1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2024-12-25 01:06:50 +00:00
Commit graph

6942 commits

Author SHA1 Message Date
Thomas Waldmann
7ae76962f9 docs: borg compact --cleanup-commits also runs a normal compaction, fixes #6324 2022-04-12 18:10:44 +02:00
Thomas Waldmann
b5f7f2376c check archives: improve error handling for corrupt archive metadata block
this is similar to #4777.

borg check must not crash if an archive metadata block does not decrypt.

Instead, report the archive_id, remove the archive from the manifest and skip to the next archive.
2022-04-12 17:47:43 +02:00
Thomas Waldmann
ced3d8b9d5 check archive: make robust_iterator more robust, fixes #4777
borg check must not crash if an archive metadata chunk does not decrypt.

Instead, report the chunk and skip to the next one.
2022-04-12 17:47:32 +02:00
TW
6bb75ddf6b
Merge pull request #6568 from jwilk-forks/secure-erase-msg
Remove stray punctuation from secure-erase message
2022-04-11 19:51:39 +02:00
Jakub Wilk
3a5c79e881 remove stray punctuation from secure-erase message 2022-04-11 18:47:59 +02:00
TW
b2ce258066
Merge pull request #6565 from hexagonrecursion/move-tests
Fix selftest
2022-04-11 11:23:05 +02:00
Andrey Andreyevich Bienkowski
08f82ee408
Argon2: documentation and changelog (#6560)
docs: borg key change-algorithm
docs: borg init --key-algorithm
docs: "this is not a borg repo" can be due to argon2 and old borg
2022-04-11 11:21:07 +02:00
Andrey Bienkowski
8e8e14c374 Fix selftest
selftest imports testsuite.crypto
I did not realise this and imported pytest from testsuite.crypto
This broke the selftest.

Solution: move the tests that depend on pytest to testsuite.key.
All three affected tests are tests for the Key classes, so
this is probably a better plase for them anyway.
2022-04-11 07:00:29 +03:00
Thomas Waldmann
f5cddf0224 load_key: no key is same as empty key, fixes #6441
when migrating from repokey to keyfile, we just store an empty key into the repo config,
because we do not have a "delete key" RPC api. thus, empty key means "there is no key".

here we fix load_key, so that it does not behave differently for no key and empty key:
in both cases, it just returns an empty value.

additionally, we strip the value we get from the config, so whitespace does not matter.

All callers now check for the repokey not being empty, otherwise RepoKeyNotFoundError
is raised.
2022-04-10 20:58:59 +02:00
TW
dfd4bd7e00
Merge pull request #6556 from hexagonrecursion/kdf-refactor
Move the key derivation code from helpers.Passphrase to crypto.FlexiKey
2022-04-10 17:07:17 +02:00
Andrey Bienkowski
0c29faddec Simplify tests 2022-04-10 15:44:51 +03:00
Andrey Bienkowski
6cf5ae4ca1 Give types for every argument 2022-04-10 15:36:46 +03:00
Andrey Bienkowski
fc6d423052 Passphrase.argon2 -> FlexiKey.argon2 2022-04-10 15:06:26 +03:00
Andrey Bienkowski
0850a7c295 Passphrase.kdf -> FlexiKey.pbkdf2 2022-04-10 05:33:10 +03:00
TW
eba6d5cd1c
Merge pull request #6553 from ThomasWaldmann/update-changes2
update CHANGES
2022-04-09 21:26:50 +02:00
Thomas Waldmann
83941d0b83 update CHANGES 2022-04-09 20:42:40 +02:00
TW
28fa9e0f0b
Merge pull request #6523 from ThomasWaldmann/pax-borg-item-master
import/export-tar: --tar-format=BORG: roundtrip ALL item metadata
2022-04-09 20:22:36 +02:00
TW
1b95950613
Merge pull request #6514 from ThomasWaldmann/repo-v2
repository v2
2022-04-09 19:27:00 +02:00
Thomas Waldmann
38f390ae45 repository: create and use version 2 repos only for now
for now, this code shall only work on v2 repos (created by this code).

the code to read v1 repos is still present though, so for experiments,
it is possible to change the repo version in the repo config from 1 to
2 manually.

having version 2 in the repo config also avoids that borg < 1.3 is
used on such a repo, which would cause damage:
old borg would not recognize the PUT2 tagged segment entries and
old borg check --repair would likely kill them all due to that.

also: keep repo version in Repository.version
2022-04-09 18:58:47 +02:00
Thomas Waldmann
85d4b98a16 docs: updated for repository version 2, PUT2 tag 2022-04-09 18:58:47 +02:00
Thomas Waldmann
52f75d7722 repository: implement PUT2: header crc32, overall xxh64, fixes #1704
note: this required a slight increase of MAX_OBJECT_SIZE so that MAX_DATA_SIZE
      could stay the same as before.

