[pmg-devel] [PATCH pmg-api] api: nodeconfig: validate acme config before writing
Stoiko Ivanov
s.ivanov at proxmox.com
Wed Jun 16 20:36:40 CEST 2021
Currently it is possible to add the same domains as different
acmedomainX keys to the node config, which prevents the user from
ordering certificates later.
This patch adds a call to get_acme_conf, which does the semantic
validation (and is also used in all other sites, which read the
config).
Reported in our community forum:
https://forum.proxmox.com/threads/lets-encrypt-cert-on-gui-not-working.91014/
quickly tested in my setup, by successfully adding the same domain
twice without the patch, and failing to do so with it applied.
Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
src/PMG/API2/NodeConfig.pm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/PMG/API2/NodeConfig.pm b/src/PMG/API2/NodeConfig.pm
index 284f663..bfbbacd 100644
--- a/src/PMG/API2/NodeConfig.pm
+++ b/src/PMG/API2/NodeConfig.pm
@@ -81,6 +81,9 @@ __PACKAGE__->register_method ({
$conf->{$opt} = $param->{$opt};
}
+ #validate the acme config (check for duplicates)
+ PMG::NodeConfig::get_acme_conf($conf);
+
PMG::NodeConfig::write_config($conf);
});
--
2.20.1
More information about the pmg-devel
mailing list