2 Bacula(R) - The Network Backup Solution
4 Copyright (C) 2000-2015 Kern Sibbald
5 Copyright (C) 2000-2014 Free Software Foundation Europe e.V.
7 The original author of Bacula is Kern Sibbald, with contributions
8 from many others, a complete list can be found in the file AUTHORS.
10 You may use this file and others of this release according to the
11 license defined in the LICENSE file, which includes the Affero General
12 Public License, v3.0 ("AGPLv3") and some additional permissions and
13 terms pursuant to its AGPLv3 Section 7.
15 This notice must be preserved when any source code is
16 conveyed and/or propagated.
18 Bacula(R) is a registered trademark of Kern Sibbald.
21 * Bacula File Daemon restore.c Restorefiles.
23 * Kern Sibbald, November MM
34 const bool have_darwin_os = true;
36 const bool have_darwin_os = false;
39 #if defined(HAVE_CRYPTO)
40 const bool have_crypto = true;
42 const bool have_crypto = false;
46 const bool have_acl = true;
48 const bool have_acl = false;
52 const bool have_sha2 = true;
54 const bool have_sha2 = false;
57 #if defined(HAVE_XATTR)
58 const bool have_xattr = true;
60 const bool have_xattr = false;
63 /* Data received from Storage Daemon */
64 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
66 /* Forward referenced functions */
67 #if defined(HAVE_LIBZ)
68 static const char *zlib_strerror(int stat);
69 const bool have_libz = true;
71 const bool have_libz = false;
74 const bool have_lzo = true;
76 const bool have_lzo = false;
79 static void deallocate_cipher(r_ctx &rctx);
80 static void deallocate_fork_cipher(r_ctx &rctx);
81 static bool verify_signature(r_ctx &rctx);
82 static void free_signature(r_ctx &rctx);
83 static void free_session(r_ctx &rctx);
84 static bool close_previous_stream(r_ctx &rctx);
85 static int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen);
86 static bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
87 RESTORE_CIPHER_CTX *cipher_ctx);
90 * Close a bfd check that we are at the expected file offset.
91 * Makes use of some code from set_attributes().
93 static int bclose_chksize(r_ctx &rctx, BFILE *bfd, boffset_t osize)
95 char ec1[50], ec2[50];
99 fsize = blseek(bfd, 0, SEEK_CUR);
100 bclose(bfd); /* first close file */
101 if (fsize > 0 && fsize != osize) {
102 Qmsg3(jcr, M_WARNING, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
103 jcr->last_fname, edit_uint64(osize, ec1),
104 edit_uint64(fsize, ec2));
110 #ifdef HAVE_DARWIN_OS
111 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
113 struct attrlist attrList;
115 memset(&attrList, 0, sizeof(attrList));
116 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
117 attrList.commonattr = ATTR_CMN_FNDRINFO;
119 Dmsg0(130, "Restoring Finder Info\n");
120 jcr->ff->flags |= FO_HFSPLUS;
122 Jmsg(jcr, M_WARNING, 0, _("Invalid length of Finder Info (got %d, wanted 32)\n"), buflen);
126 if (setattrlist(jcr->last_fname, &attrList, buf, buflen, 0) != 0) {
127 Jmsg(jcr, M_WARNING, 0, _("Error setting Finder Info on \"%s\"\n"), jcr->last_fname);
135 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
143 * Cleanup of delayed restore stack with streams for later processing.
145 static void drop_delayed_restore_streams(r_ctx &rctx, bool reuse)
147 RESTORE_DATA_STREAM *rds;
149 if (!rctx.delayed_streams) {
151 rctx.delayed_streams = New(alist(10, owned_by_alist));
155 if (rctx.delayed_streams->empty()) {
159 foreach_alist(rds, rctx.delayed_streams) {
165 rctx.delayed_streams->destroy();
167 rctx.delayed_streams->init(10, owned_by_alist);
173 * Push a data stream onto the delayed restore stack for
176 static inline void push_delayed_restore_stream(r_ctx &rctx, char *msg, int msglen)
178 RESTORE_DATA_STREAM *rds;
183 if (!rctx.delayed_streams) {
184 rctx.delayed_streams = New(alist(10, owned_by_alist));
187 rds = (RESTORE_DATA_STREAM *)malloc(sizeof(RESTORE_DATA_STREAM));
188 rds->stream = rctx.stream;
189 rds->content = (char *)malloc(msglen);
190 memcpy(rds->content, msg, msglen);
191 rds->content_length = msglen;
192 rctx.delayed_streams->append(rds);
196 * Perform a restore of an ACL using the stream received.
197 * This can either be a delayed restore or direct restore.
199 static inline bool do_restore_acl(JCR *jcr, int stream, char *content,
200 uint32_t content_length)
202 switch (restore_acl_streams(jcr, stream, content, content_length)) {
207 * Non-fatal errors, count them and when the number is under ACL_MAX_ERROR_PRINT_PER_JOB
208 * print the error message set by the lower level routine in jcr->errmsg.
210 if (jcr->acl_ctx->nr_errors < ACL_MAX_ERROR_PRINT_PER_JOB) {
211 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
213 jcr->acl_ctx->nr_errors++;
222 * Perform a restore of an XATTR using the stream received.
223 * This can either be a delayed restore or direct restore.
225 static inline bool do_restore_xattr(JCR *jcr, int stream, char *content,
226 uint32_t content_length)
228 switch (restore_xattr_streams(jcr, stream, content, content_length)) {
229 case bxattr_rtn_fatal:
231 case bxattr_rtn_error:
233 * Non-fatal errors, count them and when the number is under XATTR_MAX_ERROR_PRINT_PER_JOB
234 * print the error message set by the lower level routine in jcr->errmsg.
236 if (jcr->xattr_ctx->nr_errors < XATTR_MAX_ERROR_PRINT_PER_JOB) {
237 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
239 jcr->xattr_ctx->nr_errors++;
248 * Restore any data streams that are restored after the file
249 * is fully restored and has its attributes restored. Things
250 * like acls and xattr are restored after we set the file
251 * attributes otherwise we might clear some security flags
252 * by setting the attributes.
254 static inline bool pop_delayed_data_streams(r_ctx &rctx)
256 RESTORE_DATA_STREAM *rds;
260 * See if there is anything todo.
262 if (!rctx.delayed_streams ||
263 rctx.delayed_streams->empty()) {
268 * Only process known delayed data streams here.
269 * If you start using more delayed data streams
270 * be sure to add them in this loop and add the
273 * Currently we support delayed data stream
274 * processing for the following type of streams:
278 foreach_alist(rds, rctx.delayed_streams) {
279 switch (rds->stream) {
280 case STREAM_UNIX_ACCESS_ACL:
281 case STREAM_UNIX_DEFAULT_ACL:
282 case STREAM_ACL_AIX_TEXT:
283 case STREAM_ACL_DARWIN_ACCESS:
284 case STREAM_ACL_FREEBSD_DEFAULT:
285 case STREAM_ACL_FREEBSD_ACCESS:
286 case STREAM_ACL_HPUX_ACL_ENTRY:
287 case STREAM_ACL_IRIX_DEFAULT:
288 case STREAM_ACL_IRIX_ACCESS:
289 case STREAM_ACL_LINUX_DEFAULT:
290 case STREAM_ACL_LINUX_ACCESS:
291 case STREAM_ACL_TRU64_DEFAULT:
292 case STREAM_ACL_TRU64_DEFAULT_DIR:
293 case STREAM_ACL_TRU64_ACCESS:
294 case STREAM_ACL_SOLARIS_POSIX:
295 case STREAM_ACL_SOLARIS_NFS4:
296 case STREAM_ACL_AFS_TEXT:
297 case STREAM_ACL_AIX_AIXC:
298 case STREAM_ACL_AIX_NFS4:
299 case STREAM_ACL_FREEBSD_NFS4:
300 case STREAM_ACL_HURD_DEFAULT:
301 case STREAM_ACL_HURD_ACCESS:
302 if (!do_restore_acl(jcr, rds->stream, rds->content, rds->content_length)) {
306 case STREAM_XATTR_HURD:
307 case STREAM_XATTR_IRIX:
308 case STREAM_XATTR_TRU64:
309 case STREAM_XATTR_AIX:
310 case STREAM_XATTR_OPENBSD:
311 case STREAM_XATTR_SOLARIS_SYS:
312 case STREAM_XATTR_DARWIN:
313 case STREAM_XATTR_FREEBSD:
314 case STREAM_XATTR_LINUX:
315 case STREAM_XATTR_NETBSD:
316 if (!do_restore_xattr(jcr, rds->stream, rds->content, rds->content_length)) {
321 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
331 drop_delayed_restore_streams(rctx, true);
335 drop_delayed_restore_streams(rctx, true);
341 * Restore the requested files.
343 void do_restore(JCR *jcr)
346 uint32_t VolSessionId, VolSessionTime;
348 char ec1[50]; /* Buffer printing huge values */
349 uint32_t buf_size; /* client buffer size */
351 int64_t rsrc_len = 0; /* Original length of resource fork */
354 /* ***FIXME*** make configurable */
355 crypto_digest_t signing_algorithm = have_sha2 ?
356 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
357 memset(&rctx, 0, sizeof(rctx));
360 /* The following variables keep track of "known unknowns" */
361 int non_suppored_data = 0;
362 int non_suppored_attr = 0;
363 int non_suppored_rsrc = 0;
364 int non_suppored_finfo = 0;
365 int non_suppored_acl = 0;
366 int non_suppored_progname = 0;
367 int non_suppored_crypto = 0;
368 int non_suppored_xattr = 0;
370 sd = jcr->store_bsock;
371 jcr->setJobStatus(JS_Running);
374 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
377 buf_size = client->max_network_buffer_size;
379 buf_size = 0; /* use default */
381 if (!sd->set_buffer_size(buf_size, BNET_SETBUF_WRITE)) {
382 jcr->setJobStatus(JS_ErrorTerminated);
385 jcr->buf_size = sd->msglen;
387 /* use the same buffer size to decompress both gzip and lzo */
388 if (have_libz || have_lzo) {
389 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
390 jcr->compress_buf = get_memory(compress_buf_size);
391 jcr->compress_buf_size = compress_buf_size;
396 fdmsg = New(GetMsg(jcr, sd, rec_header, GETMSG_MAX_MSG_SIZE));
398 fdmsg->start_read_sock();
399 bmessage *bmsg = fdmsg->new_msg(); /* get a message, to exchange with fdmsg */
402 if (lzo_init() != LZO_E_OK) {
403 Jmsg(jcr, M_FATAL, 0, _("LZO init failed\n"));
409 rctx.cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
410 if (have_darwin_os) {
411 rctx.fork_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
416 * Get a record from the Storage daemon. We are guaranteed to
417 * receive records in the following order:
418 * 1. Stream record header
419 * 2. Stream data (one or more of the following in the order given)
420 * a. Attributes (Unix or Windows)
421 * b. Possibly stream encryption session data (e.g., symmetric session key)
422 * c. File data for the file
423 * d. Alternate data stream (e.g. Resource Fork)
427 * h. Possibly a cryptographic signature
428 * i. Possibly MD5 or SHA1 record
431 * NOTE: We keep track of two bacula file descriptors:
432 * 1. bfd for file data.
