首页 发现 帮助
登录
mirrors
/
borg
镜像自地址 https://github.com/borgbackup/borg
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

Merge pull request #8105 from ThomasWaldmann/corrupted-key-errmsg-master

better error msg for corrupted key data, fixes #8016
TW 1 年之前
父节点
2d31b027c7 83c069ce5a
当前提交
7bed7b86d4
共有 2 个文件被更改,包括 12 次插入6 次删除
合并视图 显示文件统计
  1. 1 1
      docs/internals/frontends.rst
  2. 11 5
      src/borg/crypto/key.py

+ 1 - 1
docs/internals/frontends.rst
查看文件 

@@ -628,7 +628,7 @@ Errors
 
         Failed to encode filename "{}" into file system encoding "{}". Consider configuring the LANG environment variable.
 
         Failed to encode filename "{}" into file system encoding "{}". Consider configuring the LANG environment variable.
 
 
 
     KeyfileInvalidError rc: 40 traceback: no
 
     KeyfileInvalidError rc: 40 traceback: no
 
-        Invalid key file for repository {} found in {}.
 
+        Invalid key data for repository {} found in {}.
 
     KeyfileMismatchError rc: 41 traceback: no
 
     KeyfileMismatchError rc: 41 traceback: no
 
         Mismatch between repository {} and key file {}.
 
         Mismatch between repository {} and key file {}.
 
     KeyfileNotFoundError rc: 42 traceback: no
 
     KeyfileNotFoundError rc: 42 traceback: no

+ 11 - 5
src/borg/crypto/key.py
查看文件 

@@ -53,7 +53,7 @@ class KeyfileNotFoundError(Error):
 
 
 
 
 
 class KeyfileInvalidError(Error):
 
 class KeyfileInvalidError(Error):
 
-    """Invalid key file for repository {} found in {}."""
 
+    """Invalid key data for repository {} found in {}."""
 
 
 
     exit_mcode = 40
 
     exit_mcode = 40
 
 
 
@@ -381,8 +381,14 @@ class FlexiKey:
 
         return key
 
         return key
 
 
 
     def _load(self, key_data, passphrase):
 
     def _load(self, key_data, passphrase):
 
-        cdata = binascii.a2b_base64(key_data)
 
-        data = self.decrypt_key_file(cdata, passphrase)
 
+        try:
 
+            key = binascii.a2b_base64(key_data)
 
+        except (ValueError, binascii.Error):
 
+            raise KeyfileInvalidError(self.repository._location.canonical_path(), "(repokey)") from None
 
+        if len(key) < 20:
 
+            # this is in no way a precise check, usually we have about 400b key data.
 
+            raise KeyfileInvalidError(self.repository._location.canonical_path(), "(repokey)")
 
+        data = self.decrypt_key_file(key, passphrase)
 
         if data:
 
         if data:
 
             data = msgpack.unpackb(data)
 
             data = msgpack.unpackb(data)
 
             key = Key(internal_dict=data)
 
             key = Key(internal_dict=data)
 
@@ -567,9 +573,9 @@ class FlexiKey:
 
             key_b64 = "".join(lines[1:])
 
             key_b64 = "".join(lines[1:])
 
             try:
 
             try:
 
                 key = binascii.a2b_base64(key_b64)
 
                 key = binascii.a2b_base64(key_b64)
 
-            except binascii.Error:
 
+            except (ValueError, binascii.Error):
 
                 logger.warning(f"borg key sanity check: key line 2+ does not look like base64. [{filename}]")
 
                 logger.warning(f"borg key sanity check: key line 2+ does not look like base64. [{filename}]")
 
-                raise KeyfileInvalidError(self.repository._location.canonical_path(), filename)
 
+                raise KeyfileInvalidError(self.repository._location.canonical_path(), filename) from None
 
             if len(key) < 20:
 
             if len(key) < 20:
 
                 # this is in no way a precise check, usually we have about 400b key data.
 
                 # this is in no way a precise check, usually we have about 400b key data.
 
                 logger.warning(
 
                 logger.warning(