src/backup/data_blob.rs: avoid Arc<CryptConfig>
use simple reference instead.
This commit is contained in:
Dietmar Maurer
parent
4ee8f53d07
commit
7123ff7d43
@ -1,6 +1,5 @@
|
|||||||
use failure::*;
|
use failure::*;
|
||||||
use std::convert::TryInto;
|
use std::convert::TryInto;
|
||||||
use std::sync::Arc;
|
|
||||||
|
|
||||||
use proxmox::tools::io::{ReadExt, WriteExt};
|
use proxmox::tools::io::{ReadExt, WriteExt};
|
||||||
|
|
||||||
@ -79,7 +78,7 @@ impl DataBlob {
|
|||||||
/// Create a DataBlob, optionally compressed and/or encrypted
|
/// Create a DataBlob, optionally compressed and/or encrypted
|
||||||
pub fn encode(
|
pub fn encode(
|
||||||
data: &[u8],
|
data: &[u8],
|
||||||
config: Option<Arc<CryptConfig>>,
|
config: Option<&CryptConfig>,
|
||||||
compress: bool,
|
compress: bool,
|
||||||
) -> Result<Self, Error> {
|
) -> Result<Self, Error> {
|
||||||
|
|
||||||
@ -168,7 +167,7 @@ impl DataBlob {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Decode blob data
|
/// Decode blob data
|
||||||
pub fn decode(self, config: Option<Arc<CryptConfig>>) -> Result<Vec<u8>, Error> {
|
pub fn decode(self, config: Option<&CryptConfig>) -> Result<Vec<u8>, Error> {
|
||||||
|
|
||||||
let magic = self.magic();
|
let magic = self.magic();
|
||||||
|
|
||||||
@ -225,7 +224,7 @@ impl DataBlob {
|
|||||||
/// Create a signed DataBlob, optionally compressed
|
/// Create a signed DataBlob, optionally compressed
|
||||||
pub fn create_signed(
|
pub fn create_signed(
|
||||||
data: &[u8],
|
data: &[u8],
|
||||||
config: Arc<CryptConfig>,
|
config: &CryptConfig,
|
||||||
compress: bool,
|
compress: bool,
|
||||||
) -> Result<Self, Error> {
|
) -> Result<Self, Error> {
|
||||||
|
|
||||||
@ -348,15 +347,15 @@ impl DataBlob {
|
|||||||
/// Main purpose is to centralize digest computation. Digest
|
/// Main purpose is to centralize digest computation. Digest
|
||||||
/// computation differ for encryped chunk, and this interface ensures that
|
/// computation differ for encryped chunk, and this interface ensures that
|
||||||
/// we always compute the correct one.
|
/// we always compute the correct one.
|
||||||
pub struct DataChunkBuilder<'a> {
|
pub struct DataChunkBuilder<'a, 'b> {
|
||||||
config: Option<Arc<CryptConfig>>,
|
config: Option<&'b CryptConfig>,
|
||||||
orig_data: &'a [u8],
|
orig_data: &'a [u8],
|
||||||
digest_computed: bool,
|
digest_computed: bool,
|
||||||
digest: [u8; 32],
|
digest: [u8; 32],
|
||||||
compress: bool,
|
compress: bool,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl <'a> DataChunkBuilder<'a> {
|
impl <'a, 'b> DataChunkBuilder<'a, 'b> {
|
||||||
|
|
||||||
/// Create a new builder instance.
|
/// Create a new builder instance.
|
||||||
pub fn new(orig_data: &'a [u8]) -> Self {
|
pub fn new(orig_data: &'a [u8]) -> Self {
|
||||||
@ -380,7 +379,7 @@ impl <'a> DataChunkBuilder<'a> {
|
|||||||
/// Set encryption Configuration
|
/// Set encryption Configuration
|
||||||
///
|
///
|
||||||
/// If set, chunks are encrypted.
|
/// If set, chunks are encrypted.
|
||||||
pub fn crypt_config(mut self, value: Arc<CryptConfig>) -> Self {
|
pub fn crypt_config(mut self, value: &'b CryptConfig) -> Self {
|
||||||
if self.digest_computed {
|
if self.digest_computed {
|
||||||
panic!("unable to set crypt_config after compute_digest().");
|
panic!("unable to set crypt_config after compute_digest().");
|
||||||
}
|
}
|
||||||
|
|||||||
@ -35,7 +35,7 @@ impl ReadChunk for LocalChunkReader {
|
|||||||
let chunk = DataBlob::from_raw(raw_data)?;
|
let chunk = DataBlob::from_raw(raw_data)?;
|
||||||
chunk.verify_crc()?;
|
chunk.verify_crc()?;
|
||||||
|
|
||||||
let raw_data = chunk.decode(self.crypt_config.clone())?;
|
let raw_data = chunk.decode(self.crypt_config.as_ref().map(Arc::as_ref))?;
|
||||||
|
|
||||||
// fixme: verify digest?
|
// fixme: verify digest?