433 * This fd is opened for non empty files when an attribute stream is
434 * encountered and closed when we find the next attribute stream.
435 * 2. fork_bfd for alternate data streams
436 * This fd is opened every time we encounter a new alternate data
437 * stream for the current file. When we find any other stream, we
439 * The expected size of the stream, fork_len, should be set when
441 * 3. Not all the stream data records are required -- e.g. if there
442 * is no fork, there is no alternate data stream, no ACL, ...
445 binit(&rctx.forkbfd);
446 attr = rctx.attr = new_attr(jcr);
448 jcr->acl_ctx = (acl_ctx_t *)malloc(sizeof(acl_ctx_t));
449 memset(jcr->acl_ctx, 0, sizeof(acl_ctx_t));
452 jcr->xattr_ctx = (xattr_ctx_t *)malloc(sizeof(xattr_ctx_t));
453 memset(jcr->xattr_ctx, 0, sizeof(xattr_ctx_t));
457 while (fdmsg->bget_msg(&bmsg) >= 0 && !job_canceled(jcr)) {
458 /* Remember previous stream type */
459 rctx.prev_stream = rctx.stream;
461 /* First we expect a Stream Record Header */
463 if (sscanf(bmsg->rbuf, rec_header, &VolSessionId, &VolSessionTime, &file_index,
464 &rctx.full_stream, &rctx.size) != 5) {
465 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), bmsg->rbuf);
468 /* Strip off new stream high bits */
469 rctx.stream = rctx.full_stream & STREAMMASK_TYPE;
471 /* Now we expect the Stream Data */
472 if (fdmsg->bget_msg(&bmsg) < 0) {
473 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), sd->bstrerror());
476 if (rctx.size != (uint32_t)bmsg->origlen) {
477 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
478 bmsg->origlen, rctx.size);
479 Dmsg2(50, "Actual data size %d not same as header %d\n",
480 bmsg->origlen, rctx.size);
483 Dmsg3(620, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream),
484 bmsg->msglen, rctx.extract);
486 /* If we change streams, close and reset alternate data streams */
487 if (rctx.prev_stream != rctx.stream) {
488 if (is_bopen(&rctx.forkbfd)) {
489 deallocate_fork_cipher(rctx);
490 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
492 /* Use an impossible value and set a proper one below */
497 /* File Attributes stream */
498 switch (rctx.stream) {
499 case STREAM_UNIX_ATTRIBUTES:
500 case STREAM_UNIX_ATTRIBUTES_EX:
501 /* if any previous stream open, close it */
502 if (!close_previous_stream(rctx)) {
507 * TODO: manage deleted files
509 if (rctx.type == FT_DELETED) { /* deleted file */
513 * Restore objects should be ignored here -- they are
514 * returned at the beginning of the restore.
516 if (IS_FT_OBJECT(rctx.type)) {
521 * Unpack attributes and do sanity check them
523 if (!unpack_attributes_record(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen, attr)) {
527 attr->data_stream = decode_stat(attr->attr, &attr->statp, sizeof(attr->statp), &attr->LinkFI);
529 Dmsg5(100, "Stream %d: %s, File %s\nattrib=%s\nattribsEx=%s\n",
530 attr->data_stream, stream_to_ascii(attr->data_stream),
531 attr->fname, attr->attr, attr->attrEx);
532 Dmsg3(100, "=== msglen=%d attrExlen=%d msg=%s\n", bmsg->rbuflen,
533 strlen(attr->attrEx), bmsg->rbuf);
535 if (!is_restore_stream_supported(attr->data_stream)) {
536 Dmsg2(15, "Non-supported data stream %d: %s\n",
537 attr->data_stream, stream_to_ascii(attr->data_stream));
538 if (!non_suppored_data++) {
539 Jmsg(jcr, M_WARNING, 0, _("%s stream not supported on this Client.\n"),
540 stream_to_ascii(attr->data_stream));
545 build_attr_output_fnames(jcr, attr);
548 * Try to actually create the file, which returns a status telling
549 * us if we need to extract or not.
551 jcr->num_files_examined++;
552 rctx.extract = false;
553 stat = CF_CORE; /* By default, let Bacula's core handle it */
556 stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
559 if (stat == CF_CORE) {
560 stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
563 pm_strcpy(jcr->last_fname, attr->ofname);
564 jcr->last_type = attr->type;
566 Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
572 case CF_EXTRACT: /* File created and we expect file data */
574 /* FALLTHROUGH WANTED */
575 case CF_CREATED: /* File created, but there is no content */
576 /* File created, but there is no content */
578 print_ls_output(jcr, attr);
580 if (have_darwin_os) {
581 /* Only restore the resource fork for regular files */
582 from_base64(&rsrc_len, attr->attrEx);
583 if (attr->type == FT_REG && rsrc_len > 0) {
588 * Do not count the resource forks as regular files being restored.
