mirror of https://github.com/borgbackup/borg.git
bugfix: skip TAM check with BORG_WORKAROUNDS=authenticated_no_key
This is an emergency workaround for authenticated repos if the user has lost the borg key. We can't compute the TAM key without the borg key, so just skip all the TAM stuff.
This commit is contained in:
parent
3051473168
commit
d5ffa59c91
|
@ -246,6 +246,8 @@ class KeyBase:
|
|||
unpacker = get_limited_unpacker("manifest")
|
||||
unpacker.feed(data)
|
||||
unpacked = unpacker.unpack()
|
||||
if AUTHENTICATED_NO_KEY:
|
||||
return unpacked, True # True is a lie.
|
||||
if "tam" not in unpacked:
|
||||
if tam_required:
|
||||
raise TAMRequiredError(self.repository._location.canonical_path())
|
||||
|
@ -271,8 +273,6 @@ class KeyBase:
|
|||
offset = data.index(tam_hmac)
|
||||
data[offset : offset + 64] = bytes(64)
|
||||
tam_key = self._tam_key(tam_salt, context=b"manifest")
|
||||
if AUTHENTICATED_NO_KEY:
|
||||
return unpacked, True # True is a lie.
|
||||
calculated_hmac = hmac.digest(tam_key, data, "sha512")
|
||||
if not hmac.compare_digest(calculated_hmac, tam_hmac):
|
||||
raise TAMInvalid()
|
||||
|
|
Loading…
Reference in New Issue