* [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate
@ 2024-10-30 12:18 Maximiliano Sandoval
2024-10-30 12:18 ` [pve-devel] [PATCH manager 2/2] api: node: index: Add regex pattern to fingerprint parameter Maximiliano Sandoval
2024-10-30 12:51 ` [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate Fabian Grünbichler
0 siblings, 2 replies; 6+ messages in thread
From: Maximiliano Sandoval @ 2024-10-30 12:18 UTC (permalink / raw)
To: pve-devel
The function internally calls
PVE::Certificate::get_certificate_fingerprint which in turn calls:
```
my $fp = Net::SSLeay::X509_get_fingerprint($cert, 'sha256');
```
Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
PVE/API2/Nodes.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm
index e8ff6dd9..1db148af 100644
--- a/PVE/API2/Nodes.pm
+++ b/PVE/API2/Nodes.pm
@@ -2567,7 +2567,7 @@ __PACKAGE__->register_method ({
renderer => 'duration',
},
ssl_fingerprint => {
- description => "The SSL fingerprint for the node certificate.",
+ description => "The SSL SHA-256 fingerprint for the node certificate.",
type => 'string',
optional => 1,
},
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 6+ messages in thread
* [pve-devel] [PATCH manager 2/2] api: node: index: Add regex pattern to fingerprint parameter
2024-10-30 12:18 [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate Maximiliano Sandoval
@ 2024-10-30 12:18 ` Maximiliano Sandoval
2024-10-30 12:51 ` [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate Fabian Grünbichler
1 sibling, 0 replies; 6+ messages in thread
From: Maximiliano Sandoval @ 2024-10-30 12:18 UTC (permalink / raw)
To: pve-devel
This is the same regex as used in pmg-api.
Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
The commit message assumes https://lists.proxmox.com/pipermail/pmg-devel/2024-October/003003.html.
PVE/API2/Nodes.pm | 1 +
1 file changed, 1 insertion(+)
diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm
index 1db148af..3aca8557 100644
--- a/PVE/API2/Nodes.pm
+++ b/PVE/API2/Nodes.pm
@@ -2569,6 +2569,7 @@ __PACKAGE__->register_method ({
ssl_fingerprint => {
description => "The SSL SHA-256 fingerprint for the node certificate.",
type => 'string',
+ pattern => '^(:?[A-F0-9][A-F0-9]:){31}[A-F0-9][A-F0-9]$',
optional => 1,
},
},
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate
2024-10-30 12:18 [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate Maximiliano Sandoval
2024-10-30 12:18 ` [pve-devel] [PATCH manager 2/2] api: node: index: Add regex pattern to fingerprint parameter Maximiliano Sandoval
@ 2024-10-30 12:51 ` Fabian Grünbichler
2024-10-30 13:35 ` Maximiliano Sandoval
1 sibling, 1 reply; 6+ messages in thread
From: Fabian Grünbichler @ 2024-10-30 12:51 UTC (permalink / raw)
To: Proxmox VE development discussion, Maximiliano Sandoval
see my comments to the pmg-api patch(es)..
> Maximiliano Sandoval <m.sandoval@proxmox.com> hat am 30.10.2024 13:18 CET geschrieben:
>
>
> The function internally calls
> PVE::Certificate::get_certificate_fingerprint which in turn calls:
>
> ```
> my $fp = Net::SSLeay::X509_get_fingerprint($cert, 'sha256');
> ```
>
> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
> PVE/API2/Nodes.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm
> index e8ff6dd9..1db148af 100644
> --- a/PVE/API2/Nodes.pm
> +++ b/PVE/API2/Nodes.pm
> @@ -2567,7 +2567,7 @@ __PACKAGE__->register_method ({
> renderer => 'duration',
> },
> ssl_fingerprint => {
> - description => "The SSL fingerprint for the node certificate.",
> + description => "The SSL SHA-256 fingerprint for the node certificate.",
> type => 'string',
> optional => 1,
> },
> --
> 2.39.5
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate
2024-10-30 12:51 ` [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate Fabian Grünbichler
@ 2024-10-30 13:35 ` Maximiliano Sandoval
0 siblings, 0 replies; 6+ messages in thread
From: Maximiliano Sandoval @ 2024-10-30 13:35 UTC (permalink / raw)
To: Fabian Grünbichler; +Cc: Proxmox VE development discussion
Fabian Grünbichler <f.gruenbichler@proxmox.com> writes:
> see my comments to the pmg-api patch(es)..
Yeah, saw them right after sending this. I sent v2 of the pmg-api patch
already, will do v2 of this one. Thanks.
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate
2024-10-30 13:44 Maximiliano Sandoval
@ 2024-10-31 12:34 ` Fabian Grünbichler
0 siblings, 0 replies; 6+ messages in thread
From: Fabian Grünbichler @ 2024-10-31 12:34 UTC (permalink / raw)
To: Proxmox VE development discussion
On October 30, 2024 2:44 pm, Maximiliano Sandoval wrote:
> The function internally calls
> PVE::Certificate::get_certificate_fingerprint which in turn calls:
>
> ```
> my $fp = Net::SSLeay::X509_get_fingerprint($cert, 'sha256');
> ```
>
> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
> PVE/API2/Nodes.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm
> index e8ff6dd9..1db148af 100644
> --- a/PVE/API2/Nodes.pm
> +++ b/PVE/API2/Nodes.pm
> @@ -2567,7 +2567,7 @@ __PACKAGE__->register_method ({
> renderer => 'duration',
> },
> ssl_fingerprint => {
> - description => "The SSL fingerprint for the node certificate.",
> + description => "The SSL SHA-256 fingerprint for the node certificate.",
what is an "SSL SHA-256 fingerprint"? the original was already bad, but
this made it worse..
the standard option has "Certificate SHA 256 fingerprint" as
description, IMHO that would already be quite okay here? after all, if
there is only a single fingerprint returned per node, it's quite clear
which certificate it belongs to?
or if you want to make it more specific, then use something like
"The SHA-256 fingerprint of the node's TLS certificate"
> type => 'string',
> optional => 1,
> },
> --
> 2.39.5
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
>
>
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 6+ messages in thread
* [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate
@ 2024-10-30 13:44 Maximiliano Sandoval
2024-10-31 12:34 ` Fabian Grünbichler
0 siblings, 1 reply; 6+ messages in thread
From: Maximiliano Sandoval @ 2024-10-30 13:44 UTC (permalink / raw)
To: pve-devel
The function internally calls
PVE::Certificate::get_certificate_fingerprint which in turn calls:
```
my $fp = Net::SSLeay::X509_get_fingerprint($cert, 'sha256');
```
Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
PVE/API2/Nodes.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm
index e8ff6dd9..1db148af 100644
--- a/PVE/API2/Nodes.pm
+++ b/PVE/API2/Nodes.pm
@@ -2567,7 +2567,7 @@ __PACKAGE__->register_method ({
renderer => 'duration',
},
ssl_fingerprint => {
- description => "The SSL fingerprint for the node certificate.",
+ description => "The SSL SHA-256 fingerprint for the node certificate.",
type => 'string',
optional => 1,
},
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-10-31 12:35 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-10-30 12:18 [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate Maximiliano Sandoval
2024-10-30 12:18 ` [pve-devel] [PATCH manager 2/2] api: node: index: Add regex pattern to fingerprint parameter Maximiliano Sandoval
2024-10-30 12:51 ` [pve-devel] [PATCH manager 1/2] api: nodes: index: specify the type of SSL certificate Fabian Grünbichler
2024-10-30 13:35 ` Maximiliano Sandoval
2024-10-30 13:44 Maximiliano Sandoval
2024-10-31 12:34 ` Fabian Grünbichler
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal