Restore: Handle incorrect encryption key #5284
Conversation
There was a problem hiding this comment.
Reviewable status: 0 of 1 files reviewed, 2 unresolved discussions (waiting on @manishrjain and @parasssh)
worker/restore.go, line 58 at r1 (raw file):
Previously, parasssh wrote…
keyfile is optional. Just return the err.
But the error would be Invalid Header. This doesn't give any valid information to the user.
worker/restore.go, line 60 at r1 (raw file):
Previously, parasssh wrote…
Dont need this whole comment. Just the first sentence will suffice.
Done.
There was a problem hiding this comment.
Reviewable status: 0 of 1 files reviewed, 2 unresolved discussions (waiting on @manishrjain and @parasssh)
worker/restore.go, line 58 at r1 (raw file):
Previously, jarifibrahim (Ibrahim Jarif) wrote…
But the error would be
Invalid Header. This doesn't give any valid information to the user.
The actual error returned is
gzip: invalid header
There was a problem hiding this comment.
Reviewable status: 0 of 1 files reviewed, 1 unresolved discussion (waiting on @manishrjain and @parasssh)
worker/restore.go, line 58 at r1 (raw file):
Previously, jarifibrahim (Ibrahim Jarif) wrote…
The actual error returned is
gzip: invalid header
Ok. But the keyfile is optional. And if it fails for other reasons then it will confuse the error. Maybe do this error only if keyfile is non-nil.
There was a problem hiding this comment.
Reviewable status: 0 of 1 files reviewed, all discussions resolved (waiting on @manishrjain)
worker/restore.go, line 58 at r1 (raw file):
Previously, parasssh wrote…
Ok. But the keyfile is optional. And if it fails for other reasons then it will confuse the error. Maybe do this error only if keyfile is non-nil.
Ah! I see what you mean. I've made the change. Thank you!
There was a problem hiding this comment.
Reviewable status: 0 of 1 files reviewed, 1 unresolved discussion (waiting on @jarifibrahim and @manishrjain)
a discussion (no related file):
There was a problem hiding this comment.
Reviewed 1 of 1 files at r2.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @jarifibrahim and @manishrjain)
There was a problem hiding this comment.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @jarifibrahim and @manishrjain)
Jira - DGRAPH-1281 and DGRAPH-1282 When the restore is started, we open a badger instance with the provided encryption key and then check if the backup file can be opened using the encryption key. If the backup cannot be opened using the encryption key, we return an error to the user but the badger DB stores the encryption key. When the user tries to restore the same backup to the same badger instance without a key (because backup is unencrypted), badger complaints about the missing key. This PR fixes by opening badger after opening the backup file. This ensures we don't open an encrypted badger db for an unencrypted backup file. (cherry picked from commit 25c37c8)
Jira - DGRAPH-1281 and DGRAPH-1282 When the restore is started, we open a badger instance with the provided encryption key and then check if the backup file can be opened using the encryption key. If the backup cannot be opened using the encryption key, we return an error to the user but the badger DB stores the encryption key. When the user tries to restore the same backup to the same badger instance without a key (because backup is unencrypted), badger complaints about the missing key. This PR fixes by opening badger after opening the backup file. This ensures we don't open an encrypted badger db for an unencrypted backup file. (cherry picked from commit 25c37c8)
Jira - DGRAPH-1281 and DGRAPH-1282 When the restore is started, we open a badger instance with the provided encryption key and then check if the backup file can be opened using the encryption key. If the backup cannot be opened using the encryption key, we return an error to the user but the badger DB stores the encryption key. When the user tries to restore the same backup to the same badger instance without a key (because backup is unencrypted), badger complaints about the missing key. This PR fixes by opening badger after opening the backup file. This ensures we don't open an encrypted badger db for an unencrypted backup file. (cherry picked from commit 25c37c8)
Jira - DGRAPH-1281 and DGRAPH-1282 When the restore is started, we open a badger instance with the provided encryption key and then check if the backup file can be opened using the encryption key. If the backup cannot be opened using the encryption key, we return an error to the user but the badger DB stores the encryption key. When the user tries to restore the same backup to the same badger instance without a key (because backup is unencrypted), badger complaints about the missing key. This PR fixes by opening badger after opening the backup file. This ensures we don't open an encrypted badger db for an unencrypted backup file. (cherry picked from commit 25c37c8)
Jira - DGRAPH-1281 and DGRAPH-1282 When the restore is started, we open a badger instance with the provided encryption key and then check if the backup file can be opened using the encryption key. If the backup cannot be opened using the encryption key, we return an error to the user but the badger DB stores the encryption key. When the user tries to restore the same backup to the same badger instance without a key (because backup is unencrypted), badger complaints about the missing key. This PR fixes by opening badger after opening the backup file. This ensures we don't open an encrypted badger db for an unencrypted backup file.
Jira - DGRAPH-1281 and DGRAPH-1282
When the restore is started, we open a badger instance with the provided encryption key and then check if the backup file can be opened using the encryption key. If the backup cannot be opened using the encryption key, we return an error to the user but the badger DB stores the encryption key.
When the user tries to restore the same backup to the same badger instance without a key (because backup is unencrypted), badger complaints about the missing key.
This PR fixes by opening badger after opening the backup file. This ensures we don't open an encrypted badger db for an unencrypted backup file.
This change is