For PUT2, compute the hash over the whole entry (header and content, excluding
hash and crc32 fields, because the crc32 computation includes the hash).

Also: refactor crc32 checks into function, use f-strings, structure _read in
a more logical sequential order.

write_put: avoid creating a large temporary bytes object

why use xxh64?
- fast even without hw acceleration
- borg depends on it already anyway
- stronger than crc32 and strong enough for this purpose
2022-04-09 18:58:47 +02:00
TW
7d33ad3db1
Merge pull request #6552 from hexagonrecursion/cpu
Argon2 fourth part: borg benchmark cpu: use ARGON2_ARGS
2022-04-09 15:48:07 +02:00
Andrey Bienkowski
18963bff5f Remove outdated comment 2022-04-09 16:18:03 +03:00
Andrey Bienkowski
102ce3c5b6 borg benchmark cpu: use ARGON2_ARGS 2022-04-09 14:14:00 +03:00
Andrey Andreyevich Bienkowski
d386b0346d
Argon2 the third part: borg key change-algorithm (#6549)
add `borg key change-algorithm` to change the kdf / key processing
2022-04-09 12:42:05 +02:00
TW
1a9841347a
Merge pull request #6550 from ThomasWaldmann/update-changes
update CHANGES (master)
2022-04-08 19:49:21 +02:00
Thomas Waldmann
6ffd11fc12 update CHANGES (master) 2022-04-08 19:40:20 +02:00
TW
1e213e93a3
Merge pull request #6544 from ThomasWaldmann/fix-progress-archivename-master
escape % chars in archive name, fixes #6500
2022-04-07 20:22:20 +02:00
TW
d1c018bef4
Merge pull request #6546 from ThomasWaldmann/modernize-setuptools_scm
modernize setuptools _scm usage
2022-04-07 20:10:28 +02:00
Thomas Waldmann
f930fe3f26 relax Cython requirement
0.27 was broken, but it will install the latest release anyway now.
2022-04-07 19:12:19 +02:00
Thomas Waldmann
9642ace953 require/configure setuptools_scm via pyproject.toml 2022-04-07 19:11:15 +02:00
Thomas Waldmann
911da7a1cf escape % chars in archive name, fixes #6500
also: fix percentage format for float value.
2022-04-07 18:07:50 +02:00
Andrey Andreyevich Bienkowski
56c27a99d0
Argon2 the second part: implement key encryption / decryption (#6469)
Argon2 the second part: implement encryption/decryption of argon2 keys

borg init --key-algorithm=argon2 (new default, older pbkdf2 also still available)

borg key change-passphrase: keep key algorithm the same
borg key change-location: keep key algorithm the same

use env var BORG_TESTONLY_WEAKEN_KDF=1 to resource limit (cpu, memory, ...) the kdf when running the automated tests.
2022-04-07 16:22:34 +02:00
TW
6c38bf3fdc
Merge pull request #6536 from bket/master_fix_#2055
Fix OpenBSD symlink mode test failure (#2055)
2022-04-05 01:30:33 +02:00
Björn Ketelaars
e86fde5364 Fix OpenBSD symlink mode test failure (#2055)
OpenBSD does not have `lchmod()` causing `os.lchmod` to be unavailable
on this platform. As a result ArchiverTestCase::test_basic_functionality
fails when run manually (#2055).

OpenBSD does have `fchmodat()`, which has a flag that makes it behave
like `lchmod()`. In Python this can be used via `os.chmod(path, mode,
follow_symlinks=False)`.

As of Python 3.3 `os.lchmod(path, mode)` is equivalent to
`os.chmod(path, mode, follow_symlinks=False)`. As such, switching to the
latter is preferred as it enables more platforms to do the right thing.
2022-04-04 21:55:48 +02:00
TW
6d55324b72
Merge pull request #6529 from ThomasWaldmann/fix-ipv6-url-parsing-master
fix scp repo url parsing for ip v6 addrs, fixes #6526
2022-04-04 20:39:14 +02:00
Thomas Waldmann
b2eaa2fba4 use same host regex for ssh and scp style, refactor/clean up
although bug #6526 did not show with ssh style URLs, we should
not have different regexes for the host part for ssh and scp style.

