more xdg cleanup and encryption parameter improvements
Have a single common function to get the BaseDirectories instance and a wrapper for `find()` and `place()` which wrap the error with some context. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This commit is contained in:
parent
b65390ebc9
commit
05389a0109
@ -677,7 +677,10 @@ fn keyfile_parameters(param: &Value) -> Result<(Option<PathBuf>, CryptMode), Err
|
|||||||
|
|
||||||
Ok(match (keyfile, crypt_mode) {
|
Ok(match (keyfile, crypt_mode) {
|
||||||
// no parameters:
|
// no parameters:
|
||||||
(None, None) => (key::find_default_encryption_key()?, CryptMode::Encrypt),
|
(None, None) => match key::find_default_encryption_key()? {
|
||||||
|
Some(key) => (Some(key), CryptMode::Encrypt),
|
||||||
|
None => (None, CryptMode::None),
|
||||||
|
},
|
||||||
|
|
||||||
// just --crypt-mode=none
|
// just --crypt-mode=none
|
||||||
(None, Some(CryptMode::None)) => (None, CryptMode::None),
|
(None, Some(CryptMode::None)) => (None, CryptMode::None),
|
||||||
@ -906,14 +909,14 @@ async fn create_backup(
|
|||||||
|
|
||||||
let crypt_config = CryptConfig::new(key)?;
|
let crypt_config = CryptConfig::new(key)?;
|
||||||
|
|
||||||
let path = master_pubkey_path()?;
|
match key::find_master_pubkey()? {
|
||||||
if path.exists() {
|
Some(ref path) if path.exists() => {
|
||||||
let pem_data = file_get_contents(&path)?;
|
let pem_data = file_get_contents(path)?;
|
||||||
let rsa = openssl::rsa::Rsa::public_key_from_pem(&pem_data)?;
|
let rsa = openssl::rsa::Rsa::public_key_from_pem(&pem_data)?;
|
||||||
let enc_key = crypt_config.generate_rsa_encoded_key(rsa, created)?;
|
let enc_key = crypt_config.generate_rsa_encoded_key(rsa, created)?;
|
||||||
(Some(Arc::new(crypt_config)), Some(enc_key))
|
(Some(Arc::new(crypt_config)), Some(enc_key))
|
||||||
} else {
|
}
|
||||||
(Some(Arc::new(crypt_config)), None)
|
_ => (Some(Arc::new(crypt_config)), None),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
@ -1734,15 +1737,6 @@ fn complete_chunk_size(_arg: &str, _param: &HashMap<String, String>) -> Vec<Stri
|
|||||||
result
|
result
|
||||||
}
|
}
|
||||||
|
|
||||||
fn master_pubkey_path() -> Result<PathBuf, Error> {
|
|
||||||
let base = BaseDirectories::with_prefix("proxmox-backup")?;
|
|
||||||
|
|
||||||
// usually $HOME/.config/proxmox-backup/master-public.pem
|
|
||||||
let path = base.place_config_file("master-public.pem")?;
|
|
||||||
|
|
||||||
Ok(path)
|
|
||||||
}
|
|
||||||
|
|
||||||
use proxmox_backup::client::RemoteChunkReader;
|
use proxmox_backup::client::RemoteChunkReader;
|
||||||
/// This is a workaround until we have cleaned up the chunk/reader/... infrastructure for better
|
/// This is a workaround until we have cleaned up the chunk/reader/... infrastructure for better
|
||||||
/// async use!
|
/// async use!
|
||||||
|
@ -1,9 +1,8 @@
|
|||||||
use std::path::PathBuf;
|
use std::path::PathBuf;
|
||||||
|
|
||||||
use anyhow::{bail, format_err, Context, Error};
|
use anyhow::{bail, format_err, Error};
|
||||||
use chrono::{Local, TimeZone};
|
use chrono::{Local, TimeZone};
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
use xdg::BaseDirectories;
|
|
||||||
|
|
||||||
use proxmox::api::api;
|
use proxmox::api::api;
|
||||||
use proxmox::api::cli::{CliCommand, CliCommandMap};
|
use proxmox::api::cli::{CliCommand, CliCommandMap};
|
||||||
@ -16,29 +15,22 @@ use proxmox_backup::backup::{
|
|||||||
use proxmox_backup::tools;
|
use proxmox_backup::tools;
|
||||||
|
|
||||||
pub const DEFAULT_ENCRYPTION_KEY_FILE_NAME: &str = "encryption-key.json";
|
pub const DEFAULT_ENCRYPTION_KEY_FILE_NAME: &str = "encryption-key.json";
|
||||||
|
pub const MASTER_PUBKEY_FILE_NAME: &str = "master-public.pem";
|
||||||
|
|
||||||
pub fn master_pubkey_path() -> Result<PathBuf, Error> {
|
pub fn find_master_pubkey() -> Result<Option<PathBuf>, Error> {
|
||||||
let base = BaseDirectories::with_prefix("proxmox-backup")?;
|
super::find_xdg_file(MASTER_PUBKEY_FILE_NAME, "main public key file")
|
||||||
|
}
|
||||||
|
|
||||||
// usually $HOME/.config/proxmox-backup/master-public.pem
|
pub fn place_master_pubkey() -> Result<PathBuf, Error> {
|
||||||
let path = base.place_config_file("master-public.pem")?;
|
super::place_xdg_file(MASTER_PUBKEY_FILE_NAME, "main public key file")
|
||||||
|
|
||||||
Ok(path)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn find_default_encryption_key() -> Result<Option<PathBuf>, Error> {
|
pub fn find_default_encryption_key() -> Result<Option<PathBuf>, Error> {
|
||||||
BaseDirectories::with_prefix("proxmox-backup")
|
super::find_xdg_file(DEFAULT_ENCRYPTION_KEY_FILE_NAME, "default encryption key file")
|
||||||
.map(|base| base.find_config_file(DEFAULT_ENCRYPTION_KEY_FILE_NAME))
|
|
||||||
.with_context(|| "error searching for default encryption key file")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn place_default_encryption_key() -> Result<PathBuf, Error> {
|
pub fn place_default_encryption_key() -> Result<PathBuf, Error> {
|
||||||
BaseDirectories::with_prefix("proxmox-backup")
|
super::place_xdg_file(DEFAULT_ENCRYPTION_KEY_FILE_NAME, "default encryption key file")
|
||||||
.map_err(Error::from)
|
|
||||||
.and_then(|base| {
|
|
||||||
base.place_config_file(DEFAULT_ENCRYPTION_KEY_FILE_NAME).map_err(Error::from)
|
|
||||||
})
|
|
||||||
.with_context(|| "failed to place default encryption key file in xdg home")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn get_encryption_key_password() -> Result<Vec<u8>, Error> {
|
pub fn get_encryption_key_password() -> Result<Vec<u8>, Error> {
|
||||||
@ -216,7 +208,7 @@ fn import_master_pubkey(path: String) -> Result<(), Error> {
|
|||||||
bail!("Unable to decode PEM data - {}", err);
|
bail!("Unable to decode PEM data - {}", err);
|
||||||
}
|
}
|
||||||
|
|
||||||
let target_path = master_pubkey_path()?;
|
let target_path = place_master_pubkey()?;
|
||||||
|
|
||||||
replace_file(&target_path, &pem_data, CreateOptions::new())?;
|
replace_file(&target_path, &pem_data, CreateOptions::new())?;
|
||||||
|
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
use anyhow::{Context, Error};
|
||||||
|
|
||||||
mod benchmark;
|
mod benchmark;
|
||||||
pub use benchmark::*;
|
pub use benchmark::*;
|
||||||
mod mount;
|
mod mount;
|
||||||
@ -8,3 +10,30 @@ mod catalog;
|
|||||||
pub use catalog::*;
|
pub use catalog::*;
|
||||||
|
|
||||||
pub mod key;
|
pub mod key;
|
||||||
|
|
||||||
|
pub fn base_directories() -> Result<xdg::BaseDirectories, Error> {
|
||||||
|
xdg::BaseDirectories::with_prefix("proxmox-backup").map_err(Error::from)
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Convenience helper for better error messages:
|
||||||
|
pub fn find_xdg_file(
|
||||||
|
file_name: impl AsRef<std::path::Path>,
|
||||||
|
description: &'static str,
|
||||||
|
) -> Result<Option<std::path::PathBuf>, Error> {
|
||||||
|
let file_name = file_name.as_ref();
|
||||||
|
base_directories()
|
||||||
|
.map(|base| base.find_config_file(file_name))
|
||||||
|
.with_context(|| format!("error searching for {}", description))
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn place_xdg_file(
|
||||||
|
file_name: impl AsRef<std::path::Path>,
|
||||||
|
description: &'static str,
|
||||||
|
) -> Result<std::path::PathBuf, Error> {
|
||||||
|
let file_name = file_name.as_ref();
|
||||||
|
base_directories()
|
||||||
|
.and_then(|base| {
|
||||||
|
base.place_config_file(file_name).map_err(Error::from)
|
||||||
|
})
|
||||||
|
.with_context(|| format!("failed to place {} in xdg home", description))
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user