首页 发现 帮助
登录
mirrors
/
borg
镜像自地址 https://github.com/borgbackup/borg
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

init: explain manifest auth compatibility

Marian Beermann 8 年之前
父节点
1c55930840
当前提交
ec4f42c9f8
共有 2 个文件被更改,包括 16 次插入4 次删除
合并视图 显示文件统计
  1. 15 3
      borg/archiver.py
  2. 1 1
      borg/key.py

+ 15 - 3
borg/archiver.py
查看文件 

@@ -127,7 +127,8 @@ class Archiver:
 
     @with_repository(create=True, exclusive=True, manifest=False)
 
     @with_repository(create=True, exclusive=True, manifest=False)
 
     def do_init(self, args, repository):
 
     def do_init(self, args, repository):
 
         """Initialize an empty repository"""
 
         """Initialize an empty repository"""
 
-        logger.info('Initializing repository at "%s"' % args.location.canonical_path())
 
+        path = args.location.canonical_path()
 
+        logger.info('Initializing repository at "%s"' % path)
 
         key = key_creator(repository, args)
 
         key = key_creator(repository, args)
 
         manifest = Manifest(key, repository)
 
         manifest = Manifest(key, repository)
 
         manifest.key = key
 
         manifest.key = key
 
@@ -135,8 +136,19 @@ class Archiver:
 
         repository.commit()
 
         repository.commit()
 
         with Cache(repository, key, manifest, warn_if_unencrypted=False):
 
         with Cache(repository, key, manifest, warn_if_unencrypted=False):
 
             pass
 
             pass
 
-        tam_file = tam_required_file(repository)
 
-        open(tam_file, 'w').close()
 
+        if key.tam_required:
 
+            tam_file = tam_required_file(repository)
 
+            open(tam_file, 'w').close()
 
+            logger.warning(
 
+                '\n'
 
+                'By default repositories initialized with this version will produce security\n'
 
+                'errors if written to with an older version (up to and including Borg 1.0.8).\n'
 
+                '\n'
 
+                'If you want to use these older versions, you can disable the check by runnning:\n'
 
+                'borg upgrade --disable-tam \'%s\'\n'
 
+                '\n'
 
+                'See https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability '
 
+                'for details about the security implications.', path)
 
         return self.exit_code
 
         return self.exit_code
 
 
 
     @with_repository(exclusive=True, manifest=False)
 
     @with_repository(exclusive=True, manifest=False)

+ 1 - 1
borg/key.py
查看文件 

@@ -46,7 +46,7 @@ class RepoKeyNotFoundError(Error):
 
 
 
 class TAMRequiredError(IntegrityError):
 
 class TAMRequiredError(IntegrityError):
 
     __doc__ = textwrap.dedent("""
 
     __doc__ = textwrap.dedent("""
 
-    Manifest is unauthenticated, but authentication is required for this repository.
 
+    Manifest is unauthenticated, but it is required for this repository.
 
 
 
     This either means that you are under attack, or that you modified this repository
 
     This either means that you are under attack, or that you modified this repository
 
     with a Borg version older than 1.0.9 after TAM authentication was enabled.
 
     with a Borg version older than 1.0.9 after TAM authentication was enabled.