From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id B99E91FF165
	for <inbox@lore.proxmox.com>; Thu, 23 Oct 2025 12:40:00 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 97BE07001;
	Thu, 23 Oct 2025 12:40:27 +0200 (CEST)
From: Nicolas Frey <n.frey@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Thu, 23 Oct 2025 12:39:49 +0200
Message-ID: <20251023103953.305810-1-n.frey@proxmox.com>
X-Mailer: git-send-email 2.47.3
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.039 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery
 methods
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RDNS_NONE 0.793 Delivered to internal network by a host with no rDNS
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_NONE                0.001 SPF: sender does not publish an SPF Record
Subject: [pve-devel] [PATCH proxmox v5 0/4] fix #5207: apt: check signage of
 repos with proxmox-pgp
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

This patch series moves in pgp verification code from POM into its
own micro-crate `proxmox-pgp` to reuse it to verify a package is of
Proxmox Origin, which fixes #5207.

If this patch series is applied, then `proxmox-offline-mirror` should
use the `proxmox-pgp` crate.

The last patch again adds in the local file fallback in case that the
URI starts with `file://` for (IMO) better UX. I'm fine with this 
being dropped if it's not desired, though.

Changes since v4 (thanks @Thomas for feedback):
* added `proxmox-pgp` micro-crate and moved code from POM
* removed reliance on gpgv in favor of now available `verify_signature`
    function in `proxmox-pgp`
* removed http(s) fallback for cached InRelease file
* split up initial patch into smaller commits

Changes since v3:
* Moved found_uri_or_signed to function and to the end of bool chain
    to prevent redundant signage checks to improve performance
* Added fallback to the cached InRelease file to get it from repos URI

Changes since v2:
* correct the mapping in `gpg_signed`

Changes since v1:
* rewrite test so it compiles

Nicolas Frey (4):
  add proxmox-pgp subcrate, move POM verifier code to it
  fix #5207: apt: check signage of repos with  proxmox-pgp
  apt: add tests for POM release filenames
  apt: check for local POM InRelease as fallback

 Cargo.toml                                 |   2 +
 proxmox-apt/Cargo.toml                     |   1 +
 proxmox-apt/src/repositories/repository.rs |  94 ++++++++--
 proxmox-pgp/Cargo.toml                     |  17 ++
 proxmox-pgp/debian/changelog               |   5 +
 proxmox-pgp/debian/control                 |  40 +++++
 proxmox-pgp/debian/copyright               |  18 ++
 proxmox-pgp/debian/debcargo.toml           |   7 +
 proxmox-pgp/src/lib.rs                     |   5 +
 proxmox-pgp/src/verifier.rs                | 200 +++++++++++++++++++++
 10 files changed, 379 insertions(+), 10 deletions(-)
 create mode 100644 proxmox-pgp/Cargo.toml
 create mode 100644 proxmox-pgp/debian/changelog
 create mode 100644 proxmox-pgp/debian/control
 create mode 100644 proxmox-pgp/debian/copyright
 create mode 100644 proxmox-pgp/debian/debcargo.toml
 create mode 100644 proxmox-pgp/src/lib.rs
 create mode 100644 proxmox-pgp/src/verifier.rs

-- 
2.47.3


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel