+use std::path::PathBuf;
+
use anyhow::{bail, format_err, Error};
use lazy_static::lazy_static;
-
-use openssl::rsa::{Rsa};
-use openssl::pkey::{PKey, Public, Private};
+use openssl::pkey::{PKey, Private, Public};
+use openssl::rsa::Rsa;
use openssl::sha;
-use std::path::PathBuf;
-
use proxmox::tools::fs::{file_get_contents, replace_file, CreateOptions};
-use proxmox::try_block;
+use proxmox_lang::try_block;
use pbs_buildcfg::configdir;
-
-use crate::api2::types::Userid;
+use pbs_api_types::Userid;
fn compute_csrf_secret_digest(
timestamp: i64,
userid: &Userid,
) -> String {
- let epoch = proxmox::tools::time::epoch_i64();
+ let epoch = proxmox_time::epoch_i64();
let digest = compute_csrf_secret_digest(epoch, secret, userid);
bail!("invalid signature.");
}
- let now = proxmox::tools::time::epoch_i64();
+ let now = proxmox_time::epoch_i64();
let age = now - ttime;
if age < min_age {
use nix::sys::stat::Mode;
- let backup_user = crate::backup::backup_user()?;
+ let backup_user = pbs_config::backup_user()?;
replace_file(
&path,
.perm(Mode::from_bits_truncate(0o0640))
.owner(nix::unistd::ROOT)
.group(backup_user.gid),
+ true,
)?;
Ok(())
use nix::sys::stat::Mode;
replace_file(
- &priv_path, &priv_pem, CreateOptions::new().perm(Mode::from_bits_truncate(0o0600)))?;
+ &priv_path,
+ &priv_pem,
+ CreateOptions::new().perm(Mode::from_bits_truncate(0o0600)),
+ true,
+ )?;
let public_pem = rsa.public_key_to_pem()?;
- let backup_user = crate::backup::backup_user()?;
+ let backup_user = pbs_config::backup_user()?;
replace_file(
&public_path,
.perm(Mode::from_bits_truncate(0o0640))
.owner(nix::unistd::ROOT)
.group(backup_user.gid),
+ true,
)?;
Ok(())
&SECRET
}
-fn load_private_auth_key() -> Result<PKey<Private>, Error> {
+fn load_public_auth_key() -> Result<PKey<Public>, Error> {
- let pem = file_get_contents(configdir!("/authkey.key"))?;
- let rsa = Rsa::private_key_from_pem(&pem)?;
+ let pem = file_get_contents(configdir!("/authkey.pub"))?;
+ let rsa = Rsa::public_key_from_pem(&pem)?;
let key = PKey::from_rsa(rsa)?;
Ok(key)
}
-pub fn private_auth_key() -> &'static PKey<Private> {
+pub fn public_auth_key() -> &'static PKey<Public> {
lazy_static! {
- static ref KEY: PKey<Private> = load_private_auth_key().unwrap();
+ static ref KEY: PKey<Public> = load_public_auth_key().unwrap();
}
&KEY
}
-fn load_public_auth_key() -> Result<PKey<Public>, Error> {
-
- let pem = file_get_contents(configdir!("/authkey.pub"))?;
- let rsa = Rsa::public_key_from_pem(&pem)?;
+fn load_private_auth_key() -> Result<PKey<Private>, Error> {
+ let pem = file_get_contents(configdir!("/authkey.key"))?;
+ let rsa = Rsa::private_key_from_pem(&pem)?;
let key = PKey::from_rsa(rsa)?;
Ok(key)
}
-pub fn public_auth_key() -> &'static PKey<Public> {
-
+pub fn private_auth_key() -> &'static PKey<Private> {
lazy_static! {
- static ref KEY: PKey<Public> = load_public_auth_key().unwrap();
+ static ref KEY: PKey<Private> = load_private_auth_key().unwrap();
}
&KEY