2 Bacula® - The Network Backup Solution
4 Copyright (C) 2000-2008 Free Software Foundation Europe e.V.
6 The main author of Bacula is Kern Sibbald, with contributions from
7 many others, a complete list can be found in the file AUTHORS.
8 This program is Free Software; you can redistribute it and/or
9 modify it under the terms of version two of the GNU General Public
10 License as published by the Free Software Foundation and included
13 This program is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 Bacula® is a registered trademark of Kern Sibbald.
24 The licensor of Bacula is the Free Software Foundation Europe
25 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
26 Switzerland, email:ftf@fsfeurope.org.
29 * Bacula File Daemon restore.c Restorefiles.
31 * Kern Sibbald, November MM
42 const bool have_darwin_os = true;
44 const bool have_darwin_os = false;
47 #if defined(HAVE_CRYPTO)
48 const bool have_crypto = true;
50 const bool have_crypto = false;
54 const bool have_acl = true;
56 const bool have_acl = false;
60 const bool have_sha2 = true;
62 const bool have_sha2 = false;
66 /* Data received from Storage Daemon */
67 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
69 typedef struct restore_cipher_ctx {
70 CIPHER_CONTEXT *cipher;
73 POOLMEM *buf; /* Pointer to descryption buffer */
74 int32_t buf_len; /* Count of bytes currently in buf */
75 int32_t packet_len; /* Total bytes in packet */
82 BFILE bfd; /* File content */
83 uint64_t fileAddr; /* file write address */
84 uint32_t size; /* Size of file */
85 int flags; /* Options for extract_data() */
86 BFILE forkbfd; /* Alternative data stream */
87 uint64_t fork_addr; /* Write address for alternative stream */
88 intmax_t fork_size; /* Size of alternate stream */
89 int fork_flags; /* Options for extract_data() */
90 int32_t type; /* file type FT_ */
91 ATTR *attr; /* Pointer to attributes */
92 bool extract; /* set when extracting */
94 SIGNATURE *sig; /* Cryptographic signature (if any) for file */
95 CRYPTO_SESSION *cs; /* Cryptographic session data (if any) for file */
96 RESTORE_CIPHER_CTX cipher_ctx; /* Cryptographic restore context (if any) for file */
97 RESTORE_CIPHER_CTX fork_cipher_ctx; /* Cryptographic restore context (if any) for alternative stream */
101 /* Forward referenced functions */
102 #if defined(HAVE_LIBZ)
103 static const char *zlib_strerror(int stat);
104 const bool have_libz = true;
106 const bool have_libz = false;
109 static void deallocate_cipher(r_ctx &rctx);
110 static void deallocate_fork_cipher(r_ctx &rctx);
111 static void free_signature(r_ctx &rctx);
112 static void free_session(r_ctx &rctx);
113 static void close_previous_stream(r_ctx &rctx);
117 static bool verify_signature(JCR *jcr, r_ctx &rctx);
118 int32_t extract_data(JCR *jcr, r_ctx &rctx, POOLMEM *buf, int32_t buflen,
119 uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx);
120 bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags,
121 RESTORE_CIPHER_CTX *cipher_ctx);
125 * Close a bfd check that we are at the expected file offset.
126 * Makes use of some code from set_attributes().
128 static int bclose_chksize(JCR *jcr, BFILE *bfd, boffset_t osize)
130 char ec1[50], ec2[50];
133 fsize = blseek(bfd, 0, SEEK_CUR);
134 bclose(bfd); /* first close file */
135 if (fsize > 0 && fsize != osize) {
136 Qmsg3(jcr, M_ERROR, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
137 jcr->last_fname, edit_uint64(osize, ec1),
138 edit_uint64(fsize, ec2));
146 * Restore the requested files.
149 void do_restore(JCR *jcr)
152 uint32_t VolSessionId, VolSessionTime;
154 char ec1[50]; /* Buffer printing huge values */
155 uint32_t buf_size; /* client buffer size */
157 intmax_t rsrc_len = 0; /* Original length of resource fork */
160 /* ***FIXME*** make configurable */
161 crypto_digest_t signing_algorithm = have_sha2 ?
162 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
163 memset(&rctx, 0, sizeof(rctx));
166 /* The following variables keep track of "known unknowns" */
167 int non_support_data = 0;
168 int non_support_attr = 0;
169 int non_support_rsrc = 0;
170 int non_support_finfo = 0;
171 int non_support_acl = 0;
172 int non_support_progname = 0;
173 int non_support_crypto = 0;
175 #ifdef HAVE_DARWIN_OS
176 struct attrlist attrList;
177 memset(&attrList, 0, sizeof(attrList));
178 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
179 attrList.commonattr = ATTR_CMN_FNDRINFO;
183 sd = jcr->store_bsock;
184 set_jcr_job_status(jcr, JS_Running);
187 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
190 buf_size = client->max_network_buffer_size;
192 buf_size = 0; /* use default */
194 if (!bnet_set_buffer_size(sd, buf_size, BNET_SETBUF_WRITE)) {
195 set_jcr_job_status(jcr, JS_ErrorTerminated);
198 jcr->buf_size = sd->msglen;
200 /* St Bernard code goes here if implemented -- see end of file */
203 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
204 jcr->compress_buf = (char *)bmalloc(compress_buf_size);
205 jcr->compress_buf_size = compress_buf_size;
209 rctx.cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
210 if (have_darwin_os) {
211 rctx.fork_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
216 * Get a record from the Storage daemon. We are guaranteed to
217 * receive records in the following order:
218 * 1. Stream record header
219 * 2. Stream data (one or more of the following in the order given)
220 * a. Attributes (Unix or Win32)
221 * b. Possibly stream encryption session data (e.g., symmetric session key)
222 * c. File data for the file
223 * d. Alternate data stream (e.g. Resource Fork)
226 * g. Possibly a cryptographic signature
227 * h. Possibly MD5 or SHA1 record
230 * NOTE: We keep track of two bacula file descriptors:
231 * 1. bfd for file data.
232 * This fd is opened for non empty files when an attribute stream is
233 * encountered and closed when we find the next attribute stream.
234 * 2. fork_bfd for alternate data streams
235 * This fd is opened every time we encounter a new alternate data
236 * stream for the current file. When we find any other stream, we
238 * The expected size of the stream, fork_len, should be set when
240 * 3. Not all the stream data records are required -- e.g. if there
241 * is no fork, there is no alternate data stream, no ACL, ...
244 binit(&rctx.forkbfd);
245 attr = rctx.attr = new_attr(jcr);
246 jcr->acl_text = get_pool_memory(PM_MESSAGE);
250 while (bget_msg(sd) >= 0 && !job_canceled(jcr)) {
251 /* Remember previous stream type */
252 rctx.prev_stream = rctx.stream;
254 /* First we expect a Stream Record Header */
255 if (sscanf(sd->msg, rec_header, &VolSessionId, &VolSessionTime, &file_index,
256 &rctx.stream, &rctx.size) != 5) {
257 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), sd->msg);
260 Dmsg5(50, "Got hdr: Files=%d FilInx=%d size=%d Stream=%d, %s.\n",
261 jcr->JobFiles, file_index, rctx.size, rctx.stream, stream_to_ascii(rctx.stream));
263 /* * Now we expect the Stream Data */
264 if (bget_msg(sd) < 0) {
265 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), sd->bstrerror());
268 if (rctx.size != (uint32_t)sd->msglen) {
269 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
270 sd->msglen, rctx.size);
271 Dmsg2(50, "Actual data size %d not same as header %d\n",
272 sd->msglen, rctx.size);
275 Dmsg3(130, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream),
276 sd->msglen, rctx.extract);
278 /* If we change streams, close and reset alternate data streams */
279 if (rctx.prev_stream != rctx.stream) {
280 if (is_bopen(&rctx.forkbfd)) {
281 deallocate_fork_cipher(rctx);
282 bclose_chksize(jcr, &rctx.forkbfd, rctx.fork_size);
