From: Christian Ebner <c.ebner@proxmox.com>
To: Thomas Lamprecht <t.lamprecht@proxmox.com>,
Proxmox Backup Server development discussion
<pbs-devel@lists.proxmox.com>
Subject: Re: [pbs-devel] [PATCH proxmox] acme: directory: make non-required url fields optional
Date: Mon, 28 Apr 2025 10:49:00 +0200 [thread overview]
Message-ID: <f5b1c6ec-72c7-4748-80a6-08b07fc03570@proxmox.com> (raw)
In-Reply-To: <77cff8da-3125-4e9d-a524-6b59b1691083@proxmox.com>
On 4/22/25 10:03, Thomas Lamprecht wrote:
> Am 18.04.25 um 12:38 schrieb Christian Ebner:
>> ACME servers provide the directory endpoint for clients to discover
>> the URLs for ACME operation. These fields are described in RFC 8555
>> [0], but section 7.1 of the corresponding RFC [1] states that the
>> server is only required to provide the `directory` and `newNonce`
>> resources.
>>
>> Therefore, make the not explicitly required fields optional to not
>> fail during deserialization of the json response and improve error
>> handling when the acme client actually requires the not-provided
>> operation url.
>>
>> This was discovered based on issues reported in the community forum.
>
> What about the perl implementation in PVE/PMG, or is that not affected
> of this issue?
The Perl implementation is not affected, as [0] already handles URLs as
optional and only fails if an URL for a requested operation does not
exist. This has also been confirmed by the users in the forum,
mentioning that the same acme provider works without issues on Proxmox
VE [1].
[0]
https://git.proxmox.com/?p=proxmox-acme.git;a=blob;f=src/PVE/ACME.pm;h=65094c20d1707f99e2e47e8576885db89f44aee4;hb=HEAD#l286
[1] https://forum.proxmox.com/threads/159987/post-735018
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
prev parent reply other threads:[~2025-04-28 8:48 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-18 10:38 Christian Ebner
2025-04-22 8:03 ` Thomas Lamprecht
2025-04-28 8:49 ` Christian Ebner [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f5b1c6ec-72c7-4748-80a6-08b07fc03570@proxmox.com \
--to=c.ebner@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
--cc=t.lamprecht@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal