[pve-devel] [PATCH v6 0/4] fix #5207: apt: check signature of repos with proxmox-pgp

From: Nicolas Frey <n.frey@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH v6 0/4] fix #5207: apt: check signature of repos with proxmox-pgp
Date: Thu, 30 Oct 2025 14:28:40 +0100	[thread overview]
Message-ID: <20251030132844.188242-1-n.frey@proxmox.com> (raw)

This patch series moves in pgp verification code from POM into its
own micro-crate `proxmox-pgp` to reuse it to verify a package is of
Proxmox Origin, which fixes #5207.

If this patch series is applied, then `proxmox-offline-mirror` should
use the `proxmox-pgp` crate.

The last patch again adds in the local file fallback in case that the
URI starts with `file://` for (IMO) better UX. I'm fine with this 
being dropped if it's not desired, though.

Changes since v5 (thanks @Shannon):
* changed imports to be module level and correct ordering
* adjust the signature verification to make it more viable to be in
    a library by collecting the errors and returning it as one
    instead of directly printing to `stderr`
* cleaned up some minor nits

Changes since v4 (thanks @Thomas for feedback):
* added `proxmox-pgp` micro-crate and moved code from POM
* removed reliance on gpgv in favor of now available `verify_signature`
    function in `proxmox-pgp`
* removed http(s) fallback for cached InRelease file
* split up initial patch into smaller commits

Changes since v3:
* Moved found_uri_or_signed to function and to the end of bool chain
    to prevent redundant signage checks to improve performance
* Added fallback to the cached InRelease file to get it from repos URI

Changes since v2:
* correct the mapping in `gpg_signed`

Changes since v1:
* rewrite test so it compiles

Nicolas Frey (4):
  add proxmox-pgp subcrate, move POM verifier code to it
  fix #5207: apt: check signature of repos with  proxmox-pgp
  apt: add tests for POM release filenames
  apt: check for local POM InRelease as fallback

 Cargo.toml                                 |   2 +
 proxmox-apt/Cargo.toml                     |   1 +
 proxmox-apt/src/repositories/repository.rs |  94 ++++++++--
 proxmox-pgp/Cargo.toml                     |  17 ++
 proxmox-pgp/debian/changelog               |   5 +
 proxmox-pgp/debian/control                 |  40 +++++
 proxmox-pgp/debian/copyright               |  18 ++
 proxmox-pgp/debian/debcargo.toml           |   7 +
 proxmox-pgp/src/lib.rs                     |   5 +
 proxmox-pgp/src/verifier.rs                | 194 +++++++++++++++++++++
 10 files changed, 373 insertions(+), 10 deletions(-)
 create mode 100644 proxmox-pgp/Cargo.toml
 create mode 100644 proxmox-pgp/debian/changelog
 create mode 100644 proxmox-pgp/debian/control
 create mode 100644 proxmox-pgp/debian/copyright
 create mode 100644 proxmox-pgp/debian/debcargo.toml
 create mode 100644 proxmox-pgp/src/lib.rs
 create mode 100644 proxmox-pgp/src/verifier.rs

-- 
2.47.3

_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel