(ctx context.Context, si *APIServerInfo, opt *content.CachingOptions, password string, mr *metrics.Registry, timeNow func() time.Time)
| 137 | } |
| 138 | |
| 139 | func getContentCacheOrNil(ctx context.Context, si *APIServerInfo, opt *content.CachingOptions, password string, mr *metrics.Registry, timeNow func() time.Time) (*cache.PersistentCache, error) { |
| 140 | opt = opt.CloneOrDefault() |
| 141 | |
| 142 | cs, err := cache.NewStorageOrNil(ctx, opt.CacheDirectory, opt.ContentCacheSizeBytes, "server-contents") |
| 143 | if cs == nil { |
| 144 | // this may be (nil, nil) or (nil, err) |
| 145 | return nil, errors.Wrap(err, "error opening storage") |
| 146 | } |
| 147 | |
| 148 | // derive content cache key from the password & HMAC secret |
| 149 | saltWithPurpose := append([]byte("content-cache-protection"), opt.HMACSecret...) |
| 150 | |
| 151 | const cacheEncryptionKeySize = 32 |
| 152 | |
| 153 | keyAlgo := si.LocalCacheKeyDerivationAlgorithm |
| 154 | if keyAlgo == "" { |
| 155 | keyAlgo = DefaultServerRepoCacheKeyDerivationAlgorithm |
| 156 | } |
| 157 | |
| 158 | cacheEncryptionKey, err := crypto.DeriveKeyFromPassword(password, saltWithPurpose, cacheEncryptionKeySize, keyAlgo) |
| 159 | if err != nil { |
| 160 | return nil, errors.Wrap(err, "unable to derive cache encryption key from password") |
| 161 | } |
| 162 | |
| 163 | prot, err := cacheprot.AuthenticatedEncryptionProtection(cacheEncryptionKey) |
| 164 | if err != nil { |
| 165 | return nil, errors.Wrap(err, "unable to initialize protection") |
| 166 | } |
| 167 | |
| 168 | pc, err := cache.NewPersistentCache(ctx, "cache-storage", cs, prot, cache.SweepSettings{ |
| 169 | MaxSizeBytes: opt.ContentCacheSizeBytes, |
| 170 | LimitBytes: opt.ContentCacheSizeLimitBytes, |
| 171 | MinSweepAge: opt.MinContentSweepAge.DurationOrDefault(content.DefaultDataCacheSweepAge), |
| 172 | }, mr, timeNow) |
| 173 | if err != nil { |
| 174 | return nil, errors.Wrap(err, "unable to open persistent cache") |
| 175 | } |
| 176 | |
| 177 | return pc, nil |
| 178 | } |
| 179 | |
| 180 | // openAPIServer connects remote repository over Kopia API. |
| 181 | func openAPIServer(ctx context.Context, si *APIServerInfo, cliOpts ClientOptions, cachingOptions *content.CachingOptions, password string, options *Options) (Repository, error) { |
no test coverage detected