c/mirror_zfs
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_zfs.git synced 2026-05-22 10:37:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Support custom URI schemes for the keylocation property

Browse Source 
Every platform has their own preferred methods for implementing URI 
schemes beyond the currently supported file scheme (e.g. 'https' on 
FreeBSD would likely use libfetch, while Linux distros and illumos
would probably use libcurl, etc). It would be helpful if libzfs can 
be extended to support additional schemes in a simple manner.

A table of (scheme, handler_function) pairs is added to libzfs_crypto.c, 
and the existing functions in libzfs_crypto.c so that when the key 
format is ZFS_KEYFORMAT_URI, the scheme from the URI string is 
extracted, and a matching handler it located in the aforementioned 
table (returning an error if no matching handler is found). The handler 
function is then invoked to retrieve the key material (in the format 
specified by the keyformat property) and the key is loaded or the 
handler can return an error to abort the key loading process.

Reviewed by: Sean Eric Fagan <sef@ixsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Jason King <jason.king@joyent.com>
Closes #10218
This commit is contained in:
Jason King
2020-04-28 12:55:18 -05:00
committed by GitHub
parent 89a6610ed0
commit c14ca1456e
3 changed files with 359 additions and 193 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/libzfs/libzfs_util.c
+13 -1
View File
@@ -21,7 +21,7 @@
/*
* Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, Joyent, Inc. All rights reserved.
* Copyright 2020 Joyent, Inc. All rights reserved.
* Copyright (c) 2011, 2018 by Delphix. All rights reserved.
* Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
* Copyright (c) 2017 Datto Inc.
@@ -55,6 +55,12 @@
#include <zfs_fletcher.h>
#include <libzutil.h>
/*
* We only care about the scheme in order to match the scheme
* with the handler. Each handler should validate the full URI
* as necessary.
*/
#define URI_REGEX "^\\([A-Za-z][A-Za-z0-9+.\\-]*\\):"
int
libzfs_errno(libzfs_handle_t *hdl)
@@ -881,6 +887,11 @@ libzfs_init(void)
return (NULL);
}
if (regcomp(&hdl->libzfs_urire, URI_REGEX, 0) != 0) {
free(hdl);
return (NULL);
}
if ((hdl->libzfs_fd = open(ZFS_DEV, O_RDWR|O_EXCL)) < 0) {
free(hdl);
return (NULL);
@@ -953,6 +964,7 @@ libzfs_fini(libzfs_handle_t *hdl)
namespace_clear(hdl);
libzfs_mnttab_fini(hdl);
libzfs_core_fini();
regfree(&hdl->libzfs_urire);
fletcher_4_fini();
free(hdl);
}