67 lines
2.4 KiB
Diff
67 lines
2.4 KiB
Diff
|
From 25e5738568b2a021de3a79af3282b2b5feaee9e8 Mon Sep 17 00:00:00 2001
|
||
|
From: Alex Auvolat <alex@adnab.me>
|
||
|
Date: Mon, 12 Feb 2024 10:42:17 +0100
|
||
|
Subject: [PATCH] [fix-secrets-695] take into account rpc secret from file for
|
||
|
cli commands (fix #695)
|
||
|
|
||
|
---
|
||
|
src/garage/main.rs | 23 +++++++++++++++--------
|
||
|
src/garage/secrets.rs | 2 +-
|
||
|
2 files changed, 16 insertions(+), 9 deletions(-)
|
||
|
|
||
|
diff --git a/src/garage/main.rs b/src/garage/main.rs
|
||
|
index 5c92dae4..1a6a6e32 100644
|
||
|
--- a/src/garage/main.rs
|
||
|
+++ b/src/garage/main.rs
|
||
|
@@ -174,7 +174,9 @@ async fn main() {
|
||
|
}
|
||
|
|
||
|
async fn cli_command(opt: Opt) -> Result<(), Error> {
|
||
|
- let config = if opt.secrets.rpc_secret.is_none() || opt.rpc_host.is_none() {
|
||
|
+ let config = if (opt.secrets.rpc_secret.is_none() && opt.secrets.rpc_secret_file.is_none())
|
||
|
+ || opt.rpc_host.is_none()
|
||
|
+ {
|
||
|
Some(garage_util::config::read_config(opt.config_file.clone())
|
||
|
.err_context(format!("Unable to read configuration file {}. Configuration file is needed because -h or -s is not provided on the command line.", opt.config_file.to_string_lossy()))?)
|
||
|
} else {
|
||
|
@@ -182,14 +184,19 @@ async fn cli_command(opt: Opt) -> Result<(), Error> {
|
||
|
};
|
||
|
|
||
|
// Find and parse network RPC secret
|
||
|
- let net_key_hex_str = opt
|
||
|
- .secrets
|
||
|
- .rpc_secret
|
||
|
- .as_ref()
|
||
|
- .or_else(|| config.as_ref().and_then(|c| c.rpc_secret.as_ref()))
|
||
|
- .ok_or("No RPC secret provided")?;
|
||
|
+ let mut rpc_secret = config.as_ref().and_then(|c| c.rpc_secret.clone());
|
||
|
+ secrets::fill_secret(
|
||
|
+ &mut rpc_secret,
|
||
|
+ &config.as_ref().and_then(|c| c.rpc_secret_file.clone()),
|
||
|
+ &opt.secrets.rpc_secret,
|
||
|
+ &opt.secrets.rpc_secret_file,
|
||
|
+ "rpc_secret",
|
||
|
+ true,
|
||
|
+ )?;
|
||
|
+
|
||
|
+ let net_key_hex_str = rpc_secret.ok_or("No RPC secret provided")?;
|
||
|
let network_key = NetworkKey::from_slice(
|
||
|
- &hex::decode(net_key_hex_str).err_context("Invalid RPC secret key (bad hex)")?[..],
|
||
|
+ &hex::decode(&net_key_hex_str).err_context("Invalid RPC secret key (bad hex)")?[..],
|
||
|
)
|
||
|
.ok_or("Invalid RPC secret provided (wrong length)")?;
|
||
|
|
||
|
diff --git a/src/garage/secrets.rs b/src/garage/secrets.rs
|
||
|
index 8c89a262..a2c64cef 100644
|
||
|
--- a/src/garage/secrets.rs
|
||
|
+++ b/src/garage/secrets.rs
|
||
|
@@ -83,7 +83,7 @@ pub fn fill_secrets(mut config: Config, secrets: Secrets) -> Result<Config, Erro
|
||
|
Ok(config)
|
||
|
}
|
||
|
|
||
|
-fn fill_secret(
|
||
|
+pub(crate) fn fill_secret(
|
||
|
config_secret: &mut Option<String>,
|
||
|
config_secret_file: &Option<String>,
|
||
|
cli_secret: &Option<String>,
|