2 Bacula(R) - The Network Backup Solution
4 Copyright (C) 2000-2015 Kern Sibbald
5 Copyright (C) 2000-2014 Free Software Foundation Europe e.V.
7 The original author of Bacula is Kern Sibbald, with contributions
8 from many others, a complete list can be found in the file AUTHORS.
10 You may use this file and others of this release according to the
11 license defined in the LICENSE file, which includes the Affero General
12 Public License, v3.0 ("AGPLv3") and some additional permissions and
13 terms pursuant to its AGPLv3 Section 7.
15 This notice must be preserved when any source code is
16 conveyed and/or propagated.
18 Bacula(R) is a registered trademark of Kern Sibbald.
21 * Bacula File Daemon restore.c Restorefiles.
23 * Kern Sibbald, November MM
34 const bool have_darwin_os = true;
36 const bool have_darwin_os = false;
39 #if defined(HAVE_CRYPTO)
40 const bool have_crypto = true;
42 const bool have_crypto = false;
46 const bool have_acl = true;
48 const bool have_acl = false;
52 const bool have_sha2 = true;
54 const bool have_sha2 = false;
57 #if defined(HAVE_XATTR)
58 const bool have_xattr = true;
60 const bool have_xattr = false;
63 /* Data received from Storage Daemon */
64 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
66 /* Forward referenced functions */
67 #if defined(HAVE_LIBZ)
68 static const char *zlib_strerror(int stat);
69 const bool have_libz = true;
71 const bool have_libz = false;
74 const bool have_lzo = true;
76 const bool have_lzo = false;
79 static void deallocate_cipher(r_ctx &rctx);
80 static void deallocate_fork_cipher(r_ctx &rctx);
81 static bool verify_signature(r_ctx &rctx);
82 static void free_signature(r_ctx &rctx);
83 static void free_session(r_ctx &rctx);
84 static bool close_previous_stream(r_ctx &rctx);
85 static int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen);
86 static bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
87 RESTORE_CIPHER_CTX *cipher_ctx);
90 * Close a bfd check that we are at the expected file offset.
91 * Makes use of some code from set_attributes().
93 static int bclose_chksize(r_ctx &rctx, BFILE *bfd, boffset_t osize)
95 char ec1[50], ec2[50];
99 fsize = blseek(bfd, 0, SEEK_CUR);
100 bclose(bfd); /* first close file */
101 if (fsize > 0 && fsize != osize) {
102 Qmsg3(jcr, M_WARNING, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
103 jcr->last_fname, edit_uint64(osize, ec1),
104 edit_uint64(fsize, ec2));
110 #ifdef HAVE_DARWIN_OS
111 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
113 struct attrlist attrList;
115 memset(&attrList, 0, sizeof(attrList));
116 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
117 attrList.commonattr = ATTR_CMN_FNDRINFO;
119 Dmsg0(130, "Restoring Finder Info\n");
120 jcr->ff->flags |= FO_HFSPLUS;
122 Jmsg(jcr, M_WARNING, 0, _("Invalid length of Finder Info (got %d, wanted 32)\n"), buflen);
126 if (setattrlist(jcr->last_fname, &attrList, buf, buflen, 0) != 0) {
127 Jmsg(jcr, M_WARNING, 0, _("Error setting Finder Info on \"%s\"\n"), jcr->last_fname);
135 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
143 * Cleanup of delayed restore stack with streams for later processing.
145 static void drop_delayed_restore_streams(r_ctx &rctx, bool reuse)
147 RESTORE_DATA_STREAM *rds;
149 if (!rctx.delayed_streams) {
151 rctx.delayed_streams = New(alist(10, owned_by_alist));
155 if (rctx.delayed_streams->empty()) {
159 foreach_alist(rds, rctx.delayed_streams) {
165 rctx.delayed_streams->destroy();
167 rctx.delayed_streams->init(10, owned_by_alist);
173 * Push a data stream onto the delayed restore stack for
176 static inline void push_delayed_restore_stream(r_ctx &rctx, char *msg, int msglen)
178 RESTORE_DATA_STREAM *rds;
183 if (!rctx.delayed_streams) {
184 rctx.delayed_streams = New(alist(10, owned_by_alist));
187 rds = (RESTORE_DATA_STREAM *)malloc(sizeof(RESTORE_DATA_STREAM));
188 rds->stream = rctx.stream;
189 rds->content = (char *)malloc(msglen);
190 memcpy(rds->content, msg, msglen);
191 rds->content_length = msglen;
192 rctx.delayed_streams->append(rds);
196 * Perform a restore of an ACL using the stream received.
197 * This can either be a delayed restore or direct restore.
199 static inline bool do_restore_acl(JCR *jcr, int stream, char *content,
200 uint32_t content_length)
202 switch (restore_acl_streams(jcr, stream, content, content_length)) {
207 * Non-fatal errors, count them and when the number is under ACL_MAX_ERROR_PRINT_PER_JOB
208 * print the error message set by the lower level routine in jcr->errmsg.
210 if (jcr->acl_ctx->nr_errors < ACL_MAX_ERROR_PRINT_PER_JOB) {
211 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
213 jcr->acl_ctx->nr_errors++;
222 * Perform a restore of an XATTR using the stream received.
223 * This can either be a delayed restore or direct restore.
225 static inline bool do_restore_xattr(JCR *jcr, int stream, char *content,
226 uint32_t content_length)
228 switch (restore_xattr_streams(jcr, stream, content, content_length)) {
229 case bxattr_rtn_fatal:
231 case bxattr_rtn_error:
233 * Non-fatal errors, count them and when the number is under XATTR_MAX_ERROR_PRINT_PER_JOB
234 * print the error message set by the lower level routine in jcr->errmsg.
236 if (jcr->xattr_ctx->nr_errors < XATTR_MAX_ERROR_PRINT_PER_JOB) {
237 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
239 jcr->xattr_ctx->nr_errors++;
248 * Restore any data streams that are restored after the file
249 * is fully restored and has its attributes restored. Things
250 * like acls and xattr are restored after we set the file
251 * attributes otherwise we might clear some security flags
252 * by setting the attributes.
254 static inline bool pop_delayed_data_streams(r_ctx &rctx)
256 RESTORE_DATA_STREAM *rds;
260 * See if there is anything todo.
262 if (!rctx.delayed_streams ||
263 rctx.delayed_streams->empty()) {
268 * Only process known delayed data streams here.
269 * If you start using more delayed data streams
270 * be sure to add them in this loop and add the
273 * Currently we support delayed data stream
274 * processing for the following type of streams:
278 foreach_alist(rds, rctx.delayed_streams) {
279 switch (rds->stream) {
280 case STREAM_UNIX_ACCESS_ACL:
281 case STREAM_UNIX_DEFAULT_ACL:
282 case STREAM_ACL_AIX_TEXT:
283 case STREAM_ACL_DARWIN_ACCESS:
284 case STREAM_ACL_FREEBSD_DEFAULT:
285 case STREAM_ACL_FREEBSD_ACCESS:
286 case STREAM_ACL_HPUX_ACL_ENTRY:
287 case STREAM_ACL_IRIX_DEFAULT:
288 case STREAM_ACL_IRIX_ACCESS:
289 case STREAM_ACL_LINUX_DEFAULT:
290 case STREAM_ACL_LINUX_ACCESS:
291 case STREAM_ACL_TRU64_DEFAULT:
292 case STREAM_ACL_TRU64_DEFAULT_DIR:
293 case STREAM_ACL_TRU64_ACCESS:
294 case STREAM_ACL_SOLARIS_POSIX:
295 case STREAM_ACL_SOLARIS_NFS4:
296 case STREAM_ACL_AFS_TEXT:
297 case STREAM_ACL_AIX_AIXC:
298 case STREAM_ACL_AIX_NFS4:
299 case STREAM_ACL_FREEBSD_NFS4:
300 case STREAM_ACL_HURD_DEFAULT:
301 case STREAM_ACL_HURD_ACCESS:
302 if (!do_restore_acl(jcr, rds->stream, rds->content, rds->content_length)) {
306 case STREAM_XATTR_HURD:
307 case STREAM_XATTR_IRIX:
308 case STREAM_XATTR_TRU64:
309 case STREAM_XATTR_AIX:
310 case STREAM_XATTR_OPENBSD:
311 case STREAM_XATTR_SOLARIS_SYS:
312 case STREAM_XATTR_DARWIN:
313 case STREAM_XATTR_FREEBSD:
314 case STREAM_XATTR_LINUX:
315 case STREAM_XATTR_NETBSD:
316 if (!do_restore_xattr(jcr, rds->stream, rds->content, rds->content_length)) {
321 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
331 drop_delayed_restore_streams(rctx, true);
335 drop_delayed_restore_streams(rctx, true);
341 * Restore the requested files.
343 void do_restore(JCR *jcr)
346 uint32_t VolSessionId, VolSessionTime;
348 char ec1[50]; /* Buffer printing huge values */
349 uint32_t buf_size; /* client buffer size */
351 int64_t rsrc_len = 0; /* Original length of resource fork */
354 /* ***FIXME*** make configurable */
355 crypto_digest_t signing_algorithm = have_sha2 ?
