remotes: save passwords as base64
to avoid having arbitrary characters in the config (e.g. newlines) note that this breaks existings configs Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
parent
1a0d3d11d2
commit
de4db62c57
|
@ -1,6 +1,7 @@
|
||||||
use anyhow::{bail, Error};
|
use anyhow::{bail, Error};
|
||||||
use serde_json::Value;
|
use serde_json::Value;
|
||||||
use ::serde::{Deserialize, Serialize};
|
use ::serde::{Deserialize, Serialize};
|
||||||
|
use base64;
|
||||||
|
|
||||||
use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission};
|
use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission};
|
||||||
|
|
||||||
|
@ -75,11 +76,13 @@ pub fn list_remotes(
|
||||||
},
|
},
|
||||||
)]
|
)]
|
||||||
/// Create new remote.
|
/// Create new remote.
|
||||||
pub fn create_remote(param: Value) -> Result<(), Error> {
|
pub fn create_remote(password: String, param: Value) -> Result<(), Error> {
|
||||||
|
|
||||||
let _lock = crate::tools::open_file_locked(remote::REMOTE_CFG_LOCKFILE, std::time::Duration::new(10, 0))?;
|
let _lock = crate::tools::open_file_locked(remote::REMOTE_CFG_LOCKFILE, std::time::Duration::new(10, 0))?;
|
||||||
|
|
||||||
let remote: remote::Remote = serde_json::from_value(param.clone())?;
|
let mut data = param.clone();
|
||||||
|
data["password"] = Value::from(base64::encode(password.as_bytes()));
|
||||||
|
let remote: remote::Remote = serde_json::from_value(data)?;
|
||||||
|
|
||||||
let (mut config, _digest) = remote::config()?;
|
let (mut config, _digest) = remote::config()?;
|
||||||
|
|
||||||
|
|
|
@ -60,6 +60,7 @@ pub struct Remote {
|
||||||
pub host: String,
|
pub host: String,
|
||||||
pub userid: String,
|
pub userid: String,
|
||||||
#[serde(skip_serializing_if="String::is_empty")]
|
#[serde(skip_serializing_if="String::is_empty")]
|
||||||
|
#[serde(with = "proxmox::tools::serde::string_as_base64")]
|
||||||
pub password: String,
|
pub password: String,
|
||||||
#[serde(skip_serializing_if="Option::is_none")]
|
#[serde(skip_serializing_if="Option::is_none")]
|
||||||
pub fingerprint: Option<String>,
|
pub fingerprint: Option<String>,
|
||||||
|
|
Loading…
Reference in New Issue