[pbs-devel] [PATCH RESEND proxmox-backup 2/3] backup: check verify state of previous backup before allowing reuse

[Stefan Reiter]

Do not allow clients to reuse chunks from the previous backup if it has
a failed validation result. This would result in a new "successful"
backup that potentially references broken chunks.

If the previous backup has not been verified, assume it is fine and
continue on.

Signed-off-by: Stefan Reiter <s.reiter at proxmox.com>
---

Patch 3 is much more useful with this one applied first, so here it is again
instead of a ping for easy review/application :)

 src/api2/backup.rs | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/api2/backup.rs b/src/api2/backup.rs
index ad608d85..c0b1d985 100644
--- a/src/api2/backup.rs
+++ b/src/api2/backup.rs
@@ -652,6 +652,19 @@ fn download_previous(
             None => bail!("no previous backup"),
         };
 
+        let (manifest, _) = env.datastore.load_manifest(&last_backup.backup_dir)?;
+        let verify = manifest.unprotected["verify_state"].clone();
+        match serde_json::from_value::<SnapshotVerifyState>(verify) {
+            Ok(verify) => {
+                if verify.state != "ok" {
+                    bail!("previous backup has failed verification");
+                }
+            },
+            Err(_) => {
+                // no verify state found, ignore and treat as valid
+            }
+        };
+
         let mut path = env.datastore.snapshot_path(&last_backup.backup_dir);
         path.push(&archive_name);
 
-- 
2.20.1