all lists on lists.proxmox.com
 help / color / mirror / Atom feed
* [pbs-devel] [PATCH proxmox-backup] upload_custom_certificate api: make key optional
@ 2024-01-18 13:15 Dietmar Maurer
  2024-01-18 15:36 ` [pbs-devel] applied: " Thomas Lamprecht
  0 siblings, 1 reply; 2+ messages in thread
From: Dietmar Maurer @ 2024-01-18 13:15 UTC (permalink / raw)
  To: pbs-devel

Use existing key if not specified (same as PVE API).

Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
---
 src/api2/node/certificates.rs | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/src/api2/node/certificates.rs b/src/api2/node/certificates.rs
index e86840a7..b44697c4 100644
--- a/src/api2/node/certificates.rs
+++ b/src/api2/node/certificates.rs
@@ -1,3 +1,4 @@
+use std::path::PathBuf;
 use std::sync::Arc;
 use std::time::Duration;
 
@@ -163,7 +164,10 @@ pub fn get_info() -> Result<Vec<CertificateInfo>, Error> {
         properties: {
             node: { schema: NODE_SCHEMA },
             certificates: { description: "PEM encoded certificate (chain)." },
-            key: { description: "PEM encoded private key." },
+            key: {
+                description: "PEM encoded private key.",
+                optional: true,
+            },
             // FIXME: widget-toolkit should have an option to disable using these 2 parameters...
             restart: {
                 description: "UI compatibility parameter, ignored",
@@ -192,10 +196,19 @@ pub fn get_info() -> Result<Vec<CertificateInfo>, Error> {
 /// Upload a custom certificate.
 pub async fn upload_custom_certificate(
     certificates: String,
-    key: String,
+    key: Option<String>,
 ) -> Result<Vec<CertificateInfo>, Error> {
     let certificates = X509::stack_from_pem(certificates.as_bytes())
         .map_err(|err| format_err!("failed to decode certificate chain: {}", err))?;
+
+    let key = match key {
+        Some(key) => key,
+        None => {
+            let key_path = PathBuf::from(configdir!("/proxy.key"));
+            proxmox_sys::fs::file_read_string(key_path)?
+        }
+    };
+
     let key = PKey::private_key_from_pem(key.as_bytes())
         .map_err(|err| format_err!("failed to parse private key: {}", err))?;
 
-- 
2.39.2




^ permalink raw reply	[flat|nested] 2+ messages in thread
* [pbs-devel] applied: [PATCH proxmox-backup] upload_custom_certificate api: make key optional
  2024-01-18 13:15 [pbs-devel] [PATCH proxmox-backup] upload_custom_certificate api: make key optional Dietmar Maurer
@ 2024-01-18 15:36 ` Thomas Lamprecht
  0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2024-01-18 15:36 UTC (permalink / raw)
  To: Proxmox Backup Server development discussion, Dietmar Maurer

Am 18/01/2024 um 14:15 schrieb Dietmar Maurer:
> Use existing key if not specified (same as PVE API).
> 
> Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
> ---
>  src/api2/node/certificates.rs | 17 +++++++++++++++--
>  1 file changed, 15 insertions(+), 2 deletions(-)
> 
>

applied, thanks!




^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-01-18 15:37 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-01-18 13:15 [pbs-devel] [PATCH proxmox-backup] upload_custom_certificate api: make key optional Dietmar Maurer
2024-01-18 15:36 ` [pbs-devel] applied: " Thomas Lamprecht

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal