bin/proxmox-backup-api.rs: gererate secret for csrf token

This commit is contained in:
Dietmar Maurer 2019-01-29 13:15:33 +01:00
parent 26027a151e
commit 39a90ca6c5

View File

@ -18,7 +18,27 @@ use futures::future::Future;
use hyper;
pub fn gen_auth_key() -> Result<(), Error> {
pub fn generate_csrf_key() -> Result<(), Error> {
let path = PathBuf::from("/etc/proxmox-backup/csrf.key");
if path.exists() { return Ok(()); }
let rsa = Rsa::generate(2048).unwrap();
let pem = rsa.private_key_to_pem()?;
use nix::sys::stat::Mode;
tools::file_set_contents(
&path, &pem, Some(Mode::from_bits_truncate(0o0640)))?;
nix::unistd::chown(&path, Some(nix::unistd::ROOT), Some(nix::unistd::Gid::from_raw(33)))?;
Ok(())
}
pub fn generate_auth_key() -> Result<(), Error> {
let priv_path = PathBuf::from("/etc/proxmox-backup/authkey.key");
@ -54,11 +74,16 @@ fn main() {
std::process::exit(-1);
}
if let Err(err) = gen_auth_key() {
if let Err(err) = generate_auth_key() {
eprintln!("unable to generate auth key: {}", err);
std::process::exit(-1);
}
if let Err(err) = generate_csrf_key() {
eprintln!("unable to generate csrf key: {}", err);
std::process::exit(-1);
}
let command : Arc<Schema> = StringSchema::new("Command.")
.format(Arc::new(ApiStringFormat::Enum(vec![
"start".into(),