. Should only be called once -pub fn init() { - if let Err(e) = env_logger::try_init() { +pub fn init(env_var_name: &str, default_log_level: &str) { + if let Err(e) = Builder::from_env(Env::new().filter_or(env_var_name, default_log_level)) + .format(|buf, record| writeln!(buf, "{}: {}", record.level(), record.args())) + .write_style(env_logger::WriteStyle::Never) + .format_timestamp(None) + .try_init() + { eprintln!("could not set up env_logger: {e}"); } } diff --git a/pmg-rs/src/lib.rs b/pmg-rs/src/lib.rs index 86331365..6b7ee4c2 100644 --- a/pmg-rs/src/lib.rs +++ b/pmg-rs/src/lib.rs @@ -12,6 +12,6 @@ mod export { #[export] pub fn init() { - common::logger::init(); + common::logger::init("PMG_LOG", "info"); } } diff --git a/pve-rs/src/lib.rs b/pve-rs/src/lib.rs index fc31b3aa..eb6ae02e 100644 --- a/pve-rs/src/lib.rs +++ b/pve-rs/src/lib.rs @@ -14,6 +14,6 @@ mod export { #[export] pub fn init() { - common::logger::init(); + common::logger::init("PVE_LOG", "info"); } } From 0d530835cb2f4e56ae6e0b84008e2771548c23bc Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Fri, 2 Jun 2023 15:05:22 +0200 Subject: [PATCH 047/114] pve: add tfa_lock_status query sub Signed-off-by: Wolfgang Bumiller --- pve-rs/src/tfa.rs | 51 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/pve-rs/src/tfa.rs b/pve-rs/src/tfa.rs index e879ceca..6f028a54 100644 --- a/pve-rs/src/tfa.rs +++ b/pve-rs/src/tfa.rs @@ -27,6 +27,7 @@ pub(self) use proxmox_tfa::api::{ #[perlmod::package(name = "PVE::RS::TFA")] mod export { + use std::collections::HashMap; use std::convert::TryInto; use std::sync::Mutex; @@ -492,6 +493,56 @@ mod export { userid, )?) } + + #[derive(serde::Serialize)] + #[serde(rename_all = "kebab-case")] + struct TfaLockStatus { + /// Once a user runs into a TOTP limit they get locked out of TOTP until they successfully use + /// a recovery key. + #[serde(skip_serializing_if = "bool_is_false", default)] + totp_locked: bool, + + /// If a user hits too many 2nd factor failures, they get completely blocked for a while. + #[serde(skip_serializing_if = "Option::is_none", default)] + #[serde(deserialize_with = "filter_expired_timestamp")] + tfa_locked_until: Option, + } + + impl From<&proxmox_tfa::api::TfaUserData> for TfaLockStatus { + fn from(data: &proxmox_tfa::api::TfaUserData) -> Self { + Self { + totp_locked: data.totp_locked, + tfa_locked_until: data.tfa_locked_until, + } + } + } + + fn bool_is_false(b: &bool) -> bool { + !*b + } + + #[export] + fn tfa_lock_status( + #[try_from_ref] this: &Tfa, + userid: Option<&str>, + ) -> Result, Error> { + let this = this.inner.lock().unwrap(); + if let Some(userid) = userid { + if let Some(user) = this.users.get(userid) { + Ok(Some(perlmod::to_value(&TfaLockStatus::from(user))?)) + } else { + Ok(None) + } + } else { + Ok(Some(perlmod::to_value( + &HashMap::::from_iter( + this.users + .iter() + .map(|(uid, data)| (uid.clone(), TfaLockStatus::from(data))), + ), + )?)) + } + } } /// Version 1 format of `/etc/pve/priv/tfa.cfg` From e1f6379b0242a94fab79a56a9f013671fa40f054 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 5 Jun 2023 12:53:22 +0200 Subject: [PATCH 048/114] bump proxmox-tfa dep to 4.0.2 Signed-off-by: Wolfgang Bumiller --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/control | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 4d7a1c7c..31f380e7 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -38,5 +38,5 @@ proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" proxmox-subscription = "0.4" proxmox-sys = "0.5" -proxmox-tfa = { version = "4.0.1", features = ["api"] } +proxmox-tfa = { version = "4.0.2", features = ["api"] } proxmox-time = "1.1.3" diff --git a/pve-rs/debian/control b/pve-rs/debian/control index bcff9cfa..8b7d12fe 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -23,8 +23,8 @@ Build-Depends: cargo:native , librust-proxmox-resource-scheduling-0.3+default-dev, librust-proxmox-subscription-0.4+default-dev, librust-proxmox-sys-0.5+default-dev, - librust-proxmox-tfa-4+api-dev (>= 4.0.1-~~), - librust-proxmox-tfa-4+default-dev (>= 4.0.1-~~), + librust-proxmox-tfa-4+api-dev (>= 4.0.2-~~), + librust-proxmox-tfa-4+default-dev (>= 4.0.2-~~), librust-proxmox-time-1+default-dev (>= 1.1.3-~~), librust-serde-1+default-dev, librust-serde-bytes-0.11+default-dev, From 7bd8036ff06f7c35b6d01493ebb35bde58cce2e3 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 5 Jun 2023 12:55:12 +0200 Subject: [PATCH 049/114] bump pve-rs to 0.8.3 Signed-off-by: Wolfgang Bumiller --- pve-rs/debian/changelog | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index 918f2886..75338f3b 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,15 @@ +libpve-rs-perl (0.8.3) bookworm; urgency=medium + + * set default log level to 'info' + + * introduce PVE_LOG environment variable to override log level + + * add tfa_lock_status query sub + + * bump proxmox-tfa to 4.0.2 + + -- Proxmox Support Team Mon, 05 Jun 2023 12:55:03 +0200 + libpve-rs-perl (0.8.2) bookworm; urgency=medium * update proxmox-apt which updated repositories info for bookworm From 39a7399c2c33f956eadce74c269906f35473b2a3 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 27 Jun 2023 15:55:36 +0200 Subject: [PATCH 050/114] pmg: bump proxmox-tfa to 4.0.2 Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 +- pmg-rs/debian/control | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index ed668827..2c665262 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -37,5 +37,5 @@ proxmox-apt = "0.10" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-subscription = "0.4" proxmox-sys = "0.5" -proxmox-tfa = { version = "4", features = ["api"] } +proxmox-tfa = { version = "4.0.2", features = ["api"] } proxmox-time = "1.1.3" diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index bde32a9b..4a2a0da6 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -21,8 +21,8 @@ Build-Depends: cargo:native , librust-proxmox-http-0.9+default-dev, librust-proxmox-subscription-0.4+default-dev, librust-proxmox-sys-0.5+default-dev, - librust-proxmox-tfa-4+api-dev, - librust-proxmox-tfa-4+default-dev, + librust-proxmox-tfa-4+api-dev (>= 4.0.2-~~), + librust-proxmox-tfa-4+default-dev (>= 4.0.2-~~), librust-proxmox-time-1+default-dev (>= 1.1.3-~~), librust-serde-1+default-dev, librust-serde-bytes-0.11+default-dev, From aed165759811c81c7be04de783449fbb480896be Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 27 Jun 2023 15:58:50 +0200 Subject: [PATCH 051/114] pmg: add tfa_lock_status_query and api_unlock_tfa Signed-off-by: Wolfgang Bumiller --- pmg-rs/src/tfa.rs | 59 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/pmg-rs/src/tfa.rs b/pmg-rs/src/tfa.rs index a14f1eee..8605b145 100644 --- a/pmg-rs/src/tfa.rs +++ b/pmg-rs/src/tfa.rs @@ -24,6 +24,7 @@ pub(self) use proxmox_tfa::api::{ #[perlmod::package(name = "PMG::RS::TFA")] mod export { + use std::collections::HashMap; use std::convert::TryInto; use std::sync::Mutex; @@ -436,6 +437,64 @@ mod export { Err(methods::EntryNotFound) => bail!("no such entry"), } } + + #[export] + fn api_unlock_tfa(#[try_from_ref] this: &Tfa, userid: &str) -> Result { + Ok(methods::unlock_tfa( + &mut this.inner.lock().unwrap(), + userid, + )?) + } + + #[derive(serde::Serialize)] + #[serde(rename_all = "kebab-case")] + struct TfaLockStatus { + /// Once a user runs into a TOTP limit they get locked out of TOTP until they successfully use + /// a recovery key. + #[serde(skip_serializing_if = "bool_is_false", default)] + totp_locked: bool, + + /// If a user hits too many 2nd factor failures, they get completely blocked for a while. + #[serde(skip_serializing_if = "Option::is_none", default)] + #[serde(deserialize_with = "filter_expired_timestamp")] + tfa_locked_until: Option, + } + + impl From<&proxmox_tfa::api::TfaUserData> for TfaLockStatus { + fn from(data: &proxmox_tfa::api::TfaUserData) -> Self { + Self { + totp_locked: data.totp_locked, + tfa_locked_until: data.tfa_locked_until, + } + } + } + + fn bool_is_false(b: &bool) -> bool { + !*b + } + + #[export] + fn tfa_lock_status( + #[try_from_ref] this: &Tfa, + userid: Option<&str>, + ) -> Result, Error> { + let this = this.inner.lock().unwrap(); + if let Some(userid) = userid { + if let Some(user) = this.users.get(userid) { + Ok(Some(perlmod::to_value(&TfaLockStatus::from(user))?)) + } else { + Ok(None) + } + } else { + Ok(Some(perlmod::to_value( + &HashMap::::from_iter( + this.users + .iter() + .map(|(uid, data)| (uid.clone(), TfaLockStatus::from(data))), + ), + )?)) + } + } } /// Attach the path to errors from [`nix::mkir()`]. From fdcdd326c336f617f35067951fa5053e85e99081 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 27 Jun 2023 15:59:39 +0200 Subject: [PATCH 052/114] pmg: enable tfa lockout Signed-off-by: Wolfgang Bumiller --- pmg-rs/src/tfa.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pmg-rs/src/tfa.rs b/pmg-rs/src/tfa.rs index 8605b145..d4282bc1 100644 --- a/pmg-rs/src/tfa.rs +++ b/pmg-rs/src/tfa.rs @@ -648,9 +648,8 @@ impl proxmox_tfa::api::OpenUserChallengeData for UserAccess { } } - // TODO: enable once we have UI/API admin stuff to unlock locked accounts fn enable_lockout(&self) -> bool { - false + true } } From 3df4aecac06907109099b6e7960c339f942668df Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 27 Jun 2023 16:01:55 +0200 Subject: [PATCH 053/114] bump pmg-rs to 0.7.2 Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 +- pmg-rs/debian/changelog | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 2c665262..2e15e97d 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pmg-rs" -version = "0.7.1" +version = "0.7.2" description = "PMG parts which have been ported to rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pmg-rs/debian/changelog b/pmg-rs/debian/changelog index 09a945e0..70b4be26 100644 --- a/pmg-rs/debian/changelog +++ b/pmg-rs/debian/changelog @@ -1,3 +1,17 @@ +libpmg-rs-perl (0.7.2) bookworm; urgency=medium + + * set default log level to 'info' + + * introduce PMG_LOG environment variable to override log level + + * add tfa_lock_status query sub + + * add api_unlock_tfa sub + + * bump proxmox-tfa to 4.0.2 + + -- Proxmox Support Team Tue, 27 Jun 2023 16:01:23 +0200 + libpmg-rs-perl (0.7.1) bookworm; urgency=medium * rebuild for Debian 12 Bookworm based release series From 06f325fd9d3bf106696575182edc533c55280208 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 5 Jul 2023 10:59:52 +0200 Subject: [PATCH 054/114] bump proxmox-tfa dependency to 4.0.4 This allows resetting the tfa failure counters on unlock. Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 +- pve-rs/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 2e15e97d..82eb5381 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -37,5 +37,5 @@ proxmox-apt = "0.10" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-subscription = "0.4" proxmox-sys = "0.5" -proxmox-tfa = { version = "4.0.2", features = ["api"] } +proxmox-tfa = { version = "4.0.4", features = ["api"] } proxmox-time = "1.1.3" diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 31f380e7..929bad1f 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -38,5 +38,5 @@ proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" proxmox-subscription = "0.4" proxmox-sys = "0.5" -proxmox-tfa = { version = "4.0.2", features = ["api"] } +proxmox-tfa = { version = "4.0.4", features = ["api"] } proxmox-time = "1.1.3" From 5c6a27da1d2cb6f57ae085a95593400df065897d Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 5 Jul 2023 11:01:36 +0200 Subject: [PATCH 055/114] pve: reset tfa failure count on unlock Signed-off-by: Wolfgang Bumiller --- pve-rs/src/tfa.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pve-rs/src/tfa.rs b/pve-rs/src/tfa.rs index 6f028a54..2b61344a 100644 --- a/pve-rs/src/tfa.rs +++ b/pve-rs/src/tfa.rs @@ -487,9 +487,11 @@ mod export { } #[export] - fn api_unlock_tfa(#[try_from_ref] this: &Tfa, userid: &str) -> Result { - Ok(methods::unlock_tfa( + fn api_unlock_tfa(#[raw] raw_this: Value, userid: &str) -> Result { + let this: &Tfa = (&raw_this).try_into()?; + Ok(methods::unlock_and_reset_tfa( &mut this.inner.lock().unwrap(), + &UserAccess::new(&raw_this)?, userid, )?) } From 470849f9742cf0f35658594fc243833eee6cafce Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 5 Jul 2023 11:01:45 +0200 Subject: [PATCH 056/114] pmg: reset tfa failure count on unlock Signed-off-by: Wolfgang Bumiller --- pmg-rs/src/tfa.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pmg-rs/src/tfa.rs b/pmg-rs/src/tfa.rs index d4282bc1..19244887 100644 --- a/pmg-rs/src/tfa.rs +++ b/pmg-rs/src/tfa.rs @@ -439,9 +439,11 @@ mod export { } #[export] - fn api_unlock_tfa(#[try_from_ref] this: &Tfa, userid: &str) -> Result { - Ok(methods::unlock_tfa( + fn api_unlock_tfa(#[raw] raw_this: Value, userid: &str) -> Result { + let this: &Tfa = (&raw_this).try_into()?; + Ok(methods::unlock_and_reset_tfa( &mut this.inner.lock().unwrap(), + &UserAccess::new(&raw_this)?, userid, )?) } From 0be707657878ef658e414be16d12d32cc406cf56 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 5 Jul 2023 11:02:40 +0200 Subject: [PATCH 057/114] pve: bump d/control Signed-off-by: Wolfgang Bumiller --- pve-rs/debian/control | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pve-rs/debian/control b/pve-rs/debian/control index 8b7d12fe..df3e5cac 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -15,7 +15,7 @@ Build-Depends: cargo:native , librust-openssl-0.10+default-dev (>= 0.10.40-~~), librust-perlmod-0.13+default-dev, librust-perlmod-0.13+exporter-dev, - librust-proxmox-apt-0.10+default-dev (>= 0.10.1~), + librust-proxmox-apt-0.10+default-dev, librust-proxmox-http-0.9+client-sync-dev, librust-proxmox-http-0.9+client-trait-dev, librust-proxmox-http-0.9+default-dev, @@ -23,8 +23,8 @@ Build-Depends: cargo:native , librust-proxmox-resource-scheduling-0.3+default-dev, librust-proxmox-subscription-0.4+default-dev, librust-proxmox-sys-0.5+default-dev, - librust-proxmox-tfa-4+api-dev (>= 4.0.2-~~), - librust-proxmox-tfa-4+default-dev (>= 4.0.2-~~), + librust-proxmox-tfa-4+api-dev (>= 4.0.4-~~), + librust-proxmox-tfa-4+default-dev (>= 4.0.4-~~), librust-proxmox-time-1+default-dev (>= 1.1.3-~~), librust-serde-1+default-dev, librust-serde-bytes-0.11+default-dev, From e2c950bf4c15c46415ae6fd4633c2873afb5acdb Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 5 Jul 2023 11:03:08 +0200 Subject: [PATCH 058/114] pmg: bump d/control Signed-off-by: Wolfgang Bumiller --- pmg-rs/debian/control | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 4a2a0da6..2ffa2820 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -21,8 +21,8 @@ Build-Depends: cargo:native , librust-proxmox-http-0.9+default-dev, librust-proxmox-subscription-0.4+default-dev, librust-proxmox-sys-0.5+default-dev, - librust-proxmox-tfa-4+api-dev (>= 4.0.2-~~), - librust-proxmox-tfa-4+default-dev (>= 4.0.2-~~), + librust-proxmox-tfa-4+api-dev (>= 4.0.4-~~), + librust-proxmox-tfa-4+default-dev (>= 4.0.4-~~), librust-proxmox-time-1+default-dev (>= 1.1.3-~~), librust-serde-1+default-dev, librust-serde-bytes-0.11+default-dev, From 8759447585f7927d092d3fedd75f662d213a2da7 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 5 Jul 2023 13:30:27 +0200 Subject: [PATCH 059/114] bump pve-rs to 0.8.4 Signed-off-by: Wolfgang Bumiller --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/changelog | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 929bad1f..3076a139 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.8.2" +version = "0.8.4" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index 75338f3b..6feacde3 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,9 @@ +libpve-rs-perl (0.8.4) bookworm; urgency=medium + + * reset failure counts when unlocking second factors + + -- Proxmox Support Team Wed, 05 Jul 2023 13:30:17 +0200 + libpve-rs-perl (0.8.3) bookworm; urgency=medium * set default log level to 'info' From 225b640f1f21dd56f92e15cbfe6caa4745be73de Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 5 Jul 2023 13:35:43 +0200 Subject: [PATCH 060/114] bump pmg-rs to 0.7.3 Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 +- pmg-rs/debian/changelog | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 82eb5381..6f4ca639 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pmg-rs" -version = "0.7.2" +version = "0.7.3" description = "PMG parts which have been ported to rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pmg-rs/debian/changelog b/pmg-rs/debian/changelog index 70b4be26..104cc974 100644 --- a/pmg-rs/debian/changelog +++ b/pmg-rs/debian/changelog @@ -1,3 +1,9 @@ +libpmg-rs-perl (0.7.3) bookworm; urgency=medium + + * reset failure counts when unlocking second factors + + -- Proxmox Support Team Wed, 05 Jul 2023 13:35:23 +0200 + libpmg-rs-perl (0.7.2) bookworm; urgency=medium * set default log level to 'info' From cd8984a9549df739a95238639b2f45bfe908f85a Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 5 Jul 2023 13:44:48 +0200 Subject: [PATCH 061/114] buildsys: both: check crate vs debian version Signed-off-by: Wolfgang Bumiller --- pmg-rs/debian/rules | 18 ++++++++++++++++++ pve-rs/debian/rules | 18 ++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/pmg-rs/debian/rules b/pmg-rs/debian/rules index 0f5be05b..29937153 100755 --- a/pmg-rs/debian/rules +++ b/pmg-rs/debian/rules @@ -1,7 +1,25 @@ #!/usr/bin/make -f +include /usr/share/dpkg/pkg-info.mk +include /usr/share/rustc/architecture.mk + #export DH_VERBOSE=1 export BUILD_MODE=release +CARGO=/usr/share/cargo/bin/cargo + +export CFLAGS CXXFLAGS CPPFLAGS LDFLAGS +export DEB_HOST_RUST_TYPE DEB_HOST_GNU_TYPE +export CARGO_HOME = $(CURDIR)/debian/cargo_home + +export DEB_CARGO_CRATE=pmg-rs_$(DEB_VERSION_UPSTREAM) +export DEB_CARGO_PACKAGE=pmg-rs + %: dh $@ + +override_dh_auto_configure: + @perl -ne 'if (/^version\s*=\s*"(\d+(?:\.\d+)+)"/) { my $$v_cargo = $$1; my $$v_deb = "$(DEB_VERSION_UPSTREAM)"; \ + die "ERROR: d/changelog <-> Cargo.toml version mismatch: $$v_cargo != $$v_deb\n" if $$v_cargo ne $$v_deb; exit(0); }' Cargo.toml + $(CARGO) prepare-debian $(CURDIR)/debian/cargo_registry --link-from-system + dh_auto_configure diff --git a/pve-rs/debian/rules b/pve-rs/debian/rules index 0f5be05b..bddb889a 100755 --- a/pve-rs/debian/rules +++ b/pve-rs/debian/rules @@ -1,7 +1,25 @@ #!/usr/bin/make -f +include /usr/share/dpkg/pkg-info.mk +include /usr/share/rustc/architecture.mk + #export DH_VERBOSE=1 export BUILD_MODE=release +CARGO=/usr/share/cargo/bin/cargo + +export CFLAGS CXXFLAGS CPPFLAGS LDFLAGS +export DEB_HOST_RUST_TYPE DEB_HOST_GNU_TYPE +export CARGO_HOME = $(CURDIR)/debian/cargo_home + +export DEB_CARGO_CRATE=pve-rs_$(DEB_VERSION_UPSTREAM) +export DEB_CARGO_PACKAGE=pve-rs + %: dh $@ + +override_dh_auto_configure: + @perl -ne 'if (/^version\s*=\s*"(\d+(?:\.\d+)+)"/) { my $$v_cargo = $$1; my $$v_deb = "$(DEB_VERSION_UPSTREAM)"; \ + die "ERROR: d/changelog <-> Cargo.toml version mismatch: $$v_cargo != $$v_deb\n" if $$v_cargo ne $$v_deb; exit(0); }' Cargo.toml + $(CARGO) prepare-debian $(CURDIR)/debian/cargo_registry --link-from-system + dh_auto_configure From b9c4756445f48cafa9676ed1b0d3a511719393ad Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:31:53 +0200 Subject: [PATCH 062/114] add PVE::RS::Notify module Signed-off-by: Lukas Wagner --- pve-rs/Cargo.toml | 1 + pve-rs/Makefile | 1 + pve-rs/src/lib.rs | 1 + pve-rs/src/notify.rs | 74 ++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 77 insertions(+) create mode 100644 pve-rs/src/notify.rs diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 3076a139..b28c1182 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -34,6 +34,7 @@ perlmod = { version = "0.13", features = [ "exporter" ] } proxmox-apt = "0.10" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } +proxmox-notify = "0.1" proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" proxmox-subscription = "0.4" diff --git a/pve-rs/Makefile b/pve-rs/Makefile index de35c699..9d737c0c 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -27,6 +27,7 @@ PERLMOD_GENPACKAGE := /usr/lib/perlmod/genpackage.pl \ PERLMOD_PACKAGES := \ PVE::RS::APT::Repositories \ + PVE::RS::Notify \ PVE::RS::OpenId \ PVE::RS::ResourceScheduling::Static \ PVE::RS::TFA diff --git a/pve-rs/src/lib.rs b/pve-rs/src/lib.rs index eb6ae02e..0d63c282 100644 --- a/pve-rs/src/lib.rs +++ b/pve-rs/src/lib.rs @@ -4,6 +4,7 @@ pub mod common; pub mod apt; +pub mod notify; pub mod openid; pub mod resource_scheduling; pub mod tfa; diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs new file mode 100644 index 00000000..6ea9b789 --- /dev/null +++ b/pve-rs/src/notify.rs @@ -0,0 +1,74 @@ +#[perlmod::package(name = "PVE::RS::Notify")] +mod export { + use anyhow::{bail, Error}; + use perlmod::Value; + + use std::sync::Mutex; + + use proxmox_notify::Config; + + pub struct NotificationConfig { + config: Mutex, + } + + perlmod::declare_magic!(Box : &NotificationConfig as "PVE::RS::Notify"); + + /// Support `dclone` so this can be put into the `ccache` of `PVE::Cluster`. + #[export(name = "STORABLE_freeze", raw_return)] + fn storable_freeze( + #[try_from_ref] this: &NotificationConfig, + cloning: bool, + ) -> Result { + if !cloning { + bail!("freezing Notification config not supported!"); + } + + let mut cloned = Box::new(NotificationConfig { + config: Mutex::new(this.config.lock().unwrap().clone()), + }); + let value = Value::new_pointer::(&mut *cloned); + let _perl = Box::leak(cloned); + Ok(value) + } + + /// Instead of `thaw` we implement `attach` for `dclone`. + #[export(name = "STORABLE_attach", raw_return)] + fn storable_attach( + #[raw] class: Value, + cloning: bool, + #[raw] serialized: Value, + ) -> Result { + if !cloning { + bail!("STORABLE_attach called with cloning=false"); + } + let data = unsafe { Box::from_raw(serialized.pv_raw::()?) }; + Ok(perlmod::instantiate_magic!(&class, MAGIC => data)) + } + + #[export(raw_return)] + fn parse_config( + #[raw] class: Value, + raw_config: &[u8], + raw_private_config: &[u8], + ) -> Result { + let raw_config = std::str::from_utf8(raw_config)?; + let raw_private_config = std::str::from_utf8(raw_private_config)?; + + Ok(perlmod::instantiate_magic!(&class, MAGIC => Box::new( + NotificationConfig { + config: Mutex::new(Config::new(raw_config, raw_private_config)?) + } + ))) + } + + #[export] + fn write_config(#[try_from_ref] this: &NotificationConfig) -> Result<(String, String), Error> { + Ok(this.config.lock().unwrap().write()?) + } + + #[export] + fn digest(#[try_from_ref] this: &NotificationConfig) -> String { + let config = this.config.lock().unwrap(); + hex::encode(config.digest()) + } +} From 350cdd6b592973bc0cda5dd7396985b5dad0d21f Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:31:54 +0200 Subject: [PATCH 063/114] notify: add api for sending notifications/testing endpoints Signed-off-by: Lukas Wagner --- pve-rs/src/notify.rs | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs index 6ea9b789..cff1b445 100644 --- a/pve-rs/src/notify.rs +++ b/pve-rs/src/notify.rs @@ -2,10 +2,10 @@ mod export { use anyhow::{bail, Error}; use perlmod::Value; - + use serde_json::Value as JSONValue; use std::sync::Mutex; - use proxmox_notify::Config; + use proxmox_notify::{api, api::ApiError, Config, Notification, Severity}; pub struct NotificationConfig { config: Mutex, @@ -71,4 +71,34 @@ mod export { let config = this.config.lock().unwrap(); hex::encode(config.digest()) } + + #[export(serialize_error)] + fn send( + #[try_from_ref] this: &NotificationConfig, + channel: &str, + severity: Severity, + title: String, + body: String, + properties: Option, + ) -> Result<(), ApiError> { + let config = this.config.lock().unwrap(); + + let notification = Notification { + severity, + title, + body, + properties, + }; + + api::common::send(&config, channel, ¬ification) + } + + #[export(serialize_error)] + fn test_target( + #[try_from_ref] this: &NotificationConfig, + target: &str, + ) -> Result<(), ApiError> { + let config = this.config.lock().unwrap(); + api::common::test_target(&config, target) + } } From 4b64b63ff734e053946c1f92d5b588d9e847f4bc Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:31:55 +0200 Subject: [PATCH 064/114] notify: add api for notification groups Signed-off-by: Lukas Wagner --- pve-rs/src/notify.rs | 70 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs index cff1b445..8014e6de 100644 --- a/pve-rs/src/notify.rs +++ b/pve-rs/src/notify.rs @@ -5,6 +5,7 @@ mod export { use serde_json::Value as JSONValue; use std::sync::Mutex; + use proxmox_notify::group::{DeleteableGroupProperty, GroupConfig, GroupConfigUpdater}; use proxmox_notify::{api, api::ApiError, Config, Notification, Severity}; pub struct NotificationConfig { @@ -101,4 +102,73 @@ mod export { let config = this.config.lock().unwrap(); api::common::test_target(&config, target) } + + #[export(serialize_error)] + fn get_groups(#[try_from_ref] this: &NotificationConfig) -> Result, ApiError> { + let config = this.config.lock().unwrap(); + api::group::get_groups(&config) + } + + #[export(serialize_error)] + fn get_group( + #[try_from_ref] this: &NotificationConfig, + id: &str, + ) -> Result { + let config = this.config.lock().unwrap(); + api::group::get_group(&config, id) + } + + #[export(serialize_error)] + fn add_group( + #[try_from_ref] this: &NotificationConfig, + name: String, + endpoints: Vec, + comment: Option, + filter: Option, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + api::group::add_group( + &mut config, + &GroupConfig { + name, + endpoint: endpoints, + comment, + filter, + }, + ) + } + + #[export(serialize_error)] + fn update_group( + #[try_from_ref] this: &NotificationConfig, + name: &str, + endpoints: Option>, + comment: Option, + filter: Option, + delete: Option>, + digest: Option<&str>, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + let digest = digest.map(hex::decode).transpose().map_err(|e| { + ApiError::internal_server_error(format!("invalid digest: {e}"), Some(Box::new(e))) + })?; + + api::group::update_group( + &mut config, + name, + &GroupConfigUpdater { + endpoint: endpoints, + comment, + filter, + }, + delete.as_deref(), + digest.as_deref(), + ) + } + + #[export(serialize_error)] + fn delete_group(#[try_from_ref] this: &NotificationConfig, name: &str) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + api::group::delete_group(&mut config, name) + } } From a73ba6971613d62d54769d3eba106f421c8f5f8b Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:31:56 +0200 Subject: [PATCH 065/114] notify: add api for sendmail endpoints Signed-off-by: Lukas Wagner --- pve-rs/src/notify.rs | 88 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs index 8014e6de..2f8c9b61 100644 --- a/pve-rs/src/notify.rs +++ b/pve-rs/src/notify.rs @@ -5,6 +5,9 @@ mod export { use serde_json::Value as JSONValue; use std::sync::Mutex; + use proxmox_notify::endpoints::sendmail::{ + DeleteableSendmailProperty, SendmailConfig, SendmailConfigUpdater, + }; use proxmox_notify::group::{DeleteableGroupProperty, GroupConfig, GroupConfigUpdater}; use proxmox_notify::{api, api::ApiError, Config, Notification, Severity}; @@ -171,4 +174,89 @@ mod export { let mut config = this.config.lock().unwrap(); api::group::delete_group(&mut config, name) } + + #[export(serialize_error)] + fn get_sendmail_endpoints( + #[try_from_ref] this: &NotificationConfig, + ) -> Result, ApiError> { + let config = this.config.lock().unwrap(); + api::sendmail::get_endpoints(&config) + } + + #[export(serialize_error)] + fn get_sendmail_endpoint( + #[try_from_ref] this: &NotificationConfig, + id: &str, + ) -> Result { + let config = this.config.lock().unwrap(); + api::sendmail::get_endpoint(&config, id) + } + + #[export(serialize_error)] + #[allow(clippy::too_many_arguments)] + fn add_sendmail_endpoint( + #[try_from_ref] this: &NotificationConfig, + name: String, + mailto: Vec, + from_address: Option, + author: Option, + comment: Option, + filter: Option, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + + api::sendmail::add_endpoint( + &mut config, + &SendmailConfig { + name, + mailto, + from_address, + author, + comment, + filter, + }, + ) + } + + #[export(serialize_error)] + #[allow(clippy::too_many_arguments)] + fn update_sendmail_endpoint( + #[try_from_ref] this: &NotificationConfig, + name: &str, + mailto: Option>, + from_address: Option, + author: Option, + comment: Option, + filter: Option, + delete: Option>, + digest: Option<&str>, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + let digest = digest.map(hex::decode).transpose().map_err(|e| { + ApiError::internal_server_error(format!("invalid digest: {e}"), Some(Box::new(e))) + })?; + + api::sendmail::update_endpoint( + &mut config, + name, + &SendmailConfigUpdater { + mailto, + from_address, + author, + comment, + filter, + }, + delete.as_deref(), + digest.as_deref(), + ) + } + + #[export(serialize_error)] + fn delete_sendmail_endpoint( + #[try_from_ref] this: &NotificationConfig, + name: &str, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + api::sendmail::delete_endpoint(&mut config, name) + } } From 6b5dbc3238ad0a82b72a9999734f580757a0033f Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:31:57 +0200 Subject: [PATCH 066/114] notify: add api for gotify endpoints Signed-off-by: Lukas Wagner --- pve-rs/src/notify.rs | 83 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs index 2f8c9b61..1d612f11 100644 --- a/pve-rs/src/notify.rs +++ b/pve-rs/src/notify.rs @@ -5,6 +5,10 @@ mod export { use serde_json::Value as JSONValue; use std::sync::Mutex; + use proxmox_notify::endpoints::gotify::{ + DeleteableGotifyProperty, GotifyConfig, GotifyConfigUpdater, GotifyPrivateConfig, + GotifyPrivateConfigUpdater, + }; use proxmox_notify::endpoints::sendmail::{ DeleteableSendmailProperty, SendmailConfig, SendmailConfigUpdater, }; @@ -259,4 +263,83 @@ mod export { let mut config = this.config.lock().unwrap(); api::sendmail::delete_endpoint(&mut config, name) } + + #[export(serialize_error)] + fn get_gotify_endpoints( + #[try_from_ref] this: &NotificationConfig, + ) -> Result, ApiError> { + let config = this.config.lock().unwrap(); + api::gotify::get_endpoints(&config) + } + + #[export(serialize_error)] + fn get_gotify_endpoint( + #[try_from_ref] this: &NotificationConfig, + id: &str, + ) -> Result { + let config = this.config.lock().unwrap(); + api::gotify::get_endpoint(&config, id) + } + + #[export(serialize_error)] + fn add_gotify_endpoint( + #[try_from_ref] this: &NotificationConfig, + name: String, + server: String, + token: String, + comment: Option, + filter: Option, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + api::gotify::add_endpoint( + &mut config, + &GotifyConfig { + name: name.clone(), + server, + comment, + filter, + }, + &GotifyPrivateConfig { name, token }, + ) + } + + #[export(serialize_error)] + #[allow(clippy::too_many_arguments)] + fn update_gotify_endpoint( + #[try_from_ref] this: &NotificationConfig, + name: &str, + server: Option, + token: Option, + comment: Option, + filter: Option, + delete: Option>, + digest: Option<&str>, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + let digest = digest.map(hex::decode).transpose().map_err(|e| { + ApiError::internal_server_error(format!("invalid digest: {e}"), Some(Box::new(e))) + })?; + + api::gotify::update_endpoint( + &mut config, + name, + &GotifyConfigUpdater { + server, + comment, + filter, + }, + &GotifyPrivateConfigUpdater { token }, + delete.as_deref(), + digest.as_deref(), + ) + } + + #[export(serialize_error)] + fn delete_gotify_endpoint( + #[try_from_ref] this: &NotificationConfig, + name: &str, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + api::gotify::delete_gotify_endpoint(&mut config, name) + } } From 79f339d1367c2045c1fba7ebb5803ddaa8b476ca Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:31:58 +0200 Subject: [PATCH 067/114] notify: add api for notification filters Signed-off-by: Lukas Wagner --- pve-rs/src/notify.rs | 83 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs index 1d612f11..08726e53 100644 --- a/pve-rs/src/notify.rs +++ b/pve-rs/src/notify.rs @@ -12,6 +12,9 @@ mod export { use proxmox_notify::endpoints::sendmail::{ DeleteableSendmailProperty, SendmailConfig, SendmailConfigUpdater, }; + use proxmox_notify::filter::{ + DeleteableFilterProperty, FilterConfig, FilterConfigUpdater, FilterModeOperator, + }; use proxmox_notify::group::{DeleteableGroupProperty, GroupConfig, GroupConfigUpdater}; use proxmox_notify::{api, api::ApiError, Config, Notification, Severity}; @@ -342,4 +345,84 @@ mod export { let mut config = this.config.lock().unwrap(); api::gotify::delete_gotify_endpoint(&mut config, name) } + + #[export(serialize_error)] + fn get_filters( + #[try_from_ref] this: &NotificationConfig, + ) -> Result, ApiError> { + let config = this.config.lock().unwrap(); + api::filter::get_filters(&config) + } + + #[export(serialize_error)] + fn get_filter( + #[try_from_ref] this: &NotificationConfig, + id: &str, + ) -> Result { + let config = this.config.lock().unwrap(); + api::filter::get_filter(&config, id) + } + + #[export(serialize_error)] + #[allow(clippy::too_many_arguments)] + fn add_filter( + #[try_from_ref] this: &NotificationConfig, + name: String, + min_severity: Option, + mode: Option, + invert_match: Option, + comment: Option, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + api::filter::add_filter( + &mut config, + &FilterConfig { + name, + min_severity, + mode, + invert_match, + comment, + }, + ) + } + + #[export(serialize_error)] + #[allow(clippy::too_many_arguments)] + fn update_filter( + #[try_from_ref] this: &NotificationConfig, + name: &str, + min_severity: Option, + mode: Option, + invert_match: Option, + comment: Option, + delete: Option>, + digest: Option<&str>, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + let digest = digest.map(hex::decode).transpose().map_err(|e| { + ApiError::internal_server_error(format!