3 * Bacula Director -- authorize.c -- handles authorization of
4 * Storage and File daemons.
6 * Kern Sibbald, May MMI
8 * This routine runs as a thread and must be thread reentrant.
14 Copyright (C) 2000, 2001, 2002 Kern Sibbald and John Walker
16 This program is free software; you can redistribute it and/or
17 modify it under the terms of the GNU General Public License as
18 published by the Free Software Foundation; either version 2 of
19 the License, or (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
24 General Public License for more details.
26 You should have received a copy of the GNU General Public
27 License along with this program; if not, write to the Free
28 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
36 extern DIRRES *director;
37 extern char my_name[];
39 /* Commands sent to Storage daemon and File daemon and received
40 * from the User Agent */
41 static char hello[] = "Hello Director %s calling\n";
43 /* Response from Storage daemon */
44 static char OKhello[] = "3000 OK Hello\n";
45 static char FDOKhello[] = "2000 OK Hello\n";
47 /* Sent to User Agent */
48 static char Dir_sorry[] = N_("1999 You are not authorized.\n");
50 /* Forward referenced functions */
53 * Authenticate Storage daemon connection
55 int authenticate_storage_daemon(JCR *jcr)
57 BSOCK *sd = jcr->store_bsock;
58 char dirname[MAX_NAME_LENGTH];
61 * Send my name to the Storage daemon then do authentication
63 strcpy(dirname, director->hdr.name);
65 if (!bnet_fsend(sd, hello, dirname)) {
66 Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to Storage daemon. ERR=%s\n"), bnet_strerror(sd));
69 if (!cram_md5_get_auth(sd, jcr->store->password) ||
70 !cram_md5_auth(sd, jcr->store->password)) {
71 Jmsg0(jcr, M_FATAL, 0, _("Director and Storage daemon passwords not the same.\n"));
74 Dmsg1(116, ">stored: %s", sd->msg);
75 if (bnet_recv(sd) <= 0) {
76 Emsg1(M_FATAL, 0, _("bdird<stored: bad response to Hello command: ERR=%s\n"),
80 Dmsg1(110, "<stored: %s", sd->msg);
81 if (strncmp(sd->msg, OKhello, sizeof(OKhello)) != 0) {
82 Emsg0(M_FATAL, 0, _("Storage daemon rejected Hello command\n"));
89 * Authenticate File daemon connection
91 int authenticate_file_daemon(JCR *jcr)
93 BSOCK *fd = jcr->file_bsock;
94 char dirname[MAX_NAME_LENGTH];
97 * Send my name to the File daemon then do authentication
99 strcpy(dirname, director->hdr.name);
100 bash_spaces(dirname);
101 if (!bnet_fsend(fd, hello, director->hdr.name)) {
102 Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to File daemon. ERR=%s\n"), bnet_strerror(fd));
105 if (!cram_md5_get_auth(fd, jcr->client->password) ||
106 !cram_md5_auth(fd, jcr->client->password)) {
107 Jmsg(jcr, M_FATAL, 0, _("Director and File daemon passwords not the same.\n"));
110 Dmsg1(116, ">filed: %s", fd->msg);
111 if (bnet_recv(fd) <= 0) {
112 Jmsg(jcr, M_FATAL, 0, _("bdird<filed: bad response to Hello command: ERR=%s\n"),
116 Dmsg1(110, "<stored: %s", fd->msg);
117 if (strncmp(fd->msg, FDOKhello, sizeof(FDOKhello)) != 0) {
118 Jmsg(jcr, M_FATAL, 0, _("File daemon rejected Hello command\n"));
124 /*********************************************************************
127 int authenticate_user_agent(BSOCK *ua)
129 char name[MAXSTRING];
132 if (ua->msglen > MAXSTRING ||
133 sscanf(ua->msg, "Hello %127s calling\n", name) != 1) {
134 ua->msg[100] = 0; /* terminate string */
135 Emsg1(M_ERROR, 0, _("Authentication failure: %s"), ua->msg);
139 ok = cram_md5_auth(ua, director->password) &&
140 cram_md5_get_auth(ua, director->password);
143 bnet_fsend(ua, "%s", _(Dir_sorry));
144 Emsg0(M_WARNING, 0, _("Unable to authenticate User Agent\n"));
148 bnet_fsend(ua, "1000 OK: %s Version: " VERSION " (" BDATE ")\n", my_name);
projects / bacula / bacula / blob