| 206 | self.save(manifest, key) |
| 207 | |
| 208 | def assert_access_unknown(self, warn_if_unencrypted, manifest, key): |
| 209 | # warn_if_unencrypted=False is only used for initializing a new repository. |
| 210 | # Thus, avoiding asking about a repository that's currently initializing. |
| 211 | if not key.logically_encrypted and not self.known(): |
| 212 | msg = ( |
| 213 | "Warning: Attempting to access a previously unknown unencrypted repository!\n" |
| 214 | + "Do you want to continue? [yN] " |
| 215 | ) |
| 216 | allow_access = not warn_if_unencrypted or yes( |
| 217 | msg, |
| 218 | false_msg="Aborting.", |
| 219 | invalid_msg="Invalid answer, aborting.", |
| 220 | retry=False, |
| 221 | env_var_override="BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK", |
| 222 | ) |
| 223 | if allow_access: |
| 224 | if warn_if_unencrypted: |
| 225 | logger.debug("security: remembering unknown unencrypted repository (explicitly allowed)") |
| 226 | else: |
| 227 | logger.debug("security: initializing unencrypted repository") |
| 228 | self.save(manifest, key) |
| 229 | else: |
| 230 | raise Cache.CacheInitAbortedError() |
| 231 | |
| 232 | |
| 233 | def assert_secure(repository, manifest): |