5
0
mirror of git://git.proxmox.com/git/pve-common.git synced 2025-01-12 17:17:35 +03:00
Go to file
Thomas Lamprecht 21f36fed3c ticket: raise UNAUTHORIZED not FORBIDDEN in verify subs
In the ticket and CSRF prevention token verification methods we used
a raise_perm exception to tell our caller about a failure of such a
verification. raise_perm uses HTTP_FORBIDDEN (403) as code.

Earlier, all such exceptions or die's where caught when the anyevent
http server called the auth_handler method and transformed to
HTTP_UNAUTHORIZED (401).

With commit d8327719e353198a1dffad88c246fee065054a6b from
pve-http-server we gained the ability to tell a client about a server
internal 5XX error, so that clients do not get wrongly logged out if
we have a internal error.
This resulted also in the effect that the exceptions of the
verify_rsa_ticket and verify_csrf_prevention_token sub methods where
passed to the client.

If an old, now invalid, ticket was sent to the server a client got
403 (FORBIDDEN) instead of the 401 (UNAUTHORIZED) - which he was used
to, and thus meant that he did some wrong doing, instead of knowing
that he just needs to login.

As we are not yet logged in here, and thus cannot possibly know if
the call is forbidden or not, HTTP_FORBIDDEN seems the wrong code.
Change it to HTTP_UNAUTHORIZED, which restores it to the code we told
API clients since ever and is the correct one here.

Also RFC 2068 section 10.4.4 [1] defines that for the afformentioned
verify methods FORBIDDEN was not really correct:

 > 403 Forbidden
 >
 >    The server understood the request, but is refusing to fulfill it.
 >    Authorization will not help and the request SHOULD NOT be
 >    repeated. [...]

With a invalid ticket or CSRF prevention token we have a
authorization problem for the current call, not a permission problem
(we may have, but we can't tell yet).

[1] https://tools.ietf.org/html/rfc2068#section-10.4.4

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-15 12:25:10 +01:00
debian bump version to 5.0-24 2017-12-13 15:05:07 +01:00
src ticket: raise UNAUTHORIZED not FORBIDDEN in verify subs 2017-12-15 12:25:10 +01:00
test fix convert_size with decimal numbers and add tests 2017-12-15 11:15:50 +01:00
.gitignore add .gitignore file, remove svn leftover 2011-08-24 09:47:54 +02:00
Makefile bump version to 5.0-24 2017-12-13 15:05:07 +01:00
README.dev README.dev: remove vlan and ifenslave-2.6 packages 2017-03-29 14:22:02 +02:00

= Setup PVE Development Environment =

1. Install Debian 'jessie'
2. Configure pvetest repository in apt sources.list

 deb http://download.proxmox.com/debian jessie pvetest

3. Add our repository key with apt-key:

 wget -O- "http://download.proxmox.com/debian/key.asc" | apt-key add -

4. make sure you have a read IP address for your hostname in /etc/hosts
   (using 127.0.1.1 will not work)

5. run: apt-get update
6. run: apt-get dist-upgrade
7. run: apt-get install proxmox-ve

You should now have a working Proxmox VE installation.

= Install build prerequisites for development environment =

apt-get install build-essential git-core git-email debhelper \
autotools-dev autogen dh-autoreconf dkms doxygen check pkg-config \
groff quilt dpatch automake autoconf libtool lintian libdevel-cycle-perl \
libjson-perl libcommon-sense-perl liblinux-inotify2-perl libio-stringy-perl \
libstring-shellquote-perl dh-systemd rpm2cpio libsqlite3-dev sqlite3 \
libglib2.0-dev librrd-dev librrds-perl rrdcached libdigest-hmac-perl \
libxml-parser-perl gdb libcrypt-openssl-random-perl \
libcrypt-openssl-rsa-perl libnet-ldap-perl libauthen-pam-perl \
libjson-xs-perl libterm-readline-gnu-perl oathtool libmime-base32-perl \
liboath0 libpci-dev texi2html libsdl1.2-dev libgnutls28-dev \
libspice-protocol-dev xfslibs-dev libnuma-dev libaio-dev \
pve-libspice-server-dev libusbredirparser-dev glusterfs-common \
libusb-1.0-0-dev librbd-dev libpopt-dev iproute bridge-utils numactl \
glusterfs-common ceph-common python-ceph libgoogle-perftools4 \
libfile-chdir-perl lvm2 glusterfs-client liblockfile-simple-perl \
libsystemd-dev libreadline-gplv2-dev libio-multiplex-perl \
libnetfilter-log-dev libipset3 ipset socat libsasl2-dev libogg-dev \
python-pyparsing libfilesys-df-perl libcrypt-ssleay-perl \
libfile-readbackwards-perl libanyevent-perl libanyevent-http-perl \
unzip liblocale-po-perl libfile-sync-perl cstream \
lzop dtach apt-transport-https hdparm gdisk parted ttf-dejavu-core \
liblzma-dev dosfstools mtools libxen-dev libfuse-dev corosync-dev \
libcpg-dev libquorum-dev libcmap-dev libuuid-perl \
libqb-dev libapparmor-dev docbook2x libcap-dev dh-apparmor \
graphviz libseccomp-dev libglib-perl libgtk3-perl libnss3-dev libdlm-dev \
libudev-dev asciidoc-dblatex source-highlight inkscape \
libiscsi-dev libiscsi7

