/*
* Append Data sent from File daemon
*
*/
bool do_append_data(JCR *jcr)
{
int32_t n;
int32_t file_index, stream, last_file_index;
BSOCK *fd = jcr->file_bsock;
bool ok = true;
DEV_RECORD rec;
char buf1[100], buf2[100];
DCR *dcr = jcr->dcr;
DEVICE *dev;
char ec[50];
if (!dcr) {
Jmsg0(jcr, M_FATAL, 0, _("DCR is NULL!!!\n"));
return false;
}
dev = dcr->dev;
if (!dev) {
Jmsg0(jcr, M_FATAL, 0, _("DEVICE is NULL!!!\n"));
return false;
}
Dmsg1(100, "Start append data. res=%d\n", dev->num_reserved());
memset(&rec, 0, sizeof(rec));
if (!fd->set_buffer_size(dcr->device->max_network_buffer_size, BNET_SETBUF_WRITE)) {
jcr->setJobStatus(JS_ErrorTerminated);
Jmsg0(jcr, M_FATAL, 0, _("Unable to set network buffer size.\n"));
return false;
}
if (!acquire_device_for_append(dcr)) {
jcr->setJobStatus(JS_ErrorTerminated);
return false;
}
jcr->setJobStatus(JS_Running);
dir_send_job_status(jcr);
if (dev->VolCatInfo.VolCatName[0] == 0) {
Pmsg0(000, _("NULL Volume name. This shouldn't happen!!!\n"));
}
Dmsg1(50, "Begin append device=%s\n", dev->print_name());
begin_data_spool(dcr);
begin_attribute_spool(jcr);
Dmsg0(100, "Just after acquire_device_for_append\n");
if (dev->VolCatInfo.VolCatName[0] == 0) {
Pmsg0(000, _("NULL Volume name. This shouldn't happen!!!\n"));
}
/*
* Write Begin Session Record
*/
if (!write_session_label(dcr, SOS_LABEL)) {
Jmsg1(jcr, M_FATAL, 0, _("Write session label failed. ERR=%s\n"),
dev->bstrerror());
jcr->setJobStatus(JS_ErrorTerminated);
ok = false;
}
if (dev->VolCatInfo.VolCatName[0] == 0) {
Pmsg0(000, _("NULL Volume name. This shouldn't happen!!!\n"));
}
/* Tell File daemon to send data */
if (!fd->fsend(OK_data)) {
berrno be;
Jmsg1(jcr, M_FATAL, 0, _("Network send error to FD. ERR=%s\n"),
be.bstrerror(fd->b_errno));
ok = false;
}
/*
* Get Data from File daemon, write to device. To clarify what is
* going on here. We expect:
* - A stream header
* - Multiple records of data
* - EOD record
*
* The Stream header is just used to sychronize things, and
* none of the stream header is written to tape.
* The Multiple records of data, contain first the Attributes,
* then after another stream header, the file data, then
* after another stream header, the MD5 data if any.
*
* So we get the (stream header, data, EOD) three time for each
* file. 1. for the Attributes, 2. for the file data if any,
* and 3. for the MD5 if any.
*/
dcr->VolFirstIndex = dcr->VolLastIndex = 0;
jcr->run_time = time(NULL); /* start counting time for rates */
for (last_file_index = 0; ok && !jcr->is_job_canceled(); ) {
/* Read Stream header from the File daemon.
* The stream header consists of the following:
* file_index (sequential Bacula file index, base 1)
* stream (Bacula number to distinguish parts of data)
* info (Info for Storage daemon -- compressed, encrypted, ...)
* info is not currently used, so is read, but ignored!
*/
if ((n=bget_msg(fd)) <= 0) {
if (n == BNET_SIGNAL && fd->msglen == BNET_EOD) {
break; /* end of data */
}
Jmsg1(jcr, M_FATAL, 0, _("Error reading data header from FD. ERR=%s\n"),
fd->bstrerror());
possible_incomplete_job(jcr, last_file_index);
ok = false;
break;
}
if (sscanf(fd->msg, "%ld %ld", &file_index, &stream) != 2) {
Jmsg1(jcr, M_FATAL, 0, _("Malformed data header from FD: %s\n"), fd->msg);
ok = false;
possible_incomplete_job(jcr, last_file_index);
break;
}
Dmsg2(890, "<filed: Header FilInx=%d stream=%d\n", file_index, stream);
/*
* We make sure the file_index is advancing sequentially.
* An incomplete job can start the file_index at any number.
* otherwise, it must start at 1.
*/
if (jcr->rerunning && file_index > 0 && last_file_index == 0) {
goto fi_checked;
}
if (file_index > 0 && (file_index == last_file_index ||
file_index == last_file_index + 1)) {
goto fi_checked;
}
Jmsg2(jcr, M_FATAL, 0, _("FI=%d from FD not positive or sequential=%d\n"),
file_index, last_file_index);
possible_incomplete_job(jcr, last_file_index);
ok = false;
break;
fi_checked:
if (file_index != last_file_index) {
jcr->JobFiles = file_index;
last_file_index = file_index;
}
/* Read data stream from the File daemon.
* The data stream is just raw bytes
*/
while ((n=bget_msg(fd)) > 0 && !jcr->is_job_canceled()) {
rec.VolSessionId = jcr->VolSessionId;
rec.VolSessionTime = jcr->VolSessionTime;
rec.FileIndex = file_index;
rec.Stream = stream;
rec.maskedStream = stream & STREAMMASK_TYPE; /* strip high bits */
rec.data_len = fd->msglen;
rec.data = fd->msg; /* use message buffer */
Dmsg4(850, "before writ_rec FI=%d SessId=%d Strm=%s len=%d\n",
rec.FileIndex, rec.VolSessionId,
stream_to_ascii(buf1, rec.Stream,rec.FileIndex),
rec.data_len);
while (!write_record_to_block(dcr->block, &rec)) {
Dmsg2(850, "!write_record_to_block data_len=%d rem=%d\n", rec.data_len,
rec.remainder);
if (!write_block_to_device(dcr)) {
Dmsg2(90, "Got write_block_to_dev error on device %s. %s\n",
dev->print_name(), dev->bstrerror());
ok = false;
break;
}
}
if (!ok) {
Dmsg0(400, "Not OK\n");
break;
}
jcr->JobBytes += rec.data_len; /* increment bytes this job */
Dmsg4(850, "write_record FI=%s SessId=%d Strm=%s len=%d\n",
FI_to_ascii(buf1, rec.FileIndex), rec.VolSessionId,
stream_to_ascii(buf2, rec.Stream, rec.FileIndex), rec.data_len);
send_attrs_to_dir(jcr, &rec);
Dmsg0(650, "Enter bnet_get\n");
}
Dmsg1(650, "End read loop with FD. Stat=%d\n", n);
if (fd->is_error()) {
if (!jcr->is_job_canceled()) {
Dmsg1(350, "Network read error from FD. ERR=%s\n", fd->bstrerror());
Jmsg1(jcr, M_FATAL, 0, _("Network error reading from FD. ERR=%s\n"),
fd->bstrerror());
possible_incomplete_job(jcr, last_file_index);
}
ok = false;
break;
}
}
/* Create Job status for end of session label */
jcr->setJobStatus(ok?JS_Terminated:JS_ErrorTerminated);
if (ok) {
/* Terminate connection with FD */
fd->fsend(OK_append);
do_fd_commands(jcr); /* finish dialog with FD */
} else {
fd->fsend("3999 Failed append\n");
}
/*
* Don't use time_t for job_elapsed as time_t can be 32 or 64 bits,
* and the subsequent Jmsg() editing will break
*/
int32_t job_elapsed = time(NULL) - jcr->run_time;
if (job_elapsed <= 0) {
job_elapsed = 1;
}
Jmsg(dcr->jcr, M_INFO, 0, _("Job write elapsed time = %02d:%02d:%02d, Transfer rate = %s Bytes/second\n"),
job_elapsed / 3600, job_elapsed % 3600 / 60, job_elapsed % 60,
edit_uint64_with_suffix(jcr->JobBytes / job_elapsed, ec));
Dmsg1(200, "Write EOS label JobStatus=%c\n", jcr->JobStatus);
/*
* Check if we can still write. This may not be the case
* if we are at the end of the tape or we got a fatal I/O error.
*/
if (ok || dev->can_write()) {
if (!write_session_label(dcr, EOS_LABEL)) {
/* Print only if ok and not cancelled to avoid spurious messages */
if (ok && !jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Error writing end session label. ERR=%s\n"),
dev->bstrerror());
possible_incomplete_job(jcr, last_file_index);
}
jcr->setJobStatus(JS_ErrorTerminated);
ok = false;
}
if (dev->VolCatInfo.VolCatName[0] == 0) {
Pmsg0(000, _("NULL Volume name. This shouldn't happen!!!\n"));
Dmsg0(000, _("NULL Volume name. This shouldn't happen!!!\n"));
}
Dmsg0(90, "back from write_end_session_label()\n");
/* Flush out final partial block of this session */
if (!write_block_to_device(dcr)) {
/* Print only if ok and not cancelled to avoid spurious messages */
if (ok && !jcr->is_job_canceled()) {
Jmsg2(jcr, M_FATAL, 0, _("Fatal append error on device %s: ERR=%s\n"),
dev->print_name(), dev->bstrerror());
Dmsg0(100, _("Set ok=FALSE after write_block_to_device.\n"));
possible_incomplete_job(jcr, last_file_index);
}
jcr->setJobStatus(JS_ErrorTerminated);
ok = false;
}
}
if (!ok && !jcr->is_JobStatus(JS_Incomplete)) {
discard_data_spool(dcr);
} else {
/* Note: if commit is OK, the device will remain blocked */
commit_data_spool(dcr);
}
if (ok) {
ok = dvd_close_job(dcr); /* do DVD cleanup if any */
}
/*
* Release the device -- and send final Vol info to DIR
* and unlock it.
*/
release_device(dcr);
if ((!ok || jcr->is_job_canceled()) && !jcr->is_JobStatus(JS_Incomplete)) {
discard_attribute_spool(jcr);
} else {
commit_attribute_spool(jcr);
}
dir_send_job_status(jcr); /* update director */
Dmsg1(100, "return from do_append_data() ok=%d\n", ok);
return ok;
}
/*
* Called here for each record from read_records()
*
* Returns: true if OK
* false if error
*/
static bool record_cb(DCR *dcr, DEV_RECORD *rec)
{
JCR *jcr = dcr->jcr;
BSOCK *fd = jcr->file_bsock;
bool ok = true;
POOLMEM *save_msg;
char ec1[50], ec2[50];
if (rec->FileIndex < 0) {
return true;
}
Dmsg5(400, "Send to FD: SessId=%u SessTim=%u FI=%s Strm=%s, len=%d\n",
rec->VolSessionId, rec->VolSessionTime,
FI_to_ascii(ec1, rec->FileIndex),
stream_to_ascii(ec2, rec->Stream, rec->FileIndex),
rec->data_len);
/*
* Send record header to File daemon
*/
if (!fd->fsend(rec_header, rec->VolSessionId, rec->VolSessionTime,
rec->FileIndex, rec->Stream, rec->data_len)) {
Pmsg1(000, _(">filed: Error Hdr=%s"), fd->msg);
Jmsg1(jcr, M_FATAL, 0, _("Error sending to File daemon. ERR=%s\n"),
fd->bstrerror());
return false;
} else {
Dmsg1(400, ">filed: Hdr=%s", fd->msg);
}
/*
* Send data record to File daemon
*/
save_msg = fd->msg; /* save fd message pointer */
fd->msg = rec->data; /* pass data directly to the FD */
fd->msglen = rec->data_len;
Dmsg1(400, ">filed: send %d bytes data.\n", fd->msglen);
if (!fd->send()) {
Pmsg1(000, _("Error sending to FD. ERR=%s\n"), fd->bstrerror());
Jmsg1(jcr, M_FATAL, 0, _("Error sending to File daemon. ERR=%s\n"),
fd->bstrerror());
ok = false;
}
fd->msg = save_msg; /* restore fd message pointer */
return ok;
}
/**
* After writing a Volume, create the JobMedia record.
