2 * Bacula File Daemon backup.c send file attributes and data
3 * to the Storage daemon.
5 * Kern Sibbald, March MM
11 Bacula® - The Network Backup Solution
13 Copyright (C) 2000-2007 Free Software Foundation Europe e.V.
15 The main author of Bacula is Kern Sibbald, with contributions from
16 many others, a complete list can be found in the file AUTHORS.
17 This program is Free Software; you can redistribute it and/or
18 modify it under the terms of version two of the GNU General Public
19 License as published by the Free Software Foundation plus additions
20 that are listed in the file LICENSE.
22 This program is distributed in the hope that it will be useful, but
23 WITHOUT ANY WARRANTY; without even the implied warranty of
24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
25 General Public License for more details.
27 You should have received a copy of the GNU General Public License
28 along with this program; if not, write to the Free Software
29 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
32 Bacula® is a registered trademark of John Walker.
33 The licensor of Bacula is the Free Software Foundation Europe
34 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
35 Switzerland, email:ftf@fsfeurope.org.
41 /* Forward referenced functions */
42 static int save_file(FF_PKT *ff_pkt, void *pkt, bool top_level);
43 static int send_data(JCR *jcr, int stream, FF_PKT *ff_pkt, DIGEST *digest, DIGEST *signature_digest);
44 static bool encode_and_send_attributes(JCR *jcr, FF_PKT *ff_pkt, int &data_stream);
45 static bool read_and_send_acl(JCR *jcr, int acltype, int stream);
48 * Find all the requested files and send them
49 * to the Storage daemon.
51 * Note, we normally carry on a one-way
52 * conversation from this point on with the SD, simply blasting
53 * data to him. To properly know what is going on, we
54 * also run a "heartbeat" monitor which reads the socket and
55 * reacts accordingly (at the moment it has nothing to do
56 * except echo the heartbeat to the Director).
59 bool blast_data_to_storage_daemon(JCR *jcr, char *addr)
63 // TODO landonf: Allow user to specify encryption algorithm
64 crypto_cipher_t cipher = CRYPTO_CIPHER_AES_128_CBC;
67 sd = jcr->store_bsock;
69 set_jcr_job_status(jcr, JS_Running);
71 Dmsg1(300, "bfiled: opened data connection %d to stored\n", sd->fd);
74 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
78 buf_size = client->max_network_buffer_size;
80 buf_size = 0; /* use default */
82 if (!bnet_set_buffer_size(sd, buf_size, BNET_SETBUF_WRITE)) {
83 set_jcr_job_status(jcr, JS_ErrorTerminated);
84 Jmsg(jcr, M_FATAL, 0, _("Cannot set buffer size FD->SD.\n"));
88 jcr->buf_size = sd->msglen;
89 /* Adjust for compression so that output buffer is
90 * 12 bytes + 0.1% larger than input buffer plus 18 bytes.
91 * This gives a bit extra plus room for the sparse addr if any.
92 * Note, we adjust the read size to be smaller so that the
93 * same output buffer can be used without growing it.
95 * The zlib compression workset is initialized here to minimise
96 * the "per file" load. The jcr member is only set, if the init was successful.
98 jcr->compress_buf_size = jcr->buf_size + ((jcr->buf_size+999) / 1000) + 30;
99 jcr->compress_buf = get_memory(jcr->compress_buf_size);
102 z_stream *pZlibStream = (z_stream*)malloc(sizeof(z_stream));
104 pZlibStream->zalloc = Z_NULL;
105 pZlibStream->zfree = Z_NULL;
106 pZlibStream->opaque = Z_NULL;
107 pZlibStream->state = Z_NULL;
109 if (deflateInit(pZlibStream, Z_DEFAULT_COMPRESSION) == Z_OK)
110 jcr->pZLIB_compress_workset = pZlibStream;
116 /* Create encryption session data and a cached, DER-encoded session data
117 * structure. We use a single session key for each backup, so we'll encode
