forked from Proxmox/proxmox
subscription: conditionalize checks
signed subscription info files should always be checked to catch attempts of invalid signatures, but the age and serverid checks only need to apply to "active" files, else the status might switch from a more meaningful one to "invalid" by accident. Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
parent
4beac11b34
commit
f908f216ae
@ -91,10 +91,12 @@ pub fn read_subscription<P: AsRef<Path>>(
|
||||
Some(raw) => {
|
||||
let mut info = parse_subscription_file(&raw)?;
|
||||
if let Some(info) = info.as_mut() {
|
||||
// these will set `status` to INVALID if checks fail!
|
||||
info.check_signature(signature_keys);
|
||||
info.check_server_id();
|
||||
info.check_age(false);
|
||||
if info.status == SubscriptionStatus::Active {
|
||||
// these will set `status` to INVALID if checks fail!
|
||||
info.check_server_id();
|
||||
info.check_age(false);
|
||||
}
|
||||
};
|
||||
|
||||
Ok(info)
|
||||
|
Loading…
Reference in New Issue
Block a user