diff --git a/src/bin/proxmox-backup-proxy.rs b/src/bin/proxmox-backup-proxy.rs index 0e8617c4..c64ce8a6 100644 --- a/src/bin/proxmox-backup-proxy.rs +++ b/src/bin/proxmox-backup-proxy.rs @@ -1,6 +1,7 @@ #[macro_use] extern crate proxmox_backup; +use proxmox_backup::tools; use proxmox_backup::api::router::*; use proxmox_backup::api::config::*; use proxmox_backup::server::rest::*; @@ -16,12 +17,19 @@ use hyper; fn main() { + if let Err(err) = run() { + eprintln!("Error: {}", err); + std::process::exit(-1); + } +} + +fn run() -> Result<(), Error> { + if let Err(err) = syslog::init( syslog::Facility::LOG_DAEMON, log::LevelFilter::Info, Some("proxmox-backup-proxy")) { - eprintln!("unable to inititialize syslog: {}", err); - std::process::exit(-1); + bail!("unable to inititialize syslog - {}", err); } let _ = public_auth_key(); // load with lazy_static @@ -47,15 +55,20 @@ fn main() { let rest_server = RestServer::new(config); - let identity = - native_tls::Identity::from_pkcs12( - &std::fs::read(configdir!("/proxy.pfx")).unwrap(), - "", - ).unwrap(); + let cert_path = configdir!("/proxy.pfx"); + let raw_cert = match tools::file_get_contents(cert_path) { + Ok(data) => data, + Err(err) => bail!("unable to read certificate {} - {}", cert_path, err), + }; + + let identity = match native_tls::Identity::from_pkcs12(&raw_cert, "") { + Ok(data) => data, + Err(err) => bail!("unabled to decode pkcs12 identity {} - {}", cert_path, err), + }; let addr = ([0,0,0,0,0,0,0,0], 8007).into(); - let listener = tokio::net::TcpListener::bind(&addr).unwrap(); - let acceptor = native_tls::TlsAcceptor::new(identity).unwrap(); + let listener = tokio::net::TcpListener::bind(&addr)?; + let acceptor = native_tls::TlsAcceptor::new(identity)?; let acceptor = std::sync::Arc::new(tokio_tls::TlsAcceptor::from(acceptor)); let connections = listener .incoming() @@ -77,7 +90,8 @@ fn main() { .serve(rest_server) .map_err(|e| eprintln!("server error: {}", e)); - // Run this server for... forever! hyper::rt::run(server); + + Ok(()) }