598 /* set attributes now because file will not be extracted */
600 plugin_set_attributes(jcr, attr, &rctx.bfd);
602 set_attributes(jcr, attr, &rctx.bfd);
610 case STREAM_ENCRYPTED_SESSION_DATA:
611 crypto_error_t cryptoerr;
613 /* The current file will not be extracted, do not create a crypto session */
618 /* Is this an unexpected session data entry? */
620 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
621 rctx.extract = false;
626 /* Do we have any keys at all? */
627 if (!jcr->crypto.pki_recipients) {
628 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
629 rctx.extract = false;
634 if (jcr->crypto.digest) {
635 crypto_digest_free(jcr->crypto.digest);
637 jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
638 if (!jcr->crypto.digest) {
639 Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
640 rctx.extract = false;
645 /* Decode and save session keys. */
646 cryptoerr = crypto_session_decode((uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen,
647 jcr->crypto.pki_recipients, &rctx.cs);
649 case CRYPTO_ERROR_NONE:
652 case CRYPTO_ERROR_NORECIPIENT:
653 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
655 case CRYPTO_ERROR_DECRYPTION:
656 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
658 case CRYPTO_ERROR_NOSIGNER:
659 Jmsg(jcr, M_ERROR, 0, _("Signer not found. Decryption failed.\n"));
661 case CRYPTO_ERROR_INVALID_DIGEST:
662 Jmsg(jcr, M_ERROR, 0, _("Unsupported digest algorithm. Decrypt failed.\n"));
664 case CRYPTO_ERROR_INVALID_CRYPTO:
665 Jmsg(jcr, M_ERROR, 0, _("Unsupported encryption algorithm. Decrypt failed.\n"));
668 /* This shouldn't happen */
669 Jmsg2(jcr, M_ERROR, 0, _("An error=%d occurred while decoding encrypted session data stream: ERR=%s\n"),
670 cryptoerr, crypto_strerror(cryptoerr));
674 if (cryptoerr != CRYPTO_ERROR_NONE) {
675 rctx.extract = false;
682 case STREAM_FILE_DATA:
683 case STREAM_SPARSE_DATA:
684 case STREAM_WIN32_DATA:
685 case STREAM_GZIP_DATA:
686 case STREAM_SPARSE_GZIP_DATA:
687 case STREAM_WIN32_GZIP_DATA:
688 case STREAM_COMPRESSED_DATA:
689 case STREAM_SPARSE_COMPRESSED_DATA:
690 case STREAM_WIN32_COMPRESSED_DATA:
691 case STREAM_ENCRYPTED_FILE_DATA:
692 case STREAM_ENCRYPTED_WIN32_DATA:
693 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
694 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
695 case STREAM_ENCRYPTED_FILE_COMPRESSED_DATA:
696 case STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA:
697 /* Force an expected, consistent stream type here */
698 if (rctx.extract && (rctx.prev_stream == rctx.stream
699 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
700 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
701 || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
704 if (rctx.stream == STREAM_SPARSE_DATA
705 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
706 || rctx.stream == STREAM_SPARSE_GZIP_DATA) {
707 rctx.flags |= FO_SPARSE;
710 if (rctx.stream == STREAM_GZIP_DATA
711 || rctx.stream == STREAM_SPARSE_GZIP_DATA
712 || rctx.stream == STREAM_WIN32_GZIP_DATA
713 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
714 || rctx.stream == STREAM_COMPRESSED_DATA
715 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
716 || rctx.stream == STREAM_WIN32_COMPRESSED_DATA
717 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
718 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
719 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
720 rctx.flags |= FO_COMPRESS;
721 rctx.comp_stream = rctx.stream;
724 if (rctx.stream == STREAM_ENCRYPTED_FILE_DATA
725 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
726 || rctx.stream == STREAM_ENCRYPTED_WIN32_DATA
727 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
728 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
729 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
730 /* Set up a decryption context */
731 if (!rctx.cipher_ctx.cipher) {
733 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
734 rctx.extract = false;
739 if ((rctx.cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false,
740 &rctx.cipher_ctx.block_size)) == NULL) {
741 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
743 rctx.extract = false;
748 rctx.flags |= FO_ENCRYPT;
751 if (is_win32_stream(rctx.stream) &&
752 (win32decomp || !have_win32_api())) {
753 set_portable_backup(&rctx.bfd);
754 rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
757 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
758 rctx.extract = false;
766 * Resource fork stream - only recorded after a file to be restored
767 * Silently ignore if we cannot write - we already reported that
769 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
770 case STREAM_MACOS_FORK_DATA:
771 if (have_darwin_os) {
773 jcr->ff->flags |= FO_HFSPLUS;
775 if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
776 rctx.fork_flags |= FO_ENCRYPT;
778 /* Set up a decryption context */
779 if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
781 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
782 rctx.extract = false;
787 if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
788 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
790 rctx.extract = false;
798 if (rctx.prev_stream != rctx.stream) {
799 if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
800 Jmsg(jcr, M_WARNING, 0, _("Cannot open resource fork for %s.\n"), jcr->last_fname);
801 rctx.extract = false;
805 rctx.fork_size = rsrc_len;
806 Dmsg0(130, "Restoring resource fork\n");
809 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
810 rctx.extract = false;
811 bclose(&rctx.forkbfd);
820 case STREAM_HFSPLUS_ATTRIBUTES:
821 if (have_darwin_os) {
822 if (!restore_finderinfo(jcr, bmsg->rbuf, bmsg->rbuflen)) {
826 non_suppored_finfo++;
830 case STREAM_UNIX_ACCESS_ACL:
831 case STREAM_UNIX_DEFAULT_ACL:
832 case STREAM_ACL_AIX_TEXT:
833 case STREAM_ACL_DARWIN_ACCESS:
834 case STREAM_ACL_FREEBSD_DEFAULT:
835 case STREAM_ACL_FREEBSD_ACCESS:
836 case STREAM_ACL_HPUX_ACL_ENTRY:
837 case STREAM_ACL_IRIX_DEFAULT:
838 case STREAM_ACL_IRIX_ACCESS:
839 case STREAM_ACL_LINUX_DEFAULT:
840 case STREAM_ACL_LINUX_ACCESS:
841 case STREAM_ACL_TRU64_DEFAULT:
842 case STREAM_ACL_TRU64_DEFAULT_DIR:
843 case STREAM_ACL_TRU64_ACCESS:
844 case STREAM_ACL_SOLARIS_POSIX:
845 case STREAM_ACL_SOLARIS_NFS4:
846 case STREAM_ACL_AFS_TEXT:
847 case STREAM_ACL_AIX_AIXC:
848 case STREAM_ACL_AIX_NFS4:
849 case STREAM_ACL_FREEBSD_NFS4:
850 case STREAM_ACL_HURD_DEFAULT:
851 case STREAM_ACL_HURD_ACCESS:
853 * Do not restore ACLs when
854 * a) The current file is not extracted
855 * b) and it is not a directory (they are never "extracted")
856 * c) or the file name is empty
858 if ((!rctx.extract &&
859 jcr->last_type != FT_DIREND) ||
860 (*jcr->last_fname == 0)) {
865 * For anything that is not a directory we delay
866 * the restore of acls till a later stage.
