From: Dominik Csapak <d.csapak@proxmox.com>
To: Thomas Lamprecht <t.lamprecht@proxmox.com>,
Proxmox VE development discussion <pve-devel@lists.proxmox.com>,
Lorenz Stechauner <l.stechauner@proxmox.com>
Subject: Re: [pve-devel] [PATCH storage 1/1] fix #1710: add retrieve method for storage
Date: Thu, 29 Apr 2021 16:01:57 +0200 [thread overview]
Message-ID: <01194e1a-2b5c-6c9b-818a-f15694d91a70@proxmox.com> (raw)
In-Reply-To: <9daaf9f5-e310-b452-6ba7-10623e2bfdf6@proxmox.com>
On 4/29/21 15:22, Thomas Lamprecht wrote:
> On 29.04.21 13:54, Dominik Csapak wrote:
>> On 4/28/21 16:13, Lorenz Stechauner wrote:
>>> +__PACKAGE__->register_method({
>>> + name => 'retrieve',
>>> + path => '{storage}/retrieve',
>>> + method => 'POST',
>>> + description => "Download templates and ISO images by using an URL.",
>>> + permissions => {
>>> + check => ['perm', '/storage/{storage}', ['Datastore.AllocateTemplate']],
>>> + },
>>> + protected => 1,
>>> + parameters => {
>>> + additionalProperties => 0,
>>> + properties => {
>>> + node => get_standard_option('pve-node'),
>>> + storage => get_standard_option('pve-storage-id'),
>>> + url => {
>>> + description => "The URL to retrieve the file from.",
>>> + type => 'string',
>>> + },
>>
>> i am not quite sure if it is a good idea to have this feature
>> unrestricted for everybody who can download a template
>>
>> it possibly gives access to an internal network to which
>> the users does not have access otherwise...
>>
>> maybe we want to give the admin control over allow- and/or blocklists ?
>
> I do not want such lists, PITA to manage for everybody.
understandable, was just the first thing that came to my mind
>
> Maybe we can just allow it only for users with Sys.Modify + Sys.Audit on / ?
>
> We could also enforce that it needs to be a hostname (no IP) and/or resolve
> to something out of the priv. network ranges, at least if the aforementioned
> privs are not set.
yes, sounds good, but then we have to disallow redirects
>
> Another idea would be enforcing the URL to match something like /\.(iso|img)$/
> and being not to informative on errors to avoid allowing to see which hsot are
> on/off line in a network. With that one could make this pretty safe I think.
mhmm.. could work, but then we'd have to use a fixed timeout
(like on authentication) to avoid timing based probes
>
>
>>
>>> + insecure => {
>>> + description => "Allow TLS certificates to be invalid.",
>>> + type => 'boolean',
>>> + optional => 1,
>>> + } > + },
>>> + },
>>> + returns => {
>>> + type => "object",
>>> + properties => {
>>> + filename => { type => 'string' },
>>> + upid => { type => 'string' },
>>> + size => {
>>> + type => 'integer',
>>> + renderer => 'bytes',
>>> + },
>>> + },
>>> + },
>>> + code => sub {
>>> + my ($param) = @_;
>>> +
>>> + my @hash_algs = ['md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512'];
>>
>> as written above, can be handled by api
>
> and could be actually auto-detected too, at least optionally? All those are pretty
> much unique already in length, IIRC.
>
next prev parent reply other threads:[~2021-04-29 14:02 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-28 14:13 [pve-devel] [PATCH manager 1/1] fix #1710: add retrieve from url button " Lorenz Stechauner
2021-04-28 14:13 ` [pve-devel] [PATCH storage 1/1] fix #1710: add retrieve method " Lorenz Stechauner
2021-04-29 11:54 ` Dominik Csapak
2021-04-29 13:22 ` Thomas Lamprecht
2021-04-29 14:01 ` Dominik Csapak [this message]
2021-04-29 14:11 ` Thomas Lamprecht
2021-04-28 14:13 ` [pve-devel] [PATCH widget-toolkit 1/1] window: add upidFieldName option Lorenz Stechauner
2021-04-29 12:14 ` Dominik Csapak
2021-04-29 12:13 ` [pve-devel] [PATCH manager 1/1] fix #1710: add retrieve from url button for storage Dominik Csapak
2021-04-29 13:46 [pve-devel] [PATCH storage 1/1] fix #1710: add retrieve method " Lorenz Stechauner
2021-04-29 14:07 ` Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=01194e1a-2b5c-6c9b-818a-f15694d91a70@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=l.stechauner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
--cc=t.lamprecht@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox