From d299b8bc9c689ec759b9d6e4d0d20aa4bf3b2baa Mon Sep 17 00:00:00 2001 From: Thomas Waldmann Date: Fri, 4 Feb 2022 19:18:15 +0100 Subject: [PATCH 1/2] KeyfileKeyBase: add create=False param to save method If we create a new repo (and a new keyfile key, create=True), there must not already exist a keyfile at the path/filename where we want to write the new one. In other use cases (e.g. if we overwrite a keyfile due to the user changing their passphrase, create=False), of course overwriting at the same path/fname is desired. --- src/borg/crypto/key.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/borg/crypto/key.py b/src/borg/crypto/key.py index e263add8d..4db4fbd37 100644 --- a/src/borg/crypto/key.py +++ b/src/borg/crypto/key.py @@ -684,7 +684,7 @@ def create(cls, repository, args): logger.info('Keep this key safe. Your data will be inaccessible without it.') return key - def save(self, target, passphrase): + def save(self, target, passphrase, create=False): raise NotImplementedError def get_new_target(self, args): @@ -767,7 +767,12 @@ def load(self, target, passphrase): self.target = target return success - def save(self, target, passphrase): + def save(self, target, passphrase, create=False): + if create and os.path.isfile(target): + # if a new keyfile key repository is created, ensure that an existing keyfile of another + # keyfile key repo is not accidentally overwritten by careless use of the BORG_KEY_FILE env var. + # see issue #6036 + raise Error('Aborting because key in "%s" already exists.' % target) key_data = self._save(passphrase) with SaveFile(target) as fd: fd.write('%s %s\n' % (self.FILE_ID, bin_to_hex(self.repository_id))) @@ -807,7 +812,7 @@ def load(self, target, passphrase): self.target = target return success - def save(self, target, passphrase): + def save(self, target, passphrase, create=False): self.logically_encrypted = passphrase != '' key_data = self._save(passphrase) key_data = key_data.encode('utf-8') # remote repo: msgpack issue #99, giving bytes @@ -845,8 +850,8 @@ def load(self, target, passphrase): self.logically_encrypted = False return success - def save(self, target, passphrase): - super().save(target, passphrase) + def save(self, target, passphrase, create=False): + super().save(target, passphrase, create=create) self.logically_encrypted = False def init_ciphers(self, manifest_data=None): From 7edba854b205ba6d826fefc227a64455122fd960 Mon Sep 17 00:00:00 2001 From: Thomas Waldmann Date: Fri, 4 Feb 2022 19:21:25 +0100 Subject: [PATCH 2/2] use create=True when creating new keys, fixes #6036 --- src/borg/crypto/key.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/borg/crypto/key.py b/src/borg/crypto/key.py index 4db4fbd37..ff0aa93cd 100644 --- a/src/borg/crypto/key.py +++ b/src/borg/crypto/key.py @@ -679,7 +679,7 @@ def create(cls, repository, args): key.init_from_random_data() key.init_ciphers() target = key.get_new_target(args) - key.save(target, passphrase) + key.save(target, passphrase, create=True) logger.info('Key in "%s" created.' % target) logger.info('Keep this key safe. Your data will be inaccessible without it.') return key