118 * the session data only once. */
119 if (jcr->pki_encrypt) {
122 /* Create per-job session encryption context */
123 jcr->pki_session = crypto_session_new(cipher, jcr->pki_recipients);
125 /* Get the session data size */
126 if (crypto_session_encode(jcr->pki_session, (uint8_t *)0, &size) == false) {
127 Jmsg(jcr, M_FATAL, 0, _("An error occurred while encrypting the stream.\n"));
131 /* Allocate buffer */
132 jcr->pki_session_encoded = (uint8_t *)malloc(size);
133 if (!jcr->pki_session_encoded) {
137 /* Encode session data */
138 if (crypto_session_encode(jcr->pki_session, jcr->pki_session_encoded, &size) == false) {
139 Jmsg(jcr, M_FATAL, 0, _("An error occurred while encrypting the stream.\n"));
143 /* ... and store the encoded size */
144 jcr->pki_session_encoded_size = size;
146 /* Allocate the encryption/decryption buffer */
147 jcr->crypto_buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
150 Dmsg1(300, "set_find_options ff=%p\n", jcr->ff);
151 set_find_options((FF_PKT *)jcr->ff, jcr->incremental, jcr->mtime);
152 Dmsg0(300, "start find files\n");
154 start_heartbeat_monitor(jcr);
156 jcr->acl_text = get_pool_memory(PM_MESSAGE);
158 /* Subroutine save_file() is called for each file */
159 if (!find_files(jcr, (FF_PKT *)jcr->ff, save_file, (void *)jcr)) {
160 ok = false; /* error */
161 set_jcr_job_status(jcr, JS_ErrorTerminated);
162 // Jmsg(jcr, M_FATAL, 0, _("Find files error.\n"));
165 free_pool_memory(jcr->acl_text);
167 stop_heartbeat_monitor(jcr);
169 bnet_sig(sd, BNET_EOD); /* end of sending data */
175 if (jcr->compress_buf) {
176 free_pool_memory(jcr->compress_buf);
177 jcr->compress_buf = NULL;
179 if (jcr->pZLIB_compress_workset) {
180 /* Free the zlib stream */
182 deflateEnd((z_stream *)jcr->pZLIB_compress_workset);
184 free (jcr->pZLIB_compress_workset);
185 jcr->pZLIB_compress_workset = NULL;
187 if (jcr->crypto_buf) {
188 free_pool_memory(jcr->crypto_buf);
189 jcr->crypto_buf = NULL;
191 if (jcr->pki_session) {
192 crypto_session_free(jcr->pki_session);
194 if (jcr->pki_session_encoded) {
195 free(jcr->pki_session_encoded);
198 Dmsg1(100, "end blast_data ok=%d\n", ok);
203 * Called here by find() for each file included.
204 * This is a callback. The original is find_files() above.
206 * Send the file and its data to the Storage daemon.
210 * -1 to ignore file/directory (not used here)
212 static int save_file(FF_PKT *ff_pkt, void *vjcr, bool top_level)
214 int stat, data_stream;
215 DIGEST *digest = NULL;
216 DIGEST *signing_digest = NULL;
217 int digest_stream = STREAM_NONE;
218 bool has_file_data = false;
219 // TODO landonf: Allow the user to specify the digest algorithm
221 crypto_digest_t signing_algorithm = CRYPTO_DIGEST_SHA256;
223 crypto_digest_t signing_algorithm = CRYPTO_DIGEST_SHA1;
225 JCR *jcr = (JCR *)vjcr;
226 BSOCK *sd = jcr->store_bsock;
228 if (job_canceled(jcr)) {
232 jcr->num_files_examined++; /* bump total file count */
234 switch (ff_pkt->type) {
235 case FT_LNKSAVED: /* Hard linked, file already saved */
236 Dmsg2(130, "FT_LNKSAVED hard link: %s => %s\n", ff_pkt->fname, ff_pkt->link);
239 Dmsg1(130, "FT_REGE saving: %s\n", ff_pkt->fname);
240 has_file_data = true;
243 Dmsg1(130, "FT_REG saving: %s\n", ff_pkt->fname);
244 has_file_data = true;
247 Dmsg2(130, "FT_LNK saving: %s -> %s\n", ff_pkt->fname, ff_pkt->link);
250 jcr->num_files_examined--; /* correct file count */
251 return 1; /* not used */
253 Jmsg(jcr, M_INFO, 1, _(" Recursion turned off. Will not descend from %s into %s\n"),
254 ff_pkt->top_fname, ff_pkt->fname);
255 ff_pkt->type = FT_DIREND; /* Backup only the directory entry */
258 /* Suppress message for /dev filesystems */
259 if (strncmp(ff_pkt->fname, "/dev/", 5) != 0) {
260 Jmsg(jcr, M_INFO, 1, _(" %s is a different filesystem. Will not descend from %s into %s\n"),
261 ff_pkt->fname, ff_pkt->top_fname, ff_pkt->fname);
263 ff_pkt->type = FT_DIREND; /* Backup only the directory entry */
266 Jmsg(jcr, M_INFO, 1, _(" Disallowed filesystem. Will not descend from %s into %s\n"),
267 ff_pkt->top_fname, ff_pkt->fname);
268 ff_pkt->type = FT_DIREND; /* Backup only the directory entry */
271 Jmsg(jcr, M_INFO, 1, _(" Disallowed drive type. Will not descend into %s\n"),
275 Dmsg1(130, "FT_DIREND: %s\n", ff_pkt->link);
278 Dmsg1(130, "FT_SPEC saving: %s\n", ff_pkt->fname);
281 Dmsg1(130, "FT_RAW saving: %s\n", ff_pkt->fname);
282 has_file_data = true;
285 Dmsg1(130, "FT_FIFO saving: %s\n", ff_pkt->fname);
289 Jmsg(jcr, M_NOTSAVED, 0, _(" Could not access %s: ERR=%s\n"), ff_pkt->fname,
290 be.strerror(ff_pkt->ff_errno));
296 Jmsg(jcr, M_NOTSAVED, 0, _(" Could not follow link %s: ERR=%s\n"), ff_pkt->fname,
297 be.strerror(ff_pkt->ff_errno));
303 Jmsg(jcr, M_NOTSAVED, 0, _(" Could not stat %s: ERR=%s\n"), ff_pkt->fname,
304 be.strerror(ff_pkt->ff_errno));
310 Jmsg(jcr, M_SKIPPED, 1, _(" Unchanged file skipped: %s\n"), ff_pkt->fname);
313 Jmsg(jcr, M_NOTSAVED, 0, _(" Archive file not saved: %s\n"), ff_pkt->fname);
317 Jmsg(jcr, M_NOTSAVED, 0, _(" Could not open directory %s: ERR=%s\n"), ff_pkt->fname,
318 be.strerror(ff_pkt->ff_errno));
323 Jmsg(jcr, M_NOTSAVED, 0, _(" Unknown file type %d; not saved: %s\n"), ff_pkt->type, ff_pkt->fname);
328 Dmsg1(130, "bfiled: sending %s to stored\n", ff_pkt->fname);
330 /* Digests and encryption are only useful if there's file data */
333 * Setup for digest handling. If this fails, the digest will be set to NULL
336 if (ff_pkt->flags & FO_MD5) {
337 digest = crypto_digest_new(CRYPTO_DIGEST_MD5);
338 digest_stream = STREAM_MD5_DIGEST;
340 } else if (ff_pkt->flags & FO_SHA1) {
341 digest = crypto_digest_new(CRYPTO_DIGEST_SHA1);
342 digest_stream = STREAM_SHA1_DIGEST;
344 } else if (ff_pkt->flags & FO_SHA256) {
345 digest = crypto_digest_new(CRYPTO_DIGEST_SHA256);
346 digest_stream = STREAM_SHA256_DIGEST;
348 } else if (ff_pkt->flags & FO_SHA512) {
349 digest = crypto_digest_new(CRYPTO_DIGEST_SHA512);
350 digest_stream = STREAM_SHA512_DIGEST;
353 /* Did digest initialization fail? */
354 if (digest_stream != STREAM_NONE && digest == NULL) {
355 Jmsg(jcr, M_WARNING, 0, _("%s digest initialization failed\n"),
356 stream_to_ascii(digest_stream));
360 * Set up signature digest handling. If this fails, the signature digest will be set to
363 // TODO landonf: We should really only calculate the digest once, for both verification and signing.
365 signing_digest = crypto_digest_new(signing_algorithm);
367 /* Full-stop if a failure occurred initializing the signature digest */
368 if (signing_digest == NULL) {
369 Jmsg(jcr, M_NOTSAVED, 0, _("%s signature digest initialization failed\n"),
370 stream_to_ascii(signing_algorithm));
376 /* Enable encryption */
377 if (jcr->pki_encrypt) {
378 ff_pkt->flags |= FO_ENCRYPT;
382 /* Initialise the file descriptor we use for data and other streams. */
384 if (ff_pkt->flags & FO_PORTABLE) {
385 set_portable_backup(&ff_pkt->bfd); /* disable Win32 BackupRead() */
387 if (ff_pkt->reader) {
388 if (!set_prog(&ff_pkt->bfd, ff_pkt->reader, jcr)) {
389 Jmsg(jcr, M_FATAL, 0, _("Python reader program \"%s\" not found.\n"),
395 /* Send attributes -- must be done after binit() */
396 if (!encode_and_send_attributes(jcr, ff_pkt, data_stream)) {
401 * Open any file with data that we intend to save, then save it.
403 * Note, if is_win32_backup, we must open the Directory so that
404 * the BackupRead will save its permissions and ownership streams.
406 if (ff_pkt->type != FT_LNKSAVED && (S_ISREG(ff_pkt->statp.st_mode) &&
407 ff_pkt->statp.st_size > 0) ||
408 ff_pkt->type == FT_RAW || ff_pkt->type == FT_FIFO ||
409 (!is_portable_backup(&ff_pkt->bfd) && ff_pkt->type == FT_DIREND)) {
411 if (ff_pkt->type == FT_FIFO) {
412 tid = start_thread_timer(pthread_self(), 60);
416 int noatime = ff_pkt->flags & FO_NOATIME ? O_NOATIME : 0;
417 if (bopen(&ff_pkt->bfd, ff_pkt->fname, O_RDONLY | O_BINARY | noatime, 0) < 0) {
418 ff_pkt->ff_errno = errno;
420 Jmsg(jcr, M_NOTSAVED, 0, _(" Cannot open %s: ERR=%s.\n"), ff_pkt->fname,
424 stop_thread_timer(tid);
430 stop_thread_timer(tid);
434 /* Set up the encryption context, send the session data to the SD */
435 if (jcr->pki_encrypt) {
436 /* Send our header */
437 Dmsg2(100, "Send hdr fi=%ld stream=%d\n", jcr->JobFiles, STREAM_ENCRYPTED_SESSION_DATA);
438 bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, STREAM_ENCRYPTED_SESSION_DATA);
440 /* Grow the bsock buffer to fit our message if necessary */
441 if (sizeof_pool_memory(sd->msg) < jcr->pki_session_encoded_size) {
442 sd->msg = realloc_pool_memory(sd->msg, jcr->pki_session_encoded_size);
445 /* Copy our message over and send it */
446 memcpy(sd->msg, jcr->pki_session_encoded, jcr->pki_session_encoded_size);
447 sd->msglen = jcr->pki_session_encoded_size;
448 jcr->JobBytes += sd->msglen;
450 Dmsg1(100, "Send data len=%d\n", sd->msglen);
452 bnet_sig(sd, BNET_EOD);
455 stat = send_data(jcr, data_stream, ff_pkt, digest, signing_digest);
456 bclose(&ff_pkt->bfd);
462 #ifdef HAVE_DARWIN_OS
463 /* Regular files can have resource forks and Finder Info */
464 if (ff_pkt->type != FT_LNKSAVED && (S_ISREG(ff_pkt->statp.st_mode) &&
465 ff_pkt->flags & FO_HFSPLUS)) {
466 if (ff_pkt->hfsinfo.rsrclength > 0) {
469 if (!bopen_rsrc(&ff_pkt->bfd, ff_pkt->fname, O_RDONLY | O_BINARY, 0) < 0) {
470 ff_pkt->ff_errno = errno;
472 Jmsg(jcr, M_NOTSAVED, -1, _(" Cannot open resource fork for %s: ERR=%s.\n"), ff_pkt->fname,
475 if (is_bopen(&ff_pkt->bfd)) {
476 bclose(&ff_pkt->bfd);
480 flags = ff_pkt->flags;
481 ff_pkt->flags &= ~(FO_GZIP|FO_SPARSE);
482 if (flags & FO_ENCRYPT) {
483 rsrc_stream = STREAM_ENCRYPTED_MACOS_FORK_DATA;
485 rsrc_stream = STREAM_MACOS_FORK_DATA;
487 stat = send_data(jcr, rsrc_stream, ff_pkt, digest, signing_digest);
488 ff_pkt->flags = flags;
489 bclose(&ff_pkt->bfd);
495 Dmsg1(300, "Saving Finder Info for \"%s\"\n", ff_pkt->fname);
496 bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, STREAM_HFSPLUS_ATTRIBUTES);
497 Dmsg1(300, "bfiled>stored:header %s\n", sd->msg);
498 memcpy(sd->msg, ff_pkt->hfsinfo.fndrinfo, 32);
501 crypto_digest_update(digest, (uint8_t *)sd->msg, sd->msglen);
503 if (signing_digest) {
504 crypto_digest_update(signing_digest, (uint8_t *)sd->msg, sd->msglen);
507 bnet_sig(sd, BNET_EOD);
511 if (ff_pkt->flags & FO_ACL) {
512 /* Read access ACLs for files, dirs and links */
513 if (!read_and_send_acl(jcr, BACL_TYPE_ACCESS, STREAM_UNIX_ATTRIBUTES_ACCESS_ACL)) {
516 /* Directories can have default ACLs too */
517 if (ff_pkt->type == FT_DIREND && (BACL_CAP & BACL_CAP_DEFAULTS_DIR)) {
518 if (!read_and_send_acl(jcr, BACL_TYPE_DEFAULT, STREAM_UNIX_ATTRIBUTES_DEFAULT_ACL)) {
524 /* Terminate the signing digest and send it to the Storage daemon */
