Commit Graph

354 Commits

Author SHA1 Message Date
Thomas Lamprecht
86f3c2363c server/rest: also log user agent
allows easily to see if a request is from a browser or a proxmox-backup-client
CLI

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-16 11:23:49 +02:00
Thomas Lamprecht
8e7e2223d8 server/rest: implement request access log
reuse the FileLogger module in append mode.
As it implements write, which is not thread safe (mutable self) and
we use it in a async context we need to serialize access using a
mutex.

Try to use the same format we do in pveproxy, namely the one which is
also used in apache or nginx by default.

Use the response extensions to pass up the userid, if we extract it
from a ticket.

The privileged and unprivileged dameons log both to the same file, to
have a unified view, and avoiding the need to handle more log files.
We avoid extra intra-process locking by reusing the fact that a write
smaller than PIPE_BUF (4k on linux) is atomic for files opened with
the 'O_APPEND' flag. For now the logged request path is not yet
guaranteed to be smaller than that, this will be improved in a future
patch.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-16 11:23:49 +02:00
Thomas Lamprecht
c0df91f8bd tools: file logger: use option struct to control behavior
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-16 10:48:36 +02:00
Thomas Lamprecht
400c568f8e server: rest: also log the query part of URL
As it is part of the request and we do so in our other products

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-16 10:41:05 +02:00
Thomas Lamprecht
4703ba81ce server: rest: implement max URI path and query length request limits
Add a generous limit now and return the correct error (414 URI Too
Long). Otherwise we could to pretty larger GET requests, 64 KiB and
possible bigger (at 64 KiB my simple curl test failed due to
shell/curl limitations).

For now allow a 3072 characters as combined length of URI path and
query.

This is conform with the HTTP/1.1 RFCs (e.g., RFC 7231, 6.5.12 and
RFC 2616, 3.2.1) which do not specify any limits, upper or lower, but
require that all server accessible resources mus be reachable without
getting 414, which is normally fulfilled as we have various length
limits for stuff which could be in an URI, in place, e.g.:
 * user id: max. 64 chars
 * datastore: max. 32 chars

The only known problematic API endpoint is the catalog one, used in
the GUI's pxar file browser:
GET /api2/json/admin/datastore/<id>/catalog?..&filepath=<path>

The <path> is the encoded archive path, and can be arbitrary long.

But, this is a flawed design, as even without this new limit one can
easily generate archives which cannot be browsed anymore, as hyper
only accepts requests with max. 64 KiB in the URI.
So rather, we should move that to a GET-as-POST call, which has no
such limitations (and would not need to base32 encode the path).

Note: This change was inspired by adding a request access log, which
profits from such limits as we can then rely on certain atomicity
guarantees when writing requests to the log.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-16 10:40:39 +02:00
Thomas Lamprecht
29633e2fe9 server/rest: forward real client IP on proxied request
needs new proxmox dependency to get the RpcEnvironment changes,
adding client_ip getter and setter.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-16 10:36:54 +02:00
Thomas Lamprecht
b947b1e7ee server: rest: refactor code to avoid multiple log_response calls
The 'Ok::<_, Self::Error>(res)' type annotation was from a time where
we could not use async, and had a combinator here which needed
explicity type information. We switched over to async in commit
91e4587343 and, as the type annotation
is already included in the Future type, we can safely drop it.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-15 13:58:47 +02:00
Thomas Lamprecht
1e80fb8e92 code cleanups
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-15 13:58:47 +02:00
Thomas Lamprecht
6c5bdef567 server/REST: check auth: code cleanup, better variable names
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-12 18:39:45 +02:00
Thomas Lamprecht
ea545b395b server/REST: make handle_request private
it's not used anywhere else, so do not suggest so

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-12 18:39:00 +02:00
Wolfgang Bumiller
d1993187b6 introduce TaskState trait
Used to not require access to the WorkerTask struct outside
the `server` and `api2` module, so it'll be easier to
separate those backup/server/client parts into separate
crates.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-10-12 14:11:57 +02:00
Thomas Lamprecht
adfcfb6788 server: get index: make content-type non mutable
feels more idiomatic

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-12 13:36:45 +02:00
Thomas Lamprecht
07995a3ca3 server/rest: code cleanup: use async
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-12 13:36:45 +02:00
Fabian Grünbichler
1d5dac1b1d REST: don't print CSRF token
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-10-08 15:57:22 +02:00
Dominik Csapak
2d81f7b0c0 task archive rotation: better handle non-existing archive
if the archive file does not exist yet, we cannot rotate it, but it's not
actually an error, so just return Ok(false) to indicate no rotation took
place

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-10-05 10:04:16 +02:00
Thomas Lamprecht
0ac612476a REST server: avoid hard coding world readable API endpoints
while we probably do not add much more to them, it still looks ugly.

