tyler
/
proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix #3197: skip fingerprint check when restoring key 

when restoring an encrypted key, the original one is obviously not
available to check the fingerprint with.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2020-12-16 14:41:06 +01:00 committed by Dietmar Maurer
parent 9990af3042
commit 48fbbfeb7e
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/bin/proxmox-backup-client.rs
View File

@ -1273,11 +1273,16 @@ async fn restore(param: Value) -> Result<Value, Error> {
true, true,
).await?; ).await?;
let (manifest, backup_index_data) = client.download_manifest().await?;
manifest.check_fingerprint(crypt_config.as_ref().map(Arc::as_ref))?;
let (archive_name, archive_type) = parse_archive_type(archive_name); let (archive_name, archive_type) = parse_archive_type(archive_name);
let (manifest, backup_index_data) = client.download_manifest().await?;
if archive_name == ENCRYPTED_KEY_BLOB_NAME && crypt_config.is_none() {
eprintln!("Restoring encrypted key blob without original key - skipping manifest fingerprint check!")
} else {
manifest.check_fingerprint(crypt_config.as_ref().map(Arc::as_ref))?;
}
if archive_name == MANIFEST_BLOB_NAME { if archive_name == MANIFEST_BLOB_NAME {
if let Some(target) = target { if let Some(target) = target {
replace_file(target, &backup_index_data, CreateOptions::new())?; replace_file(target, &backup_index_data, CreateOptions::new())?;