284 rctx.fork_size = -1; /* Use an impossible value and set a proper one below */
288 /* File Attributes stream */
289 switch (rctx.stream) {
290 case STREAM_UNIX_ATTRIBUTES:
291 case STREAM_UNIX_ATTRIBUTES_EX:
292 close_previous_stream(rctx); /* if any previous stream open, close it */
295 /* TODO: manage deleted files */
296 if (rctx.type == FT_DELETED) { /* deleted file */
301 * Unpack attributes and do sanity check them
303 if (!unpack_attributes_record(jcr, rctx.stream, sd->msg, attr)) {
307 if (file_index != attr->file_index) {
308 Jmsg(jcr, M_FATAL, 0, _("Record header file index %ld not equal record index %ld\n"),
309 file_index, attr->file_index);
310 Dmsg0(200, "File index error\n");
315 Dmsg3(200, "File %s\nattrib=%s\nattribsEx=%s\n", attr->fname,
316 attr->attr, attr->attrEx);
318 attr->data_stream = decode_stat(attr->attr, &attr->statp, &attr->LinkFI);
320 if (!is_restore_stream_supported(attr->data_stream)) {
321 if (!non_support_data++) {
322 Jmsg(jcr, M_ERROR, 0, _("%s stream not supported on this Client.\n"),
323 stream_to_ascii(attr->data_stream));
328 build_attr_output_fnames(jcr, attr);
331 * Try to actually create the file, which returns a status telling
332 * us if we need to extract or not.
334 jcr->num_files_examined++;
335 rctx.extract = false;
337 stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
339 stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
342 pm_strcpy(jcr->last_fname, attr->ofname);
343 jcr->last_type = attr->type;
345 Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
349 pm_strcpy(jcr->last_fname, attr->ofname);
350 jcr->last_type = attr->type;
352 case CF_EXTRACT: /* File created and we expect file data */
355 case CF_CREATED: /* File created, but there is no content */
358 print_ls_output(jcr, attr);
360 if (have_darwin_os) {
361 /* Only restore the resource fork for regular files */
362 from_base64(&rsrc_len, attr->attrEx);
363 if (attr->type == FT_REG && rsrc_len > 0) {
368 /* set attributes now because file will not be extracted */
370 plugin_set_attributes(jcr, attr, &rctx.bfd);
372 set_attributes(jcr, attr, &rctx.bfd);
380 case STREAM_ENCRYPTED_SESSION_DATA:
381 crypto_error_t cryptoerr;
383 /* Is this an unexpected session data entry? */
385 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
386 rctx.extract = false;
391 /* Do we have any keys at all? */
392 if (!jcr->crypto.pki_recipients) {
393 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
394 rctx.extract = false;
399 if (jcr->crypto.digest) {
400 crypto_digest_free(jcr->crypto.digest);
402 jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
403 if (!jcr->crypto.digest) {
404 Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
405 rctx.extract = false;
410 /* Decode and save session keys. */
411 cryptoerr = crypto_session_decode((uint8_t *)sd->msg, (uint32_t)sd->msglen,
412 jcr->crypto.pki_recipients, &rctx.cs);
414 case CRYPTO_ERROR_NONE:
417 case CRYPTO_ERROR_NORECIPIENT:
418 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
420 case CRYPTO_ERROR_DECRYPTION:
421 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
424 /* Shouldn't happen */
425 Jmsg1(jcr, M_ERROR, 0, _("An error occurred while decoding encrypted session data stream: %s\n"), crypto_strerror(cryptoerr));
429 if (cryptoerr != CRYPTO_ERROR_NONE) {
430 rctx.extract = false;
437 case STREAM_FILE_DATA:
438 case STREAM_SPARSE_DATA:
439 case STREAM_WIN32_DATA:
440 case STREAM_GZIP_DATA:
441 case STREAM_SPARSE_GZIP_DATA:
442 case STREAM_WIN32_GZIP_DATA:
443 case STREAM_ENCRYPTED_FILE_DATA:
444 case STREAM_ENCRYPTED_WIN32_DATA:
445 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
446 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
447 /* Force an expected, consistent stream type here */
448 if (rctx.extract && (rctx.prev_stream == rctx.stream