*/
bool SD_DCR::dir_create_jobmedia_record(bool zero)
{
BSOCK *dir = jcr->dir_bsock;
char ed1[50];
/*
* If system job, do not update catalog
*/
if (jcr->is_JobType(JT_SYSTEM)) {
return true;
}
/*
* Throw out records where FI is zero -- i.e. nothing done
*/
if (!zero && VolFirstIndex == 0 &&
(StartBlock != 0 || EndBlock != 0)) {
Dmsg0(dbglvl, "JobMedia FI=0 StartBlock!=0 record suppressed\n");
return true;
}
if (!WroteVol) {
return true; /* nothing written to tape */
}
WroteVol = false;
if (zero) {
/*
* Send dummy place holder to avoid purging
*/
dir->fsend(Create_job_media, jcr->Job,
0 , 0, 0, 0, 0, 0, 0, 0, edit_uint64(VolMediaId, ed1));
} else {
dir->fsend(Create_job_media, jcr->Job,
VolFirstIndex, VolLastIndex,
StartFile, EndFile,
StartBlock, EndBlock,
Copy, Stripe,
edit_uint64(VolMediaId, ed1));
}
Dmsg1(dbglvl, ">dird %s", dir->msg);
if (dir->recv() <= 0) {
Dmsg0(dbglvl, "create_jobmedia error bnet_recv\n");
Jmsg(jcr, M_FATAL, 0, _("Error creating JobMedia record: ERR=%s\n"),
dir->bstrerror());
return false;
}
Dmsg1(dbglvl, "<dird %s", dir->msg);
if (!bstrcmp(dir->msg, OK_create)) {
Dmsg1(dbglvl, "Bad response from Dir: %s\n", dir->msg);
Jmsg(jcr, M_FATAL, 0, _("Error creating JobMedia record: %s\n"), dir->msg);
return false;
}
return true;
}
/*
* Authenticate Director
*/
bool BSOCK::authenticate_with_director(JCR *jcr,
const char *name, s_password &password, tls_t &tls,
char *response, int response_len)
{
char bashed_name[MAX_NAME_LENGTH];
BSOCK *dir = this; /* for readability */
response[0] = 0;
/*
* Send my name to the Director then do authentication
*/
bstrncpy(bashed_name, name, sizeof(bashed_name));
bash_spaces(bashed_name);
/*
* Timeout Hello after 5 mins
*/
dir->start_timer(60 * 5);
dir->fsend(hello, bashed_name);
if (!authenticate_outbound_connection(jcr, "Director", name, password, tls)) {
goto bail_out;
}
Dmsg1(6, ">dird: %s", dir->msg);
if (dir->recv() <= 0) {
dir->stop_timer();
bsnprintf(response, response_len, _("Bad response to Hello command: ERR=%s\n"
"The Director at \"%s:%d\" is probably not running.\n"),
dir->bstrerror(), dir->host(), dir->port());
return false;
}
dir->stop_timer();
Dmsg1(10, "<dird: %s", dir->msg);
if (!bstrncmp(dir->msg, OKhello, sizeof(OKhello) - 1)) {
bsnprintf(response, response_len, _("Director at \"%s:%d\" rejected Hello command\n"),
dir->host(), dir->port());
return false;
} else {
bsnprintf(response, response_len, "%s", dir->msg);
}
return true;
bail_out:
dir->stop_timer();
bsnprintf(response, response_len, _("Authorization problem with Director at \"%s:%d\"\n"
"Most likely the passwords do not agree.\n"
"If you are using TLS, there may have been a certificate "
"validation error during the TLS handshake.\n"
"Please see %s for help.\n"),
dir->host(), dir->port(), MANUAL_AUTH_URL);
return false;
}
/*
* Authenticate File daemon connection
*/
int authenticate_file_daemon(JCR *jcr, MONITOR *monitor, CLIENT* client)
{
BSOCK *fd = jcr->file_bsock;
char dirname[MAX_NAME_LENGTH];
int tls_local_need = BNET_TLS_NONE;
int tls_remote_need = BNET_TLS_NONE;
int compatible = true;
/*
* Send my name to the File daemon then do authentication
*/
bstrncpy(dirname, monitor->hdr.name, sizeof(dirname));
bash_spaces(dirname);
/* Timeout Hello after 5 mins */
btimer_t *tid = start_bsock_timer(fd, 60 * 5);
if (!fd->fsend(SDFDhello, dirname)) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to File daemon. ERR=%s\n"), fd->bstrerror());
return 0;
}
if (!cram_md5_respond(fd, client->password, &tls_remote_need, &compatible) ||
!cram_md5_challenge(fd, client->password, tls_local_need, compatible)) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("Director and File daemon passwords or names not the same.\n"
"Please see " MANUAL_AUTH_URL " for help.\n"));
return 0;
}
Dmsg1(116, ">filed: %s", fd->msg);
if (fd->recv() <= 0) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("Bad response from File daemon to Hello command: ERR=%s\n"),
fd->bstrerror());
return 0;
}
Dmsg1(110, "<stored: %s", fd->msg);
stop_bsock_timer(tid);
if (strncmp(fd->msg, FDOKhello, sizeof(FDOKhello)-1) != 0) {
Jmsg(jcr, M_FATAL, 0, _("File daemon rejected Hello command\n"));
return 0;
}
return 1;
}
/*
* Authenticate Director
*/
static int authenticate_director(JCR *jcr)
{
const MONITORRES *monitor = MonitorItemThread::instance()->getMonitor();
BSOCK *dir = jcr->dir_bsock;
int tls_local_need = BNET_TLS_NONE;
int tls_remote_need = BNET_TLS_NONE;
bool compatible = true;
char bashed_name[MAX_NAME_LENGTH];
char *password;
bstrncpy(bashed_name, monitor->hdr.name, sizeof(bashed_name));
bash_spaces(bashed_name);
password = monitor->password;
/* Timeout Hello after 5 mins */
btimer_t *tid = start_bsock_timer(dir, 60 * 5);
dir->fsend(DIRhello, bashed_name);
if (!cram_md5_respond(dir, password, &tls_remote_need, &compatible) ||
!cram_md5_challenge(dir, password, tls_local_need, compatible)) {
stop_bsock_timer(tid);
Jmsg1(jcr, M_FATAL, 0, _("Director authorization problem.\n"
"Most likely the passwords do not agree.\n"
"Please see %s for help.\n"), MANUAL_AUTH_URL);
return 0;
}
Dmsg1(6, ">dird: %s", dir->msg);
if (dir->recv() <= 0) {
stop_bsock_timer(tid);
Jmsg1(jcr, M_FATAL, 0, _("Bad response to Hello command: ERR=%s\n"),
dir->bstrerror());
return 0;
}
Dmsg1(10, "<dird: %s", dir->msg);
stop_bsock_timer(tid);
if (strncmp(dir->msg, DIROKhello, sizeof(DIROKhello)-1) != 0) {
Jmsg0(jcr, M_FATAL, 0, _("Director rejected Hello command\n"));
return 0;
} else {
Jmsg0(jcr, M_INFO, 0, dir->msg);
}
return 1;
}
/*
* Authenticate Storage daemon connection
*/
static int authenticate_storage_daemon(JCR *jcr, STORERES* store)
{
const MONITORRES *monitor = MonitorItemThread::instance()->getMonitor();
BSOCK *sd = jcr->store_bsock;
char dirname[MAX_NAME_LENGTH];
int tls_local_need = BNET_TLS_NONE;
int tls_remote_need = BNET_TLS_NONE;
bool compatible = true;
/*
* Send my name to the Storage daemon then do authentication
*/
bstrncpy(dirname, monitor->hdr.name, sizeof(dirname));
bash_spaces(dirname);
/* Timeout Hello after 5 mins */
btimer_t *tid = start_bsock_timer(sd, 60 * 5);
if (!sd->fsend(SDFDhello, dirname)) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to Storage daemon. ERR=%s\n"), bnet_strerror(sd));
return 0;
}
if (!cram_md5_respond(sd, store->password, &tls_remote_need, &compatible) ||
!cram_md5_challenge(sd, store->password, tls_local_need, compatible)) {
stop_bsock_timer(tid);
Jmsg0(jcr, M_FATAL, 0, _("Director and Storage daemon passwords or names not the same.\n"
"Please see " MANUAL_AUTH_URL " for help.\n"));
return 0;
}
Dmsg1(116, ">stored: %s", sd->msg);
if (sd->recv() <= 0) {
stop_bsock_timer(tid);
Jmsg1(jcr, M_FATAL, 0, _("bdird<stored: bad response to Hello command: ERR=%s\n"),
sd->bstrerror());
return 0;
}
Dmsg1(110, "<stored: %s", sd->msg);
stop_bsock_timer(tid);
if (strncmp(sd->msg, SDOKhello, sizeof(SDOKhello)) != 0) {
Jmsg0(jcr, M_FATAL, 0, _("Storage daemon rejected Hello command\n"));
return 0;
}
return 1;
}
/* Send attributes and digest to Director for Catalog */
bool send_attrs_to_dir(JCR *jcr, DEV_RECORD *rec)
{
if (rec->maskedStream == STREAM_UNIX_ATTRIBUTES ||
rec->maskedStream == STREAM_UNIX_ATTRIBUTES_EX ||
rec->maskedStream == STREAM_RESTORE_OBJECT ||
crypto_digest_stream_type(rec->maskedStream) != CRYPTO_DIGEST_NONE) {
if (!jcr->no_attributes) {
BSOCK *dir = jcr->dir_bsock;
if (are_attributes_spooled(jcr)) {
dir->set_spooling();
}
Dmsg0(850, "Send attributes to dir.\n");
if (!dir_update_file_attributes(jcr->dcr, rec)) {
Jmsg(jcr, M_FATAL, 0, _("Error updating file attributes. ERR=%s\n"),
dir->bstrerror());
dir->clear_spooling();
return false;
}
dir->clear_spooling();
}
}
return true;
}
/*
* Here we wait for the File daemon to signal termination,
* then we wait for the Storage daemon. When both
* are done, we return the job status.