356 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
357 memset(&rctx, 0, sizeof(rctx));
360 /* The following variables keep track of "known unknowns" */
361 int non_suppored_data = 0;
362 int non_suppored_attr = 0;
363 int non_suppored_rsrc = 0;
364 int non_suppored_finfo = 0;
365 int non_suppored_acl = 0;
366 int non_suppored_progname = 0;
367 int non_suppored_crypto = 0;
368 int non_suppored_xattr = 0;
370 sd = jcr->store_bsock;
371 jcr->setJobStatus(JS_Running);
374 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
377 buf_size = client->max_network_buffer_size;
379 buf_size = 0; /* use default */
381 if (!sd->set_buffer_size(buf_size, BNET_SETBUF_WRITE)) {
382 jcr->setJobStatus(JS_ErrorTerminated);
385 jcr->buf_size = sd->msglen;
387 /* use the same buffer size to decompress both gzip and lzo */
388 if (have_libz || have_lzo) {
389 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
390 jcr->compress_buf = get_memory(compress_buf_size);
391 jcr->compress_buf_size = compress_buf_size;
396 fdmsg = New(GetMsg(jcr, sd, rec_header, GETMSG_MAX_MSG_SIZE));
398 fdmsg->start_read_sock();
399 bmessage *bmsg = fdmsg->new_msg(); /* get a message, to exchange with fdmsg */
402 if (lzo_init() != LZO_E_OK) {
403 Jmsg(jcr, M_FATAL, 0, _("LZO init failed\n"));
409 rctx.cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
410 if (have_darwin_os) {
411 rctx.fork_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
416 * Get a record from the Storage daemon. We are guaranteed to
417 * receive records in the following order:
418 * 1. Stream record header
419 * 2. Stream data (one or more of the following in the order given)
420 * a. Attributes (Unix or Windows)
421 * b. Possibly stream encryption session data (e.g., symmetric session key)
422 * c. File data for the file
423 * d. Alternate data stream (e.g. Resource Fork)
427 * h. Possibly a cryptographic signature
428 * i. Possibly MD5 or SHA1 record
431 * NOTE: We keep track of two bacula file descriptors:
432 * 1. bfd for file data.
433 * This fd is opened for non empty files when an attribute stream is
434 * encountered and closed when we find the next attribute stream.
435 * 2. fork_bfd for alternate data streams
436 * This fd is opened every time we encounter a new alternate data
437 * stream for the current file. When we find any other stream, we
439 * The expected size of the stream, fork_len, should be set when
441 * 3. Not all the stream data records are required -- e.g. if there
442 * is no fork, there is no alternate data stream, no ACL, ...
445 binit(&rctx.forkbfd);
446 attr = rctx.attr = new_attr(jcr);
448 jcr->acl_ctx = (acl_ctx_t *)malloc(sizeof(acl_ctx_t));
449 memset(jcr->acl_ctx, 0, sizeof(acl_ctx_t));
452 jcr->xattr_ctx = (xattr_ctx_t *)malloc(sizeof(xattr_ctx_t));
453 memset(jcr->xattr_ctx, 0, sizeof(xattr_ctx_t));
457 while (fdmsg->bget_msg(&bmsg) >= 0 && !job_canceled(jcr)) {
458 /* Remember previous stream type */
459 rctx.prev_stream = rctx.stream;
461 /* First we expect a Stream Record Header */
463 if (sscanf(bmsg->rbuf, rec_header, &VolSessionId, &VolSessionTime, &file_index,
464 &rctx.full_stream, &rctx.size) != 5) {
465 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), bmsg->rbuf);
468 /* Strip off new stream high bits */
469 rctx.stream = rctx.full_stream & STREAMMASK_TYPE;
471 /* Now we expect the Stream Data */
472 if (fdmsg->bget_msg(&bmsg) < 0) {
473 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), sd->bstrerror());
476 if (rctx.size != (uint32_t)bmsg->origlen) {
477 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
478 bmsg->origlen, rctx.size);
479 Dmsg2(50, "Actual data size %d not same as header %d\n",
480 bmsg->origlen, rctx.size);
483 Dmsg3(620, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream),
484 bmsg->msglen, rctx.extract);
486 /* If we change streams, close and reset alternate data streams */
487 if (rctx.prev_stream != rctx.stream) {
488 if (is_bopen(&rctx.forkbfd)) {
489 deallocate_fork_cipher(rctx);
490 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
492 /* Use an impossible value and set a proper one below */
497 /* File Attributes stream */
498 switch (rctx.stream) {
499 case STREAM_UNIX_ATTRIBUTES:
500 case STREAM_UNIX_ATTRIBUTES_EX:
501 /* if any previous stream open, close it */
502 if (!close_previous_stream(rctx)) {
507 * TODO: manage deleted files
509 if (rctx.type == FT_DELETED) { /* deleted file */
513 * Restore objects should be ignored here -- they are
514 * returned at the beginning of the restore.
