3 * Bacula Director -- authorize.c -- handles authorization of
4 * Storage and File daemons.
6 * Kern Sibbald, May MMI
8 * This routine runs as a thread and must be thread reentrant.
14 Copyright (C) 2000, 2001, 2002 Kern Sibbald and John Walker
16 This program is free software; you can redistribute it and/or
17 modify it under the terms of the GNU General Public License as
18 published by the Free Software Foundation; either version 2 of
19 the License, or (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
24 General Public License for more details.
26 You should have received a copy of the GNU General Public
27 License along with this program; if not, write to the Free
28 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
36 extern DIRRES *director;
37 extern char my_name[];
39 /* Commands sent to Storage daemon and File daemon and received
40 * from the User Agent */
41 static char hello[] = "Hello Director %s calling\n";
43 /* Response from Storage daemon */
44 static char OKhello[] = "3000 OK Hello\n";
45 static char FDOKhello[] = "2000 OK Hello\n";
47 /* Sent to User Agent */
48 static char Dir_sorry[] = N_("1999 You are not authorized.\n");
50 /* Forward referenced functions */
53 * Authenticate Storage daemon connection
55 int authenticate_storage_daemon(JCR *jcr)
57 BSOCK *sd = jcr->store_bsock;
60 * Send my name to the Storage daemon then do authentication
62 if (!bnet_fsend(sd, hello, director->hdr.name)) {
63 Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to Storage daemon. ERR=%s\n"), bnet_strerror(sd));
66 if (!cram_md5_get_auth(sd, jcr->store->password) ||
67 !cram_md5_auth(sd, jcr->store->password)) {
68 Jmsg0(jcr, M_FATAL, 0, _("Director and Storage daemon passwords not the same.\n"));
71 Dmsg1(6, ">stored: %s", sd->msg);
72 if (bnet_recv(sd) <= 0) {
73 Emsg1(M_FATAL, 0, _("bdird<stored: bad response to Hello command: ERR=%s\n"),
77 Dmsg1(10, "<stored: %s", sd->msg);
78 if (strncmp(sd->msg, OKhello, sizeof(OKhello)) != 0) {
79 Emsg0(M_FATAL, 0, _("Storage daemon rejected Hello command\n"));
86 * Authenticate File daemon connection
88 int authenticate_file_daemon(JCR *jcr)
90 BSOCK *fd = jcr->file_bsock;
93 * Send my name to the File daemon then do authentication
95 if (!bnet_fsend(fd, hello, director->hdr.name)) {
96 Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to File daemon. ERR=%s\n"), bnet_strerror(fd));
99 if (!cram_md5_get_auth(fd, jcr->client->password) ||
100 !cram_md5_auth(fd, jcr->client->password)) {
101 Jmsg(jcr, M_FATAL, 0, _("Director and File daemon passwords not the same.\n"));
104 Dmsg1(6, ">filed: %s", fd->msg);
105 if (bnet_recv(fd) <= 0) {
106 Jmsg(jcr, M_FATAL, 0, _("bdird<filed: bad response to Hello command: ERR=%s\n"),
110 Dmsg1(10, "<stored: %s", fd->msg);
111 if (strncmp(fd->msg, FDOKhello, sizeof(FDOKhello)) != 0) {
112 Jmsg(jcr, M_FATAL, 0, _("File daemon rejected Hello command\n"));
118 /*********************************************************************
121 int authenticate_user_agent(BSOCK *ua)
127 if (sscanf(ua->msg, "Hello %127s calling\n", name) != 1) {
128 Emsg1(M_FATAL, 0, _("Authentication failure: %s"), ua->msg);
132 ok = cram_md5_auth(ua, director->password) &&
133 cram_md5_get_auth(ua, director->password);
136 bnet_fsend(ua, "%s", _(Dir_sorry));
137 Emsg0(M_WARNING, 0, _("Unable to authenticate User Agent\n"));
141 bnet_fsend(ua, "1000 OK: %s Version: " VERSION " (" DATE ")\n", my_name);