* Also used by restore.c
*/
int wait_for_job_termination(JCR *jcr, int timeout)
{
int32_t n = 0;
BSOCK *fd = jcr->file_bsock;
bool fd_ok = false;
uint32_t JobFiles, JobErrors;
uint32_t JobWarnings = 0;
uint64_t ReadBytes = 0;
uint64_t JobBytes = 0;
int VSS = 0;
int Encrypt = 0;
btimer_t *tid=NULL;
set_jcr_job_status(jcr, JS_Running);
if (fd) {
if (timeout) {
tid = start_bsock_timer(fd, timeout); /* TODO: New timeout directive??? */
}
/* Wait for Client to terminate */
while ((n = bget_dirmsg(fd)) >= 0) {
if (!fd_ok &&
(sscanf(fd->msg, EndJob, &jcr->FDJobStatus, &JobFiles,
&ReadBytes, &JobBytes, &JobErrors, &VSS, &Encrypt) == 7 ||
sscanf(fd->msg, OldEndJob, &jcr->FDJobStatus, &JobFiles,
&ReadBytes, &JobBytes, &JobErrors) == 5)) {
fd_ok = true;
set_jcr_job_status(jcr, jcr->FDJobStatus);
Dmsg1(100, "FDStatus=%c\n", (char)jcr->JobStatus);
} else {
Jmsg(jcr, M_WARNING, 0, _("Unexpected Client Job message: %s\n"),
fd->msg);
}
if (job_canceled(jcr)) {
break;
}
}
if (tid) {
stop_bsock_timer(tid);
}
if (is_bnet_error(fd)) {
Jmsg(jcr, M_FATAL, 0, _("Network error with FD during %s: ERR=%s\n"),
job_type_to_str(jcr->get_JobType()), fd->bstrerror());
}
fd->signal(BNET_TERMINATE); /* tell Client we are terminating */
}
/* Force cancel in SD if failing */
if (job_canceled(jcr) || !fd_ok) {
cancel_storage_daemon_job(jcr);
}
/* Note, the SD stores in jcr->JobFiles/ReadBytes/JobBytes/JobErrors */
wait_for_storage_daemon_termination(jcr);
/* Return values from FD */
if (fd_ok) {
jcr->JobFiles = JobFiles;
jcr->JobErrors += JobErrors; /* Keep total errors */
jcr->ReadBytes = ReadBytes;
jcr->JobBytes = JobBytes;
jcr->JobWarnings = JobWarnings;
jcr->VSS = VSS;
jcr->Encrypt = Encrypt;
} else {
Jmsg(jcr, M_FATAL, 0, _("No Job status returned from FD.\n"));
}
// Dmsg4(100, "fd_ok=%d FDJS=%d JS=%d SDJS=%d\n", fd_ok, jcr->FDJobStatus,
// jcr->JobStatus, jcr->SDJobStatus);
/* Return the first error status we find Dir, FD, or SD */
if (!fd_ok || is_bnet_error(fd)) { /* if fd not set, that use !fd_ok */
jcr->FDJobStatus = JS_ErrorTerminated;
}
if (jcr->JobStatus != JS_Terminated) {
return jcr->JobStatus;
}
if (jcr->FDJobStatus != JS_Terminated) {
return jcr->FDJobStatus;
}
return jcr->SDJobStatus;
}
/*
* Authenticate Director
*/
int authenticate_director(JCR *jcr, DIRRES *director, CONRES *cons)
{
BSOCK *dir = jcr->dir_bsock;
int tls_local_need = BNET_TLS_NONE;
int tls_remote_need = BNET_TLS_NONE;
bool tls_authenticate;
int compatible = true;
char bashed_name[MAX_NAME_LENGTH];
char *password;
TLS_CONTEXT *tls_ctx = NULL;
/*
* Send my name to the Director then do authentication
*/
if (cons) {
bstrncpy(bashed_name, cons->hdr.name, sizeof(bashed_name));
bash_spaces(bashed_name);
password = cons->password;
/* TLS Requirement */
if (cons->tls_enable) {
if (cons->tls_require) {
tls_local_need = BNET_TLS_REQUIRED;
} else {
tls_local_need = BNET_TLS_OK;
}
}
if (cons->tls_authenticate) {
tls_local_need = BNET_TLS_REQUIRED;
}
tls_authenticate = cons->tls_authenticate;
tls_ctx = cons->tls_ctx;
} else {
bstrncpy(bashed_name, "*UserAgent*", sizeof(bashed_name));
password = director->password;
/* TLS Requirement */
if (director->tls_enable) {
if (director->tls_require) {
tls_local_need = BNET_TLS_REQUIRED;
} else {
tls_local_need = BNET_TLS_OK;
}
}
if (director->tls_authenticate) {
tls_local_need = BNET_TLS_REQUIRED;
}
tls_authenticate = director->tls_authenticate;
tls_ctx = director->tls_ctx;
}
/* Timeout Hello after 5 mins */
btimer_t *tid = start_bsock_timer(dir, 60 * 5);
dir->fsend(hello, bashed_name);
if (!cram_md5_respond(dir, password, &tls_remote_need, &compatible) ||
!cram_md5_challenge(dir, password, tls_local_need, compatible)) {
goto bail_out;
}
/* Verify that the remote host is willing to meet our TLS requirements */
if (tls_remote_need < tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
sendit(_("Authorization problem:"
" Remote server did not advertise required TLS support.\n"));
goto bail_out;
}
/* Verify that we are willing to meet the remote host's requirements */
if (tls_remote_need > tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
sendit(_("Authorization problem:"
" Remote server requires TLS.\n"));
goto bail_out;
}
/* Is TLS Enabled? */
if (tls_local_need >= BNET_TLS_OK && tls_remote_need >= BNET_TLS_OK) {
/* Engage TLS! Full Speed Ahead! */
if (!bnet_tls_client(tls_ctx, dir, NULL)) {
sendit(_("TLS negotiation failed\n"));
goto bail_out;
}
if (tls_authenticate) { /* Authenticate only? */
dir->free_tls(); /* yes, shutdown tls */
}
}
/*
* It's possible that the TLS connection will
* be dropped here if an invalid client certificate was presented
*/
Dmsg1(6, ">dird: %s", dir->msg);
if (dir->recv() <= 0) {
senditf(_("Bad response to Hello command: ERR=%s\n"),
dir->bstrerror());
goto bail_out;
}
Dmsg1(10, "<dird: %s", dir->msg);
if (strncmp(dir->msg, OKhello, sizeof(OKhello)-1) != 0) {
sendit(_("Director rejected Hello command\n"));
goto bail_out;
} else {
sendit(dir->msg);
}
stop_bsock_timer(tid);
return 1;
bail_out:
stop_bsock_timer(tid);
sendit( _("Director authorization problem.\n"
"Most likely the passwords do not agree.\n"
"If you are using TLS, there may have been a certificate validation error during the TLS handshake.\n"
"Please see " MANUAL_AUTH_URL " for help.\n"));
return 0;
}
/*
* Authenticate Storage daemon connection
*/
bool authenticate_storage_daemon(JCR *jcr, STORERES *store)
{
BSOCK *sd = jcr->store_bsock;
char dirname[MAX_NAME_LENGTH];
int tls_local_need = BNET_TLS_NONE;
int tls_remote_need = BNET_TLS_NONE;
int compatible = true;
bool auth_success = false;
/*
* Send my name to the Storage daemon then do authentication
*/
bstrncpy(dirname, director->hdr.name, sizeof(dirname));
bash_spaces(dirname);
/* Timeout Hello after 1 min */
btimer_t *tid = start_bsock_timer(sd, AUTH_TIMEOUT);
if (!sd->fsend(hello, dirname)) {
stop_bsock_timer(tid);
Dmsg1(dbglvl, _("Error sending Hello to Storage daemon. ERR=%s\n"), bnet_strerror(sd));
Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to Storage daemon. ERR=%s\n"), bnet_strerror(sd));
return 0;
}
/* TLS Requirement */
if (store->tls_enable) {
if (store->tls_require) {
tls_local_need = BNET_TLS_REQUIRED;
} else {
tls_local_need = BNET_TLS_OK;
}
}
if (store->tls_authenticate) {
tls_local_need = BNET_TLS_REQUIRED;
}
auth_success = cram_md5_respond(sd, store->password, &tls_remote_need, &compatible);
if (auth_success) {
auth_success = cram_md5_challenge(sd, store->password, tls_local_need, compatible);
if (!auth_success) {
Dmsg1(dbglvl, "cram_challenge failed for %s\n", sd->who());
}
} else {
Dmsg1(dbglvl, "cram_respond failed for %s\n", sd->who());
}
if (!auth_success) {
stop_bsock_timer(tid);
Dmsg0(dbglvl, _("Director and Storage daemon passwords or names not the same.\n"));
Jmsg2(jcr, M_FATAL, 0,
_("Director unable to authenticate with Storage daemon at \"%s:%d\". Possible causes:\n"
"Passwords or names not the same or\n"
"Maximum Concurrent Jobs exceeded on the SD or\n"
"SD networking messed up (restart daemon).\n"
"Please see " MANUAL_AUTH_URL " for help.\n"),
sd->host(), sd->port());
return 0;
}
/* Verify that the remote host is willing to meet our TLS requirements */
if (tls_remote_need < tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("Authorization problem: Remote server did not advertise required TLS support.\n"));
return 0;
}
/* Verify that we are willing to meet the remote host's requirements */
if (tls_remote_need > tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("Authorization problem: Remote server requires TLS.\n"));
return 0;
}
/* Is TLS Enabled? */
if (tls_local_need >= BNET_TLS_OK && tls_remote_need >= BNET_TLS_OK) {
/* Engage TLS! Full Speed Ahead! */
if (!bnet_tls_client(store->tls_ctx, sd, NULL)) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("TLS negotiation failed with SD at \"%s:%d\"\n"),
sd->host(), sd->port());
return 0;
}
if (store->tls_authenticate) { /* authentication only? */
sd->free_tls(); /* yes, stop tls */
}
}
Dmsg1(116, ">stored: %s", sd->msg);
if (sd->recv() <= 0) {
stop_bsock_timer(tid);
Jmsg3(jcr, M_FATAL, 0, _("bdird<stored: \"%s:%s\" bad response to Hello command: ERR=%s\n"),
sd->who(), sd->host(), sd->bstrerror());
return 0;
}
Dmsg1(110, "<stored: %s", sd->msg);
stop_bsock_timer(tid);
if (!bstrncmp(sd->msg, OKhello, sizeof(OKhello))) {
Dmsg0(dbglvl, _("Storage daemon rejected Hello command\n"));
Jmsg2(jcr, M_FATAL, 0, _("Storage daemon at \"%s:%d\" rejected Hello command\n"),
sd->host(), sd->port());
return 0;
}
return 1;
}
/*
* Called here for each record from read_records()
* This function is used when we do a external clone of a Job e.g.
* this SD is the reading SD. And a remote SD is the writing SD.
*
* Returns: true if OK
* false if error
*/
static bool clone_record_to_remote_sd(DCR *dcr, DEV_RECORD *rec)
{
POOLMEM *msgsave;
JCR *jcr = dcr->jcr;
char buf1[100], buf2[100];
BSOCK *sd = jcr->store_bsock;
bool send_eod, send_header;
#ifdef xxx
Dmsg5(000, "on entry JobId=%d FI=%s SessId=%d Strm=%s len=%d\n",
jcr->JobId, FI_to_ascii(buf1, rec->FileIndex), rec->VolSessionId,
stream_to_ascii(buf2, rec->Stream, rec->FileIndex), rec->data_len);
#endif
/*
* If label discard it
*/
if (rec->FileIndex < 0) {
return true;
}
/*
* See if this is the first record being processed.
*/
if (rec->last_FileIndex == 0) {
/*
* Initialize the last counters so we can compare
* things in the next run through here.
*/
rec->last_VolSessionId = rec->VolSessionId;
rec->last_VolSessionTime = rec->VolSessionTime;
rec->last_FileIndex = rec->FileIndex;
rec->last_Stream = rec->Stream;
jcr->JobFiles = 1;
/*
* Need to send both a new header only.
*/
send_eod = false;
send_header = true;
} else {
/*
* See if we are changing file or stream type.
*/
if (rec->VolSessionId != rec->last_VolSessionId ||
rec->VolSessionTime != rec->last_VolSessionTime ||
rec->FileIndex != rec->last_FileIndex ||
rec->Stream != rec->last_Stream) {
/*
* See if we are changing the FileIndex e.g.
* start processing the next file in the backup stream.
*/
if (rec->FileIndex != rec->last_FileIndex) {
jcr->JobFiles++;
}
/*
* Keep track of the new state.
*/
rec->last_VolSessionId = rec->VolSessionId;
rec->last_VolSessionTime = rec->VolSessionTime;
rec->last_FileIndex = rec->FileIndex;
rec->last_Stream = rec->Stream;
/*
* Need to send both a EOD and a new header.
*/
send_eod = true;
send_header = true;
} else {
send_eod = false;
send_header = false;
}
}
/*
* Send a EOD when needed.
*/
if (send_eod) {
if (!sd->signal(BNET_EOD)) { /* indicate end of file data */
if (!jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
}
return false;
}
}
/*
* Send a header when needed.
*/
if (send_header) {
if (!sd->fsend("%ld %d 0", rec->FileIndex, rec->Stream)) {
if (!jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
}
return false;
}
}
/*
* Send the record data.
* We don't want to copy the data from the record to the socket structure
* so we save the original msg pointer and use the record data pointer for
* sending and restore the original msg pointer when done.