If this was made so that adding a World readable API call is "hard"
and not done by accident, it rather should be done as a test on build
time. But, IMO, the API permission schema definitions are easy to
review, and not often changed/added - so any wrong World readable API
call will normally still caught.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-05 08:29:43 +02:00
Thomas Lamprecht
4e6dc58727 rest server: cleanup use statements
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-02 13:04:08 +02:00
Dominik Csapak
df4827f2c0 tasks: improve behaviour on upgrade
when upgrading from a version where we stored all tasks in the 'active' file,
we did not completly account for finished tasks still there

we should update the file when encountering any finished task in
'active' as well as filter them out on the api call (if they get through)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-30 11:05:50 +02:00
Dominik Csapak
7eebe1483e server/worker_task: fix panic on slice range when index is empty
since len() and MAX_INDEX_TASKS are both usize, they underflow
instead of getting negative values

instead check the sizes and set them accordingly

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-30 06:11:06 +02:00
Dominik Csapak
9a76091785 proxmox-backup-proxy: add task archive rotation
this starts a task once a day at "00:00" that rotates the task log
archive if it is bigger than 500k

if we want, we can make the schedule/size limit/etc. configurable,
but for now it's ok to set fixed values for that

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-29 08:41:18 +02:00
Dominik Csapak
c386b06fc6 server/worker_task: remove unecessary read_task_list
since there are no users of this anymore and we now have a nicer
TaskListInfoIterator to use, we can drop this function

this also means that 'update_active_workers' does not need to return
a list anymore since we never used that result besides in
read_task_list

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-29 08:40:50 +02:00
Dominik Csapak
e7244387c7 server/worker_task: add TaskListInfoIterator
this is an iterator that reads/parses/updates the task list as
necessary and returns the tasks in descending order (newest first)

it does this by using our logrotate iterator and using a vecdeque

we can use this to iterate over all tasks, even if they are in the
archive and even if the archive is logrotated but only read
as much as we need

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-29 08:39:16 +02:00
Dominik Csapak
5ade6c25f3 server/worker_task: write older tasks into archive file
instead of removing tasks beyond the 1000 that are in the index
write them into an archive file by appending them at the end
this way we can later still read them

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-29 08:38:44 +02:00
Dominik Csapak
784fa1c2e3 server/worker_task: split task list file into two
one for only the active tasks and one for up to 1000 finished tasks

factor out the parsing of a task file (we will later need this again)
and use iterator combinators for easier code

we now sort the tasks ascending (this will become important in a later patch)
but reverse (for now) it to keep compatibility

this code also omits the converting into an intermittent hash
since it cannot really happen that we have duplicate tasks in this list
(since the call is locked by an flock, and it is the only place where we
write into the lists)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-29 08:38:28 +02:00
Dominik Csapak
66f4e6a809 server/worker_task: refactor locking of the task list
also add the functionality of having a 'shared' (read) lock for the list
we will need this later

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-29 08:37:54 +02:00
Dietmar Maurer
b56c111e93 depend on proxmox 0.4.2 2020-09-28 10:50:44 +02:00
Dominik Csapak
bbeb0256f1 server/worker_task: factor out task list rendering
we will need this later again

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-28 07:31:27 +02:00
Dominik Csapak
5e39918fe1 fix #3017: check array boundaries before using
else we panic here

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-21 09:22:06 +02:00
Dietmar Maurer
6a7be83efe avoid chrono dependency, depend on proxmox 0.3.8
- remove chrono dependency

- depend on proxmox 0.3.8

- remove epoch_now, epoch_now_u64 and epoch_now_f64

- remove tm_editor (moved to proxmox crate)

- use new helpers from proxmox 0.3.8
  * epoch_i64 and epoch_f64
  * parse_rfc3339
  * epoch_to_rfc3339_utc
  * strftime_local

- BackupDir changes:
  * store epoch and rfc3339 string instead of DateTime
  * backup_time_to_string now return a Result
  * remove unnecessary TryFrom<(BackupGroup, i64)> for BackupDir

- DynamicIndexHeader: change ctime to i64

- FixedIndexHeader: change ctime to i64
2020-09-15 07:12:57 +02:00
Thomas Lamprecht
abd4c4cb8c ui: add translation support
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-09-08 08:54:33 +02:00
Thomas Lamprecht
09f12d1cf3 tools: rename extract_auth_cookie to extract_cookie
It does nothing specific to authentication..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-09-08 08:54:33 +02:00
Dominik Csapak
a4c1143664 server/worker_task: fix upid_read_status
a range from high to low in rust results in an empty range
(see std::ops::Range documentation)
so we need to generate the range from 0..data.len() and then reverse it

also, the task log contains a newline at the end, so we have to remove
that (should it exist)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-09-08 07:06:22 +02:00
Dietmar Maurer
56b666458c server/worker_task: fix 'unknown' status for some big task logs
when trying to parse the task status, we seek 8k from the end
which may be into the middle of a line, so the datetime parsing
can fail (when the log message contains ': ')

This patch does a fast search for the last line, and avoid the
'lines' iterator.
2020-09-04 10:41:13 +02:00
Wolfgang Bumiller
11e1e27a42 turn UPID into an API type
It's a string-type.
Implement Serialize via Display, Deserialize via FromStr and
add an API_SCHEMA so that it can be used as a type within
the #[api] macro.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-08-18 11:54:30 +02:00
Dominik Csapak
77bd2a469c cleanup: merge endtime into TaskState
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-08-14 06:36:19 +02:00
Dominik Csapak
ae197dda23 server/worker_task: let upid_read_status also return the endtime
the endtime should be the timestamp of the last log line
or if there is no log at all, the starttime

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-08-13 11:35:44 +02:00
Dominik Csapak
4c116bafb8 server: change status of a task from a string to an enum
representing a state via an enum makes more sense in this case
we also implement FromStr and Display to make it easy to convet from/to
a string

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-08-13 11:35:19 +02:00
Wolfgang Bumiller
72dc68323c replace and remove old ticket functions
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-08-12 14:28:21 +02:00
Dietmar Maurer
639419b049 worker_task: new_thread() - remove unused tokio channel 2020-08-12 08:43:09 +02:00
Wolfgang Bumiller
e7cb4dc50d introduce Username, Realm and Userid api types
and begin splitting up types.rs as it has grown quite large
already

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-08-10 12:05:01 +02:00
Wolfgang Bumiller
98c259b4c1 remove timer and lock functions, fix building with proxmox 0.3.2
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-08-04 11:33:02 +02:00
Dominik Csapak
4bd2a9e42d worker_task: add getter for upid
sometimes we need the upid inside the worker itself, so give a
possibilty to get it

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-08-03 08:26:17 +02:00
Dominik Csapak
cef03f4149 worker_task: refactor log text generator
we will need this elsewhere, so pull it out

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-08-03 08:23:13 +02:00
Wolfgang Bumiller
8aa67ee758 bump proxmox to 0.3, cleanup http_err macro usage
Also swap the order of a couple of `.map_err().await` to
`.await.map_err()` since that's generally more efficient.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-07-29 09:38:36 +02:00
Thomas Lamprecht
3da9b7e0dd followup: server/state: rename task_count to internal_task_count
so that the relation with spawn_internal_task is made more clear

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-07-24 12:11:39 +02:00
Dominik Csapak
33a88dafb9 server/state: add spawn_internal_task and use it for websockets
is a helper to spawn an internal tokio task without it showing up
in the task list

it is still tracked for reload and notifies the last_worker_listeners

this enables the console to survive a reload of proxmox-backup-proxy

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-07-24 11:17:33 +02:00
Dominik Csapak
01ca99da2d server/rest: add console to index
register the console template and render it when the 'console' parameter
is given

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-07-23 12:06:38 +02:00
Dominik Csapak
2ab5acac5a server/config: add mechanism to update template
instead of exposing handlebars itself, offer a register_template and
a render_template ourselves.

render_template checks if the template file was modified since
the last render and reloads it when necessary

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-07-23 11:55:00 +02:00
Thomas Lamprecht
217c22c754 server: add path value to NOT_FOUND http error
Especially helpful for requests not coming from browsers (where the
URL is normally easy to find out).

Makes it easier to detect if one triggered a request with an old
client, or so..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-07-16 12:46:51 +02:00
Dietmar Maurer
a40e1b0e8b src/server/rest.rs: avoid compiler warning 2020-07-10 09:13:52 +02:00
Dietmar Maurer
e193544b8e src/server/rest.rs: disable debug logs 2020-07-09 16:18:14 +02:00
Dominik Csapak
fae11693f0 fix cross process task listing
it does not make sense to check if the worker is running if we already
have an endtime and state

our 'worker_is_active_local' heuristic returns true for non
process-local tasks, so we got 'running' for all tasks that were not
started by 'our' pid and were still running

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-07-09 15:30:52 +02:00
Dominik Csapak
f6de2c7359 WorkerTask: add warnings and count them
so that we have one level more between errors and OK

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-06-26 09:42:11 +02:00
Dominik Csapak
3f683799a8 improve 'debug' parameter
instead of checking on '1' or 'true', check that it is there and not
'0' and 'false'. this allows using simply

https://foo:8007/?debug

instead of

https://foo:8007/?debug=1

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-06-26 09:12:14 +02:00
Thomas Lamprecht
add5861e8d typo fixes all over the place
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-05-30 16:39:08 +02:00
Dietmar Maurer
77ebbefc1a src/server/worker_task.rs: make worker_is_active_local pub 2020-05-29 08:06:48 +02:00
Dominik Csapak
05d755b282 fix inserting of worker tasks
when starting a new task, we do two things to keep track of tasks
(in that order):
* updating the 'active' file with a list of tasks with
  'update_active_workers'
* updating the WORKER_TASK_LIST

the second also updates the status of running tasks in the file by
checking if it is still running by checking the WORKER_TASK_LIST

since those two things are not locked, it can happend that
we update the file, and before updating the WORKER_TASK_LIST,
another thread calls update_active_workers and tries to
get the status from the task log, which won't have any data yet
so the status is 'unknown'

(we do not update that status ever, likely for performance reasons,
so we have to fix this here)

by switching the order of the two operations, we make sure that only
tasks reach the 'active' file which are inserted in the WORKER_TASK_LIST

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-05-28 06:24:42 +02:00
Dietmar Maurer
e8d1da6a15 depend on proxmox 0.1.31 - use Value to store result metadata 2020-05-18 09:57:35 +02:00
Dietmar Maurer
5751e49566 src/server/worker_task.rs: implement and use status command 2020-05-07 09:27:33 +02:00
Dietmar Maurer
197de83ffa src/server/command_socket.rs: do not abort loop on client errors, allow backup gid 2020-05-07 09:27:33 +02:00
Dietmar Maurer
99641a6bbb garbage_collect: call fail_on_abort to abort GV when requested. 2020-05-05 09:06:34 +02:00
Dominik Csapak
f9e3b1104e change index to templates using handlebars
using a handlebars instance in ApiConfig, to cache the templates
as long as possible, this is currently ok, as the index template
can only change when the whole package changes

if we split this in the future, we have to trigger a reload of
the daemon on gui package upgrade (so that the template gets reloaded)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-04-29 17:05:53 +02:00
Dietmar Maurer
6e695960ca src/config/cached_user_info.rs: cache it up to 5 seconds 2020-04-18 08:49:20 +02:00
Wolfgang Bumiller
f7d4e4b506 switch from failure to anyhow
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-04-17 18:43:30 +02:00
Dietmar Maurer
9989d2c4e9 src/server/rest.rs: reduce delay for permission error to 500ms 2020-04-16 12:56:34 +02:00
Dietmar Maurer
4b40148caa start impl. access permissions 2020-04-16 12:47:16 +02:00
Dietmar Maurer
708db4b3ae api: add list_domains 2020-04-09 11:36:45 +02:00
Dietmar Maurer
4299ca727c src/server/rest.rs: use correct formatter 2020-03-26 12:54:20 +01:00
Wolfgang Bumiller
9ea4bce444 bump proxmox crate to 0.1.7
The -sys, -tools and -api crate have now been merged into
the proxmx crate directly. Only macro crates are separate
(but still reexported by the proxmox crate in their
designated locations).

When we need to depend on "parts" of the crate later on
we'll just have to use features.

