auth_helpers.rs: split code into separate file

src/auth_helpers.rs

@@ -0,0 +1,52 @@
+use crate::tools;
+
+use failure::*;
+
+use openssl::rsa::{Rsa};
+use std::path::PathBuf;
+
+pub fn generate_csrf_key() -> Result<(), Error> {
+
+    let path = PathBuf::from("/etc/proxmox-backup/csrf.key");
+
+    if path.exists() { return Ok(()); }
+
+    let rsa = Rsa::generate(2048).unwrap();
+
+    let pem = rsa.private_key_to_pem()?;
+
+    use nix::sys::stat::Mode;
+
+    tools::file_set_contents(
+        &path, &pem, Some(Mode::from_bits_truncate(0o0640)))?;
+
+    nix::unistd::chown(&path, Some(nix::unistd::ROOT), Some(nix::unistd::Gid::from_raw(33)))?;
+
+    Ok(())
+}
+
+pub fn generate_auth_key() -> Result<(), Error> {
+
+    let priv_path = PathBuf::from("/etc/proxmox-backup/authkey.key");
+
+    let mut public_path = priv_path.clone();
+    public_path.set_extension("pub");
+
+    if priv_path.exists() && public_path.exists() { return Ok(()); }
+
+    let rsa = Rsa::generate(4096).unwrap();
+
+    let priv_pem = rsa.private_key_to_pem()?;
+
+    use nix::sys::stat::Mode;
+
+    tools::file_set_contents(
+        &priv_path, &priv_pem, Some(Mode::from_bits_truncate(0o0600)))?;
+
+
+    let public_pem = rsa.public_key_to_pem()?;
+
+    tools::file_set_contents(&public_path, &public_pem, None)?;
+
+    Ok(())
+}