*/
msgsave = sd->msg;
sd->msg = rec->data;
sd->msglen = rec->data_len;
if (!sd->send()) {
sd->msg = msgsave;
sd->msglen = 0;
if (!jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
}
return false;
}
jcr->JobBytes += sd->msglen;
sd->msg = msgsave;
Dmsg5(500, "wrote_record JobId=%d FI=%s SessId=%d Strm=%s len=%d\n",
jcr->JobId, FI_to_ascii(buf1, rec->FileIndex), rec->VolSessionId,
stream_to_ascii(buf2, rec->Stream, rec->FileIndex), rec->data_len);
return true;
}
/*
* Authenticate File daemon connection
*/
int authenticate_file_daemon(JCR *jcr)
{
BSOCK *fd = jcr->file_bsock;
CLIENTRES *client = jcr->res.client;
char dirname[MAX_NAME_LENGTH];
int tls_local_need = BNET_TLS_NONE;
int tls_remote_need = BNET_TLS_NONE;
int compatible = true;
bool auth_success = false;
/*
* Send my name to the File daemon then do authentication
*/
bstrncpy(dirname, director->name(), sizeof(dirname));
bash_spaces(dirname);
/* Timeout Hello after 1 min */
btimer_t *tid = start_bsock_timer(fd, AUTH_TIMEOUT);
if (!fd->fsend(hello, dirname)) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to File daemon at \"%s:%d\". ERR=%s\n"),
fd->host(), fd->port(), fd->bstrerror());
return 0;
}
Dmsg1(dbglvl, "Sent: %s", fd->msg);
/* TLS Requirement */
if (client->tls_enable) {
if (client->tls_require) {
tls_local_need = BNET_TLS_REQUIRED;
} else {
tls_local_need = BNET_TLS_OK;
}
}
if (client->tls_authenticate) {
tls_local_need = BNET_TLS_REQUIRED;
}
auth_success = cram_md5_respond(fd, client->password, &tls_remote_need, &compatible);
if (auth_success) {
auth_success = cram_md5_challenge(fd, client->password, tls_local_need, compatible);
if (!auth_success) {
Dmsg1(dbglvl, "cram_auth failed for %s\n", fd->who());
}
} else {
Dmsg1(dbglvl, "cram_get_auth failed for %s\n", fd->who());
}
if (!auth_success) {
stop_bsock_timer(tid);
Dmsg0(dbglvl, _("Director and File daemon passwords or names not the same.\n"));
Jmsg(jcr, M_FATAL, 0,
_("Unable to authenticate with File daemon at \"%s:%d\". Possible causes:\n"
"Passwords or names not the same or\n"
"Maximum Concurrent Jobs exceeded on the FD or\n"
"FD networking messed up (restart daemon).\n"
"Please see " MANUAL_AUTH_URL " for help.\n"),
fd->host(), fd->port());
return 0;
}
/* Verify that the remote host is willing to meet our TLS requirements */
if (tls_remote_need < tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("Authorization problem: FD \"%s:%s\" did not advertise required TLS support.\n"),
fd->who(), fd->host());
return 0;
}
/* Verify that we are willing to meet the remote host's requirements */
if (tls_remote_need > tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("Authorization problem: FD at \"%s:%d\" requires TLS.\n"),
fd->host(), fd->port());
return 0;
}
/* Is TLS Enabled? */
if (tls_local_need >= BNET_TLS_OK && tls_remote_need >= BNET_TLS_OK) {
/* Engage TLS! Full Speed Ahead! */
if (!bnet_tls_client(client->tls_ctx, fd, client->tls_allowed_cns)) {
stop_bsock_timer(tid);
Jmsg(jcr, M_FATAL, 0, _("TLS negotiation failed with FD at \"%s:%d\".\n"),
fd->host(), fd->port());
return 0;
}
if (client->tls_authenticate) { /* tls authentication only? */
fd->free_tls(); /* yes, shutdown tls */
}
}
Dmsg1(116, ">filed: %s", fd->msg);
if (fd->recv() <= 0) {
stop_bsock_timer(tid);
Dmsg1(dbglvl, _("Bad response from File daemon to Hello command: ERR=%s\n"),
bnet_strerror(fd));
Jmsg(jcr, M_FATAL, 0, _("Bad response from File daemon at \"%s:%d\" to Hello command: ERR=%s\n"),
fd->host(), fd->port(), fd->bstrerror());
return 0;
}
Dmsg1(110, "<filed: %s", fd->msg);
stop_bsock_timer(tid);
jcr->FDVersion = 0;
if (!bstrncmp(fd->msg, FDOKhello, sizeof(FDOKhello)) &&
sscanf(fd->msg, FDOKnewHello, &jcr->FDVersion) != 1) {
Dmsg0(dbglvl, _("File daemon rejected Hello command\n"));
Jmsg(jcr, M_FATAL, 0, _("File daemon at \"%s:%d\" rejected Hello command\n"),
fd->host(), fd->port());
return 0;
}
return 1;
}
/*
* Read Data and commit to new job.
*/
bool do_mac_run(JCR *jcr)
{
DEVICE *dev;
char ec1[50];
const char *Type;
bool ok = true;
BSOCK *dir = jcr->dir_bsock;
switch(jcr->getJobType()) {
case JT_MIGRATE:
Type = "Migration";
break;
case JT_ARCHIVE:
Type = "Archive";
break;
case JT_COPY:
Type = "Copy";
break;
case JT_BACKUP:
Type = "Virtual Backup";
break;
default:
Type = "Unknown";
break;
}
Dmsg0(20, "Start read data.\n");
if (jcr->NumReadVolumes == 0) {
Jmsg(jcr, M_FATAL, 0, _("No Volume names found for %s.\n"), Type);
goto bail_out;
}
/*
* Check autoinflation/autodeflation settings.
*/
check_auto_xflation(jcr);
/*
* See if we perform both read and write or read only.
*/
if (jcr->remote_replicate) {
BSOCK *sd;
if (!jcr->read_dcr) {
Jmsg(jcr, M_FATAL, 0, _("Read device not properly initialized.\n"));
goto bail_out;
}
Dmsg1(100, "read_dcr=%p\n", jcr->read_dcr);
Dmsg3(200, "Found %d volumes names for %s. First=%s\n",
jcr->NumReadVolumes, Type, jcr->VolList->VolumeName);
/*
* Ready devices for reading.
*/
if (!acquire_device_for_read(jcr->read_dcr)) {
ok = false;
goto bail_out;
}
Dmsg2(200, "===== After acquire pos %u:%u\n", jcr->read_dcr->dev->file, jcr->read_dcr->dev->block_num);
jcr->sendJobStatus(JS_Running);
/*
* Set network buffering.
*/
sd = jcr->store_bsock;
if (!sd->set_buffer_size(me->max_network_buffer_size, BNET_SETBUF_WRITE)) {
Jmsg(jcr, M_FATAL, 0, _("Cannot set buffer size SD->SD.\n"));
ok = false;
goto bail_out;
}
/*
* Let the remote SD know we are about to start the replication.
*/
sd->fsend(start_replicate);
Dmsg1(110, ">stored: %s", sd->msg);
/*
* Expect to receive back the Ticket number.
*/
if (bget_msg(sd) >= 0) {
Dmsg1(110, "<stored: %s", sd->msg);
if (sscanf(sd->msg, OK_start_replicate, &jcr->Ticket) != 1) {
Jmsg(jcr, M_FATAL, 0, _("Bad response to start replicate: %s\n"), sd->msg);
goto bail_out;
}
Dmsg1(110, "Got Ticket=%d\n", jcr->Ticket);
} else {
Jmsg(jcr, M_FATAL, 0, _("Bad response from stored to start replicate command\n"));
goto bail_out;
}
/*
* Let the remote SD know we are now really going to send the data.
*/
sd->fsend(replicate_data, jcr->Ticket);
Dmsg1(110, ">stored: %s", sd->msg);
/*
* Expect to get response to the replicate data cmd from Storage daemon
*/
if (!response(jcr, sd, OK_data, "replicate data")) {
ok = false;
goto bail_out;
}
/*
* Read all data and send it to remote SD.
*/
ok = read_records(jcr->read_dcr, clone_record_to_remote_sd, mount_next_read_volume);
/*
* Send the last EOD to close the last data transfer and a next EOD to
* signal the remote we are done.
*/
if (!sd->signal(BNET_EOD) || !sd->signal(BNET_EOD)) {
if (!jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
}
goto bail_out;
}
/*
* Expect to get response that the replicate data succeeded.
*/
if (!response(jcr, sd, OK_replicate, "replicate data")) {
ok = false;
goto bail_out;
}
/*
* End replicate session.
*/
sd->fsend(end_replicate);
Dmsg1(110, ">stored: %s", sd->msg);
/*
* Expect to get response to the end replicate cmd from Storage daemon
*/
if (!response(jcr, sd, OK_end_replicate, "end replicate")) {
ok = false;
goto bail_out;
}
/* Inform Storage daemon that we are done */
sd->signal(BNET_TERMINATE);
} else {
if (!jcr->read_dcr || !jcr->dcr) {
Jmsg(jcr, M_FATAL, 0, _("Read and write devices not properly initialized.\n"));
goto bail_out;
}
Dmsg2(100, "read_dcr=%p write_dcr=%p\n", jcr->read_dcr, jcr->dcr);
Dmsg3(200, "Found %d volumes names for %s. First=%s\n",
jcr->NumReadVolumes, Type, jcr->VolList->VolumeName);
/*
* Ready devices for reading and writing.
*/
if (!acquire_device_for_read(jcr->read_dcr) ||
!acquire_device_for_append(jcr->dcr)) {
ok = false;
goto bail_out;
}
Dmsg2(200, "===== After acquire pos %u:%u\n", jcr->dcr->dev->file, jcr->dcr->dev->block_num);
jcr->sendJobStatus(JS_Running);
if (!begin_data_spool(jcr->dcr) ) {
ok = false;
goto bail_out;
}
if (!begin_attribute_spool(jcr)) {
ok = false;
goto bail_out;
}
jcr->dcr->VolFirstIndex = jcr->dcr->VolLastIndex = 0;
jcr->run_time = time(NULL);
set_start_vol_position(jcr->dcr);
jcr->JobFiles = 0;
/*
* Read all data and make a local clone of it.
*/
ok = read_records(jcr->read_dcr, clone_record_internally, mount_next_read_volume);
}
bail_out:
if (!ok) {
jcr->setJobStatus(JS_ErrorTerminated);
}
if (!jcr->remote_replicate && jcr->dcr) {
/*
* Don't use time_t for job_elapsed as time_t can be 32 or 64 bits,
* and the subsequent Jmsg() editing will break
*/
int32_t job_elapsed;
dev = jcr->dcr->dev;
Dmsg1(100, "ok=%d\n", ok);
if (ok || dev->can_write()) {
/*
* Flush out final partial block of this session
*/
if (!jcr->dcr->write_block_to_device()) {
Jmsg2(jcr, M_FATAL, 0, _("Fatal append error on device %s: ERR=%s\n"),
dev->print_name(), dev->bstrerror());
Dmsg0(100, _("Set ok=FALSE after write_block_to_device.\n"));
ok = false;
}
Dmsg2(200, "Flush block to device pos %u:%u\n", dev->file, dev->block_num);
}
if (!ok) {
discard_data_spool(jcr->dcr);
} else {
/*
* Note: if commit is OK, the device will remain blocked
*/
commit_data_spool(jcr->dcr);
}
job_elapsed = time(NULL) - jcr->run_time;
if (job_elapsed <= 0) {
job_elapsed = 1;
}
Jmsg(jcr, M_INFO, 0, _("Elapsed time=%02d:%02d:%02d, Transfer rate=%s Bytes/second\n"),
job_elapsed / 3600, job_elapsed % 3600 / 60, job_elapsed % 60,
edit_uint64_with_suffix(jcr->JobBytes / job_elapsed, ec1));
/*
* Release the device -- and send final Vol info to DIR
*/
release_device(jcr->dcr);
if (!ok || job_canceled(jcr)) {
discard_attribute_spool(jcr);
} else {
commit_attribute_spool(jcr);
}
}
if (jcr->read_dcr) {
if (!release_device(jcr->read_dcr)) {
ok = false;
}
}
jcr->sendJobStatus(); /* update director */
Dmsg0(30, "Done reading.\n");
jcr->end_time = time(NULL);
dequeue_messages(jcr); /* send any queued messages */
if (ok) {
jcr->setJobStatus(JS_Terminated);
}
generate_plugin_event(jcr, bsdEventJobEnd);
dir->fsend(Job_end, jcr->Job, jcr->JobStatus, jcr->JobFiles,
edit_uint64(jcr->JobBytes, ec1), jcr->JobErrors);
Dmsg4(100, Job_end, jcr->Job, jcr->JobStatus, jcr->JobFiles, ec1);
dir->signal(BNET_EOD); /* send EOD to Director daemon */
free_plugins(jcr); /* release instantiated plugins */
return false; /* Continue DIR session ? */
}
/*
* Send data read from an already open file descriptor.
*
* We return 1 on sucess and 0 on errors.
*
* ***FIXME***
* We use ff_pkt->statp.st_size when FO_SPARSE to know when to stop
* reading.
* Currently this is not a problem as the only other stream, resource forks,
* are not handled as sparse files.
*/
static int send_data(JCR *jcr, int stream, FF_PKT *ff_pkt, DIGEST *digest,
DIGEST *signing_digest)
{
BSOCK *sd = jcr->store_bsock;
uint64_t fileAddr = 0; /* file address */
char *rbuf, *wbuf;
int32_t rsize = jcr->buf_size; /* read buffer size */
POOLMEM *msgsave;
CIPHER_CONTEXT *cipher_ctx = NULL; /* Quell bogus uninitialized warnings */
const uint8_t *cipher_input;
uint32_t cipher_input_len;
uint32_t cipher_block_size;
uint32_t encrypted_len;
#ifdef FD_NO_SEND_TEST
return 1;
#endif
msgsave = sd->msg;
rbuf = sd->msg; /* read buffer */
wbuf = sd->msg; /* write buffer */
cipher_input = (uint8_t *)rbuf; /* encrypt uncompressed data */
Dmsg1(300, "Saving data, type=%d\n", ff_pkt->type);
#ifdef HAVE_LIBZ
uLong compress_len = 0;
uLong max_compress_len = 0;
const Bytef *cbuf = NULL;
int zstat;
if (ff_pkt->flags & FO_GZIP) {
if (ff_pkt->flags & FO_SPARSE) {
cbuf = (Bytef *)jcr->compress_buf + SPARSE_FADDR_SIZE;
max_compress_len = jcr->compress_buf_size - SPARSE_FADDR_SIZE;
} else {
cbuf = (Bytef *)jcr->compress_buf;
max_compress_len = jcr->compress_buf_size; /* set max length */
}
wbuf = jcr->compress_buf; /* compressed output here */
cipher_input = (uint8_t *)jcr->compress_buf; /* encrypt compressed data */
/*
* Only change zlib parameters if there is no pending operation.
* This should never happen as deflatereset is called after each
* deflate.
*/
if (((z_stream*)jcr->pZLIB_compress_workset)->total_in == 0) {
/* set gzip compression level - must be done per file */
if ((zstat=deflateParams((z_stream*)jcr->pZLIB_compress_workset,
ff_pkt->GZIP_level, Z_DEFAULT_STRATEGY)) != Z_OK) {
Jmsg(jcr, M_FATAL, 0, _("Compression deflateParams error: %d\n"), zstat);
set_jcr_job_status(jcr, JS_ErrorTerminated);
goto err;
}
}
}
#else
const uint32_t max_compress_len = 0;
#endif
if (ff_pkt->flags & FO_ENCRYPT) {
if (ff_pkt->flags & FO_SPARSE) {
Jmsg0(jcr, M_FATAL, 0, _("Encrypting sparse data not supported.\n"));
goto err;
}
/* Allocate the cipher context */
if ((cipher_ctx = crypto_cipher_new(jcr->crypto.pki_session, true,
&cipher_block_size)) == NULL) {
/* Shouldn't happen! */
Jmsg0(jcr, M_FATAL, 0, _("Failed to initialize encryption context.\n"));
goto err;
}
/*
* Grow the crypto buffer, if necessary.
* crypto_cipher_update() will buffer up to (cipher_block_size - 1).
* We grow crypto_buf to the maximum number of blocks that
* could be returned for the given read buffer size.
* (Using the larger of either rsize or max_compress_len)
*/
jcr->crypto.crypto_buf = check_pool_memory_size(jcr->crypto.crypto_buf,
(MAX(rsize + (int)sizeof(uint32_t), (int32_t)max_compress_len) +
cipher_block_size - 1) / cipher_block_size * cipher_block_size);
wbuf = jcr->crypto.crypto_buf; /* Encrypted, possibly compressed output here. */
}
/*
* Send Data header to Storage daemon
* <file-index> <stream> <info>
*/
if (!sd->fsend("%ld %d 0", jcr->JobFiles, stream)) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
goto err;
}
Dmsg1(300, ">stored: datahdr %s\n", sd->msg);
/*
* Make space at beginning of buffer for fileAddr because this
* same buffer will be used for writing if compression is off.
*/
if (ff_pkt->flags & FO_SPARSE) {
rbuf += SPARSE_FADDR_SIZE;
rsize -= SPARSE_FADDR_SIZE;
#ifdef HAVE_FREEBSD_OS
/*
* To read FreeBSD partitions, the read size must be
* a multiple of 512.
*/
rsize = (rsize/512) * 512;
#endif
}
/* a RAW device read on win32 only works if the buffer is a multiple of 512 */
#ifdef HAVE_WIN32
if (S_ISBLK(ff_pkt->statp.st_mode))
rsize = (rsize/512) * 512;
#endif
/*
* Read the file data
*/
while ((sd->msglen=(uint32_t)bread(&ff_pkt->bfd, rbuf, rsize)) > 0) {
/* Check for sparse blocks */
if (ff_pkt->flags & FO_SPARSE) {
ser_declare;
bool allZeros = false;
if ((sd->msglen == rsize &&
fileAddr+sd->msglen < (uint64_t)ff_pkt->statp.st_size) ||
((ff_pkt->type == FT_RAW || ff_pkt->type == FT_FIFO) &&
(uint64_t)ff_pkt->statp.st_size == 0)) {
allZeros = is_buf_zero(rbuf, rsize);
}
if (!allZeros) {
/* Put file address as first data in buffer */
ser_begin(wbuf, SPARSE_FADDR_SIZE);
ser_uint64(fileAddr); /* store fileAddr in begin of buffer */
}
fileAddr += sd->msglen; /* update file address */
/* Skip block of all zeros */
if (allZeros) {
continue; /* skip block of zeros */
}
}
jcr->ReadBytes += sd->msglen; /* count bytes read */
/* Uncompressed cipher input length */
cipher_input_len = sd->msglen;
/* Update checksum if requested */
if (digest) {
crypto_digest_update(digest, (uint8_t *)rbuf, sd->msglen);
}
/* Update signing digest if requested */
if (signing_digest) {
crypto_digest_update(signing_digest, (uint8_t *)rbuf, sd->msglen);
}
#ifdef HAVE_LIBZ
/* Do compression if turned on */
if (ff_pkt->flags & FO_GZIP && jcr->pZLIB_compress_workset) {
Dmsg3(400, "cbuf=0x%x rbuf=0x%x len=%u\n", cbuf, rbuf, sd->msglen);
((z_stream*)jcr->pZLIB_compress_workset)->next_in = (Bytef *)rbuf;
((z_stream*)jcr->pZLIB_compress_workset)->avail_in = sd->msglen;
((z_stream*)jcr->pZLIB_compress_workset)->next_out = (Bytef *)cbuf;
((z_stream*)jcr->pZLIB_compress_workset)->avail_out = max_compress_len;
if ((zstat=deflate((z_stream*)jcr->pZLIB_compress_workset, Z_FINISH)) != Z_STREAM_END) {
Jmsg(jcr, M_FATAL, 0, _("Compression deflate error: %d\n"), zstat);
set_jcr_job_status(jcr, JS_ErrorTerminated);
goto err;
}
compress_len = ((z_stream*)jcr->pZLIB_compress_workset)->total_out;
/* reset zlib stream to be able to begin from scratch again */
if ((zstat=deflateReset((z_stream*)jcr->pZLIB_compress_workset)) != Z_OK) {
Jmsg(jcr, M_FATAL, 0, _("Compression deflateReset error: %d\n"), zstat);
set_jcr_job_status(jcr, JS_ErrorTerminated);
goto err;
}
Dmsg2(400, "compressed len=%d uncompressed len=%d\n", compress_len,
sd->msglen);
sd->msglen = compress_len; /* set compressed length */
cipher_input_len = compress_len;
}
#endif
/*
* Note, here we prepend the current record length to the beginning
* of the encrypted data. This is because both sparse and compression
* restore handling want records returned to them with exactly the
* same number of bytes that were processed in the backup handling.
* That is, both are block filters rather than a stream. When doing
* compression, the compression routines may buffer data, so that for
* any one record compressed, when it is decompressed the same size
* will not be obtained. Of course, the buffered data eventually comes
* out in subsequent crypto_cipher_update() calls or at least
* when crypto_cipher_finalize() is called. Unfortunately, this
* "feature" of encryption enormously complicates the restore code.
*/
if (ff_pkt->flags & FO_ENCRYPT) {
uint32_t initial_len = 0;
ser_declare;
if (ff_pkt->flags & FO_SPARSE) {
cipher_input_len += SPARSE_FADDR_SIZE;
}
/* Encrypt the length of the input block */
uint8_t packet_len[sizeof(uint32_t)];
ser_begin(packet_len, sizeof(uint32_t));
ser_uint32(cipher_input_len); /* store data len in begin of buffer */
Dmsg1(20, "Encrypt len=%d\n", cipher_input_len);
if (!crypto_cipher_update(cipher_ctx, packet_len, sizeof(packet_len),
(uint8_t *)jcr->crypto.crypto_buf, &initial_len)) {
/* Encryption failed. Shouldn't happen. */
Jmsg(jcr, M_FATAL, 0, _("Encryption error\n"));
goto err;
}
/* Encrypt the input block */
if (crypto_cipher_update(cipher_ctx, cipher_input, cipher_input_len,
(uint8_t *)&jcr->crypto.crypto_buf[initial_len], &encrypted_len)) {
if ((initial_len + encrypted_len) == 0) {
/* No full block of data available, read more data */
continue;
}
Dmsg2(400, "encrypted len=%d unencrypted len=%d\n", encrypted_len,
sd->msglen);
sd->msglen = initial_len + encrypted_len; /* set encrypted length */
} else {
/* Encryption failed. Shouldn't happen. */
Jmsg(jcr, M_FATAL, 0, _("Encryption error\n"));
goto err;
}
}
/* Send the buffer to the Storage daemon */
if (ff_pkt->flags & FO_SPARSE) {
sd->msglen += SPARSE_FADDR_SIZE; /* include fileAddr in size */
}
sd->msg = wbuf; /* set correct write buffer */
if (!sd->send()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
goto err;
}
Dmsg1(130, "Send data to SD len=%d\n", sd->msglen);
/* #endif */
jcr->JobBytes += sd->msglen; /* count bytes saved possibly compressed/encrypted */
sd->msg = msgsave; /* restore read buffer */
} /* end while read file data */
if (sd->msglen < 0) { /* error */
berrno be;
Jmsg(jcr, M_ERROR, 0, _("Read error on file %s. ERR=%s\n"),
ff_pkt->fname, be.bstrerror(ff_pkt->bfd.berrno));
if (jcr->JobErrors++ > 1000) { /* insanity check */
Jmsg(jcr, M_FATAL, 0, _("Too many errors.\n"));
}
} else if (ff_pkt->flags & FO_ENCRYPT) {
/*
* For encryption, we must call finalize to push out any
* buffered data.
*/
if (!crypto_cipher_finalize(cipher_ctx, (uint8_t *)jcr->crypto.crypto_buf,
&encrypted_len)) {
/* Padding failed. Shouldn't happen. */
Jmsg(jcr, M_FATAL, 0, _("Encryption padding error\n"));
goto err;
}
/* Note, on SSL pre-0.9.7, there is always some output */
if (encrypted_len > 0) {
sd->msglen = encrypted_len; /* set encrypted length */
sd->msg = jcr->crypto.crypto_buf; /* set correct write buffer */
if (!sd->send()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
goto err;
}
Dmsg1(130, "Send data to SD len=%d\n", sd->msglen);
jcr->JobBytes += sd->msglen; /* count bytes saved possibly compressed/encrypted */
sd->msg = msgsave; /* restore bnet buffer */
}
}
if (!sd->signal(BNET_EOD)) { /* indicate end of file data */
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
goto err;
}
/* Free the cipher context */
if (cipher_ctx) {
crypto_cipher_free(cipher_ctx);
}
return 1;
err:
/* Free the cipher context */
if (cipher_ctx) {
crypto_cipher_free(cipher_ctx);
}
sd->msg = msgsave; /* restore bnet buffer */
sd->msglen = 0;
return 0;
}
bool encode_and_send_attributes(JCR *jcr, FF_PKT *ff_pkt, int &data_stream)
{
BSOCK *sd = jcr->store_bsock;
POOL_MEM attribs(PM_NAME),
attribsExBuf(PM_NAME);
char *attribsEx = NULL;
int attr_stream;
int comp_len;
bool status;
int hangup = get_hangup();
#ifdef FD_NO_SEND_TEST
return true;
#endif
Dmsg1(300, "encode_and_send_attrs fname=%s\n", ff_pkt->fname);
/** Find what data stream we will use, then encode the attributes */
if ((data_stream = select_data_stream(ff_pkt, me->compatible)) == STREAM_NONE) {
/* This should not happen */
Jmsg0(jcr, M_FATAL, 0, _("Invalid file flags, no supported data stream type.\n"));
return false;
}
encode_stat(attribs.c_str(), &ff_pkt->statp, sizeof(ff_pkt->statp), ff_pkt->LinkFI, data_stream);
/** Now possibly extend the attributes */
if (IS_FT_OBJECT(ff_pkt->type)) {
attr_stream = STREAM_RESTORE_OBJECT;
} else {
attribsEx = attribsExBuf.c_str();
attr_stream = encode_attribsEx(jcr, attribsEx, ff_pkt);
}
Dmsg3(300, "File %s\nattribs=%s\nattribsEx=%s\n", ff_pkt->fname, attribs.c_str(), attribsEx);
jcr->lock();
jcr->JobFiles++; /* increment number of files sent */
ff_pkt->FileIndex = jcr->JobFiles; /* return FileIndex */
pm_strcpy(jcr->last_fname, ff_pkt->fname);
jcr->unlock();
/*
* Debug code: check if we must hangup
*/
if (hangup && (jcr->JobFiles > (uint32_t)hangup)) {
jcr->setJobStatus(JS_Incomplete);
Jmsg1(jcr, M_FATAL, 0, "Debug hangup requested after %d files.\n", hangup);
set_hangup(0);
return false;
}
/**
* Send Attributes header to Storage daemon
* <file-index> <stream> <info>
*/
if (!sd->fsend("%ld %d 0", jcr->JobFiles, attr_stream)) {
if (!jcr->is_canceled() && !jcr->is_incomplete()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"), sd->bstrerror());
}
return false;
}
Dmsg1(300, ">stored: attrhdr %s", sd->msg);
/**
* Send file attributes to Storage daemon
* File_index
* File type
* Filename (full path)
* Encoded attributes
* Link name (if type==FT_LNK or FT_LNKSAVED)
* Encoded extended-attributes (for Win32)
* Delta Sequence Number
*
* or send Restore Object to Storage daemon
* File_index
* File_type
* Object_index
* Object_len (possibly compressed)
* Object_full_len (not compressed)
* Object_compression
* Plugin_name
* Object_name
* Binary Object data
*
* For a directory, link is the same as fname, but with trailing
* slash. For a linked file, link is the link.
*/
if (!IS_FT_OBJECT(ff_pkt->type) && ff_pkt->type != FT_DELETED) { /* already stripped */
strip_path(ff_pkt);
}
switch (ff_pkt->type) {
case FT_JUNCTION:
case FT_LNK:
case FT_LNKSAVED:
Dmsg3(300, "Link %d %s to %s\n", jcr->JobFiles, ff_pkt->fname, ff_pkt->link);
status = sd->fsend("%ld %d %s%c%s%c%s%c%s%c%u%c", jcr->JobFiles,
ff_pkt->type, ff_pkt->fname, 0, attribs.c_str(), 0,
ff_pkt->link, 0, attribsEx, 0, ff_pkt->delta_seq, 0);
break;
case FT_DIREND:
case FT_REPARSE:
/* Here link is the canonical filename (i.e. with trailing slash) */
status = sd->fsend("%ld %d %s%c%s%c%c%s%c%u%c", jcr->JobFiles,
ff_pkt->type, ff_pkt->link, 0, attribs.c_str(), 0, 0,
attribsEx, 0, ff_pkt->delta_seq, 0);
break;
case FT_PLUGIN_CONFIG:
case FT_RESTORE_FIRST:
comp_len = ff_pkt->object_len;
ff_pkt->object_compression = 0;
if (ff_pkt->object_len > 1000) {
/*
* Big object, compress it
*/
comp_len = compressBound(ff_pkt->object_len);
POOLMEM *comp_obj = get_memory(comp_len);
/*
* FIXME: check Zdeflate error
*/
Zdeflate(ff_pkt->object, ff_pkt->object_len, comp_obj, comp_len);
if (comp_len < ff_pkt->object_len) {
ff_pkt->object = comp_obj;
ff_pkt->object_compression = 1; /* zlib level 9 compression */
} else {
/*
* Uncompressed object smaller, use it
*/
comp_len = ff_pkt->object_len;
}
Dmsg2(100, "Object compressed from %d to %d bytes\n", ff_pkt->object_len, comp_len);
}
sd->msglen = Mmsg(sd->msg, "%d %d %d %d %d %d %s%c%s%c",
jcr->JobFiles, ff_pkt->type, ff_pkt->object_index,
comp_len, ff_pkt->object_len, ff_pkt->object_compression,
ff_pkt->fname, 0, ff_pkt->object_name, 0);
sd->msg = check_pool_memory_size(sd->msg, sd->msglen + comp_len + 2);
memcpy(sd->msg + sd->msglen, ff_pkt->object, comp_len);
/*
* Note we send one extra byte so Dir can store zero after object
*/
sd->msglen += comp_len + 1;
status = sd->send();
if (ff_pkt->object_compression) {
free_and_null_pool_memory(ff_pkt->object);
}
break;
case FT_REG:
status = sd->fsend("%ld %d %s%c%s%c%c%s%c%d%c", jcr->JobFiles,
ff_pkt->type, ff_pkt->fname, 0, attribs.c_str(), 0, 0,
attribsEx, 0, ff_pkt->delta_seq, 0);
break;
default:
status = sd->fsend("%ld %d %s%c%s%c%c%s%c%u%c", jcr->JobFiles,
ff_pkt->type, ff_pkt->fname, 0, attribs.c_str(), 0, 0,
attribsEx, 0, ff_pkt->delta_seq, 0);
break;
}
if (!IS_FT_OBJECT(ff_pkt->type) && ff_pkt->type != FT_DELETED) {
unstrip_path(ff_pkt);
}
Dmsg2(300, ">stored: attr len=%d: %s\n", sd->msglen, sd->msg);
if (!status && !jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"), sd->bstrerror());
}
sd->signal(BNET_EOD); /* indicate end of attributes data */
return status;
}
/*
* Authenticate Director
*/
bool DirComm::authenticate_director(JCR *jcr, DIRRES *director, CONRES *cons,
char *errmsg, int errmsg_len)
{
BSOCK *dir = jcr->dir_bsock;
int tls_local_need = BNET_TLS_NONE;
int tls_remote_need = BNET_TLS_NONE;
bool tls_authenticate;
int compatible = true;
char bashed_name[MAX_NAME_LENGTH];
char *password;
TLS_CONTEXT *tls_ctx = NULL;
errmsg[0] = 0;
/*
* Send my name to the Director then do authentication
*/
if (cons) {
bstrncpy(bashed_name, cons->hdr.name, sizeof(bashed_name));
bash_spaces(bashed_name);
password = cons->password;
/* TLS Requirement */
if (cons->tls_enable) {
if (cons->tls_require) {
tls_local_need = BNET_TLS_REQUIRED;
} else {
tls_local_need = BNET_TLS_OK;
}
}
tls_authenticate = cons->tls_authenticate;
tls_ctx = cons->tls_ctx;
} else {
bstrncpy(bashed_name, "*UserAgent*", sizeof(bashed_name));
password = director->password;
/* TLS Requirement */
if (director->tls_enable) {
if (director->tls_require) {
tls_local_need = BNET_TLS_REQUIRED;
} else {
tls_local_need = BNET_TLS_OK;
}
}
tls_authenticate = director->tls_authenticate;
tls_ctx = director->tls_ctx;
}
if (tls_authenticate) {
tls_local_need = BNET_TLS_REQUIRED;
}
/* Timeout Hello after 15 secs */
dir->start_timer(15);
dir->fsend(hello, bashed_name);
/* respond to Dir challenge */
if (!cram_md5_respond(dir, password, &tls_remote_need, &compatible) ||
/* Now challenge dir */
!cram_md5_challenge(dir, password, tls_local_need, compatible)) {
bsnprintf(errmsg, errmsg_len, _("Director authorization problem at \"%s:%d\"\n"),
dir->host(), dir->port());
goto bail_out;
}
/* Verify that the remote host is willing to meet our TLS requirements */
if (tls_remote_need < tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
bsnprintf(errmsg, errmsg_len, _("Authorization problem:"
" Remote server at \"%s:%d\" did not advertise required TLS support.\n"),
dir->host(), dir->port());
goto bail_out;
}
/* Verify that we are willing to meet the remote host's requirements */
if (tls_remote_need > tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
bsnprintf(errmsg, errmsg_len, _("Authorization problem with Director at \"%s:%d\":"
" Remote server requires TLS.\n"),
dir->host(), dir->port());
goto bail_out;
}
/* Is TLS Enabled? */
if (tls_local_need >= BNET_TLS_OK && tls_remote_need >= BNET_TLS_OK) {
/* Engage TLS! Full Speed Ahead! */
if (!bnet_tls_client(tls_ctx, dir, NULL)) {
bsnprintf(errmsg, errmsg_len, _("TLS negotiation failed with Director at \"%s:%d\"\n"),
dir->host(), dir->port());
goto bail_out;
}
if (tls_authenticate) { /* authenticate only? */
dir->free_tls(); /* Yes, shutdown tls */
}
}
Dmsg1(6, ">dird: %s", dir->msg);
if (dir->recv() <= 0) {
dir->stop_timer();
bsnprintf(errmsg, errmsg_len, _("Bad response to Hello command: ERR=%s\n"
"The Director at \"%s:%d\" is probably not running.\n"),
dir->bstrerror(), dir->host(), dir->port());
return false;
}
dir->stop_timer();
Dmsg1(10, "<dird: %s", dir->msg);
if (strncmp(dir->msg, OKhello, sizeof(OKhello)-1) != 0) {
bsnprintf(errmsg, errmsg_len, _("Director at \"%s:%d\" rejected Hello command\n"),
dir->host(), dir->port());
return false;
} else {
if (m_conn == 0) {
bsnprintf(errmsg, errmsg_len, "%s", dir->msg);
}
}
return true;
bail_out:
dir->stop_timer();
bsnprintf(errmsg, errmsg_len, _("Authorization problem with Director at \"%s:%d\"\n"
"Most likely the passwords do not agree.\n"
"If you are using TLS, there may have been a certificate validation error during the TLS handshake.\n"
"Please see " MANUAL_AUTH_URL " for help.\n"),
dir->host(), dir->port());
return false;
}
/**
* Send data read from an already open file descriptor.
*
* We return 1 on sucess and 0 on errors.
*
* ***FIXME***
* We use ff_pkt->statp.st_size when FO_SPARSE to know when to stop reading.
* Currently this is not a problem as the only other stream, resource forks,
* are not handled as sparse files.
*/
static int send_data(JCR *jcr, int stream, FF_PKT *ff_pkt,
DIGEST *digest, DIGEST *signing_digest)
{
b_ctx bctx;
BSOCK *sd = jcr->store_bsock;
#ifdef FD_NO_SEND_TEST
return 1;
#endif
/*
* Setup backup context.
*/
memset(&bctx, 0, sizeof(b_ctx));
bctx.jcr = jcr;
bctx.ff_pkt = ff_pkt;
bctx.msgsave = sd->msg; /* save the original sd buffer */
bctx.rbuf = sd->msg; /* read buffer */
bctx.wbuf = sd->msg; /* write buffer */
bctx.rsize = jcr->buf_size; /* read buffer size */
bctx.cipher_input = (uint8_t *)bctx.rbuf; /* encrypt uncompressed data */
bctx.digest = digest; /* encryption digest */
bctx.signing_digest = signing_digest; /* signing digest */
Dmsg1(300, "Saving data, type=%d\n", ff_pkt->type);
if (!setup_compression_context(bctx)) {
goto bail_out;
}
if (!setup_encryption_context(bctx)) {
goto bail_out;
}
/*
* Send Data header to Storage daemon
* <file-index> <stream> <info>
*/
if (!sd->fsend("%ld %d 0", jcr->JobFiles, stream)) {
if (!jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"), sd->bstrerror());
}
goto bail_out;
}
Dmsg1(300, ">stored: datahdr %s", sd->msg);
/*
* Make space at beginning of buffer for fileAddr because this
* same buffer will be used for writing if compression is off.
*/
if (bit_is_set(FO_SPARSE, ff_pkt->flags) || bit_is_set(FO_OFFSETS, ff_pkt->flags)) {
bctx.rbuf += OFFSET_FADDR_SIZE;
bctx.rsize -= OFFSET_FADDR_SIZE;
#ifdef HAVE_FREEBSD_OS
/*
* To read FreeBSD partitions, the read size must be a multiple of 512.
*/
bctx.rsize = (bctx.rsize / 512) * 512;
#endif
}
/*
* A RAW device read on win32 only works if the buffer is a multiple of 512
*/
#ifdef HAVE_WIN32
if (S_ISBLK(ff_pkt->statp.st_mode)) {
bctx.rsize = (bctx.rsize / 512) * 512;
}
if (ff_pkt->statp.st_rdev & FILE_ATTRIBUTE_ENCRYPTED) {
if (!send_encrypted_data(bctx)) {
goto bail_out;
}
} else {
if (!send_plain_data(bctx)) {
goto bail_out;
}
}
#else
if (!send_plain_data(bctx)) {
goto bail_out;
}
#endif
if (sd->msglen < 0) { /* error */
berrno be;
Jmsg(jcr, M_ERROR, 0, _("Read error on file %s. ERR=%s\n"), ff_pkt->fname, be.bstrerror(ff_pkt->bfd.berrno));
if (jcr->JobErrors++ > 1000) { /* insanity check */
Jmsg(jcr, M_FATAL, 0, _("Too many errors. JobErrors=%d.\n"), jcr->JobErrors);
}
} else if (bit_is_set(FO_ENCRYPT, ff_pkt->flags)) {
/*
* For encryption, we must call finalize to push out any buffered data.
*/
if (!crypto_cipher_finalize(bctx.cipher_ctx,
(uint8_t *)jcr->crypto.crypto_buf,
&bctx.encrypted_len)) {
/*
* Padding failed. Shouldn't happen.
*/
Jmsg(jcr, M_FATAL, 0, _("Encryption padding error\n"));
goto bail_out;
}
/*
* Note, on SSL pre-0.9.7, there is always some output
*/
if (bctx.encrypted_len > 0) {
sd->msglen = bctx.encrypted_len; /* set encrypted length */
sd->msg = jcr->crypto.crypto_buf; /* set correct write buffer */
if (!sd->send()) {
if (!jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"), sd->bstrerror());
}
goto bail_out;
}
Dmsg1(130, "Send data to SD len=%d\n", sd->msglen);
jcr->JobBytes += sd->msglen; /* count bytes saved possibly compressed/encrypted */
sd->msg = bctx.msgsave; /* restore bnet buffer */
}
}
if (!sd->signal(BNET_EOD)) { /* indicate end of file data */
if (!jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"), sd->bstrerror());
}
goto bail_out;
}
/*
* Free the cipher context
*/
if (bctx.cipher_ctx) {
crypto_cipher_free(bctx.cipher_ctx);
}
return 1;
bail_out:
/*
* Free the cipher context
*/
if (bctx.cipher_ctx) {
crypto_cipher_free(bctx.cipher_ctx);
}
sd->msg = bctx.msgsave; /* restore bnet buffer */
sd->msglen = 0;
return 0;
}
/*
* Append Data sent from Client (FD/SD)
*
*/
bool do_append_data(JCR *jcr)
{
int32_t n;
int32_t file_index, stream, last_file_index;
uint64_t stream_len;
BSOCK *fd = jcr->file_bsock;
bool ok = true;
DEV_RECORD rec;
char buf1[100], buf2[100];
DCR *dcr = jcr->dcr;
DEVICE *dev;
char ec[50];
POOLMEM *eblock = NULL;
POOL_MEM errmsg(PM_EMSG);
if (!dcr) {
pm_strcpy(jcr->errmsg, _("DCR is NULL!!!\n"));
Jmsg0(jcr, M_FATAL, 0, jcr->errmsg);
return false;
}
dev = dcr->dev;
if (!dev) {
pm_strcpy(jcr->errmsg, _("DEVICE is NULL!!!\n"));
Jmsg0(jcr, M_FATAL, 0, jcr->errmsg);
return false;
}
Dmsg1(100, "Start append data. res=%d\n", dev->num_reserved());
memset(&rec, 0, sizeof(rec));
if (!fd->set_buffer_size(dcr->device->max_network_buffer_size, BNET_SETBUF_WRITE)) {
jcr->setJobStatus(JS_ErrorTerminated);
pm_strcpy(jcr->errmsg, _("Unable to set network buffer size.\n"));
Jmsg0(jcr, M_FATAL, 0, jcr->errmsg);
return false;
}
if (!acquire_device_for_append(dcr)) {
jcr->setJobStatus(JS_ErrorTerminated);
return false;
}
jcr->sendJobStatus(JS_Running);
//ASSERT(dev->VolCatInfo.VolCatName[0]);
if (dev->VolCatInfo.VolCatName[0] == 0) {
Pmsg0(000, _("NULL Volume name. This shouldn't happen!!!\n"));
}
Dmsg1(50, "Begin append device=%s\n", dev->print_name());
begin_data_spool(dcr);
begin_attribute_spool(jcr);
Dmsg0(100, "Just after acquire_device_for_append\n");
//ASSERT(dev->VolCatInfo.VolCatName[0]);
if (dev->VolCatInfo.VolCatName[0] == 0) {
Pmsg0(000, _("NULL Volume name. This shouldn't happen!!!\n"));
}
/*
* Write Begin Session Record
*/
if (!write_session_label(dcr, SOS_LABEL)) {
Jmsg1(jcr, M_FATAL, 0, _("Write session label failed. ERR=%s\n"),
dev->bstrerror());
jcr->setJobStatus(JS_ErrorTerminated);
ok = false;
}
//ASSERT(dev->VolCatInfo.VolCatName[0]);
if (dev->VolCatInfo.VolCatName[0] == 0) {
Pmsg0(000, _("NULL Volume name. This shouldn't happen!!!\n"));
}
/* Tell File daemon to send data */
if (!fd->fsend(OK_data)) {
berrno be;
Jmsg1(jcr, M_FATAL, 0, _("Network send error to FD. ERR=%s\n"),
be.bstrerror(fd->b_errno));
ok = false;
}
/*
* Get Data from File daemon, write to device. To clarify what is
* going on here. We expect:
* - A stream header
* - Multiple records of data
* - EOD record
*
* The Stream header is just used to synchronize things, and
* none of the stream header is written to tape.
* The Multiple records of data, contain first the Attributes,
* then after another stream header, the file data, then
* after another stream header, the MD5 data if any.
*
* So we get the (stream header, data, EOD) three time for each
* file. 1. for the Attributes, 2. for the file data if any,
* and 3. for the MD5 if any.
*/
dcr->VolFirstIndex = dcr->VolLastIndex = 0;
jcr->run_time = time(NULL); /* start counting time for rates */
GetMsg *qfd;
qfd = New(GetMsg(jcr, fd, NULL, GETMSG_MAX_MSG_SIZE));
qfd->start_read_sock();
for (last_file_index = 0; ok && !jcr->is_job_canceled(); ) {
/* Read Stream header from the File daemon.
* The stream header consists of the following:
* file_index (sequential Bacula file index, base 1)
* stream (Bacula number to distinguish parts of data)
* stream_len (Expected length of this stream. This
* will be the size backed up if the file does not
* grow during the backup.
*/
n = qfd->bget_msg(NULL);
if (n <= 0) {
if (n == BNET_SIGNAL && qfd->msglen == BNET_EOD) {
Dmsg0(200, "Got EOD on reading header.\n");
break; /* end of data */
}
Jmsg3(jcr, M_FATAL, 0, _("Error reading data header from FD. n=%d msglen=%d ERR=%s\n"),
n, qfd->msglen, fd->bstrerror());
// ASX TODO the fd->bstrerror() can be related to the wrong error, I should Queue the error too
possible_incomplete_job(jcr, last_file_index);
ok = false;
break;
}
if (sscanf(qfd->msg, "%ld %ld %lld", &file_index, &stream, &stream_len) != 3) {
// TODO ASX already done in bufmsg, should reuse the values
char buf[256];
Jmsg1(jcr, M_FATAL, 0, _("Malformed data header from FD: %s\n"), asciidump(qfd->msg, qfd->msglen, buf, sizeof(buf)));
ok = false;
possible_incomplete_job(jcr, last_file_index);
break;
}
Dmsg3(890, "<filed: Header FilInx=%d stream=%d stream_len=%lld\n",
file_index, stream, stream_len);
/*
* We make sure the file_index is advancing sequentially.
* An incomplete job can start the file_index at any number.
* otherwise, it must start at 1.
*/
if (jcr->rerunning && file_index > 0 && last_file_index == 0) {
goto fi_checked;
}
Dmsg2(400, "file_index=%d last_file_index=%d\n", file_index, last_file_index);
if (file_index > 0 && (file_index == last_file_index ||
file_index == last_file_index + 1)) {
goto fi_checked;
}
Jmsg2(jcr, M_FATAL, 0, _("FI=%d from FD not positive or last_FI=%d\n"),
file_index, last_file_index);
possible_incomplete_job(jcr, last_file_index);
ok = false;
break;
fi_checked:
if (file_index != last_file_index) {
jcr->JobFiles = file_index;
last_file_index = file_index;
}
/* Read data stream from the File daemon.
