Skip to content

Commit 6c28a4e

Browse files
imobachgsimobachgs
committed
Add some documentation
1 parent baf2a42 commit 6c28a4e

File tree

1 file changed

+30
-0
lines changed

1 file changed

+30
-0
lines changed

rust/agama-security/src/service.rs

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,20 +92,33 @@ impl State {
9292
..Default::default()
9393
}
9494
}
95+
96+
/// Trust the given certificate.
97+
///
98+
/// * `certificate`: certificate to trust.
9599
pub fn trust(&mut self, certificate: &Certificate) {
96100
match certificate.fingerprint() {
97101
Some(fingerprint) => self.trusted.push(fingerprint),
98102
None => tracing::warn!("Failed to get the certificate fingerprint"),
99103
}
100104
}
101105

106+
/// Reject the given certificate.
107+
///
108+
/// * `certificate`: certificate to import.
102109
pub fn reject(&mut self, certificate: &Certificate) {
103110
match certificate.fingerprint() {
104111
Some(fingerprint) => self.rejected.push(fingerprint),
105112
None => tracing::warn!("Failed to get the certificate fingerprint"),
106113
}
107114
}
108115

116+
/// Import the given certificate.
117+
///
118+
/// It will be copied to the running system using the given name.
119+
///
120+
/// * `certificate`: certificate to import.
121+
/// * `name`: certificate name (e.g., "registration_server")
109122
pub fn import(&mut self, certificate: &Certificate, name: &str) -> Result<(), Error> {
110123
let path = self.workdir.join(format!("{name}.pem"));
111124
certificate
@@ -116,19 +129,33 @@ impl State {
116129
}
117130

118131
/// Determines whether the certificate is trusted.
132+
///
133+
/// It checks whether its SHA1 or SHA256 fingerprint are included in the list of trusted
134+
/// certificates.
135+
///
136+
/// * `certificate`: certificate to check.
119137
pub fn is_trusted(&self, certificate: &Certificate) -> bool {
120138
Self::contains(&self.trusted, certificate)
121139
}
122140

123141
/// Determines whether the certificate was rejected.
142+
///
143+
/// It checks whether its SHA1 or SHA256 fingerprint are included in the list of rejected
144+
/// certificates.
124145
pub fn is_rejected(&self, certificate: &Certificate) -> bool {
125146
Self::contains(&self.rejected, certificate)
126147
}
127148

149+
/// Reset the list of trusted certificates.
150+
///
151+
/// Beware that it does not remove the already imported certificates.
128152
pub fn reset(&mut self) {
129153
self.trusted.clear();
130154
}
131155

156+
/// Copy the certificates to the given directory.
157+
///
158+
/// * `directory`: directory to copy the certificates.
132159
pub fn copy_certificates(&self, directory: &Path) {
133160
let workdir = self.workdir.strip_prefix("/").unwrap_or(&self.workdir);
134161
let target_directory = directory.join(workdir);
@@ -172,6 +199,9 @@ impl Service {
172199
Starter::new(questions)
173200
}
174201

202+
/// Asks the user whether to trust the certificate.
203+
///
204+
/// * `certificate`: certificate to check.
175205
pub async fn should_trust_certificate(&self, certificate: &Certificate) -> bool {
176206
let labels = [gettext("Trust"), gettext("Reject")];
177207
let msg = gettext("Trying to import a self-signed certificate. Do you want to trust it and register the product?");

0 commit comments

Comments
 (0)