= Compile PVE packages from Source =

Download and install the following git modules in order from top to bottom:

# git clone git://git.proxmox.com/git/<PACKAGE.git>

You currently need the following packages:

pve-common.git
libpve-http-server-perl.git
libpve-apiclient-perl.git
pve-docs.git
pve-cluster.git
pve-access-control.git
pve-storage.git
pve-guest-common.git
pve-firewall.git
pve-qemu-kvm.git
qemu-server.git
vncterm.git
spiceterm.git
#vzquota.git
#vzctl.git
#fence-agents-pve.git
#resource-agents-pve.git
extjs.git
pve-manager.git
#pve-kernel-3.10.0.git
#libiscsi.git
#gfs2-utils.git
ksm-control-daemon.git
pve-container.git
pve-kernel.git

Most packages can be installed with 'make dinstall' command.

4.  Reboot the system.
5.  Learn to use the quilt patch scripts.
6.  Happy coding.

There is an experimental package containing the API documentation
as ExtJS application:

pve2-api-doc.git

You can view the source code at:

https://git.proxmox.com


= REST vs. SOAP =

We decided to change our SOAP API (1.X) and use a REST like API. The
concept is described in [1] (Resource Oriented Architecture
(ROA)). The main advantage is that we are able to remove a lot of code
(the whole SOAP stack) to reduce software complexity.

We also moved away from server side content generation. Instead we use
the ExtJS Rich Internet Application Framework
(http://www.sencha.com). 

That framework, like any other AJAX toolkit, can talk directly to the
REST API using JSON. So we were able to remove the server side
template toolkit completely.

= JSON and JSON Schema =

We use JSON as data format, because it is simple and parse-able by any
web browser.

Additionally, we use JSON Schema [2] to formally describe our API. So
we can automatically generate the whole API Documentation, and we can
verify all parameters and return values.

A great side effect was that we are able to use JSON Schema to
produce command line argument parsers automatically. In fact, the REST
API and the command line tools use the same code.

Object linkage is done using the JSON Hyper Schema (links property).

A small utility called 'pvesh' exposes the whole REST API on the command
line.

So here is a summary of the advantage:

   - easy, human readable data format (native web browser format)
   - automatic parameter verification (we can also verify return values)
   - automatic generation of API documentation
   - easy way to create command line tools (using same API).

= API Implementation (PVE::RESTHandler) =

All classes exposing methods on the API use PVE::RESTHandler as base class.

  use base qw(PVE::RESTHandler);

To expose methods, one needs to call register_method():

  __PACKAGE__->register_method ($schema);

Where $schema is a PVE method schema as described in
PVE::JSONSchema. It includes a description of parameters and return
values, and a reference to the actual code

__PACKAGE__->register_method ({
    name => 'echo', 
    path => 'echo', 
    method => 'GET',
    description => "simple return value of parameter 'text'",
    parameters => {
	additionalProperties => 0,
	properties => {
	    text => {
	    	 type => 'string',
	    }	  
	},
    },
    returns => {
	type => 'string',
    },
    code => sub {
	my ($param) = @_;

	return $param->{text};
    }
});

The 'name' property is only used if you want to call the method
directly from Perl. You can do that using:

  print __PACKAGE__->echo({ text => "a test" });

We use Perl's AUTOLOAD feature to implement this. Note: You need to
pass parameters a HASH reference.

There is a special helper method called cli_handler(). This is used by
the CLIHandler Class for command line tools, where you want to pass
arguments as array of strings. This uses Getopt::Long to parse parameters.

There is a second way to map names to methods - using the 'path'
property.  And you can register subclasses. That way you can set up a
filesystem like hierarchy to access methods. 

Here is an example:
----------------------------
package C1;

__PACKAGE__->register_method ({
    subclass => "C2",  
    path => 'sub2',
});


__PACKAGE__->register_method ({
    name => 'list1',    
    path => 'index',
    method => 'GET',
    ...
});

package C2;

__PACKAGE__->register_method ({
    name => 'list2',    
    path => 'index',
    method => 'GET',
    ...
});
-------------------------------

The utily method find_handler (in PVE::RESTHandler) can be use to do
'path' related method lookups.

C1->find_handler('GET', "/index")      => C1::list1
C1->find_handler('GET', "/sub2/index") => C2::list2

The HTTP server use the URL (a path) to find the corresponding method. 


= References =

[1] RESTful Web Services
Web services for the real world

By
    Leonard Richardson, Sam Ruby
Publisher:
    O'Reilly Media
Released:
    May 2007 

[2] JSON Schema links: http://json-schema.org/