The reason is mostly that these modules had
inter-dependencies which really make them not independent
enough to be their own crates.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-01-21 13:48:37 +01:00
Wolfgang Bumiller
6a0dc4a5bc bump proxmox crate version
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-01-16 11:40:23 +01:00
Wolfgang Bumiller
619495b25e fix use of deprecated items
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-01-16 08:58:54 +01:00
Wolfgang Bumiller
18c0df4c92 import ordering cleanup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-01-16 08:51:52 +01:00
Dietmar Maurer
f74a03da1f remove tools::getpwnam_ugid, impl. crate::backup::backup_user()
And use new nix::unistd::User struct.
2019-12-19 10:20:13 +01:00
Dietmar Maurer
217170e11e src/server/worker_task.rs: set worker thread name
This gives better logs on thread panic...
2019-12-19 07:07:39 +01:00
Wolfgang Bumiller
feaa1ad35f replace file_set_contents with replace_file
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-12-18 11:16:04 +01:00
Thomas Lamprecht
2d694f8f1f add CSS file for PBS ExtJS6 basic ui
some fitting rules copied over from PVE's ext6-pve.css file.
simply place it in the css subfolder where the proxmox-backup-gui.js
file is hosted and add a "css/" alias for that directory, the
formatter gets use the right content type with that.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-12-17 11:20:32 +01:00
Thomas Lamprecht
9c18e93522 handle_static_file_download: move from and_then to await
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-12-17 08:56:55 +01:00
Dietmar Maurer
bb084b9c91 api2: update for latest proxmox-api changes
- rename ApiFuture into ApiResponseFuture
- impl. ApiHandler::Async
2019-12-16 10:01:51 +01:00
Wolfgang Bumiller
db0cb9ce0b update a chunk of stuff to the hyper release
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-12-13 11:24:41 +01:00
Dietmar Maurer
6b508dd563 src/server/formatter.rs: impl. new result attribute "active" 2019-12-07 15:29:42 +01:00
Dietmar Maurer
329d40b50b rename ApiHandler::Async into ApiHandler::AsyncHttp 2019-11-23 09:03:21 +01:00
Dietmar Maurer
70fbac84da src/server/rest.rs: simplify code 2019-11-22 18:44:14 +01:00
Dietmar Maurer
2bbd835b9b src/server/rest.rs: rename get_request_parameters_async to get_request_parameters 2019-11-22 17:24:16 +01:00
Dietmar Maurer
75a5a68944 src/server/rest.rs - only pass ObjectSchema to get_request_parameters_async() 2019-11-22 17:22:07 +01:00
Dietmar Maurer
ad51d02aa9 src/server/rest.rs: cleanup async code 2019-11-22 13:02:05 +01:00
Dietmar Maurer
e57e1cd82d move src/api_schema/config.rs -> src/server/config.rs 2019-11-22 09:23:03 +01:00
Wolfgang Bumiller
a2479cfa1a api/compat: drop more compat imports from api_schema.rs
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-11-21 14:36:28 +01:00
Wolfgang Bumiller
cc4ecf80b0 api/compat: drop api_handler submodule
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-11-21 14:18:41 +01:00
Wolfgang Bumiller
2194824f77 api: BoxFut -> ApiFuture
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-11-21 14:16:37 +01:00
Wolfgang Bumiller
3d482025b3 move api schema into proxmox::api crate
And leave some compat imports in api_schema.rs to get it to
build with minimal changes.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-11-21 14:14:54 +01:00
Dietmar Maurer
255f378a1b use const api definitions 2019-11-21 13:32:09 +01:00
Dietmar Maurer
62ee2eb405 avoid some clippy warnings 2019-10-26 11:42:05 +02:00
Dietmar Maurer
834a2f95a0 avoid some clippy warnings 2019-10-25 18:44:51 +02:00
Wolfgang Bumiller
653b1ca10e some clippy fixups
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-09-11 12:14:05 +02:00
Wolfgang Bumiller
b30415d244 src/server/state.rs: update to tokio alpha.2
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-09-02 15:21:26 +02:00
Wolfgang Bumiller
aadcf7c621 src/server/rest.rs: use tokio::timer::delay
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-09-02 15:21:26 +02:00
Wolfgang Bumiller
75fef4b463 src/server/worker_task.rs: switch to async
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-09-02 15:21:26 +02:00
Wolfgang Bumiller
aa4110cc64 src/server/state.rs: switch to async
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-09-02 15:21:26 +02:00
Wolfgang Bumiller
91e4587343 src/server/rest.rs: switch to async
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-09-02 15:21:26 +02:00
Wolfgang Bumiller
b9b7f7ec1f src/server/h2service.rs: switch to async
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-09-02 15:21:26 +02:00
Wolfgang Bumiller
160fc8147f src/server/command_socket.rs: switch to async
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-09-02 15:21:26 +02:00
Wolfgang Bumiller
2ec979e4ed /var/run -> /run
/var/run is considered deprecated and for instance in
systemd unit files lintian complains...

