Browse Source

gfsec-use: Read restore/destroy commands from config.

Gfsec-use can read the commands to execute to restore and
destroy the secret from the configuration file.
master
Damien Goutte-Gattat 4 years ago
parent
commit
21c2419860
  1. 8
      src/gfsec-use.c
  2. 8
      src/secret.c
  3. 4
      src/secret.h
  4. 4
      src/secretcfg.c

8
src/gfsec-use.c

@ -257,9 +257,15 @@ main(int argc, char **argv)
errx(EXIT_FAILURE, _("%s (line %u): %s"), cfg_path, u, gfsec_error_string(c));
}
if ( ! output_file && ! restore_cmd && !(output_file = cfg->filename) )
if ( ! output_file &&
! restore_cmd &&
! (output_file = cfg->filename) &&
! (restore_cmd = cfg->restore) )
errx(EXIT_FAILURE, _("No output file or restore command specified"));
if ( ! delete_cmd )
delete_cmd = cfg->destroy;
if ( restore_cmd && ! delete_cmd )
keep = 1;

8
src/secret.c

@ -283,6 +283,8 @@ gfsec_secret_new(void)
s = xmalloc(sizeof(*s));
s->filename = NULL;
s->restore = NULL;
s->destroy = NULL;
s->data = NULL;
s->len = 0;
@ -605,6 +607,12 @@ gfsec_secret_free(gfsec_secret_t *secret)
if ( secret->filename )
free(secret->filename);
if ( secret->restore )
free(secret->restore);
if ( secret->destroy )
free(secret->destroy);
if ( secret->data )
free(secret->data);

4
src/secret.h

@ -65,6 +65,10 @@ typedef struct gfsec_secret {
/* The location of the reconstituted secret. */
char *filename;
/* The restore/delete commands. */
char *restore;
char *destroy;
/* The secret's actual data. */
unsigned char *data;
size_t len;

4
src/secretcfg.c

@ -356,6 +356,10 @@ gfsec_read_config(gfsec_secret_t **cfg,
; /* Comment or empty line */
else if ( strncmp("OUTFILE=", buffer, 8) == 0 )
(*cfg)->filename = xstrdup(buffer + 8);
else if ( strncmp("RESTORE=", buffer, 8) == 0 )
(*cfg)->restore = xstrdup(buffer + 8);
else if ( strncmp("DESTROY=", buffer, 8) == 0 )
(*cfg)->destroy = xstrdup(buffer + 8);
else if ( strncmp("MINSHARES=", buffer, 10) == 0 ) {
char *endptr;
unsigned long l;

Loading…
Cancel
Save