fix tarfile crypto parameter passing

Remove obsolete parameters like “password” that are no longer
meaningful after moving the creation of the crypto context
outside of tarfile.py.

Also, check test the presence of encryption attributes before
accessing them to avoid conflicts with zlib streams. (Kludgy, but
not avoidable without a larger changes due to the possibility of
“fileobj” being anything, including things that don’t satisfy all
the interfaces that “_Stream” provides.

diff --git a/deltatar/tarfile.py b/deltatar/tarfile.py
index 400fc6e..bf1f03a 100644 (file)
--- a/deltatar/tarfile.py
+++ b/deltatar/tarfile.py
@@ -418,8 +418,7 @@ class _Stream:
     remainder = -1 # track size in encrypted entries
 
     def __init__(self, name, mode, comptype, fileobj, bufsize,
-                 concat_stream=False,
-                 encryption=None, enccounter=None,
+                 concat_stream=False, encryption=None, enccounter=None,
                  compresslevel=9):
         """Construct a _Stream object.
         """
@@ -456,8 +455,6 @@ class _Stream:
         self.encryption = encryption
         self.lasthdr    = None
 
-        enccounter = enccounter or crypto.AES_GCM_IV_CNT_DATA
-
         try:
             if comptype == "gz":
                 try:
@@ -1829,8 +1826,6 @@ class TarFile(object):
     concat_compression = False  # Used to separate in different zip members each
                                 # file, used for robustness.
 
-    password = ''               # Used for aes encryption
-
     save_to_members = True      # If new members are saved. This can be disabled
                                 # if you manage lots of files and don't want
                                 # to have high memory usage
@@ -1842,7 +1837,7 @@ class TarFile(object):
             tarinfo=None, dereference=None, ignore_zeros=None, encoding=None,
             errors="surrogateescape", pax_headers=None, debug=None,
             errorlevel=None, max_volume_size=None, new_volume_handler=None,
-            concat_compression=False, password='', nacl=None,
+            concat_compression=False, nacl=None,
             save_to_members=True):
         """Open an (uncompressed) tar archive `name'. `mode' is either 'r' to
            read from an existing archive, 'a' to append data to an existing
@@ -1856,7 +1851,6 @@ class TarFile(object):
             raise ValueError("mode must be 'r', 'a' or 'w'")
         self.mode = mode
         self.concat_compression = concat_compression
-        self.password = password
         self.nacl = nacl
         self._mode = {"r": "rb", "a": "r+b", "w": "wb"}[mode]
 
@@ -2063,7 +2057,6 @@ class TarFile(object):
         elif "#" in mode:
             filemode, comptype = mode.split("#", 1)
             filemode = filemode or "r"
-            password = ''
 
             if filemode not in "rw":
                 raise ValueError("mode must be 'r' or 'w'")
@@ -2474,8 +2467,9 @@ class TarFile(object):
 
         tarinfo = copy.copy(tarinfo)
 
-        self.fileobj._finalize_write_encrypt ()
-        self.fileobj._init_write_encrypt (tarinfo.name)
+        if getattr (self.fileobj, "encryption", None) is not None:
+            self.fileobj._finalize_write_encrypt ()
+            self.fileobj._init_write_encrypt (tarinfo.name)
 
         if self.concat_compression:
             self.fileobj.new_compression_block()
@@ -2532,7 +2526,8 @@ class TarFile(object):
                 # Only finalize the crypto entry here if we’re continuing with
                 # another one; otherwise, the encryption must include the block
                 # padding below.
-                self.fileobj._finalize_write_encrypt ()
+                if getattr (self.fileobj, "encryption", None) is not None:
+                    self.fileobj._finalize_write_encrypt ()
 
                 tarinfo.type = GNUTYPE_MULTIVOL
 
@@ -2556,7 +2551,8 @@ class TarFile(object):
 
                 self.volume_tarinfo = None
 
-                self.fileobj._init_write_encrypt (tarinfo.name)
+                if getattr (self.fileobj, "encryption", None) is not None:
+                    self.fileobj._init_write_encrypt (tarinfo.name)
 
                 # write new volume header
                 buf = tarinfo.tobuf(self.format, self.encoding, self.errors)
@@ -2598,8 +2594,7 @@ class TarFile(object):
                             comptype=self.fileobj.comptype,
                             fileobj=None,
                             bufsize=self.fileobj.bufsize,
-                            password=self.fileobj.password,
-                            encver=self.fileobj.encver,
+                            encryption=self.encryption,
                             concat_stream=self.fileobj.concat_stream)
             else:
                 # here, we lose information about compression/encryption!