* The data stream is just raw bytes
*/
while ((n=qfd->bget_msg(NULL)) > 0 && !jcr->is_job_canceled()) {
rec.VolSessionId = jcr->VolSessionId;
rec.VolSessionTime = jcr->VolSessionTime;
rec.FileIndex = file_index;
rec.Stream = stream;
rec.StreamLen = stream_len;
rec.maskedStream = stream & STREAMMASK_TYPE; /* strip high bits */
rec.data_len = qfd->msglen;
rec.data = qfd->msg; /* use message buffer */
Dmsg4(850, "before writ_rec FI=%d SessId=%d Strm=%s len=%d\n",
rec.FileIndex, rec.VolSessionId,
stream_to_ascii(buf1, rec.Stream,rec.FileIndex),
rec.data_len);
ok = dcr->write_record(&rec);
if (!ok) {
Dmsg2(90, "Got write_block_to_dev error on device %s. %s\n",
dcr->dev->print_name(), dcr->dev->bstrerror());
break;
}
jcr->JobBytes += rec.data_len; /* increment bytes this job */
jcr->JobBytes += qfd->bmsg->jobbytes; // if the block as been downloaded, count it
Dmsg4(850, "write_record FI=%s SessId=%d Strm=%s len=%d\n",
FI_to_ascii(buf1, rec.FileIndex), rec.VolSessionId,
stream_to_ascii(buf2, rec.Stream, rec.FileIndex), rec.data_len);
send_attrs_to_dir(jcr, &rec);
Dmsg0(650, "Enter bnet_get\n");
}
Dmsg2(650, "End read loop with FD. JobFiles=%d Stat=%d\n", jcr->JobFiles, n);
if (fd->is_error()) {
if (!jcr->is_job_canceled()) {
Dmsg1(350, "Network read error from FD. ERR=%s\n", fd->bstrerror());
Jmsg1(jcr, M_FATAL, 0, _("Network error reading from FD. ERR=%s\n"),
fd->bstrerror());
possible_incomplete_job(jcr, last_file_index);
}
ok = false;
break;
}
}
qfd->wait_read_sock();
free_GetMsg(qfd);
if (eblock != NULL) {
free_pool_memory(eblock);
}
/* Create Job status for end of session label */
jcr->setJobStatus(ok?JS_Terminated:JS_ErrorTerminated);
if (ok) {
/* Terminate connection with Client */
fd->fsend(OK_append);
do_client_commands(jcr); /* finish dialog with Client */
} else {
fd->fsend("3999 Failed append\n");
}
Dmsg1(200, "Write EOS label JobStatus=%c\n", jcr->JobStatus);
/*
* Check if we can still write. This may not be the case
* if we are at the end of the tape or we got a fatal I/O error.
*/
if (ok || dev->can_write()) {
if (!write_session_label(dcr, EOS_LABEL)) {
/* Print only if ok and not cancelled to avoid spurious messages */
if (ok && !jcr->is_job_canceled()) {
Jmsg1(jcr, M_FATAL, 0, _("Error writing end session label. ERR=%s\n"),
dev->bstrerror());
possible_incomplete_job(jcr, last_file_index);
}
jcr->setJobStatus(JS_ErrorTerminated);
ok = false;
}
/* Flush out final partial block of this session */
if (!dcr->write_final_block_to_device()) {
/* Print only if ok and not cancelled to avoid spurious messages */
if (ok && !jcr->is_job_canceled()) {
Jmsg2(jcr, M_FATAL, 0, _("Fatal append error on device %s: ERR=%s\n"),
dev->print_name(), dev->bstrerror());
Dmsg0(100, _("Set ok=FALSE after write_final_block_to_device.\n"));
possible_incomplete_job(jcr, last_file_index);
}
jcr->setJobStatus(JS_ErrorTerminated);
ok = false;
}
}
flush_jobmedia_queue(jcr);
if (!ok && !jcr->is_JobStatus(JS_Incomplete)) {
discard_data_spool(dcr);
} else {
/* Note: if commit is OK, the device will remain blocked */
commit_data_spool(dcr);
}
/*
* Don't use time_t for job_elapsed as time_t can be 32 or 64 bits,
* and the subsequent Jmsg() editing will break
*/
int32_t job_elapsed = time(NULL) - jcr->run_time;
if (job_elapsed <= 0) {
job_elapsed = 1;
}
Jmsg(dcr->jcr, M_INFO, 0, _("Elapsed time=%02d:%02d:%02d, Transfer rate=%s Bytes/second\n"),
job_elapsed / 3600, job_elapsed % 3600 / 60, job_elapsed % 60,
edit_uint64_with_suffix(jcr->JobBytes / job_elapsed, ec));
/*
* Release the device -- and send final Vol info to DIR
* and unlock it.
*/
release_device(dcr);
if ((!ok || jcr->is_job_canceled()) && !jcr->is_JobStatus(JS_Incomplete)) {
discard_attribute_spool(jcr);
} else {
commit_attribute_spool(jcr);
}
jcr->sendJobStatus(); /* update director */
Dmsg1(100, "return from do_append_data() ok=%d\n", ok);
return ok;
}
/*
* Handle the data just read and send it to the SD after doing any postprocessing needed.
*/
static inline bool send_data_to_sd(b_ctx *bctx)
{
BSOCK *sd = bctx->jcr->store_bsock;
bool need_more_data;
/*
* Check for sparse blocks
*/
if (bit_is_set(FO_SPARSE, bctx->ff_pkt->flags)) {
bool allZeros;
ser_declare;
allZeros = false;
if ((sd->msglen == bctx->rsize &&
(bctx->fileAddr + sd->msglen < (uint64_t)bctx->ff_pkt->statp.st_size)) ||
((bctx->ff_pkt->type == FT_RAW ||
bctx->ff_pkt->type == FT_FIFO) &&
((uint64_t)bctx->ff_pkt->statp.st_size == 0))) {
allZeros = is_buf_zero(bctx->rbuf, bctx->rsize);
}
if (!allZeros) {
/*
* Put file address as first data in buffer
*/
ser_begin(bctx->wbuf, OFFSET_FADDR_SIZE);
ser_uint64(bctx->fileAddr); /* store fileAddr in begin of buffer */
}
bctx->fileAddr += sd->msglen; /* update file address */
/*
* Skip block of all zeros
*/
if (allZeros) {
return true;
}
} else if (bit_is_set(FO_OFFSETS, bctx->ff_pkt->flags)) {
ser_declare;
ser_begin(bctx->wbuf, OFFSET_FADDR_SIZE);
ser_uint64(bctx->ff_pkt->bfd.offset); /* store offset in begin of buffer */
}
bctx->jcr->ReadBytes += sd->msglen; /* count bytes read */
/*
* Uncompressed cipher input length
*/
bctx->cipher_input_len = sd->msglen;
/*
* Update checksum if requested
*/
if (bctx->digest) {
crypto_digest_update(bctx->digest, (uint8_t *)bctx->rbuf, sd->msglen);
}
/*
* Update signing digest if requested
*/
if (bctx->signing_digest) {
crypto_digest_update(bctx->signing_digest, (uint8_t *)bctx->rbuf, sd->msglen);
}
/*
* Compress the data.
*/
if (bit_is_set(FO_COMPRESS, bctx->ff_pkt->flags)) {
if (!compress_data(bctx->jcr, bctx->ff_pkt->Compress_algo, bctx->rbuf,
bctx->jcr->store_bsock->msglen, bctx->cbuf,
bctx->max_compress_len, &bctx->compress_len)) {
return false;
}
/*
* See if we need to generate a compression header.
*/
if (bctx->chead) {
ser_declare;
/*
* Complete header
*/
ser_begin(bctx->chead, sizeof(comp_stream_header));
ser_uint32(bctx->ch.magic);
ser_uint32(bctx->compress_len);
ser_uint16(bctx->ch.level);
ser_uint16(bctx->ch.version);
ser_end(bctx->chead, sizeof(comp_stream_header));
bctx->compress_len += sizeof(comp_stream_header); /* add size of header */
}
bctx->jcr->store_bsock->msglen = bctx->compress_len; /* set compressed length */
bctx->cipher_input_len = bctx->compress_len;
}
/*
* Encrypt the data.
*/
need_more_data = false;
if (bit_is_set(FO_ENCRYPT, bctx->ff_pkt->flags) && !encrypt_data(bctx, &need_more_data)) {
if (need_more_data) {
return true;
}
return false;
}
/*
* Send the buffer to the Storage daemon
*/
if (bit_is_set(FO_SPARSE, bctx->ff_pkt->flags) || bit_is_set(FO_OFFSETS, bctx->ff_pkt->flags)) {
sd->msglen += OFFSET_FADDR_SIZE; /* include fileAddr in size */
}
sd->msg = bctx->wbuf; /* set correct write buffer */
if (!sd->send()) {
if (!bctx->jcr->is_job_canceled()) {
Jmsg1(bctx->jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"), sd->bstrerror());
}
return false;
}
Dmsg1(130, "Send data to SD len=%d\n", sd->msglen);
bctx->jcr->JobBytes += sd->msglen; /* count bytes saved possibly compressed/encrypted */
sd->msg = bctx->msgsave; /* restore read buffer */
return true;
}
bool encode_and_send_attributes(JCR *jcr, FF_PKT *ff_pkt, int &data_stream)
{
BSOCK *sd = jcr->store_bsock;
char attribs[MAXSTRING];
char attribsEx[MAXSTRING];
int attr_stream;
int stat;
#ifdef FD_NO_SEND_TEST
return true;
#endif
Dmsg1(300, "encode_and_send_attrs fname=%s\n", ff_pkt->fname);
/* Find what data stream we will use, then encode the attributes */
if ((data_stream = select_data_stream(ff_pkt)) == STREAM_NONE) {
/* This should not happen */
Jmsg0(jcr, M_FATAL, 0, _("Invalid file flags, no supported data stream type.\n"));
return false;
}
encode_stat(attribs, &ff_pkt->statp, ff_pkt->LinkFI, data_stream);
/* Now possibly extend the attributes */
attr_stream = encode_attribsEx(jcr, attribsEx, ff_pkt);
Dmsg3(300, "File %s\nattribs=%s\nattribsEx=%s\n", ff_pkt->fname, attribs, attribsEx);
jcr->lock();
jcr->JobFiles++; /* increment number of files sent */
ff_pkt->FileIndex = jcr->JobFiles; /* return FileIndex */
pm_strcpy(jcr->last_fname, ff_pkt->fname);
jcr->unlock();
/*
* Send Attributes header to Storage daemon
* <file-index> <stream> <info>
*/
if (!sd->fsend("%ld %d 0", jcr->JobFiles, attr_stream)) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
return false;
}
Dmsg1(300, ">stored: attrhdr %s\n", sd->msg);
/*
* Send file attributes to Storage daemon
* File_index
* File type
* Filename (full path)
* Encoded attributes
* Link name (if type==FT_LNK or FT_LNKSAVED)
* Encoded extended-attributes (for Win32)
*
* For a directory, link is the same as fname, but with trailing
* slash. For a linked file, link is the link.
*/
if (ff_pkt->type != FT_DELETED) { /* already stripped */
strip_path(ff_pkt);
}
if (ff_pkt->type == FT_LNK || ff_pkt->type == FT_LNKSAVED) {
Dmsg2(300, "Link %s to %s\n", ff_pkt->fname, ff_pkt->link);
stat = sd->fsend("%ld %d %s%c%s%c%s%c%s%c", jcr->JobFiles,
ff_pkt->type, ff_pkt->fname, 0, attribs, 0, ff_pkt->link, 0,
attribsEx, 0);
} else if (ff_pkt->type == FT_DIREND || ff_pkt->type == FT_REPARSE) {
/* Here link is the canonical filename (i.e. with trailing slash) */
stat = sd->fsend("%ld %d %s%c%s%c%c%s%c", jcr->JobFiles,
ff_pkt->type, ff_pkt->link, 0, attribs, 0, 0, attribsEx, 0);
} else {
stat = sd->fsend("%ld %d %s%c%s%c%c%s%c", jcr->JobFiles,
ff_pkt->type, ff_pkt->fname, 0, attribs, 0, 0, attribsEx, 0);
}
if (ff_pkt->type != FT_DELETED) {
unstrip_path(ff_pkt);
}
Dmsg2(300, ">stored: attr len=%d: %s\n", sd->msglen, sd->msg);
if (!stat) {
Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
sd->bstrerror());
return false;
}
sd->signal(BNET_EOD); /* indicate end of attributes data */
return true;
}