From 5839c469c16153034bf69ff435ef1e77d3c7f490 Mon Sep 17 00:00:00 2001
From: Dietmar Maurer <dietmar@proxmox.com>
Date: Tue, 7 Sep 2021 10:37:08 +0200
Subject: [PATCH] move tape_encryption_keys.rs to pbs_config workspace

---
 pbs-config/src/lib.rs                         |  1 +
 .../src}/tape_encryption_keys.rs              |  7 +++--
 src/api2/config/tape_encryption_keys.rs       | 28 +++++++++----------
 src/api2/tape/drive.rs                        |  3 +-
 src/bin/proxmox_tape/encryption_key.rs        | 24 ++++++----------
 src/bin/proxmox_tape/pool.rs                  | 16 ++---------
 src/config/mod.rs                             |  1 -
 src/tape/drive/lto/mod.rs                     | 13 +++------
 src/tape/pool_writer/mod.rs                   |  2 +-
 9 files changed, 36 insertions(+), 59 deletions(-)
 rename {src/config => pbs-config/src}/tape_encryption_keys.rs (96%)

diff --git a/pbs-config/src/lib.rs b/pbs-config/src/lib.rs
index c73766b7..bc3b5aae 100644
--- a/pbs-config/src/lib.rs
+++ b/pbs-config/src/lib.rs
@@ -3,6 +3,7 @@ pub mod drive;
 pub mod key_config;
 pub mod media_pool;
 pub mod remote;
+pub mod tape_encryption_keys;
 
 use anyhow::{format_err, Error};
 
diff --git a/src/config/tape_encryption_keys.rs b/pbs-config/src/tape_encryption_keys.rs
similarity index 96%
rename from src/config/tape_encryption_keys.rs
rename to pbs-config/src/tape_encryption_keys.rs
index 63861508..4919ad86 100644
--- a/src/config/tape_encryption_keys.rs
+++ b/pbs-config/src/tape_encryption_keys.rs
@@ -17,8 +17,9 @@ use serde::{Deserialize, Serialize};
 
 use proxmox::tools::fs::file_read_optional_string;
 use pbs_api_types::Fingerprint;
-use pbs_config::key_config::KeyConfig;
-use pbs_config::{open_backup_lockfile, replace_secret_config};
+
+use crate::key_config::KeyConfig;
+use crate::{open_backup_lockfile, replace_secret_config, replace_backup_config};
 
 mod hex_key {
     use serde::{self, Deserialize, Serializer, Deserializer};
@@ -147,7 +148,7 @@ pub fn save_key_configs(map: HashMap<Fingerprint, KeyConfig>) -> Result<(), Erro
     }
 
     let raw = serde_json::to_string_pretty(&list)?;
-    pbs_config::replace_backup_config(TAPE_KEY_CONFIG_FILENAME, raw.as_bytes())
+    replace_backup_config(TAPE_KEY_CONFIG_FILENAME, raw.as_bytes())
 }
 
 /// Insert a new key
diff --git a/src/api2/config/tape_encryption_keys.rs b/src/api2/config/tape_encryption_keys.rs
index 355efdcc..d20302a5 100644
--- a/src/api2/config/tape_encryption_keys.rs
+++ b/src/api2/config/tape_encryption_keys.rs
@@ -11,9 +11,22 @@ use proxmox::{
     },
 };
 
-use pbs_api_types::{Fingerprint, KeyInfo, Kdf};
+use pbs_api_types::{
+    Fingerprint, KeyInfo, Kdf,
+    TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA,
+    PROXMOX_CONFIG_DIGEST_SCHEMA, PASSWORD_HINT_SCHEMA,
+};
+
 use pbs_config::key_config::KeyConfig;
 use pbs_config::open_backup_lockfile;
+use pbs_config::tape_encryption_keys::{
+    TAPE_KEYS_LOCKFILE,
+    load_keys,
+    load_key_configs,
+    save_keys,
+    save_key_configs,
+    insert_key,
+};
 
 use crate::{
     config::{
@@ -21,19 +34,6 @@ use crate::{
             PRIV_TAPE_AUDIT,
             PRIV_TAPE_MODIFY,
         },
-        tape_encryption_keys::{
-            TAPE_KEYS_LOCKFILE,
-            load_keys,
-            load_key_configs,
-            save_keys,
-            save_key_configs,
-            insert_key,
-        },
-    },
-    api2::types::{
-        TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA,
-        PROXMOX_CONFIG_DIGEST_SCHEMA,
-        PASSWORD_HINT_SCHEMA,
     },
 };
 
diff --git a/src/api2/tape/drive.rs b/src/api2/tape/drive.rs
index 8b60a2b4..5878ca44 100644
--- a/src/api2/tape/drive.rs
+++ b/src/api2/tape/drive.rs
@@ -26,7 +26,6 @@ use pbs_datastore::task_log;
 
 use crate::{
     config::{
-        self,
         cached_user_info::CachedUserInfo,
         acl::{
             PRIV_TAPE_AUDIT,
@@ -658,7 +657,7 @@ pub async fn restore_key(
             if let Some(key_config) = key_config {
                 let password_fn = || { Ok(password.as_bytes().to_vec()) };
                 let (key, ..) = key_config.decrypt(&password_fn)?;
-                config::tape_encryption_keys::insert_key(key, key_config, true)?;
+                pbs_config::tape_encryption_keys::insert_key(key, key_config, true)?;
             } else {
                 bail!("media does not contain any encryption key configuration");
             }
diff --git a/src/bin/proxmox_tape/encryption_key.rs b/src/bin/proxmox_tape/encryption_key.rs
index 998928a6..06c62f4d 100644
--- a/src/bin/proxmox_tape/encryption_key.rs
+++ b/src/bin/proxmox_tape/encryption_key.rs
@@ -11,24 +11,16 @@ use proxmox::{
     sys::linux::tty,
 };
 
