From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 0F01BB9A4F for ; Fri, 15 Mar 2024 12:27:36 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id DF4D41B77F for ; Fri, 15 Mar 2024 12:27:35 +0100 (CET) Received: from druiddev.proxmox.com (unknown [94.136.29.99]) by firstgate.proxmox.com (Proxmox) with ESMTP for ; Fri, 15 Mar 2024 12:27:34 +0100 (CET) Received: by druiddev.proxmox.com (Postfix, from userid 1000) id B15DE88869; Fri, 15 Mar 2024 12:27:34 +0100 (CET) From: Dietmar Maurer To: pbs-devel@lists.proxmox.com Date: Fri, 15 Mar 2024 12:27:30 +0100 Message-Id: <20240315112732.368831-2-dietmar@proxmox.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240315112732.368831-1-dietmar@proxmox.com> References: <20240315112732.368831-1-dietmar@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.548 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pbs-devel] [PATCH proxmox 2/4] proxmox-auth-api: use const_format to define static strings X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Mar 2024 11:27:36 -0000 Signed-off-by: Dietmar Maurer --- proxmox-auth-api/Cargo.toml | 4 +-- proxmox-auth-api/src/types.rs | 62 ++++++++++------------------------- 2 files changed, 20 insertions(+), 46 deletions(-) diff --git a/proxmox-auth-api/Cargo.toml b/proxmox-auth-api/Cargo.toml index 6e4a626..ecea701 100644 --- a/proxmox-auth-api/Cargo.toml +++ b/proxmox-auth-api/Cargo.toml @@ -14,7 +14,7 @@ required-features = [ "pam-authenticator" ] [dependencies] anyhow.workspace = true - +const_format = { workspace = true, optional = true } base64 = { workspace = true, optional = true } lazy_static = { workspace = true, optional = true } libc = { workspace = true, optional = true } @@ -37,7 +37,7 @@ proxmox-tfa = { workspace = true, optional = true, features = [ "api" ] } default = [] ticket = [ "dep:base64", "dep:percent-encoding", "dep:openssl" ] -api-types = [ "dep:lazy_static", "dep:regex", "dep:serde", "dep:serde_plain", "dep:proxmox-schema" ] +api-types = [ "dep:const_format", "dep:lazy_static", "dep:regex", "dep:serde", "dep:serde_plain", "dep:proxmox-schema" ] api = [ "api-types", "ticket", diff --git a/proxmox-auth-api/src/types.rs b/proxmox-auth-api/src/types.rs index 319ac4b..e11d0b1 100644 --- a/proxmox-auth-api/src/types.rs +++ b/proxmox-auth-api/src/types.rs @@ -27,62 +27,36 @@ use std::fmt; use anyhow::{bail, format_err, Error}; use lazy_static::lazy_static; use serde::{Deserialize, Serialize}; +use const_format::concatcp; use proxmox_schema::{ api, const_regex, ApiStringFormat, ApiType, Schema, StringSchema, UpdaterType, }; +use proxmox_schema::api_types::SAFE_ID_REGEX_STR; + // we only allow a limited set of characters // colon is not allowed, because we store usernames in // colon separated lists)! // slash is not allowed because it is used as pve API delimiter // also see "man useradd" -#[macro_export] -macro_rules! USER_NAME_REGEX_STR { - () => { - r"(?:[^\s:/[:cntrl:]]+)" - }; -} -#[macro_export] -macro_rules! GROUP_NAME_REGEX_STR { - () => { - $crate::USER_NAME_REGEX_STR!() - }; -} -#[macro_export] -macro_rules! TOKEN_NAME_REGEX_STR { - () => { - proxmox_schema::SAFE_ID_REGEX_STR!() - }; -} -#[macro_export] -macro_rules! USER_ID_REGEX_STR { - () => { - concat!( - $crate::USER_NAME_REGEX_STR!(), - r"@", - proxmox_schema::SAFE_ID_REGEX_STR!() - ) - }; -} -#[macro_export] -macro_rules! APITOKEN_ID_REGEX_STR { - () => { - concat!( - $crate::USER_ID_REGEX_STR!(), - r"!", - $crate::TOKEN_NAME_REGEX_STR!() - ) - }; -} +pub const USER_NAME_REGEX_STR: &str = r"(?:[^\s:/[:cntrl:]]+)"; + +pub const GROUP_NAME_REGEX_STR: &str = USER_NAME_REGEX_STR; + +pub const TOKEN_NAME_REGEX_STR: &str = SAFE_ID_REGEX_STR; + +pub const USER_ID_REGEX_STR: &str = concatcp!(USER_NAME_REGEX_STR, r"@", SAFE_ID_REGEX_STR); + +pub const APITOKEN_ID_REGEX_STR: &str = concatcp!(USER_ID_REGEX_STR, r"!", TOKEN_NAME_REGEX_STR); const_regex! { - pub PROXMOX_USER_NAME_REGEX = concat!(r"^", USER_NAME_REGEX_STR!(), r"$"); - pub PROXMOX_TOKEN_NAME_REGEX = concat!(r"^", TOKEN_NAME_REGEX_STR!(), r"$"); - pub PROXMOX_USER_ID_REGEX = concat!(r"^", USER_ID_REGEX_STR!(), r"$"); - pub PROXMOX_APITOKEN_ID_REGEX = concat!(r"^", APITOKEN_ID_REGEX_STR!(), r"$"); - pub PROXMOX_AUTH_ID_REGEX = concat!(r"^", r"(?:", USER_ID_REGEX_STR!(), r"|", APITOKEN_ID_REGEX_STR!(), r")$"); - pub PROXMOX_GROUP_ID_REGEX = concat!(r"^", GROUP_NAME_REGEX_STR!(), r"$"); + pub PROXMOX_USER_NAME_REGEX = concatcp!(r"^", USER_NAME_REGEX_STR, r"$"); + pub PROXMOX_TOKEN_NAME_REGEX = concatcp!(r"^", TOKEN_NAME_REGEX_STR, r"$"); + pub PROXMOX_USER_ID_REGEX = concatcp!(r"^", USER_ID_REGEX_STR, r"$"); + pub PROXMOX_APITOKEN_ID_REGEX = concatcp!(r"^", APITOKEN_ID_REGEX_STR, r"$"); + pub PROXMOX_AUTH_ID_REGEX = concatcp!(r"^", r"(?:", USER_ID_REGEX_STR, r"|", APITOKEN_ID_REGEX_STR, r")$"); + pub PROXMOX_GROUP_ID_REGEX = concatcp!(r"^", GROUP_NAME_REGEX_STR, r"$"); } pub const PROXMOX_USER_NAME_FORMAT: ApiStringFormat = -- 2.39.2