diff --git a/src/bin/proxmox-backup-client.rs b/src/bin/proxmox-backup-client.rs index ff7325d6..5fe1e271 100644 --- a/src/bin/proxmox-backup-client.rs +++ b/src/bin/proxmox-backup-client.rs @@ -754,7 +754,10 @@ async fn create_backup( verify_chunk_size(size)?; } - let keyfile = param["keyfile"].as_str().map(PathBuf::from); + let keyfile = match param["keyfile"].as_str() { + Some(path) => Some(PathBuf::from(path)), + None => key::optional_default_key_path()?, + }; let backup_id = param["backup-id"].as_str().unwrap_or(&proxmox::tools::nodename()); @@ -1149,7 +1152,10 @@ async fn restore(param: Value) -> Result { let target = tools::required_string_param(¶m, "target")?; let target = if target == "-" { None } else { Some(target) }; - let keyfile = param["keyfile"].as_str().map(PathBuf::from); + let keyfile = match param["keyfile"].as_str() { + Some(path) => Some(PathBuf::from(path)), + None => key::optional_default_key_path()?, + }; let crypt_config = match keyfile { None => None, @@ -1293,7 +1299,10 @@ async fn upload_log(param: Value) -> Result { let mut client = connect(repo.host(), repo.user())?; - let keyfile = param["keyfile"].as_str().map(PathBuf::from); + let keyfile = match param["keyfile"].as_str() { + Some(path) => Some(PathBuf::from(path)), + None => key::optional_default_key_path()?, + }; let crypt_config = match keyfile { None => None, diff --git a/src/bin/proxmox_backup_client/key.rs b/src/bin/proxmox_backup_client/key.rs index 290af5f9..95487dfa 100644 --- a/src/bin/proxmox_backup_client/key.rs +++ b/src/bin/proxmox_backup_client/key.rs @@ -53,6 +53,16 @@ pub fn get_encryption_key_password() -> Result, Error> { bail!("no password input mechanism available"); } +/// Convenience helper to get the default key file path only if it exists. +pub fn optional_default_key_path() -> Result, Error> { + let path = default_encryption_key_path()?; + Ok(if path.exists() { + Some(path) + } else { + None + }) +} + #[api( default: "scrypt", )]