From c13bf0b6078a1fea8b0e760c4ac8fbb7e8258a3b Mon Sep 17 00:00:00 2001 From: Michael Eischer Date: Sun, 21 Jan 2024 20:38:42 +0100 Subject: [PATCH] repository: Introduce RemoveKey function This replaces directly removing keys via the backend. --- cmd/restic/cmd_key.go | 10 +++------- internal/repository/key.go | 9 +++++++++ internal/repository/repository.go | 13 ++++++++++--- 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/cmd/restic/cmd_key.go b/cmd/restic/cmd_key.go index e147f537e..0952a423b 100644 --- a/cmd/restic/cmd_key.go +++ b/cmd/restic/cmd_key.go @@ -7,7 +7,6 @@ import ( "strings" "sync" - "github.com/restic/restic/internal/backend" "github.com/restic/restic/internal/errors" "github.com/restic/restic/internal/repository" "github.com/restic/restic/internal/restic" @@ -150,8 +149,7 @@ func deleteKey(ctx context.Context, repo *repository.Repository, id restic.ID) e return errors.Fatal("refusing to remove key currently used to access repository") } - h := backend.Handle{Type: restic.KeyFile, Name: id.String()} - err := repo.Backend().Remove(ctx, h) + err := repository.RemoveKey(ctx, repo, id) if err != nil { return err } @@ -177,8 +175,7 @@ func changePassword(ctx context.Context, repo *repository.Repository, gopts Glob return err } - h := backend.Handle{Type: restic.KeyFile, Name: oldID.String()} - err = repo.Backend().Remove(ctx, h) + err = repository.RemoveKey(ctx, repo, oldID) if err != nil { return err } @@ -194,8 +191,7 @@ func switchToNewKeyAndRemoveIfBroken(ctx context.Context, repo *repository.Repos err := repo.SearchKey(ctx, pw, 0, key.ID().String()) if err != nil { // the key is invalid, try to remove it - h := backend.Handle{Type: restic.KeyFile, Name: key.ID().String()} - _ = repo.Backend().Remove(ctx, h) + _ = repository.RemoveKey(ctx, repo, key.ID()) return errors.Fatalf("failed to access repository with new key: %v", err) } return nil diff --git a/internal/repository/key.go b/internal/repository/key.go index 638d15d91..5f7a93297 100644 --- a/internal/repository/key.go +++ b/internal/repository/key.go @@ -285,6 +285,15 @@ func AddKey(ctx context.Context, s *Repository, password, username, hostname str return newkey, nil } +func RemoveKey(ctx context.Context, repo *Repository, id restic.ID) error { + if id == repo.KeyID() { + return errors.New("refusing to remove key currently used to access repository") + } + + h := backend.Handle{Type: restic.KeyFile, Name: id.String()} + return repo.be.Remove(ctx, h) +} + func (k *Key) String() string { if k == nil { return "" diff --git a/internal/repository/repository.go b/internal/repository/repository.go index 407b6429c..9db83a4df 100644 --- a/internal/repository/repository.go +++ b/internal/repository/repository.go @@ -743,12 +743,19 @@ func (r *Repository) SearchKey(ctx context.Context, password string, maxKeys int return err } + oldKey := r.key + oldKeyID := r.keyID + r.key = key.master r.keyID = key.ID() cfg, err := restic.LoadConfig(ctx, r) - if err == crypto.ErrUnauthenticated { - return fmt.Errorf("config or key %v is damaged: %w", key.ID(), err) - } else if err != nil { + if err != nil { + r.key = oldKey + r.keyID = oldKeyID + + if err == crypto.ErrUnauthenticated { + return fmt.Errorf("config or key %v is damaged: %w", key.ID(), err) + } return fmt.Errorf("config cannot be loaded: %w", err) }