3 * Bacula Director daemon -- this is the main program
5 * Kern Sibbald, March MM
10 Copyright (C) 2000-2006 Kern Sibbald
12 This program is free software; you can redistribute it and/or
13 modify it under the terms of the GNU General Public License
14 version 2 as amended with additional clauses defined in the
15 file LICENSE in the main source directory.
17 This program is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 the file LICENSE for additional details.
27 /* Forward referenced subroutines */
28 static void terminate_dird(int sig);
29 static int check_resources();
31 /* Exported subroutines */
32 extern "C" void reload_config(int sig);
33 extern void invalidate_schedules();
36 /* Imported subroutines */
37 JCR *wait_for_next_job(char *runjob);
38 void term_scheduler();
39 void term_ua_server();
40 void start_UA_server(dlist *addrs);
41 void init_job_server(int max_workers);
42 void term_job_server();
43 void store_jobtype(LEX *lc, RES_ITEM *item, int index, int pass);
44 void store_level(LEX *lc, RES_ITEM *item, int index, int pass);
45 void store_replace(LEX *lc, RES_ITEM *item, int index, int pass);
46 void init_device_resources();
48 static char *runjob = NULL;
49 static int background = 1;
50 static void init_reload(void);
52 /* Globals Exported */
53 DIRRES *director; /* Director resource */
56 char *configfile = NULL;
58 /* Globals Imported */
59 extern int r_first, r_last; /* first and last resources */
60 extern RES_TABLE resources[];
61 extern RES **res_head;
62 extern RES_ITEM job_items[];
66 #define CONFIG_FILE "./bacula-dir.conf" /* default configuration file */
71 "Copyright (C) 2000-2005 Kern Sibbald.\n"
72 "\nVersion: %s (%s)\n\n"
73 "Usage: dird [-f -s] [-c config_file] [-d debug_level] [config_file]\n"
74 " -c <file> set configuration file to file\n"
75 " -dnn set debug level to nn\n"
76 " -f run in foreground (for debugging)\n"
78 " -r <job> run <job> now\n"
80 " -t test - read configuration and exit\n"
82 " -v verbose user messages\n"
83 " -? print this message.\n"
84 "\n"), VERSION, BDATE);
90 /*********************************************************************
92 * Main Bacula Server program
95 int main (int argc, char *argv[])
99 int no_signals = FALSE;
100 int test_config = FALSE;
104 setlocale(LC_ALL, "");
105 bindtextdomain("bacula", LOCALEDIR);
106 textdomain("bacula");
109 my_name_is(argc, argv, "bacula-dir");
110 init_msg(NULL, NULL); /* initialize message handler */
112 daemon_start_time = time(NULL);
114 while ((ch = getopt(argc, argv, "c:d:fg:r:stu:v?")) != -1) {
116 case 'c': /* specify config file */
117 if (configfile != NULL) {
120 configfile = bstrdup(optarg);
123 case 'd': /* set debug level */
124 debug_level = atoi(optarg);
125 if (debug_level <= 0) {
128 Dmsg1(0, "Debug level = %d\n", debug_level);
131 case 'f': /* run in foreground */
135 case 'g': /* set group id */
139 case 'r': /* run job */
140 if (runjob != NULL) {
144 runjob = bstrdup(optarg);
148 case 's': /* turn off signals */
152 case 't': /* test config */
156 case 'u': /* set uid */
160 case 'v': /* verbose */
174 init_signals(terminate_dird);
178 if (configfile != NULL) {
181 configfile = bstrdup(*argv);
189 if (configfile == NULL) {
190 configfile = bstrdup(CONFIG_FILE);
193 parse_config(configfile);
195 if (init_crypto() != 0) {
196 Jmsg((JCR *)NULL, M_ERROR_TERM, 0, _("Cryptography library initialization failed.\n"));
199 if (!check_resources()) {
200 Jmsg((JCR *)NULL, M_ERROR_TERM, 0, _("Please correct configuration file: %s\n"), configfile);
207 my_name_is(0, NULL, director->hdr.name); /* set user defined name */
209 FDConnectTimeout = (int)director->FDConnectTimeout;
210 SDConnectTimeout = (int)director->SDConnectTimeout;
214 init_stack_dump(); /* grab new pid */
217 /* Create pid must come after we are a daemon -- so we have our final pid */
218 create_pid_file(director->pid_directory, "bacula-dir", get_first_port_host_order(director->DIRaddrs));
219 read_state_file(director->working_directory, "bacula-dir", get_first_port_host_order(director->DIRaddrs));
221 drop(uid, gid); /* reduce priveleges if requested */
223 signal(SIGHUP, reload_config);
225 init_console_msg(working_directory);
227 init_python_interpreter(director->hdr.name, director->scripts_directory,
230 set_thread_concurrency(director->MaxConcurrentJobs * 2 +
231 4 /* UA */ + 4 /* sched+watchdog+jobsvr+misc */);
233 Dmsg0(200, "Start UA server\n");
234 start_UA_server(director->DIRaddrs);
236 start_watchdog(); /* start network watchdog thread */
238 init_jcr_subsystem(); /* start JCR watchdogs etc. */
240 init_job_server(director->MaxConcurrentJobs);
242 Dmsg0(200, "wait for next job\n");
243 /* Main loop -- call scheduler to get next job to run */
244 while ( (jcr = wait_for_next_job(runjob)) ) {
245 run_job(jcr); /* run job */
246 free_jcr(jcr); /* release jcr */
247 if (runjob) { /* command line, run a single job? */
248 break; /* yes, terminate */
255 /* Cleanup and then exit */
256 static void terminate_dird(int sig)
258 static bool already_here = false;
260 if (already_here) { /* avoid recursive temination problems */
264 generate_daemon_event(NULL, "Exit");
265 write_state_file(director->working_directory, "bacula-dir", get_first_port_host_order(director->DIRaddrs));
266 delete_pid_file(director->pid_directory, "bacula-dir", get_first_port_host_order(director->DIRaddrs));
267 // signal(SIGCHLD, SIG_IGN); /* don't worry about children now */
273 if (configfile != NULL) {
276 if (debug_level > 5) {
277 print_memory_pool_stats();
279 free_config_resources();
281 term_msg(); /* terminate message handler */
284 close_memory_pool(); /* release free memory in pool */
289 struct RELOAD_TABLE {
294 static const int max_reloads = 32;
295 static RELOAD_TABLE reload_table[max_reloads];
297 static void init_reload(void)
299 for (int i=0; i < max_reloads; i++) {
300 reload_table[i].job_count = 0;
301 reload_table[i].res_table = NULL;
305 static void free_saved_resources(int table)
307 int num = r_last - r_first + 1;
308 RES **res_tab = reload_table[table].res_table;
310 Dmsg1(100, "res_tab for table %d already released.\n", table);
313 Dmsg1(100, "Freeing resources for table %d\n", table);
314 for (int j=0; j<num; j++) {
315 free_resource(res_tab[j], r_first + j);
318 reload_table[table].job_count = 0;
319 reload_table[table].res_table = NULL;
323 * Called here at the end of every job that was
324 * hooked decrementing the active job_count. When
325 * it goes to zero, no one is using the associated
326 * resource table, so free it.
328 static void reload_job_end_cb(JCR *jcr, void *ctx)
330 int reload_id = (int)((long int)ctx);
331 Dmsg3(100, "reload job_end JobId=%d table=%d cnt=%d\n", jcr->JobId,
332 reload_id, reload_table[reload_id].job_count);
335 if (--reload_table[reload_id].job_count <= 0) {
336 free_saved_resources(reload_id);
342 static int find_free_reload_table_entry()
345 for (int i=0; i < max_reloads; i++) {
346 if (reload_table[i].res_table == NULL) {
355 * If we get here, we have received a SIGHUP, which means to
356 * reread our configuration file.
358 * The algorithm used is as follows: we count how many jobs are
359 * running and mark the running jobs to make a callback on
360 * exiting. The old config is saved with the reload table
361 * id in a reload table. The new config file is read. Now, as
362 * each job exits, it calls back to the reload_job_end_cb(), which
363 * decrements the count of open jobs for the given reload table.
364 * When the count goes to zero, we release those resources.
365 * This allows us to have pointers into the resource table (from
366 * jobs), and once they exit and all the pointers are released, we
367 * release the old table. Note, if no new jobs are running since the
368 * last reload, then the old resources will be immediately release.
369 * A console is considered a job because it may have pointers to
370 * resources, but a SYSTEM job is not since it *should* not have any
371 * permanent pointers to jobs.
374 void reload_config(int sig)
376 static bool already_here = false;
379 int njobs = 0; /* number of running jobs */
384 abort(); /* Oops, recursion -> die */
388 sigaddset(&set, SIGHUP);
389 sigprocmask(SIG_BLOCK, &set, NULL);
394 table = find_free_reload_table_entry();
396 Jmsg(NULL, M_ERROR, 0, _("Too many open reload requests. Request ignored.\n"));
400 Dmsg1(100, "Reload_config njobs=%d\n", njobs);
401 reload_table[table].res_table = save_config_resources();
402 Dmsg1(100, "Saved old config in table %d\n", table);
404 ok = parse_config(configfile, 0, M_ERROR); /* no exit on error */
406 Dmsg0(100, "Reloaded config file\n");
407 if (!ok || !check_resources()) {
408 rtable = find_free_reload_table_entry(); /* save new, bad table */
410 Jmsg(NULL, M_ERROR, 0, _("Please correct configuration file: %s\n"), configfile);
411 Jmsg(NULL, M_ERROR_TERM, 0, _("Out of reload table entries. Giving up.\n"));
413 Jmsg(NULL, M_ERROR, 0, _("Please correct configuration file: %s\n"), configfile);
414 Jmsg(NULL, M_ERROR, 0, _("Resetting previous configuration.\n"));
416 reload_table[rtable].res_table = save_config_resources();
417 /* Now restore old resoure values */
418 int num = r_last - r_first + 1;
419 RES **res_tab = reload_table[table].res_table;
420 for (int i=0; i<num; i++) {
421 res_head[i] = res_tab[i];
423 table = rtable; /* release new, bad, saved table below */
425 invalidate_schedules();
427 * Hook all active jobs so that they release this table
430 if (jcr->JobType != JT_SYSTEM) {
431 reload_table[table].job_count++;
432 job_end_push(jcr, reload_job_end_cb, (void *)((long int)table));
440 set_working_directory(director->working_directory);
441 FDConnectTimeout = director->FDConnectTimeout;
442 SDConnectTimeout = director->SDConnectTimeout;
443 Dmsg0(0, "Director's configuration file reread.\n");
445 /* Now release saved resources, if no jobs using the resources */
447 free_saved_resources(table);
453 sigprocmask(SIG_UNBLOCK, &set, NULL);
454 signal(SIGHUP, reload_config);
455 already_here = false;
459 * Make a quick check to see that we have all the
462 * **** FIXME **** this routine could be a lot more
463 * intelligent and comprehensive.
465 static int check_resources()
472 job = (JOB *)GetNextRes(R_JOB, NULL);
473 director = (DIRRES *)GetNextRes(R_DIRECTOR, NULL);
475 Jmsg(NULL, M_FATAL, 0, _("No Director resource defined in %s\n"
476 "Without that I don't know who I am :-(\n"), configfile);
479 set_working_directory(director->working_directory);
480 if (!director->messages) { /* If message resource not specified */
481 director->messages = (MSGS *)GetNextRes(R_MSGS, NULL);
482 if (!director->messages) {
483 Jmsg(NULL, M_FATAL, 0, _("No Messages resource defined in %s\n"), configfile);
487 if (GetNextRes(R_DIRECTOR, (RES *)director) != NULL) {
488 Jmsg(NULL, M_FATAL, 0, _("Only one Director resource permitted in %s\n"),
492 /* tls_require implies tls_enable */
493 if (director->tls_require) {
495 director->tls_enable = true;
497 Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
502 if (!director->tls_certfile && director->tls_enable) {
503 Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Director \"%s\" in %s.\n"),
504 director->hdr.name, configfile);
508 if (!director->tls_keyfile && director->tls_enable) {
509 Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Director \"%s\" in %s.\n"),
510 director->hdr.name, configfile);
514 if ((!director->tls_ca_certfile && !director->tls_ca_certdir) && director->tls_enable && director->tls_verify_peer) {
515 Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\" or \"TLS CA"
516 " Certificate Dir\" are defined for Director \"%s\" in %s."
517 " At least one CA certificate store is required"
518 " when using \"TLS Verify Peer\".\n"),
519 director->hdr.name, configfile);
523 /* If everything is well, attempt to initialize our per-resource TLS context */
524 if (OK && (director->tls_enable || director->tls_require)) {
525 /* Initialize TLS context:
526 * Args: CA certfile, CA certdir, Certfile, Keyfile,
527 * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
528 director->tls_ctx = new_tls_context(director->tls_ca_certfile,
529 director->tls_ca_certdir, director->tls_certfile,
530 director->tls_keyfile, NULL, NULL, director->tls_dhfile,
531 director->tls_verify_peer);
533 if (!director->tls_ctx) {
534 Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Director \"%s\" in %s.\n"),
535 director->hdr.name, configfile);
542 Jmsg(NULL, M_FATAL, 0, _("No Job records defined in %s\n"), configfile);
545 foreach_res(job, R_JOB) {
549 /* Handle Storage alists specifically */
550 JOB *jobdefs = job->jobdefs;
551 if (jobdefs->storage && !job->storage) {
553 job->storage = New(alist(10, not_owned_by_alist));
554 foreach_alist(st, jobdefs->storage) {
555 job->storage->append(st);
558 /* Handle RunScripts alists specifically */
559 if (jobdefs->RunScripts) {
562 if (!job->RunScripts) {
563 job->RunScripts = New(alist(10, not_owned_by_alist));
566 foreach_alist(rs, jobdefs->RunScripts) {
567 elt = copy_runscript(rs);
568 job->RunScripts->append(elt); /* we have to free it */
572 /* Transfer default items from JobDefs Resource */
573 for (i=0; job_items[i].name; i++) {
574 char **def_svalue, **svalue; /* string value */
575 int *def_ivalue, *ivalue; /* integer value */
576 bool *def_bvalue, *bvalue; /* bool value */
577 int64_t *def_lvalue, *lvalue; /* 64 bit values */
580 Dmsg4(1400, "Job \"%s\", field \"%s\" bit=%d def=%d\n",
581 job->hdr.name, job_items[i].name,
582 bit_is_set(i, job->hdr.item_present),
583 bit_is_set(i, job->jobdefs->hdr.item_present));
585 if (!bit_is_set(i, job->hdr.item_present) &&
586 bit_is_set(i, job->jobdefs->hdr.item_present)) {
587 Dmsg2(400, "Job \"%s\", field \"%s\": getting default.\n",
588 job->hdr.name, job_items[i].name);
589 offset = (char *)(job_items[i].value) - (char *)&res_all;
591 * Handle strings and directory strings
593 if (job_items[i].handler == store_str ||
594 job_items[i].handler == store_dir) {
595 def_svalue = (char **)((char *)(job->jobdefs) + offset);
596 Dmsg5(400, "Job \"%s\", field \"%s\" def_svalue=%s item %d offset=%u\n",
597 job->hdr.name, job_items[i].name, *def_svalue, i, offset);
598 svalue = (char **)((char *)job + offset);
600 Pmsg1(000, _("Hey something is wrong. p=0x%lu\n"), *svalue);
602 *svalue = bstrdup(*def_svalue);
603 set_bit(i, job->hdr.item_present);
607 } else if (job_items[i].handler == store_res) {
608 def_svalue = (char **)((char *)(job->jobdefs) + offset);
609 Dmsg4(400, "Job \"%s\", field \"%s\" item %d offset=%u\n",
610 job->hdr.name, job_items[i].name, i, offset);
611 svalue = (char **)((char *)job + offset);
613 Pmsg1(000, _("Hey something is wrong. p=0x%lu\n"), *svalue);
615 *svalue = *def_svalue;
616 set_bit(i, job->hdr.item_present);
618 * Handle alist resources
620 } else if (job_items[i].handler == store_alist_res) {
621 if (bit_is_set(i, job->jobdefs->hdr.item_present)) {
622 set_bit(i, job->hdr.item_present);
625 * Handle integer fields
626 * Note, our store_bit does not handle bitmaped fields
628 } else if (job_items[i].handler == store_bit ||
629 job_items[i].handler == store_pint ||
630 job_items[i].handler == store_jobtype ||
631 job_items[i].handler == store_level ||
632 job_items[i].handler == store_pint ||
633 job_items[i].handler == store_replace) {
634 def_ivalue = (int *)((char *)(job->jobdefs) + offset);
