** Also affects: duplicity (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to duplicity in Ubuntu.
https://bugs.launchpad.net/bugs/1828761
Title:
Incremental backups do not validate passphrase
Status in Duplicity:
New
Status in duplicity package in Ubuntu:
New
Bug description:
This was reported in a comment on another bug, but I think this is serious
enough to warrant its own one. It broke my incremental backups and I just
happened to notice.
The report with repro steps is
https://bugs.launchpad.net/duplicity/+bug/918489/comments/22
The expected behavior would be to fail on invalid passphrases on incremental
backups (or otherwise make it very clear that this is the user's
responsibility).
I seem to remember testing this in the past and verifying that an error is
raised.
Right now, it leads to corruption and a beautiful stack trace followed by a
hanging application when trying to verify or restore:
GPG error detail: Traceback (innermost last):
File "/bin/duplicity", line 1560, in <module>
with_tempdir(main)
File "/bin/duplicity", line 1546, in with_tempdir
fn()
File "/bin/duplicity", line 1398, in main
do_backup(action)
File "/bin/duplicity", line 1479, in do_backup
verify(col_stats)
File "/bin/duplicity", line 875, in verify
for backup_ropath, current_path in collated:
File "/usr/lib/python2.7/site-packages/duplicity/diffdir.py", line 276, in
collate2iters
relem1 = riter1.next()
File "/usr/lib/python2.7/site-packages/duplicity/patchdir.py", line 521, in
integrate_patch_iters
for patch_seq in collated:
File "/usr/lib/python2.7/site-packages/duplicity/diffdir.py", line 286, in
collate2iters
relem2 = riter2.next()
File "/usr/lib/python2.7/site-packages/duplicity/patchdir.py", line 121, in
difftar2path_iter
tarinfo_list = [tar_iter.next()]
File "/usr/lib/python2.7/site-packages/duplicity/patchdir.py", line 344, in
next
self.set_tarfile()
File "/usr/lib/python2.7/site-packages/duplicity/patchdir.py", line 332, in
set_tarfile
assert not self.current_fp.close()
File "/usr/lib/python2.7/site-packages/duplicity/dup_temp.py", line 227, in
close
assert not self.fileobj.close()
File "/usr/lib/python2.7/site-packages/duplicity/gpg.py", line 305, in close
self.gpg_failed()
File "/usr/lib/python2.7/site-packages/duplicity/gpg.py", line 272, in
gpg_failed
raise GPGError(msg)
GPGError: GPG Failed, see log below:
===== Begin GnuPG log =====
gpg: AES encrypted data
gpg: encrypted with 1 passphrase
gpg: decryption failed: Bad session key
===== End GnuPG log =====
GPGError: GPG Failed, see log below:
===== Begin GnuPG log =====
gpg: AES encrypted data
gpg: encrypted with 1 passphrase
gpg: decryption failed: Bad session key
===== End GnuPG log =====
If left unnoticed, the only way to go about it is manual recovery.
I'm updating my backup scripts to do some basic validation of the passphrase
to make sure that a simple typo will not break my backups in the future.
duplicity 0.7.18.2 on Arch Linux, Python 3.7.3.
To manage notifications about this bug go to:
https://bugs.launchpad.net/duplicity/+bug/1828761/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