thus i extracted the host_re from both and also cleaned up a bit.
2022-04-03 20:42:48 +02:00
Thomas Waldmann
f24979bc09 fix scp repo url parsing for ip v6 addrs, fixes #6526
added a negative lookahead/lookbehind to make sure an ipv6 addr
(enclosed in square brackets) does not get badly matched by the
regex part intended for hostnames and ipv4 addrs only.

the other part of that regex which is actually intended to match
ipv6 addrs only matches if they are enclosed in square brackets.

also added tests for ssh and scp style repo URLs with ipv6 addrs
in brackets.

also: made regex more readable, putting these 2 cases on separate lines.
2022-04-03 20:42:48 +02:00
TW
269b948284
Merge pull request #6524 from bcat/patch-1
(docs) Recommend umask for passphrase file perms
2022-04-03 17:57:50 +02:00
Jonathan Rascher
da07c36d6b
(docs) Recommend umask for passphrase file perms
The previous sample for creating a ~/.borg-passphrase file creates it first and then chmod's it to 400 permissions. That's probably fine in practice, but means there's a tiny window where the passphrase file is sitting with default permissions (likely world readable, depending on the system umask).

It seems safer to first change the umask to remove all group & world bits (0077) _before_ creating the file. To be polite and avoid messing with the user's previous umask, we do this in a subshell. (Note that umask 0077 leads to a mode of 600 rather than the previous 400, because removing the owner write bit doesn't seem to buy much since the owner can just chmod the file anyway.)
2022-04-03 00:34:33 -05:00
Thomas Waldmann
e8069a8f80 import/export-tar: --tar-format=BORG: roundtrip ALL item metadata, fixes #5830
export-tar: just msgpack and b64encode all item metadata and
            put that into a BORG specific PAX header.
            this is *additional* to the standard tar metadata.

import-tar: when detecting the BORG specific PAX header, just get
            all metadata from there (and ignore the standard tar
            metadata).
2022-04-02 22:25:44 +02:00
TW
22fc6d1bdd
Merge pull request #6522 from ThomasWaldmann/tar-pax-master
import/export-tar: PAX format, ctime and atime support
2022-04-02 19:08:53 +02:00
TW
3c0779afa7
Merge pull request #6520 from ThomasWaldmann/memoryviews
memoryviews
2022-04-02 19:04:42 +02:00
Thomas Waldmann
78e92fa9e1 import/export-tar: --tar-format, support ctime/atime
--tar-format=GNU|PAX (default: GNU)

changed the tests which use GNU tar cli tool to use --tar-format=GNU
explicitly, so they don't break in case we change the default.

atime timestamp is only present in output if the archive item has it
(which is not the case by default, needs "borg create --atime ...").
2022-04-02 18:30:55 +02:00
Thomas Waldmann
154e5d87e7 micro opt: callers shall provide a memoryview to .decompress()
if they would call with a bytes object, it would usually cause
1 object copy to remove the compression type bytes.
2022-04-01 21:22:31 +02:00
Thomas Waldmann
df23f3ed22 micro opt lz4/zstd decompress: keep memoryview a bit longer, fixes #3412
if LZ4/ZSTD.decompress gets called with a memoryview idata, keep
it until after the super().decompress(idata) call, so we save one
copy operation just to remove the 2 bytes long compression type
header.
2022-04-01 21:03:28 +02:00
TW
e8456ff7d9
Merge pull request #6516 from ThomasWaldmann/remove-attic
upgrade: remove the "attic backup" repo upgrader and tests
2022-04-01 13:53:03 +02:00
Thomas Waldmann
c7b1cd56d8 upgrade: remove the "attic backup" repo upgrader and tests
attic is borg's parent project, but it stalled in 2015 and was not updated since then.

guess we can assume that most attic users have meanwhile noticed this and already
converted their repos to borg.

if some did not yet, they are advised to use borg < 1.3 to do that ASAP.

note: borg can still DETECT an attic repo by recognizing its ATTIC_MAGIC value
      and then gives exactly that advice.
2022-04-01 12:41:11 +02:00
TW
7abc62b308
Merge pull request #6511 from ThomasWaldmann/repo-cleanup
repo code cleanup
2022-03-31 21:33:29 +02:00
Thomas Waldmann
cfa34bdf71 repository: simplify LoggedIO._read
Code gets simpler if we always only use the (shorter) header_fmt.
That format ALWAYS applies, to all tags borg writes.

If the tag unpacked from there indicates that there is also a chunkid
to read (like for PUT and DEL), we can decide that inside _read and
then read the chunkid from the fd.
2022-03-31 20:50:55 +02:00