("invalid digest: {e}"), Some(Box::new(e))) + })?; + + api::filter::update_filter( + &mut config, + name, + &FilterConfigUpdater { + min_severity, + mode, + invert_match, + comment, + }, + delete.as_deref(), + digest.as_deref(), + ) + } + + #[export(serialize_error)] + fn delete_filter( + #[try_from_ref] this: &NotificationConfig, + name: &str, + ) -> Result<(), ApiError> { + let mut config = this.config.lock().unwrap(); + api::filter::delete_filter(&mut config, name) + } } From a5ee03ed0f7949e91f11ec5f7ace57e337452c63 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:31:59 +0200 Subject: [PATCH 068/114] notify: sendmail: support the `mailto-user` parameter This parameter allows to send mails to the email address configured for users from the product's user database. `proxmox-notify` now has a `Context` that must be set via `proxmox_notify::context::set_context` before the crate is used. Signed-off-by: Lukas Wagner --- pve-rs/Cargo.toml | 1 + pve-rs/src/lib.rs | 3 +- pve-rs/src/notify.rs | 82 +++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 84 insertions(+), 2 deletions(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index b28c1182..954665f3 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -23,6 +23,7 @@ env_logger = "0.9" hex = "0.4" http = "0.2.7" libc = "0.2" +log = "0.4.17" nix = "0.26" openssl = "0.10.40" serde = "1.0" diff --git a/pve-rs/src/lib.rs b/pve-rs/src/lib.rs index 0d63c282..49483d70 100644 --- a/pve-rs/src/lib.rs +++ b/pve-rs/src/lib.rs @@ -11,10 +11,11 @@ pub mod tfa; #[perlmod::package(name = "Proxmox::Lib::PVE", lib = "pve_rs")] mod export { - use crate::common; + use crate::{common, notify}; #[export] pub fn init() { common::logger::init("PVE_LOG", "info"); + notify::init(); } } diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs index 08726e53..8def0647 100644 --- a/pve-rs/src/notify.rs +++ b/pve-rs/src/notify.rs @@ -1,3 +1,79 @@ +use std::path::Path; + +use log; + +use proxmox_notify::context::Context; + +// Some helpers borrowed and slightly adapted from `proxmox-mail-forward` + +fn normalize_for_return(s: Option<&str>) -> Option { + match s?.trim() { + "" => None, + s => Some(s.to_string()), + } +} + +fn attempt_file_read>(path: P) -> Option { + match proxmox_sys::fs::file_read_optional_string(path) { + Ok(contents) => contents, + Err(err) => { + log::error!("{err}"); + None + } + } +} + +fn lookup_mail_address(content: &str, user: &str) -> Option { + normalize_for_return(content.lines().find_map(|line| { + let fields: Vec<&str> = line.split(':').collect(); + #[allow(clippy::get_first)] // to keep expression style consistent + match fields.get(0)?.trim() == "user" && fields.get(1)?.trim() == user { + true => fields.get(6).copied(), + false => None, + } + })) +} + +#[derive(Debug)] +struct PVEContext; + +impl Context for PVEContext { + fn lookup_email_for_user(&self, user: &str) -> Option { + let content = attempt_file_read("/etc/pve/user.cfg"); + content.and_then(|content| lookup_mail_address(&content, user)) + } +} + +#[cfg(test)] +mod tests { + use crate::notify::lookup_mail_address; + + const USER_CONFIG: &str = " +user:root@pam:1:0:::root@example.com::: +user:test@pve:1:0:::test@example.com::: +user:no-mail@pve:1:0:::::: + "; + + #[test] + fn test_parse_mail() { + assert_eq!( + lookup_mail_address(USER_CONFIG, "root@pam"), + Some("root@example.com".to_string()) + ); + assert_eq!( + lookup_mail_address(USER_CONFIG, "test@pve"), + Some("test@example.com".to_string()) + ); + assert_eq!(lookup_mail_address(USER_CONFIG, "no-mail@pve"), None); + } +} + +static CONTEXT: PVEContext = PVEContext; + +pub fn init() { + proxmox_notify::context::set_context(&CONTEXT) +} + #[perlmod::package(name = "PVE::RS::Notify")] mod export { use anyhow::{bail, Error}; @@ -204,7 +280,8 @@ mod export { fn add_sendmail_endpoint( #[try_from_ref] this: &NotificationConfig, name: String, - mailto: Vec, + mailto: Option>, + mailto_user: Option>, from_address: Option, author: Option, comment: Option, @@ -217,6 +294,7 @@ mod export { &SendmailConfig { name, mailto, + mailto_user, from_address, author, comment, @@ -231,6 +309,7 @@ mod export { #[try_from_ref] this: &NotificationConfig, name: &str, mailto: Option>, + mailto_user: Option>, from_address: Option, author: Option, comment: Option, @@ -248,6 +327,7 @@ mod export { name, &SendmailConfigUpdater { mailto, + mailto_user, from_address, author, comment, From 178196e1aedcee2ad6516ba95f4742231379b328 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:32:00 +0200 Subject: [PATCH 069/114] notify: implement context for getting default author/mailfrom Signed-off-by: Lukas Wagner --- pve-rs/src/notify.rs | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs index 8def0647..5fc11b23 100644 --- a/pve-rs/src/notify.rs +++ b/pve-rs/src/notify.rs @@ -34,6 +34,15 @@ fn lookup_mail_address(content: &str, user: &str) -> Option { })) } +fn lookup_datacenter_config_key(content: &str, key: &str) -> Option { + let key_prefix = format!("{key}:"); + normalize_for_return( + content + .lines() + .find_map(|line| line.strip_prefix(&key_prefix)), + ) +} + #[derive(Debug)] struct PVEContext; @@ -42,11 +51,22 @@ impl Context for PVEContext { let content = attempt_file_read("/etc/pve/user.cfg"); content.and_then(|content| lookup_mail_address(&content, user)) } + + fn default_sendmail_author(&self) -> String { + "Proxmox VE".into() + } + + fn default_sendmail_from(&self) -> String { + let content = attempt_file_read("/etc/pve/datacenter.cfg"); + content + .and_then(|content| lookup_datacenter_config_key(&content, "mail_from")) + .unwrap_or_else(|| String::from("root")) + } } #[cfg(test)] mod tests { - use crate::notify::lookup_mail_address; + use crate::notify::{lookup_datacenter_config_key, lookup_mail_address}; const USER_CONFIG: &str = " user:root@pam:1:0:::root@example.com::: @@ -66,6 +86,18 @@ user:no-mail@pve:1:0:::::: ); assert_eq!(lookup_mail_address(USER_CONFIG, "no-mail@pve"), None); } + + const DC_CONFIG: &str = " +email_from: user@example.com +keyboard: en-us +"; + #[test] + fn test_parse_dc_config() { + assert_eq!( + lookup_datacenter_config_key(DC_CONFIG, "email_from"), + Some("user@example.com".to_string()) + ); + } } static CONTEXT: PVEContext = PVEContext; From de59ffe4ec2ce6e920ae1a3b57400d8454e982ad Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:32:01 +0200 Subject: [PATCH 070/114] notify: add context for getting http_proxy from datacenter.cfg Signed-off-by: Lukas Wagner --- pve-rs/src/notify.rs | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs index 5fc11b23..5ab0ef53 100644 --- a/pve-rs/src/notify.rs +++ b/pve-rs/src/notify.rs @@ -62,6 +62,11 @@ impl Context for PVEContext { .and_then(|content| lookup_datacenter_config_key(&content, "mail_from")) .unwrap_or_else(|| String::from("root")) } + + fn http_proxy_config(&self) -> Option { + let content = attempt_file_read("/etc/pve/datacenter.cfg"); + content.and_then(|content| lookup_datacenter_config_key(&content, "http_proxy")) + } } #[cfg(test)] @@ -89,6 +94,7 @@ user:no-mail@pve:1:0:::::: const DC_CONFIG: &str = " email_from: user@example.com +http_proxy: http://localhost:1234 keyboard: en-us "; #[test] @@ -97,6 +103,11 @@ keyboard: en-us lookup_datacenter_config_key(DC_CONFIG, "email_from"), Some("user@example.com".to_string()) ); + assert_eq!( + lookup_datacenter_config_key(DC_CONFIG, "http_proxy"), + Some("http://localhost:1234".to_string()) + ); + assert_eq!(lookup_datacenter_config_key(DC_CONFIG, "foo"), None); } } From 69d2eb953dd31dd0fbc73cf32d2ad1dd10a9e0f4 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Thu, 20 Jul 2023 16:32:02 +0200 Subject: [PATCH 071/114] notify: add wrapper for `get_referenced_entities` The function returns all other entities referenced by a filter/target. This is useful for permission checks, where the user must have the appropriate permissions for all entities. Signed-off-by: Lukas Wagner --- pve-rs/src/notify.rs | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pve-rs/src/notify.rs b/pve-rs/src/notify.rs index 5ab0ef53..f6d70d0d 100644 --- a/pve-rs/src/notify.rs +++ b/pve-rs/src/notify.rs @@ -548,4 +548,13 @@ mod export { let mut config = this.config.lock().unwrap(); api::filter::delete_filter(&mut config, name) } + + #[export] + fn get_referenced_entities( + #[try_from_ref] this: &NotificationConfig, + name: &str, + ) -> Result, ApiError> { + let config = this.config.lock().unwrap(); + api::common::get_referenced_entities(&config, name) + } } From 703cfbd212c1c0e27eedad9828788718c1621362 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Mon, 24 Jul 2023 13:26:57 +0200 Subject: [PATCH 072/114] notify: rename PVE::RS::Notify to Proxmox::RS::Notify Also splitting PVE-specific context into its own file. Suggested-by: Wolfgang Bumiller Signed-off-by: Lukas Wagner --- common/pkg/Makefile | 1 + common/src/mod.rs | 1 + {pve-rs => common}/src/notify.rs | 123 +------------------------------ pve-rs/src/lib.rs | 6 +- pve-rs/src/notify_context.rs | 117 +++++++++++++++++++++++++++++ 5 files changed, 124 insertions(+), 124 deletions(-) rename {pve-rs => common}/src/notify.rs (79%) create mode 100644 pve-rs/src/notify_context.rs diff --git a/common/pkg/Makefile b/common/pkg/Makefile index 7232f0c8..7bf669f7 100644 --- a/common/pkg/Makefile +++ b/common/pkg/Makefile @@ -25,6 +25,7 @@ Proxmox/RS/CalendarEvent.pm: $(PERLMOD_GENPACKAGE) \ Proxmox::RS::APT::Repositories \ Proxmox::RS::CalendarEvent \ + Proxmox::RS::Notify \ Proxmox::RS::Subscription all: Proxmox/RS/CalendarEvent.pm diff --git a/common/src/mod.rs b/common/src/mod.rs index 6c86ac00..c3574f4e 100644 --- a/common/src/mod.rs +++ b/common/src/mod.rs @@ -1,4 +1,5 @@ pub mod apt; mod calendar_event; pub mod logger; +pub mod notify; mod subscription; diff --git a/pve-rs/src/notify.rs b/common/src/notify.rs similarity index 79% rename from pve-rs/src/notify.rs rename to common/src/notify.rs index f6d70d0d..c8ca5334 100644 --- a/pve-rs/src/notify.rs +++ b/common/src/notify.rs @@ -1,123 +1,4 @@ -use std::path::Path; - -use log; - -use proxmox_notify::context::Context; - -// Some helpers borrowed and slightly adapted from `proxmox-mail-forward` - -fn normalize_for_return(s: Option<&str>) -> Option { - match s?.trim() { - "" => None, - s => Some(s.to_string()), - } -} - -fn attempt_file_read>(path: P) -> Option { - match proxmox_sys::fs::file_read_optional_string(path) { - Ok(contents) => contents, - Err(err) => { - log::error!("{err}"); - None - } - } -} - -fn lookup_mail_address(content: &str, user: &str) -> Option { - normalize_for_return(content.lines().find_map(|line| { - let fields: Vec<&str> = line.split(':').collect(); - #[allow(clippy::get_first)] // to keep expression style consistent - match fields.get(0)?.trim() == "user" && fields.get(1)?.trim() == user { - true => fields.get(6).copied(), - false => None, - } - })) -} - -fn lookup_datacenter_config_key(content: &str, key: &str) -> Option { - let key_prefix = format!("{key}:"); - normalize_for_return( - content - .lines() - .find_map(|line| line.strip_prefix(&key_prefix)), - ) -} - -#[derive(Debug)] -struct PVEContext; - -impl Context for PVEContext { - fn lookup_email_for_user(&self, user: &str) -> Option { - let content = attempt_file_read("/etc/pve/user.cfg"); - content.and_then(|content| lookup_mail_address(&content, user)) - } - - fn default_sendmail_author(&self) -> String { - "Proxmox VE".into() - } - - fn default_sendmail_from(&self) -> String { - let content = attempt_file_read("/etc/pve/datacenter.cfg"); - content - .and_then(|content| lookup_datacenter_config_key(&content, "mail_from")) - .unwrap_or_else(|| String::from("root")) - } - - fn http_proxy_config(&self) -> Option { - let content = attempt_file_read("/etc/pve/datacenter.cfg"); - content.and_then(|content| lookup_datacenter_config_key(&content, "http_proxy")) - } -} - -#[cfg(test)] -mod tests { - use crate::notify::{lookup_datacenter_config_key, lookup_mail_address}; - - const USER_CONFIG: &str = " -user:root@pam:1:0:::root@example.com::: -user:test@pve:1:0:::test@example.com::: -user:no-mail@pve:1:0:::::: - "; - - #[test] - fn test_parse_mail() { - assert_eq!( - lookup_mail_address(USER_CONFIG, "root@pam"), - Some("root@example.com".to_string()) - ); - assert_eq!( - lookup_mail_address(USER_CONFIG, "test@pve"), - Some("test@example.com".to_string()) - ); - assert_eq!(lookup_mail_address(USER_CONFIG, "no-mail@pve"), None); - } - - const DC_CONFIG: &str = " -email_from: user@example.com -http_proxy: http://localhost:1234 -keyboard: en-us -"; - #[test] - fn test_parse_dc_config() { - assert_eq!( - lookup_datacenter_config_key(DC_CONFIG, "email_from"), - Some("user@example.com".to_string()) - ); - assert_eq!( - lookup_datacenter_config_key(DC_CONFIG, "http_proxy"), - Some("http://localhost:1234".to_string()) - ); - assert_eq!(lookup_datacenter_config_key(DC_CONFIG, "foo"), None); - } -} - -static CONTEXT: PVEContext = PVEContext; - -pub fn init() { - proxmox_notify::context::set_context(&CONTEXT) -} - -#[perlmod::package(name = "PVE::RS::Notify")] +#[perlmod::package(name = "Proxmox::RS::Notify")] mod export { use anyhow::{bail, Error}; use perlmod::Value; @@ -141,7 +22,7 @@ mod export { config: Mutex, } - perlmod::declare_magic!(Box : &NotificationConfig as "PVE::RS::Notify"); + perlmod::declare_magic!(Box : &NotificationConfig as "Proxmox::RS::Notify"); /// Support `dclone` so this can be put into the `ccache` of `PVE::Cluster`. #[export(name = "STORABLE_freeze", raw_return)] diff --git a/pve-rs/src/lib.rs b/pve-rs/src/lib.rs index 49483d70..d1915c90 100644 --- a/pve-rs/src/lib.rs +++ b/pve-rs/src/lib.rs @@ -4,18 +4,18 @@ pub mod common; pub mod apt; -pub mod notify; +pub mod notify_context; pub mod openid; pub mod resource_scheduling; pub mod tfa; #[perlmod::package(name = "Proxmox::Lib::PVE", lib = "pve_rs")] mod export { - use crate::{common, notify}; + use crate::{common, notify_context}; #[export] pub fn init() { common::logger::init("PVE_LOG", "info"); - notify::init(); + notify_context::init(); } } diff --git a/pve-rs/src/notify_context.rs b/pve-rs/src/notify_context.rs new file mode 100644 index 00000000..48623fd8 --- /dev/null +++ b/pve-rs/src/notify_context.rs @@ -0,0 +1,117 @@ +use log; +use std::path::Path; + +use proxmox_notify::context::Context; + +// Some helpers borrowed and slightly adapted from `proxmox-mail-forward` + +fn normalize_for_return(s: Option<&str>) -> Option { + match s?.trim() { + "" => None, + s => Some(s.to_string()), + } +} + +fn attempt_file_read>(path: P) -> Option { + match proxmox_sys::fs::file_read_optional_string(path) { + Ok(contents) => contents, + Err(err) => { + log::error!("{err}"); + None + } + } +} + +fn lookup_mail_address(content: &str, user: &str) -> Option { + normalize_for_return(content.lines().find_map(|line| { + let fields: Vec<&str> = line.split(':').collect(); + #[allow(clippy::get_first)] // to keep expression style consistent + match fields.get(0)?.trim() == "user" && fields.get(1)?.trim() == user { + true => fields.get(6).copied(), + false => None, + } + })) +} + +fn lookup_datacenter_config_key(content: &str, key: &str) -> Option { + let key_prefix = format!("{key}:"); + normalize_for_return( + content + .lines() + .find_map(|line| line.strip_prefix(&key_prefix)), + ) +} + +#[derive(Debug)] +struct PVEContext; + +impl Context for PVEContext { + fn lookup_email_for_user(&self, user: &str) -> Option { + let content = attempt_file_read("/etc/pve/user.cfg"); + content.and_then(|content| lookup_mail_address(&content, user)) + } + + fn default_sendmail_author(&self) -> String { + "Proxmox VE".into() + } + + fn default_sendmail_from(&self) -> String { + let content = attempt_file_read("/etc/pve/datacenter.cfg"); + content + .and_then(|content| lookup_datacenter_config_key(&content, "mail_from")) + .unwrap_or_else(|| String::from("root")) + } + + fn http_proxy_config(&self) -> Option { + let content = attempt_file_read("/etc/pve/datacenter.cfg"); + content.and_then(|content| lookup_datacenter_config_key(&content, "http_proxy")) + } +} + +#[cfg(test)] +mod tests { + use super::*; + + const USER_CONFIG: &str = " +user:root@pam:1:0:::root@example.com::: +user:test@pve:1:0:::test@example.com::: +user:no-mail@pve:1:0:::::: + "; + + #[test] + fn test_parse_mail() { + assert_eq!( + lookup_mail_address(USER_CONFIG, "root@pam"), + Some("root@example.com".to_string()) + ); + assert_eq!( + lookup_mail_address(USER_CONFIG, "test@pve"), + Some("test@example.com".to_string()) + ); + assert_eq!(lookup_mail_address(USER_CONFIG, "no-mail@pve"), None); + } + + const DC_CONFIG: &str = " +email_from: user@example.com +http_proxy: http://localhost:1234 +keyboard: en-us +"; + #[test] + fn test_parse_dc_config() { + assert_eq!( + lookup_datacenter_config_key(DC_CONFIG, "email_from"), + Some("user@example.com".to_string()) + ); + assert_eq!( + lookup_datacenter_config_key(DC_CONFIG, "http_proxy"), + Some("http://localhost:1234".to_string()) + ); + assert_eq!(lookup_datacenter_config_key(DC_CONFIG, "foo"), None); + } +} + +static CONTEXT: PVEContext = PVEContext; + +pub fn init() { + proxmox_notify::context::set_context(&CONTEXT) +} From d5ff7165a2eef0470dc3bb91c662da9d8e813130 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 24 Jul 2023 14:01:23 +0200 Subject: [PATCH 073/114] remove leftover PVE::RS::Notify module Signed-off-by: Wolfgang Bumiller --- pve-rs/Makefile | 1 - 1 file changed, 1 deletion(-) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index 9d737c0c..de35c699 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -27,7 +27,6 @@ PERLMOD_GENPACKAGE := /usr/lib/perlmod/genpackage.pl \ PERLMOD_PACKAGES := \ PVE::RS::APT::Repositories \ - PVE::RS::Notify \ PVE::RS::OpenId \ PVE::RS::ResourceScheduling::Static \ PVE::RS::TFA From af7ff77ac7e8c571340c4be96b87d1f6b252640e Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 24 Jul 2023 14:01:29 +0200 Subject: [PATCH 074/114] bump pve-rs to 0.8.5 Signed-off-by: Wolfgang Bumiller --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/changelog | 6 ++++++ pve-rs/debian/control | 2 ++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 954665f3..2b375c07 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.8.4" +version = "0.8.5" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index 6feacde3..72c5dafa 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,9 @@ +libpve-rs-perl (0.8.5) UNRELEASED; urgency=medium + + * add PVE::RS::Notify module + + -- Proxmox Support Team Mon, 24 Jul 2023 11:18:56 +0200 + libpve-rs-perl (0.8.4) bookworm; urgency=medium * reset failure counts when unlocking second factors diff --git a/pve-rs/debian/control b/pve-rs/debian/control index df3e5cac..f294d1f0 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -11,6 +11,7 @@ Build-Depends: cargo:native , librust-hex-0.4+default-dev, librust-http-0.2+default-dev (>= 0.2.7-~~), librust-libc-0.2+default-dev, + librust-log-0.4+default-dev (>= 0.4.17-~~), librust-nix-0.26+default-dev, librust-openssl-0.10+default-dev (>= 0.10.40-~~), librust-perlmod-0.13+default-dev, @@ -19,6 +20,7 @@ Build-Depends: cargo:native , librust-proxmox-http-0.9+client-sync-dev, librust-proxmox-http-0.9+client-trait-dev, librust-proxmox-http-0.9+default-dev, + librust-proxmox-notify-0.1+default-dev, librust-proxmox-openid-0.10+default-dev, librust-proxmox-resource-scheduling-0.3+default-dev, librust-proxmox-subscription-0.4+default-dev, From 47b7ebbc9650bb5627792bef9810881eb73b0a26 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 24 Jul 2023 14:08:13 +0200 Subject: [PATCH 075/114] common: bump pve-rs dep to 0.8.5 for Proxmox::RS::Notify Note: this is more of a soft requirement, since as long as the Notify module isn't loaded we don't need the latest version. This is important to keep in mind since we do not currently have a `pmg-rs` notify `Context` implementation and thus cannot depend on a newer `pmg-rs`. However, as long as pmg code doesn't try to *use* the Notify module, this won't be a problem. Signed-off-by: Wolfgang Bumiller --- common/pkg/debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/pkg/debian/control b/common/pkg/debian/control index 6fdf25e3..c01fcd89 100644 --- a/common/pkg/debian/control +++ b/common/pkg/debian/control @@ -13,7 +13,7 @@ Package: libproxmox-rs-perl Architecture: any # always bump both versioned Depends and Breaks, otherwise systems with both # libpmg-rs-perl and libpve-rs-perl might load an outdated lib and break -Depends: libpve-rs-perl (>= 0.7.2) | libpmg-rs-perl (>= 0.6.2), +Depends: libpve-rs-perl (>= 0.8.5) | libpmg-rs-perl (>= 0.6.2), ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, From 2be21ff9fab63f04de27dbe77fb17f89c201c9a0 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 24 Jul 2023 14:02:32 +0200 Subject: [PATCH 076/114] bump common to 0.3.1 Signed-off-by: Wolfgang Bumiller --- common/pkg/debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/common/pkg/debian/changelog b/common/pkg/debian/changelog index aeb227fb..9c1fe1c2 100644 --- a/common/pkg/debian/changelog +++ b/common/pkg/debian/changelog @@ -1,3 +1,9 @@ +libproxmox-rs-perl (0.3.1) bookworm; urgency=medium + + * add Proxmox::RS::Notify module + + -- Proxmox Support Team Mon, 24 Jul 2023 14:02:17 +0200 + libproxmox-rs-perl (0.3.0) bookworm; urgency=medium * rebuild for Debian 12 Bookworm based release series From 76b63ed6a802b3c0ff83edc934b0892b3c9d8f86 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Wed, 26 Jul 2023 16:18:24 +0200 Subject: [PATCH 077/114] notify: use new HttpError type Use `proxmox-http-error::HttpError` instead of `proxmox-notify::api::ApiError`. Also factoring out the digest decoding into a small helper. Signed-off-by: Lukas Wagner --- common/src/notify.rs | 77 +++++++++++++++++++++++--------------------- pve-rs/Cargo.toml | 1 + 2 files changed, 42 insertions(+), 36 deletions(-) diff --git a/common/src/notify.rs b/common/src/notify.rs index c8ca5334..9f44225b 100644 --- a/common/src/notify.rs +++ b/common/src/notify.rs @@ -5,6 +5,7 @@ mod export { use serde_json::Value as JSONValue; use std::sync::Mutex; + use proxmox_http_error::HttpError; use proxmox_notify::endpoints::gotify::{ DeleteableGotifyProperty, GotifyConfig, GotifyConfigUpdater, GotifyPrivateConfig, GotifyPrivateConfigUpdater, @@ -16,7 +17,7 @@ mod export { DeleteableFilterProperty, FilterConfig, FilterConfigUpdater, FilterModeOperator, }; use proxmox_notify::group::{DeleteableGroupProperty, GroupConfig, GroupConfigUpdater}; - use proxmox_notify::{api, api::ApiError, Config, Notification, Severity}; + use proxmox_notify::{api, Config, Notification, Severity}; pub struct NotificationConfig { config: Mutex, @@ -91,7 +92,7 @@ mod export { title: String, body: String, properties: Option, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let config = this.config.lock().unwrap(); let notification = Notification { @@ -108,13 +109,15 @@ mod export { fn test_target( #[try_from_ref] this: &NotificationConfig, target: &str, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let config = this.config.lock().unwrap(); api::common::test_target(&config, target) } #[export(serialize_error)] - fn get_groups(#[try_from_ref] this: &NotificationConfig) -> Result, ApiError> { + fn get_groups( + #[try_from_ref] this: &NotificationConfig, + ) -> Result, HttpError> { let config = this.config.lock().unwrap(); api::group::get_groups(&config) } @@ -123,7 +126,7 @@ mod export { fn get_group( #[try_from_ref] this: &NotificationConfig, id: &str, - ) -> Result { + ) -> Result { let config = this.config.lock().unwrap(); api::group::get_group(&config, id) } @@ -135,7 +138,7 @@ mod export { endpoints: Vec, comment: Option, filter: Option, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::group::add_group( &mut config, @@ -157,11 +160,9 @@ mod export { filter: Option, delete: Option>, digest: Option<&str>, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); - let digest = digest.map(hex::decode).transpose().map_err(|e| { - ApiError::internal_server_error(format!("invalid digest: {e}"), Some(Box::new(e))) - })?; + let digest = decode_digest(digest)?; api::group::update_group( &mut config, @@ -177,7 +178,10 @@ mod export { } #[export(serialize_error)] - fn delete_group(#[try_from_ref] this: &NotificationConfig, name: &str) -> Result<(), ApiError> { + fn delete_group( + #[try_from_ref] this: &NotificationConfig, + name: &str, + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::group::delete_group(&mut config, name) } @@ -185,7 +189,7 @@ mod export { #[export(serialize_error)] fn get_sendmail_endpoints( #[try_from_ref] this: &NotificationConfig, - ) -> Result, ApiError> { + ) -> Result, HttpError> { let config = this.config.lock().unwrap(); api::sendmail::get_endpoints(&config) } @@ -194,7 +198,7 @@ mod export { fn get_sendmail_endpoint( #[try_from_ref] this: &NotificationConfig, id: &str, - ) -> Result { + ) -> Result { let config = this.config.lock().unwrap(); api::sendmail::get_endpoint(&config, id) } @@ -210,7 +214,7 @@ mod export { author: Option, comment: Option, filter: Option, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::sendmail::add_endpoint( @@ -240,11 +244,9 @@ mod export { filter: Option, delete: Option>, digest: Option<&str>, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); - let digest = digest.map(hex::decode).transpose().map_err(|e| { - ApiError::internal_server_error(format!("invalid digest: {e}"), Some(Box::new(e))) - })?; + let digest = decode_digest(digest)?; api::sendmail::update_endpoint( &mut config, @@ -266,7 +268,7 @@ mod export { fn delete_sendmail_endpoint( #[try_from_ref] this: &NotificationConfig, name: &str, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::sendmail::delete_endpoint(&mut config, name) } @@ -274,7 +276,7 @@ mod export { #[export(serialize_error)] fn get_gotify_endpoints( #[try_from_ref] this: &NotificationConfig, - ) -> Result, ApiError> { + ) -> Result, HttpError> { let config = this.config.lock().unwrap(); api::gotify::get_endpoints(&config) } @@ -283,7 +285,7 @@ mod export { fn get_gotify_endpoint( #[try_from_ref] this: &NotificationConfig, id: &str, - ) -> Result { + ) -> Result { let config = this.config.lock().unwrap(); api::gotify::get_endpoint(&config, id) } @@ -296,7 +298,7 @@ mod export { token: String, comment: Option, filter: Option, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::gotify::add_endpoint( &mut config, @@ -321,11 +323,9 @@ mod export { filter: Option, delete: Option>, digest: Option<&str>, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); - let digest = digest.map(hex::decode).transpose().map_err(|e| { - ApiError::internal_server_error(format!("invalid digest: {e}"), Some(Box::new(e))) - })?; + let digest = decode_digest(digest)?; api::gotify::update_endpoint( &mut config, @@ -345,7 +345,7 @@ mod export { fn delete_gotify_endpoint( #[try_from_ref] this: &NotificationConfig, name: &str, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::gotify::delete_gotify_endpoint(&mut config, name) } @@ -353,7 +353,7 @@ mod export { #[export(serialize_error)] fn get_filters( #[try_from_ref] this: &NotificationConfig, - ) -> Result, ApiError> { + ) -> Result, HttpError> { let config = this.config.lock().unwrap(); api::filter::get_filters(&config) } @@ -362,7 +362,7 @@ mod export { fn get_filter( #[try_from_ref] this: &NotificationConfig, id: &str, - ) -> Result { + ) -> Result { let config = this.config.lock().unwrap(); api::filter::get_filter(&config, id) } @@ -376,7 +376,7 @@ mod export { mode: Option, invert_match: Option, comment: Option, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::filter::add_filter( &mut config, @@ -401,11 +401,9 @@ mod export { comment: Option, delete: Option>, digest: Option<&str>, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); - let digest = digest.map(hex::decode).transpose().map_err(|e| { - ApiError::internal_server_error(format!("invalid digest: {e}"), Some(Box::new(e))) - })?; + let digest = decode_digest(digest)?; api::filter::update_filter( &mut config, @@ -425,7 +423,7 @@ mod export { fn delete_filter( #[try_from_ref] this: &NotificationConfig, name: &str, - ) -> Result<(), ApiError> { + ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::filter::delete_filter(&mut config, name) } @@ -434,8 +432,15 @@ mod export { fn get_referenced_entities( #[try_from_ref] this: &NotificationConfig, name: &str, - ) -> Result, ApiError> { + ) -> Result, HttpError> { let config = this.config.lock().unwrap(); api::common::get_referenced_entities(&config, name) } + + fn decode_digest(digest: Option<&str>) -> Result>, HttpError> { + digest + .map(hex::decode) + .transpose() + .map_err(|e| api::http_err!(BAD_REQUEST, "invalid digest: {e}")) + } } diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 2b375c07..222fdf5b 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -35,6 +35,7 @@ perlmod = { version = "0.13", features = [ "exporter" ] } proxmox-apt = "0.10" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } +proxmox-http-error = "0.1.0" proxmox-notify = "0.1" proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" From 8ff4471ee6c0d843f3dd51b8623ee6e933beb327 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Fri, 28 Jul 2023 11:51:23 +0200 Subject: [PATCH 078/114] bump notify dependency Signed-off-by: Wolfgang Bumiller --- pve-rs/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 222fdf5b..afd50f46 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -36,7 +36,7 @@ perlmod = { version = "0.13", features = [ "exporter" ] } proxmox-apt = "0.10" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-http-error = "0.1.0" -proxmox-notify = "0.1" +proxmox-notify = "0.2" proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" proxmox-subscription = "0.4" From e52b4ea877efb25e35448d5017936752cc20c53d Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Fri, 28 Jul 2023 11:50:54 +0200 Subject: [PATCH 079/114] bump d/control Signed-off-by: Wolfgang Bumiller --- pve-rs/debian/control | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pve-rs/debian/control b/pve-rs/debian/control index f294d1f0..081b744e 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -20,7 +20,8 @@ Build-Depends: cargo:native , librust-proxmox-http-0.9+client-sync-dev, librust-proxmox-http-0.9+client-trait-dev, librust-proxmox-http-0.9+default-dev, - librust-proxmox-notify-0.1+default-dev, + librust-proxmox-http-error-0.1+default-dev, + librust-proxmox-notify-0.2+default-dev, librust-proxmox-openid-0.10+default-dev, librust-proxmox-resource-scheduling-0.3+default-dev, librust-proxmox-subscription-0.4+default-dev, From 8d031134e15df00221fb26bd2158008a84ec520e Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Tue, 5 Sep 2023 16:32:45 +0200 Subject: [PATCH 080/114] bump version to 0.8.6 Signed-off-by: Thomas Lamprecht --- pve-rs/Cargo.toml | 4 ++-- pve-rs/debian/changelog | 8 +++++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index afd50f46..f9e3291e 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.8.5" +version = "0.8.6" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] @@ -33,7 +33,7 @@ url = "2" perlmod = { version = "0.13", features = [ "exporter" ] } -proxmox-apt = "0.10" +proxmox-apt = "0.10.6" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-http-error = "0.1.0" proxmox-notify = "0.2" diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index 72c5dafa..b7d0d4a1 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,4 +1,10 @@ -libpve-rs-perl (0.8.5) UNRELEASED; urgency=medium +libpve-rs-perl (0.8.6) bookworm; urgency=medium + + * re-build with newer proxmox-apt depenceny to make Ceph Reef repo available + + -- Proxmox Support Team Tue, 05 Sep 2023 15:37:44 +0200 + +libpve-rs-perl (0.8.5) bookworm; urgency=medium * add PVE::RS::Notify module From 50f372fe7e5d88f6c42ced527eb2190db8e44c24 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Mon, 2 Oct 2023 09:40:49 +0200 Subject: [PATCH 081/114] notify context: fix 'default_sendmail_from' context method The name of the configuration option in datacenter.cfg is `email_from` and not `mail_from`. Signed-off-by: Lukas Wagner --- pve-rs/src/notify_context.