prevent the empty string as password

backup.py would default to using the empty string as password
which would cause a crypto context to be created even without
encryption being required.

Use ``None`` instead to indicate absence of a user-supplied
password.

diff --git a/backup.py b/backup.py
index aa84348..dc756fb 100644 (file)
--- a/backup.py
+++ b/backup.py
@@ -85,7 +85,7 @@ if __name__ == "__main__":
                             """)
     parser.add_argument("-t", "--targetpath", help="Target path directory.")
     parser.add_argument("-s", "--sourcepath", help="Source path directory.")
-    parser.add_argument("-p", "--password", default='',
+    parser.add_argument("-p", "--password", default=None,
                         help="Password for symmetric encryption.")
     parser.add_argument("-v", "--volsize", default=None,
                         help="Maximum volume size, in megabytes.")

diff --git a/deltatar/crypto.py b/deltatar/crypto.py
index 9fdbef0..3b174d1 100755 (executable)
--- a/deltatar/crypto.py
+++ b/deltatar/crypto.py
@@ -426,6 +426,8 @@ class Encrypt (Crypto):
 
     def __init__ (self, password, paramversion, nacl=None,
                   counter=AES_GCM_IV_CNT_DATA):
+        if len (password) == 0:
+            raise Exception ("XXX refusing to encrypt with empty password")
         self.pfx = [ ]
         self.paramversion = paramversion
         defs = ENCRYPTION_PARAMETERS.get(self.paramversion)