IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
StringSchema::check_constraint runs `parse_property_string` for
property strings, but when we deserialize a `PropertyString` we
immediately follow that up with deserializing it using the schema, so
there's no need to check it beforehand.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This provides `proxmox_schema::property_string::PropertyString<T>` for
a typed property-string.
To facilitate this, this introduces
`proxmox_schema:🇩🇪:SchemaDeserializer` which is a serde deserializer
for property strings given a schema.
This basically maps to one of `de::SeqAccess` (for array schemas) or
`de::MapAccess` (for object schemas).
Additionally, a `de::NoSchemaDeserializer` is added, since properties
within the strings may have string schemas with no format to it, while
the type we serialize to may ask for an array (a simple "list") via
serde.
The deserializers support borrowing, for which a helper `Cow3` needed
to be added, since property strings support quoting with escape
sequences where an intermediate string would be allocated and with an
intermediate lifetime distinct from the `'de` lifetime.
A `de::verify` module is added which uses serde infrastructure to
validate schemas without first having to deserialize a complete
`serde_json::Value`.
For serialization, `proxmox_schema::ser::PropertyStringSerializer` is
added split into similar parts `ser::SerializeStruct` and
`ser::SerializeSeq` at the top level, and the same prefixed with
`Element` for inside the actual string. This should also properly
quote the contents if required.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
These were missing the new client-ip parameter in the auth
function calls which was introduced to support `PAM_RHOST`.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Since this requires access to the user data, we need to add
a generic parameter to the unlock methods.
To avoid having to create another major API bump affecting
all our products this short after release, we keep the old
version around with the old behavior.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
this function checks if a given connection could work. it uses the
current config to connect to an ldap directory and perform a search
with the provided base_dn. this enables us to verify a connection
before storing it in a more meaningful way than with a regex.
Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
by using the default empty string if no password was provided,
unauthenticated binds were possible. to bring pbs in-line with pve,
switch to throwing an error in this case instead. however, this will
break any pre-existing setup that relied on this behavior.
Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
The module previously lived in `pbs-api-types`, however turned out to
be useful in other places as well (POM, proxmox-notify), so it is moved
here as its own micro-crate.
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
It is very common for TOTP URIs to contain the algorithm in lowercase,
hence we convert to lowercase when doing From<&str> for Algorithm.
Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
if the match arms are this far away from the actual `match`
keyword, this needs to be split up...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
when zipping a directory, our intention was to skip over files that
cannot be zipped (e.g. the file can't be read/vanished/etc.), so we
ignored errors and simply logged it.
but when 'add_entry' fails, we will never actually restore, since every
error there is fatal to the point that the zip cannot be finished thats
because we take the 'target' sink out of self, and only insert it again
after all writes succeeded. so if an error occurs in between 'target' is
not put into self again (and never will be) and the zip cannot be
finished (even if we would catch all those intermediate errors and
restore 'target', we don't know in which state the output was, so we're
unable to finish a valid zip)
to fix that, split the actual 'add_entry' part there out of the async
move block and treat its errors always as fatal
without this, we generate heaps of log lines even after an error
occurred, and can never recover
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
APT doesn't mind a repository with either "/" or "./" as suite/distribution,
such as
deb https://example.com/debian ./
in that case, the 'dists' part of the URL and the trailing slash (which would
be encoded as '_') is dropped in the file name in '/var/lib/apt/lists/'.
Other suite values with a trailing or leading '/' are rejected with an error by APT:
E: Malformed entry 1 in sources file /etc/apt/sources.list.d/test.list (absolute Suite Component)
E: The list of sources could not be read.
so this should be the only special case requiring handling.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
APT will not store the InRelease file in some cases, and some repositories
might not even have one in the first place.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
A build-system that needs all build-dependencies even for a simple
make clean invocation is a PITA..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The old 'main' component stays valid, pointing to no-subscription,
which means the is_referenced_repository() check needs a special case
for it. It will eventually go away, together with the handles for
Quincy.
Alternatively, the standard repository's info() could've been changed
to return multiple possible components, similar to URLs, but as
opposed to URLs, there could be a standard repository that wants to
have multiple components and it feels a bit unnatural, because
multiple components are usually not aliases of the same. And adapting
is_referenced_repository() would be needed here too. So overall, the
above alternative just felt better.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
