3 * Bacula Director -- authorize.c -- handles authorization of
4 * Storage and File daemons.
6 * Kern Sibbald, May MMI
8 * This routine runs as a thread and must be thread reentrant.
10 * Basic tasks done here:
14 Copyright (C) 2000, 2001, 2002 Kern Sibbald and John Walker
16 This program is free software; you can redistribute it and/or
17 modify it under the terms of the GNU General Public License as
18 published by the Free Software Foundation; either version 2 of
19 the License, or (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
24 General Public License for more details.
26 You should have received a copy of the GNU General Public
27 License along with this program; if not, write to the Free
28 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
36 extern DIRRES *director;
37 extern char my_name[];
39 /* Commands sent to Storage daemon and File daemon and received
40 * from the User Agent */
41 static char hello[] = "Hello Director %s calling\n";
43 /* Response from Storage daemon */
44 static char OKhello[] = "3000 OK Hello\n";
45 static char FDOKhello[] = "2000 OK Hello\n";
47 /* Sent to User Agent */
48 static char Dir_sorry[] = N_("1999 You are not authorized.\n");
50 /* Forward referenced functions */
53 * Authenticate Storage daemon connection
55 int authenticate_storage_daemon(JCR *jcr)
57 BSOCK *sd = jcr->store_bsock;
60 * Send my name to the Storage daemon then do authentication
62 if (!bnet_fsend(sd, hello, director->hdr.name)) {
63 Emsg1(M_FATAL, 0, _("Auth send error. ERR=%s\n"), bnet_strerror(sd));
65 if (!cram_md5_get_auth(sd, jcr->store->password) ||
66 !cram_md5_auth(sd, jcr->store->password)) {
67 Emsg0(M_FATAL, 0, _("Storage daemon authorization failed.\n"));
70 Dmsg1(6, ">stored: %s", sd->msg);
71 if (bnet_recv(sd) <= 0) {
72 Emsg1(M_FATAL, 0, _("bdird<stored: bad response to Hello command: ERR=%s\n"),
76 Dmsg1(10, "<stored: %s", sd->msg);
77 if (strncmp(sd->msg, OKhello, sizeof(OKhello)) != 0) {
78 Emsg0(M_FATAL, 0, _("Storage daemon rejected Hello command\n"));
85 * Authenticate File daemon connection
87 int authenticate_file_daemon(JCR *jcr)
89 BSOCK *fd = jcr->file_bsock;
92 * Send my name to the File daemon then do authentication
94 bnet_fsend(fd, hello, director->hdr.name);
95 if (!cram_md5_get_auth(fd, jcr->client->password) ||
96 !cram_md5_auth(fd, jcr->client->password)) {
97 Emsg0(M_FATAL, 0, _("File daemon authentication failed.\n"));
100 Dmsg1(6, ">filed: %s", fd->msg);
101 if (bnet_recv(fd) <= 0) {
102 Emsg1(M_FATAL, 0, _("bdird<filed: bad response to Hello command: ERR=%s\n"),
106 Dmsg1(10, "<stored: %s", fd->msg);
107 if (strncmp(fd->msg, FDOKhello, sizeof(FDOKhello)) != 0) {
108 Emsg0(M_FATAL, 0, _("File daemon rejected Hello command\n"));
114 /*********************************************************************
117 int authenticate_user_agent(BSOCK *ua)
123 if (sscanf(ua->msg, "Hello %127s calling\n", name) != 1) {
124 Emsg1(M_FATAL, 0, _("Authentication failure: %s"), ua->msg);
128 ok = cram_md5_auth(ua, director->password) &&
129 cram_md5_get_auth(ua, director->password);
132 bnet_fsend(ua, "%s", _(Dir_sorry));
133 Emsg0(M_WARNING, 0, _("Unable to authenticate User Agent\n"));
136 bnet_fsend(ua, "1000 OK: %s Version: " VERSION " (" DATE ")\n", my_name);