2 * Bacula File Daemon backup.c send file attributes and data
3 * to the Storage daemon.
5 * Kern Sibbald, March MM
11 Bacula® - The Network Backup Solution
13 Copyright (C) 2000-2006 Free Software Foundation Europe e.V.
15 The main author of Bacula is Kern Sibbald, with contributions from
16 many others, a complete list can be found in the file AUTHORS.
17 This program is Free Software; you can redistribute it and/or
18 modify it under the terms of version two of the GNU General Public
19 License as published by the Free Software Foundation plus additions
20 that are listed in the file LICENSE.
22 This program is distributed in the hope that it will be useful, but
23 WITHOUT ANY WARRANTY; without even the implied warranty of
24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
25 General Public License for more details.
27 You should have received a copy of the GNU General Public License
28 along with this program; if not, write to the Free Software
29 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
32 Bacula® is a registered trademark of John Walker.
33 The licensor of Bacula is the Free Software Foundation Europe
34 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
35 Switzerland, email:ftf@fsfeurope.org.
41 /* Forward referenced functions */
42 static int save_file(FF_PKT *ff_pkt, void *pkt, bool top_level);
43 static int send_data(JCR *jcr, int stream, FF_PKT *ff_pkt, DIGEST *digest, DIGEST *signature_digest);
44 static bool encode_and_send_attributes(JCR *jcr, FF_PKT *ff_pkt, int &data_stream);
45 static bool read_and_send_acl(JCR *jcr, int acltype, int stream);
48 * Find all the requested files and send them
49 * to the Storage daemon.
51 * Note, we normally carry on a one-way
52 * conversation from this point on with the SD, simply blasting
53 * data to him. To properly know what is going on, we
54 * also run a "heartbeat" monitor which reads the socket and
55 * reacts accordingly (at the moment it has nothing to do
56 * except echo the heartbeat to the Director).
59 bool blast_data_to_storage_daemon(JCR *jcr, char *addr)
63 // TODO landonf: Allow user to specify encryption algorithm
64 crypto_cipher_t cipher = CRYPTO_CIPHER_AES_128_CBC;
66 sd = jcr->store_bsock;
68 set_jcr_job_status(jcr, JS_Running);
70 Dmsg1(300, "bfiled: opened data connection %d to stored\n", sd->fd);
73 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
77 buf_size = client->max_network_buffer_size;
79 buf_size = 0; /* use default */
81 if (!bnet_set_buffer_size(sd, buf_size, BNET_SETBUF_WRITE)) {
82 set_jcr_job_status(jcr, JS_ErrorTerminated);
83 Jmsg(jcr, M_FATAL, 0, _("Cannot set buffer size FD->SD.\n"));
87 jcr->buf_size = sd->msglen;
88 /* Adjust for compression so that output buffer is
89 * 12 bytes + 0.1% larger than input buffer plus 18 bytes.
90 * This gives a bit extra plus room for the sparse addr if any.
91 * Note, we adjust the read size to be smaller so that the
92 * same output buffer can be used without growing it.
94 * The zlib compression workset is initialized here to minimise
95 * the "per file" load. The jcr member is only set, if the init was successful.
97 jcr->compress_buf_size = jcr->buf_size + ((jcr->buf_size+999) / 1000) + 30;
98 jcr->compress_buf = get_memory(jcr->compress_buf_size);
101 z_stream *pZlibStream = (z_stream*)malloc(sizeof(z_stream));
103 pZlibStream->zalloc = Z_NULL;
104 pZlibStream->zfree = Z_NULL;
105 pZlibStream->opaque = Z_NULL;
106 pZlibStream->state = Z_NULL;
108 if (deflateInit(pZlibStream, Z_DEFAULT_COMPRESSION) == Z_OK)
109 jcr->pZLIB_compress_workset = pZlibStream;
115 /* Create encryption session data and a cached, DER-encoded session data
116 * structure. We use a single session key for each backup, so we'll encode
117 * the session data only once. */
118 if (jcr->pki_encrypt) {
121 /* Create per-job session encryption context */
122 jcr->pki_session = crypto_session_new(cipher, jcr->pki_recipients);
124 /* Get the session data size */
125 if (crypto_session_encode(jcr->pki_session, (uint8_t *)0, &size) == false) {
126 Jmsg(jcr, M_FATAL, 0, _("An error occured while encrypting the stream.\n"));
130 /* Allocate buffer */
131 jcr->pki_session_encoded = (uint8_t *)malloc(size);
132 if (!jcr->pki_session_encoded) {
136 /* Encode session data */
137 if (crypto_session_encode(jcr->pki_session, jcr->pki_session_encoded, &size) == false) {
138 Jmsg(jcr, M_FATAL, 0, _("An error occured while encrypting the stream.\n"));
142 /* ... and store the encoded size */
143 jcr->pki_session_encoded_size = size;
145 /* Allocate the encryption/decryption buffer */
146 jcr->crypto_buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
149 Dmsg1(300, "set_find_options ff=%p\n", jcr->ff);
150 set_find_options((FF_PKT *)jcr->ff, jcr->incremental, jcr->mtime);
151 Dmsg0(300, "start find files\n");
153 start_heartbeat_monitor(jcr);
155 jcr->acl_text = get_pool_memory(PM_MESSAGE);
157 /* Subroutine save_file() is called for each file */
158 if (!find_files(jcr, (FF_PKT *)jcr->ff, save_file, (void *)jcr)) {
159 ok = false; /* error */
160 set_jcr_job_status(jcr, JS_ErrorTerminated);
161 // Jmsg(jcr, M_FATAL, 0, _("Find files error.\n"));
164 free_pool_memory(jcr->acl_text);
166 stop_heartbeat_monitor(jcr);
168 bnet_sig(sd, BNET_EOD); /* end of sending data */
174 if (jcr->compress_buf) {
175 free_pool_memory(jcr->compress_buf);
176 jcr->compress_buf = NULL;
178 if (jcr->pZLIB_compress_workset) {
179 /* Free the zlib stream */
181 deflateEnd((z_stream *)jcr->pZLIB_compress_workset);
183 free (jcr->pZLIB_compress_workset);
184 jcr->pZLIB_compress_workset = NULL;
186 if (jcr->crypto_buf) {
187 free_pool_memory(jcr->crypto_buf);
188 jcr->crypto_buf = NULL;
190 if (jcr->pki_session) {
191 crypto_session_free(jcr->pki_session);
193 if (jcr->pki_session_encoded) {
194 free(jcr->pki_session_encoded);
197 Dmsg1(100, "end blast_data ok=%d\n", ok);
202 * Called here by find() for each file included.
203 * This is a callback. The original is find_files() above.
205 * Send the file and its data to the Storage daemon.
209 * -1 to ignore file/directory (not used here)
211 static int save_file(FF_PKT *ff_pkt, void *vjcr, bool top_level)
213 int stat, data_stream;
214 DIGEST *digest = NULL;
215 DIGEST *signing_digest = NULL;
216 int digest_stream = STREAM_NONE;
217 bool has_file_data = false;
218 // TODO landonf: Allow the user to specify the digest algorithm
220 crypto_digest_t signing_algorithm = CRYPTO_DIGEST_SHA256;
222 crypto_digest_t signing_algorithm = CRYPTO_DIGEST_SHA1;
224 JCR *jcr = (JCR *)vjcr;
225 BSOCK *sd = jcr->store_bsock;
227 if (job_canceled(jcr)) {
231 jcr->num_files_examined++; /* bump total file count */
233 switch (ff_pkt->type) {
234 case FT_LNKSAVED: /* Hard linked, file already saved */
235 Dmsg2(130, "FT_LNKSAVED hard link: %s => %s\n", ff_pkt->fname, ff_pkt->link);
238 Dmsg1(130, "FT_REGE saving: %s\n", ff_pkt->fname);
239 has_file_data = true;
242 Dmsg1(130, "FT_REG saving: %s\n", ff_pkt->fname);
243 has_file_data = true;
246 Dmsg2(130, "FT_LNK saving: %s -> %s\n", ff_pkt->fname, ff_pkt->link);
249 jcr->num_files_examined--; /* correct file count */
250 return 1; /* not used */
252 Jmsg(jcr, M_INFO, 1, _(" Recursion turned off. Will not descend from %s into %s\n"),
253 ff_pkt->top_fname, ff_pkt->fname);
254 ff_pkt->type = FT_DIREND; /* Backup only the directory entry */
257 /* Suppress message for /dev filesystems */
258 if (strncmp(ff_pkt->fname, "/dev/", 5) != 0) {
259 Jmsg(jcr, M_INFO, 1, _(" %s is a different filesystem. Will not descend from %s into %s\n"),
260 ff_pkt->fname, ff_pkt->top_fname, ff_pkt->fname);
262 ff_pkt->type = FT_DIREND; /* Backup only the directory entry */
265 Jmsg(jcr, M_INFO, 1, _(" Disallowed filesystem. Will not descend from %s into %s\n"),
266 ff_pkt->top_fname, ff_pkt->fname);
267 ff_pkt->type = FT_DIREND; /* Backup only the directory entry */
270 Jmsg(jcr, M_INFO, 1, _(" Disallowed drive type. Will not descend into %s\n"),
274 Dmsg1(130, "FT_DIREND: %s\n", ff_pkt->link);
277 Dmsg1(130, "FT_SPEC saving: %s\n", ff_pkt->fname);
280 Dmsg1(130, "FT_RAW saving: %s\n", ff_pkt->fname);
281 has_file_data = true;
284 Dmsg1(130, "FT_FIFO saving: %s\n", ff_pkt->fname);
288 Jmsg(jcr, M_NOTSAVED, 0, _(" Could not access %s: ERR=%s\n"), ff_pkt->fname,
289 be.strerror(ff_pkt->ff_errno));
295 Jmsg(jcr, M_NOTSAVED, 0, _(" Could not follow link %s: ERR=%s\n"), ff_pkt->fname,
296 be.strerror(ff_pkt->ff_errno));
302 Jmsg(jcr, M_NOTSAVED, 0, _(" Could not stat %s: ERR=%s\n"), ff_pkt->fname,
303 be.strerror(ff_pkt->ff_errno));
309 Jmsg(jcr, M_SKIPPED, 1, _(" Unchanged file skipped: %s\n"), ff_pkt->fname);
312 Jmsg(jcr, M_NOTSAVED, 0, _(" Archive file not saved: %s\n"), ff_pkt->fname);
316 Jmsg(jcr, M_NOTSAVED, 0, _(" Could not open directory %s: ERR=%s\n"), ff_pkt->fname,
317 be.strerror(ff_pkt->ff_errno));
322 Jmsg(jcr, M_NOTSAVED, 0, _(" Unknown file type %d; not saved: %s\n"), ff_pkt->type, ff_pkt->fname);
327 Dmsg1(130, "bfiled: sending %s to stored\n", ff_pkt->fname);
329 /* Digests and encryption are only useful if there's file data */
332 * Setup for digest handling. If this fails, the digest will be set to NULL
335 if (ff_pkt->flags & FO_MD5) {
336 digest = crypto_digest_new(CRYPTO_DIGEST_MD5);
337 digest_stream = STREAM_MD5_DIGEST;
339 } else if (ff_pkt->flags & FO_SHA1) {
340 digest = crypto_digest_new(CRYPTO_DIGEST_SHA1);
341 digest_stream = STREAM_SHA1_DIGEST;
343 } else if (ff_pkt->flags & FO_SHA256) {
344 digest = crypto_digest_new(CRYPTO_DIGEST_SHA256);
345 digest_stream = STREAM_SHA256_DIGEST;
347 } else if (ff_pkt->flags & FO_SHA512) {
348 digest = crypto_digest_new(CRYPTO_DIGEST_SHA512);
349 digest_stream = STREAM_SHA512_DIGEST;
352 /* Did digest initialization fail? */
353 if (digest_stream != STREAM_NONE && digest == NULL) {
354 Jmsg(jcr, M_WARNING, 0, _("%s digest initialization failed\n"),
355 stream_to_ascii(digest_stream));
359 * Set up signature digest handling. If this fails, the signature digest will be set to
362 // TODO landonf: We should really only calculate the digest once, for both verification and signing.
364 signing_digest = crypto_digest_new(signing_algorithm);
366 /* Full-stop if a failure occured initializing the signature digest */
367 if (signing_digest == NULL) {
368 Jmsg(jcr, M_NOTSAVED, 0, _("%s signature digest initialization failed\n"),
369 stream_to_ascii(signing_algorithm));
375 /* Enable encryption */
376 if (jcr->pki_encrypt) {
377 ff_pkt->flags |= FO_ENCRYPT;
381 /* Initialise the file descriptor we use for data and other streams. */
383 if (ff_pkt->flags & FO_PORTABLE) {
384 set_portable_backup(&ff_pkt->bfd); /* disable Win32 BackupRead() */
386 if (ff_pkt->reader) {
387 if (!set_prog(&ff_pkt->bfd, ff_pkt->reader, jcr)) {
388 Jmsg(jcr, M_FATAL, 0, _("Python reader program \"%s\" not found.\n"),
394 /* Send attributes -- must be done after binit() */
395 if (!encode_and_send_attributes(jcr, ff_pkt, data_stream)) {
400 * Open any file with data that we intend to save, then save it.
402 * Note, if is_win32_backup, we must open the Directory so that
403 * the BackupRead will save its permissions and ownership streams.
405 if (ff_pkt->type != FT_LNKSAVED && (S_ISREG(ff_pkt->statp.st_mode) &&
406 ff_pkt->statp.st_size > 0) ||
407 ff_pkt->type == FT_RAW || ff_pkt->type == FT_FIFO ||
408 (!is_portable_backup(&ff_pkt->bfd) && ff_pkt->type == FT_DIREND)) {
410 if (ff_pkt->type == FT_FIFO) {
411 tid = start_thread_timer(pthread_self(), 60);
415 int noatime = ff_pkt->flags & FO_NOATIME ? O_NOATIME : 0;
416 if (bopen(&ff_pkt->bfd, ff_pkt->fname, O_RDONLY | O_BINARY | noatime, 0) < 0) {
417 ff_pkt->ff_errno = errno;
419 Jmsg(jcr, M_NOTSAVED, 0, _(" Cannot open %s: ERR=%s.\n"), ff_pkt->fname,
423 stop_thread_timer(tid);
429 stop_thread_timer(tid);
433 /* Set up the encryption context, send the session data to the SD */
434 if (jcr->pki_encrypt) {
435 /* Send our header */
436 bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, STREAM_ENCRYPTED_SESSION_DATA);
438 /* Grow the bsock buffer to fit our message if necessary */
439 if (sizeof_pool_memory(sd->msg) < jcr->pki_session_encoded_size) {
440 sd->msg = realloc_pool_memory(sd->msg, jcr->pki_session_encoded_size);
443 /* Copy our message over and send it */
444 memcpy(sd->msg, jcr->pki_session_encoded, jcr->pki_session_encoded_size);
445 sd->msglen = jcr->pki_session_encoded_size;
446 jcr->JobBytes += sd->msglen;
449 bnet_sig(sd, BNET_EOD);
452 stat = send_data(jcr, data_stream, ff_pkt, digest, signing_digest);
453 bclose(&ff_pkt->bfd);
459 #ifdef HAVE_DARWIN_OS
460 /* Regular files can have resource forks and Finder Info */
461 if (ff_pkt->type != FT_LNKSAVED && (S_ISREG(ff_pkt->statp.st_mode) &&
462 ff_pkt->flags & FO_HFSPLUS)) {
463 if (ff_pkt->hfsinfo.rsrclength > 0) {
466 if (!bopen_rsrc(&ff_pkt->bfd, ff_pkt->fname, O_RDONLY | O_BINARY, 0) < 0) {
467 ff_pkt->ff_errno = errno;
469 Jmsg(jcr, M_NOTSAVED, -1, _(" Cannot open resource fork for %s: ERR=%s.\n"), ff_pkt->fname,
472 if (is_bopen(&ff_pkt->bfd)) {
473 bclose(&ff_pkt->bfd);
477 flags = ff_pkt->flags;
478 ff_pkt->flags &= ~(FO_GZIP|FO_SPARSE);
479 if (flags & FO_ENCRYPT) {
480 rsrc_stream = STREAM_ENCRYPTED_MACOS_FORK_DATA;
482 rsrc_stream = STREAM_MACOS_FORK_DATA;
484 stat = send_data(jcr, rsrc_stream, ff_pkt, digest, signing_digest);
485 ff_pkt->flags = flags;
486 bclose(&ff_pkt->bfd);
492 Dmsg1(300, "Saving Finder Info for \"%s\"\n", ff_pkt->fname);
493 bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, STREAM_HFSPLUS_ATTRIBUTES);
494 Dmsg1(300, "bfiled>stored:header %s\n", sd->msg);
495 memcpy(sd->msg, ff_pkt->hfsinfo.fndrinfo, 32);
498 crypto_digest_update(digest, (uint8_t *)sd->msg, sd->msglen);
500 if (signing_digest) {
501 crypto_digest_update(signing_digest, (uint8_t *)sd->msg, sd->msglen);
504 bnet_sig(sd, BNET_EOD);
508 if (ff_pkt->flags & FO_ACL) {
509 /* Read access ACLs for files, dirs and links */
510 if (!read_and_send_acl(jcr, BACL_TYPE_ACCESS, STREAM_UNIX_ATTRIBUTES_ACCESS_ACL)) {
513 /* Directories can have default ACLs too */
514 if (ff_pkt->type == FT_DIREND && (BACL_CAP & BACL_CAP_DEFAULTS_DIR)) {
515 if (!read_and_send_acl(jcr, BACL_TYPE_DEFAULT, STREAM_UNIX_ATTRIBUTES_DEFAULT_ACL)) {
521 /* Terminate the signing digest and send it to the Storage daemon */
522 if (signing_digest) {
527 if ((sig = crypto_sign_new()) == NULL) {
528 Jmsg(jcr, M_FATAL, 0, _("Failed to allocate memory for stream signature.\n"));
532 if (crypto_sign_add_signer(sig, signing_digest, jcr->pki_keypair) == false) {
533 Jmsg(jcr, M_FATAL, 0, _("An error occured while signing the stream.\n"));
537 /* Get signature size */
538 if (crypto_sign_encode(sig, NULL, &size) == false) {
539 Jmsg(jcr, M_FATAL, 0, _("An error occured while signing the stream.\n"));
543 /* Allocate signature data buffer */
544 buf = (uint8_t *)malloc(size);
546 crypto_sign_free(sig);
550 /* Encode signature data */
551 if (crypto_sign_encode(sig, buf, &size) == false) {
552 Jmsg(jcr, M_FATAL, 0, _("An error occured while signing the stream.\n"));
556 /* Send our header */
557 bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, STREAM_SIGNED_DIGEST);
558 Dmsg1(300, "bfiled>stored:header %s\n", sd->msg);
560 /* Grow the bsock buffer to fit our message if necessary */
561 if (sizeof_pool_memory(sd->msg) < (int32_t)size) {
562 sd->msg = realloc_pool_memory(sd->msg, size);
565 /* Copy our message over and send it */
566 memcpy(sd->msg, buf, size);
569 bnet_sig(sd, BNET_EOD); /* end of checksum */
571 crypto_digest_free(signing_digest);
572 crypto_sign_free(sig);
576 /* Terminate any digest and send it to Storage daemon and the Director */
578 uint8_t md[CRYPTO_DIGEST_MAX_SIZE];
583 if (crypto_digest_finalize(digest, md, &size)) {
584 bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, digest_stream);
585 Dmsg1(300, "bfiled>stored:header %s\n", sd->msg);
586 memcpy(sd->msg, md, size);
589 bnet_sig(sd, BNET_EOD); /* end of checksum */
592 crypto_digest_free(digest);
599 * Send data read from an already open file descriptor.
601 * We return 1 on sucess and 0 on errors.
604 * We use ff_pkt->statp.st_size when FO_SPARSE to know when to stop
606 * Currently this is not a problem as the only other stream, resource forks,
607 * are not handled as sparse files.
609 int send_data(JCR *jcr, int stream, FF_PKT *ff_pkt, DIGEST *digest,
610 DIGEST *signing_digest)
612 BSOCK *sd = jcr->store_bsock;
613 uint64_t fileAddr = 0; /* file address */
615 int32_t rsize = jcr->buf_size; /* read buffer size */
617 CIPHER_CONTEXT *cipher_ctx = NULL; /* Quell bogus uninitialized warnings */
618 const uint8_t *cipher_input;
619 uint32_t cipher_input_len;
620 uint32_t cipher_block_size;
621 uint32_t encrypted_len;
622 #ifdef FD_NO_SEND_TEST
627 rbuf = sd->msg; /* read buffer */
628 wbuf = sd->msg; /* write buffer */
629 cipher_input = (uint8_t *)rbuf; /* encrypt uncompressed data */
631 Dmsg1(300, "Saving data, type=%d\n", ff_pkt->type);
634 uLong compress_len = 0;
635 uLong max_compress_len = 0;
636 const Bytef *cbuf = NULL;
639 if (ff_pkt->flags & FO_GZIP) {
640 if (ff_pkt->flags & FO_SPARSE) {
641 cbuf = (Bytef *)jcr->compress_buf + SPARSE_FADDR_SIZE;
642 max_compress_len = jcr->compress_buf_size - SPARSE_FADDR_SIZE;
644 cbuf = (Bytef *)jcr->compress_buf;
645 max_compress_len = jcr->compress_buf_size; /* set max length */
647 wbuf = jcr->compress_buf; /* compressed output here */
648 cipher_input = (uint8_t *)jcr->compress_buf; /* encrypt compressed data */
651 * Only change zlib parameters if there is no pending operation.
652 * This should never happen as deflatereset is called after each
656 if (((z_stream*)jcr->pZLIB_compress_workset)->total_in == 0) {
657 /* set gzip compression level - must be done per file */
658 if ((zstat=deflateParams((z_stream*)jcr->pZLIB_compress_workset,
659 ff_pkt->GZIP_level, Z_DEFAULT_STRATEGY)) != Z_OK) {
660 Jmsg(jcr, M_FATAL, 0, _("Compression deflateParams error: %d\n"), zstat);
661 set_jcr_job_status(jcr, JS_ErrorTerminated);
667 const uint32_t max_compress_len = 0;
670 if (ff_pkt->flags & FO_ENCRYPT) {
671 if (ff_pkt->flags & FO_SPARSE) {
672 Jmsg0(jcr, M_FATAL, 0, _("Encrypting sparse data not supported.\n"));
675 /* Allocate the cipher context */
676 if ((cipher_ctx = crypto_cipher_new(jcr->pki_session, true,
677 &cipher_block_size)) == NULL) {
678 /* Shouldn't happen! */
679 Jmsg0(jcr, M_FATAL, 0, _("Failed to initialize encryption context.\n"));
684 * Grow the crypto buffer, if necessary.
685 * crypto_cipher_update() will buffer up to (cipher_block_size - 1).
686 * We grow crypto_buf to the maximum number of blocks that
687 * could be returned for the given read buffer size.
688 * (Using the larger of either rsize or max_compress_len)
690 jcr->crypto_buf = check_pool_memory_size(jcr->crypto_buf,
691 (MAX(rsize + (int)sizeof(uint32_t), (int32_t)max_compress_len) +
692 cipher_block_size - 1) / cipher_block_size * cipher_block_size);
694 wbuf = jcr->crypto_buf; /* Encrypted, possibly compressed output here. */
698 * Send Data header to Storage daemon
699 * <file-index> <stream> <info>
701 if (!bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, stream)) {
702 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
706 Dmsg1(300, ">stored: datahdr %s\n", sd->msg);
709 * Make space at beginning of buffer for fileAddr because this
710 * same buffer will be used for writing if compression is off.
712 if (ff_pkt->flags & FO_SPARSE) {
713 rbuf += SPARSE_FADDR_SIZE;
714 rsize -= SPARSE_FADDR_SIZE;
715 #ifdef HAVE_FREEBSD_OS
717 * To read FreeBSD partitions, the read size must be
720 rsize = (rsize/512) * 512;
724 /* a RAW device read on win32 only works if the buffer is a multiple of 512 */
726 if (S_ISBLK(ff_pkt->statp.st_mode))
727 rsize = (rsize/512) * 512;
733 while ((sd->msglen=(uint32_t)bread(&ff_pkt->bfd, rbuf, rsize)) > 0) {
735 /* Check for sparse blocks */
736 if (ff_pkt->flags & FO_SPARSE) {
738 bool haveBlock = true;
739 if (sd->msglen == rsize &&
740 fileAddr+sd->msglen < (uint64_t)ff_pkt->statp.st_size ||
741 ((ff_pkt->type == FT_RAW || ff_pkt->type == FT_FIFO) &&
742 (uint64_t)ff_pkt->statp.st_size == 0)) {
743 haveBlock = !is_buf_zero(rbuf, rsize);
746 ser_begin(wbuf, SPARSE_FADDR_SIZE);
747 ser_uint64(fileAddr); /* store fileAddr in begin of buffer */
749 fileAddr += sd->msglen; /* update file address */
751 continue; /* skip block of zeros */
755 jcr->ReadBytes += sd->msglen; /* count bytes read */
757 /* Uncompressed cipher input length */
758 cipher_input_len = sd->msglen;
760 /* Update checksum if requested */
762 crypto_digest_update(digest, (uint8_t *)rbuf, sd->msglen);
765 /* Update signing digest if requested */
766 if (signing_digest) {
767 crypto_digest_update(signing_digest, (uint8_t *)rbuf, sd->msglen);
771 /* Do compression if turned on */
772 if (ff_pkt->flags & FO_GZIP && jcr->pZLIB_compress_workset) {
773 Dmsg3(400, "cbuf=0x%x rbuf=0x%x len=%u\n", cbuf, rbuf, sd->msglen);
775 ((z_stream*)jcr->pZLIB_compress_workset)->next_in = (Bytef *)rbuf;
776 ((z_stream*)jcr->pZLIB_compress_workset)->avail_in = sd->msglen;
777 ((z_stream*)jcr->pZLIB_compress_workset)->next_out = (Bytef *)cbuf;
778 ((z_stream*)jcr->pZLIB_compress_workset)->avail_out = max_compress_len;
780 if ((zstat=deflate((z_stream*)jcr->pZLIB_compress_workset, Z_FINISH)) != Z_STREAM_END) {
781 Jmsg(jcr, M_FATAL, 0, _("Compression deflate error: %d\n"), zstat);
782 set_jcr_job_status(jcr, JS_ErrorTerminated);
785 compress_len = ((z_stream*)jcr->pZLIB_compress_workset)->total_out;
786 /* reset zlib stream to be able to begin from scratch again */
787 if ((zstat=deflateReset((z_stream*)jcr->pZLIB_compress_workset)) != Z_OK) {
788 Jmsg(jcr, M_FATAL, 0, _("Compression deflateReset error: %d\n"), zstat);
789 set_jcr_job_status(jcr, JS_ErrorTerminated);
793 Dmsg2(400, "compressed len=%d uncompressed len=%d\n", compress_len,
796 sd->msglen = compress_len; /* set compressed length */
797 cipher_input_len = compress_len;
801 * Note, here we prepend the current record length to the beginning
802 * of the encrypted data. This is because both sparse and compression
803 * restore handling want records returned to them with exactly the
804 * same number of bytes that were processed in the backup handling.
805 * That is, both are block filters rather than a stream. When doing
806 * compression, the compression routines may buffer data, so that for
807 * any one record compressed, when it is decompressed the same size
808 * will not be obtained. Of course, the buffered data eventually comes
809 * out in subsequent crypto_cipher_update() calls or at least
810 * when crypto_cipher_finalize() is called. Unfortunately, this
811 * "feature" of encryption enormously complicates the restore code.
813 if (ff_pkt->flags & FO_ENCRYPT) {
814 uint32_t initial_len = 0;
817 if (ff_pkt->flags & FO_SPARSE) {
818 cipher_input_len += SPARSE_FADDR_SIZE;
821 /* Encrypt the length of the input block */
822 uint8_t packet_len[sizeof(uint32_t)];
824 ser_begin(packet_len, sizeof(uint32_t));
825 ser_uint32(cipher_input_len); /* store data len in begin of buffer */
826 Dmsg1(20, "Encrypt len=%d\n", cipher_input_len);
828 if (!crypto_cipher_update(cipher_ctx, packet_len, sizeof(packet_len),
829 (u_int8_t *)jcr->crypto_buf, &initial_len)) {
830 /* Encryption failed. Shouldn't happen. */
831 Jmsg(jcr, M_FATAL, 0, _("Encryption error\n"));
835 /* Encrypt the input block */
836 if (crypto_cipher_update(cipher_ctx, cipher_input, cipher_input_len,
837 (u_int8_t *)&jcr->crypto_buf[initial_len], &encrypted_len)) {
838 if ((initial_len + encrypted_len) == 0) {
839 /* No full block of data available, read more data */
842 Dmsg2(400, "encrypted len=%d unencrypted len=%d\n", encrypted_len,
844 sd->msglen = initial_len + encrypted_len; /* set encrypted length */
846 /* Encryption failed. Shouldn't happen. */
847 Jmsg(jcr, M_FATAL, 0, _("Encryption error\n"));
852 /* Send the buffer to the Storage daemon */
853 if (ff_pkt->flags & FO_SPARSE) {
854 sd->msglen += SPARSE_FADDR_SIZE; /* include fileAddr in size */
856 sd->msg = wbuf; /* set correct write buffer */
857 if (!bnet_send(sd)) {
858 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
862 Dmsg1(130, "Send data to SD len=%d\n", sd->msglen);
864 jcr->JobBytes += sd->msglen; /* count bytes saved possibly compressed/encrypted */
865 sd->msg = msgsave; /* restore read buffer */
867 } /* end while read file data */
869 if (sd->msglen < 0) { /* error */
871 Jmsg(jcr, M_ERROR, 0, _("Read error on file %s. ERR=%s\n"),
872 ff_pkt->fname, be.strerror(ff_pkt->bfd.berrno));
873 if (jcr->Errors++ > 1000) { /* insanity check */
874 Jmsg(jcr, M_FATAL, 0, _("Too many errors.\n"));
876 } else if (ff_pkt->flags & FO_ENCRYPT) {
878 * For encryption, we must call finalize to push out any
881 if (!crypto_cipher_finalize(cipher_ctx, (uint8_t *)jcr->crypto_buf,
883 /* Padding failed. Shouldn't happen. */
884 Jmsg(jcr, M_FATAL, 0, _("Encryption padding error\n"));
888 /* Note, on SSL pre-0.9.7, there is always some output */
889 if (encrypted_len > 0) {
890 sd->msglen = encrypted_len; /* set encrypted length */
891 sd->msg = jcr->crypto_buf; /* set correct write buffer */
892 if (!bnet_send(sd)) {
893 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
897 Dmsg1(130, "Send data to SD len=%d\n", sd->msglen);
898 jcr->JobBytes += sd->msglen; /* count bytes saved possibly compressed/encrypted */
899 sd->msg = msgsave; /* restore bnet buffer */
903 if (!bnet_sig(sd, BNET_EOD)) { /* indicate end of file data */
904 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
909 /* Free the cipher context */
911 crypto_cipher_free(cipher_ctx);
916 /* Free the cipher context */
918 crypto_cipher_free(cipher_ctx);
921 sd->msg = msgsave; /* restore bnet buffer */
927 * Read and send an ACL for the last encountered file.
929 static bool read_and_send_acl(JCR *jcr, int acltype, int stream)
932 BSOCK *sd = jcr->store_bsock;
935 #ifdef FD_NO_SEND_TEST
939 len = bacl_get(jcr, acltype);
941 Jmsg1(jcr, M_WARNING, 0, _("Error reading ACL of %s\n"), jcr->last_fname);
945 return true; /* no ACL */
949 if (!bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, stream)) {
950 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
955 /* Send the buffer to the storage deamon */
956 Dmsg2(400, "Backing up ACL type 0x%2x <%s>\n", acltype, jcr->acl_text);
958 sd->msg = jcr->acl_text;
959 sd->msglen = len + 1;
960 if (!bnet_send(sd)) {
963 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
968 jcr->JobBytes += sd->msglen;
970 if (!bnet_sig(sd, BNET_EOD)) {
971 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
976 Dmsg1(200, "ACL of file: %s successfully backed up!\n", jcr->last_fname);
981 static bool encode_and_send_attributes(JCR *jcr, FF_PKT *ff_pkt, int &data_stream)
983 BSOCK *sd = jcr->store_bsock;
984 char attribs[MAXSTRING];
985 char attribsEx[MAXSTRING];
988 #ifdef FD_NO_SEND_TEST
992 /* Find what data stream we will use, then encode the attributes */
993 if ((data_stream = select_data_stream(ff_pkt)) == STREAM_NONE) {
994 /* This should not happen */
995 Jmsg0(jcr, M_FATAL, 0, _("Invalid file flags, no supported data stream type.\n"));
998 encode_stat(attribs, ff_pkt, data_stream);
1000 /* Now possibly extend the attributes */
1001 attr_stream = encode_attribsEx(jcr, attribsEx, ff_pkt);
1003 Dmsg3(300, "File %s\nattribs=%s\nattribsEx=%s\n", ff_pkt->fname, attribs, attribsEx);
1006 jcr->JobFiles++; /* increment number of files sent */
1007 ff_pkt->FileIndex = jcr->JobFiles; /* return FileIndex */
1008 pm_strcpy(jcr->last_fname, ff_pkt->fname);
1012 * Send Attributes header to Storage daemon
1013 * <file-index> <stream> <info>
1015 if (!bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, attr_stream)) {
1016 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
1020 Dmsg1(300, ">stored: attrhdr %s\n", sd->msg);
1023 * Send file attributes to Storage daemon
1026 * Filename (full path)
1027 * Encoded attributes
1028 * Link name (if type==FT_LNK or FT_LNKSAVED)
1029 * Encoded extended-attributes (for Win32)
1031 * For a directory, link is the same as fname, but with trailing
1032 * slash. For a linked file, link is the link.
1034 if (ff_pkt->type == FT_LNK || ff_pkt->type == FT_LNKSAVED) {
1035 Dmsg2(300, "Link %s to %s\n", ff_pkt->fname, ff_pkt->link);
1036 stat = bnet_fsend(sd, "%ld %d %s%c%s%c%s%c%s%c", jcr->JobFiles,
1037 ff_pkt->type, ff_pkt->fname, 0, attribs, 0, ff_pkt->link, 0,
1039 } else if (ff_pkt->type == FT_DIREND) {
1040 /* Here link is the canonical filename (i.e. with trailing slash) */
1041 stat = bnet_fsend(sd, "%ld %d %s%c%s%c%c%s%c", jcr->JobFiles,
1042 ff_pkt->type, ff_pkt->link, 0, attribs, 0, 0, attribsEx, 0);
1044 stat = bnet_fsend(sd, "%ld %d %s%c%s%c%c%s%c", jcr->JobFiles,
1045 ff_pkt->type, ff_pkt->fname, 0, attribs, 0, 0, attribsEx, 0);
1048 Dmsg2(300, ">stored: attr len=%d: %s\n", sd->msglen, sd->msg);
1050 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
1054 bnet_sig(sd, BNET_EOD); /* indicate end of attributes data */