tyler
/
proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

src/bin/proxmox_backup_client/catalog.rs: fix keyfile handling

This commit is contained in:
Dietmar Maurer 2020-07-10 10:36:13 +02:00
parent 62593aba1e
commit d86034afec
1 changed files with 31 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
src/bin/proxmox_backup_client/catalog.rs
View File

@ -1,6 +1,5 @@
use std::os::unix::fs::OpenOptionsExt; use std::os::unix::fs::OpenOptionsExt;
use std::io::{Seek, SeekFrom}; use std::io::{Seek, SeekFrom};
use std::path::PathBuf;
use std::sync::Arc; use std::sync::Arc;
use anyhow::{bail, format_err, Error}; use anyhow::{bail, format_err, Error};
@ -14,8 +13,12 @@ use proxmox_backup::client::*;
use crate::{ use crate::{
REPO_URL_SCHEMA, REPO_URL_SCHEMA,
KEYFD_SCHEMA,
extract_repository_from_value, extract_repository_from_value,
record_repository, record_repository,
keyfile_parameters,
key::get_encryption_key_password,
decrypt_key,
api_datastore_latest_snapshot, api_datastore_latest_snapshot,
complete_repository, complete_repository,
complete_backup_snapshot, complete_backup_snapshot,
@ -34,10 +37,6 @@ use crate::{
Shell, Shell,
}; };
use proxmox_backup::backup::load_and_decrypt_key;
use crate::key::get_encryption_key_password;
#[api( #[api(
input: { input: {
properties: { properties: {
@ -49,6 +48,15 @@ use crate::key::get_encryption_key_password;
type: String, type: String,
description: "Snapshot path.", description: "Snapshot path.",
}, },
"keyfile": {
optional: true,
type: String,
description: "Path to encryption key.",
},
"keyfd": {
schema: KEYFD_SCHEMA,
optional: true,
},
} }
} }
)] )]
@ -60,13 +68,14 @@ async fn dump_catalog(param: Value) -> Result<Value, Error> {
let path = tools::required_string_param(&param, "snapshot")?; let path = tools::required_string_param(&param, "snapshot")?;
let snapshot: BackupDir = path.parse()?; let snapshot: BackupDir = path.parse()?;
let keyfile = param["keyfile"].as_str().map(PathBuf::from); let (keydata, _) = keyfile_parameters(&param)?;
let crypt_config = match keyfile { let crypt_config = match keydata {
None => None, None => None,
Some(path) => { Some(key) => {
let (key, _) = load_and_decrypt_key(&path, &get_encryption_key_password)?; let (key, _created) = decrypt_key(&key, &get_encryption_key_password)?;
Some(Arc::new(CryptConfig::new(key)?)) let crypt_config = CryptConfig::new(key)?;
Some(Arc::new(crypt_config))
} }
}; };
@ -132,6 +141,10 @@ async fn dump_catalog(param: Value) -> Result<Value, Error> {
type: String, type: String,
description: "Path to encryption key.", description: "Path to encryption key.",
}, },
"keyfd": {
schema: KEYFD_SCHEMA,
optional: true,
},
}, },
}, },
)] )]
@ -150,12 +163,14 @@ async fn catalog_shell(param: Value) -> Result<(), Error> {
(snapshot.group().backup_type().to_owned(), snapshot.group().backup_id().to_owned(), snapshot.backup_time()) (snapshot.group().backup_type().to_owned(), snapshot.group().backup_id().to_owned(), snapshot.backup_time())
}; };
let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p)); let (keydata, _) = keyfile_parameters(&param)?;
let crypt_config = match keyfile {
let crypt_config = match keydata {
None => None, None => None,
Some(path) => { Some(key) => {
let (key, _) = load_and_decrypt_key(&path, &get_encryption_key_password)?; let (key, _created) = decrypt_key(&key, &get_encryption_key_password)?;
Some(Arc::new(CryptConfig::new(key)?)) let crypt_config = CryptConfig::new(key)?;
Some(Arc::new(crypt_config))
} }
}; };