449 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
450 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
451 || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
454 if (rctx.stream == STREAM_SPARSE_DATA ||
455 rctx.stream == STREAM_SPARSE_GZIP_DATA) {
456 rctx.flags |= FO_SPARSE;
459 if (rctx.stream == STREAM_GZIP_DATA
460 || rctx.stream == STREAM_SPARSE_GZIP_DATA
461 || rctx.stream == STREAM_WIN32_GZIP_DATA
462 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
463 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
464 rctx.flags |= FO_GZIP;
467 if (rctx.stream == STREAM_ENCRYPTED_FILE_DATA
468 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
469 || rctx.stream == STREAM_ENCRYPTED_WIN32_DATA
470 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
471 /* Set up a decryption context */
472 if (!rctx.cipher_ctx.cipher) {
474 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
475 rctx.extract = false;
480 if ((rctx.cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false,
481 &rctx.cipher_ctx.block_size)) == NULL) {
482 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
484 rctx.extract = false;
489 rctx.flags |= FO_ENCRYPT;
492 if (is_win32_stream(rctx.stream) && !have_win32_api()) {
493 set_portable_backup(&rctx.bfd);
494 rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
497 if (extract_data(jcr, rctx, sd->msg, sd->msglen, &rctx.fileAddr,
498 rctx.flags, &rctx.cipher_ctx) < 0) {
505 /* Resource fork stream - only recorded after a file to be restored */
506 /* Silently ignore if we cannot write - we already reported that */
507 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
508 case STREAM_MACOS_FORK_DATA:
509 #ifdef HAVE_DARWIN_OS
511 jcr->ff->flags |= FO_HFSPLUS;
513 if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
514 rctx.fork_flags |= FO_ENCRYPT;
516 /* Set up a decryption context */
517 if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
519 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
520 rctx.extract = false;
525 if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
526 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
528 rctx.extract = false;
536 if (rctx.prev_stream != rctx.stream) {
537 if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
538 Jmsg(jcr, M_ERROR, 0, _(" Cannot open resource fork for %s.\n"), jcr->last_fname);
539 rctx.extract = false;
543 rctx.fork_size = rsrc_len;
544 Dmsg0(130, "Restoring resource fork\n");
547 if (extract_data(jcr, rctx, sd->msg, sd->msglen, &rctx.fork_addr, rctx.fork_flags,
548 &rctx.fork_cipher_ctx) < 0) {
549 bclose(&rctx.forkbfd);
558 case STREAM_HFSPLUS_ATTRIBUTES:
559 #ifdef HAVE_DARWIN_OS
560 Dmsg0(130, "Restoring Finder Info\n");
561 jcr->ff->flags |= FO_HFSPLUS;
562 if (sd->msglen != 32) {
563 Jmsg(jcr, M_ERROR, 0, _(" Invalid length of Finder Info (got %d, not 32)\n"), sd->msglen);
566 if (setattrlist(jcr->last_fname, &attrList, sd->msg, sd->msglen, 0) != 0) {
567 Jmsg(jcr, M_ERROR, 0, _(" Could not set Finder Info on %s\n"), jcr->last_fname);
575 case STREAM_UNIX_ACCESS_ACL:
577 * Do not restore ACLs when
578 * a) The current file is not extracted
579 * b) and it is not a directory (they are never "extracted")
580 * c) or the file name is empty
582 if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) {
586 pm_strcpy(jcr->acl_text, sd->msg);
587 Dmsg2(400, "Restoring ACL type 0x%2x <%s>\n", BACL_TYPE_ACCESS, jcr->acl_text);
588 if (bacl_set(jcr, BACL_TYPE_ACCESS) != 0) {
589 Qmsg1(jcr, M_WARNING, 0, _("Can't restore ACL of %s\n"), jcr->last_fname);
596 case STREAM_UNIX_DEFAULT_ACL:
597 if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) {
601 pm_strcpy(jcr->acl_text, sd->msg);
602 Dmsg2(400, "Restoring ACL type 0x%2x <%s>\n", BACL_TYPE_DEFAULT, jcr->acl_text);
603 if (bacl_set(jcr, BACL_TYPE_DEFAULT) != 0) {
