Commit Graph

27 Commits

Author SHA1 Message Date
Fabian Grünbichler
a6e03dfe42 subscription: properly forward verification error
when verifying the server response used for offline mirror keys.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-07 13:06:02 +02:00
Fabian Grünbichler
d55816e9dd subscription: use lowercase for Display-ing status 2022-09-07 13:05:42 +02:00
Fabian Grünbichler
31f1bbbf40 subscription: properly alias 'notfound'
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-07 13:05:42 +02:00
Fabian Grünbichler
f908f216ae subscription: conditionalize checks
signed subscription info files should always be checked to catch
attempts of invalid signatures, but the age and serverid checks only
need to apply to "active" files, else the status might switch from a
more meaningful one to "invalid" by accident.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-07 13:05:42 +02:00
Fabian Grünbichler
4beac11b34 subscription: add Expired status
this can be returned by the shop when checking an online subscription.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-07 13:05:42 +02:00
Fabian Grünbichler
5b90667d05 http: bump to 0.7.0
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-07 09:35:51 +02:00
Fabian Grünbichler
08a6d56eae http: client_trait: make request body generic
like the response body, instead of hard-coding Read.
2022-09-07 09:25:47 +02:00
Fabian Grünbichler
891dcfda2f http: add extra_headers to post
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-07 09:17:45 +02:00
Fabian Grünbichler
00f5eca155 http: make post() take Read, not &str
for more flexibility.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-07 09:17:45 +02:00
Thomas Lamprecht
52a8eb6ace d/control: tree wide update after switch to weak/namespaced dependencies
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-08-26 12:07:36 +02:00
Fabian Grünbichler
289d297c7d build: use weak and namespaced features
to reduce the creep of optional dependencies being exposed as features.

this requires cargo 0.63 (and debcargo built against at least that
version), but greatly reduces the number of binary packages and provides
generated, while still allowing sensible selection of optional
dependencies via the explicit feature meant for pulling them in.

diff stat for running `make  deb` after this change:
 proxmox-http/debian/control         | 226 ++++--------------------------------
 proxmox-router/debian/control       |  74 +-----------
 proxmox-schema/debian/control       |  53 ++-------
 proxmox-subscription/debian/control |  17 +--
 proxmox-sys/debian/control          |  51 +++-----
 proxmox-tfa/debian/control          | 110 ++----------------
 6 files changed, 72 insertions(+), 459 deletions(-)

the 'dep:' prefix marks something on the RHS inside the features section
as dependency, it's only allowed if the string after it is an optional
dependency an no explicit feature of the same name exists. if all
pointers to the optional dependency in the features section are marked
as such, the optional dependency itself will not be exposed as a feature
(either on the cargo or debian/control level).

the '?' suffix marks dependencies as "weak", which only enables the
optional dependency + its feature(s) if the optional dependency itself
is also enabled. it has no effect on d/control since such a relationship
is not encodable in Debian package relations, but it does affect cargo
dependency resolution and allows skipping the build of unneeded optional
dependencies in some cases.

with no packages/crates depending on the no longer exposed automatically
generated features/packages, so these are safe to remove even though
it's technically a breaking change.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-08-26 10:35:00 +02:00
Fabian Grünbichler
1cd6a842f7 subscription: add missing path dependencies
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-08-19 14:20:58 +02:00
Wolfgang Bumiller
b3e2a1f574 bump d/control files
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-28 13:39:21 +02:00
Wolfgang Bumiller
d52a1b7889 bump proxmox-subscription to 0.2.1-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-28 13:35:47 +02:00
Wolfgang Bumiller
1d3f4a4bbd http, shared-memory, subscription: bump proxmox-sys dependency to 0.4
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-28 13:35:47 +02:00
Wolfgang Bumiller
f6c7d46d04 bump proxmox-subscription to 0.2.0-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-21 14:36:49 +02:00
Fabian Grünbichler
6ff1c96021 add default signing key path
for use in dependent modules. this file should be shipped via
proxmox-archive-keyring.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-21 13:30:11 +02:00
Fabian Grünbichler
5391f5313b subscription: make key optional and support multiple keys
this is a breaking change requiring updates in proxmox-perl-rs and
proxmox-backup.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-21 13:29:15 +02:00
Wolfgang Bumiller
760c49be6e subscription: check in d/control
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-21 12:54:59 +02:00
Wolfgang Bumiller
6794989b2a proxmox-subscription: initial bump to 0.1.0-1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-20 13:37:08 +02:00
Wolfgang Bumiller
5e630472ec subscription: clippy fixup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-20 13:28:31 +02:00
Wolfgang Bumiller
ab17e16664 subscription: line-wrap test data
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-20 13:28:31 +02:00
Wolfgang Bumiller
0cd02a0d2b subscription: doc comment fixup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-20 13:28:31 +02:00
Fabian Grünbichler
3f694b5481 subscription: clippy lints
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-20 13:28:31 +02:00
Fabian Grünbichler
baf31dc2d8 subscription: properly case status enum values
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-20 13:28:31 +02:00
Fabian Grünbichler
38492bde83 check signature when reading subscription
and handle signed keys differently w.r.t. age checks, since they will be
refreshed less frequently.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-19 15:20:36 +02:00
Fabian Grünbichler
4ec9a8183d add new proxmox-subscription crate
taking over slighlty generified helpers and types:
- subscription info and status
- checking subscription status with shop
- reading/writing local subscription-related files

the perl-based code uses base64 with newlines for the data, and base64
without padding for the checksum. accordingly, calculate the checksum
with and without newlines, and compare the decoded checksum instead of
the encoded one.

furthermore, the perl-based code encodes the subscription status using
Capitalized values instead of lowercase, so alias those for the time
being.

PVE also stores the serverid as 'validdirectory', so add that as alias
as well.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-19 15:20:36 +02:00