Permalink
Browse files

Adding encryption to sync

  • Loading branch information...
1 parent ac6e14a commit acf3f513712b99e50fbe90d06191fdb36102ce03 @firstclown committed Nov 15, 2011
Showing with 18 additions and 10 deletions.
  1. +11 −0 S3/FileLists.py
  2. +7 −10 s3cmd
View
@@ -5,6 +5,7 @@
from S3 import S3
from Config import Config
+from MetaData import MetaData
from S3Uri import S3Uri
from SortedDict import SortedDict
from Utils import *
@@ -282,6 +283,7 @@ def __direction_str(is_remote):
debug("src_list.keys: %s" % src_list.keys())
debug("dst_list.keys: %s" % dst_list.keys())
+ metadata = MetaData()
for file in src_list.keys():
debug(u"CHECK: %s" % file)
if dst_list.has_key(file):
@@ -312,6 +314,10 @@ def __direction_str(is_remote):
elif src_remote == True and dst_remote == True:
src_md5 = src_list[file]['md5']
dst_md5 = dst_list[file]['md5']
+ if src_remote == True and cfg.encrypt:
+ src_md5 = metadata.metadata['md5_trans'][src_md5]
+ if dst_remote == True and cfg.encrypt:
+ dst_md5 = metadata.metadata['md5_trans'][dst_md5]
except (IOError,OSError), e:
# MD5 sum verification failed - ignore that file altogether
debug(u"IGNR: %s (disappeared)" % (file))
@@ -323,6 +329,11 @@ def __direction_str(is_remote):
if src_md5 != dst_md5:
## Checksums are different.
attribs_match = False
+ ## If encrypt, remove all matching keys from the metadata file
+ if cfg.encrypt and src_md5 in metadata.metadata['md5_trans']:
+ del(metadata.metadata['md5_trans'][src_md5])
+ if cfg.encrypt and dst_md5 in metadata.metadata['md5_trans']:
+ del(metadata.metadata['md5_trans'][dst_md5])
debug(u"XFER: %s (md5 mismatch: src=%s dst=%s)" % (file, src_md5, dst_md5))
if attribs_match:
View
17 s3cmd
@@ -749,6 +749,9 @@ def cmd_sync_remote2local(args):
dst_stream = open(dst_file, "wb")
response = s3.object_get(uri, dst_stream, extra_label = seq_label)
dst_stream.close()
+ if response["headers"].has_key("x-amz-meta-s3tools-gpgenc"):
+ gpg_decrypt(destination, response["headers"]["x-amz-meta-s3tools-gpgenc"])
+ response["size"] = os.stat(destination)[6]
if response['headers'].has_key('x-amz-meta-s3cmd-attrs') and cfg.preserve_attrs:
attrs = _parse_attrs_header(response['headers']['x-amz-meta-s3cmd-attrs'])
if attrs.has_key('mode'):
@@ -840,12 +843,6 @@ def cmd_sync_local2remote(args):
s3 = S3(cfg)
- if cfg.encrypt:
- error(u"S3cmd 'sync' doesn't yet support GPG encryption, sorry.")
- error(u"Either use unconditional 's3cmd put --recursive'")
- error(u"or disable encryption with --no-encrypt parameter.")
- sys.exit(1)
-
## Normalize URI to convert s3://bkt to s3://bkt/ (trailing slash)
destination_base_uri = S3Uri(args[-1])
if destination_base_uri.type != 's3':
@@ -1645,10 +1642,6 @@ def main():
if options.check_md5 == True and cfg.sync_checks.count("md5") == 0:
cfg.sync_checks.append("md5")
- ## if encrypt, can't really check size on sync
- if cfg.encrypt:
- cfg.sync_checks.remove("size")
-
## Update Config with other parameters
for option in cfg.option_list():
try:
@@ -1659,6 +1652,10 @@ def main():
## Some Config() options are not settable from command line
pass
+ ## if encrypt, can't really check size on sync
+ if cfg.encrypt:
+ cfg.sync_checks.remove("size")
+
## Special handling for tri-state options (True, False, None)
cfg.update_option("enable", options.enable)
cfg.update_option("acl_public", options.acl_public)

0 comments on commit acf3f51

Please sign in to comment.