|
||||||
|
|
||||||
|
|||||||
@ -888,7 +888,7 @@ async fn download_index_blob(client: Arc<BackupReader>, crypt_config: Option<Arc
|
|||||||
let index_data = client.download(INDEX_BLOB_NAME, Vec::with_capacity(64*1024)).await?;
|
let index_data = client.download(INDEX_BLOB_NAME, Vec::with_capacity(64*1024)).await?;
|
||||||
let blob = DataBlob::from_raw(index_data)?;
|
let blob = DataBlob::from_raw(index_data)?;
|
||||||
blob.verify_crc()?;
|
blob.verify_crc()?;
|
||||||
blob.decode(crypt_config)
|
blob.decode(crypt_config.as_ref().map(Arc::as_ref))
|
||||||
}
|
}
|
||||||
|
|
||||||
fn verify_index_file(backup_index: &Value, name: &str, csum: &[u8; 32], size: u64) -> Result<(), Error> {
|
fn verify_index_file(backup_index: &Value, name: &str, csum: &[u8; 32], size: u64) -> Result<(), Error> {
|
||||||
@ -1159,7 +1159,7 @@ fn upload_log(
|
|||||||
|
|
||||||
let data = file_get_contents(logfile)?;
|
let data = file_get_contents(logfile)?;
|
||||||
|
|
||||||
let blob = DataBlob::encode(&data, crypt_config, true)?;
|
let blob = DataBlob::encode(&data, crypt_config.as_ref().map(Arc::as_ref), true)?;
|
||||||
|
|
||||||
let raw_data = blob.into_inner();
|
let raw_data = blob.into_inner();
|
||||||
|
|
||||||
|
|||||||
@ -674,7 +674,7 @@ impl BackupClient {
|
|||||||
sign_only: bool,
|
sign_only: bool,
|
||||||
) -> Result<BackupStats, Error> {
|
) -> Result<BackupStats, Error> {
|
||||||
|
|
||||||
let blob = if let Some(crypt_config) = crypt_config {
|
let blob = if let Some(ref crypt_config) = crypt_config {
|
||||||
if sign_only {
|
if sign_only {
|
||||||
DataBlob::create_signed(&data, crypt_config, compress)?
|
DataBlob::create_signed(&data, crypt_config, compress)?
|
||||||
} else {
|
} else {
|
||||||
@ -713,7 +713,7 @@ impl BackupClient {
|
|||||||
.await
|
.await
|
||||||
.map_err(|err| format_err!("unable to read file {:?} - {}", src_path, err))?;
|
.map_err(|err| format_err!("unable to read file {:?} - {}", src_path, err))?;
|
||||||
|
|
||||||
let blob = DataBlob::encode(&contents, crypt_config, compress)?;
|
let blob = DataBlob::encode(&contents, crypt_config.as_ref().map(AsRef::as_ref), compress)?;
|
||||||
let raw_data = blob.into_inner();
|
let raw_data = blob.into_inner();
|
||||||
let size = raw_data.len() as u64;
|
let size = raw_data.len() as u64;
|
||||||
let csum = openssl::sha::sha256(&raw_data);
|
let csum = openssl::sha::sha256(&raw_data);
|
||||||
@ -936,7 +936,7 @@ impl BackupClient {
|
|||||||
.compress(true);
|
.compress(true);
|
||||||
|
|
||||||
if let Some(ref crypt_config) = crypt_config {
|
if let Some(ref crypt_config) = crypt_config {
|
||||||
chunk_builder = chunk_builder.crypt_config(crypt_config.clone());
|
chunk_builder = chunk_builder.crypt_config(crypt_config);
|
||||||
}
|
}
|
||||||
|
|
||||||
let mut known_chunks = known_chunks.lock().unwrap();
|
let mut known_chunks = known_chunks.lock().unwrap();
|
||||||
|
|||||||
@ -46,7 +46,7 @@ impl ReadChunk for RemoteChunkReader {
|
|||||||
let chunk = DataBlob::from_raw(chunk_data)?;
|
let chunk = DataBlob::from_raw(chunk_data)?;
|
||||||
chunk.verify_crc()?;
|
chunk.verify_crc()?;
|
||||||
|
|
||||||
let raw_data = chunk.decode(self.crypt_config.clone())?;
|
let raw_data = chunk.decode(self.crypt_config.as_ref().map(Arc::as_ref))?;
|
||||||
|
|
||||||
// fixme: verify chunk digest
|
// fixme: verify chunk digest
|
||||||
|
|
||||||
|
|||||||
@ -53,7 +53,7 @@ fn verify_test_blob(mut cursor: Cursor<Vec<u8>>) -> Result<(), Error> {
|
|||||||
let blob = DataBlob::from_raw(raw_data)?;
|
let blob = DataBlob::from_raw(raw_data)?;
|
||||||
blob.verify_crc()?;
|
blob.verify_crc()?;
|
||||||
|
|
||||||
let data = blob.decode(Some(CRYPT_CONFIG.clone()))?;
|
let data = blob.decode(Some(&CRYPT_CONFIG))?;
|
||||||
if data != *TEST_DATA {
|
if data != *TEST_DATA {
|
||||||
bail!("blob data is wrong (decode)");
|
bail!("blob data is wrong (decode)");
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user