From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 0575175E08; Thu, 22 Apr 2021 17:35:40 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id E55731EB6B; Thu, 22 Apr 2021 17:35:09 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 1D9321EB0C; Thu, 22 Apr 2021 17:35:04 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id E367F463D4; Thu, 22 Apr 2021 17:35:03 +0200 (CEST) From: Stefan Reiter To: pve-devel@lists.proxmox.com, pbs-devel@lists.proxmox.com Date: Thu, 22 Apr 2021 17:34:46 +0200 Message-Id: <20210422153457.12265-3-s.reiter@proxmox.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210422153457.12265-1-s.reiter@proxmox.com> References: <20210422153457.12265-1-s.reiter@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.030 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pbs-devel] [PATCH v2 proxmox-backup 02/13] client-tools: add crypto_parameters_keep_fd X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Apr 2021 15:35:40 -0000 same functionality as crypto_parameters, except it keeps the file descriptor passed as "keyfd" open (and seeks to the beginning after reading), if one is given. Signed-off-by: Stefan Reiter --- new in v2 src/bin/proxmox_client_tools/key_source.rs | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/src/bin/proxmox_client_tools/key_source.rs b/src/bin/proxmox_client_tools/key_source.rs index 0ad06bb0..fee00723 100644 --- a/src/bin/proxmox_client_tools/key_source.rs +++ b/src/bin/proxmox_client_tools/key_source.rs @@ -86,6 +86,14 @@ pub struct CryptoParams { } pub fn crypto_parameters(param: &Value) -> Result { + do_crypto_parameters(param, false) +} + +pub fn crypto_parameters_keep_fd(param: &Value) -> Result { + do_crypto_parameters(param, true) +} + +fn do_crypto_parameters(param: &Value, keep_keyfd_open: bool) -> Result { let keyfile = match param.get("keyfile") { Some(Value::String(keyfile)) => Some(keyfile), Some(_) => bail!("bad --keyfile parameter type"), @@ -135,11 +143,16 @@ pub fn crypto_parameters(param: &Value) -> Result { file_get_contents(keyfile)?, )), (None, Some(fd)) => { - let input = unsafe { std::fs::File::from_raw_fd(fd) }; + let mut input = unsafe { std::fs::File::from_raw_fd(fd) }; let mut data = Vec::new(); - let _len: usize = { input }.read_to_end(&mut data).map_err(|err| { + let _len: usize = input.read_to_end(&mut data).map_err(|err| { format_err!("error reading encryption key from fd {}: {}", fd, err) })?; + if keep_keyfd_open { + // don't close fd if requested, and try to reset seek position + std::mem::forget(input); + unsafe { libc::lseek(fd, 0, libc::SEEK_SET); } + } Some(KeyWithSource::from_fd(data)) } }; -- 2.20.1