635 Dmsg5(400, "Job \"%s\", field \"%s\" def_ivalue=%d item %d offset=%u\n",
636 job->hdr.name, job_items[i].name, *def_ivalue, i, offset);
637 ivalue = (int *)((char *)job + offset);
638 *ivalue = *def_ivalue;
639 set_bit(i, job->hdr.item_present);
641 * Handle 64 bit integer fields
643 } else if (job_items[i].handler == store_time ||
644 job_items[i].handler == store_size ||
645 job_items[i].handler == store_int64) {
646 def_lvalue = (int64_t *)((char *)(job->jobdefs) + offset);
647 Dmsg5(400, "Job \"%s\", field \"%s\" def_lvalue=%" lld " item %d offset=%u\n",
648 job->hdr.name, job_items[i].name, *def_lvalue, i, offset);
649 lvalue = (int64_t *)((char *)job + offset);
650 *lvalue = *def_lvalue;
651 set_bit(i, job->hdr.item_present);
655 } else if (job_items[i].handler == store_bool) {
656 def_bvalue = (bool *)((char *)(job->jobdefs) + offset);
657 Dmsg5(400, "Job \"%s\", field \"%s\" def_bvalue=%d item %d offset=%u\n",
658 job->hdr.name, job_items[i].name, *def_bvalue, i, offset);
659 bvalue = (bool *)((char *)job + offset);
660 *bvalue = *def_bvalue;
661 set_bit(i, job->hdr.item_present);
667 * Ensure that all required items are present
669 for (i=0; job_items[i].name; i++) {
670 if (job_items[i].flags & ITEM_REQUIRED) {
671 if (!bit_is_set(i, job->hdr.item_present)) {
672 Jmsg(NULL, M_FATAL, 0, _("\"%s\" directive in Job \"%s\" resource is required, but not found.\n"),
673 job_items[i].name, job->hdr.name);
677 /* If this triggers, take a look at lib/parse_conf.h */
678 if (i >= MAX_RES_ITEMS) {
679 Emsg0(M_ERROR_TERM, 0, _("Too many items in Job resource\n"));
682 } /* End loop over Job res */
684 /* Loop over databases */
686 foreach_res(catalog, R_CATALOG) {
689 * Make sure we can open catalog, otherwise print a warning
690 * message because the server is probably not running.
692 db = db_init_database(NULL, catalog->db_name, catalog->db_user,
693 catalog->db_password, catalog->db_address,
694 catalog->db_port, catalog->db_socket,
695 catalog->mult_db_connections);
696 if (!db || !db_open_database(NULL, db)) {
697 Jmsg(NULL, M_FATAL, 0, _("Could not open Catalog \"%s\", database \"%s\".\n"),
698 catalog->hdr.name, catalog->db_name);
700 Jmsg(NULL, M_FATAL, 0, _("%s"), db_strerror(db));
706 /* Loop over all pools, defining/updating them in each database */
708 foreach_res(pool, R_POOL) {
709 create_pool(NULL, db, pool, POOL_OP_UPDATE); /* update request */
713 foreach_res(store, R_STORAGE) {
716 if (store->media_type) {
717 bstrncpy(mr.MediaType, store->media_type, sizeof(mr.MediaType));
719 db_create_mediatype_record(NULL, db, &mr);
723 bstrncpy(sr.Name, store->name(), sizeof(sr.Name));
724 sr.AutoChanger = store->autochanger;
725 db_create_storage_record(NULL, db, &sr);
726 store->StorageId = sr.StorageId; /* set storage Id */
727 if (!sr.created) { /* if not created, update it */
728 db_update_storage_record(NULL, db, &sr);
731 /* tls_require implies tls_enable */
732 if (store->tls_require) {
734 store->tls_enable = true;
736 Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
741 if ((!store->tls_ca_certfile && !store->tls_ca_certdir) && store->tls_enable) {
742 Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
743 " or \"TLS CA Certificate Dir\" are defined for Storage \"%s\" in %s.\n"),
744 store->hdr.name, configfile);
748 /* If everything is well, attempt to initialize our per-resource TLS context */
749 if (OK && (store->tls_enable || store->tls_require)) {
750 /* Initialize TLS context:
751 * Args: CA certfile, CA certdir, Certfile, Keyfile,
752 * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
753 store->tls_ctx = new_tls_context(store->tls_ca_certfile,
754 store->tls_ca_certdir, store->tls_certfile,
755 store->tls_keyfile, NULL, NULL, NULL, true);
757 if (!store->tls_ctx) {
758 Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Storage \"%s\" in %s.\n"),
759 store->hdr.name, configfile);
765 /* Loop over all counters, defining them in each database */
766 /* Set default value in all counters */
768 foreach_res(counter, R_COUNTER) {
769 /* Write to catalog? */
770 if (!counter->created && counter->Catalog == catalog) {
772 bstrncpy(cr.Counter, counter->hdr.name, sizeof(cr.Counter));
773 cr.MinValue = counter->MinValue;
774 cr.MaxValue = counter->MaxValue;
775 cr.CurrentValue = counter->MinValue;
776 if (counter->WrapCounter) {
777 bstrncpy(cr.WrapCounter, counter->WrapCounter->hdr.name, sizeof(cr.WrapCounter));
779 cr.WrapCounter[0] = 0; /* empty string */
781 if (db_create_counter_record(NULL, db, &cr)) {
782 counter->CurrentValue = cr.CurrentValue;
783 counter->created = true;
784 Dmsg2(100, "Create counter %s val=%d\n", counter->hdr.name, counter->CurrentValue);
787 if (!counter->created) {
788 counter->CurrentValue = counter->MinValue; /* default value */
791 db_close_database(NULL, db);
794 /* Loop over Consoles */
796 foreach_res(cons, R_CONSOLE) {
797 /* tls_require implies tls_enable */
798 if (cons->tls_require) {
800 cons->tls_enable = true;
802 Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
808 if (!cons->tls_certfile && cons->tls_enable) {
809 Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Console \"%s\" in %s.\n"),
810 cons->hdr.name, configfile);
814 if (!cons->tls_keyfile && cons->tls_enable) {
815 Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Console \"%s\" in %s.\n"),
816 cons->hdr.name, configfile);
820 if ((!cons->tls_ca_certfile && !cons->tls_ca_certdir) && cons->tls_enable && cons->tls_verify_peer) {
821 Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\" or \"TLS CA"
822 " Certificate Dir\" are defined for Console \"%s\" in %s."
823 " At least one CA certificate store is required"
824 " when using \"TLS Verify Peer\".\n"),
825 cons->hdr.name, configfile);
828 /* If everything is well, attempt to initialize our per-resource TLS context */
829 if (OK && (cons->tls_enable || cons->tls_require)) {
830 /* Initialize TLS context:
831 * Args: CA certfile, CA certdir, Certfile, Keyfile,
832 * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
833 cons->tls_ctx = new_tls_context(cons->tls_ca_certfile,
834 cons->tls_ca_certdir, cons->tls_certfile,
835 cons->tls_keyfile, NULL, NULL, cons->tls_dhfile, cons->tls_verify_peer);
837 if (!cons->tls_ctx) {
838 Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
839 cons->hdr.name, configfile);
846 /* Loop over Clients */
848 foreach_res(client, R_CLIENT) {
849 /* tls_require implies tls_enable */
850 if (client->tls_require) {
852 client->tls_enable = true;
854 Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
860 if ((!client->tls_ca_certfile && !client->tls_ca_certdir) && client->tls_enable) {
861 Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
862 " or \"TLS CA Certificate Dir\" are defined for File daemon \"%s\" in %s.\n"),
863 client->hdr.name, configfile);
867 /* If everything is well, attempt to initialize our per-resource TLS context */
868 if (OK && (client->tls_enable || client->tls_require)) {
869 /* Initialize TLS context:
870 * Args: CA certfile, CA certdir, Certfile, Keyfile,
871 * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
872 client->tls_ctx = new_tls_context(client->tls_ca_certfile,
873 client->tls_ca_certdir, client->tls_certfile,
874 client->tls_keyfile, NULL, NULL, NULL,
877 if (!client->tls_ctx) {
878 Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
879 client->hdr.name, configfile);
887 close_msg(NULL); /* close temp message handler */
888 init_msg(NULL, director->messages); /* open daemon message handler */