public inbox for pve-devel@lists.proxmox.com
 help / color / mirror / Atom feed
* [pve-devel] [PATCH proxmox-acme 0/3] update acme.sh and fix #3536 and #3546
@ 2021-08-06 15:44 Stoiko Ivanov
  2021-08-06 15:44 ` [pve-devel] [PATCH proxmox-acme 1/3] acme client: fix #3536 untaint data returned from acme server Stoiko Ivanov
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: Stoiko Ivanov @ 2021-08-06 15:44 UTC (permalink / raw)
  To: pve-devel

This patchset started out as attempt to add comfortable proxy-handling to
our acme client(s) and to address #3536 and #3546, but in it's current form
only fixes the two issues.

patch 1/3 is independent of the others and enables users to interact with an
ACME provider via proxy on PVE on the commandline (by exporting the
https_proxy environment variable).

the remaining patches simply update the acme.sh submodule, add the 2 new
dns-plugins to our schema.json file and and port over retrying GET and POST
requests from acme.sh.

Tested on my PVE-node with a domain of mine and the powerdns api:
* setting https_proxy (and having a squid configured on a guest) does not
  cause the `pvenode acme cert renew -force` to abort due to taint-checks
* the content type of the PATCH requests is application/json insted of
  application/x-www-form-urlencoded

Stoiko Ivanov (3):
  acme client: fix #3536 untaint data returned from acme server
  update to acme.sh dns plugins to 3.0.0
  plugin-caller: pull in changes from upstream 3.0.0

 src/Makefile                  |  2 ++
 src/PVE/ACME.pm               | 12 +++++--
 src/acme.sh                   |  2 +-
 src/dns-challenge-schema.json |  2 ++
 src/proxmox-acme              | 62 +++++++++++++++++++++++++++++++++--
 5 files changed, 75 insertions(+), 5 deletions(-)

-- 
2.30.2





^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2021-08-11 10:29 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-06 15:44 [pve-devel] [PATCH proxmox-acme 0/3] update acme.sh and fix #3536 and #3546 Stoiko Ivanov
2021-08-06 15:44 ` [pve-devel] [PATCH proxmox-acme 1/3] acme client: fix #3536 untaint data returned from acme server Stoiko Ivanov
2021-08-06 15:44 ` [pve-devel] [PATCH proxmox-acme 2/3] update to acme.sh dns plugins to 3.0.0 Stoiko Ivanov
2021-08-06 15:44 ` [pve-devel] [PATCH proxmox-acme 3/3] plugin-caller: pull in changes from upstream 3.0.0 Stoiko Ivanov
2021-08-11 10:29 ` [pve-devel] applied: [PATCH proxmox-acme 0/3] update acme.sh and fix #3536 and #3546 Fabian Grünbichler

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal