jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Use key to determine if we should encrypt or not

Browse Source 
When encrypting we use the .enc extension. When not encrypting, we
use the plain .tar.gz extension.

Fixes #315
This commit is contained in:
Girish Ramakrishnan
2017-04-27 09:47:31 -07:00
parent 893f9d87bc
commit 9635f9aa24
3 changed files with 30 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/storage/caas.js
View File

@@ -54,6 +54,8 @@ function getBackupFilePath(apiConfig, backupId) {
assert.strictEqual(typeof apiConfig, 'object');
assert.strictEqual(typeof backupId, 'string');
const FILE_TYPE = apiConfig.key ? '.tar.gz.enc' : '.tar.gz';
return path.join(apiConfig.prefix, backupId.endsWith(FILE_TYPE) ? backupId : backupId+FILE_TYPE);
}
@@ -92,7 +94,7 @@ function backup(apiConfig, backupId, sourceDirectories, callback) {
callback(null);
});
targz.create(sourceDirectories, apiConfig.key || '', passThrough, callback);
targz.create(sourceDirectories, apiConfig.key || null, passThrough, callback);
});
}
@@ -127,7 +129,7 @@ function restore(apiConfig, backupId, destination, callback) {
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
});
targz.extract(s3get, destination, apiConfig.key || '', callback);
targz.extract(s3get, destination, apiConfig.key || null, callback);
});
}

8
src/storage/s3.js
View File

@@ -24,8 +24,6 @@ var assert = require('assert'),
path = require('path'),
targz = require('./targz.js');
var FILE_TYPE = '.tar.gz.enc';
// test only
var originalAWS;
function mockInject(mock) {
@@ -61,6 +59,8 @@ function getBackupFilePath(apiConfig, backupId) {
assert.strictEqual(typeof apiConfig, 'object');
assert.strictEqual(typeof backupId, 'string');
const FILE_TYPE = apiConfig.key ? '.tar.gz.enc' : '.tar.gz';
return path.join(apiConfig.prefix, backupId.endsWith(FILE_TYPE) ? backupId : backupId+FILE_TYPE);
}
@@ -99,7 +99,7 @@ function backup(apiConfig, backupId, sourceDirectories, callback) {
callback(null);
});
targz.create(sourceDirectories, apiConfig.key || '', passThrough, callback);
targz.create(sourceDirectories, apiConfig.key || null, passThrough, callback);
});
}
@@ -135,7 +135,7 @@ function restore(apiConfig, backupId, destination, callback) {
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
});
targz.extract(s3get, destination, apiConfig.key || '', callback);
targz.extract(s3get, destination, apiConfig.key || null, callback);
});
}

39
src/storage/targz.js
View File

@@ -16,7 +16,7 @@ var assert = require('assert'),
function create(sourceDirectories, key, outStream, callback) {
assert(Array.isArray(sourceDirectories));
assert.strictEqual(typeof key, 'string');
assert(key === null || typeof key === 'string');
assert.strictEqual(typeof callback, 'function');
var pack = tar.pack('/', {
@@ -30,7 +30,6 @@ function create(sourceDirectories, key, outStream, callback) {
});
var gzip = zlib.createGzip({});
var encrypt = crypto.createCipher('aes-256-cbc', key);
var progressStream = progress({ time: 10000 }); // display a progress every 10 seconds
pack.on('error', function (error) {
@@ -43,28 +42,30 @@ function create(sourceDirectories, key, outStream, callback) {
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
});
encrypt.on('error', function (error) {
debug('backup: encrypt stream error.', error);
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
});
progressStream.on('progress', function(progress) {
debug('backup: %s@%s', Math.round(progress.transferred/1024/1024) + 'M', Math.round(progress.speed/1024/1024) + 'Mbps');
});
pack.pipe(gzip).pipe(encrypt).pipe(progressStream).pipe(outStream);
if (key !== null) {
var encrypt = crypto.createCipher('aes-256-cbc', key);
encrypt.on('error', function (error) {
debug('backup: encrypt stream error.', error);
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
});
pack.pipe(gzip).pipe(encrypt).pipe(progressStream).pipe(outStream);
} else {
pack.pipe(gzip).pipe(progressStream).pipe(outStream);
}
}
function extract(inStream, destination, key, callback) {
assert.strictEqual(typeof destination, 'string');
assert.strictEqual(typeof key, 'string');
assert(key === null || typeof key === 'string');
assert.strictEqual(typeof callback, 'function');
mkdirp(destination, function (error) {
if (error) return callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
var decrypt = crypto.createDecipher('aes-256-cbc', key);
var gunzip = zlib.createGunzip({});
var progressStream = progress({ time: 10000 }); // display a progress every 10 seconds
var extract = tar.extract(destination);
@@ -73,11 +74,6 @@ function extract(inStream, destination, key, callback) {
debug('restore: %s@%s', Math.round(progress.transferred/1024/1024) + 'M', Math.round(progress.speed/1024/1024) + 'Mbps');
});
decrypt.on('error', function (error) {
debug('restore: decrypt stream error.', error);
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
});
gunzip.on('error', function (error) {
debug('restore: gunzip stream error.', error);
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
@@ -93,6 +89,15 @@ function extract(inStream, destination, key, callback) {
callback(null);
});
inStream.pipe(progressStream).pipe(decrypt).pipe(gunzip).pipe(extract);
if (key !== null) {
var decrypt = crypto.createDecipher('aes-256-cbc', key);
decrypt.on('error', function (error) {
debug('restore: decrypt stream error.', error);
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
});
inStream.pipe(progressStream).pipe(decrypt).pipe(gunzip).pipe(extract);
} else {
inStream.pipe(progressStream).pipe(gunzip).pipe(extract);
}
});
}