Merge pull request #6582 from ThomasWaldmann/deleted-key-1.2

load_key: no key is same as empty key, fixes #6441
2026-06-11 01:41:57 -04:00 · 2022-04-12 20:09:10 +02:00 · 2022-04-12 20:09:10 +02:00 · 7a3056092e
commit 7a3056092e
parent fddd0c93fa 7fc1d75cd3
3 changed files with 17 additions and 7 deletions
--- a/src/borg/crypto/key.py
+++ b/src/borg/crypto/key.py
@ -789,11 +789,11 @@ class RepoKey(ID_HMAC_SHA_256, KeyfileKeyBase):

    def find_key(self):
        loc = self.repository._location.canonical_path()
-        try:
-            self.repository.load_key()
-            return loc
-        except configparser.NoOptionError:
+        key = self.repository.load_key()
+        if not key:
+            # if we got an empty key, it means there is no key.
            raise RepoKeyNotFoundError(loc) from None
+        return loc

    def get_new_target(self, args):
        return self.repository
@ -806,6 +806,10 @@ class RepoKey(ID_HMAC_SHA_256, KeyfileKeyBase):
        # what we get in target is just a repo location, but we already have the repo obj:
        target = self.repository
        key_data = target.load_key()
+        if not key_data:
+            # if we got an empty key, it means there is no key.
+            loc = target._location.canonical_path()
+            raise RepoKeyNotFoundError(loc) from None
        key_data = key_data.decode('utf-8')  # remote repo: msgpack issue #99, getting bytes
        success = self._load(key_data, passphrase)
        if success:
--- a/src/borg/crypto/keymanager.py
+++ b/src/borg/crypto/keymanager.py
@ -7,7 +7,7 @@ from hashlib import sha256
 from ..helpers import Manifest, NoManifestError, Error, yes, bin_to_hex, dash_open
 from ..repository import Repository

-from .key import KeyfileKey, KeyfileNotFoundError, KeyBlobStorage, identify_key
+from .key import KeyfileKey, KeyfileNotFoundError, RepoKeyNotFoundError, KeyBlobStorage, identify_key


 class UnencryptedRepo(Error):
@ -56,7 +56,12 @@ class KeyManager:
                self.keyblob = ''.join(fd.readlines()[1:])

        elif self.keyblob_storage == KeyBlobStorage.REPO:
-            self.keyblob = self.repository.load_key().decode()
+            key_data = self.repository.load_key().decode()
+            if not key_data:
+                # if we got an empty key, it means there is no key.
+                loc = self.repository._location.canonical_path()
+                raise RepoKeyNotFoundError(loc) from None
+            self.keyblob = key_data

    def store_keyblob(self, args):
        if self.keyblob_storage == KeyBlobStorage.KEYFILE:
--- a/src/borg/repository.py
+++ b/src/borg/repository.py
@ -338,7 +338,8 @@ class Repository:
        self.save_config(self.path, self.config)

    def load_key(self):
-        keydata = self.config.get('repository', 'key')
+        keydata = self.config.get('repository', 'key', fallback='').strip()
+        # note: if we return an empty string, it means there is no repo key
        return keydata.encode('utf-8')  # remote repo: msgpack issue #99, returning bytes

    def get_free_nonce(self):