From: Stoiko Ivanov <s.ivanov@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH pmg-api] api: nodeconfig: validate acme config before writing
Date: Wed, 16 Jun 2021 20:36:40 +0200 [thread overview]
Message-ID: <20210616183640.3930-1-s.ivanov@proxmox.com> (raw)
Currently it is possible to add the same domains as different
acmedomainX keys to the node config, which prevents the user from
ordering certificates later.
This patch adds a call to get_acme_conf, which does the semantic
validation (and is also used in all other sites, which read the
config).
Reported in our community forum:
https://forum.proxmox.com/threads/lets-encrypt-cert-on-gui-not-working.91014/
quickly tested in my setup, by successfully adding the same domain
twice without the patch, and failing to do so with it applied.
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
src/PMG/API2/NodeConfig.pm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/PMG/API2/NodeConfig.pm b/src/PMG/API2/NodeConfig.pm
index 284f663..bfbbacd 100644
--- a/src/PMG/API2/NodeConfig.pm
+++ b/src/PMG/API2/NodeConfig.pm
@@ -81,6 +81,9 @@ __PACKAGE__->register_method ({
$conf->{$opt} = $param->{$opt};
}
+ #validate the acme config (check for duplicates)
+ PMG::NodeConfig::get_acme_conf($conf);
+
PMG::NodeConfig::write_config($conf);
});
--
2.20.1
next reply other threads:[~2021-06-16 18:36 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-16 18:36 Stoiko Ivanov [this message]
2021-06-28 13:27 ` [pmg-devel] applied: " Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210616183640.3930-1-s.ivanov@proxmox.com \
--to=s.ivanov@proxmox.com \
--cc=pmg-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.