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-08-21 12:28:24 +02:00
Wolfgang Bumiller
35238e234d switch from create_dir_chown to create_path
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-08-21 12:26:10 +02:00
Dietmar Maurer
f69adc81a6 use new proxmox::tools::nodename 2019-08-03 17:06:23 +02:00
Dietmar Maurer
fd329bdcd7 remove src/tools/procfs.rs, use proxmox::sys::linux::procfs instead 2019-08-03 16:26:44 +02:00
Dietmar Maurer
e18a6c9ee5 update to nix 0.14, use code from proxmox:tools 2019-08-03 13:05:38 +02:00
Dietmar Maurer
80af046794 src/server/rest.rs: avoid unwrap 2019-07-03 12:00:43 +02:00
Dietmar Maurer
7fb4f5642a src/server/rest.rs: log peer address, use hyper MakeService 2019-07-03 11:54:35 +02:00
Dietmar Maurer
fcfb84fedf file download: avoid unnecessary copy 2019-06-28 07:07:52 +02:00
Dietmar Maurer
42a87f7b96 src/server/h2service.rs: implement generic h2 service 2019-06-26 17:38:33 +02:00
Dietmar Maurer
dd8e744f9a src/api2/admin/datastore.rs: use a worker log log prune actions 2019-06-25 08:12:25 +02:00
Wolfgang Bumiller
dd5495d6dc tree-wide: use 'dyn' for all trait objects
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-06-07 13:13:48 +02:00
Dietmar Maurer
34114e2606 src/server/rest.rs: correctly verify json parameters 2019-05-24 09:10:59 +02:00
Dietmar Maurer
1179e15842 src/server/rest.rs: improve error handling 2019-05-23 08:15:32 +02:00
Dietmar Maurer
1133fe9a63 src/server/rest.rs: do not log 1xx status codes as errors 2019-05-14 06:23:22 +02:00
Dietmar Maurer
b4b63e520d handle_async_api_request: put rpcenv into a Box
So that we can pass rpcenv into futures.
2019-05-09 18:01:24 +02:00
Dietmar Maurer
78b5191550 src/server/formatter.rs: further cleanups and renaming ... 2019-05-09 13:28:26 +02:00
Dietmar Maurer
d55037e471 src/server/formatter.rs: rename format_result to format_data
To avoid confusions with Rust Result type.
2019-05-09 13:15:15 +02:00
Dietmar Maurer
21ee7912fa src/api2/admin/datastore/backup.rs: implement upload chunk 2019-05-09 13:06:09 +02:00
Dietmar Maurer
58c8d7d91f rc/api2/admin/datastore/h2upload.rs: implement BackupEnvironment
To pass arbitrary information/state to api methods.
2019-05-08 11:26:54 +02:00
Dietmar Maurer
f757b30efc src/server/rest.rs: use generics to pass RpcEnvironment 2019-05-08 11:09:01 +02:00
Dietmar Maurer
78f7e225e4 src/server/rest.rs: make handle_(a)sync_api_request public 2019-05-07 11:23:52 +02:00
Dietmar Maurer
75097495ad RestEnvironment: derive Clone 2019-05-07 11:09:18 +02:00
Dietmar Maurer
3578d99f3e move normalize_path to tools::normalize_uri_path 2019-05-07 09:44:34 +02:00
Dietmar Maurer
e45afdff9c src/server/state.rs: use new BroadcastData helper 2019-04-30 10:21:48 +02:00
Wolfgang Bumiller
062d4916ff api_schema: allow generic api handler functions
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-04-16 11:22:23 +02:00
Dietmar Maurer
75bc49bed7 src/server/worker_task.rs: implement abort channel 2019-04-15 09:38:05 +02:00
Dietmar Maurer
1be71fb02b src/server/worker_task.rs_ do not write ERROR: prefix into task index 2019-04-15 08:37:13 +02:00
Dietmar Maurer
418def7a78 src/server/worker_task.rs: move common code into log_result
Make new() pub
2019-04-15 07:49:03 +02:00
Dietmar Maurer
37b87869b5 src/server/upid.rs: check for illegal characters 2019-04-15 07:47:51 +02:00
Dietmar Maurer
59961b8954 src/server/command_socket.rs: check control socket permissions 2019-04-11 10:51:59 +02:00
Dietmar Maurer
ba70040dbf src/server/worker_task.rs: change task list sort order - latest on top 2019-04-11 09:43:33 +02:00
Dietmar Maurer
d3f4c08f33 src/server/worker_task.rs: catch panics in worker threads 2019-04-11 07:56:06 +02:00
Dietmar Maurer
98a181f055 src/server/worker_task.rs: log message when we call request_abort() 2019-04-10 13:54:28 +02:00
Dietmar Maurer
321070b4fa src/server/worker_task.rs: implement abort_worker (via command_socket) 2019-04-10 12:42:24 +02:00
Dietmar Maurer
cfb2d3c17c src/server/command_socket.rs: correctly handle/spawn handle parallel connections 2019-04-10 11:05:00 +02:00
Dietmar Maurer
9b002cbc5f src/server/worker_task.rs: use abstract socket 2019-04-10 09:03:17 +02:00
Dietmar Maurer
0bfd87bc5e src/server/worker_task.rs: speedup upid_read_status() 2019-04-09 15:11:48 +02:00
Dietmar Maurer
7ae0bf52dd src/server/command_socket.rs: code cleanup - fix error message 2019-04-09 12:47:42 +02:00
Dietmar Maurer
d607b8861b src/server/worker_task.rs: implement task control socket 2019-04-09 12:15:06 +02:00
Dietmar Maurer
e201753629 src/server/command_socket.rs: implement auto_remove flag
Remove the socket file on close.
2019-04-09 11:47:23 +02:00
Dietmar Maurer
634132fe10 src/server/upid.rs: moved code into separate file 2019-04-08 18:43:26 +02:00
Dietmar Maurer
78a39e0517 src/server/command_socket.rs: simple command socket 2019-04-08 17:59:39 +02:00
Dietmar Maurer
7a630df709 implement server state/signal handling, depend on tokio-signal 2019-04-08 13:59:07 +02:00
Dietmar Maurer
b75b968147 src/server/worker_task.rs: implement is_active() 2019-04-07 14:36:25 +02:00
Dietmar Maurer
4494d07819 src/server/worker_task.rs: make log_path a method on UPID 2019-04-07 13:51:46 +02:00
Dietmar Maurer
35950380a9 src/server/worker_task.rs: carefully handle file permissions 2019-04-06 17:53:12 +02:00
Dietmar Maurer
660c684640 src/server/worker_task.rs: return upid_str 2019-04-06 11:23:53 +02:00
Dietmar Maurer
93aebb38bc src/server/worker_task.rs: implement read_task_list() 2019-04-06 10:17:11 +02:00
Dietmar Maurer
4a36a2c999 src/server/worker_task.rs: improve UPID format description 2019-04-06 09:36:50 +02:00
Dietmar Maurer
882594c5e9 src/server.rs: improve crate layout 2019-04-06 09:17:25 +02:00
Dietmar Maurer
4b01c983f0 src/server/worker_task.rs: implement persistent task list 2019-04-05 12:37:35 +02:00
Dietmar Maurer
9a0d0ff774 server/worker_task.rs: implement UPID parser 2019-04-04 13:49:35 +02:00
Dietmar Maurer
479f6e40ec src/server/worker_task.rs: implement task registry 2019-04-04 08:58:39 +02:00
Dietmar Maurer
49d123ee3a src/server/rest.rs: use formatter to encode errors 2019-04-01 08:04:12 +02:00
Dietmar Maurer
7d4ef127cb src/server/rest.rs: generate csrf token if we have a valid ticket
This is important if the user reloads the browser page.
2019-04-01 07:52:30 +02:00
Dietmar Maurer
8346f0d59b src/server/rest.rs: correctly extract content type 2019-03-19 12:50:15 +01:00
Dietmar Maurer
e5662b04e9 src/tools/ticket.rs: define const TICKET_LIFETIME 2019-03-05 12:56:21 +01:00
Dietmar Maurer
0ffbccce5e rc/server/rest.rs: allow to pass parameters as application/json 2019-02-27 12:37:53 +01:00
Wolfgang Bumiller
fc7f03523c cleanup
Error::from is already a function taking 1 parameter,
there's no need to wrap it with `|e| Error::from(e)`.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-18 13:21:27 +01:00
Dietmar Maurer
1cb99c234e src/server/rest.rs: correctly insert NoLogExtension() 2019-02-18 06:54:12 +01:00
Dietmar Maurer
7f1685230a src/server/rest.rs: get_index() include username and CSRF token
When we have an valid ticket. Also delay get_index() if called with
an invalid ticket.
2019-02-17 19:28:32 +01:00
Dietmar Maurer
141de8374a src/server/rest.rs: factor our normalize_path() 2019-02-17 17:31:53 +01:00
Dietmar Maurer
8225aa2ff6 src/server/rest.rs: improve logs for unauthorized request 2019-02-17 17:18:44 +01:00
Dietmar Maurer
ef2f2efbcc improve api_schema module structure 2019-02-17 10:16:33 +01:00
Dietmar Maurer
dc9a007b11 rename src/api to src/api_schema 2019-02-17 09:59:20 +01:00
Dietmar Maurer
5ddf8cb10a cleanup auth code, verify CSRF prevention token 2019-02-16 15:52:55 +01:00
Dietmar Maurer
d4736445fe server/rest.rs: add method to log message 2019-02-15 10:16:12 +01:00
