mirror of
https://github.com/borgbackup/borg.git
synced 2025-01-04 06:21:46 +00:00
keep key_type only in security dir
removed some code borg had for backwards compatibility with old borg versions (that had key_type only in the cache). now the repo key_type is only checked against the key-type file in the security dir, simplifying the code.
This commit is contained in:
parent
cf8c3a3ae7
commit
89d867ea30
1 changed files with 5 additions and 10 deletions
|
@ -154,10 +154,8 @@ def assert_no_manifest_replay(self, manifest, key, cache_config=None):
|
||||||
else:
|
else:
|
||||||
raise Cache.RepositoryReplay()
|
raise Cache.RepositoryReplay()
|
||||||
|
|
||||||
def assert_key_type(self, key, cache_config=None):
|
def assert_key_type(self, key):
|
||||||
# Make sure an encrypted repository has not been swapped for an unencrypted repository
|
# Make sure an encrypted repository has not been swapped for an unencrypted repository
|
||||||
if cache_config and cache_config.key_type is not None and cache_config.key_type != str(key.TYPE):
|
|
||||||
raise Cache.EncryptionMethodMismatch()
|
|
||||||
if self.known() and not self.key_matches(key):
|
if self.known() and not self.key_matches(key):
|
||||||
raise Cache.EncryptionMethodMismatch()
|
raise Cache.EncryptionMethodMismatch()
|
||||||
|
|
||||||
|
@ -178,7 +176,7 @@ def assert_secure(self, manifest, key, *, cache_config=None, warn_if_unencrypted
|
||||||
|
|
||||||
def _assert_secure(self, manifest, key, cache_config=None):
|
def _assert_secure(self, manifest, key, cache_config=None):
|
||||||
self.assert_location_matches()
|
self.assert_location_matches()
|
||||||
self.assert_key_type(key, cache_config)
|
self.assert_key_type(key)
|
||||||
self.assert_no_manifest_replay(manifest, key, cache_config)
|
self.assert_no_manifest_replay(manifest, key, cache_config)
|
||||||
if not self.known():
|
if not self.known():
|
||||||
logger.debug("security: remembering previously unknown repository")
|
logger.debug("security: remembering previously unknown repository")
|
||||||
|
@ -261,7 +259,6 @@ def load(self):
|
||||||
self.id = self._config.get("cache", "repository")
|
self.id = self._config.get("cache", "repository")
|
||||||
self.manifest_id = hex_to_bin(self._config.get("cache", "manifest"))
|
self.manifest_id = hex_to_bin(self._config.get("cache", "manifest"))
|
||||||
self.timestamp = self._config.get("cache", "timestamp", fallback=None)
|
self.timestamp = self._config.get("cache", "timestamp", fallback=None)
|
||||||
self.key_type = self._config.get("cache", "key_type", fallback=None)
|
|
||||||
self.ignored_features = set(parse_stringified_list(self._config.get("cache", "ignored_features", fallback="")))
|
self.ignored_features = set(parse_stringified_list(self._config.get("cache", "ignored_features", fallback="")))
|
||||||
self.mandatory_features = set(
|
self.mandatory_features = set(
|
||||||
parse_stringified_list(self._config.get("cache", "mandatory_features", fallback=""))
|
parse_stringified_list(self._config.get("cache", "mandatory_features", fallback=""))
|
||||||
|
@ -281,7 +278,7 @@ def load(self):
|
||||||
logger.debug("Cache integrity: No integrity data found (files, chunks). Cache is from old version.")
|
logger.debug("Cache integrity: No integrity data found (files, chunks). Cache is from old version.")
|
||||||
self.integrity = {}
|
self.integrity = {}
|
||||||
|
|
||||||
def save(self, manifest=None, key=None):
|
def save(self, manifest=None):
|
||||||
if manifest:
|
if manifest:
|
||||||
self._config.set("cache", "manifest", manifest.id_str)
|
self._config.set("cache", "manifest", manifest.id_str)
|
||||||
self._config.set("cache", "timestamp", manifest.timestamp)
|
self._config.set("cache", "timestamp", manifest.timestamp)
|
||||||
|
@ -292,8 +289,6 @@ def save(self, manifest=None, key=None):
|
||||||
for file, integrity_data in self.integrity.items():
|
for file, integrity_data in self.integrity.items():
|
||||||
self._config.set("integrity", file, integrity_data)
|
self._config.set("integrity", file, integrity_data)
|
||||||
self._config.set("integrity", "manifest", manifest.id_str)
|
self._config.set("integrity", "manifest", manifest.id_str)
|
||||||
if key:
|
|
||||||
self._config.set("cache", "key_type", str(key.TYPE))
|
|
||||||
with SaveFile(self.config_path) as fd:
|
with SaveFile(self.config_path) as fd:
|
||||||
self._config.write(fd)
|
self._config.write(fd)
|
||||||
|
|
||||||
|
@ -889,7 +884,7 @@ def commit(self):
|
||||||
self.chunks.write(fd)
|
self.chunks.write(fd)
|
||||||
self.cache_config.integrity["chunks"] = fd.integrity_data
|
self.cache_config.integrity["chunks"] = fd.integrity_data
|
||||||
pi.output("Saving cache config")
|
pi.output("Saving cache config")
|
||||||
self.cache_config.save(self.manifest, self.key)
|
self.cache_config.save(self.manifest)
|
||||||
os.replace(os.path.join(self.path, "txn.active"), os.path.join(self.path, "txn.tmp"))
|
os.replace(os.path.join(self.path, "txn.active"), os.path.join(self.path, "txn.tmp"))
|
||||||
shutil.rmtree(os.path.join(self.path, "txn.tmp"))
|
shutil.rmtree(os.path.join(self.path, "txn.tmp"))
|
||||||
self._txn_active = False
|
self._txn_active = False
|
||||||
|
@ -1271,7 +1266,7 @@ def commit(self):
|
||||||
integrity_data = self._write_files_cache()
|
integrity_data = self._write_files_cache()
|
||||||
self.cache_config.integrity[self.files_cache_name()] = integrity_data
|
self.cache_config.integrity[self.files_cache_name()] = integrity_data
|
||||||
pi.output("Saving cache config")
|
pi.output("Saving cache config")
|
||||||
self.cache_config.save(self.manifest, self.key)
|
self.cache_config.save(self.manifest)
|
||||||
os.replace(os.path.join(self.path, "txn.active"), os.path.join(self.path, "txn.tmp"))
|
os.replace(os.path.join(self.path, "txn.active"), os.path.join(self.path, "txn.tmp"))
|
||||||
shutil.rmtree(os.path.join(self.path, "txn.tmp"))
|
shutil.rmtree(os.path.join(self.path, "txn.tmp"))
|
||||||
self._txn_active = False
|
self._txn_active = False
|
||||||
|
|
Loading…
Reference in a new issue