Package: duplicity
Version: 0.8.04-2ubuntu1
Severity: normal
Dear Maintainer,
Many years ago, duplicity had a bug that allowed you to resume a backup with a
different
password than the one with which you started the backup. This left your backup
chain
in an unrecoverable state, since duplicity doesn't know how to restore from a
chain like
that.
It was fixed upstream. But the fix didn't properly handle using a gpg
encryption key
(rather than a symmetric password). So Debian added the patch 01-reverify that
disabled
the fix upstream.
But then duplicity fixed the issue with gpg encryption keys and Debian never
dropped its
patch. Which left the original password-swap bug in place.
Can Debian drop 01-reverify please? I've attached two scripts that demonstrate
each bug
and you can test that both work after dropping the patch.
You can run switchpass.sh to test the original password-swap bug. And run
gpgkey.sh to
test the gpg encryption key issue (this one needs you to specify both KEY and
PASSPHRASE
environment variables -- your gpg key id and passphrase respectively).
Both should report "Everything worked!" at the end if the bugs are fixed.
Or "Bug exists! :(" if the bug is present.
Upstream password-swap bug: https://bugs.launchpad.net/duplicity/+bug/878964
Upstream gpg-key bug: https://bugs.launchpad.net/duplicity/+bug/946988
Thanks!
-- System Information:
Debian Release: buster/sid
APT prefers eoan-updates
APT policy: (500, 'eoan-updates'), (500, 'eoan-security'), (500, 'eoan')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.3.0-19-generic (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages duplicity depends on:
ii gnupg 2.2.12-1ubuntu3
ii gnupg1 1.4.23-1
ii libc6 2.30-0ubuntu2
ii librsync2 2.0.2-1ubuntu1
ii python3 3.7.5-1
ii python3-fasteners 0.12.0-5
ii python3-future 0.16.0-1
ii python3-lockfile 1:0.12.2-2ubuntu1
Versions of packages duplicity recommends:
ii python3-oauthlib 2.1.0-1
ii python3-paramiko 2.6.0-1
ii python3-pexpect 4.6.0-1
ii python3-urllib3 1.24.1-1ubuntu1
ii rsync 3.1.3-6
Versions of packages duplicity suggests:
pn lftp <none>
pn ncftp <none>
ii par2 0.8.0-1
pn python3-boto <none>
ii python3-pip 18.1-5
pn python3-swiftclient <none>
pn tahoe-lafs <none>
-- no debconf information
#!/bin/sh
rm -rf /tmp/dupbadpass /tmp/dupbadrestore
echo "Making first, interrupted backup"
PASSPHRASE=testpass duplicity /usr/bin file:///tmp/dupbadpass --name dupbadpass
--volsize 1 --fail-on-volume 2 --verbosity 1
echo "Finishing that backup with the wrong password"
PASSPHRASE=badpass duplicity /usr/bin file:///tmp/dupbadpass --name dupbadpass
--volsize 1 --fail-on-volume 3 --verbosity 1
echo -n "Now, is vol1 encrypted with right pass? "
if gpg --decrypt --passphrase testpass --pinentry-mode=loopback
/tmp/dupbadpass/duplicity-full*.vol1.difftar.gpg >/dev/null 2>&1; then
echo "Yes!"
else
echo "Nope...? Something is deeply wrong"
fi
echo -n "And vol3 with the wrong one? "
if [ -z "$(ls /tmp/dupbadpass/duplicity-full*.vol3.difftar.gpg 2>/dev/null)" ];
then
echo "No vol3 exists"
echo "Everything worked!"
elif gpg --decrypt --passphrase badpass --pinentry-mode=loopback
/tmp/dupbadpass/duplicity-full*.vol3.difftar.gpg >/dev/null 2>&1; then
echo "Yes!"
echo "Bug exists! :("
else
echo "Nope...? Something is deeply wrong"
fi
#!/bin/sh
killall gpg-agent
rm -rf ~/.cache/duplicity/dupbadpass /tmp/dupbadpass /tmp/dupbadrestore
echo "Making first, interrupted backup"
duplicity /usr/bin file:///tmp/dupbadpass --name dupbadpass --volsize 1
--fail-on-volume 2 --encrypt-key $KEY
echo "Finishing that backup"
duplicity /usr/bin file:///tmp/dupbadpass --name dupbadpass --volsize 1
--fail-on-volume 3 --encrypt-key $KEY
if [ -n "$(ls /tmp/dupbadpass/duplicity-full*.vol3.difftar.gpg 2>/dev/null)" ];
then
echo "Everything worked!"
else
echo "Bug exists! :("
fi