-use pbs_api_types::{Fingerprint, Kdf};
-use pbs_datastore::paperkey::{PaperkeyFormat, generate_paper_key};
-
-use proxmox_backup::{
-    api2::{
-        self,
-        types::{
-            DRIVE_NAME_SCHEMA,
-            TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA,
-            PASSWORD_HINT_SCHEMA,
-        },
-    },
-    config::tape_encryption_keys::{
-        load_key_configs,
-        complete_key_fingerprint,
-    },
+use pbs_api_types::{
+    Fingerprint, Kdf, DRIVE_NAME_SCHEMA, TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA,
+    PASSWORD_HINT_SCHEMA,
 };
 
+use pbs_datastore::paperkey::{PaperkeyFormat, generate_paper_key};
+use pbs_config::tape_encryption_keys::{load_key_configs,complete_key_fingerprint};
+
+use proxmox_backup::api2;
+
 pub fn encryption_key_commands() -> CommandLineInterface {
 
     let cmd_def = CliCommandMap::new()
diff --git a/src/bin/proxmox_tape/pool.rs b/src/bin/proxmox_tape/pool.rs
index 0889a764..6fe9a63c 100644
--- a/src/bin/proxmox_tape/pool.rs
+++ b/src/bin/proxmox_tape/pool.rs
@@ -10,21 +10,11 @@ use proxmox::{
     },
 };
 
+use pbs_api_types::MEDIA_POOL_NAME_SCHEMA;
 use pbs_config::media_pool::complete_pool_name;
+use pbs_config::tape_encryption_keys::complete_key_fingerprint;
 
-use proxmox_backup::{
-    api2::{
-        self,
-        types::{
-            MEDIA_POOL_NAME_SCHEMA,
-        },
-    },
-    config::{
-        tape_encryption_keys:: {
-            complete_key_fingerprint,
-        },
-    },
-};
+use proxmox_backup::api2;
 
 pub fn pool_commands() -> CommandLineInterface {
 
diff --git a/src/config/mod.rs b/src/config/mod.rs
index 89f155e0..8f305855 100644
--- a/src/config/mod.rs
+++ b/src/config/mod.rs
@@ -25,7 +25,6 @@ pub mod tfa;
 pub mod token_shadow;
 pub mod user;
 pub mod verify;
-pub mod tape_encryption_keys;
 pub mod tape_job;
 
 /// Check configuration directory permissions
diff --git a/src/tape/drive/lto/mod.rs b/src/tape/drive/lto/mod.rs
index e5040613..dd9c9aac 100644
--- a/src/tape/drive/lto/mod.rs
+++ b/src/tape/drive/lto/mod.rs
@@ -27,18 +27,13 @@ use proxmox::{
     sys::error::SysResult,
 };
 
-use pbs_api_types::Fingerprint;
+use pbs_api_types::{
+    Fingerprint, MamAttribute, LtoDriveAndMediaStatus, LtoTapeDrive, Lp17VolumeStatistics,
+};
 use pbs_config::key_config::KeyConfig;
 use pbs_tools::run_command;
 
 use crate::{
-    config,
-    api2::types::{
-        MamAttribute,
-        LtoDriveAndMediaStatus,
-        LtoTapeDrive,
-        Lp17VolumeStatistics,
-    },
     tape::{
         TapeRead,
         TapeWrite,
@@ -378,7 +373,7 @@ impl TapeDriver for LtoTapeHandle {
 
             if let Some((ref key_fingerprint, ref uuid)) = key_fingerprint {
 
-                let (key_map, _digest) = config::tape_encryption_keys::load_keys()?;
+                let (key_map, _digest) = pbs_config::tape_encryption_keys::load_keys()?;
                 match key_map.get(key_fingerprint) {
                     Some(item) => {
 
diff --git a/src/tape/pool_writer/mod.rs b/src/tape/pool_writer/mod.rs
index df569ab2..8a728f1d 100644
--- a/src/tape/pool_writer/mod.rs
+++ b/src/tape/pool_writer/mod.rs
@@ -14,6 +14,7 @@ use anyhow::{bail, Error};
 use proxmox::tools::Uuid;
 
 use pbs_datastore::task_log;
+use pbs_config::tape_encryption_keys::load_key_configs;
 
 use crate::{
     backup::{
@@ -42,7 +43,6 @@ use crate::{
             media_changer,
         },
     },
-    config::tape_encryption_keys::load_key_configs,
 };