525 if (signing_digest) {
530 if ((sig = crypto_sign_new()) == NULL) {
531 Jmsg(jcr, M_FATAL, 0, _("Failed to allocate memory for stream signature.\n"));
535 if (crypto_sign_add_signer(sig, signing_digest, jcr->pki_keypair) == false) {
536 Jmsg(jcr, M_FATAL, 0, _("An error occurred while signing the stream.\n"));
540 /* Get signature size */
541 if (crypto_sign_encode(sig, NULL, &size) == false) {
542 Jmsg(jcr, M_FATAL, 0, _("An error occurred while signing the stream.\n"));
546 /* Allocate signature data buffer */
547 buf = (uint8_t *)malloc(size);
549 crypto_sign_free(sig);
553 /* Encode signature data */
554 if (crypto_sign_encode(sig, buf, &size) == false) {
555 Jmsg(jcr, M_FATAL, 0, _("An error occurred while signing the stream.\n"));
559 /* Send our header */
560 bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, STREAM_SIGNED_DIGEST);
561 Dmsg1(300, "bfiled>stored:header %s\n", sd->msg);
563 /* Grow the bsock buffer to fit our message if necessary */
564 if (sizeof_pool_memory(sd->msg) < (int32_t)size) {
565 sd->msg = realloc_pool_memory(sd->msg, size);
568 /* Copy our message over and send it */
569 memcpy(sd->msg, buf, size);
572 bnet_sig(sd, BNET_EOD); /* end of checksum */
574 crypto_digest_free(signing_digest);
575 crypto_sign_free(sig);
579 /* Terminate any digest and send it to Storage daemon and the Director */
581 uint8_t md[CRYPTO_DIGEST_MAX_SIZE];
586 if (crypto_digest_finalize(digest, md, &size)) {
587 bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, digest_stream);
588 Dmsg1(300, "bfiled>stored:header %s\n", sd->msg);
589 memcpy(sd->msg, md, size);
592 bnet_sig(sd, BNET_EOD); /* end of checksum */
595 crypto_digest_free(digest);
602 * Send data read from an already open file descriptor.
604 * We return 1 on sucess and 0 on errors.
607 * We use ff_pkt->statp.st_size when FO_SPARSE to know when to stop
609 * Currently this is not a problem as the only other stream, resource forks,
610 * are not handled as sparse files.
612 int send_data(JCR *jcr, int stream, FF_PKT *ff_pkt, DIGEST *digest,
613 DIGEST *signing_digest)
615 BSOCK *sd = jcr->store_bsock;
616 uint64_t fileAddr = 0; /* file address */
618 int32_t rsize = jcr->buf_size; /* read buffer size */
620 CIPHER_CONTEXT *cipher_ctx = NULL; /* Quell bogus uninitialized warnings */
621 const uint8_t *cipher_input;
622 uint32_t cipher_input_len;
623 uint32_t cipher_block_size;
624 uint32_t encrypted_len;
625 #ifdef FD_NO_SEND_TEST
630 rbuf = sd->msg; /* read buffer */
631 wbuf = sd->msg; /* write buffer */
632 cipher_input = (uint8_t *)rbuf; /* encrypt uncompressed data */
634 Dmsg1(300, "Saving data, type=%d\n", ff_pkt->type);
637 uLong compress_len = 0;
638 uLong max_compress_len = 0;
639 const Bytef *cbuf = NULL;
642 if (ff_pkt->flags & FO_GZIP) {
643 if (ff_pkt->flags & FO_SPARSE) {
644 cbuf = (Bytef *)jcr->compress_buf + SPARSE_FADDR_SIZE;
645 max_compress_len = jcr->compress_buf_size - SPARSE_FADDR_SIZE;
647 cbuf = (Bytef *)jcr->compress_buf;
648 max_compress_len = jcr->compress_buf_size; /* set max length */
650 wbuf = jcr->compress_buf; /* compressed output here */
651 cipher_input = (uint8_t *)jcr->compress_buf; /* encrypt compressed data */
654 * Only change zlib parameters if there is no pending operation.
655 * This should never happen as deflatereset is called after each
659 if (((z_stream*)jcr->pZLIB_compress_workset)->total_in == 0) {
660 /* set gzip compression level - must be done per file */
661 if ((zstat=deflateParams((z_stream*)jcr->pZLIB_compress_workset,
662 ff_pkt->GZIP_level, Z_DEFAULT_STRATEGY)) != Z_OK) {
663 Jmsg(jcr, M_FATAL, 0, _("Compression deflateParams error: %d\n"), zstat);
664 set_jcr_job_status(jcr, JS_ErrorTerminated);
670 const uint32_t max_compress_len = 0;
673 if (ff_pkt->flags & FO_ENCRYPT) {
674 if (ff_pkt->flags & FO_SPARSE) {
675 Jmsg0(jcr, M_FATAL, 0, _("Encrypting sparse data not supported.\n"));
678 /* Allocate the cipher context */
679 if ((cipher_ctx = crypto_cipher_new(jcr->pki_session, true,
680 &cipher_block_size)) == NULL) {
681 /* Shouldn't happen! */
682 Jmsg0(jcr, M_FATAL, 0, _("Failed to initialize encryption context.\n"));
687 * Grow the crypto buffer, if necessary.
688 * crypto_cipher_update() will buffer up to (cipher_block_size - 1).
689 * We grow crypto_buf to the maximum number of blocks that
690 * could be returned for the given read buffer size.
691 * (Using the larger of either rsize or max_compress_len)
693 jcr->crypto_buf = check_pool_memory_size(jcr->crypto_buf,
694 (MAX(rsize + (int)sizeof(uint32_t), (int32_t)max_compress_len) +
695 cipher_block_size - 1) / cipher_block_size * cipher_block_size);
697 wbuf = jcr->crypto_buf; /* Encrypted, possibly compressed output here. */
701 * Send Data header to Storage daemon
702 * <file-index> <stream> <info>
704 if (!bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, stream)) {
705 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
709 Dmsg1(300, ">stored: datahdr %s\n", sd->msg);
712 * Make space at beginning of buffer for fileAddr because this
713 * same buffer will be used for writing if compression is off.
715 if (ff_pkt->flags & FO_SPARSE) {
716 rbuf += SPARSE_FADDR_SIZE;
717 rsize -= SPARSE_FADDR_SIZE;
718 #ifdef HAVE_FREEBSD_OS
720 * To read FreeBSD partitions, the read size must be
723 rsize = (rsize/512) * 512;
727 /* a RAW device read on win32 only works if the buffer is a multiple of 512 */
729 if (S_ISBLK(ff_pkt->statp.st_mode))
730 rsize = (rsize/512) * 512;
736 while ((sd->msglen=(uint32_t)bread(&ff_pkt->bfd, rbuf, rsize)) > 0) {
738 /* Check for sparse blocks */
739 if (ff_pkt->flags & FO_SPARSE) {
741 bool haveBlock = true;
742 if (sd->msglen == rsize &&
743 fileAddr+sd->msglen < (uint64_t)ff_pkt->statp.st_size ||
744 ((ff_pkt->type == FT_RAW || ff_pkt->type == FT_FIFO) &&
745 (uint64_t)ff_pkt->statp.st_size == 0)) {
746 haveBlock = !is_buf_zero(rbuf, rsize);
749 ser_begin(wbuf, SPARSE_FADDR_SIZE);
750 ser_uint64(fileAddr); /* store fileAddr in begin of buffer */
752 fileAddr += sd->msglen; /* update file address */
754 continue; /* skip block of zeros */
758 jcr->ReadBytes += sd->msglen; /* count bytes read */
760 /* Uncompressed cipher input length */
761 cipher_input_len = sd->msglen;
763 /* Update checksum if requested */
765 crypto_digest_update(digest, (uint8_t *)rbuf, sd->msglen);
768 /* Update signing digest if requested */
769 if (signing_digest) {
770 crypto_digest_update(signing_digest, (uint8_t *)rbuf, sd->msglen);
774 /* Do compression if turned on */
775 if (ff_pkt->flags & FO_GZIP && jcr->pZLIB_compress_workset) {
776 Dmsg3(400, "cbuf=0x%x rbuf=0x%x len=%u\n", cbuf, rbuf, sd->msglen);
778 ((z_stream*)jcr->pZLIB_compress_workset)->next_in = (Bytef *)rbuf;
779 ((z_stream*)jcr->pZLIB_compress_workset)->avail_in = sd->msglen;
780 ((z_stream*)jcr->pZLIB_compress_workset)->next_out = (Bytef *)cbuf;
781 ((z_stream*)jcr->pZLIB_compress_workset)->avail_out = max_compress_len;
783 if ((zstat=deflate((z_stream*)jcr->pZLIB_compress_workset, Z_FINISH)) != Z_STREAM_END) {
784 Jmsg(jcr, M_FATAL, 0, _("Compression deflate error: %d\n"), zstat);
785 set_jcr_job_status(jcr, JS_ErrorTerminated);
788 compress_len = ((z_stream*)jcr->pZLIB_compress_workset)->total_out;
789 /* reset zlib stream to be able to begin from scratch again */
790 if ((zstat=deflateReset((z_stream*)jcr->pZLIB_compress_workset)) != Z_OK) {
791 Jmsg(jcr, M_FATAL, 0, _("Compression deflateReset error: %d\n"), zstat);
792 set_jcr_job_status(jcr, JS_ErrorTerminated);
796 Dmsg2(400, "compressed len=%d uncompressed len=%d\n", compress_len,
799 sd->msglen = compress_len; /* set compressed length */
800 cipher_input_len = compress_len;
804 * Note, here we prepend the current record length to the beginning
805 * of the encrypted data. This is because both sparse and compression
806 * restore handling want records returned to them with exactly the
807 * same number of bytes that were processed in the backup handling.
808 * That is, both are block filters rather than a stream. When doing
809 * compression, the compression routines may buffer data, so that for
810 * any one record compressed, when it is decompressed the same size
811 * will not be obtained. Of course, the buffered data eventually comes
812 * out in subsequent crypto_cipher_update() calls or at least
813 * when crypto_cipher_finalize() is called. Unfortunately, this
814 * "feature" of encryption enormously complicates the restore code.
816 if (ff_pkt->flags & FO_ENCRYPT) {
817 uint32_t initial_len = 0;
820 if (ff_pkt->flags & FO_SPARSE) {
821 cipher_input_len += SPARSE_FADDR_SIZE;
824 /* Encrypt the length of the input block */
825 uint8_t packet_len[sizeof(uint32_t)];
827 ser_begin(packet_len, sizeof(uint32_t));
828 ser_uint32(cipher_input_len); /* store data len in begin of buffer */
829 Dmsg1(20, "Encrypt len=%d\n", cipher_input_len);
831 if (!crypto_cipher_update(cipher_ctx, packet_len, sizeof(packet_len),
832 (u_int8_t *)jcr->crypto_buf, &initial_len)) {
833 /* Encryption failed. Shouldn't happen. */
834 Jmsg(jcr, M_FATAL, 0, _("Encryption error\n"));
838 /* Encrypt the input block */
839 if (crypto_cipher_update(cipher_ctx, cipher_input, cipher_input_len,
840 (u_int8_t *)&jcr->crypto_buf[initial_len], &encrypted_len)) {
841 if ((initial_len + encrypted_len) == 0) {
842 /* No full block of data available, read more data */
845 Dmsg2(400, "encrypted len=%d unencrypted len=%d\n", encrypted_len,
847 sd->msglen = initial_len + encrypted_len; /* set encrypted length */
849 /* Encryption failed. Shouldn't happen. */
850 Jmsg(jcr, M_FATAL, 0, _("Encryption error\n"));
855 /* Send the buffer to the Storage daemon */
856 if (ff_pkt->flags & FO_SPARSE) {
857 sd->msglen += SPARSE_FADDR_SIZE; /* include fileAddr in size */
859 sd->msg = wbuf; /* set correct write buffer */
860 if (!bnet_send(sd)) {
861 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
865 Dmsg1(130, "Send data to SD len=%d\n", sd->msglen);
867 jcr->JobBytes += sd->msglen; /* count bytes saved possibly compressed/encrypted */
868 sd->msg = msgsave; /* restore read buffer */
870 } /* end while read file data */
872 if (sd->msglen < 0) { /* error */
874 Jmsg(jcr, M_ERROR, 0, _("Read error on file %s. ERR=%s\n"),
875 ff_pkt->fname, be.strerror(ff_pkt->bfd.berrno));
876 if (jcr->Errors++ > 1000) { /* insanity check */
877 Jmsg(jcr, M_FATAL, 0, _("Too many errors.\n"));
879 } else if (ff_pkt->flags & FO_ENCRYPT) {
881 * For encryption, we must call finalize to push out any
884 if (!crypto_cipher_finalize(cipher_ctx, (uint8_t *)jcr->crypto_buf,
886 /* Padding failed. Shouldn't happen. */
887 Jmsg(jcr, M_FATAL, 0, _("Encryption padding error\n"));
891 /* Note, on SSL pre-0.9.7, there is always some output */
892 if (encrypted_len > 0) {
893 sd->msglen = encrypted_len; /* set encrypted length */
894 sd->msg = jcr->crypto_buf; /* set correct write buffer */
895 if (!bnet_send(sd)) {
896 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
900 Dmsg1(130, "Send data to SD len=%d\n", sd->msglen);
901 jcr->JobBytes += sd->msglen; /* count bytes saved possibly compressed/encrypted */
902 sd->msg = msgsave; /* restore bnet buffer */
906 if (!bnet_sig(sd, BNET_EOD)) { /* indicate end of file data */
907 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
912 /* Free the cipher context */
914 crypto_cipher_free(cipher_ctx);
919 /* Free the cipher context */
921 crypto_cipher_free(cipher_ctx);
924 sd->msg = msgsave; /* restore bnet buffer */
930 * Read and send an ACL for the last encountered file.
932 static bool read_and_send_acl(JCR *jcr, int acltype, int stream)
935 BSOCK *sd = jcr->store_bsock;
938 #ifdef FD_NO_SEND_TEST
942 len = bacl_get(jcr, acltype);
944 Jmsg1(jcr, M_WARNING, 0, _("Error reading ACL of %s\n"), jcr->last_fname);
948 return true; /* no ACL */
952 if (!bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, stream)) {
953 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
958 /* Send the buffer to the storage deamon */
959 Dmsg2(400, "Backing up ACL type 0x%2x <%s>\n", acltype, jcr->acl_text);
961 sd->msg = jcr->acl_text;
962 sd->msglen = len + 1;
963 if (!bnet_send(sd)) {
966 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
971 jcr->JobBytes += sd->msglen;
973 if (!bnet_sig(sd, BNET_EOD)) {
974 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
979 Dmsg1(200, "ACL of file: %s successfully backed up!\n", jcr->last_fname);
984 static bool encode_and_send_attributes(JCR *jcr, FF_PKT *ff_pkt, int &data_stream)
986 BSOCK *sd = jcr->store_bsock;
987 char attribs[MAXSTRING];
988 char attribsEx[MAXSTRING];
991 #ifdef FD_NO_SEND_TEST
995 /* Find what data stream we will use, then encode the attributes */
996 if ((data_stream = select_data_stream(ff_pkt)) == STREAM_NONE) {
997 /* This should not happen */
998 Jmsg0(jcr, M_FATAL, 0, _("Invalid file flags, no supported data stream type.\n"));
1001 encode_stat(attribs, ff_pkt, data_stream);
1003 /* Now possibly extend the attributes */
1004 attr_stream = encode_attribsEx(jcr, attribsEx, ff_pkt);
1006 Dmsg3(300, "File %s\nattribs=%s\nattribsEx=%s\n", ff_pkt->fname, attribs, attribsEx);
1009 jcr->JobFiles++; /* increment number of files sent */
1010 ff_pkt->FileIndex = jcr->JobFiles; /* return FileIndex */
1011 pm_strcpy(jcr->last_fname, ff_pkt->fname);
1015 * Send Attributes header to Storage daemon
1016 * <file-index> <stream> <info>
1018 if (!bnet_fsend(sd, "%ld %d 0", jcr->JobFiles, attr_stream)) {
1019 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
1023 Dmsg1(300, ">stored: attrhdr %s\n", sd->msg);
1026 * Send file attributes to Storage daemon
1029 * Filename (full path)
1030 * Encoded attributes
1031 * Link name (if type==FT_LNK or FT_LNKSAVED)
1032 * Encoded extended-attributes (for Win32)
1034 * For a directory, link is the same as fname, but with trailing
1035 * slash. For a linked file, link is the link.
1037 if (ff_pkt->type == FT_LNK || ff_pkt->type == FT_LNKSAVED) {
1038 Dmsg2(300, "Link %s to %s\n", ff_pkt->fname, ff_pkt->link);
1039 stat = bnet_fsend(sd, "%ld %d %s%c%s%c%s%c%s%c", jcr->JobFiles,
1040 ff_pkt->type, ff_pkt->fname, 0, attribs, 0, ff_pkt->link, 0,
1042 } else if (ff_pkt->type == FT_DIREND) {
1043 /* Here link is the canonical filename (i.e. with trailing slash) */
1044 stat = bnet_fsend(sd, "%ld %d %s%c%s%c%c%s%c", jcr->JobFiles,
1045 ff_pkt->type, ff_pkt->link, 0, attribs, 0, 0, attribsEx, 0);
1047 stat = bnet_fsend(sd, "%ld %d %s%c%s%c%c%s%c", jcr->JobFiles,
1048 ff_pkt->type, ff_pkt->fname, 0, attribs, 0, 0, attribsEx, 0);
1051 Dmsg2(300, ">stored: attr len=%d: %s\n", sd->msglen, sd->msg);
1053 Jmsg1(jcr, M_FATAL, 0, _("Network send error to SD. ERR=%s\n"),
1057 bnet_sig(sd, BNET_EOD); /* indicate end of attributes data */