From d017de1f91914a9da75c405f117c6da4c270d686 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
Date: Thu, 30 Jun 2022 14:06:16 +0200
Subject: [PATCH] subscription: switch to Proxmox::RS::Subscription
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
 PVE/API2/APT.pm          |  4 +--
 PVE/API2/Cluster.pm      |  2 +-
 PVE/API2/Subscription.pm | 54 ++++++++++++++++++----------------------
 PVE/Service/pvestatd.pm  |  2 +-
 bin/pveupdate            |  4 +--
 5 files changed, 30 insertions(+), 36 deletions(-)

diff --git a/PVE/API2/APT.pm b/PVE/API2/APT.pm
index fbcd171bb..9ece34e1d 100644
--- a/PVE/API2/APT.pm
+++ b/PVE/API2/APT.pm
@@ -465,8 +465,8 @@ __PACKAGE__->register_method({
 	my $pw;
 
 	if ($pkgfile->{Origin} eq 'Proxmox' && $pkgfile->{Component} eq 'pve-enterprise') {
-	    my $info = PVE::INotify::read_file('subscription');
-	    if ($info->{status} eq 'Active') {
+	    my $info = PVE::API2::Subscription::read_etc_subscription();
+	    if ($info->{status} eq 'active') {
 		$username = $info->{key};
 		$pw = PVE::API2Tools::get_hwaddress();
 		$ua->credentials("enterprise.proxmox.com:443", 'pve-enterprise-repository',  $username, $pw);
diff --git a/PVE/API2/Cluster.pm b/PVE/API2/Cluster.pm
index 525a95a17..d6b405e2c 100644
--- a/PVE/API2/Cluster.pm
+++ b/PVE/API2/Cluster.pm
@@ -690,7 +690,7 @@ __PACKAGE__->register_method({
 	    # fake entry for local node if no cluster defined
 	    my $pmxcfs = ($clinfo && $clinfo->{version}) ? 1 : 0; # pmxcfs online ?
 
-	    my $subinfo = PVE::INotify::read_file('subscription');
+	    my $subinfo = PVE::API2::Subscription::read_etc_subscription();
 	    my $sublevel = $subinfo->{level} || '';
 
 	    return [{
diff --git a/PVE/API2/Subscription.pm b/PVE/API2/Subscription.pm
index 67f8b96e5..22455e3a1 100644
--- a/PVE/API2/Subscription.pm
+++ b/PVE/API2/Subscription.pm
@@ -8,6 +8,8 @@ use HTTP::Request;
 use LWP::UserAgent;
 use JSON;
 
+use Proxmox::RS::Subscription;
+
 use PVE::Tools;
 use PVE::ProcFSTools;
 use PVE::Exception qw(raise_param_exc);
@@ -19,18 +21,14 @@ use PVE::Storage;
 use PVE::JSONSchema qw(get_standard_option);
 
 use PVE::SafeSyslog;
-use PVE::Subscription;
 
 use PVE::API2Tools;
 use PVE::RESTHandler;
 
 use base qw(PVE::RESTHandler);
 
-PVE::INotify::register_file('subscription', "/etc/subscription",
-			    \&read_etc_pve_subscription,
-			    \&write_etc_pve_subscription);
-
 my $subscription_pattern = 'pve([1248])([cbsp])-[0-9a-f]{10}';
+my $filename = "/etc/subscription";
 
 sub get_sockets {
     my $info = PVE::ProcFSTools::read_cpuinfo();
@@ -58,21 +56,19 @@ sub check_key {
     return ($sockets, $level);
 }
 
-sub read_etc_pve_subscription {
-    my ($filename, $fh) = @_;
-
+sub read_etc_subscription {
     my $req_sockets = get_sockets();
     my $server_id = PVE::API2Tools::get_hwaddress();
 
-    my $info = PVE::Subscription::read_subscription($server_id, $filename, $fh);
+    my $info = Proxmox::RS::Subscription::read_subscription($filename);
 
-    return $info if $info->{status} ne 'Active';
+    return $info if $info->{status} ne 'active';
 
     my ($sockets, $level);
     eval { ($sockets, $level) = check_key($info->{key}, $req_sockets); };
     if (my $err = $@) {
 	chomp $err;
-	$info->{status} = 'Invalid';
+	$info->{status} = 'invalid';
 	$info->{message} = $err;
     } else {
 	$info->{level} = $level;
@@ -81,11 +77,12 @@ sub read_etc_pve_subscription {
     return $info;
 }
 
