lxc/incus
1
0
Fork 0
mirror of https://github.com/lxc/incus.git synced 2026-02-05 09:46:19 +01:00
Code Issues Releases Activity

global: Update for shared/cert

Browse Source 
Signed-off-by: Stéphane Graber <stgraber@stgraber.org>
This commit is contained in:
Stéphane Graber
2023-09-07 20:16:01 -04:00
parent a64eb15544
commit ae8a1c1c30
64 changed files with 223 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/incus-user/proxy.go
View File

@@ -12,6 +12,7 @@ import (
"github.com/lxc/incus/incusd/ucred"
"github.com/lxc/incus/shared"
localtls "github.com/lxc/incus/shared/tls"
)
func tlsConfig(uid uint32) (*tls.Config, error) {
@@ -44,7 +45,7 @@ func tlsConfig(uid uint32) (*tls.Config, error) {
tlsServerCert := string(content)
return shared.GetTLSConfigMem(tlsClientCert, tlsClientKey, "", tlsServerCert, false)
return localtls.GetTLSConfigMem(tlsClientCert, tlsClientKey, "", tlsServerCert, false)
}
func proxyConnection(conn *net.UnixConn) {

7
cmd/incus-user/server.go
View File

@@ -13,6 +13,7 @@ import (
"github.com/lxc/incus/shared"
"github.com/lxc/incus/shared/api"
"github.com/lxc/incus/shared/subprocess"
localtls "github.com/lxc/incus/shared/tls"
)
func serverIsConfigured(client incus.InstanceServer) (bool, error) {
@@ -167,7 +168,7 @@ func serverSetupUser(uid uint32) error {
revert.Add(func() { _ = os.RemoveAll(userPath) })
// Generate certificate.
err = shared.FindOrGenCert(filepath.Join(userPath, "client.crt"), filepath.Join(userPath, "client.key"), true, false)
err = localtls.FindOrGenCert(filepath.Join(userPath, "client.crt"), filepath.Join(userPath, "client.key"), true, false)
if err != nil {
return fmt.Errorf("Failed to generate user certificate: %w", err)
}
@@ -218,7 +219,7 @@ func serverSetupUser(uid uint32) error {
}
// Parse the certificate.
x509Cert, err := shared.ReadCert(filepath.Join(userPath, "client.crt"))
x509Cert, err := localtls.ReadCert(filepath.Join(userPath, "client.crt"))
if err != nil {
return fmt.Errorf("Unable to read user certificate: %w", err)
}
@@ -237,7 +238,7 @@ func serverSetupUser(uid uint32) error {
return fmt.Errorf("Unable to add user certificate: %w", err)
}
revert.Add(func() { _ = client.DeleteCertificate(shared.CertFingerprint(x509Cert)) })
revert.Add(func() { _ = client.DeleteCertificate(localtls.CertFingerprint(x509Cert)) })
// Create user-specific bridge.
network := api.NetworksPost{}