Duplicity

Merge lp:~mterry/duplicity/check-passphrase-on-restart into lp:duplicity/0.6

  1. check-passphrase-on-restart
  2. Merge into 0.6-series
Proposed by Michael Terry
Status: Merged
Merged at revision: 810
Proposed branch: lp:~mterry/duplicity/check-passphrase-on-restart
Merge into: lp:duplicity/0.6
Diff against target: 56 lines (+28/-0)
2 files modified
duplicity-bin (+27/-0)
duplicity/log.py (+1/-0)
To merge this branch: bzr merge lp:~mterry/duplicity/check-passphrase-on-restart
Reviewer Review Type Date Requested Status
ben (community) Needs Fixing
duplicity-team Pending
Review via email: mp+80007@code.launchpad.net
To post a comment you must log in.
Revision history for this message
ben (ben-chgtaa3qpp) wrote :

This patch has broken backup resume. Please see problems report here:

https://answers.launchpad.net/duplicity/+question/183711

review: Needs Fixing
Revision history for this message
Cristian Măgherușan-Stanciu (cristi) wrote :

I am running duplicity from cron using the same passphrase across runs, and this check is not needed.

What if we make this check optional?

Revision history for this message
Ian Belcher (ianbelcher) wrote :

Hi there,

I've spent the whole day trying to rescue my data from the grips of Deja-Dup/Duplicity and I managed to stumble upon this thread. I am unable to restore from a backup I made yesterday and it seems it is due to the issue described on this page. It also seems that this patch would allow me to restore my data, but I have no idea how to install a patch. I saw something along the lines of patch -p(num) file.diff but have never used this command, don't know what number to add with the -p flag, etc... Any help greatly appreciated. Thanks

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'duplicity-bin'
2--- duplicity-bin 2011-10-16 16:28:38 +0000
3+++ duplicity-bin 2011-10-20 21:59:22 +0000
4@@ -295,6 +295,32 @@
5 tdp.delete()
6 return putsize
7
8+ def validate_encryption_settings(backup_set, manifest):
9+ """
10+ When restarting a backup, we have no way to verify that the current
11+ passphrase is the same as the one used for the beginning of the backup.
12+ This is because the local copy of the manifest is unencrypted and we
13+ don't need to decrypt the existing volumes on the backend. To ensure
14+ that we are using the same passphrase, we manually download volume 1
15+ and decrypt it with the current passphrase. We also want to confirm
16+ that we're using the same encryption settings (i.e. we don't switch
17+ from encrypted to non in the middle of a backup chain), so we check
18+ that the vol1 filename on the server matches the settings of this run.
19+ """
20+ vol1_filename = file_naming.get(backup_type, 1,
21+ encrypted=globals.encryption,
22+ gzipped=not globals.encryption)
23+ if vol1_filename != backup_set.volume_name_dict[1]:
24+ log.FatalError(_("Restarting backup, but current encryption "
25+ "settings do not match original settings"),
26+ log.ErrorCode.enryption_mismatch)
27+
28+ # Settings are same, let's check passphrase itself if we are encrypted
29+ if globals.encryption:
30+ fileobj = restore_get_enc_fileobj(globals.backend, vol1_filename,
31+ manifest.volume_info_dict[1])
32+ fileobj.close()
33+
34 if not globals.restart:
35 # normal backup start
36 vol_num = 0
37@@ -305,6 +331,7 @@
38 mf = globals.restart.last_backup.get_local_manifest()
39 globals.restart.checkManifest(mf)
40 globals.restart.setLastSaved(mf)
41+ validate_encryption_settings(globals.restart.last_backup, mf)
42 mf.fh = man_outfp
43 last_block = globals.restart.last_block
44 log.Notice("Restarting after volume %s, file %s, block %s" %
45
46=== modified file 'duplicity/log.py'
47--- duplicity/log.py 2011-08-25 04:49:34 +0000
48+++ duplicity/log.py 2011-10-20 21:59:22 +0000
49@@ -190,6 +190,7 @@
50 source_dir_mismatch = 42 # 41 is reserved for par2
51 ftps_lftp_missing = 43
52 volume_wrong_size = 44
53+ enryption_mismatch = 45
54
55 # 50->69 reserved for backend errors
56 backend_error = 50

Subscribers

People subscribed via source and target branches

to all changes: