Argon2 via OpenSSL >= 3.2#9602
Draft
ThomasWaldmann wants to merge 8 commits into
Draft
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #9602 +/- ##
==========================================
+ Coverage 84.87% 84.90% +0.02%
==========================================
Files 92 92
Lines 15165 15168 +3
Branches 2271 2275 +4
==========================================
+ Hits 12872 12879 +7
+ Misses 1589 1583 -6
- Partials 704 706 +2 ☔ View full report in Codecov by Harness. |
ThomasWaldmann
force-pushed
the
argon2-via-openssl32
branch
2 times, most recently
from
745ffbd to
b06e98b
Compare
Member
Author
|
Guess we need to wait for:
|
ThomasWaldmann
force-pushed
the
argon2-via-openssl32
branch
9 times, most recently
from
18e786b to
252cf06
Compare
ThomasWaldmann
force-pushed
the
argon2-via-openssl32
branch
4 times, most recently
from
8232e39 to
d70e1a5
Compare
ThomasWaldmann
force-pushed
the
argon2-via-openssl32
branch
4 times, most recently
from
035b12d to
f7e6aae
Compare
- src/borg/crypto/low_level.pyx: implement `argon2_hash` using OpenSSL's `EVP_KDF` API for ARGON2 (requires OpenSSL >= 3.2.0). - src/borg/crypto/key.py: switch to the native `argon2_hash` implementation, removing `argon2-cffi` dependency. - setup.py: require OpenSSL >= 3.2.0 for the crypto extension to ensure ARGON2 KDF support is available. - pyproject.toml: drop `argon2-cffi` dependency. - docs: update installation requirements and security documentation to reflect the transition to OpenSSL for Argon2.
Bump all Ubuntu-based GitHub workflows from ubuntu-24.04 to ubuntu-26.04 (and ubuntu-24.04-arm to ubuntu-26.04-arm). Ubuntu 26.04 ships glibc 2.43, so rename the built binaries from glibc239 to glibc243. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Currently, ubuntu-26.04 only has py314.
…d process The foreground process installs SIGTERM/SIGHUP/SIGINT handlers (via archiver.run) before it reaches the point where it actually waits for the background (grandchild) process to notify it (via os.kill). If the background process started up and signalled fast enough, the signal was delivered to the foreground while it was still between os.fork() and the waiting code, so the globally installed handler raised at an unexpected, uncaught place. The signal then escaped daemonizing(), bubbled up through repository teardown (NotLocked) and made "borg mount" exit with rc 74. This was observed flaky in CI with coverage's sys.monitoring backend on Python 3.14 (its first-branch lazy source parse widens the window) and the pyfuse3 backend (faster grandchild startup). Fix the race by blocking the notify signals before the fork in _daemonize() and waiting for them atomically in the foreground. An early signal then stays pending and is reliably picked up by the wait. The background process restores the original signal mask so it keeps normal signal handling. Use signal.sigwait() plus a SIGALRM timer (signal.setitimer) for the wait, rather than signal.sigtimedwait(): the latter does not exist on macOS, where it would raise AttributeError in the foreground and let it die before the background migrated the lock (breaking test_migrate_lock_alive). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
signal.SIGALRM does not exist on Windows, so referencing it at module import time raised AttributeError, breaking the import chain (and the Windows PyInstaller build). Guard it with hasattr, matching the defensive getattr pattern already used for the notify signals. Daemonizing is not supported on Windows anyway (no os.fork), so the empty SIGALRM list has no functional effect there. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The archiver fixture's rmtree onerror handler called os.lchflags(path, 0) when has_lchflags was True. But has_lchflags is also True on Linux (flags are cleared via ioctl there), where os.lchflags does not exist, raising an uncaught AttributeError and turning teardown into an ERROR. Use borg's cross-platform platform.set_flags instead. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
ThomasWaldmann
force-pushed
the
argon2-via-openssl32
branch
from
f7e6aae to
7f16bc3
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.