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pve-rs/src/notify_context.rs b/pve-rs/src/notify_context.rs index 48623fd8..3cf3e189 100644 --- a/pve-rs/src/notify_context.rs +++ b/pve-rs/src/notify_context.rs @@ -58,7 +58,7 @@ impl Context for PVEContext { fn default_sendmail_from(&self) -> String { let content = attempt_file_read("/etc/pve/datacenter.cfg"); content - .and_then(|content| lookup_datacenter_config_key(&content, "mail_from")) + .and_then(|content| lookup_datacenter_config_key(&content, "email_from")) .unwrap_or_else(|| String::from("root")) } From 4c6cc7e2417e218572f2b971a2afeec2391d65fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= Date: Tue, 3 Oct 2023 09:59:58 +0200 Subject: [PATCH 082/114] update to env_logger 0.10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Fabian Grünbichler --- pmg-rs/Cargo.toml | 2 +- pmg-rs/debian/control | 2 +- pve-rs/Cargo.toml | 2 +- pve-rs/debian/control | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 6f4ca639..935b7381 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -19,7 +19,7 @@ crate-type = [ "cdylib" ] [dependencies] anyhow = "1.0" -env_logger = "0.9" +env_logger = "0.10" hex = "0.4" http = "0.2.7" libc = "0.2" diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 2ffa2820..ca80263d 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -5,7 +5,7 @@ Build-Depends: cargo:native , debhelper-compat (= 13), dh-cargo (>= 25), librust-anyhow-1+default-dev, - librust-env-logger-0.9+default-dev, + librust-env-logger-0.10+default-dev, librust-hex-0.4+default-dev, librust-http-0.2+default-dev (>= 0.2.7-~~), librust-libc-0.2+default-dev, diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index f9e3291e..e222d9da 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -19,7 +19,7 @@ crate-type = [ "cdylib" ] anyhow = "1.0" base32 = "0.4" base64 = "0.13" -env_logger = "0.9" +env_logger = "0.10" hex = "0.4" http = "0.2.7" libc = "0.2" diff --git a/pve-rs/debian/control b/pve-rs/debian/control index 081b744e..27708436 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -7,7 +7,7 @@ Build-Depends: cargo:native , librust-anyhow-1+default-dev, librust-base32-0.4+default-dev, librust-base64-0.13+default-dev, - librust-env-logger-0.9+default-dev, + librust-env-logger-0.10+default-dev, librust-hex-0.4+default-dev, librust-http-0.2+default-dev (>= 0.2.7-~~), librust-libc-0.2+default-dev, From e9c2ba606d12bfb82b03b46c44580e7e2f033e0b Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 4 Oct 2023 09:06:37 +0200 Subject: [PATCH 083/114] pmg: buildsys: add notify related dependencies Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 ++ pmg-rs/debian/control | 2 ++ 2 files changed, 4 insertions(+) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 935b7381..0c07217f 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -35,6 +35,8 @@ perlmod = { version = "0.13", features = [ "exporter" ] } proxmox-acme-rs = { version = "0.4", features = ["client"] } proxmox-apt = "0.10" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } +proxmox-http-error = "0.1.0" +proxmox-notify = "0.2" proxmox-subscription = "0.4" proxmox-sys = "0.5" proxmox-tfa = { version = "4.0.4", features = ["api"] } diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index ca80263d..cbb117e6 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -19,6 +19,8 @@ Build-Depends: cargo:native , librust-proxmox-http-0.9+client-sync-dev, librust-proxmox-http-0.9+client-trait-dev, librust-proxmox-http-0.9+default-dev, + librust-proxmox-http-error-0.1+default-dev, + librust-proxmox-notify-0.2+default-dev, librust-proxmox-subscription-0.4+default-dev, librust-proxmox-sys-0.5+default-dev, librust-proxmox-tfa-4+api-dev (>= 4.0.4-~~), From e3bc763de48b6b1a7b5579742a4bb22d128804b1 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 4 Oct 2023 09:03:28 +0200 Subject: [PATCH 084/114] pmg: switch acme to use magic Instead of blessed raw pointers as these can easily lead to double free corruptions when they're copied in perl. Signed-off-by: Wolfgang Bumiller --- pmg-rs/src/acme.rs | 44 +++++++++++--------------------------------- 1 file changed, 11 insertions(+), 33 deletions(-) diff --git a/pmg-rs/src/acme.rs b/pmg-rs/src/acme.rs index 9fc8c9c0..b38e1eae 100644 --- a/pmg-rs/src/acme.rs +++ b/pmg-rs/src/acme.rs @@ -182,7 +182,6 @@ impl Inner { #[perlmod::package(name = "PMG::RS::Acme")] pub mod export { use std::collections::HashMap; - use std::convert::TryFrom; use std::sync::Mutex; use anyhow::Error; @@ -195,54 +194,33 @@ pub mod export { use super::{AccountData, Inner}; - const CLASSNAME: &str = "PMG::RS::Acme"; + perlmod::declare_magic!(Box : &Acme as "PMG::RS::Acme"); /// An Acme client instance. pub struct Acme { inner: Mutex, } - impl<'a> TryFrom<&'a Value> for &'a Acme { - type Error = Error; - - fn try_from(value: &'a Value) -> Result<&'a Acme, Error> { - Ok(unsafe { value.from_blessed_box(CLASSNAME)? }) - } - } - - fn bless(class: Value, mut ptr: Box) -> Result { - let value = Value::new_pointer::(&mut *ptr); - let value = Value::new_ref(&value); - let this = value.bless_sv(&class)?; - let _perl = Box::leak(ptr); - Ok(this) - } - /// Create a new ACME client instance given an account path and an API directory URL. #[export(raw_return)] pub fn new(#[raw] class: Value, api_directory: String) -> Result { - bless( - class, - Box::new(Acme { + Ok(perlmod::instantiate_magic!( + &class, + MAGIC => Box::new(Acme { inner: Mutex::new(Inner::new(api_directory)?), - }), - ) + }) + )) } /// Load an existing account. #[export(raw_return)] pub fn load(#[raw] class: Value, account_path: String) -> Result { - bless( - class, - Box::new(Acme { + Ok(perlmod::instantiate_magic!( + &class, + MAGIC => Box::new(Acme { inner: Mutex::new(Inner::load(account_path)?), - }), - ) - } - - #[export(name = "DESTROY")] - fn destroy(#[raw] this: Value) { - perlmod::destructor!(this, Acme: CLASSNAME); + }) + )) } /// Create a new account. From 1c2ff27e75d6027964993d8e840af1e10caed464 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 4 Oct 2023 09:09:44 +0200 Subject: [PATCH 085/114] pve: switch openid to use magic Instead of blessed raw pointers as these can easily lead to double free corruptions when they're copied in perl. Signed-off-by: Wolfgang Bumiller --- pve-rs/src/openid/mod.rs | 34 ++++++---------------------------- 1 file changed, 6 insertions(+), 28 deletions(-) diff --git a/pve-rs/src/openid/mod.rs b/pve-rs/src/openid/mod.rs index 8572221f..1fa7572e 100644 --- a/pve-rs/src/openid/mod.rs +++ b/pve-rs/src/openid/mod.rs @@ -1,6 +1,5 @@ #[perlmod::package(name = "PVE::RS::OpenId", lib = "pve_rs")] mod export { - use std::convert::TryFrom; use std::sync::Mutex; use anyhow::Error; @@ -9,34 +8,13 @@ mod export { use proxmox_openid::{OpenIdAuthenticator, OpenIdConfig, PrivateAuthState}; - const CLASSNAME: &str = "PVE::RS::OpenId"; + perlmod::declare_magic!(Box : &OpenId as "PVE::RS::OpenId"); /// An OpenIdAuthenticator client instance. pub struct OpenId { inner: Mutex, } - impl<'a> TryFrom<&'a Value> for &'a OpenId { - type Error = Error; - - fn try_from(value: &'a Value) -> Result<&'a OpenId, Error> { - Ok(unsafe { value.from_blessed_box(CLASSNAME)? }) - } - } - - fn bless(class: Value, mut ptr: Box) -> Result { - let value = Value::new_pointer::(&mut *ptr); - let value = Value::new_ref(&value); - let this = value.bless_sv(&class)?; - let _perl = Box::leak(ptr); - Ok(this) - } - - #[export(name = "DESTROY")] - fn destroy(#[raw] this: Value) { - perlmod::destructor!(this, OpenId: CLASSNAME); - } - /// Create a new OpenId client instance #[export(raw_return)] pub fn discover( @@ -45,12 +23,12 @@ mod export { redirect_url: &str, ) -> Result { let open_id = OpenIdAuthenticator::discover(&config, redirect_url)?; - bless( - class, - Box::new(OpenId { + Ok(perlmod::instantiate_magic!( + &class, + MAGIC => Box::new(OpenId { inner: Mutex::new(open_id), - }), - ) + }) + )) } #[export] From c8d4db78360264b6be73d2062adba7e4965a1ad6 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Fri, 6 Oct 2023 09:09:15 +0200 Subject: [PATCH 086/114] bump perlmod to 0.13.4 for use_safe_putenv Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 0c07217f..573d5663 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -30,7 +30,7 @@ serde_bytes = "0.11" serde_json = "1.0" url = "2" -perlmod = { version = "0.13", features = [ "exporter" ] } +perlmod = { version = "0.13.4", features = [ "exporter" ] } proxmox-acme-rs = { version = "0.4", features = ["client"] } proxmox-apt = "0.10" From a04d26b0d22071192f247cd52d95d4fb7070f5d6 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Fri, 6 Oct 2023 09:09:36 +0200 Subject: [PATCH 087/114] expose use_safe_putenv via Proxmox::Lib::PMG Signed-off-by: Wolfgang Bumiller --- pmg-rs/src/lib.rs | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pmg-rs/src/lib.rs b/pmg-rs/src/lib.rs index 6b7ee4c2..4a916320 100644 --- a/pmg-rs/src/lib.rs +++ b/pmg-rs/src/lib.rs @@ -14,4 +14,12 @@ mod export { pub fn init() { common::logger::init("PMG_LOG", "info"); } + + /// CLI tools should call this very early. This is a workaround causing environment variable + /// manipulation to leak instead of crash. Required when calling into rust code that causes + /// `setenv` calls, particularly code using the openssl crate. + #[export] + pub fn use_safe_putenv() { + perlmod::ffi::use_safe_putenv(true); + } } From 14a3de9826ad158310f5784a2103a977469c3f59 Mon Sep 17 00:00:00 2001 From: Fiona Ebner Date: Tue, 21 Mar 2023 17:44:51 +0100 Subject: [PATCH 088/114] pve: test: resource scheduling: add test where memory is secondary to CPU because memory usage differences are small. Signed-off-by: Fiona Ebner --- pve-rs/test/resource_scheduling.pl | 46 ++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/pve-rs/test/resource_scheduling.pl b/pve-rs/test/resource_scheduling.pl index fbedfe16..c6724a4d 100755 --- a/pve-rs/test/resource_scheduling.pl +++ b/pve-rs/test/resource_scheduling.pl @@ -86,8 +86,54 @@ sub test_overcommitted { is($nodes[3], "A", 'fourth should be A'); } +sub test_balance_small_memory_difference_with_start_load { + my $static = PVE::RS::ResourceScheduling::Static->new(); + # Memory is different to avoid flaky results with what would otherwise be ties. + $static->add_node("A", 8, 10_000_000_000); + $static->add_node("B", 4, 9_000_000_000); + $static->add_node("C", 4, 8_000_000_000); + + $static->add_service_usage_to_node("A", { maxcpu => 4, maxmem => 1_000_000_000 }); + $static->add_service_usage_to_node("B", { maxcpu => 2, maxmem => 1_000_000_000 }); + $static->add_service_usage_to_node("C", { maxcpu => 2, maxmem => 1_000_000_000 }); + + my $service = { + maxcpu => 3, + maxmem => 16_000_000, + }; + + for (my $i = 0; $i < 20; $i++) { + my $score_list = $static->score_nodes_to_start_service($service); + + # imitate HA manager + my $scores = { map { $_->[0] => -$_->[1] } $score_list->@* }; + my @nodes = sort { + $scores->{$a} <=> $scores->{$b} || $a cmp $b + } keys $scores->%*; + + if ($i % 4 <= 1) { + is($nodes[0], "A", 'first should be A'); + is($nodes[1], "B", 'second should be B'); + is($nodes[2], "C", 'third should be C'); + } elsif ($i % 4 == 2) { + is($nodes[0], "B", 'first should be B'); + is($nodes[1], "C", 'second should be C'); + is($nodes[2], "A", 'third should be A'); + } elsif ($i % 4 == 3) { + is($nodes[0], "C", 'first should be C'); + is($nodes[1], "A", 'second should be A'); + is($nodes[2], "B", 'third should be B'); + } else { + die "internal error, got $i % 4 == " . ($i % 4) . "\n"; + } + + $static->add_service_usage_to_node($nodes[0], $service); + } +} + test_basic(); test_balance(); test_overcommitted(); +test_balance_small_memory_difference_with_start_load(); done_testing(); From bfc7f2c518934f94b40dc63c23bae6ee97849c88 Mon Sep 17 00:00:00 2001 From: Fiona Ebner Date: Tue, 21 Mar 2023 17:44:52 +0100 Subject: [PATCH 089/114] pve: test: resource scheduling: add another test where memory is secondary to CPU but this time, without any start load on the node. This test fails with librust-proxmox-resource-scheduling-dev=0.2.0-1 Signed-off-by: Fiona Ebner --- pve-rs/test/resource_scheduling.pl | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/pve-rs/test/resource_scheduling.pl b/pve-rs/test/resource_scheduling.pl index c6724a4d..e3b7d2e3 100755 --- a/pve-rs/test/resource_scheduling.pl +++ b/pve-rs/test/resource_scheduling.pl @@ -86,16 +86,20 @@ sub test_overcommitted { is($nodes[3], "A", 'fourth should be A'); } -sub test_balance_small_memory_difference_with_start_load { +sub test_balance_small_memory_difference { + my ($with_start_load) = @_; + my $static = PVE::RS::ResourceScheduling::Static->new(); # Memory is different to avoid flaky results with what would otherwise be ties. $static->add_node("A", 8, 10_000_000_000); $static->add_node("B", 4, 9_000_000_000); $static->add_node("C", 4, 8_000_000_000); - $static->add_service_usage_to_node("A", { maxcpu => 4, maxmem => 1_000_000_000 }); - $static->add_service_usage_to_node("B", { maxcpu => 2, maxmem => 1_000_000_000 }); - $static->add_service_usage_to_node("C", { maxcpu => 2, maxmem => 1_000_000_000 }); + if ($with_start_load) { + $static->add_service_usage_to_node("A", { maxcpu => 4, maxmem => 1_000_000_000 }); + $static->add_service_usage_to_node("B", { maxcpu => 2, maxmem => 1_000_000_000 }); + $static->add_service_usage_to_node("C", { maxcpu => 2, maxmem => 1_000_000_000 }); + } my $service = { maxcpu => 3, @@ -134,6 +138,7 @@ sub test_balance_small_memory_difference_with_start_load { test_basic(); test_balance(); test_overcommitted(); -test_balance_small_memory_difference_with_start_load(); +test_balance_small_memory_difference(1); +test_balance_small_memory_difference(0); done_testing(); From 29602a4b018eef7a27e12556ccb72c62282d0de7 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Tue, 14 Nov 2023 13:59:24 +0100 Subject: [PATCH 090/114] notify: adapt to new matcher-based notification routing Signed-off-by: Lukas Wagner --- common/src/notify.rs | 169 +++++++++++++------------------------------ 1 file changed, 51 insertions(+), 118 deletions(-) diff --git a/common/src/notify.rs b/common/src/notify.rs index 9f44225b..4fbd705c 100644 --- a/common/src/notify.rs +++ b/common/src/notify.rs @@ -1,10 +1,12 @@ #[perlmod::package(name = "Proxmox::RS::Notify")] mod export { - use anyhow::{bail, Error}; - use perlmod::Value; - use serde_json::Value as JSONValue; + use std::collections::HashMap; use std::sync::Mutex; + use anyhow::{bail, Error}; + use serde_json::Value as JSONValue; + + use perlmod::Value; use proxmox_http_error::HttpError; use proxmox_notify::endpoints::gotify::{ DeleteableGotifyProperty, GotifyConfig, GotifyConfigUpdater, GotifyPrivateConfig, @@ -13,10 +15,10 @@ mod export { use proxmox_notify::endpoints::sendmail::{ DeleteableSendmailProperty, SendmailConfig, SendmailConfigUpdater, }; - use proxmox_notify::filter::{ - DeleteableFilterProperty, FilterConfig, FilterConfigUpdater, FilterModeOperator, + use proxmox_notify::matcher::{ + CalendarMatcher, DeleteableMatcherProperty, FieldMatcher, MatchModeOperator, MatcherConfig, + MatcherConfigUpdater, SeverityMatcher, }; - use proxmox_notify::group::{DeleteableGroupProperty, GroupConfig, GroupConfigUpdater}; use proxmox_notify::{api, Config, Notification, Severity}; pub struct NotificationConfig { @@ -87,22 +89,22 @@ mod export { #[export(serialize_error)] fn send( #[try_from_ref] this: &NotificationConfig, - channel: &str, severity: Severity, title: String, body: String, - properties: Option, + template_data: Option, + fields: Option>, ) -> Result<(), HttpError> { let config = this.config.lock().unwrap(); - - let notification = Notification { + let notification = Notification::new_templated( severity, title, body, - properties, - }; + template_data.unwrap_or_default(), + fields.unwrap_or_default(), + ); - api::common::send(&config, channel, ¬ification) + api::common::send(&config, ¬ification) } #[export(serialize_error)] @@ -114,78 +116,6 @@ mod export { api::common::test_target(&config, target) } - #[export(serialize_error)] - fn get_groups( - #[try_from_ref] this: &NotificationConfig, - ) -> Result, HttpError> { - let config = this.config.lock().unwrap(); - api::group::get_groups(&config) - } - - #[export(serialize_error)] - fn get_group( - #[try_from_ref] this: &NotificationConfig, - id: &str, - ) -> Result { - let config = this.config.lock().unwrap(); - api::group::get_group(&config, id) - } - - #[export(serialize_error)] - fn add_group( - #[try_from_ref] this: &NotificationConfig, - name: String, - endpoints: Vec, - comment: Option, - filter: Option, - ) -> Result<(), HttpError> { - let mut config = this.config.lock().unwrap(); - api::group::add_group( - &mut config, - &GroupConfig { - name, - endpoint: endpoints, - comment, - filter, - }, - ) - } - - #[export(serialize_error)] - fn update_group( - #[try_from_ref] this: &NotificationConfig, - name: &str, - endpoints: Option>, - comment: Option, - filter: Option, - delete: Option>, - digest: Option<&str>, - ) -> Result<(), HttpError> { - let mut config = this.config.lock().unwrap(); - let digest = decode_digest(digest)?; - - api::group::update_group( - &mut config, - name, - &GroupConfigUpdater { - endpoint: endpoints, - comment, - filter, - }, - delete.as_deref(), - digest.as_deref(), - ) - } - - #[export(serialize_error)] - fn delete_group( - #[try_from_ref] this: &NotificationConfig, - name: &str, - ) -> Result<(), HttpError> { - let mut config = this.config.lock().unwrap(); - api::group::delete_group(&mut config, name) - } - #[export(serialize_error)] fn get_sendmail_endpoints( #[try_from_ref] this: &NotificationConfig, @@ -213,7 +143,6 @@ mod export { from_address: Option, author: Option, comment: Option, - filter: Option, ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); @@ -226,7 +155,7 @@ mod export { from_address, author, comment, - filter, + filter: None, }, ) } @@ -241,7 +170,6 @@ mod export { from_address: Option, author: Option, comment: Option, - filter: Option, delete: Option>, digest: Option<&str>, ) -> Result<(), HttpError> { @@ -257,7 +185,6 @@ mod export { from_address, author, comment, - filter, }, delete.as_deref(), digest.as_deref(), @@ -297,7 +224,6 @@ mod export { server: String, token: String, comment: Option, - filter: Option, ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::gotify::add_endpoint( @@ -306,7 +232,7 @@ mod export { name: name.clone(), server, comment, - filter, + filter: None, }, &GotifyPrivateConfig { name, token }, ) @@ -320,7 +246,6 @@ mod export { server: Option, token: Option, comment: Option, - filter: Option, delete: Option>, digest: Option<&str>, ) -> Result<(), HttpError> { @@ -330,11 +255,7 @@ mod export { api::gotify::update_endpoint( &mut config, name, - &GotifyConfigUpdater { - server, - comment, - filter, - }, + &GotifyConfigUpdater { server, comment }, &GotifyPrivateConfigUpdater { token }, delete.as_deref(), digest.as_deref(), @@ -351,38 +272,44 @@ mod export { } #[export(serialize_error)] - fn get_filters( + fn get_matchers( #[try_from_ref] this: &NotificationConfig, - ) -> Result, HttpError> { + ) -> Result, HttpError> { let config = this.config.lock().unwrap(); - api::filter::get_filters(&config) + api::matcher::get_matchers(&config) } #[export(serialize_error)] - fn get_filter( + fn get_matcher( #[try_from_ref] this: &NotificationConfig, id: &str, - ) -> Result { + ) -> Result { let config = this.config.lock().unwrap(); - api::filter::get_filter(&config, id) + api::matcher::get_matcher(&config, id) } #[export(serialize_error)] #[allow(clippy::too_many_arguments)] - fn add_filter( + fn add_matcher( #[try_from_ref] this: &NotificationConfig, name: String, - min_severity: Option, - mode: Option, + target: Option>, + match_severity: Option>, + match_field: Option>, + match_calendar: Option>, + mode: Option, invert_match: Option, comment: Option, ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); - api::filter::add_filter( + api::matcher::add_matcher( &mut config, - &FilterConfig { + &MatcherConfig { name, - min_severity, + match_severity, + match_field, + match_calendar, + target, mode, invert_match, comment, @@ -392,24 +319,30 @@ mod export { #[export(serialize_error)] #[allow(clippy::too_many_arguments)] - fn update_filter( + fn update_matcher( #[try_from_ref] this: &NotificationConfig, name: &str, - min_severity: Option, - mode: Option, + target: Option>, + match_severity: Option>, + match_field: Option>, + match_calendar: Option>, + mode: Option, invert_match: Option, comment: Option, - delete: Option>, + delete: Option>, digest: Option<&str>, ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); let digest = decode_digest(digest)?; - api::filter::update_filter( + api::matcher::update_matcher( &mut config, name, - &FilterConfigUpdater { - min_severity, + &MatcherConfigUpdater { + match_severity, + match_field, + match_calendar, + target, mode, invert_match, comment, @@ -420,12 +353,12 @@ mod export { } #[export(serialize_error)] - fn delete_filter( + fn delete_matcher( #[try_from_ref] this: &NotificationConfig, name: &str, ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); - api::filter::delete_filter(&mut config, name) + api::matcher::delete_matcher(&mut config, name) } #[export] From 7f8cb0c5c32af32d032a78a29e2b7f9cef1fd5f9 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Tue, 14 Nov 2023 13:59:25 +0100 Subject: [PATCH 091/114] notify: add bindings for smtp API calls Signed-off-by: Lukas Wagner --- common/src/notify.rs | 106 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) diff --git a/common/src/notify.rs b/common/src/notify.rs index 4fbd705c..8a6d76e2 100644 --- a/common/src/notify.rs +++ b/common/src/notify.rs @@ -15,6 +15,10 @@ mod export { use proxmox_notify::endpoints::sendmail::{ DeleteableSendmailProperty, SendmailConfig, SendmailConfigUpdater, }; + use proxmox_notify::endpoints::smtp::{ + DeleteableSmtpProperty, SmtpConfig, SmtpConfigUpdater, SmtpMode, SmtpPrivateConfig, + SmtpPrivateConfigUpdater, + }; use proxmox_notify::matcher::{ CalendarMatcher, DeleteableMatcherProperty, FieldMatcher, MatchModeOperator, MatcherConfig, MatcherConfigUpdater, SeverityMatcher, @@ -271,6 +275,108 @@ mod export { api::gotify::delete_gotify_endpoint(&mut config, name) } + #[export(serialize_error)] + fn get_smtp_endpoints( + #[try_from_ref] this: &NotificationConfig, + ) -> Result, HttpError> { + let config = this.config.lock().unwrap(); + api::smtp::get_endpoints(&config) + } + + #[export(serialize_error)] + fn get_smtp_endpoint( + #[try_from_ref] this: &NotificationConfig, + id: &str, + ) -> Result { + let config = this.config.lock().unwrap(); + api::smtp::get_endpoint(&config, id) + } + + #[export(serialize_error)] + #[allow(clippy::too_many_arguments)] + fn add_smtp_endpoint( + #[try_from_ref] this: &NotificationConfig, + name: String, + server: String, + port: Option, + mode: Option, + username: Option, + password: Option, + mailto: Option>, + mailto_user: Option>, + from_address: String, + author: Option, + comment: Option, + ) -> Result<(), HttpError> { + let mut config = this.config.lock().unwrap(); + api::smtp::add_endpoint( + &mut config, + &SmtpConfig { + name: name.clone(), + server, + port, + mode, + username, + mailto, + mailto_user, + from_address, + author, + comment, + }, + &SmtpPrivateConfig { name, password }, + ) + } + + #[export(serialize_error)] + #[allow(clippy::too_many_arguments)] + fn update_smtp_endpoint( + #[try_from_ref] this: &NotificationConfig, + name: &str, + server: Option, + port: Option, + mode: Option, + username: Option, + password: Option, + mailto: Option>, + mailto_user: Option>, + from_address: Option, + author: Option, + comment: Option, + delete: Option>, + digest: Option<&str>, + ) -> Result<(), HttpError> { + let mut config = this.config.lock().unwrap(); + let digest = decode_digest(digest)?; + + api::smtp::update_endpoint( + &mut config, + name, + &SmtpConfigUpdater { + server, + port, + mode, + username, + mailto, + mailto_user, + from_address, + author, + comment, + }, + &SmtpPrivateConfigUpdater { password }, + delete.as_deref(), + digest.as_deref(), + ) + } + + #[export(serialize_error)] + fn delete_smtp_endpoint( + #[try_from_ref] this: &NotificationConfig, + name: &str, + ) -> Result<(), HttpError> { + let mut config = this.config.lock().unwrap(); + api::smtp::delete_endpoint(&mut config, name) + } + #[export(serialize_error)] fn get_matchers( #[try_from_ref] this: &NotificationConfig, From b905cfd03d41a6e00c54744afc81c2c8deb8ea70 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Tue, 14 Nov 2023 13:59:26 +0100 Subject: [PATCH 092/114] pve-rs: notify: remove notify_context for PVE The context has now been moved to `proxmox-notify` due to the fact that we also need it in `proxmox-mail-forward` now. Signed-off-by: Lukas Wagner --- pve-rs/Cargo.toml | 2 +- pve-rs/src/lib.rs | 7 ++- pve-rs/src/notify_context.rs | 117 ----------------------------------- 3 files changed, 5 insertions(+), 121 deletions(-) delete mode 100644 pve-rs/src/notify_context.rs diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index e222d9da..2300c8d4 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -36,7 +36,7 @@ perlmod = { version = "0.13", features = [ "exporter" ] } proxmox-apt = "0.10.6" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-http-error = "0.1.0" -proxmox-notify = "0.2" +proxmox-notify = { version = "0.2", features = ["pve-context"] } proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" proxmox-subscription = "0.4" diff --git a/pve-rs/src/lib.rs b/pve-rs/src/lib.rs index d1915c90..42be39e5 100644 --- a/pve-rs/src/lib.rs +++ b/pve-rs/src/lib.rs @@ -4,18 +4,19 @@ pub mod common; pub mod apt; -pub mod notify_context; pub mod openid; pub mod resource_scheduling; pub mod tfa; #[perlmod::package(name = "Proxmox::Lib::PVE", lib = "pve_rs")] mod export { - use crate::{common, notify_context}; + use proxmox_notify::context::pve::PVE_CONTEXT; + + use crate::common; #[export] pub fn init() { common::logger::init("PVE_LOG", "info"); - notify_context::init(); + proxmox_notify::context::set_context(&PVE_CONTEXT) } } diff --git a/pve-rs/src/notify_context.rs b/pve-rs/src/notify_context.rs deleted file mode 100644 index 3cf3e189..00000000 --- a/pve-rs/src/notify_context.rs +++ /dev/null @@ -1,117 +0,0 @@ -use log; -use std::path::Path; - -use proxmox_notify::context::Context; - -// Some helpers borrowed and slightly adapted from `proxmox-mail-forward` - -fn normalize_for_return(s: Option<&str>) -> Option { - match s?.trim() { - "" => None, - s => Some(s.to_string()), - } -} - -fn attempt_file_read>(path: P) -> Option { - match proxmox_sys::fs::file_read_optional_string(path) { - Ok(contents) => contents, - Err(err) => { - log::error!("{err}"); - None - } - } -} - -fn lookup_mail_address(content: &str, user: &str) -> Option { - normalize_for_return(content.lines().find_map(|line| { - let fields: Vec<&str> = line.split(':').collect(); - #[allow(clippy::get_first)] // to keep expression style consistent - match fields.get(0)?.trim() == "user" && fields.get(1)?.trim() == user { - true => fields.get(6).copied(), - false => None, - } - })) -} - -fn lookup_datacenter_config_key(content: &str, key: &str) -> Option { - let key_prefix = format!("{key}:"); - normalize_for_return( - content - .lines() - .find_map(|line| line.strip_prefix(&key_prefix)), - ) -} - -#[derive(Debug)] -struct PVEContext; - -impl Context for PVEContext { - fn lookup_email_for_user(&self, user: &str) -> Option { - let content = attempt_file_read("/etc/pve/user.cfg"); - content.and_then(|content| lookup_mail_address(&content, user)) - } - - fn default_sendmail_author(&self) -> String { - "Proxmox VE".into() - } - - fn default_sendmail_from(&self) -> String { - let content = attempt_file_read("/etc/pve/datacenter.cfg"); - content - .and_then(|content| lookup_datacenter_config_key(&content, "email_from")) - .unwrap_or_else(|| String::from("root")) - } - - fn http_proxy_config(&self) -> Option { - let content = attempt_file_read("/etc/pve/datacenter.cfg"); - content.and_then(|content| lookup_datacenter_config_key(&content, "http_proxy")) - } -} - -#[cfg(test)] -mod tests { - use super::*; - - const USER_CONFIG: &str = " -user:root@pam:1:0:::root@example.com::: -user:test@pve:1:0:::test@example.com::: -user:no-mail@pve:1:0:::::: - "; - - #[test] - fn test_parse_mail() { - assert_eq!( - lookup_mail_address(USER_CONFIG, "root@pam"), - Some("root@example.com".to_string()) - ); - assert_eq!( - lookup_mail_address(USER_CONFIG, "test@pve"), - Some("test@example.com".to_string()) - ); - assert_eq!(lookup_mail_address(USER_CONFIG, "no-mail@pve"), None); - } - - const DC_CONFIG: &str = " -email_from: user@example.com -http_proxy: http://localhost:1234 -keyboard: en-us -"; - #[test] - fn test_parse_dc_config() { - assert_eq!( - lookup_datacenter_config_key(DC_CONFIG, "email_from"), - Some("user@example.com".to_string()) - ); - assert_eq!( - lookup_datacenter_config_key(DC_CONFIG, "http_proxy"), - Some("http://localhost:1234".to_string()) - ); - assert_eq!(lookup_datacenter_config_key(DC_CONFIG, "foo"), None); - } -} - -static CONTEXT: PVEContext = PVEContext; - -pub fn init() { - proxmox_notify::context::set_context(&CONTEXT) -} From 36fbb761457c05203238b7909c277de364c23854 Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Tue, 14 Nov 2023 13:59:27 +0100 Subject: [PATCH 093/114] notify: add 'disable' parameter This parameter disables a matcher/a target. Signed-off-by: Lukas Wagner --- common/src/notify.rs | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/common/src/notify.rs b/common/src/notify.rs index 8a6d76e2..a5ab754f 100644 --- a/common/src/notify.rs +++ b/common/src/notify.rs @@ -147,6 +147,7 @@ mod export { from_address: Option, author: Option, comment: Option, + disable: Option, ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); @@ -159,7 +160,7 @@ mod export { from_address, author, comment, - filter: None, + disable, }, ) } @@ -174,6 +175,7 @@ mod export { from_address: Option, author: Option, comment: Option, + disable: Option, delete: Option>, digest: Option<&str>, ) -> Result<(), HttpError> { @@ -189,6 +191,7 @@ mod export { from_address, author, comment, + disable, }, delete.as_deref(), digest.as_deref(), @@ -228,6 +231,7 @@ mod export { server: String, token: String, comment: Option, + disable: Option, ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::gotify::add_endpoint( @@ -236,6 +240,7 @@ mod export { name: name.clone(), server, comment, + disable, filter: None, }, &GotifyPrivateConfig { name, token }, @@ -250,6 +255,7 @@ mod export { server: Option, token: Option, comment: Option, + disable: Option, delete: Option>, digest: Option<&str>, ) -> Result<(), HttpError> { @@ -259,7 +265,11 @@ mod export { api::gotify::update_endpoint( &mut config, name, - &GotifyConfigUpdater { server, comment }, + &GotifyConfigUpdater { + server, + comment, + disable, + }, &GotifyPrivateConfigUpdater { token }, delete.as_deref(), digest.as_deref(), @@ -307,6 +317,7 @@ mod export { from_address: String, author: Option, comment: Option, + disable: Option, ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::smtp::add_endpoint( @@ -322,6 +333,7 @@ mod export { from_address, author, comment, + disable, }, &SmtpPrivateConfig { name, password }, ) @@ -342,6 +354,7 @@ mod export { from_address: Option, author: Option, comment: Option, + disable: Option, delete: Option>, digest: Option<&str>, ) -> Result<(), HttpError> { @@ -361,6 +374,7 @@ mod export { from_address, author, comment, + disable, }, &SmtpPrivateConfigUpdater { password }, delete.as_deref(), @@ -406,6 +420,7 @@ mod export { mode: Option, invert_match: Option, comment: Option, + disable: Option, ) -> Result<(), HttpError> { let mut config = this.config.lock().unwrap(); api::matcher::add_matcher( @@ -419,6 +434,7 @@ mod export { mode, invert_match, comment, + disable, }, ) } @@ -435,6 +451,7 @@ mod export { mode: Option, invert_match: Option, comment: Option, + disable: Option, delete: Option>, digest: Option<&str>, ) -> Result<(), HttpError> { @@ -452,6 +469,7 @@ mod export { mode, invert_match, comment, + disable, }, delete.as_deref(), digest.as_deref(), From 036236c278d9eb396e0e57240472666f581862dc Mon Sep 17 00:00:00 2001 From: Lukas Wagner Date: Tue, 14 Nov 2023 13:59:28 +0100 Subject: [PATCH 094/114] notify: support 'origin' paramter This parameter shows the origin of a config entry (builtin, user-created, modified-builtin) Signed-off-by: Lukas Wagner --- common/src/notify.rs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/common/src/notify.rs b/common/src/notify.rs index a5ab754f..8f9f38f5 100644 --- a/common/src/notify.rs +++ b/common/src/notify.rs @@ -161,6 +161,8 @@ mod export { author, comment, disable, + filter: None, + origin: None, }, ) } @@ -242,6 +244,7 @@ mod export { comment, disable, filter: None, + origin: None, }, &GotifyPrivateConfig { name, token }, ) @@ -334,6 +337,7 @@ mod export { author, comment, disable, + origin: None, }, &SmtpPrivateConfig { name, password }, ) @@ -435,6 +439,7 @@ mod export { invert_match, comment, disable, + origin: None, }, ) } From 61ab181b013a3e0dde2124772a9c22f8b06e3de9 Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Fri, 17 Nov 2023 13:37:51 +0100 Subject: [PATCH 095/114] cargo: depend on notify 0.3 Signed-off-by: Thomas Lamprecht --- pmg-rs/Cargo.toml | 2 +- pmg-rs/debian/control | 2 +- pve-rs/Cargo.toml | 2 +- pve-rs/debian/control | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 573d5663..a87d283e 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -36,7 +36,7 @@ proxmox-acme-rs = { version = "0.4", features = ["client"] } proxmox-apt = "0.10" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-http-error = "0.1.0" -proxmox-notify = "0.2" +proxmox-notify = "0.3" proxmox-subscription = "0.4" proxmox-sys = "0.5" proxmox-tfa = { version = "4.0.4", features = ["api"] } diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index cbb117e6..48d458bc 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -20,7 +20,7 @@ Build-Depends: cargo:native , librust-proxmox-http-0.9+client-trait-dev, librust-proxmox-http-0.9+default-dev, librust-proxmox-http-error-0.1+default-dev, - librust-proxmox-notify-0.2+default-dev, + librust-proxmox-notify-0.3+default-dev, librust-proxmox-subscription-0.4+default-dev, librust-proxmox-sys-0.5+default-dev, librust-proxmox-tfa-4+api-dev (>= 4.0.4-~~), diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 2300c8d4..28823c5a 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -36,7 +36,7 @@ perlmod = { version = "0.13", features = [ "exporter" ] } proxmox-apt = "0.10.6" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-http-error = "0.1.0" -proxmox-notify = { version = "0.2", features = ["pve-context"] } +proxmox-notify = { version = "0.3", features = ["pve-context"] } proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" proxmox-subscription = "0.4" diff --git a/pve-rs/debian/control b/pve-rs/debian/control index 27708436..75de26e5 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -21,7 +21,7 @@ Build-Depends: cargo:native , librust-proxmox-http-0.9+client-trait-dev, librust-proxmox-http-0.9+default-dev, librust-proxmox-http-error-0.1+default-dev, - librust-proxmox-notify-0.2+default-dev, + librust-proxmox-notify-0.3+default-dev, librust-proxmox-openid-0.10+default-dev, librust-proxmox-resource-scheduling-0.3+default-dev, librust-proxmox-subscription-0.4+default-dev, From 4c54abcea84e22418b396c57ced6621effb36e0f Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Fri, 17 Nov 2023 13:41:34 +0100 Subject: [PATCH 096/114] pve: bump version to 0.8.7 Signed-off-by: Thomas Lamprecht --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/changelog | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 28823c5a..58440bbb 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.8.6" +version = "0.8.7" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index b7d0d4a1..c6fc24ac 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,17 @@ +libpve-rs-perl (0.8.7) bookworm; urgency=medium + + * notify: adapt to new matcher-based notification routing + + * notify: add bindings for smtp API calls + + * pve-rs: notify: remove notify_context for PVE + + * notify: add 'disable' parameter + + * notify: support 'origin' paramter + + -- Proxmox Support Team Fri, 17 Nov 2023 13:41:17 +0100 + libpve-rs-perl (0.8.6) bookworm; urgency=medium * re-build with newer proxmox-apt depenceny to make Ceph Reef repo available From 5ac44c9fbbfaf8c10123a563ab497e06a003e332 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 4 Dec 2023 10:26:42 +0100 Subject: [PATCH 097/114] pmg: bump acme-rs to 0.5 Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 +- pmg-rs/src/acme.rs | 10 +++++----- pmg-rs/src/csr.rs | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index a87d283e..6bf3469c 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -32,7 +32,7 @@ url = "2" perlmod = { version = "0.13.4", features = [ "exporter" ] } -proxmox-acme-rs = { version = "0.4", features = ["client"] } +proxmox-acme = { version = "0.5", features = ["client"] } proxmox-apt = "0.10" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-http-error = "0.1.0" diff --git a/pmg-rs/src/acme.rs b/pmg-rs/src/acme.rs index b38e1eae..438087bd 100644 --- a/pmg-rs/src/acme.rs +++ b/pmg-rs/src/acme.rs @@ -9,8 +9,8 @@ use std::os::unix::fs::OpenOptionsExt; use anyhow::{format_err, Error}; use serde::{Deserialize, Serialize}; -use proxmox_acme_rs::account::AccountData as AcmeAccountData; -use proxmox_acme_rs::{Account, Client}; +use proxmox_acme::account::AccountData as AcmeAccountData; +use proxmox_acme::{Account, Client}; /// Our on-disk format inherited from PVE's proxmox-acme code. #[derive(Deserialize, Serialize)] @@ -188,9 +188,9 @@ pub mod export { use serde_bytes::{ByteBuf, Bytes}; use perlmod::Value; - use proxmox_acme_rs::directory::Meta; - use proxmox_acme_rs::order::OrderData; - use proxmox_acme_rs::{Authorization, Challenge, Order}; + use proxmox_acme::directory::Meta; + use proxmox_acme::order::OrderData; + use proxmox_acme::{Authorization, Challenge, Order}; use super::{AccountData, Inner}; diff --git a/pmg-rs/src/csr.rs b/pmg-rs/src/csr.rs index 84e3c720..3166e00b 100644 --- a/pmg-rs/src/csr.rs +++ b/pmg-rs/src/csr.rs @@ -5,7 +5,7 @@ pub mod export { use anyhow::Error; use serde_bytes::ByteBuf; - use proxmox_acme_rs::util::Csr; + use proxmox_acme::util::Csr; /// Generates a CSR and its accompanying private key. /// From ce550d06e2a982a6e212b208f10ec9f850e624a4 Mon Sep 17 00:00:00 2001 From: Folke Gleumes Date: Tue, 14 Nov 2023 15:14:05 +0100 Subject: [PATCH 098/114] acme: add eab fields for pmg Signed-off-by: Folke Gleumes --- pmg-rs/src/acme.rs | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/pmg-rs/src/acme.rs b/pmg-rs/src/acme.rs index 438087bd..06281da6 100644 --- a/pmg-rs/src/acme.rs +++ b/pmg-rs/src/acme.rs @@ -79,6 +79,7 @@ impl Inner { tos_agreed: bool, contact: Vec, rsa_bits: Option, + eab_creds: Option<(String, String)>, ) -> Result<(), Error> { self.tos = if tos_agreed { self.client.terms_of_service_url()?.map(str::to_owned) @@ -86,7 +87,9 @@ impl Inner { None }; - let _account = self.client.new_account(contact, tos_agreed, rsa_bits)?; + let _account = self + .client + .new_account(contact, tos_agreed, rsa_bits, eab_creds)?; let file = OpenOptions::new() .write(true) .create(true) @@ -238,11 +241,16 @@ pub mod export { tos_agreed: bool, contact: Vec, rsa_bits: Option, + eab_kid: Option, + eab_hmac_key: Option, ) -> Result<(), Error> { - this.inner - .lock() - .unwrap() - .new_account(account_path, tos_agreed, contact, rsa_bits) + this.inner.lock().unwrap().new_account( + account_path, + tos_agreed, + contact, + rsa_bits, + eab_kid.zip(eab_hmac_key), + ) } /// Get the directory's meta information. From b9185327f482918670234f3d4fd2b70dfc4e21ef Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 4 Dec 2023 11:58:31 +0100 Subject: [PATCH 099/114] update d/control Signed-off-by: Wolfgang Bumiller --- pmg-rs/debian/control | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 48d458bc..04666057 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -11,10 +11,10 @@ Build-Depends: cargo:native , librust-libc-0.2+default-dev, librust-nix-0.26+default-dev, librust-openssl-0.10+default-dev (>= 0.10.40-~~), - librust-perlmod-0.13+default-dev, - librust-perlmod-0.13+exporter-dev, - librust-proxmox-acme-rs-0.4+client-dev, - librust-proxmox-acme-rs-0.4+default-dev, + librust-perlmod-0.13+default-dev (>= 0.13.4-~~), + librust-perlmod-0.13+exporter-dev (>= 0.13.4-~~), + librust-proxmox-acme-0.5+client-dev, + librust-proxmox-acme-0.5+default-dev, librust-proxmox-apt-0.10+default-dev, librust-proxmox-http-0.9+client-sync-dev, librust-proxmox-http-0.9+client-trait-dev, From 089e555d5196d829d0f211d94dd78d6b100d5d3d Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 6 Dec 2023 11:19:30 +0100 Subject: [PATCH 100/114] fixate openssl-probe dependency, probe env vars in perl This fixes an issue with `openssl-probe` calling `setenv` when (issued via the `native-tls` crate with the ACME client) which crashes perl. Signed-off-by: Wolfgang Bumiller --- common/pkg/Proxmox/Lib/Common.pm | 84 ++++++++++++++++++++++++++++++++ pmg-rs/debian/control | 1 + 2 files changed, 85 insertions(+) diff --git a/common/pkg/Proxmox/Lib/Common.pm b/common/pkg/Proxmox/Lib/Common.pm index 1e6b26d6..e87acf46 100644 --- a/common/pkg/Proxmox/Lib/Common.pm +++ b/common/pkg/Proxmox/Lib/Common.pm @@ -40,4 +40,88 @@ BEGIN { } } +=head1 Environment Variable Safety + +Perl's handling of environment variables was completely messed up until v5.38. +Using `setenv` such as use din the `openssl-probe` crate would cause it to +crash later on, therefore we provide a perl-version of env var probing instead, +and override the crate with one that doesn't replace the variables if they are +already set correctly. + +=cut + +# Copied from openssl-probe +my @cert_dirs = ( + "/var/ssl", + "/usr/share/ssl", + "/usr/local/ssl", + "/usr/local/openssl", + "/usr/local/etc/openssl", + "/usr/local/share", + "/usr/lib/ssl", + "/usr/ssl", + "/etc/openssl", + "/etc/pki/ca-trust/extracted/pem", + "/etc/pki/tls", + "/etc/ssl", + "/etc/certs", + "/opt/etc/ssl", + "/data/data/com.termux/files/usr/etc/tls", + "/boot/system/data/ssl", +); + +# Copied from openssl-probe +my @cert_file_names = ( + "cert.pem", + "certs.pem", + "ca-bundle.pem", + "cacert.pem", + "ca-certificates.crt", + "certs/ca-certificates.crt", + "certs/ca-root-nss.crt", + "certs/ca-bundle.crt", + "CARootCertificates.pem", + "tls-ca-bundle.pem", +); + +my sub probe_ssl_vars : prototype() { + my $result_file = $ENV{SSL_CERT_FILE}; + my $result_file_changed = 0; + my $result_dir = $ENV{SSL_CERT_DIR}; + my $result_dir_changed = 0; + + for my $certs_dir (@cert_dirs) { + if (!defined($result_file)) { + for my $file (@cert_file_names) { + my $path = "$certs_dir/$file"; + if (-e $path) { + $result_file = $path; + $result_file_changed = 1; + last; + } + } + } + if (!defined($result_dir)) { + for my $file (@cert_file_names) { + my $path = "$certs_dir/certs"; + if (-d $path) { + $result_dir = $path; + $result_dir_changed = 1; + last; + } + } + } + last if defined($result_file) && defined($result_dir); + } + + if ($result_file_changed && defined($result_file)) { + $ENV{SSL_CERT_FILE} = $result_file; + } + if ($result_dir_changed && defined($result_dir)) { + $ENV{SSL_CERT_DIR} = $result_dir; + } +} + +probe_ssl_vars(); + 1; diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 04666057..c35bca2e 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -3,6 +3,7 @@ Section: perl Priority: optional Build-Depends: cargo:native , debhelper-compat (= 13), + librust-openssl-probe-dev (= 0.1.5-1~bpo12+pve1), dh-cargo (>= 25), librust-anyhow-1+default-dev, librust-env-logger-0.10+default-dev, From 9525623c19107aee415b530dc7a70bcfedb38e11 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 4 Dec 2023 09:36:27 +0100 Subject: [PATCH 101/114] bump pmg-rs to 0.7.4 Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 +- pmg-rs/debian/changelog | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 6bf3469c..17973109 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pmg-rs" -version = "0.7.3" +version = "0.7.4" description = "PMG parts which have been ported to rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pmg-rs/debian/changelog b/pmg-rs/debian/changelog index 104cc974..fdf2dba4 100644 --- a/pmg-rs/debian/changelog +++ b/pmg-rs/debian/changelog @@ -1,3 +1,13 @@ +libpmg-rs-perl (0.7.4) bookworm; urgency=medium + + * update to env logger 0.10 + + * use declare_magic for ACME + + * add Promox::Lib::PMG::use_safe_putenv + + -- Proxmox Support Team Wed, 06 Dec 2023 11:22:56 +0100 + libpmg-rs-perl (0.7.3) bookworm; urgency=medium * reset failure counts when unlocking second factors From 6a31f73fa3f15a7138055153245286e360b0e481 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 5 Dec 2023 10:46:52 +0100 Subject: [PATCH 102/114] bump common to 0.3.2 Signed-off-by: Wolfgang Bumiller --- common/pkg/debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/common/pkg/debian/changelog b/common/pkg/debian/changelog index 9c1fe1c2..cc7582b8 100644 --- a/common/pkg/debian/changelog +++ b/common/pkg/debian/changelog @@ -1,3 +1,9 @@ +libproxmox-rs-perl (0.3.2) bookworm; urgency=medium + + * add Proxmox::Lib::Common::probe_ssl_vars() helper + + -- Proxmox Support Team Tue, 05 Dec 2023 10:46:39 +0100 + libproxmox-rs-perl (0.3.1) bookworm; urgency=medium * add Proxmox::RS::Notify module From 62fc43fea918a48251e2f3701427d61f42db2a6e Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Thu, 7 Dec 2023 09:10:59 +0100 Subject: [PATCH 103/114] common: move probe into a new SslProbe package Because Proxmox::Lib::Common isn't actually `use`d by most packages. Signed-off-by: Wolfgang Bumiller --- common/pkg/Proxmox/Lib/Common.pm | 84 ------------------------ common/pkg/Proxmox/Lib/SslProbe.pm | 100 +++++++++++++++++++++++++++++ 2 files changed, 100 insertions(+), 84 deletions(-) create mode 100644 common/pkg/Proxmox/Lib/SslProbe.pm diff --git a/common/pkg/Proxmox/Lib/Common.pm b/common/pkg/Proxmox/Lib/Common.pm index e87acf46..1e6b26d6 100644 --- a/common/pkg/Proxmox/Lib/Common.pm +++ b/common/pkg/Proxmox/Lib/Common.pm @@ -40,88 +40,4 @@ BEGIN { } } -=head1 Environment Variable Safety - -Perl's handling of environment variables was completely messed up until v5.38. -Using `setenv` such as use din the `openssl-probe` crate would cause it to -crash later on, therefore we provide a perl-version of env var probing instead, -and override the crate with one that doesn't replace the variables if they are -already set correctly. - -=cut - -# Copied from openssl-probe -my @cert_dirs = ( - "/var/ssl", - "/usr/share/ssl", - "/usr/local/ssl", - "/usr/local/openssl", - "/usr/local/etc/openssl", - "/usr/local/share", - "/usr/lib/ssl", - "/usr/ssl", - "/etc/openssl", - "/etc/pki/ca-trust/extracted/pem", - "/etc/pki/tls", - "/etc/ssl", - "/etc/certs", - "/opt/etc/ssl", - "/data/data/com.termux/files/usr/etc/tls", - "/boot/system/data/ssl", -); - -# Copied from openssl-probe -my @cert_file_names = ( - "cert.pem", - "certs.pem", - "ca-bundle.pem", - "cacert.pem", - "ca-certificates.crt", - "certs/ca-certificates.crt", - "certs/ca-root-nss.crt", - "certs/ca-bundle.crt", - "CARootCertificates.pem", - "tls-ca-bundle.pem", -); - -my sub probe_ssl_vars : prototype() { - my $result_file = $ENV{SSL_CERT_FILE}; - my $result_file_changed = 0; - my $result_dir = $ENV{SSL_CERT_DIR}; - my $result_dir_changed = 0; - - for my $certs_dir (@cert_dirs) { - if (!defined($result_file)) { - for my $file (@cert_file_names) { - my $path = "$certs_dir/$file"; - if (-e $path) { - $result_file = $path; - $result_file_changed = 1; - last; - } - } - } - if (!defined($result_dir)) { - for my $file (@cert_file_names) { - my $path = "$certs_dir/certs"; - if (-d $path) { - $result_dir = $path; - $result_dir_changed = 1; - last; - } - } - } - last if defined($result_file) && defined($result_dir); - } - - if ($result_file_changed && defined($result_file)) { - $ENV{SSL_CERT_FILE} = $result_file; - } - if ($result_dir_changed && defined($result_dir)) { - $ENV{SSL_CERT_DIR} = $result_dir; - } -} - -probe_ssl_vars(); - 1; diff --git a/common/pkg/Proxmox/Lib/SslProbe.pm b/common/pkg/Proxmox/Lib/SslProbe.pm new file mode 100644 index 00000000..e6de8904 --- /dev/null +++ b/common/pkg/Proxmox/Lib/SslProbe.pm @@ -0,0 +1,100 @@ +package Proxmox::Lib::SslProbe; + +use strict; +use warnings; + +=head1 Environment Variable Safety + +Perl's handling of environment variables was completely messed up until v5.38. +Using `setenv` such as use din the `openssl-probe` crate would cause it to +crash later on, therefore we provide a perl-version of env var probing instead, +and override the crate with one that doesn't replace the variables if they are +already set correctly. + +=cut + +BEGIN { + # Copied from openssl-probe + my @cert_dirs = ( + "/var/ssl", + "/usr/share/ssl", + "/usr/local/ssl", + "/usr/local/openssl", + "/usr/local/etc/openssl", + "/usr/local/share", + "/usr/lib/ssl", + "/usr/ssl", + "/etc/openssl", + "/etc/pki/ca-trust/extracted/pem", + "/etc/pki/tls", + "/etc/ssl", + "/etc/certs", + "/opt/etc/ssl", + "/data/data/com.termux/files/usr/etc/tls", + "/boot/system/data/ssl", + ); + + # Copied from openssl-probe + my @cert_file_names = ( + "cert.pem", + "certs.pem", + "ca-bundle.pem", + "cacert.pem", + "ca-certificates.crt", + "certs/ca-certificates.crt", + "certs/ca-root-nss.crt", + "certs/ca-bundle.crt", + "CARootCertificates.pem", + "tls-ca-bundle.pem", + ); + + my $probed_ssl_vars = 0; + + # The algorithm here is taken from the `openssl-probe` crate and should + # produce the exact same result in order to ensure the rust code does not + # call `setenv()`. + my sub probe_ssl_vars : prototype() { + return if $probed_ssl_vars; + $probed_ssl_vars = 1; + + my $result_file = $ENV{SSL_CERT_FILE}; + my $result_file_changed = 0; + my $result_dir = $ENV{SSL_CERT_DIR}; + my $result_dir_changed = 0; + + for my $certs_dir (@cert_dirs) { + if (!defined($result_file)) { + for my $file (@cert_file_names) { + my $path = "$certs_dir/$file"; + if (-e $path) { + $result_file = $path; + $result_file_changed = 1; + last; + } + } + } + if (!defined($result_dir)) { + for my $file (@cert_file_names) { + my $path = "$certs_dir/certs"; + if (-d $path) { + $result_dir = $path; + $result_dir_changed = 1; + last; + } + } + } + last if defined($result_file) && defined($result_dir); + } + + if ($result_file_changed && defined($result_file)) { + $ENV{SSL_CERT_FILE} = $result_file; + } + if ($result_dir_changed && defined($result_dir)) { + $ENV{SSL_CERT_DIR} = $result_dir; + } + } + + probe_ssl_vars(); +} + +1; From 86706cc049a7f9695dfd2a7886da8d635e99162b Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Thu, 7 Dec 2023 09:42:16 +0100 Subject: [PATCH 104/114] pmg: load SslProbe in Proxmox/Lib/PMG.pm Signed-off-by: Wolfgang Bumiller --- pmg-rs/Fixup.pm | 4 ++++ pmg-rs/Makefile | 8 +++++--- pmg-rs/debian/control | 1 + 3 files changed, 10 insertions(+), 3 deletions(-) create mode 100644 pmg-rs/Fixup.pm diff --git a/pmg-rs/Fixup.pm b/pmg-rs/Fixup.pm new file mode 100644 index 00000000..13e10696 --- /dev/null +++ b/pmg-rs/Fixup.pm @@ -0,0 +1,4 @@ +# BEGIN Fixup.pm +# This is prepended to the current PMG.pm to force-include the temporary `openssl-probe` fixup. +use Proxmox::Lib::SslProbe; +# END Fixup.pm diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index d738337c..b234cfd8 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -41,9 +41,10 @@ endif all: PMG cargo build $(CARGO_BUILD_ARGS) -PMG: Proxmox/Lib/PMG.pm -Proxmox/Lib/PMG.pm: +Proxmox PMG: Proxmox/Lib/PMG.pm +Proxmox/Lib/PMG.pm: Fixup.pm $(PERLMOD_GENPACKAGE) $(PERLMOD_PACKAGES) + sed -i -e '/package Proxmox/rFixup.pm' Proxmox/Lib/PMG.pm .PHONY: install install: target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG @@ -56,6 +57,7 @@ install: target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG distclean: clean clean: + rm -rf PMG Proxmox cargo clean rm -f *.deb *.dsc *.tar.* *.build *.buildinfo *.changes Cargo.lock rm -rf $(PACKAGE)-[0-9]*/ @@ -75,7 +77,7 @@ $(BUILDDIR): src debian common/src Cargo.toml Makefile .cargo/config rm -rf $(BUILDDIR) $(BUILDDIR).tmp mkdir $(BUILDDIR).tmp mkdir $(BUILDDIR).tmp/common - cp -a -t $(BUILDDIR).tmp src debian Cargo.toml Makefile .cargo + cp -a -t $(BUILDDIR).tmp src debian Cargo.toml Makefile .cargo Fixup.pm cp -a -t $(BUILDDIR).tmp/common common/src mv $(BUILDDIR).tmp $(BUILDDIR) diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index c35bca2e..6d9628b6 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -45,6 +45,7 @@ Architecture: any Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, + libproxmox-rs-perl (>= 0.3.3), Description: Components of Proxmox Mail Gateway which have been ported to Rust. Contains parts of Proxmox Mail Gateway which have been ported to, or newly implemented in the Rust programming language. From 16c41f1a91e32ff189395e3bd8ef515850673422 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Thu, 7 Dec 2023 09:51:02 +0100 Subject: [PATCH 105/114] pve: load SslProbe in Proxmox/Lib/PVE.pm Signed-off-by: Wolfgang Bumiller --- pve-rs/Fixup.pm | 4 ++++ pve-rs/Makefile | 6 ++++-- pve-rs/debian/control | 5 ++++- 3 files changed, 12 insertions(+), 3 deletions(-) create mode 100644 pve-rs/Fixup.pm diff --git a/pve-rs/Fixup.pm b/pve-rs/Fixup.pm new file mode 100644 index 00000000..13e10696 --- /dev/null +++ b/pve-rs/Fixup.pm @@ -0,0 +1,4 @@ +# BEGIN Fixup.pm +# This is prepended to the current PMG.pm to force-include the temporary `openssl-probe` fixup. +use Proxmox::Lib::SslProbe; +# END Fixup.pm diff --git a/pve-rs/Makefile b/pve-rs/Makefile index de35c699..045f5556 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -45,9 +45,10 @@ all: PVE 's@^sub libdirs.*$$@sub libdirs { return ("./target/$(TARGET_DIR)", "./../target/$(TARGET_DIR)"); }@' \ Proxmox/Lib/PVE.pm >test/Proxmox/Lib/PVE.pm -PVE: Proxmox/Lib/PVE.pm -Proxmox/Lib/PVE.pm: +Proxmox PVE: Proxmox/Lib/PVE.pm +Proxmox/Lib/PVE.pm: Fixup.pm $(PERLMOD_GENPACKAGE) $(PERLMOD_PACKAGES) + sed -i -e '/package Proxmox/rFixup.pm' Proxmox/Lib/PMG.pm check: all $(MAKE) -C test test @@ -62,6 +63,7 @@ install: target/release/libpve_rs.so Proxmox/Lib/PVE.pm PVE find $(PM_DIR) \! -type d -print -exec install -Dm644 '{}' $(DESTDIR)$(PERL_INSTALLVENDORLIB)'/{}' ';' clean: + rm -rf PVE Proxmox cargo clean rm -f *.deb *.dsc *.tar.* *.build *.buildinfo *.changes Cargo.lock rm -rf $(PACKAGE)-[0-9]*/ diff --git a/pve-rs/debian/control b/pve-rs/debian/control index 75de26e5..ae5e4eb8 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -45,7 +45,10 @@ Rules-Requires-Root: no Package: libpve-rs-perl Architecture: any -Depends: ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, +Depends: ${misc:Depends}, + ${perl:Depends}, + ${shlibs:Depends}, + libproxmox-rs-perl (>= 0.3.3), Breaks: libpve-access-control (<< 7.1-3), libpve-common-perl (<< 7.1-4), pve-manager (<< 7.1-11), From 237b276028b92dee21dfd3922249d79f23524b26 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Thu, 7 Dec 2023 09:42:59 +0100 Subject: [PATCH 106/114] bump common to 0.3.3 Signed-off-by: Wolfgang Bumiller --- common/pkg/debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/common/pkg/debian/changelog b/common/pkg/debian/changelog index cc7582b8..709d19e9 100644 --- a/common/pkg/debian/changelog +++ b/common/pkg/debian/changelog @@ -1,3 +1,9 @@ +libproxmox-rs-perl (0.3.3) bookworm; urgency=medium + + * move ssl var probing to Proxmox::Lib::SslProbe + + -- Proxmox Support Team Thu, 07 Dec 2023 09:57:33 +0100 + libproxmox-rs-perl (0.3.2) bookworm; urgency=medium * add Proxmox::Lib::Common::probe_ssl_vars() helper From fb5f1be6dc3164a2bd9634e758950a3572c615e9 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Thu, 7 Dec 2023 09:52:06 +0100 Subject: [PATCH 107/114] bump pmg-rs to 0.7.5 Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 +- pmg-rs/debian/changelog | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index 17973109..f60ef298 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pmg-rs" -version = "0.7.4" +version = "0.7.5" description = "PMG parts which have been ported to rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pmg-rs/debian/changelog b/pmg-rs/debian/changelog index fdf2dba4..982529ed 100644 --- a/pmg-rs/debian/changelog +++ b/pmg-rs/debian/changelog @@ -1,3 +1,13 @@ +libpmg-rs-perl (0.7.5) bookworm; urgency=medium + + * add EAB binding support to ACME + + * make Proxmox::Lib::PMG pull in Proxmox::Lib::SslProbe to work around + an issue where the openssl-probe crate calls setenv() and messes up perl's + view of the environment + + -- Proxmox Support Team Thu, 07 Dec 2023 09:57:43 +0100 + libpmg-rs-perl (0.7.4) bookworm; urgency=medium * update to env logger 0.10 From ec95bb1c5338c9c72d2145989ae3f1887ff18a3a Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 18 Dec 2023 10:18:46 +0100 Subject: [PATCH 108/114] pve: build fix Signed-off-by: Wolfgang Bumiller --- pve-rs/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index 045f5556..a4ab00d0 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -48,7 +48,7 @@ all: PVE Proxmox PVE: Proxmox/Lib/PVE.pm Proxmox/Lib/PVE.pm: Fixup.pm $(PERLMOD_GENPACKAGE) $(PERLMOD_PACKAGES) - sed -i -e '/package Proxmox/rFixup.pm' Proxmox/Lib/PMG.pm + sed -i -e '/package Proxmox/rFixup.pm' Proxmox/Lib/PVE.pm check: all $(MAKE) -C test test @@ -83,7 +83,7 @@ $(BUILDDIR): src debian test common/src Cargo.toml Makefile .cargo/config rm -rf $(BUILDDIR) $(BUILDDIR).tmp mkdir $(BUILDDIR).tmp mkdir $(BUILDDIR).tmp/common - cp -a -t $(BUILDDIR).tmp src debian test Cargo.toml Makefile .cargo + cp -a -t $(BUILDDIR).tmp src debian test Cargo.toml Makefile .cargo Fixup.pm cp -a -t $(BUILDDIR).tmp/common common/src mv $(BUILDDIR).tmp $(BUILDDIR) From c57e1868e7b178d3a90e4d3acff889341748b98c Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 18 Dec 2023 10:20:58 +0100 Subject: [PATCH 109/114] pve: upgrade perlmod-bin dependency to 0.2 Signed-off-by: Wolfgang Bumiller --- pve-rs/Makefile | 4 ++-- pve-rs/debian/control | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index a4ab00d0..5e44ebe9 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -23,7 +23,8 @@ PERLMOD_GENPACKAGE := /usr/lib/perlmod/genpackage.pl \ --lib=pve_rs \ --lib-tag=proxmox \ --lib-package=Proxmox::Lib::PVE \ - --lib-prefix=PVE + --lib-prefix=PVE \ + --include-file=Fixup.pm PERLMOD_PACKAGES := \ PVE::RS::APT::Repositories \ @@ -48,7 +49,6 @@ all: PVE Proxmox PVE: Proxmox/Lib/PVE.pm Proxmox/Lib/PVE.pm: Fixup.pm $(PERLMOD_GENPACKAGE) $(PERLMOD_PACKAGES) - sed -i -e '/package Proxmox/rFixup.pm' Proxmox/Lib/PVE.pm check: all $(MAKE) -C test test diff --git a/pve-rs/debian/control b/pve-rs/debian/control index ae5e4eb8..ecdf71c3 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -34,7 +34,7 @@ Build-Depends: cargo:native , librust-serde-json-1+default-dev, librust-url-2+default-dev, libstd-rust-dev , - perlmod-bin, + perlmod-bin (>= 0.2.0-~~), rustc:native , Maintainer: Proxmox Support Team Standards-Version: 4.6.1 From a5330e34d24eabb43a6358360b7e54d224b6eefb Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 18 Dec 2023 10:22:05 +0100 Subject: [PATCH 110/114] pmg: upgrade perlmod-bin dependency to 0.2 Signed-off-by: Wolfgang Bumiller --- pmg-rs/Makefile | 4 ++-- pmg-rs/debian/control | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pmg-rs/Makefile b/pmg-rs/Makefile index b234cfd8..b04f2508 100644 --- a/pmg-rs/Makefile +++ b/pmg-rs/Makefile @@ -22,7 +22,8 @@ PERLMOD_GENPACKAGE := /usr/lib/perlmod/genpackage.pl \ --lib=pmg_rs \ --lib-tag=proxmox \ --lib-package=Proxmox::Lib::PMG \ - --lib-prefix=PMG + --lib-prefix=PMG \ + --include-file=Fixup.pm PERLMOD_PACKAGES := \ PMG::RS::APT::Repositories \ @@ -44,7 +45,6 @@ all: PMG Proxmox PMG: Proxmox/Lib/PMG.pm Proxmox/Lib/PMG.pm: Fixup.pm $(PERLMOD_GENPACKAGE) $(PERLMOD_PACKAGES) - sed -i -e '/package Proxmox/rFixup.pm' Proxmox/Lib/PMG.pm .PHONY: install install: target/release/libpmg_rs.so Proxmox/Lib/PMG.pm PMG diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 6d9628b6..6ea978b5 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -32,7 +32,7 @@ Build-Depends: cargo:native , librust-serde-json-1+default-dev, librust-url-2+default-dev, libstd-rust-dev , - perlmod-bin, + perlmod-bin (>= 0.2.0-~~), rustc:native , Maintainer: Proxmox Support Team Standards-Version: 4.6.1 From 427fdb13c0c63905779f5c0e390a109b470f6684 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 18 Dec 2023 10:39:30 +0100 Subject: [PATCH 111/114] pve: update testcase PVE.pm with fixed library path Signed-off-by: Wolfgang Bumiller --- pve-rs/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pve-rs/Makefile b/pve-rs/Makefile index 5e44ebe9..53b73b5b 100644 --- a/pve-rs/Makefile +++ b/pve-rs/Makefile @@ -43,7 +43,7 @@ all: PVE cargo build $(CARGO_BUILD_ARGS) mkdir -p test/Proxmox/Lib sed -r -e \ - 's@^sub libdirs.*$$@sub libdirs { return ("./target/$(TARGET_DIR)", "./../target/$(TARGET_DIR)"); }@' \ + 's@^sub libfile.*$$@sub libfile { "$(shell pwd)/target/$(TARGET_DIR)/libpve_rs.so"; }@' \ Proxmox/Lib/PVE.pm >test/Proxmox/Lib/PVE.pm Proxmox PVE: Proxmox/Lib/PVE.pm From d6df8340c58f2f393ae0c22eb1901ab9ef94d58e Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 2 Jan 2024 14:20:12 +0100 Subject: [PATCH 112/114] pve, pmg: bump perlmod-bin to 0.3.0-3 fixes a syntax error in the generated pm file Signed-off-by: Wolfgang Bumiller --- pmg-rs/debian/control | 2 +- pve-rs/debian/control | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 6ea978b5..72037d0b 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -32,7 +32,7 @@ Build-Depends: cargo:native , librust-serde-json-1+default-dev, librust-url-2+default-dev, libstd-rust-dev , - perlmod-bin (>= 0.2.0-~~), + perlmod-bin (>= 0.2.0-3), rustc:native , Maintainer: Proxmox Support Team Standards-Version: 4.6.1 diff --git a/pve-rs/debian/control b/pve-rs/debian/control index ecdf71c3..709db6d7 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -34,7 +34,7 @@ Build-Depends: cargo:native , librust-serde-json-1+default-dev, librust-url-2+default-dev, libstd-rust-dev , - perlmod-bin (>= 0.2.0-~~), + perlmod-bin (>= 0.2.0-3), rustc:native , Maintainer: Proxmox Support Team Standards-Version: 4.6.1 From 199be72401d5a5b7f699b9db68557bf2f5d5c608 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 10 Jan 2024 14:11:09 +0100 Subject: [PATCH 113/114] pve,pmg: bump proxmox-notify dependency to 0.3.1 Signed-off-by: Wolfgang Bumiller --- pmg-rs/Cargo.toml | 2 +- pmg-rs/debian/control | 2 +- pve-rs/Cargo.toml | 2 +- pve-rs/debian/control | 5 +++-- 4 files changed, 6 insertions(+), 5 deletions(-) diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml index f60ef298..0d01b59a 100644 --- a/pmg-rs/Cargo.toml +++ b/pmg-rs/Cargo.toml @@ -36,7 +36,7 @@ proxmox-acme = { version = "0.5", features = ["client"] } proxmox-apt = "0.10" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-http-error = "0.1.0" -proxmox-notify = "0.3" +proxmox-notify = "0.3.1" proxmox-subscription = "0.4" proxmox-sys = "0.5" proxmox-tfa = { version = "4.0.4", features = ["api"] } diff --git a/pmg-rs/debian/control b/pmg-rs/debian/control index 72037d0b..c6d19177 100644 --- a/pmg-rs/debian/control +++ b/pmg-rs/debian/control @@ -21,7 +21,7 @@ Build-Depends: cargo:native , librust-proxmox-http-0.9+client-trait-dev, librust-proxmox-http-0.9+default-dev, librust-proxmox-http-error-0.1+default-dev, - librust-proxmox-notify-0.3+default-dev, + librust-proxmox-notify-0.3+default-dev (>= 0.3.1-~~), librust-proxmox-subscription-0.4+default-dev, librust-proxmox-sys-0.5+default-dev, librust-proxmox-tfa-4+api-dev (>= 4.0.4-~~), diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index 58440bbb..ba30e9d2 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -36,7 +36,7 @@ perlmod = { version = "0.13", features = [ "exporter" ] } proxmox-apt = "0.10.6" proxmox-http = { version = "0.9", features = ["client-sync", "client-trait"] } proxmox-http-error = "0.1.0" -proxmox-notify = { version = "0.3", features = ["pve-context"] } +proxmox-notify = { version = "0.3.1", features = ["pve-context"] } proxmox-openid = "0.10" proxmox-resource-scheduling = "0.3.0" proxmox-subscription = "0.4" diff --git a/pve-rs/debian/control b/pve-rs/debian/control index 709db6d7..551b4cb0 100644 --- a/pve-rs/debian/control +++ b/pve-rs/debian/control @@ -16,12 +16,13 @@ Build-Depends: cargo:native , librust-openssl-0.10+default-dev (>= 0.10.40-~~), librust-perlmod-0.13+default-dev, librust-perlmod-0.13+exporter-dev, - librust-proxmox-apt-0.10+default-dev, + librust-proxmox-apt-0.10+default-dev (>= 0.10.6-~~), librust-proxmox-http-0.9+client-sync-dev, librust-proxmox-http-0.9+client-trait-dev, librust-proxmox-http-0.9+default-dev, librust-proxmox-http-error-0.1+default-dev, - librust-proxmox-notify-0.3+default-dev, + librust-proxmox-notify-0.3+default-dev (>= 0.3.1-~~), + librust-proxmox-notify-0.3+pve-context-dev (>= 0.3.1-~~), librust-proxmox-openid-0.10+default-dev, librust-proxmox-resource-scheduling-0.3+default-dev, librust-proxmox-subscription-0.4+default-dev, From 27a7f2e2529770de8802ce92bc096a67c18b9fa6 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Wed, 10 Jan 2024 14:20:00 +0100 Subject: [PATCH 114/114] pve: bump version to 0.8.8 Signed-off-by: Wolfgang Bumiller --- pve-rs/Cargo.toml | 2 +- pve-rs/debian/changelog | 12 ++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/pve-rs/Cargo.toml b/pve-rs/Cargo.toml index ba30e9d2..5fcebf37 100644 --- a/pve-rs/Cargo.toml +++ b/pve-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pve-rs" -version = "0.8.7" +version = "0.8.8" description = "PVE parts which have been ported to Rust" homepage = "https://www.proxmox.com" authors = ["Proxmox Support Team "] diff --git a/pve-rs/debian/changelog b/pve-rs/debian/changelog index c6fc24ac..8e10dcbb 100644 --- a/pve-rs/debian/changelog +++ b/pve-rs/debian/changelog @@ -1,3 +1,15 @@ +libpve-rs-perl (0.8.8) bookworm; urgency=medium + + * notify: include 'hostname' and 'type' metadata fields for forwarded mails + + * notify: smtp: forward original message instead of nesting + + * notify: smtp: add 'Auto-Submitted' header to email body + + * notify: api: allow resetting built-in targets if used by a matcher + + -- Proxmox Support Team Wed, 10 Jan 2024 14:19:47 +0100 + libpve-rs-perl (0.8.7) bookworm; urgency=medium * notify: adapt to new matcher-based notification routing