[pve-devel] [PATCH common] remove PVE::Subscription and friends

Fabian Grünbichler f.gruenbichler at proxmox.com
Tue Sep 13 14:46:03 CEST 2022


this has been taken over by Proxmox::RS::Subscription, which is now used
by pve-manager and pmg-api.

Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
 debian/control          |   4 +-
 src/PVE/INotify.pm      |  78 --------------
 src/PVE/Subscription.pm | 229 ----------------------------------------
 3 files changed, 2 insertions(+), 309 deletions(-)
 delete mode 100644 src/PVE/Subscription.pm

diff --git a/debian/control b/debian/control
index ce6a28e..0e5a311 100644
--- a/debian/control
+++ b/debian/control
@@ -40,9 +40,9 @@ Depends: libclone-perl,
          ${misc:Depends},
          ${perl:Depends},
 Breaks: ifupdown2 (<< 2.0.1-1+pve5),
-        pmg-api (<< 6.1-7),
+        pmg-api (<< 7.1-5),
         pve-container (<< 3.0-9),
-        pve-manager (<< 5.2-5),
+        pve-manager (<< 7.2-9),
         qemu-server (<< 7.0-19),
 Description: Proxmox VE base library
  This package contains the base library used by other Proxmox VE components.
diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm
index 5f82d7b..661eaf1 100644
--- a/src/PVE/INotify.pm
+++ b/src/PVE/INotify.pm
@@ -1772,82 +1772,4 @@ sub read_iscsi_initiatorname {
 register_file('initiatorname', "/etc/iscsi/initiatorname.iscsi",
 	      \&read_iscsi_initiatorname);
 