604 Qmsg1(jcr, M_WARNING, 0, _("Can't restore default ACL of %s\n"), jcr->last_fname);
611 case STREAM_SIGNED_DIGEST:
612 /* Is this an unexpected signature? */
614 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
615 free_signature(rctx);
618 /* Save signature. */
619 if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)sd->msg, (uint32_t)sd->msglen)) == NULL) {
620 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
624 case STREAM_MD5_DIGEST:
625 case STREAM_SHA1_DIGEST:
626 case STREAM_SHA256_DIGEST:
627 case STREAM_SHA512_DIGEST:
630 case STREAM_PROGRAM_NAMES:
631 case STREAM_PROGRAM_DATA:
632 if (!non_support_progname) {
633 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
634 non_support_progname++;
638 case STREAM_PLUGIN_NAME:
639 close_previous_stream(rctx);
640 Dmsg1(50, "restore stream_plugin_name=%s\n", sd->msg);
641 plugin_name_stream(jcr, sd->msg);
645 close_previous_stream(rctx);
646 Jmsg(jcr, M_ERROR, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
648 Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, sd->msg);
650 } /* end switch(stream) */
652 } /* end while get_msg() */
655 * If output file is still open, it was the last one in the
656 * archive since we just hit an end of file, so close the file.
658 if (is_bopen(&rctx.forkbfd)) {
659 bclose_chksize(jcr, &rctx.forkbfd, rctx.fork_size);
662 close_previous_stream(rctx);
663 set_jcr_job_status(jcr, JS_Terminated);
667 set_jcr_job_status(jcr, JS_ErrorTerminated);
670 /* Free Signature & Crypto Data */
671 free_signature(rctx);
673 if (jcr->crypto.digest) {
674 crypto_digest_free(jcr->crypto.digest);
675 jcr->crypto.digest = NULL;
678 /* Free file cipher restore context */
679 if (rctx.cipher_ctx.cipher) {
680 crypto_cipher_free(rctx.cipher_ctx.cipher);
681 rctx.cipher_ctx.cipher = NULL;
683 if (rctx.cipher_ctx.buf) {
684 free_pool_memory(rctx.cipher_ctx.buf);
685 rctx.cipher_ctx.buf = NULL;
688 /* Free alternate stream cipher restore context */
689 if (rctx.fork_cipher_ctx.cipher) {
690 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
691 rctx.fork_cipher_ctx.cipher = NULL;
693 if (rctx.fork_cipher_ctx.buf) {
694 free_pool_memory(rctx.fork_cipher_ctx.buf);
695 rctx.fork_cipher_ctx.buf = NULL;
698 if (jcr->compress_buf) {
699 free(jcr->compress_buf);
700 jcr->compress_buf = NULL;
701 jcr->compress_buf_size = 0;
703 bclose(&rctx.forkbfd);
705 free_attr(rctx.attr);
706 free_pool_memory(jcr->acl_text);
707 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
708 edit_uint64(jcr->JobBytes, ec1));
709 if (non_support_data > 1 || non_support_attr > 1) {
710 Jmsg(jcr, M_ERROR, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
711 non_support_data, non_support_attr);
713 if (non_support_rsrc) {
714 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_support_rsrc);
716 if (non_support_finfo) {
717 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_support_rsrc);
719 if (non_support_acl) {
720 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_support_acl);
722 if (non_support_crypto) {
723 Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_support_acl);
730 * Convert ZLIB error code into an ASCII message
732 static const char *zlib_strerror(int stat)
739 return _("Zlib errno");
741 return _("Zlib stream error");
743 return _("Zlib data error");
745 return _("Zlib memory error");
747 return _("Zlib buffer error");
748 case Z_VERSION_ERROR:
749 return _("Zlib version error");
756 static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
758 Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
759 return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
763 * Verify the signature for the last restored file
764 * Return value is either true (signature correct)
765 * or false (signature could not be verified).
