Fix check incorrectly reporting attic 0.13 and earlier archives as corrupt

borg/archive.py

@@ -1020,6 +1020,9 @@ class ArchiveChecker:
             def valid_item(obj):
                 if not isinstance(obj, StableDict):
                     return False
+                # A bug in Attic up to and including release 0.13 added a (meaningless) b'acl' key to every item.
+                # We ignore it here, should it exist. See test_attic013_acl_bug for details.
+                obj.pop(b'acl', None)
                 keys = set(obj)
                 return REQUIRED_ITEM_KEYS.issubset(keys) and keys.issubset(item_keys)
 

borg/testsuite/archiver.py

@@ -1451,6 +1451,25 @@ class ArchiverCheckTestCase(ArchiverTestCaseBase):
             repository.commit()
         self.cmd('check', self.repository_location, exit_code=1)
 
+    def test_attic013_acl_bug(self):
+        # Attic up to release 0.13 contained a bug where every item unintentionally received
+        # a b'acl'=None key-value pair.
+        # This bug can still live on in Borg repositories (through borg upgrade).
+        archive, repository = self.open_archive('archive1')
+        with repository:
+            manifest, key = Manifest.load(repository)
+            with Cache(repository, key, manifest) as cache:
+                archive = Archive(repository, key, manifest, '0.13', cache=cache, create=True)
+                archive.items_buffer.add({
+                    # path and mtime are required.
+                    b'path': '1234',
+                    b'mtime': 0,
+                    # acl is the offending key.
+                    b'acl': None
+                })
+                archive.save()
+        self.cmd('check', self.repository_location, exit_code=0)
+
 
 @pytest.mark.skipif(sys.platform == 'cygwin', reason='remote is broken on cygwin and hangs')
 class RemoteArchiverTestCase(ArchiverTestCase):