Esempio n. 1
0
/*
 *   Query Device command from Director
 *   Sends Storage Daemon's information on the device to the
 *    caller (presumably the Director).
 *   This command always returns "true" so that the line is
 *    not closed on an error.
 *
 */
bool query_cmd(JCR *jcr)
{
   POOL_MEM dev_name, VolumeName, MediaType, ChangerName;
   BSOCK *dir = jcr->dir_bsock;
   DEVRES *device;
   AUTOCHANGER *changer;
   bool ok;

   Dmsg1(100, "Query_cmd: %s", dir->msg);
   ok = sscanf(dir->msg, query_device, dev_name.c_str()) == 1;
   Dmsg1(100, "<dird: %s", dir->msg);
   if (ok) {
      unbash_spaces(dev_name);
      foreach_res(device, R_DEVICE) {
         /* Find resource, and make sure we were able to open it */
         if (bstrcmp(dev_name.c_str(), device->name())) {
            if (!device->dev) {
               device->dev = init_dev(jcr, device);
            }
            if (!device->dev) {
               break;
            }
            ok = dir_update_device(jcr, device->dev);
            if (ok) {
               ok = dir->fsend(OK_query);
            } else {
               dir->fsend(NO_query);
            }
            return ok;
         }
      }
      foreach_res(changer, R_AUTOCHANGER) {
         /*Find resource, and make sure we were able to open it */
         if (bstrcmp(dev_name.c_str(), changer->name())) {
            if (!changer->device || changer->device->size() == 0) {
               continue;              /* no devices */
            }
            ok = dir_update_changer(jcr, changer);
            if (ok) {
               ok = dir->fsend(OK_query);
            } else {
               dir->fsend(NO_query);
            }
            return ok;
         }
      }
      /* If we get here, the device/autochanger was not found */
      unbash_spaces(dir->msg);
      pm_strcpy(jcr->errmsg, dir->msg);
      dir->fsend(NO_device, dev_name.c_str());
      Dmsg1(100, ">dird: %s", dir->msg);
   } else {
Esempio n. 2
0
/* Check Configuration file for necessary info */
static int check_resources()
{
   bool OK = true;
   bool tls_needed;
   const char *configfile = my_config->get_base_config_path();

   if (GetNextRes(R_STORAGE, (RES *)me) != NULL) {
      Jmsg1(NULL, M_ERROR, 0, _("Only one Storage resource permitted in %s\n"),
         configfile);
      OK = false;
   }

   if (GetNextRes(R_DIRECTOR, NULL) == NULL) {
      Jmsg1(NULL, M_ERROR, 0, _("No Director resource defined in %s. Cannot continue.\n"),
         configfile);
      OK = false;
   }

   if (GetNextRes(R_DEVICE, NULL) == NULL){
      Jmsg1(NULL, M_ERROR, 0, _("No Device resource defined in %s. Cannot continue.\n"),
           configfile);
      OK = false;
   }

   /*
    * Sanity check.
    */
   if (me->MaxConnections < ((2 * me->MaxConcurrentJobs) + 2)) {
      me->MaxConnections = (2 * me->MaxConcurrentJobs) + 2;
   }

   if (!me->messages) {
      me->messages = (MSGSRES *)GetNextRes(R_MSGS, NULL);
      if (!me->messages) {
         Jmsg1(NULL, M_ERROR, 0, _("No Messages resource defined in %s. Cannot continue.\n"),
            configfile);
         OK = false;
      }
   }

   if (!me->working_directory) {
      Jmsg1(NULL, M_ERROR, 0, _("No Working Directory defined in %s. Cannot continue.\n"),
         configfile);
      OK = false;
   }

   STORES *store;
   foreach_res(store, R_STORAGE) {
      /* tls_require implies tls_enable */
      if (store->tls.require) {
         if (have_tls) {
            store->tls.enable = true;
         } else {
            Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bareos.\n"));
            OK = false;
            continue;
         }
      }

      tls_needed = store->tls.enable || store->tls.authenticate;

      if (!store->tls.certfile && tls_needed) {
         Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Storage \"%s\" in %s.\n"),
              store->name(), configfile);
         OK = false;
      }

      if (!store->tls.keyfile && tls_needed) {
         Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Storage \"%s\" in %s.\n"),
              store->name(), configfile);
         OK = false;
      }

      if ((!store->tls.ca_certfile && !store->tls.ca_certdir) && tls_needed && store->tls.verify_peer) {
         Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
              " or \"TLS CA Certificate Dir\" are defined for Storage \"%s\" in %s."
              " At least one CA certificate store is required"
              " when using \"TLS Verify Peer\".\n"),
              store->name(), configfile);
         OK = false;
      }

      /* If everything is well, attempt to initialize our per-resource TLS context */
      if (OK && (tls_needed || store->tls.require)) {
         /* Initialize TLS context:
          * Args: CA certfile, CA certdir, Certfile, Keyfile,
          * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
         store->tls.ctx = new_tls_context(store->tls.ca_certfile,
                                          store->tls.ca_certdir,
                                          store->tls.crlfile,
                                          store->tls.certfile,
                                          store->tls.keyfile,
                                          NULL,
                                          NULL,
                                          store->tls.dhfile,
                                          store->tls.cipherlist,
                                          store->tls.verify_peer);

         if (!store->tls.ctx) {
            Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Storage \"%s\" in %s.\n"),
                 store->name(), configfile);
            OK = false;
         }

         set_tls_enable(store->tls.ctx, tls_needed);
         set_tls_require(store->tls.ctx, store->tls.require);
      }
   }

   DIRRES *director;
   foreach_res(director, R_DIRECTOR) {
      /* tls_require implies tls_enable */
      if (director->tls.require) {
         director->tls.enable = true;
      }

      tls_needed = director->tls.enable || director->tls.authenticate;

      if (!director->tls.certfile && tls_needed) {
         Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Director \"%s\" in %s.\n"),
              director->name(), configfile);
         OK = false;
      }

      if (!director->tls.keyfile && tls_needed) {
         Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Director \"%s\" in %s.\n"),
              director->name(), configfile);
         OK = false;
      }

      if ((!director->tls.ca_certfile && !director->tls.ca_certdir) && tls_needed && director->tls.verify_peer) {
         Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
              " or \"TLS CA Certificate Dir\" are defined for Director \"%s\" in %s."
              " At least one CA certificate store is required"
              " when using \"TLS Verify Peer\".\n"),
              director->name(), configfile);
         OK = false;
      }

      /* If everything is well, attempt to initialize our per-resource TLS context */
      if (OK && (tls_needed || director->tls.require)) {
         /* Initialize TLS context:
          * Args: CA certfile, CA certdir, Certfile, Keyfile,
          * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
         director->tls.ctx = new_tls_context(director->tls.ca_certfile,
                                             director->tls.ca_certdir,
                                             director->tls.crlfile,
                                             director->tls.certfile,
                                             director->tls.keyfile,
                                             NULL,
                                             NULL,
                                             director->tls.dhfile,
                                             director->tls.cipherlist,
                                             director->tls.verify_peer);

         if (!director->tls.ctx) {
            Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Director \"%s\" in %s.\n"),
                 director->name(), configfile);
            OK = false;
         }

         set_tls_enable(director->tls.ctx, tls_needed);
         set_tls_require(director->tls.ctx, director->tls.require);
      }
   }

   DEVRES *device;
   foreach_res(device, R_DEVICE) {
      if (device->drive_crypto_enabled && bit_is_set(CAP_LABEL, device->cap_bits)) {
         Jmsg(NULL, M_FATAL, 0, _("LabelMedia enabled is incompatible with tape crypto on Device \"%s\" in %s.\n"),
              device->name(), configfile);
         OK = false;
      }
   }

   if (OK) {
      OK = init_autochangers();
   }

   if (OK) {
      close_msg(NULL);                   /* close temp message handler */
      init_msg(NULL, me->messages);      /* open daemon message handler */
      set_working_directory(me->working_directory);
      if (me->secure_erase_cmdline) {
         set_secure_erase_cmdline(me->secure_erase_cmdline);
      }
      if (me->log_timestamp_format) {
         set_log_timestamp_format(me->log_timestamp_format);
      }
   }

   return OK;
}