yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

pbs add/update: do basic key value validation

Browse Source 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht
2020-11-24 22:09:15 +01:00
parent 478609d3bc
commit d2c47b3837
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
PVE/Storage/PBSPlugin.pm
View File

@ -391,9 +391,14 @@ sub on_add_hook {
} }
if (defined(my $encryption_key = $param{'encryption-key'})) { if (defined(my $encryption_key = $param{'encryption-key'})) {
my $decoded_key;
if ($encryption_key eq 'autogen') { if ($encryption_key eq 'autogen') {
$res->{'encryption-key'} = $autogen_encryption_key->($scfg, $storeid); $res->{'encryption-key'} = $autogen_encryption_key->($scfg, $storeid);
} else { } else {
$decoded_key = eval { decode_json($encryption_key) };
if ($@ || !exists($decoded_key->{data})) {
die "Value does not seems like a valid, JSON formatted encryption key!\n";
}
pbs_set_encryption_key($scfg, $storeid, $encryption_key); pbs_set_encryption_key($scfg, $storeid, $encryption_key);
$res->{'encryption-key'} = $encryption_key; $res->{'encryption-key'} = $encryption_key;
} }
@ -420,9 +425,14 @@ sub on_update_hook {
if (exists($param{'encryption-key'})) { if (exists($param{'encryption-key'})) {
if (defined(my $encryption_key = delete($param{'encryption-key'}))) { if (defined(my $encryption_key = delete($param{'encryption-key'}))) {
my $decoded_key;
if ($encryption_key eq 'autogen') { if ($encryption_key eq 'autogen') {
$res->{'encryption-key'} = $autogen_encryption_key->($scfg, $storeid); $res->{'encryption-key'} = $autogen_encryption_key->($scfg, $storeid);
} else { } else {
$decoded_key = eval { decode_json($encryption_key) };
if ($@ || !exists($decoded_key->{data})) {
die "Value does not seems like a valid, JSON formatted encryption key!\n";
}
pbs_set_encryption_key($scfg, $storeid, $encryption_key); pbs_set_encryption_key($scfg, $storeid, $encryption_key);
$res->{'encryption-key'} = $encryption_key; $res->{'encryption-key'} = $encryption_key;
} }