766 * TODO landonf: Implement without using find_one_file and
767 * without re-reading the file.
769 static bool verify_signature(JCR *jcr, r_ctx &rctx)
771 X509_KEYPAIR *keypair;
772 DIGEST *digest = NULL;
774 uint64_t saved_bytes;
775 crypto_digest_t signing_algorithm = have_sha2 ?
776 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
777 crypto_digest_t algorithm;
778 SIGNATURE *sig = rctx.sig;
781 if (!jcr->crypto.pki_sign) {
782 return true; /* no signature OK */
785 if (rctx.type == FT_REGE || rctx.type == FT_REG || rctx.type == FT_RAW) {
786 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"),
793 /* Iterate through the trusted signers */
794 foreach_alist(keypair, jcr->crypto.pki_signers) {
795 err = crypto_sign_get_digest(sig, jcr->crypto.pki_keypair, algorithm, &digest);
797 case CRYPTO_ERROR_NONE:
798 Dmsg0(50, "== Got digest\n");
800 * We computed jcr->crypto.digest using signing_algorithm while writing
801 * the file. If it is not the same as the algorithm used for
802 * this file, punt by releasing the computed algorithm and
803 * computing by re-reading the file.
805 if (algorithm != signing_algorithm) {
806 if (jcr->crypto.digest) {
807 crypto_digest_free(jcr->crypto.digest);
808 jcr->crypto.digest = NULL;
811 if (jcr->crypto.digest) {
812 /* Use digest computed while writing the file to verify the signature */
813 if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
814 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
815 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
816 jcr->last_fname, crypto_strerror(err));
820 /* Signature found, digest allocated. Old method,
821 * re-read the file and compute the digest
823 jcr->crypto.digest = digest;
825 /* Checksum the entire file */
826 /* Make sure we don't modify JobBytes by saving and restoring it */
827 saved_bytes = jcr->JobBytes;
828 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
829 Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
831 jcr->JobBytes = saved_bytes;
834 jcr->JobBytes = saved_bytes;
836 /* Verify the signature */
837 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
838 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
839 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
840 jcr->last_fname, crypto_strerror(err));
843 jcr->crypto.digest = NULL;
846 /* Valid signature */
847 Dmsg1(50, "Signature good on %s\n", jcr->last_fname);
848 crypto_digest_free(digest);
851 case CRYPTO_ERROR_NOSIGNER:
852 /* Signature not found, try again */
854 crypto_digest_free(digest);
859 /* Something strange happened (that shouldn't happen!)... */
860 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
866 Dmsg1(50, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
870 crypto_digest_free(digest);
875 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length)
880 unser_begin(*data, SPARSE_FADDR_SIZE);
882 if (*addr != faddr) {
884 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
886 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
887 edit_uint64(*addr, ec1), jcr->last_fname,
888 be.bstrerror(bfd->berrno));
892 *data += SPARSE_FADDR_SIZE;
893 *length -= SPARSE_FADDR_SIZE;
897 bool decompress_data(JCR *jcr, char **data, uint32_t *length)
902 char ec1[50]; /* Buffer printing huge values */
905 * NOTE! We only use uLong and Byte because they are
906 * needed by the zlib routines, they should not otherwise
909 compress_len = jcr->compress_buf_size;
910 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
911 if ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
912 (const Byte *)*data, (uLong)*length)) != Z_OK) {
913 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
914 jcr->last_fname, zlib_strerror(stat));
917 *data = jcr->compress_buf;
918 *length = compress_len;
919 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
922 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
927 static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
930 if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
931 unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
932 unser_uint32(ctx->packet_len);
933 ctx->packet_len += CRYPTO_LEN_SIZE;
937 bool store_data(JCR *jcr, BFILE *bfd, char *data, const int32_t length, bool win32_decomp)
939 if (jcr->crypto.digest) {
940 crypto_digest_update(jcr->crypto.digest, (uint8_t *)data, length);
943 if (!processWin32BackupAPIBlock(bfd, data, length)) {
945 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
946 jcr->last_fname, be.bstrerror(bfd->berrno));
949 } else if (bwrite(bfd, data, length) != (ssize_t)length) {
951 Jmsg2(jcr, M_ERROR, 0, _("Write error on %s: %s\n"),
952 jcr->last_fname, be.bstrerror(bfd->berrno));
960 * In the context of jcr, write data to bfd.
961 * We write buflen bytes in buf at addr. addr is updated in place.
962 * The flags specify whether to use sparse files or compression.
963 * Return value is the number of bytes written, or -1 on errors.
965 int32_t extract_data(JCR *jcr, r_ctx &rctx, POOLMEM *buf, int32_t buflen,
966 uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx)
968 BFILE *bfd = &rctx.bfd;
969 char *wbuf; /* write buffer */
970 uint32_t wsize; /* write size */
971 uint32_t rsize; /* read size */
972 uint32_t decrypted_len = 0; /* Decryption output length */
973 char ec1[50]; /* Buffer printing huge values */
976 jcr->ReadBytes += rsize;
980 if (flags & FO_ENCRYPT) {
981 ASSERT(cipher_ctx->cipher);
983 /* NOTE: We must implement block preserving semantics for the
984 * non-streaming compression and sparse code. */
987 * Grow the crypto buffer, if necessary.
988 * crypto_cipher_update() will process only whole blocks,
989 * buffering the remaining input.
991 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
992 cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
994 /* Decrypt the input block */
995 if (!crypto_cipher_update(cipher_ctx->cipher,
996 (const u_int8_t *)wbuf,
998 (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1000 /* Decryption failed. Shouldn't happen. */
1001 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
1005 if (decrypted_len == 0) {
1006 /* No full block of encrypted data available, write more data */
1010 Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
1012 cipher_ctx->buf_len += decrypted_len;
1013 wbuf = cipher_ctx->buf;
1015 /* If one full preserved block is available, write it to disk,
1016 * and then buffer any remaining data. This should be effecient
1017 * as long as Bacula's block size is not significantly smaller than the
1018 * encryption block size (extremely unlikely!) */
1019 unser_crypto_packet_len(cipher_ctx);
1020 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1022 if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
1023 /* No full preserved block is available. */
1027 /* We have one full block, set up the filter input buffers */
1028 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1029 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1030 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1031 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1034 if (flags & FO_SPARSE) {
1035 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1040 if (flags & FO_GZIP) {
1041 if (!decompress_data(jcr, &wbuf, &wsize)) {
1046 if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1049 jcr->JobBytes += wsize;
1051 Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1053 /* Clean up crypto buffers */
1054 if (flags & FO_ENCRYPT) {
1055 /* Move any remaining data to start of buffer */
1056 if (cipher_ctx->buf_len > 0) {
1057 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1058 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1059 cipher_ctx->buf_len);
1061 /* The packet was successfully written, reset the length so that the next
1062 * packet length may be re-read by unser_crypto_packet_len() */
1063 cipher_ctx->packet_len = 0;
1068 rctx.extract = false;
1075 * If extracting, close any previous stream
1077 static void close_previous_stream(r_ctx &rctx)
1080 * If extracting, it was from previous stream, so
1081 * close the output file and validate the signature.
1084 if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
1085 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
1086 Dmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
1087 is_bopen(&rctx.bfd));
1090 if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
1091 deallocate_cipher(rctx);
1092 deallocate_fork_cipher(rctx);
1095 if (rctx.jcr->plugin) {
1096 plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1098 set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1100 rctx.extract = false;
1102 /* Verify the cryptographic signature, if any */
1103 rctx.type = rctx.attr->type;
1104 verify_signature(rctx.jcr, rctx);
1106 /* Free Signature */
1107 free_signature(rctx);
1109 rctx.jcr->ff->flags = 0;
1110 Dmsg0(130, "Stop extracting.\n");
1111 } else if (is_bopen(&rctx.bfd)) {
1112 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
1113 Dmsg0(000, "=== logic error !open\n");
1120 * In the context of jcr, flush any remaining data from the cipher context,
1121 * writing it to bfd.
