JoinSessionKeyring causes the task to join a keyring with the given key description (not ID). If `keyDesc` is nil, then the task joins a newly-instantiated session keyring instead.
(keyDesc *string)
| 64 | // If `keyDesc` is nil, then the task joins a newly-instantiated session |
| 65 | // keyring instead. |
| 66 | func (t *Task) JoinSessionKeyring(keyDesc *string) (*auth.Key, error) { |
| 67 | t.mu.Lock() |
| 68 | defer t.mu.Unlock() |
| 69 | creds := t.Credentials() |
| 70 | possessed := creds.PossessedKeys(t.sessionKeyring, nil, nil) |
| 71 | var sessionKeyring *auth.Key |
| 72 | newKeyPerms := auth.DefaultUnnamedSessionKeyringPermissions |
| 73 | newKeyDesc := auth.DefaultSessionKeyringName |
| 74 | if keyDesc != nil { |
| 75 | creds.UserNamespace.Keys.ForEach(func(k *auth.Key) bool { |
| 76 | if k.Description == *keyDesc && creds.HasKeyPermission(k, possessed, auth.KeySearch) { |
| 77 | sessionKeyring = k |
| 78 | return true |
| 79 | } |
| 80 | return false |
| 81 | }) |
| 82 | if sessionKeyring != nil { |
| 83 | t.Debugf("Joining existing session keyring with ID %d", sessionKeyring.ID) |
| 84 | t.sessionKeyring = sessionKeyring |
| 85 | return sessionKeyring, nil |
| 86 | } |
| 87 | newKeyDesc = *keyDesc |
| 88 | newKeyPerms = auth.DefaultNamedSessionKeyringPermissions |
| 89 | } |
| 90 | return t.joinNewSessionKeyringLocked(newKeyDesc, newKeyPerms) |
| 91 | } |
| 92 | |
| 93 | // LookupKey looks up a key by ID using this task's credentials. |
| 94 | func (t *Task) LookupKey(keyID auth.KeySerial) (*auth.Key, error) { |
no test coverage detected