-sub write_etc_pve_subscription {
-    my ($filename, $fh, $info) = @_;
+sub write_etc_subscription {
+    my ($info) = @_;
 
     my $server_id = PVE::API2Tools::get_hwaddress();
-    PVE::Subscription::write_subscription($server_id, $filename, $fh, $info);
+    mkdir "/etc/apt/auth.conf.d";
+    Proxmox::RS::Subscription::write_subscription($filename, "/etc/apt/auth.conf.d/pve.conf", "enterprise.proxmox.com/debian/pve", $info);
 }
 
 __PACKAGE__->register_method ({
@@ -114,10 +111,10 @@ __PACKAGE__->register_method ({
 	my $server_id = PVE::API2Tools::get_hwaddress();
 	my $url = "https://www.proxmox.com/proxmox-ve/pricing";
 
-	my $info = PVE::INotify::read_file('subscription');
+	my $info = read_etc_subscription();
 	if (!$info) {
 	    my $no_subscription_info = {
-		status => "NotFound",
+		status => "notfound",
 		message => "There is no subscription key",
 		url => $url,
 	    };
@@ -166,20 +163,17 @@ __PACKAGE__->register_method ({
     code => sub {
 	my ($param) = @_;
 
-	my $info = PVE::INotify::read_file('subscription');
+	my $info = read_etc_subscription();
 	return undef if !$info;
 
 	my $server_id = PVE::API2Tools::get_hwaddress();
 	my $key = $info->{key};
 
-	if ($key) {
-	    PVE::Subscription::update_apt_auth($key, $server_id);
-	}
-
-	if (!$param->{force} && $info->{status} eq 'Active') {
-	    my $age = time() -  $info->{checktime};
-	    return undef if $age < $PVE::Subscription::localkeydays*60*60*24;
-	}
+	# key has been recently checked or is a valid, signed offline key
+	return undef
+	    if !$param->{force}
+		&& $info->{status} eq 'active'
+		&& Proxmox::RS::Subscription::check_age($info, 1)->{status} eq 'active';
 
 	my $req_sockets = get_sockets();
 	check_key($key, $req_sockets);
@@ -187,9 +181,9 @@ __PACKAGE__->register_method ({
 	my $dccfg = PVE::Cluster::cfs_read_file('datacenter.cfg');
 	my $proxy = $dccfg->{http_proxy};
 
-	$info = PVE::Subscription::check_subscription($key, $server_id, $proxy);
+	$info = Proxmox::RS::Subscription::check_subscription($key, $server_id, "", "Proxmox VE", $proxy);
 
-	PVE::INotify::write_file('subscription', $info);
+	write_etc_subscription($info);
 
 	return undef;
     }});
@@ -233,14 +227,14 @@ __PACKAGE__->register_method ({
 
 	check_key($key, $req_sockets);
 
-	PVE::INotify::write_file('subscription', $info);
+	write_etc_subscription($info);
 
 	my $dccfg = PVE::Cluster::cfs_read_file('datacenter.cfg');
 	my $proxy = $dccfg->{http_proxy};
 
-	$info = PVE::Subscription::check_subscription($key, $server_id, $proxy);
+	$info = Proxmox::RS::Subscription::check_subscription($key, $server_id, "", "Proxmox VE", $proxy);
 
-	PVE::INotify::write_file('subscription', $info);
+	write_etc_subscription($info);
 
 	return undef;
     }});
diff --git a/PVE/Service/pvestatd.pm b/PVE/Service/pvestatd.pm
index 72445ec0c..eac953df6 100755
--- a/PVE/Service/pvestatd.pm
+++ b/PVE/Service/pvestatd.pm
@@ -135,7 +135,7 @@ sub update_node_status {
 
     update_supported_cpuflags();
 
-    my $subinfo = PVE::INotify::read_file('subscription');
+    my $subinfo = PVE::API2::Subscription::read_etc_subscription();
     my $sublevel = $subinfo->{level} || '';
 
     my $netdev = PVE::ProcFSTools::read_proc_net_dev();
diff --git a/bin/pveupdate b/bin/pveupdate
index 99b52fe98..3dc4cbe66 100755
--- a/bin/pveupdate
+++ b/bin/pveupdate
@@ -49,10 +49,10 @@ if (my $err = $@) {
     syslog ('err', "update appliance info failed - see /var/log/pveam.log for details");
 }
 
-my $info = PVE::INotify::read_file('subscription');
+my $info = eval { PVE::API2::Subscription::read_etc_subscription() };
 # We assume that users with subscriptions want informations
 # about new packages.
-my $notify = ($info && $info->{status} eq 'Active') ? 1 : 0;
+my $notify = ($info && $info->{status} eq 'active') ? 1 : 0;
 eval { PVE::API2::APT->update_database({ node => $nodename, notify => $notify, quiet => 1 }); };
 if (my $err = $@) {
     syslog ('err', "update apt database failed: $err");