make pbs_tools::cert not depend on pbs-buildcfg

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

pbs-tools/src/cert.rs

@@ -1,3 +1,5 @@
+//! Deals with the server's current certificates (proxy.pem).
+
 use std::path::PathBuf;
 use std::mem::MaybeUninit;
 
@@ -7,8 +9,6 @@ use openssl::x509::{X509, GeneralName};
 use openssl::stack::Stack;
 use openssl::pkey::{Public, PKey};
 
-use pbs_buildcfg::configdir;
-
 // C type:
 #[allow(non_camel_case_types)]
 type ASN1_TIME = <openssl::asn1::Asn1TimeRef as ForeignTypeRef>::CType;
@@ -40,10 +40,6 @@ fn x509name_to_string(name: &openssl::x509::X509NameRef) -> Result<String, Error
 }
 
 impl CertInfo {
-    pub fn new() -> Result<Self, Error> {
-        Self::from_path(PathBuf::from(configdir!("/proxy.pem")))
-    }
-
     pub fn from_path(path: PathBuf) -> Result<Self, Error> {
         Self::from_pem(&proxmox::tools::fs::file_get_contents(&path)?)
             .map_err(|err| format_err!("failed to load certificate from {:?} - {}", path, err))

src/api2/node/status.rs

@@ -8,7 +8,6 @@ use proxmox::sys::linux::procfs;
 
 use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission};
 
-use pbs_tools::cert::CertInfo;
 use pbs_api_types::{NODE_SCHEMA, NodePowerCommand, PRIV_SYS_AUDIT, PRIV_SYS_POWER_MANAGEMENT};
 
 use crate::api2::types::{
@@ -88,7 +87,7 @@ fn get_status(
         cpu,
         wait,
         info: NodeInformation {
-            fingerprint: CertInfo::new()?.fingerprint()?,
+            fingerprint: crate::cert_info()?.fingerprint()?,
         },
     })
 }

src/bin/proxmox_backup_manager/cert.rs

@@ -2,8 +2,6 @@ use anyhow::{bail, Error};
 
 use proxmox::api::{api, cli::*};
 
-use pbs_tools::cert::CertInfo;
-
 use proxmox_backup::config;
 use proxmox_backup::auth_helpers::*;
 
@@ -11,7 +9,7 @@ use proxmox_backup::auth_helpers::*;
 /// Display node certificate information.
 fn cert_info() -> Result<(), Error> {
 
-    let cert = CertInfo::new()?;
+    let cert = proxmox_backup::cert_info()?;
 
     println!("Subject: {}", cert.subject_name()?);
 

src/client_helpers.rs

@@ -2,7 +2,6 @@ use anyhow::Error;
 
 use pbs_api_types::{Authid, Userid};
 use pbs_client::{HttpClient, HttpClientOptions};
-use pbs_tools::cert::CertInfo;
 use pbs_tools::ticket::Ticket;
 
 use crate::auth_helpers::private_auth_key;
@@ -14,7 +13,7 @@ pub fn connect_to_localhost() -> Result<pbs_client::HttpClient, Error> {
     let options = if nix::unistd::Uid::current().is_root() {
         let auth_key = private_auth_key();
         let ticket = Ticket::new("PBS", Userid::root_userid())?.sign(auth_key, None)?;
-        let fingerprint = CertInfo::new()?.fingerprint()?;
+        let fingerprint = crate::cert_info()?.fingerprint()?;
         HttpClientOptions::new_non_interactive(ticket, Some(fingerprint))
     } else {
         HttpClientOptions::new_interactive(None, None)

src/lib.rs

@@ -3,6 +3,11 @@
 //! The [backup](backup/index.html) module contains some detailed information
 //! on the inner workings of the backup server regarding data storage.
 
+use std::path::PathBuf;
+
+use pbs_buildcfg::configdir;
+use pbs_tools::cert::CertInfo;
+
 #[macro_use]
 pub mod tools;
 
@@ -27,3 +32,8 @@ pub mod tape;
 pub mod acme;
 
 pub mod client_helpers;
+
+/// Get the server's certificate info (from `proxy.pem`).
+pub fn cert_info() -> Result<CertInfo, anyhow::Error> {
+    CertInfo::from_path(PathBuf::from(configdir!("/proxy.pem")))
+}