1122 * Return value is true on success, false on failure.
1124 bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags,
1125 RESTORE_CIPHER_CTX *cipher_ctx)
1127 uint32_t decrypted_len = 0;
1128 char *wbuf; /* write buffer */
1129 uint32_t wsize; /* write size */
1130 char ec1[50]; /* Buffer printing huge values */
1131 bool second_pass = false;
1134 /* Write out the remaining block and free the cipher context */
1135 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf, cipher_ctx->buf_len +
1136 cipher_ctx->block_size);
1138 if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1140 /* Writing out the final, buffered block failed. Shouldn't happen. */
1141 Jmsg3(jcr, M_ERROR, 0, _("Decryption error. buf_len=%d decrypt_len=%d on file %s\n"),
1142 cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
1145 Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
1146 /* If nothing new was decrypted, and our output buffer is empty, return */
1147 if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
1151 cipher_ctx->buf_len += decrypted_len;
1153 unser_crypto_packet_len(cipher_ctx);
1154 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1155 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1156 wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Decrypted, possibly decompressed output here. */
1157 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1158 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1160 if (flags & FO_SPARSE) {
1161 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1166 if (flags & FO_GZIP) {
1167 if (!decompress_data(jcr, &wbuf, &wsize)) {
1172 Dmsg0(130, "Call store_data\n");
1173 if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1176 jcr->JobBytes += wsize;
1177 Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1179 /* Move any remaining data to start of buffer */
1180 if (cipher_ctx->buf_len > 0) {
1181 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1182 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1183 cipher_ctx->buf_len);
1185 /* The packet was successfully written, reset the length so that the next
1186 * packet length may be re-read by unser_crypto_packet_len() */
1187 cipher_ctx->packet_len = 0;
1189 if (cipher_ctx->buf_len >0 && !second_pass) {
1194 /* Stop decryption */
1195 cipher_ctx->buf_len = 0;
1196 cipher_ctx->packet_len = 0;
1201 static void deallocate_cipher(r_ctx &rctx)
1203 /* Flush and deallocate previous stream's cipher context */
1204 if (rctx.cipher_ctx.cipher) {
1205 flush_cipher(rctx.jcr, &rctx.bfd, &rctx.fileAddr, rctx.flags, &rctx.cipher_ctx);
1206 crypto_cipher_free(rctx.cipher_ctx.cipher);
1207 rctx.cipher_ctx.cipher = NULL;
1211 static void deallocate_fork_cipher(r_ctx &rctx)
1214 /* Flush and deallocate previous stream's fork cipher context */
1215 if (rctx.fork_cipher_ctx.cipher) {
1216 flush_cipher(rctx.jcr, &rctx.forkbfd, &rctx.fork_addr, rctx.fork_flags, &rctx.fork_cipher_ctx);
1217 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1218 rctx.fork_cipher_ctx.cipher = NULL;
1222 static void free_signature(r_ctx &rctx)
1225 crypto_sign_free(rctx.sig);
1230 static void free_session(r_ctx &rctx)
1233 crypto_session_free(rctx.cs);
1239 /* This code if implemented goes above */
1240 #ifdef stbernard_implemented
1241 / #if defined(HAVE_WIN32)
1242 bool bResumeOfmOnExit = FALSE;
1243 if (isOpenFileManagerRunning()) {
1244 if ( pauseOpenFileManager() ) {
1245 Jmsg(jcr, M_INFO, 0, _("Open File Manager paused\n") );
1246 bResumeOfmOnExit = TRUE;
1249 Jmsg(jcr, M_ERROR, 0, _("FAILED to pause Open File Manager\n") );
1253 char username[UNLEN+1];
1254 DWORD usize = sizeof(username);
1255 int privs = enable_backup_privileges(NULL, 1);
1256 if (GetUserName(username, &usize)) {
1257 Jmsg2(jcr, M_INFO, 0, _("Running as '%s'. Privmask=%#08x\n"), username,
1259 Jmsg(jcr, M_WARNING, 0, _("Failed to retrieve current UserName\n"));