proxmox-mirrors/proxmox-backup
1
0
Fork 1
mirror of https://git.proxmox.com/git/proxmox-backup synced 2025-08-06 07:42:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

CertificateInfo: make filename non-optional

Browse Source 
It is used as idProperty in the GUI.
This commit is contained in:
Dietmar Maurer 2024-01-16 14:14:13 +01:00
parent 06009635f6
commit be8f4742ec
1 changed files with 23 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
src/api2/node/certificates.rs
View File

@ -64,8 +64,7 @@ const ACME_SUBDIRS: SubdirMap = &[(
#[serde(rename_all = "kebab-case")] #[serde(rename_all = "kebab-case")]
pub struct CertificateInfo { pub struct CertificateInfo {
/// Certificate file name. /// Certificate file name.
#[serde(skip_serializing_if = "Option::is_none")] pub filename: String,
pub filename: Option<String>,
/// Certificate subject name. /// Certificate subject name.
pub subject: String, pub subject: String,
@ -100,38 +99,6 @@ pub struct CertificateInfo {
pub fingerprint: Option<String>, pub fingerprint: Option<String>,
} }
impl TryFrom<&cert::CertInfo> for CertificateInfo {
type Error = Error;
fn try_from(info: &cert::CertInfo) -> Result<Self, Self::Error> {
let pubkey = info.public_key()?;
Ok(Self {
filename: None,
subject: info.subject_name()?,
san: info
.subject_alt_names()
.map(|san| {
san.into_iter()
// FIXME: Support `.ipaddress()`?
.filter_map(|name| name.dnsname().map(str::to_owned))
.collect()
})
.unwrap_or_default(),
issuer: info.issuer_name()?,
notbefore: info.not_before_unix().ok(),
notafter: info.not_after_unix().ok(),
pem: None,
public_key_type: openssl::nid::Nid::from_raw(pubkey.id().as_raw())
.long_name()
.unwrap_or("<unsupported key type>")
.to_owned(),
public_key_bits: Some(pubkey.bits()),
fingerprint: Some(info.fingerprint()?),
})
}
}
fn get_certificate_pem() -> Result<String, Error> { fn get_certificate_pem() -> Result<String, Error> {
let cert_path = configdir!("/proxy.pem"); let cert_path = configdir!("/proxy.pem");
let cert_pem = proxmox_sys::fs::file_get_contents(cert_path)?; let cert_pem = proxmox_sys::fs::file_get_contents(cert_path)?;
@ -163,12 +130,31 @@ fn pem_to_cert_info(pem: &[u8]) -> Result<cert::CertInfo, Error> {
/// Get certificate info. /// Get certificate info.
pub fn get_info() -> Result<Vec<CertificateInfo>, Error> { pub fn get_info() -> Result<Vec<CertificateInfo>, Error> {
let cert_pem = get_certificate_pem()?; let cert_pem = get_certificate_pem()?;
let cert = pem_to_cert_info(cert_pem.as_bytes())?; let info = pem_to_cert_info(cert_pem.as_bytes())?;
let pubkey = info.public_key()?;
Ok(vec![CertificateInfo { Ok(vec![CertificateInfo {
filename: Some("proxy.pem".to_string()), // we only have the one filename: "proxy.pem".to_string(), // we only have the one
pem: Some(cert_pem), pem: Some(cert_pem),
..CertificateInfo::try_from(&cert)? subject: info.subject_name()?,
san: info
.subject_alt_names()
.map(|san| {
san.into_iter()
// FIXME: Support `.ipaddress()`?
.filter_map(|name| name.dnsname().map(str::to_owned))
.collect()
})
.unwrap_or_default(),
issuer: info.issuer_name()?,
notbefore: info.not_before_unix().ok(),
notafter: info.not_after_unix().ok(),
public_key_type: openssl::nid::Nid::from_raw(pubkey.id().as_raw())
.long_name()
.unwrap_or("<unsupported key type>")
.to_owned(),
public_key_bits: Some(pubkey.bits()),
fingerprint: Some(info.fingerprint()?),
}]) }])
} }