-sub read_apt_auth {
-    my ($filename, $fd) = @_;
-
-    local $/;
-
-    my $raw = defined($fd) ? <$fd> : '';
-
-    $raw =~ s/^\s+//;
-
-
-    my @tokens = split(/\s+/, $raw);
-
-    my $data = {};
-
-    my $machine;
-    while (defined(my $tok = shift @tokens)) {
-
-	$machine = shift @tokens if $tok eq 'machine';
-	next if !$machine;
-	$data->{$machine} = {} if !$data->{$machine};
-
-	$data->{$machine}->{login} = shift @tokens if $tok eq 'login';
-	$data->{$machine}->{password} = shift @tokens if $tok eq 'password';
-    };
-
-    return $data;
-}
-
-my $format_apt_auth_data = sub {
-    my $data = shift;
-
-    my $raw = '';
-
-    # sort longer entries first, so machine definitions with higher granularity are preferred
-    for my $machine (sort { length($b) <=> length($a) || $a cmp $b} keys %$data) {
-	my $d = $data->{$machine};
-	next if !defined($d); # allow "deleting" set entries
-
-	$raw .= "machine $machine\n";
-	$raw .= " login $d->{login}\n" if $d->{login};
-	$raw .= " password $d->{password}\n" if $d->{password};
-	$raw .= "\n";
-    }
-
-    return $raw;
-};
-
-sub write_apt_auth {
-    my ($filename, $fh, $data) = @_;
-
-    my $raw = $format_apt_auth_data->($data);
-
-    die "write failed: $!" unless print $fh "$raw\n";
-
-    return $data;
-}
-
-sub update_apt_auth {
-    my ($filename, $fh, $data) = @_;
-
-    my $orig = read_apt_auth($filename, $fh);
-
-    foreach my $machine (keys %$data) {
-	$orig->{$machine} = $data->{$machine};
-    }
-
-    return $format_apt_auth_data->($orig);
-}
-
-register_file(
-    'apt-auth',
-    "/etc/apt/auth.conf",
-    \&read_apt_auth,
-    \&write_apt_auth,
-    \&update_apt_auth,
-    perm => 0640,
-);
-
 1;
diff --git a/src/PVE/Subscription.pm b/src/PVE/Subscription.pm
deleted file mode 100644
index ffd86c0..0000000
--- a/src/PVE/Subscription.pm
+++ /dev/null
@@ -1,229 +0,0 @@
-package PVE::Subscription;
-
-use strict;
-use warnings;
-use Digest::MD5 qw(md5_hex md5_base64);
-use MIME::Base64;
-use HTTP::Request;
-use URI;
-use LWP::UserAgent;
-use JSON;
-
-use PVE::Tools;
-use PVE::INotify;
-
-# How long the local key is valid for in between remote checks
-our $localkeydays = 15;
-# How many days to allow after local key expiry before blocking
-# access if connection cannot be made
-my $allowcheckfaildays = 5;
-
-my $shared_key_data = "kjfdlskfhiuewhfk947368";
-
-my $saved_fields = {
-    key => 1,
-    checktime => 1,
-    status => 1,
-    message => 0,
-    validdirectory => 1,
-    productname => 1,
-    regdate => 1,
-    nextduedate => 1,
-};
-
-sub check_fields {
-    my ($info, $server_id) = @_;
-
-    foreach my $f (qw(status checktime key)) {
-	if (!$info->{$f}) {
-	    die "Missing field '$f'\n";
-	}
-    }
-
-    if ($info->{checktime} > time()) {
-	die "Last check time in future.\n";
-    }
-
-    return undef if $info->{status} ne 'Active';
-
-    foreach my $f (keys %$saved_fields) {
-	next if !$saved_fields->{$f};
-	if (!$info->{$f}) {
-	    die "Missing field '$f'\n";
-	}
-    }
-
-    my $found;
-    foreach my $hwid (split(/,/, $info->{validdirectory})) {
-	if ($hwid eq $server_id) {
-	    $found = 1;
-	    last;
-	}
-    }
-    die "Server ID does not match\n" if !$found;
-
-    return undef;
-}
-
-sub check_subscription {
-    my ($key, $server_id, $proxy) = @_;
-
-    my $whmcsurl = "https://shop.proxmox.com";
-
-    my $uri = "$whmcsurl/modules/servers/licensing/verify.php";
-
-    my $check_token = time() . md5_hex(rand(8999999999) + 1000000000) . $key;
-
-    my $params = {
-	licensekey => $key,
-	dir => $server_id,
-	domain => 'www.proxmox.com',
-	ip => 'localhost',
-	check_token => $check_token,
-    };
-
-    my $req = HTTP::Request->new('POST' => $uri);
-    $req->header('Content-Type' => 'application/x-www-form-urlencoded');
-    # We use a temporary URI object to format
-    # the application/x-www-form-urlencoded content.
-    my $url = URI->new('http:');
-    $url->query_form(%$params);
-    my $content = $url->query;
-    $req->header('Content-Length' => length($content));
-    $req->content($content);
-
-    my $ua = LWP::UserAgent->new(protocols_allowed => ['https'], timeout => 30);
-
-    if ($proxy) {
-	$ua->proxy(['https'], $proxy);
-    } else {
-	$ua->env_proxy;
-    }
-
-    my $response = $ua->request($req);
-    my $code = $response->code;
-
-    if ($code != 200) {
-	my $msg = $response->message || 'unknown';
-	die "Invalid response from server: $code $msg\n";
-    }
-
-    my $raw = $response->decoded_content;
-
-    my $subinfo = {};
-    while ($raw =~ m/<(.*?)>([^<]+)<\/\1>/g) {
-	my ($k, $v) = ($1, $2);
-	next if !($k eq 'md5hash' || defined($saved_fields->{$k}));
-	$subinfo->{$k} = $v;
-    }
-    $subinfo->{checktime} = time();
-    $subinfo->{key} = $key;
-
-    if ($subinfo->{message}) {
-	$subinfo->{message} =~ s/^Directory Invalid$/Invalid Server ID/;
-    }
-
-    my $emd5sum = md5_hex($shared_key_data . $check_token);
-    if ($subinfo->{status} && $subinfo->{status} eq 'Active') {
-	if (!$subinfo->{md5hash} || ($subinfo->{md5hash} ne $emd5sum)) {
-	    die "MD5 Checksum Verification Failed\n";
-	}
-    }
-
-    delete $subinfo->{md5hash};
-
-    check_fields($subinfo, $server_id);
-
-    return $subinfo;
-}
-
-sub read_subscription {
-    my ($server_id, $filename, $fh) = @_;
-
-    my $info = { status => 'Invalid' };
-
-    my $key = <$fh>; # first line is the key
-    chomp $key;
-
-    $info->{key} = $key;
-
-    my $csum = <$fh>; # second line is a checksum
-
-    my $data = '';
-    while (defined(my $line = <$fh>)) {
-	$data .= $line;
-    }
-
-    if ($key && $csum && $data) {
-
-	chomp $csum;
-
-	my $localinfo = {};
-
-	eval {
-	    my $json_text = decode_base64($data);
-	    $localinfo = decode_json($json_text);
-	    my $newcsum = md5_base64($localinfo->{checktime} . $data . $shared_key_data);
-	    die "checksum failure\n" if $csum ne $newcsum;
-
-	    check_fields($localinfo, $server_id);
-
-	    my $age = time() -  $localinfo->{checktime};
-
-	    my $maxage = ($localkeydays + $allowcheckfaildays)*60*60*24;
-	    die "subscription info too old\n"
-		if ($localinfo->{status} eq 'Active') && ($age > $maxage);
-	};
-	if (my $err = $@) {
-	    chomp $err;
-	    $info->{message} = $err;
-	} else {
-	    $info = $localinfo;
-	}
-    }
-
-    return $info;
-}
-
-sub update_apt_auth {
-    my ($key, $server_id) = @_;
-
-    my $repo;
-    if ($key =~ /^pmg/) {
-	$repo = 'pmg';
-    } elsif ($key =~ /^pve/) {
-	$repo = 'pve';
-    } else {
-	warn "unknown key format for '$key', defaulting to pve\n";
-	$repo = 'pve';
-    }
-
-    my $auth = {
-	"enterprise.proxmox.com" => undef, # for dropping the older, to generic match
-	"enterprise.proxmox.com/debian/$repo" => {
-	    login => $key,
-	    password => $server_id,
-	},
-    };
-    PVE::INotify::update_file('apt-auth', $auth);
-}
-
-sub write_subscription {
-    my ($server_id, $filename, $fh, $info) = @_;
-
-    if ($info->{status} eq 'New') {
-	PVE::Tools::safe_print($filename, $fh, "$info->{key}\n");
-    } else {
-	my $json = encode_json($info);
-	my $data = encode_base64($json);
-	my $csum = md5_base64($info->{checktime} . $data . $shared_key_data);
-
-	my $raw = "$info->{key}\n$csum\n$data";
-
-	PVE::Tools::safe_print($filename, $fh, $raw);
-    }
-
-    update_apt_auth($info->{key}, $server_id);
-}
-
-1;
-- 
2.30.2






More information about the pve-devel mailing list