** Changed in: duplicity (Ubuntu) Importance: Undecided => Low -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to duplicity in Ubuntu. https://bugs.launchpad.net/bugs/1828761
Title: Incremental backups do not validate passphrase Status in Duplicity: New Status in duplicity package in Ubuntu: New Bug description: This was reported in a comment on another bug, but I think this is serious enough to warrant its own one. It broke my incremental backups and I just happened to notice. The report with repro steps is https://bugs.launchpad.net/duplicity/+bug/918489/comments/22 The expected behavior would be to fail on invalid passphrases on incremental backups (or otherwise make it very clear that this is the user's responsibility). I seem to remember testing this in the past and verifying that an error is raised. Right now, it leads to corruption and a beautiful stack trace followed by a hanging application when trying to verify or restore: GPG error detail: Traceback (innermost last): File "/bin/duplicity", line 1560, in <module> with_tempdir(main) File "/bin/duplicity", line 1546, in with_tempdir fn() File "/bin/duplicity", line 1398, in main do_backup(action) File "/bin/duplicity", line 1479, in do_backup verify(col_stats) File "/bin/duplicity", line 875, in verify for backup_ropath, current_path in collated: File "/usr/lib/python2.7/site-packages/duplicity/diffdir.py", line 276, in collate2iters relem1 = riter1.next() File "/usr/lib/python2.7/site-packages/duplicity/patchdir.py", line 521, in integrate_patch_iters for patch_seq in collated: File "/usr/lib/python2.7/site-packages/duplicity/diffdir.py", line 286, in collate2iters relem2 = riter2.next() File "/usr/lib/python2.7/site-packages/duplicity/patchdir.py", line 121, in difftar2path_iter tarinfo_list = [tar_iter.next()] File "/usr/lib/python2.7/site-packages/duplicity/patchdir.py", line 344, in next self.set_tarfile() File "/usr/lib/python2.7/site-packages/duplicity/patchdir.py", line 332, in set_tarfile assert not self.current_fp.close() File "/usr/lib/python2.7/site-packages/duplicity/dup_temp.py", line 227, in close assert not self.fileobj.close() File "/usr/lib/python2.7/site-packages/duplicity/gpg.py", line 305, in close self.gpg_failed() File "/usr/lib/python2.7/site-packages/duplicity/gpg.py", line 272, in gpg_failed raise GPGError(msg) GPGError: GPG Failed, see log below: ===== Begin GnuPG log ===== gpg: AES encrypted data gpg: encrypted with 1 passphrase gpg: decryption failed: Bad session key ===== End GnuPG log ===== GPGError: GPG Failed, see log below: ===== Begin GnuPG log ===== gpg: AES encrypted data gpg: encrypted with 1 passphrase gpg: decryption failed: Bad session key ===== End GnuPG log ===== If left unnoticed, the only way to go about it is manual recovery. I'm updating my backup scripts to do some basic validation of the passphrase to make sure that a simple typo will not break my backups in the future. duplicity 0.7.18.2 on Arch Linux, Python 3.7.3. To manage notifications about this bug go to: https://bugs.launchpad.net/duplicity/+bug/1828761/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp