hatter/local-mini-kms
1
1
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

feat: v0.2.0, add harden support

Browse Source
This commit is contained in:
Hatter Jiang
2022-07-27 23:31:25 +08:00
parent 7af1521354
commit 77591990ad
3 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Cargo.lock generated
View File

@@ -444,7 +444,7 @@ dependencies = [
[[package]] [[package]]
name = "local-mini-kms" name = "local-mini-kms"
version = "0.1.1" version = "0.2.0"
dependencies = [ dependencies = [
"base64", "base64",
"clap", "clap",
@@ -454,6 +454,7 @@ dependencies = [
"lazy_static", "lazy_static",
"rusqlite", "rusqlite",
"rust_util", "rust_util",
"secmem-proc",
"serde", "serde",
"serde_derive", "serde_derive",
"serde_json", "serde_json",
@@ -713,6 +714,18 @@ version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
[[package]]
name = "secmem-proc"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5b291669c8562407a90242395b35409c070f748c64268ed7c837bd0550c4dec5"
dependencies = [
"cfg-if",
"libc",
"thiserror",
"winapi",
]
[[package]] [[package]]
name = "serde" name = "serde"
version = "1.0.138" version = "1.0.138"

3
Cargo.toml
View File

@@ -1,6 +1,6 @@
[package] [package]
name = "local-mini-kms" name = "local-mini-kms"
version = "0.1.1" version = "0.2.0"
edition = "2021" edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
@@ -16,6 +16,7 @@ serde_derive = "1.0"
serde = { version = "1.0", features = ["derive"] } serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0" serde_json = "1.0"
josekit = "0.8.1" josekit = "0.8.1"
secmem-proc = "0.1.1"
rust_util = { version = "0.6", features = ["use_clap"] } rust_util = { version = "0.6", features = ["use_clap"] }
tokio = { version = "1.19", features = ["full"] } tokio = { version = "1.19", features = ["full"] }
hyper = { version = "0.14.20", features = ["client", "server", "tcp", "http1", "http2"] } hyper = { version = "0.14.20", features = ["client", "server", "tcp", "http1", "http2"] }

12
src/main.rs
View File

@@ -1,5 +1,5 @@
use clap::{App, AppSettings, ArgMatches}; use clap::{App, AppSettings, ArgMatches};
use rust_util::{failure_and_exit, information}; use rust_util::{failure_and_exit, information, success, warning};
use rust_util::util_clap::{Command, CommandError}; use rust_util::util_clap::{Command, CommandError};
mod db; mod db;
@@ -20,6 +20,16 @@ impl DefaultCommandImpl {
} }
fn main() { fn main() {
let ignore_harden_process_error = std::env::var("IGNORE_HARDEN_PROCESS_ERROR")
.map(|v| &v == "true").unwrap_or_else(|_| false);
match secmem_proc::harden_process() {
Err(e) => if ignore_harden_process_error {
warning!("Harden local-mini-kms failed: {}", e);
} else {
failure_and_exit!("Harden local-mini-kms failed: {}", e);
}
Ok(_) => success!("Harden local-mini-kms success"),
}
if let Err(e) = inner_main() { if let Err(e) = inner_main() {
failure_and_exit!("Run local-mini-kms error: {}", e); failure_and_exit!("Run local-mini-kms error: {}", e);
} }