868 if (jcr->last_type != FT_DIREND) {
869 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
871 if (!do_restore_acl(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
880 case STREAM_XATTR_HURD:
881 case STREAM_XATTR_IRIX:
882 case STREAM_XATTR_TRU64:
883 case STREAM_XATTR_AIX:
884 case STREAM_XATTR_OPENBSD:
885 case STREAM_XATTR_SOLARIS_SYS:
886 case STREAM_XATTR_DARWIN:
887 case STREAM_XATTR_FREEBSD:
888 case STREAM_XATTR_LINUX:
889 case STREAM_XATTR_NETBSD:
891 * Do not restore Extended Attributes when
892 * a) The current file is not extracted
893 * b) and it is not a directory (they are never "extracted")
894 * c) or the file name is empty
896 if ((!rctx.extract &&
897 jcr->last_type != FT_DIREND) ||
898 (*jcr->last_fname == 0)) {
903 * For anything that is not a directory we delay
904 * the restore of xattr till a later stage.
906 if (jcr->last_type != FT_DIREND) {
907 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
909 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
914 non_suppored_xattr++;
918 case STREAM_XATTR_SOLARIS:
920 * Do not restore Extended Attributes when
921 * a) The current file is not extracted
922 * b) and it is not a directory (they are never "extracted")
923 * c) or the file name is empty
925 if ((!rctx.extract &&
926 jcr->last_type != FT_DIREND) ||
927 (*jcr->last_fname == 0)) {
931 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
935 non_suppored_xattr++;
939 case STREAM_SIGNED_DIGEST:
940 /* Is this an unexpected signature? */
942 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
943 free_signature(rctx);
946 /* Save signature. */
947 if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen)) == NULL) {
948 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
952 case STREAM_MD5_DIGEST:
953 case STREAM_SHA1_DIGEST:
954 case STREAM_SHA256_DIGEST:
955 case STREAM_SHA512_DIGEST:
958 case STREAM_PROGRAM_NAMES:
959 case STREAM_PROGRAM_DATA:
960 if (!non_suppored_progname) {
961 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
962 non_suppored_progname++;
966 case STREAM_PLUGIN_NAME:
967 if (!close_previous_stream(rctx)) {
970 Dmsg1(150, "restore stream_plugin_name=%s\n", bmsg->rbuf);
971 plugin_name_stream(jcr, bmsg->rbuf);
974 case STREAM_RESTORE_OBJECT:
975 break; /* these are sent by Director */
978 if (!close_previous_stream(rctx)) {
981 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
983 Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, bmsg->rbuf);
985 } /* end switch(stream) */
987 } /* end while get_msg() */
990 * If output file is still open, it was the last one in the
991 * archive since we just hit an end of file, so close the file.
993 if (is_bopen(&rctx.forkbfd)) {
994 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
997 if (!close_previous_stream(rctx)) {
1000 jcr->setJobStatus(JS_Terminated);
1004 jcr->setJobStatus(JS_ErrorTerminated);
1008 fdmsg->wait_read_sock();
1013 * First output the statistics.
1015 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
1016 edit_uint64(jcr->JobBytes, ec1));
1017 if (have_acl && jcr->acl_ctx->nr_errors > 0) {
1018 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld acl errors while doing restore\n"),
1019 jcr->acl_ctx->nr_errors);
1021 if (have_xattr && jcr->xattr_ctx->nr_errors > 0) {
1022 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld xattr errors while doing restore\n"),
1023 jcr->xattr_ctx->nr_errors);
1025 if (non_suppored_data > 1 || non_suppored_attr > 1) {
1026 Jmsg(jcr, M_WARNING, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
1027 non_suppored_data, non_suppored_attr);
1029 if (non_suppored_rsrc) {
1030 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_suppored_rsrc);
1032 if (non_suppored_finfo) {
1033 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_suppored_finfo);
1035 if (non_suppored_acl) {
1036 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_suppored_acl);
1038 if (non_suppored_crypto) {
1039 Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_suppored_acl);
1041 if (non_suppored_xattr) {
1042 Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_suppored_xattr);
1045 /* Free Signature & Crypto Data */
1046 free_signature(rctx);
1048 if (jcr->crypto.digest) {
1049 crypto_digest_free(jcr->crypto.digest);
1050 jcr->crypto.digest = NULL;
1053 /* Free file cipher restore context */
1054 if (rctx.cipher_ctx.cipher) {
1055 crypto_cipher_free(rctx.cipher_ctx.cipher);
1056 rctx.cipher_ctx.cipher = NULL;
1059 if (rctx.cipher_ctx.buf) {
1060 free_pool_memory(rctx.cipher_ctx.buf);
1061 rctx.cipher_ctx.buf = NULL;
1064 /* Free alternate stream cipher restore context */
1065 if (rctx.fork_cipher_ctx.cipher) {
1066 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1067 rctx.fork_cipher_ctx.cipher = NULL;
1069 if (rctx.fork_cipher_ctx.buf) {
1070 free_pool_memory(rctx.fork_cipher_ctx.buf);
1071 rctx.fork_cipher_ctx.buf = NULL;
1074 if (jcr->compress_buf) {
1075 free_pool_memory(jcr->compress_buf);
1076 jcr->compress_buf = NULL;
1077 jcr->compress_buf_size = 0;
1080 if (have_acl && jcr->acl_ctx) {
1081 if (jcr->acl_ctx->content) {
1082 free(jcr->acl_ctx->content);
1085 jcr->acl_ctx = NULL;
1088 if (have_xattr && jcr->xattr_ctx) {
1089 if (jcr->xattr_ctx->content) {
1090 free(jcr->xattr_ctx->content);
1092 free(jcr->xattr_ctx);
1093 jcr->xattr_ctx = NULL;
1096 /* Free the delayed stream stack list. */
1097 if (rctx.delayed_streams) {
1098 drop_delayed_restore_streams(rctx, false);
1099 delete rctx.delayed_streams;
1103 bclose(&rctx.forkbfd);
1105 free_attr(rctx.attr);
1110 * Convert ZLIB error code into an ASCII message
1112 static const char *zlib_strerror(int stat)
1119 return _("Zlib errno");
1120 case Z_STREAM_ERROR:
1121 return _("Zlib stream error");
1123 return _("Zlib data error");
1125 return _("Zlib memory error");
1127 return _("Zlib buffer error");
1128 case Z_VERSION_ERROR:
1129 return _("Zlib version error");
1136 static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
1138 Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
1139 return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
1142 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length)
1147 unser_begin(*data, OFFSET_FADDR_SIZE);
1148 unser_uint64(faddr);
1149 if (*addr != faddr) {
1151 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
1153 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
1154 edit_uint64(*addr, ec1), jcr->last_fname,
1155 be.bstrerror(bfd->berrno));
1159 *data += OFFSET_FADDR_SIZE;
1160 *length -= OFFSET_FADDR_SIZE;
1164 bool decompress_data(JCR *jcr, int32_t stream, char **data, uint32_t *length)
1166 #if defined(HAVE_LZO) || defined(HAVE_LIBZ)
1167 char ec1[50]; /* Buffer printing huge values */
1170 Dmsg1(200, "Stream found in decompress_data(): %d\n", stream);
1171 if(stream == STREAM_COMPRESSED_DATA || stream == STREAM_SPARSE_COMPRESSED_DATA || stream == STREAM_WIN32_COMPRESSED_DATA
1172 || stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA || stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA)
1174 uint32_t comp_magic, comp_len;
1175 uint16_t comp_level, comp_version;
1177 lzo_uint compress_len;
1178 const unsigned char *cbuf;
1179 int r, real_compress_len;
1182 /* read compress header */
1184 unser_begin(*data, sizeof(comp_stream_header));
1185 unser_uint32(comp_magic);
1186 unser_uint32(comp_len);
1187 unser_uint16(comp_level);
1188 unser_uint16(comp_version);
1189 Dmsg4(200, "Compressed data stream found: magic=0x%x, len=%d, level=%d, ver=0x%x\n", comp_magic, comp_len,
1190 comp_level, comp_version);
1193 if (comp_version != COMP_HEAD_VERSION) {
1194 Qmsg(jcr, M_ERROR, 0, _("Compressed header version error. Got=0x%x want=0x%x\n"), comp_version, COMP_HEAD_VERSION);
1198 if (comp_len + sizeof(comp_stream_header) != *length) {
1199 Qmsg(jcr, M_ERROR, 0, _("Compressed header size error. comp_len=%d, msglen=%d\n"),
1203 switch(comp_magic) {
1205 case COMPRESS_LZO1X:
1206 compress_len = jcr->compress_buf_size;
1207 cbuf = (const unsigned char*)*data + sizeof(comp_stream_header);
1208 real_compress_len = *length - sizeof(comp_stream_header);
1209 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1210 while ((r=lzo1x_decompress_safe(cbuf, real_compress_len,
1211 (unsigned char *)jcr->compress_buf, &compress_len, NULL)) == LZO_E_OUTPUT_OVERRUN)
1214 * The buffer size is too small, try with a bigger one
1216 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1217 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1218 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1221 if (r != LZO_E_OK) {
1222 Qmsg(jcr, M_ERROR, 0, _("LZO uncompression error on file %s. ERR=%d\n"),
1223 jcr->last_fname, r);
1226 *data = jcr->compress_buf;
1227 *length = compress_len;
1228 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1232 Qmsg(jcr, M_ERROR, 0, _("Compression algorithm 0x%x found, but not supported!\n"), comp_magic);
1241 * NOTE! We only use uLong and Byte because they are
1242 * needed by the zlib routines, they should not otherwise
1243 * be used in Bacula.
1245 compress_len = jcr->compress_buf_size;
1246 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1247 while ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
1248 (const Byte *)*data, (uLong)*length)) == Z_BUF_ERROR)
1250 /* The buffer size is too small, try with a bigger one. */
1251 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1252 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1253 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1257 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
1258 jcr->last_fname, zlib_strerror(stat));
1261 *data = jcr->compress_buf;
1262 *length = compress_len;
1263 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1266 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
1272 static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
1275 if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
1276 unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
1277 unser_uint32(ctx->packet_len);
1278 ctx->packet_len += CRYPTO_LEN_SIZE;
1282 static bool store_data(r_ctx &rctx, char *data, const int32_t length, bool win32_decomp)
1284 JCR *jcr = rctx.jcr;
1285 BFILE *bfd = &rctx.bfd;
1288 if (jcr->crypto.digest) {
1289 crypto_digest_update(jcr->crypto.digest, (uint8_t *)data, length);
1292 if (!processWin32BackupAPIBlock(bfd, data, length)) {
1294 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
1295 jcr->last_fname, be.bstrerror(bfd->berrno));
1300 if ((wstat=bwrite(bfd, data, length)) != (ssize_t)length) {
1303 int len = strlen(jcr->last_fname);
1305 * If this is the first write and the "file" is a directory
1306 * or a drive letter, then only issue a warning as we are
1307 * not able to reset the metadata, then continue.
1308 * If the above is true and we have an error code 91
1309 * (directory not empty), supress the error entirely.
1311 if (bfd->block == 0 && len >= 2 && (jcr->last_fname[len-1] == '/' ||
1312 jcr->last_fname[len-1] == ':')) {
1314 if (bfd->lerror == 91) { /* Directory not empty */
1315 type = 0; /* suppress error */
1320 /* Insufficient bytes written */
1321 Jmsg4(jcr, type, 0, _("Wrong write size error at byte=%lld block=%d wanted=%d wrote=%d\n"),
1322 bfd->total_bytes, bfd->block, length, wstat);
1325 Jmsg6(jcr, type, 0, _("Write error at byte=%lld block=%d write_len=%d lerror=%d on %s: ERR=%s\n"),
1326 bfd->total_bytes, bfd->block, length, bfd->lerror,
1327 jcr->last_fname, be.bstrerror(bfd->berrno));
1331 /* Ignore errors? */
1332 if (type == M_WARNING || type == 0 || no_win32_write_errors) {
1341 * In the context of jcr, write data to bfd.
1342 * We write buflen bytes in buf at addr. addr is updated in place.
1343 * The flags specify whether to use sparse files or compression.
1344 * Return value is the number of bytes written, or -1 on errors.
1346 int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen)
1348 JCR *jcr = rctx.jcr;
1349 BFILE *bfd = &rctx.bfd;
1350 int flags = rctx.flags;
1351 int32_t stream = rctx.stream;
1352 RESTORE_CIPHER_CTX *cipher_ctx = &rctx.cipher_ctx;
1353 char *wbuf; /* write buffer */
1354 uint32_t wsize; /* write size */
1355 uint32_t rsize; /* read size */
1356 uint32_t decrypted_len = 0; /* Decryption output length */
1357 char ec1[50]; /* Buffer printing huge values */
1360 jcr->ReadBytes += rsize;
1364 if (flags & FO_ENCRYPT) {
1365 ASSERT(cipher_ctx->cipher);
1368 * Grow the crypto buffer, if necessary.
1369 * crypto_cipher_update() will process only whole blocks,
1370 * buffering the remaining input.
1372 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1373 cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
1375 /* Decrypt the input block */
1376 if (!crypto_cipher_update(cipher_ctx->cipher,
1377 (const u_int8_t *)wbuf,
1379 (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1381 /* Decryption failed. Shouldn't happen. */
1382 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
1386 if (decrypted_len == 0) {
1387 /* No full block of encrypted data available, write more data */
1391 Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
1393 cipher_ctx->buf_len += decrypted_len;
1394 wbuf = cipher_ctx->buf;
1396 /* If one full preserved block is available, write it to disk,
1397 * and then buffer any remaining data. This should be effecient
1398 * as long as Bacula's block size is not significantly smaller than the
1399 * encryption block size (extremely unlikely!)
1401 unser_crypto_packet_len(cipher_ctx);
1402 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1404 if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
1405 /* No full preserved block is available. */
1409 /* We have one full block, set up the filter input buffers */
1410 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1411 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1412 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1413 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1416 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1417 if (!sparse_data(jcr, bfd, &rctx.fileAddr, &wbuf, &wsize)) {
1422 if (flags & FO_COMPRESS) {
1423 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1428 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1431 jcr->JobBytes += wsize;
1432 rctx.fileAddr += wsize;
1433 Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1435 /* Clean up crypto buffers */
1436 if (flags & FO_ENCRYPT) {
1437 /* Move any remaining data to start of buffer */
1438 if (cipher_ctx->buf_len > 0) {
1439 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1440 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1441 cipher_ctx->buf_len);
1443 /* The packet was successfully written, reset the length so that
1444 * the next packet length may be re-read by unser_crypto_packet_len() */
1445 cipher_ctx->packet_len = 0;
1454 * If extracting, close any previous stream
1456 static bool close_previous_stream(r_ctx &rctx)
1461 * If extracting, it was from previous stream, so
1462 * close the output file and validate the signature.
1465 if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
1466 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
1467 Pmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
1468 is_bopen(&rctx.bfd));
1471 if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
1472 deallocate_cipher(rctx);
1473 deallocate_fork_cipher(rctx);
1476 if (rctx.jcr->plugin) {
1477 plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1479 set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1481 rctx.extract = false;
1483 /* Now perform the delayed restore of some specific data streams. */
1484 rtn = pop_delayed_data_streams(rctx);
1486 /* Verify the cryptographic signature, if any */
1487 rctx.type = rctx.attr->type;
1488 verify_signature(rctx);
1490 /* Free Signature */
1491 free_signature(rctx);
1493 rctx.jcr->ff->flags = 0;
1494 Dmsg0(130, "Stop extracting.\n");
1495 } else if (is_bopen(&rctx.bfd)) {
1496 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
1497 Pmsg0(000, "=== logic error !open\n");
1505 * In the context of jcr, flush any remaining data from the cipher context,
1506 * writing it to bfd.
1507 * Return value is true on success, false on failure.
1509 bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
1510 RESTORE_CIPHER_CTX *cipher_ctx)
1512 JCR *jcr = rctx.jcr;
1513 uint32_t decrypted_len = 0;
1514 char *wbuf; /* write buffer */
1515 uint32_t wsize; /* write size */
1516 char ec1[50]; /* Buffer printing huge values */
1517 bool second_pass = false;
1520 /* Write out the remaining block and free the cipher context */
1521 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1522 cipher_ctx->buf_len + cipher_ctx->block_size);
1524 if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1526 /* Writing out the final, buffered block failed. Shouldn't happen. */
1527 Jmsg3(jcr, M_ERROR, 0, _("Decryption error. buf_len=%d decrypt_len=%d on file %s\n"),
1528 cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
1531 Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
1532 /* If nothing new was decrypted, and our output buffer is empty, return */
1533 if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
1537 cipher_ctx->buf_len += decrypted_len;
1539 unser_crypto_packet_len(cipher_ctx);
1540 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1541 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1542 /* Decrypted, possibly decompressed output here. */
1543 wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1544 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1545 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1547 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1548 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1553 if (flags & FO_COMPRESS) {
1554 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1559 Dmsg0(130, "Call store_data\n");
1560 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1563 jcr->JobBytes += wsize;
1564 Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1566 /* Move any remaining data to start of buffer. */
1567 if (cipher_ctx->buf_len > 0) {
1568 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1569 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1570 cipher_ctx->buf_len);
1572 /* The packet was successfully written, reset the length so that the next
1573 * packet length may be re-read by unser_crypto_packet_len() */
1574 cipher_ctx->packet_len = 0;
1576 if (cipher_ctx->buf_len >0 && !second_pass) {
1581 /* Stop decryption */
1582 cipher_ctx->buf_len = 0;
1583 cipher_ctx->packet_len = 0;
1588 static void deallocate_cipher(r_ctx &rctx)
1590 /* Flush and deallocate previous stream's cipher context */
1591 if (rctx.cipher_ctx.cipher) {
1592 flush_cipher(rctx, &rctx.bfd, &rctx.fileAddr, rctx.flags, rctx.comp_stream, &rctx.cipher_ctx);
1593 crypto_cipher_free(rctx.cipher_ctx.cipher);
1594 rctx.cipher_ctx.cipher = NULL;
1598 static void deallocate_fork_cipher(r_ctx &rctx)
1601 /* Flush and deallocate previous stream's fork cipher context */
1602 if (rctx.fork_cipher_ctx.cipher) {
1603 flush_cipher(rctx, &rctx.forkbfd, &rctx.fork_addr, rctx.fork_flags, rctx.comp_stream, &rctx.fork_cipher_ctx);
1604 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1605 rctx.fork_cipher_ctx.cipher = NULL;
1609 static void free_signature(r_ctx &rctx)
1612 crypto_sign_free(rctx.sig);
1617 static void free_session(r_ctx &rctx)
1620 crypto_session_free(rctx.cs);
1626 * Verify the signature for the last restored file
1627 * Return value is either true (signature correct)
1628 * or false (signature could not be verified).
1629 * TODO landonf: Implement without using find_one_file and
1630 * without re-reading the file.
1632 static bool verify_signature(r_ctx &rctx)
1634 JCR *jcr = rctx.jcr;
1635 X509_KEYPAIR *keypair;
1636 DIGEST *digest = NULL;
1638 uint64_t saved_bytes;
1639 crypto_digest_t signing_algorithm = have_sha2 ?
1640 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
1641 crypto_digest_t algorithm;
1642 SIGNATURE *sig = rctx.sig;
1645 if (!jcr->crypto.pki_sign) {
1646 /* no signature OK */
1650 if (rctx.type == FT_REGE || rctx.type == FT_REG || rctx.type == FT_RAW) {
1651 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"),
1658 /* Iterate through the trusted signers */
1659 foreach_alist(keypair, jcr->crypto.pki_signers) {
1660 err = crypto_sign_get_digest(sig, jcr->crypto.pki_keypair, algorithm, &digest);
1662 case CRYPTO_ERROR_NONE:
1663 Dmsg0(50, "== Got digest\n");
1665 * We computed jcr->crypto.digest using signing_algorithm while writing
1666 * the file. If it is not the same as the algorithm used for
1667 * this file, punt by releasing the computed algorithm and
1668 * computing by re-reading the file.
1670 if (algorithm != signing_algorithm) {
1671 if (jcr->crypto.digest) {
1672 crypto_digest_free(jcr->crypto.digest);
1673 jcr->crypto.digest = NULL;
1676 if (jcr->crypto.digest) {
1677 /* Use digest computed while writing the file to verify
1679 if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
1680 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1681 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1682 jcr->last_fname, crypto_strerror(err));
1686 /* Signature found, digest allocated. Old method,
1687 * re-read the file and compute the digest */
1688 jcr->crypto.digest = digest;
1690 /* Checksum the entire file
1691 * Make sure we don't modify JobBytes by saving and
1693 saved_bytes = jcr->JobBytes;
1694 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
1695 Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
1697 jcr->JobBytes = saved_bytes;
1700 jcr->JobBytes = saved_bytes;
1702 /* Verify the signature */
1703 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
1704 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1705 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1706 jcr->last_fname, crypto_strerror(err));
1709 jcr->crypto.digest = NULL;
1712 /* Valid signature */
1713 Dmsg1(50, "Signature good on %s\n", jcr->last_fname);
1714 crypto_digest_free(digest);
1717 case CRYPTO_ERROR_NOSIGNER:
1718 /* Signature not found, try again */
1720 crypto_digest_free(digest);
1725 /* Something strange happened (that shouldn't happen!)... */
1726 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
1732 Dmsg1(50, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
1736 crypto_digest_free(digest);