From f908f216ae38e5a706977939c070900ccf8e3de7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
Date: Wed, 7 Sep 2022 10:40:45 +0200
Subject: [PATCH] subscription: conditionalize checks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

signed subscription info files should always be checked to catch
attempts of invalid signatures, but the age and serverid checks only
need to apply to "active" files, else the status might switch from a
more meaningful one to "invalid" by accident.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
 proxmox-subscription/src/files.rs | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/proxmox-subscription/src/files.rs b/proxmox-subscription/src/files.rs
index 34951609..7767a3c6 100644
--- a/proxmox-subscription/src/files.rs
+++ b/proxmox-subscription/src/files.rs
@@ -91,10 +91,12 @@ pub fn read_subscription<P: AsRef<Path>>(
         Some(raw) => {
             let mut info = parse_subscription_file(&raw)?;
             if let Some(info) = info.as_mut() {
-                // these will set `status` to INVALID if checks fail!
                 info.check_signature(signature_keys);
-                info.check_server_id();
-                info.check_age(false);
+                if info.status == SubscriptionStatus::Active {
+                    // these will set `status` to INVALID if checks fail!
+                    info.check_server_id();
+                    info.check_age(false);
+                }
             };
 
             Ok(info)