prune: Abort repacking when a pack contains a wrong blob
If a blob in a pack file can be decrypted successfully but contains data that results in a different hash than stated in the header pack, then abort repacking. As both the pack header and the blob are cryptographically verified this either means than a malicious entity tampered with the backup or indicates hardware problems on the client. prune should fail with an error in both cases.
This commit is contained in:
Michael Eischer
parent
744a15247d
commit
7042bafea5
1 changed files with 1 additions and 3 deletions
|
|
@ -2,8 +2,6 @@ package repository
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
|
||||||
"os"
|
|
||||||
|
|
||||||
"github.com/restic/restic/internal/debug"
|
"github.com/restic/restic/internal/debug"
|
||||||
"github.com/restic/restic/internal/errors"
|
"github.com/restic/restic/internal/errors"
|
||||||
|
|
@ -85,7 +83,7 @@ func Repack(ctx context.Context, repo restic.Repository, packs restic.IDSet, kee
|
||||||
if !id.Equal(entry.ID) {
|
if !id.Equal(entry.ID) {
|
||||||
debug.Log("read blob %v/%v from %v: wrong data returned, hash is %v",
|
debug.Log("read blob %v/%v from %v: wrong data returned, hash is %v",
|
||||||
h.Type, h.ID, tempfile.Name(), id)
|
h.Type, h.ID, tempfile.Name(), id)
|
||||||
fmt.Fprintf(os.Stderr, "read blob %v from %v: wrong data returned, hash is %v",
|
return nil, errors.Errorf("read blob %v from %v: wrong data returned, hash is %v",
|
||||||
h, tempfile.Name(), id)
|
h, tempfile.Name(), id)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue