2 Bacula® - The Network Backup Solution
4 Copyright (C) 2000-2008 Free Software Foundation Europe e.V.
6 The main author of Bacula is Kern Sibbald, with contributions from
7 many others, a complete list can be found in the file AUTHORS.
8 This program is Free Software; you can redistribute it and/or
9 modify it under the terms of version two of the GNU General Public
10 License as published by the Free Software Foundation and included
13 This program is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 Bacula® is a registered trademark of Kern Sibbald.
24 The licensor of Bacula is the Free Software Foundation Europe
25 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
26 Switzerland, email:ftf@fsfeurope.org.
29 * Bacula File Daemon restore.c Restorefiles.
31 * Kern Sibbald, November MM
42 const bool have_darwin_os = true;
44 const bool have_darwin_os = false;
47 #if defined(HAVE_CRYPTO)
48 const bool have_crypto = true;
50 const bool have_crypto = false;
54 const bool have_acl = true;
56 const bool have_acl = false;
60 const bool have_sha2 = true;
62 const bool have_sha2 = false;
65 #if defined(HAVE_XATTR)
66 const bool have_xattr = true;
68 const bool have_xattr = false;
71 /* Data received from Storage Daemon */
72 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
74 typedef struct restore_cipher_ctx {
75 CIPHER_CONTEXT *cipher;
78 POOLMEM *buf; /* Pointer to descryption buffer */
79 int32_t buf_len; /* Count of bytes currently in buf */
80 int32_t packet_len; /* Total bytes in packet */
87 BFILE bfd; /* File content */
88 uint64_t fileAddr; /* file write address */
89 uint32_t size; /* Size of file */
90 int flags; /* Options for extract_data() */
91 BFILE forkbfd; /* Alternative data stream */
92 uint64_t fork_addr; /* Write address for alternative stream */
93 intmax_t fork_size; /* Size of alternate stream */
94 int fork_flags; /* Options for extract_data() */
95 int32_t type; /* file type FT_ */
96 ATTR *attr; /* Pointer to attributes */
97 bool extract; /* set when extracting */
99 SIGNATURE *sig; /* Cryptographic signature (if any) for file */
100 CRYPTO_SESSION *cs; /* Cryptographic session data (if any) for file */
101 RESTORE_CIPHER_CTX cipher_ctx; /* Cryptographic restore context (if any) for file */
102 RESTORE_CIPHER_CTX fork_cipher_ctx; /* Cryptographic restore context (if any) for alternative stream */
106 /* Forward referenced functions */
107 #if defined(HAVE_LIBZ)
108 static const char *zlib_strerror(int stat);
109 const bool have_libz = true;
111 const bool have_libz = false;
114 static void deallocate_cipher(r_ctx &rctx);
115 static void deallocate_fork_cipher(r_ctx &rctx);
116 static void free_signature(r_ctx &rctx);
117 static void free_session(r_ctx &rctx);
118 static void close_previous_stream(r_ctx &rctx);
122 static bool verify_signature(JCR *jcr, r_ctx &rctx);
123 int32_t extract_data(JCR *jcr, r_ctx &rctx, POOLMEM *buf, int32_t buflen,
124 uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx);
125 bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags,
126 RESTORE_CIPHER_CTX *cipher_ctx);
130 * Close a bfd check that we are at the expected file offset.
131 * Makes use of some code from set_attributes().
133 static int bclose_chksize(JCR *jcr, BFILE *bfd, boffset_t osize)
135 char ec1[50], ec2[50];
138 fsize = blseek(bfd, 0, SEEK_CUR);
139 bclose(bfd); /* first close file */
140 if (fsize > 0 && fsize != osize) {
141 Qmsg3(jcr, M_ERROR, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
142 jcr->last_fname, edit_uint64(osize, ec1),
143 edit_uint64(fsize, ec2));
151 * Restore the requested files.
154 void do_restore(JCR *jcr)
157 uint32_t VolSessionId, VolSessionTime;
159 char ec1[50]; /* Buffer printing huge values */
160 uint32_t buf_size; /* client buffer size */
162 intmax_t rsrc_len = 0; /* Original length of resource fork */
165 /* ***FIXME*** make configurable */
166 crypto_digest_t signing_algorithm = have_sha2 ?
167 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
168 memset(&rctx, 0, sizeof(rctx));
171 /* The following variables keep track of "known unknowns" */
172 int non_support_data = 0;
173 int non_support_attr = 0;
174 int non_support_rsrc = 0;
175 int non_support_finfo = 0;
176 int non_support_acl = 0;
177 int non_support_progname = 0;
178 int non_support_crypto = 0;
179 int non_support_xattr = 0;
181 #ifdef HAVE_DARWIN_OS
182 struct attrlist attrList;
183 memset(&attrList, 0, sizeof(attrList));
184 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
185 attrList.commonattr = ATTR_CMN_FNDRINFO;
189 sd = jcr->store_bsock;
190 set_jcr_job_status(jcr, JS_Running);
193 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
196 buf_size = client->max_network_buffer_size;
198 buf_size = 0; /* use default */
200 if (!bnet_set_buffer_size(sd, buf_size, BNET_SETBUF_WRITE)) {
201 set_jcr_job_status(jcr, JS_ErrorTerminated);
204 jcr->buf_size = sd->msglen;
206 /* St Bernard code goes here if implemented -- see end of file */
209 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
210 jcr->compress_buf = (char *)bmalloc(compress_buf_size);
211 jcr->compress_buf_size = compress_buf_size;
215 rctx.cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
216 if (have_darwin_os) {
217 rctx.fork_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
222 * Get a record from the Storage daemon. We are guaranteed to
223 * receive records in the following order:
224 * 1. Stream record header
225 * 2. Stream data (one or more of the following in the order given)
226 * a. Attributes (Unix or Win32)
227 * b. Possibly stream encryption session data (e.g., symmetric session key)
228 * c. File data for the file
229 * d. Alternate data stream (e.g. Resource Fork)
233 * h. Possibly a cryptographic signature
234 * i. Possibly MD5 or SHA1 record
237 * NOTE: We keep track of two bacula file descriptors:
238 * 1. bfd for file data.
239 * This fd is opened for non empty files when an attribute stream is
240 * encountered and closed when we find the next attribute stream.
241 * 2. fork_bfd for alternate data streams
242 * This fd is opened every time we encounter a new alternate data
243 * stream for the current file. When we find any other stream, we
245 * The expected size of the stream, fork_len, should be set when
247 * 3. Not all the stream data records are required -- e.g. if there
248 * is no fork, there is no alternate data stream, no ACL, ...
251 binit(&rctx.forkbfd);
252 attr = rctx.attr = new_attr(jcr);
254 jcr->acl_data = get_pool_memory(PM_MESSAGE);
255 jcr->total_acl_errors = 0;
258 jcr->xattr_data = get_pool_memory(PM_MESSAGE);
261 while (bget_msg(sd) >= 0 && !job_canceled(jcr)) {
262 /* Remember previous stream type */
263 rctx.prev_stream = rctx.stream;
265 /* First we expect a Stream Record Header */
266 if (sscanf(sd->msg, rec_header, &VolSessionId, &VolSessionTime, &file_index,
267 &rctx.stream, &rctx.size) != 5) {
268 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), sd->msg);
271 Dmsg5(50, "Got hdr: Files=%d FilInx=%d size=%d Stream=%d, %s.\n",
272 jcr->JobFiles, file_index, rctx.size, rctx.stream, stream_to_ascii(rctx.stream));
274 /* * Now we expect the Stream Data */
275 if (bget_msg(sd) < 0) {
276 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), sd->bstrerror());
279 if (rctx.size != (uint32_t)sd->msglen) {
280 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
281 sd->msglen, rctx.size);
282 Dmsg2(50, "Actual data size %d not same as header %d\n",
283 sd->msglen, rctx.size);
286 Dmsg3(130, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream),
287 sd->msglen, rctx.extract);
289 /* If we change streams, close and reset alternate data streams */
290 if (rctx.prev_stream != rctx.stream) {
291 if (is_bopen(&rctx.forkbfd)) {
292 deallocate_fork_cipher(rctx);
293 bclose_chksize(jcr, &rctx.forkbfd, rctx.fork_size);
295 rctx.fork_size = -1; /* Use an impossible value and set a proper one below */
299 /* File Attributes stream */
300 switch (rctx.stream) {
301 case STREAM_UNIX_ATTRIBUTES:
302 case STREAM_UNIX_ATTRIBUTES_EX:
303 close_previous_stream(rctx); /* if any previous stream open, close it */
306 /* TODO: manage deleted files */
307 if (rctx.type == FT_DELETED) { /* deleted file */
312 * Unpack attributes and do sanity check them
314 if (!unpack_attributes_record(jcr, rctx.stream, sd->msg, attr)) {
318 if (file_index != attr->file_index) {
319 Jmsg(jcr, M_FATAL, 0, _("Record header file index %ld not equal record index %ld\n"),
320 file_index, attr->file_index);
321 Dmsg0(200, "File index error\n");
326 Dmsg3(200, "File %s\nattrib=%s\nattribsEx=%s\n", attr->fname,
327 attr->attr, attr->attrEx);
329 attr->data_stream = decode_stat(attr->attr, &attr->statp, &attr->LinkFI);
331 if (!is_restore_stream_supported(attr->data_stream)) {
332 if (!non_support_data++) {
333 Jmsg(jcr, M_ERROR, 0, _("%s stream not supported on this Client.\n"),
334 stream_to_ascii(attr->data_stream));
339 build_attr_output_fnames(jcr, attr);
342 * Try to actually create the file, which returns a status telling
343 * us if we need to extract or not.
345 jcr->num_files_examined++;
346 rctx.extract = false;
348 stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
350 stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
353 pm_strcpy(jcr->last_fname, attr->ofname);
354 jcr->last_type = attr->type;
356 Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
360 pm_strcpy(jcr->last_fname, attr->ofname);
361 jcr->last_type = attr->type;
363 case CF_EXTRACT: /* File created and we expect file data */
366 case CF_CREATED: /* File created, but there is no content */
369 print_ls_output(jcr, attr);
371 if (have_darwin_os) {
372 /* Only restore the resource fork for regular files */
373 from_base64(&rsrc_len, attr->attrEx);
374 if (attr->type == FT_REG && rsrc_len > 0) {
379 /* set attributes now because file will not be extracted */
381 plugin_set_attributes(jcr, attr, &rctx.bfd);
383 set_attributes(jcr, attr, &rctx.bfd);
391 case STREAM_ENCRYPTED_SESSION_DATA:
392 crypto_error_t cryptoerr;
394 /* Is this an unexpected session data entry? */
396 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
397 rctx.extract = false;
402 /* Do we have any keys at all? */
403 if (!jcr->crypto.pki_recipients) {
404 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
405 rctx.extract = false;
410 if (jcr->crypto.digest) {
411 crypto_digest_free(jcr->crypto.digest);
413 jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
414 if (!jcr->crypto.digest) {
415 Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
416 rctx.extract = false;
421 /* Decode and save session keys. */
422 cryptoerr = crypto_session_decode((uint8_t *)sd->msg, (uint32_t)sd->msglen,
423 jcr->crypto.pki_recipients, &rctx.cs);
425 case CRYPTO_ERROR_NONE:
428 case CRYPTO_ERROR_NORECIPIENT:
429 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
431 case CRYPTO_ERROR_DECRYPTION:
432 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
435 /* Shouldn't happen */
436 Jmsg1(jcr, M_ERROR, 0, _("An error occurred while decoding encrypted session data stream: %s\n"), crypto_strerror(cryptoerr));
440 if (cryptoerr != CRYPTO_ERROR_NONE) {
441 rctx.extract = false;
448 case STREAM_FILE_DATA:
449 case STREAM_SPARSE_DATA:
450 case STREAM_WIN32_DATA:
451 case STREAM_GZIP_DATA:
452 case STREAM_SPARSE_GZIP_DATA:
453 case STREAM_WIN32_GZIP_DATA:
454 case STREAM_ENCRYPTED_FILE_DATA:
455 case STREAM_ENCRYPTED_WIN32_DATA:
456 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
457 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
458 /* Force an expected, consistent stream type here */
459 if (rctx.extract && (rctx.prev_stream == rctx.stream
460 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
461 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
462 || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
465 if (rctx.stream == STREAM_SPARSE_DATA ||
466 rctx.stream == STREAM_SPARSE_GZIP_DATA) {
467 rctx.flags |= FO_SPARSE;
470 if (rctx.stream == STREAM_GZIP_DATA
471 || rctx.stream == STREAM_SPARSE_GZIP_DATA
472 || rctx.stream == STREAM_WIN32_GZIP_DATA
473 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
474 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
475 rctx.flags |= FO_GZIP;
478 if (rctx.stream == STREAM_ENCRYPTED_FILE_DATA
479 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
480 || rctx.stream == STREAM_ENCRYPTED_WIN32_DATA
481 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
482 /* Set up a decryption context */
483 if (!rctx.cipher_ctx.cipher) {
485 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
486 rctx.extract = false;
491 if ((rctx.cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false,
492 &rctx.cipher_ctx.block_size)) == NULL) {
493 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
495 rctx.extract = false;
500 rctx.flags |= FO_ENCRYPT;
503 if (is_win32_stream(rctx.stream) && !have_win32_api()) {
504 set_portable_backup(&rctx.bfd);
505 rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
508 if (extract_data(jcr, rctx, sd->msg, sd->msglen, &rctx.fileAddr,
509 rctx.flags, &rctx.cipher_ctx) < 0) {
516 /* Resource fork stream - only recorded after a file to be restored */
517 /* Silently ignore if we cannot write - we already reported that */
518 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
519 case STREAM_MACOS_FORK_DATA:
520 #ifdef HAVE_DARWIN_OS
522 jcr->ff->flags |= FO_HFSPLUS;
524 if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
525 rctx.fork_flags |= FO_ENCRYPT;
527 /* Set up a decryption context */
528 if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
530 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
531 rctx.extract = false;
536 if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
537 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
539 rctx.extract = false;
547 if (rctx.prev_stream != rctx.stream) {
548 if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
549 Jmsg(jcr, M_ERROR, 0, _(" Cannot open resource fork for %s.\n"), jcr->last_fname);
550 rctx.extract = false;
554 rctx.fork_size = rsrc_len;
555 Dmsg0(130, "Restoring resource fork\n");
558 if (extract_data(jcr, rctx, sd->msg, sd->msglen, &rctx.fork_addr, rctx.fork_flags,
559 &rctx.fork_cipher_ctx) < 0) {
560 bclose(&rctx.forkbfd);
569 case STREAM_HFSPLUS_ATTRIBUTES:
570 #ifdef HAVE_DARWIN_OS
571 Dmsg0(130, "Restoring Finder Info\n");
572 jcr->ff->flags |= FO_HFSPLUS;
573 if (sd->msglen != 32) {
574 Jmsg(jcr, M_ERROR, 0, _(" Invalid length of Finder Info (got %d, not 32)\n"), sd->msglen);
577 if (setattrlist(jcr->last_fname, &attrList, sd->msg, sd->msglen, 0) != 0) {
578 Jmsg(jcr, M_ERROR, 0, _(" Could not set Finder Info on %s\n"), jcr->last_fname);
586 case STREAM_UNIX_ACCESS_ACL:
587 case STREAM_UNIX_DEFAULT_ACL:
588 case STREAM_ACL_AIX_TEXT:
589 case STREAM_ACL_DARWIN_ACCESS_ACL:
590 case STREAM_ACL_FREEBSD_DEFAULT_ACL:
591 case STREAM_ACL_FREEBSD_ACCESS_ACL:
592 case STREAM_ACL_HPUX_ACL_ENTRY:
593 case STREAM_ACL_IRIX_DEFAULT_ACL:
594 case STREAM_ACL_IRIX_ACCESS_ACL:
595 case STREAM_ACL_LINUX_DEFAULT_ACL:
596 case STREAM_ACL_LINUX_ACCESS_ACL:
597 case STREAM_ACL_TRU64_DEFAULT_ACL:
598 case STREAM_ACL_TRU64_DEFAULT_DIR_ACL:
599 case STREAM_ACL_TRU64_ACCESS_ACL:
600 case STREAM_ACL_SOLARIS_ACLENT:
601 case STREAM_ACL_SOLARIS_ACE:
603 * Do not restore ACLs when
604 * a) The current file is not extracted
605 * b) and it is not a directory (they are never "extracted")
606 * c) or the file name is empty
608 if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) {
612 pm_memcpy(jcr->acl_data, sd->msg, sd->msglen);
613 jcr->acl_data_len = sd->msglen;
614 switch (parse_acl_streams(jcr, rctx.stream)) {
615 case bsub_exit_fatal:
619 * Non-fatal errors, count them and when the number is under ACL_REPORT_ERR_MAX_PER_JOB
620 * print the error message set by the lower level routine in jcr->errmsg.
622 if (jcr->total_acl_errors < ACL_REPORT_ERR_MAX_PER_JOB) {
623 Qmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
625 jcr->total_acl_errors++;
635 case STREAM_XATTR_SOLARIS_SYS:
636 case STREAM_XATTR_SOLARIS:
637 case STREAM_XATTR_DARWIN:
638 case STREAM_XATTR_FREEBSD:
639 case STREAM_XATTR_LINUX:
640 case STREAM_XATTR_NETBSD:
642 * Do not restore Extended Attributes when
643 * a) The current file is not extracted
644 * b) and it is not a directory (they are never "extracted")
645 * c) or the file name is empty
647 if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) {
651 pm_memcpy(jcr->xattr_data, sd->msg, sd->msglen);
652 jcr->xattr_data_len = sd->msglen;
653 if (parse_xattr_streams(jcr, rctx.stream) != bsub_exit_ok) {
654 Qmsg1(jcr, M_WARNING, 0, _("Can't restore Extended Attributes of %s\n"), jcr->last_fname);
661 case STREAM_SIGNED_DIGEST:
662 /* Is this an unexpected signature? */
664 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
665 free_signature(rctx);
668 /* Save signature. */
669 if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)sd->msg, (uint32_t)sd->msglen)) == NULL) {
670 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
674 case STREAM_MD5_DIGEST:
675 case STREAM_SHA1_DIGEST:
676 case STREAM_SHA256_DIGEST:
677 case STREAM_SHA512_DIGEST:
680 case STREAM_PROGRAM_NAMES:
681 case STREAM_PROGRAM_DATA:
682 if (!non_support_progname) {
683 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
684 non_support_progname++;
688 case STREAM_PLUGIN_NAME:
689 close_previous_stream(rctx);
690 Dmsg1(50, "restore stream_plugin_name=%s\n", sd->msg);
691 plugin_name_stream(jcr, sd->msg);
695 close_previous_stream(rctx);
696 Jmsg(jcr, M_ERROR, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
698 Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, sd->msg);
700 } /* end switch(stream) */
702 } /* end while get_msg() */
705 * If output file is still open, it was the last one in the
706 * archive since we just hit an end of file, so close the file.
708 if (is_bopen(&rctx.forkbfd)) {
709 bclose_chksize(jcr, &rctx.forkbfd, rctx.fork_size);
712 close_previous_stream(rctx);
713 set_jcr_job_status(jcr, JS_Terminated);
717 set_jcr_job_status(jcr, JS_ErrorTerminated);
720 /* Free Signature & Crypto Data */
721 free_signature(rctx);
723 if (jcr->crypto.digest) {
724 crypto_digest_free(jcr->crypto.digest);
725 jcr->crypto.digest = NULL;
728 /* Free file cipher restore context */
729 if (rctx.cipher_ctx.cipher) {
730 crypto_cipher_free(rctx.cipher_ctx.cipher);
731 rctx.cipher_ctx.cipher = NULL;
733 if (rctx.cipher_ctx.buf) {
734 free_pool_memory(rctx.cipher_ctx.buf);
735 rctx.cipher_ctx.buf = NULL;
738 /* Free alternate stream cipher restore context */
739 if (rctx.fork_cipher_ctx.cipher) {
740 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
741 rctx.fork_cipher_ctx.cipher = NULL;
743 if (rctx.fork_cipher_ctx.buf) {
744 free_pool_memory(rctx.fork_cipher_ctx.buf);
745 rctx.fork_cipher_ctx.buf = NULL;
748 if (jcr->compress_buf) {
749 free(jcr->compress_buf);
750 jcr->compress_buf = NULL;
751 jcr->compress_buf_size = 0;
754 if (have_xattr && jcr->xattr_data) {
755 free_pool_memory(jcr->xattr_data);
756 jcr->xattr_data = NULL;
758 if (have_acl && jcr->acl_data) {
759 free_pool_memory(jcr->acl_data);
760 jcr->acl_data = NULL;
763 bclose(&rctx.forkbfd);
765 free_attr(rctx.attr);
766 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
767 edit_uint64(jcr->JobBytes, ec1));
768 if (jcr->total_acl_errors > 0) {
769 Jmsg(jcr, M_ERROR, 0, _("Encountered %ld acl errors while doing restore\n"),
770 jcr->total_acl_errors);
772 if (non_support_data > 1 || non_support_attr > 1) {
773 Jmsg(jcr, M_ERROR, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
774 non_support_data, non_support_attr);
776 if (non_support_rsrc) {
777 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_support_rsrc);
779 if (non_support_finfo) {
780 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_support_rsrc);
782 if (non_support_acl) {
783 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_support_acl);
785 if (non_support_crypto) {
786 Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_support_acl);
788 if (non_support_xattr) {
789 Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_support_xattr);
796 * Convert ZLIB error code into an ASCII message
798 static const char *zlib_strerror(int stat)
805 return _("Zlib errno");
807 return _("Zlib stream error");
809 return _("Zlib data error");
811 return _("Zlib memory error");
813 return _("Zlib buffer error");
814 case Z_VERSION_ERROR:
815 return _("Zlib version error");
822 static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
824 Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
825 return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
829 * Verify the signature for the last restored file
830 * Return value is either true (signature correct)
831 * or false (signature could not be verified).
832 * TODO landonf: Implement without using find_one_file and
833 * without re-reading the file.
835 static bool verify_signature(JCR *jcr, r_ctx &rctx)
837 X509_KEYPAIR *keypair;
838 DIGEST *digest = NULL;
840 uint64_t saved_bytes;
841 crypto_digest_t signing_algorithm = have_sha2 ?
842 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
843 crypto_digest_t algorithm;
844 SIGNATURE *sig = rctx.sig;
847 if (!jcr->crypto.pki_sign) {
848 return true; /* no signature OK */
851 if (rctx.type == FT_REGE || rctx.type == FT_REG || rctx.type == FT_RAW) {
852 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"),
859 /* Iterate through the trusted signers */
860 foreach_alist(keypair, jcr->crypto.pki_signers) {
861 err = crypto_sign_get_digest(sig, jcr->crypto.pki_keypair, algorithm, &digest);
863 case CRYPTO_ERROR_NONE:
864 Dmsg0(50, "== Got digest\n");
866 * We computed jcr->crypto.digest using signing_algorithm while writing
867 * the file. If it is not the same as the algorithm used for
868 * this file, punt by releasing the computed algorithm and
869 * computing by re-reading the file.
871 if (algorithm != signing_algorithm) {
872 if (jcr->crypto.digest) {
873 crypto_digest_free(jcr->crypto.digest);
874 jcr->crypto.digest = NULL;
877 if (jcr->crypto.digest) {
878 /* Use digest computed while writing the file to verify the signature */
879 if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
880 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
881 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
882 jcr->last_fname, crypto_strerror(err));
886 /* Signature found, digest allocated. Old method,
887 * re-read the file and compute the digest
889 jcr->crypto.digest = digest;
891 /* Checksum the entire file */
892 /* Make sure we don't modify JobBytes by saving and restoring it */
893 saved_bytes = jcr->JobBytes;
894 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
895 Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
897 jcr->JobBytes = saved_bytes;
900 jcr->JobBytes = saved_bytes;
902 /* Verify the signature */
903 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
904 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
905 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
906 jcr->last_fname, crypto_strerror(err));
909 jcr->crypto.digest = NULL;
912 /* Valid signature */
913 Dmsg1(50, "Signature good on %s\n", jcr->last_fname);
914 crypto_digest_free(digest);
917 case CRYPTO_ERROR_NOSIGNER:
918 /* Signature not found, try again */
920 crypto_digest_free(digest);
925 /* Something strange happened (that shouldn't happen!)... */
926 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
932 Dmsg1(50, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
936 crypto_digest_free(digest);
941 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length)
946 unser_begin(*data, SPARSE_FADDR_SIZE);
948 if (*addr != faddr) {
950 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
952 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
953 edit_uint64(*addr, ec1), jcr->last_fname,
954 be.bstrerror(bfd->berrno));
958 *data += SPARSE_FADDR_SIZE;
959 *length -= SPARSE_FADDR_SIZE;
963 bool decompress_data(JCR *jcr, char **data, uint32_t *length)
968 char ec1[50]; /* Buffer printing huge values */
971 * NOTE! We only use uLong and Byte because they are
972 * needed by the zlib routines, they should not otherwise
975 compress_len = jcr->compress_buf_size;
976 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
977 if ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
978 (const Byte *)*data, (uLong)*length)) != Z_OK) {
979 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
980 jcr->last_fname, zlib_strerror(stat));
983 *data = jcr->compress_buf;
984 *length = compress_len;
985 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
988 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
993 static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
996 if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
997 unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
998 unser_uint32(ctx->packet_len);
999 ctx->packet_len += CRYPTO_LEN_SIZE;
1003 bool store_data(JCR *jcr, BFILE *bfd, char *data, const int32_t length, bool win32_decomp)
1005 if (jcr->crypto.digest) {
1006 crypto_digest_update(jcr->crypto.digest, (uint8_t *)data, length);
1009 if (!processWin32BackupAPIBlock(bfd, data, length)) {
1011 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
1012 jcr->last_fname, be.bstrerror(bfd->berrno));
1015 } else if (bwrite(bfd, data, length) != (ssize_t)length) {
1017 Jmsg2(jcr, M_ERROR, 0, _("Write error on %s: %s\n"),
1018 jcr->last_fname, be.bstrerror(bfd->berrno));
1026 * In the context of jcr, write data to bfd.
1027 * We write buflen bytes in buf at addr. addr is updated in place.
1028 * The flags specify whether to use sparse files or compression.
1029 * Return value is the number of bytes written, or -1 on errors.
1031 int32_t extract_data(JCR *jcr, r_ctx &rctx, POOLMEM *buf, int32_t buflen,
1032 uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx)
1034 BFILE *bfd = &rctx.bfd;
1035 char *wbuf; /* write buffer */
1036 uint32_t wsize; /* write size */
1037 uint32_t rsize; /* read size */
1038 uint32_t decrypted_len = 0; /* Decryption output length */
1039 char ec1[50]; /* Buffer printing huge values */
1042 jcr->ReadBytes += rsize;
1046 if (flags & FO_ENCRYPT) {
1047 ASSERT(cipher_ctx->cipher);
1049 /* NOTE: We must implement block preserving semantics for the
1050 * non-streaming compression and sparse code. */
1053 * Grow the crypto buffer, if necessary.
1054 * crypto_cipher_update() will process only whole blocks,
1055 * buffering the remaining input.
1057 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1058 cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
1060 /* Decrypt the input block */
1061 if (!crypto_cipher_update(cipher_ctx->cipher,
1062 (const u_int8_t *)wbuf,
1064 (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1066 /* Decryption failed. Shouldn't happen. */
1067 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
1071 if (decrypted_len == 0) {
1072 /* No full block of encrypted data available, write more data */
1076 Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
1078 cipher_ctx->buf_len += decrypted_len;
1079 wbuf = cipher_ctx->buf;
1081 /* If one full preserved block is available, write it to disk,
1082 * and then buffer any remaining data. This should be effecient
1083 * as long as Bacula's block size is not significantly smaller than the
1084 * encryption block size (extremely unlikely!) */
1085 unser_crypto_packet_len(cipher_ctx);
1086 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1088 if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
1089 /* No full preserved block is available. */
1093 /* We have one full block, set up the filter input buffers */
1094 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1095 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1096 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1097 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1100 if (flags & FO_SPARSE) {
1101 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1106 if (flags & FO_GZIP) {
1107 if (!decompress_data(jcr, &wbuf, &wsize)) {
1112 if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1115 jcr->JobBytes += wsize;
1117 Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1119 /* Clean up crypto buffers */
1120 if (flags & FO_ENCRYPT) {
1121 /* Move any remaining data to start of buffer */
1122 if (cipher_ctx->buf_len > 0) {
1123 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1124 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1125 cipher_ctx->buf_len);
1127 /* The packet was successfully written, reset the length so that the next
1128 * packet length may be re-read by unser_crypto_packet_len() */
1129 cipher_ctx->packet_len = 0;
1134 rctx.extract = false;
1141 * If extracting, close any previous stream
1143 static void close_previous_stream(r_ctx &rctx)
1146 * If extracting, it was from previous stream, so
1147 * close the output file and validate the signature.
1150 if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
1151 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
1152 Dmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
1153 is_bopen(&rctx.bfd));
1156 if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
1157 deallocate_cipher(rctx);
1158 deallocate_fork_cipher(rctx);
1161 if (rctx.jcr->plugin) {
1162 plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1164 set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1166 rctx.extract = false;
1168 /* Verify the cryptographic signature, if any */
1169 rctx.type = rctx.attr->type;
1170 verify_signature(rctx.jcr, rctx);
1172 /* Free Signature */
1173 free_signature(rctx);
1175 rctx.jcr->ff->flags = 0;
1176 Dmsg0(130, "Stop extracting.\n");
1177 } else if (is_bopen(&rctx.bfd)) {
1178 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
1179 Dmsg0(000, "=== logic error !open\n");
1186 * In the context of jcr, flush any remaining data from the cipher context,
1187 * writing it to bfd.
1188 * Return value is true on success, false on failure.
1190 bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags,
1191 RESTORE_CIPHER_CTX *cipher_ctx)
1193 uint32_t decrypted_len = 0;
1194 char *wbuf; /* write buffer */
1195 uint32_t wsize; /* write size */
1196 char ec1[50]; /* Buffer printing huge values */
1197 bool second_pass = false;
1200 /* Write out the remaining block and free the cipher context */
1201 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf, cipher_ctx->buf_len +
1202 cipher_ctx->block_size);
1204 if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1206 /* Writing out the final, buffered block failed. Shouldn't happen. */
1207 Jmsg3(jcr, M_ERROR, 0, _("Decryption error. buf_len=%d decrypt_len=%d on file %s\n"),
1208 cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
1211 Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
1212 /* If nothing new was decrypted, and our output buffer is empty, return */
1213 if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
1217 cipher_ctx->buf_len += decrypted_len;
1219 unser_crypto_packet_len(cipher_ctx);
1220 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1221 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1222 wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Decrypted, possibly decompressed output here. */
1223 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1224 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1226 if (flags & FO_SPARSE) {
1227 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1232 if (flags & FO_GZIP) {
1233 if (!decompress_data(jcr, &wbuf, &wsize)) {
1238 Dmsg0(130, "Call store_data\n");
1239 if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1242 jcr->JobBytes += wsize;
1243 Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1245 /* Move any remaining data to start of buffer */
1246 if (cipher_ctx->buf_len > 0) {
1247 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1248 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1249 cipher_ctx->buf_len);
1251 /* The packet was successfully written, reset the length so that the next
1252 * packet length may be re-read by unser_crypto_packet_len() */
1253 cipher_ctx->packet_len = 0;
1255 if (cipher_ctx->buf_len >0 && !second_pass) {
1260 /* Stop decryption */
1261 cipher_ctx->buf_len = 0;
1262 cipher_ctx->packet_len = 0;
1267 static void deallocate_cipher(r_ctx &rctx)
1269 /* Flush and deallocate previous stream's cipher context */
1270 if (rctx.cipher_ctx.cipher) {
1271 flush_cipher(rctx.jcr, &rctx.bfd, &rctx.fileAddr, rctx.flags, &rctx.cipher_ctx);
1272 crypto_cipher_free(rctx.cipher_ctx.cipher);
1273 rctx.cipher_ctx.cipher = NULL;
1277 static void deallocate_fork_cipher(r_ctx &rctx)
1280 /* Flush and deallocate previous stream's fork cipher context */
1281 if (rctx.fork_cipher_ctx.cipher) {
1282 flush_cipher(rctx.jcr, &rctx.forkbfd, &rctx.fork_addr, rctx.fork_flags, &rctx.fork_cipher_ctx);
1283 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1284 rctx.fork_cipher_ctx.cipher = NULL;
1288 static void free_signature(r_ctx &rctx)
1291 crypto_sign_free(rctx.sig);
1296 static void free_session(r_ctx &rctx)
1299 crypto_session_free(rctx.cs);
1305 /* This code if implemented goes above */
1306 #ifdef stbernard_implemented
1307 / #if defined(HAVE_WIN32)
1308 bool bResumeOfmOnExit = FALSE;
1309 if (isOpenFileManagerRunning()) {
1310 if ( pauseOpenFileManager() ) {
1311 Jmsg(jcr, M_INFO, 0, _("Open File Manager paused\n") );
1312 bResumeOfmOnExit = TRUE;
1315 Jmsg(jcr, M_ERROR, 0, _("FAILED to pause Open File Manager\n") );
1319 char username[UNLEN+1];
1320 DWORD usize = sizeof(username);
1321 int privs = enable_backup_privileges(NULL, 1);
1322 if (GetUserName(username, &usize)) {
1323 Jmsg2(jcr, M_INFO, 0, _("Running as '%s'. Privmask=%#08x\n"), username,
1325 Jmsg(jcr, M_WARNING, 0, _("Failed to retrieve current UserName\n"));