git.proxmox.com Git - mirror

author	Jason King <jasonbking@users.noreply.github.com>
	Tue, 28 Apr 2020 17:55:18 +0000 (12:55 -0500)
committer	GitHub <noreply@github.com>
	Tue, 28 Apr 2020 17:55:18 +0000 (10:55 -0700)
commit	c14ca1456e6e7b2fdfd7578207c7f1866c852a77
tree	4f27b9c4b81a394405a08665b4745bff9c572880	tree
parent	89a6610ed053359d2299715e519d06d2ca5c053f	commit \| diff

Support custom URI schemes for the keylocation property

Every platform has their own preferred methods for implementing URI
schemes beyond the currently supported file scheme (e.g. 'https' on
FreeBSD would likely use libfetch, while Linux distros and illumos
would probably use libcurl, etc). It would be helpful if libzfs can
be extended to support additional schemes in a simple manner.

A table of (scheme, handler_function) pairs is added to libzfs_crypto.c,
and the existing functions in libzfs_crypto.c so that when the key
format is ZFS_KEYFORMAT_URI, the scheme from the URI string is
extracted, and a matching handler it located in the aforementioned
table (returning an error if no matching handler is found). The handler
function is then invoked to retrieve the key material (in the format
specified by the keyformat property) and the key is loaded or the
handler can return an error to abort the key loading process.

Reviewed by: Sean Eric Fagan <sef@ixsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Jason King <jason.king@joyent.com>
Closes #10218

include/libzfs_impl.h		diff \| blob \| blame \| history
lib/libzfs/libzfs_crypto.c		diff \| blob \| blame \| history
lib/libzfs/libzfs_util.c		diff \| blob \| blame \| history