Dietmar Maurer
44c00c0dfd server/rest.rs: log full error messages 2019-02-15 09:55:12 +01:00
Dietmar Maurer
7171b3e079 server/rest.rs: use a protocol extension to avoid double log
Instead of modifying the response header itself.
2019-02-14 16:04:24 +01:00
Dietmar Maurer
7e03988caf avoid double logging of proxied requests 2019-02-14 13:28:41 +01:00
Dietmar Maurer
78a1fa6722 src/server/rest.rs: log failed requests 2019-02-14 13:07:34 +01:00
Dietmar Maurer
0dffe3f99a src/client/http_client.rs: try to login
use an environment var to store passphrase (PBS_PASSWORD)
2019-02-13 14:31:43 +01:00
Wolfgang Bumiller
e937034c86 remove some rather inconvenient debug output
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-04 15:34:38 +01:00
Dietmar Maurer
4b2cdeb9a6 implement relead_timezone flag 2019-02-01 10:04:46 +01:00
Dietmar Maurer
a154a8e8a4 delay unauthorized request (rate limit) 2019-01-31 14:34:21 +01:00
Dietmar Maurer
5996577ab6 move http error class to router.rs 2019-01-31 13:22:30 +01:00
Dietmar Maurer
b9903d6331 server/rest.rs: verify auth cookie 2019-01-31 12:22:00 +01:00
Dietmar Maurer
f484eed3c2 Utils.js: fix cookie handling
Use unsecure cookie foör testing.
2019-01-31 10:08:08 +01:00
Dietmar Maurer
34f956bc25 api2/access.rs: add ticket api 2019-01-30 15:16:10 +01:00
Dietmar Maurer
c8f3f9b1af server/rest.rs: simplify proxy code
Only pass neccessary parameters.
2019-01-28 18:22:16 +01:00
Dietmar Maurer
a3da38ddfd server/rest.rs: implement proxy_sync_api_request 2019-01-28 18:06:42 +01:00
Dietmar Maurer
f120483353 server/rest.rs: add proxy_sync_api_request() dummy 2019-01-28 17:30:39 +01:00
Dietmar Maurer
5bb3398171 server/formatter.rs: fix extjs error format 2019-01-28 13:44:48 +01:00
Dietmar Maurer
02c7a75520 src/bin/proxmox-backup-proxy.rs: implement unpriviledged server
We want to run the public server as user www-data. Requests needing
root priviledges needs to be proxied to the proxmox-backup.service, which
now listens to 127.0.0.1:82.
2019-01-28 13:29:58 +01:00
Dietmar Maurer
d7d23785f0 RpcEnvironment: implement set_user() and get_user() 2019-01-27 10:52:26 +01:00
Dietmar Maurer
162b979394 RpcEnvironment: add environment type enum RpcEnvironmentType 2019-01-27 10:33:42 +01:00
Dietmar Maurer
e82dad9700 also pass rpcenv to async handlers 2019-01-27 10:18:52 +01:00
Dietmar Maurer
0f253593c6 move rpc environment implementation to separate files 2019-01-26 15:08:02 +01:00
Dietmar Maurer
6049b71f41 api: pass RpcEnvirnment to api handlers 2019-01-26 14:50:37 +01:00
Dietmar Maurer
d15009c0ce server/rest.rs: fake login cookie 2019-01-23 12:49:10 +01:00
Dietmar Maurer
576e3bf252 rename api3 back to api2
There is no real need to change the path, so using api2 we can reuse
all helpers (like tools from proxmox widget toolkit).
2019-01-22 12:10:38 +01:00
Dietmar Maurer
059ca7c3a1 remove crate tokio-codec (seems to be part of tokio now) 2019-01-20 14:28:06 +01:00
Dietmar Maurer
50cfb695ae api/router.rs: rename ApiUploadMethod to ApiAsyncMethod
We can use this for uploads and downloads ...
2019-01-19 16:42:43 +01:00
Dietmar Maurer
83bdac1e3b api3/admin/datastore/upload_catar.rs: verify content type ("application/x-proxmox-backup-catar") 2019-01-17 12:43:29 +01:00
Dietmar Maurer
0ee0ad5bf3 api/router.rs: return Result in upload handler 2019-01-17 12:03:38 +01:00
Dietmar Maurer
cf16af2ab3 server/rest.rs: correctly pass query/url parameters 2019-01-16 13:58:36 +01:00
Dietmar Maurer
1629d2ad7b api3/admin/datastore/upload_catar.rs: implement upload future 2019-01-15 11:38:26 +01:00
Dietmar Maurer
7e21da6e23 api/router.rs: allow different types of api methods
Added a prototype for file/backup uploads.
2019-01-14 12:26:04 +01:00
Wolfgang Bumiller
1ed86a0bae rest: rename utf-8-checked 'bytes' to 'utf8'
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-01-08 14:22:43 +01:00