* [pmg-devel] [PATCH pmg-api] api: nodeconfig: validate acme config before writing
@ 2021-06-16 18:36 Stoiko Ivanov
2021-06-28 13:27 ` [pmg-devel] applied: " Thomas Lamprecht
0 siblings, 1 reply; 2+ messages in thread
From: Stoiko Ivanov @ 2021-06-16 18:36 UTC (permalink / raw)
To: pmg-devel
Currently it is possible to add the same domains as different
acmedomainX keys to the node config, which prevents the user from
ordering certificates later.
This patch adds a call to get_acme_conf, which does the semantic
validation (and is also used in all other sites, which read the
config).
Reported in our community forum:
https://forum.proxmox.com/threads/lets-encrypt-cert-on-gui-not-working.91014/
quickly tested in my setup, by successfully adding the same domain
twice without the patch, and failing to do so with it applied.
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
src/PMG/API2/NodeConfig.pm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/PMG/API2/NodeConfig.pm b/src/PMG/API2/NodeConfig.pm
index 284f663..bfbbacd 100644
--- a/src/PMG/API2/NodeConfig.pm
+++ b/src/PMG/API2/NodeConfig.pm
@@ -81,6 +81,9 @@ __PACKAGE__->register_method ({
$conf->{$opt} = $param->{$opt};
}
+ #validate the acme config (check for duplicates)
+ PMG::NodeConfig::get_acme_conf($conf);
+
PMG::NodeConfig::write_config($conf);
});
--
2.20.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pmg-devel] applied: [PATCH pmg-api] api: nodeconfig: validate acme config before writing
2021-06-16 18:36 [pmg-devel] [PATCH pmg-api] api: nodeconfig: validate acme config before writing Stoiko Ivanov
@ 2021-06-28 13:27 ` Thomas Lamprecht
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2021-06-28 13:27 UTC (permalink / raw)
To: Stoiko Ivanov, pmg-devel
On 16.06.21 20:36, Stoiko Ivanov wrote:
> Currently it is possible to add the same domains as different
> acmedomainX keys to the node config, which prevents the user from
> ordering certificates later.
>
> This patch adds a call to get_acme_conf, which does the semantic
> validation (and is also used in all other sites, which read the
> config).
>
> Reported in our community forum:
> https://forum.proxmox.com/threads/lets-encrypt-cert-on-gui-not-working.91014/
>
> quickly tested in my setup, by successfully adding the same domain
> twice without the patch, and failing to do so with it applied.
>
> Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
> ---
> src/PMG/API2/NodeConfig.pm | 3 +++
> 1 file changed, 3 insertions(+)
>
>
applied, thanks!
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-06-28 13:27 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-16 18:36 [pmg-devel] [PATCH pmg-api] api: nodeconfig: validate acme config before writing Stoiko Ivanov
2021-06-28 13:27 ` [pmg-devel] applied: " Thomas Lamprecht
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal