]>
git.proxmox.com Git - ceph.git/blob - ceph/src/common/secret.c
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
4 * Ceph - scalable distributed file system
6 * Copyright (C) 2011 New Dream Network
8 * This is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License version 2.1, as published by the Free Software
11 * Foundation. See file COPYING.
22 #include "include/compat.h"
23 #include "common/armor.h"
24 #include "common/safe_io.h"
26 int read_secret_from_file(const char *filename
, char *secret
, size_t max_len
)
32 fd
= open(filename
, O_RDONLY
);
34 perror("unable to read secretfile");
37 len
= safe_read(fd
, secret
, max_len
);
39 perror("unable to read secret from file");
41 return len
? len
: -ENODATA
;
44 while (end
< secret
+ len
&& *end
&& *end
!= '\n' && *end
!= '\r')
52 int set_kernel_secret(const char *secret
, const char *key_name
)
54 /* try to submit key to kernel via the keys api */
57 int secret_len
= strlen(secret
);
58 char payload
[((secret_len
* 3) / 4) + 4];
61 fprintf(stderr
, "secret is empty.\n");
65 ret
= ceph_unarmor(payload
, payload
+sizeof(payload
), secret
, secret
+secret_len
);
68 fprintf(stderr
, "secret is not valid base64: %s.\n",
69 ceph_strerror_r(-ret
, error_buf
, sizeof(error_buf
)));
73 serial
= add_key("ceph", key_name
, payload
, ret
, KEY_SPEC_PROCESS_KEYRING
);
81 int is_kernel_secret(const char *key_name
)
84 serial
= request_key("ceph", key_name
, NULL
, KEY_SPEC_USER_KEYRING
);