},
policy => {
description => "TLS policy",
- type => 'string', format => 'tls-policy',
+ type => 'string', format => 'tls-policy-strict',
},
},
},
code => sub {
my ($param) = @_;
my $domain = $param->{domain};
- my $policy = PMG::Config::pmg_verify_tls_policy_strict($param->{policy});
-
- raise_param_exc({ policy => "$param->{policy} is not a valid TLSPolicy" })
- if ! defined($policy);
+ my $policy = $param->{policy};
my $code = sub {
my $tls_policy = PVE::INotify::read_file('tls_policy');
},
policy => {
description => "TLS policy",
- type => 'string', format => 'tls-policy',
+ type => 'string', format => 'tls-policy-strict',
},
},
},
code => sub {
my ($param) = @_;
my $domain = $param->{domain};
- my $policy = PMG::Config::pmg_verify_tls_policy_strict($param->{policy});
-
- raise_param_exc({ policy => "$param->{policy} is not a valid TLSPolicy" })
- if ! defined($policy);
+ my $policy = $param->{policy};
my $code = sub {
return $policy;
}
-sub pmg_verify_tls_policy_strict {
- my ($policy) = @_;
+PVE::JSONSchema::register_format(
+ 'tls-policy-strict', \&pmg_verify_tls_policy_strict);
- return $policy
- if ($policy =~ /^$VALID_TLS_POLICY_RE$/);
+sub pmg_verify_tls_policy_strict {
+ my ($policy, $noerr) = @_;
- return undef;
+ if ($policy !~ /^$VALID_TLS_POLICY_RE$/) {
+ return undef if $noerr;
+ die "value '$policy' does not look like a valid tls policy\n";
+ }
+ return $policy;
}
sub read_tls_policy {