Commit Graph

8 Commits

Author SHA1 Message Date
Fabian Grünbichler
538578c558 clippy 1.65 fixes
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-12-05 11:17:37 +01:00
Fabian Grünbichler
f908f216ae subscription: conditionalize checks
signed subscription info files should always be checked to catch
attempts of invalid signatures, but the age and serverid checks only
need to apply to "active" files, else the status might switch from a
more meaningful one to "invalid" by accident.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-07 13:05:42 +02:00
Fabian Grünbichler
6ff1c96021 add default signing key path
for use in dependent modules. this file should be shipped via
proxmox-archive-keyring.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-21 13:30:11 +02:00
Fabian Grünbichler
5391f5313b subscription: make key optional and support multiple keys
this is a breaking change requiring updates in proxmox-perl-rs and
proxmox-backup.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-21 13:29:15 +02:00
Wolfgang Bumiller
ab17e16664 subscription: line-wrap test data
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-20 13:28:31 +02:00
Fabian Grünbichler
baf31dc2d8 subscription: properly case status enum values
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-20 13:28:31 +02:00
Fabian Grünbichler
38492bde83 check signature when reading subscription
and handle signed keys differently w.r.t. age checks, since they will be
refreshed less frequently.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-19 15:20:36 +02:00
Fabian Grünbichler
4ec9a8183d add new proxmox-subscription crate
taking over slighlty generified helpers and types:
- subscription info and status
- checking subscription status with shop
- reading/writing local subscription-related files

the perl-based code uses base64 with newlines for the data, and base64
without padding for the checksum. accordingly, calculate the checksum
with and without newlines, and compare the decoded checksum instead of
the encoded one.

furthermore, the perl-based code encodes the subscription status using
Capitalized values instead of lowercase, so alias those for the time
being.

PVE also stores the serverid as 'validdirectory', so add that as alias
as well.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-19 15:20:36 +02:00