516 if (IS_FT_OBJECT(rctx.type)) {
521 * Unpack attributes and do sanity check them
523 if (!unpack_attributes_record(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen, attr)) {
527 attr->data_stream = decode_stat(attr->attr, &attr->statp, sizeof(attr->statp), &attr->LinkFI);
529 Dmsg5(100, "Stream %d: %s, File %s\nattrib=%s\nattribsEx=%s\n",
530 attr->data_stream, stream_to_ascii(attr->data_stream),
531 attr->fname, attr->attr, attr->attrEx);
532 Dmsg3(100, "=== msglen=%d attrExlen=%d msg=%s\n", bmsg->rbuflen,
533 strlen(attr->attrEx), bmsg->rbuf);
535 if (!is_restore_stream_supported(attr->data_stream)) {
536 Dmsg2(15, "Non-supported data stream %d: %s\n",
537 attr->data_stream, stream_to_ascii(attr->data_stream));
538 if (!non_suppored_data++) {
539 Jmsg(jcr, M_WARNING, 0, _("%s stream not supported on this Client.\n"),
540 stream_to_ascii(attr->data_stream));
545 build_attr_output_fnames(jcr, attr);
548 * Try to actually create the file, which returns a status telling
549 * us if we need to extract or not.
551 jcr->num_files_examined++;
552 rctx.extract = false;
553 stat = CF_CORE; /* By default, let Bacula's core handle it */
556 stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
559 if (stat == CF_CORE) {
560 stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
563 pm_strcpy(jcr->last_fname, attr->ofname);
564 jcr->last_type = attr->type;
566 Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
572 case CF_EXTRACT: /* File created and we expect file data */
574 /* FALLTHROUGH WANTED */
575 case CF_CREATED: /* File created, but there is no content */
576 /* File created, but there is no content */
578 print_ls_output(jcr, attr);
580 if (have_darwin_os) {
581 /* Only restore the resource fork for regular files */
582 from_base64(&rsrc_len, attr->attrEx);
583 if (attr->type == FT_REG && rsrc_len > 0) {
588 * Do not count the resource forks as regular files being restored.
598 /* set attributes now because file will not be extracted */
600 plugin_set_attributes(jcr, attr, &rctx.bfd);
602 set_attributes(jcr, attr, &rctx.bfd);
610 case STREAM_ENCRYPTED_SESSION_DATA:
611 crypto_error_t cryptoerr;
613 /* The current file will not be extracted, do not create a crypto session */
618 /* Is this an unexpected session data entry? */
620 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
621 rctx.extract = false;
626 /* Do we have any keys at all? */
627 if (!jcr->crypto.pki_recipients) {
628 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
629 rctx.extract = false;
634 if (jcr->crypto.digest) {
635 crypto_digest_free(jcr->crypto.digest);
637 jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
638 if (!jcr->crypto.digest) {
639 Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
640 rctx.extract = false;
645 /* Decode and save session keys. */
646 cryptoerr = crypto_session_decode((uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen,
647 jcr->crypto.pki_recipients, &rctx.cs);
649 case CRYPTO_ERROR_NONE:
652 case CRYPTO_ERROR_NORECIPIENT:
653 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
655 case CRYPTO_ERROR_DECRYPTION:
656 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
658 case CRYPTO_ERROR_NOSIGNER:
659 Jmsg(jcr, M_ERROR, 0, _("Signer not found. Decryption failed.\n"));
661 case CRYPTO_ERROR_INVALID_DIGEST:
662 Jmsg(jcr, M_ERROR, 0, _("Unsupported digest algorithm. Decrypt failed.\n"));
664 case CRYPTO_ERROR_INVALID_CRYPTO:
665 Jmsg(jcr, M_ERROR, 0, _("Unsupported encryption algorithm. Decrypt failed.\n"));
668 /* This shouldn't happen */
669 Jmsg2(jcr, M_ERROR, 0, _("An error=%d occurred while decoding encrypted session data stream: ERR=%s\n"),
670 cryptoerr, crypto_strerror(cryptoerr));
674 if (cryptoerr != CRYPTO_ERROR_NONE) {
675 rctx.extract = false;
682 case STREAM_FILE_DATA:
683 case STREAM_SPARSE_DATA:
684 case STREAM_WIN32_DATA:
685 case STREAM_GZIP_DATA:
686 case STREAM_SPARSE_GZIP_DATA:
687 case STREAM_WIN32_GZIP_DATA:
688 case STREAM_COMPRESSED_DATA:
689 case STREAM_SPARSE_COMPRESSED_DATA:
690 case STREAM_WIN32_COMPRESSED_DATA:
691 case STREAM_ENCRYPTED_FILE_DATA:
692 case STREAM_ENCRYPTED_WIN32_DATA:
693 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
694 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
695 case STREAM_ENCRYPTED_FILE_COMPRESSED_DATA:
696 case STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA:
697 /* Force an expected, consistent stream type here */
698 if (rctx.extract && (rctx.prev_stream == rctx.stream
699 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
700 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
701 || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
704 if (rctx.stream == STREAM_SPARSE_DATA
705 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
706 || rctx.stream == STREAM_SPARSE_GZIP_DATA) {
707 rctx.flags |= FO_SPARSE;
710 if (rctx.stream == STREAM_GZIP_DATA
711 || rctx.stream == STREAM_SPARSE_GZIP_DATA
712 || rctx.stream == STREAM_WIN32_GZIP_DATA
713 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
714 || rctx.stream == STREAM_COMPRESSED_DATA
715 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
716 || rctx.stream == STREAM_WIN32_COMPRESSED_DATA
717 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
718 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
719 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
720 rctx.flags |= FO_COMPRESS;
721 rctx.comp_stream = rctx.stream;
724 if (rctx.stream == STREAM_ENCRYPTED_FILE_DATA
725 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
726 || rctx.stream == STREAM_ENCRYPTED_WIN32_DATA
727 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
728 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
729 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
730 /* Set up a decryption context */
731 if (!rctx.cipher_ctx.cipher) {
733 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
734 rctx.extract = false;
739 if ((rctx.cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false,
740 &rctx.cipher_ctx.block_size)) == NULL) {
741 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
743 rctx.extract = false;
748 rctx.flags |= FO_ENCRYPT;
751 if (is_win32_stream(rctx.stream) &&
752 (win32decomp || !have_win32_api())) {
753 set_portable_backup(&rctx.bfd);
754 rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
757 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
758 rctx.extract = false;
766 * Resource fork stream - only recorded after a file to be restored
767 * Silently ignore if we cannot write - we already reported that
769 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
770 case STREAM_MACOS_FORK_DATA:
771 if (have_darwin_os) {
773 jcr->ff->flags |= FO_HFSPLUS;
775 if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
776 rctx.fork_flags |= FO_ENCRYPT;
778 /* Set up a decryption context */
779 if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
781 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
782 rctx.extract = false;
787 if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
788 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
790 rctx.extract = false;
798 if (rctx.prev_stream != rctx.stream) {
799 if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
800 Jmsg(jcr, M_WARNING, 0, _("Cannot open resource fork for %s.\n"), jcr->last_fname);
801 rctx.extract = false;
805 rctx.fork_size = rsrc_len;
806 Dmsg0(130, "Restoring resource fork\n");
809 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
810 rctx.extract = false;
811 bclose(&rctx.forkbfd);
820 case STREAM_HFSPLUS_ATTRIBUTES:
821 if (have_darwin_os) {
822 if (!restore_finderinfo(jcr, bmsg->rbuf, bmsg->rbuflen)) {
826 non_suppored_finfo++;
830 case STREAM_UNIX_ACCESS_ACL:
831 case STREAM_UNIX_DEFAULT_ACL:
832 case STREAM_ACL_AIX_TEXT:
833 case STREAM_ACL_DARWIN_ACCESS:
834 case STREAM_ACL_FREEBSD_DEFAULT:
835 case STREAM_ACL_FREEBSD_ACCESS:
836 case STREAM_ACL_HPUX_ACL_ENTRY:
837 case STREAM_ACL_IRIX_DEFAULT:
838 case STREAM_ACL_IRIX_ACCESS:
839 case STREAM_ACL_LINUX_DEFAULT:
840 case STREAM_ACL_LINUX_ACCESS:
841 case STREAM_ACL_TRU64_DEFAULT:
842 case STREAM_ACL_TRU64_DEFAULT_DIR:
843 case STREAM_ACL_TRU64_ACCESS:
844 case STREAM_ACL_SOLARIS_POSIX:
845 case STREAM_ACL_SOLARIS_NFS4:
846 case STREAM_ACL_AFS_TEXT:
847 case STREAM_ACL_AIX_AIXC:
848 case STREAM_ACL_AIX_NFS4:
849 case STREAM_ACL_FREEBSD_NFS4:
850 case STREAM_ACL_HURD_DEFAULT:
851 case STREAM_ACL_HURD_ACCESS:
853 * Do not restore ACLs when
854 * a) The current file is not extracted
855 * b) and it is not a directory (they are never "extracted")
856 * c) or the file name is empty
858 if ((!rctx.extract &&
859 jcr->last_type != FT_DIREND) ||
860 (*jcr->last_fname == 0)) {
865 * For anything that is not a directory we delay
866 * the restore of acls till a later stage.
868 if (jcr->last_type != FT_DIREND) {
869 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
871 if (!do_restore_acl(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
880 case STREAM_XATTR_HURD:
881 case STREAM_XATTR_IRIX:
882 case STREAM_XATTR_TRU64:
883 case STREAM_XATTR_AIX:
884 case STREAM_XATTR_OPENBSD:
885 case STREAM_XATTR_SOLARIS_SYS:
886 case STREAM_XATTR_DARWIN:
887 case STREAM_XATTR_FREEBSD:
888 case STREAM_XATTR_LINUX:
889 case STREAM_XATTR_NETBSD:
891 * Do not restore Extended Attributes when
892 * a) The current file is not extracted
893 * b) and it is not a directory (they are never "extracted")
894 * c) or the file name is empty
896 if ((!rctx.extract &&
897 jcr->last_type != FT_DIREND) ||
898 (*jcr->last_fname == 0)) {
903 * For anything that is not a directory we delay
904 * the restore of xattr till a later stage.
906 if (jcr->last_type != FT_DIREND) {
907 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
909 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
914 non_suppored_xattr++;
918 case STREAM_XATTR_SOLARIS:
920 * Do not restore Extended Attributes when
921 * a) The current file is not extracted
922 * b) and it is not a directory (they are never "extracted")
923 * c) or the file name is empty
925 if ((!rctx.extract &&
926 jcr->last_type != FT_DIREND) ||
927 (*jcr->last_fname == 0)) {
931 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
935 non_suppored_xattr++;
939 case STREAM_SIGNED_DIGEST:
940 /* Is this an unexpected signature? */
942 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
943 free_signature(rctx);
946 /* Save signature. */
947 if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen)) == NULL) {
948 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
952 case STREAM_MD5_DIGEST:
953 case STREAM_SHA1_DIGEST:
954 case STREAM_SHA256_DIGEST:
955 case STREAM_SHA512_DIGEST:
958 case STREAM_PROGRAM_NAMES:
959 case STREAM_PROGRAM_DATA:
960 if (!non_suppored_progname) {
961 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
962 non_suppored_progname++;
966 case STREAM_PLUGIN_NAME:
967 if (!close_previous_stream(rctx)) {
970 Dmsg1(150, "restore stream_plugin_name=%s\n", bmsg->rbuf);
971 plugin_name_stream(jcr, bmsg->rbuf);
974 case STREAM_RESTORE_OBJECT:
975 break; /* these are sent by Director */
978 if (!close_previous_stream(rctx)) {
981 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
983 Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, bmsg->rbuf);
985 } /* end switch(stream) */
987 } /* end while get_msg() */
990 * If output file is still open, it was the last one in the
991 * archive since we just hit an end of file, so close the file.
993 if (is_bopen(&rctx.forkbfd)) {
994 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
997 if (!close_previous_stream(rctx)) {
1000 jcr->setJobStatus(JS_Terminated);
1004 jcr->setJobStatus(JS_ErrorTerminated);
1008 fdmsg->wait_read_sock();
1013 * First output the statistics.
1015 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
1016 edit_uint64(jcr->JobBytes, ec1));
1017 if (have_acl && jcr->acl_ctx->nr_errors > 0) {
1018 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld acl errors while doing restore\n"),
1019 jcr->acl_ctx->nr_errors);
1021 if (have_xattr && jcr->xattr_ctx->nr_errors > 0) {
1022 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld xattr errors while doing restore\n"),
1023 jcr->xattr_ctx->nr_errors);
1025 if (non_suppored_data > 1 || non_suppored_attr > 1) {
1026 Jmsg(jcr, M_WARNING, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
1027 non_suppored_data, non_suppored_attr);
1029 if (non_suppored_rsrc) {
1030 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_suppored_rsrc);
1032 if (non_suppored_finfo) {
1033 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_suppored_finfo);
1035 if (non_suppored_acl) {
1036 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_suppored_acl);
1038 if (non_suppored_crypto) {
1039 Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_suppored_acl);
1041 if (non_suppored_xattr) {
1042 Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_suppored_xattr);
1045 /* Free Signature & Crypto Data */
1046 free_signature(rctx);
1048 if (jcr->crypto.digest) {
1049 crypto_digest_free(jcr->crypto.digest);
1050 jcr->crypto.digest = NULL;
1053 /* Free file cipher restore context */
1054 if (rctx.cipher_ctx.cipher) {
1055 crypto_cipher_free(rctx.cipher_ctx.cipher);
1056 rctx.cipher_ctx.cipher = NULL;
1059 if (rctx.cipher_ctx.buf) {
1060 free_pool_memory(rctx.cipher_ctx.buf);
1061 rctx.cipher_ctx.buf = NULL;
1064 /* Free alternate stream cipher restore context */
1065 if (rctx.fork_cipher_ctx.cipher) {
1066 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1067 rctx.fork_cipher_ctx.cipher = NULL;
1069 if (rctx.fork_cipher_ctx.buf) {
1070 free_pool_memory(rctx.fork_cipher_ctx.buf);
1071 rctx.fork_cipher_ctx.buf = NULL;
1074 if (jcr->compress_buf) {
1075 free_pool_memory(jcr->compress_buf);
1076 jcr->compress_buf = NULL;
1077 jcr->compress_buf_size = 0;
1080 if (have_acl && jcr->acl_ctx) {
1081 if (jcr->acl_ctx->content) {
1082 free(jcr->acl_ctx->content);
1085 jcr->acl_ctx = NULL;
1088 if (have_xattr && jcr->xattr_ctx) {
1089 if (jcr->xattr_ctx->content) {
1090 free(jcr->xattr_ctx->content);
1092 free(jcr->xattr_ctx);
1093 jcr->xattr_ctx = NULL;
1096 /* Free the delayed stream stack list. */
1097 if (rctx.delayed_streams) {
1098 drop_delayed_restore_streams(rctx, false);
1099 delete rctx.delayed_streams;
1103 bclose(&rctx.forkbfd);
1105 free_attr(rctx.attr);
1110 * Convert ZLIB error code into an ASCII message
1112 static const char *zlib_strerror(int stat)
1119 return _("Zlib errno");
1120 case Z_STREAM_ERROR:
1121 return _("Zlib stream error");
1123 return _("Zlib data error");
1125 return _("Zlib memory error");
1127 return _("Zlib buffer error");
1128 case Z_VERSION_ERROR:
1129 return _("Zlib version error");
1136 static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
1138 Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
1139 return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
1142 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length)
1147 unser_begin(*data, OFFSET_FADDR_SIZE);
1148 unser_uint64(faddr);
1149 if (*addr != faddr) {
1151 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
1153 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
1154 edit_uint64(*addr, ec1), jcr->last_fname,
1155 be.bstrerror(bfd->berrno));
1159 *data += OFFSET_FADDR_SIZE;
1160 *length -= OFFSET_FADDR_SIZE;
1164 bool decompress_data(JCR *jcr, int32_t stream, char **data, uint32_t *length)
1166 #if defined(HAVE_LZO) || defined(HAVE_LIBZ)
1167 char ec1[50]; /* Buffer printing huge values */
1170 Dmsg1(200, "Stream found in decompress_data(): %d\n", stream);
1171 if(stream == STREAM_COMPRESSED_DATA || stream == STREAM_SPARSE_COMPRESSED_DATA || stream == STREAM_WIN32_COMPRESSED_DATA
1172 || stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA || stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA)
1174 uint32_t comp_magic, comp_len;
1175 uint16_t comp_level, comp_version;
1177 lzo_uint compress_len;
1178 const unsigned char *cbuf;
1179 int r, real_compress_len;
1182 /* read compress header */
1184 unser_begin(*data, sizeof(comp_stream_header));
1185 unser_uint32(comp_magic);
1186 unser_uint32(comp_len);
1187 unser_uint16(comp_level);
1188 unser_uint16(comp_version);
1189 Dmsg4(200, "Compressed data stream found: magic=0x%x, len=%d, level=%d, ver=0x%x\n", comp_magic, comp_len,
1190 comp_level, comp_version);
1193 if (comp_version != COMP_HEAD_VERSION) {
1194 Qmsg(jcr, M_ERROR, 0, _("Compressed header version error. Got=0x%x want=0x%x\n"), comp_version, COMP_HEAD_VERSION);
1198 if (comp_len + sizeof(comp_stream_header) != *length) {
1199 Qmsg(jcr, M_ERROR, 0, _("Compressed header size error. comp_len=%d, msglen=%d\n"),
1203 switch(comp_magic) {
1205 case COMPRESS_LZO1X:
1206 compress_len = jcr->compress_buf_size;
1207 cbuf = (const unsigned char*)*data + sizeof(comp_stream_header);
1208 real_compress_len = *length - sizeof(comp_stream_header);
1209 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1210 while ((r=lzo1x_decompress_safe(cbuf, real_compress_len,
1211 (unsigned char *)jcr->compress_buf, &compress_len, NULL)) == LZO_E_OUTPUT_OVERRUN)
1214 * The buffer size is too small, try with a bigger one
1216 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1217 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1218 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1221 if (r != LZO_E_OK) {
1222 Qmsg(jcr, M_ERROR, 0, _("LZO uncompression error on file %s. ERR=%d\n"),
1223 jcr->last_fname, r);
1226 *data = jcr->compress_buf;
1227 *length = compress_len;
1228 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1232 Qmsg(jcr, M_ERROR, 0, _("Compression algorithm 0x%x found, but not supported!\n"), comp_magic);
1241 * NOTE! We only use uLong and Byte because they are
1242 * needed by the zlib routines, they should not otherwise
1243 * be used in Bacula.
1245 compress_len = jcr->compress_buf_size;
1246 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1247 while ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
1248 (const Byte *)*data, (uLong)*length)) == Z_BUF_ERROR)
1250 /* The buffer size is too small, try with a bigger one. */
1251 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1252 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1253 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1257 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
1258 jcr->last_fname, zlib_strerror(stat));
1261 *data = jcr->compress_buf;
1262 *length = compress_len;
1263 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1266 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
1272 static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
1275 if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
1276 unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
1277 unser_uint32(ctx->packet_len);
1278 ctx->packet_len += CRYPTO_LEN_SIZE;
1282 static bool store_data(r_ctx &rctx, char *data, const int32_t length, bool win32_decomp)
1284 JCR *jcr = rctx.jcr;
1285 BFILE *bfd = &rctx.bfd;
1288 if (jcr->crypto.digest) {
1289 crypto_digest_update(jcr->crypto.digest, (uint8_t *)data, length);
1292 if (!processWin32BackupAPIBlock(bfd, data, length)) {
1294 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
1295 jcr->last_fname, be.bstrerror(bfd->berrno));
1298 } else if ((wstat=bwrite(bfd, data, length)) != (ssize_t)length) {
1301 int len = strlen(jcr->last_fname);
1303 * If this is the first write and the "file" is a directory
1304 * or a drive letter, then only issue a warning as we are
1305 * not able to reset the metadata, then continue.
1306 * If the above is true and we have an error code 91
1307 * (directory not empty), supress the error entirely.
1309 if (bfd->block == 0 && len >= 2 && (jcr->last_fname[len-1] == '/' ||
1310 jcr->last_fname[len-1] == ':')) {
1312 if (bfd->lerror == 91) { /* Directory not empty */
1313 type = 0; /* suppress error */
1318 /* Insufficient bytes written */
1319 Jmsg4(jcr, type, 0, _("Wrong write size error at byte=%lld block=%d wanted=%d wrote=%d\n"),
1320 bfd->total_bytes, bfd->block, length, wstat);
1323 Jmsg6(jcr, type, 0, _("Write error at byte=%lld block=%d write_len=%d lerror=%d on %s: ERR=%s\n"),
1324 bfd->total_bytes, bfd->block, length, bfd->lerror,
1325 jcr->last_fname, be.bstrerror(bfd->berrno));
1329 /* Ignore errors? */
1330 if (type == M_WARNING || type == 0 || no_win32_write_errors) {
1339 * In the context of jcr, write data to bfd.
1340 * We write buflen bytes in buf at addr. addr is updated in place.
1341 * The flags specify whether to use sparse files or compression.
1342 * Return value is the number of bytes written, or -1 on errors.
1344 int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen)
1346 JCR *jcr = rctx.jcr;
1347 BFILE *bfd = &rctx.bfd;
1348 int flags = rctx.flags;
1349 int32_t stream = rctx.stream;
1350 RESTORE_CIPHER_CTX *cipher_ctx = &rctx.cipher_ctx;
1351 char *wbuf; /* write buffer */
1352 uint32_t wsize; /* write size */
1353 uint32_t rsize; /* read size */
1354 uint32_t decrypted_len = 0; /* Decryption output length */
1355 char ec1[50]; /* Buffer printing huge values */
1358 jcr->ReadBytes += rsize;
1362 if (flags & FO_ENCRYPT) {
1363 ASSERT(cipher_ctx->cipher);
1366 * Grow the crypto buffer, if necessary.
1367 * crypto_cipher_update() will process only whole blocks,
1368 * buffering the remaining input.
1370 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1371 cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
1373 /* Decrypt the input block */
1374 if (!crypto_cipher_update(cipher_ctx->cipher,
1375 (const u_int8_t *)wbuf,
1377 (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1379 /* Decryption failed. Shouldn't happen. */
1380 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
1384 if (decrypted_len == 0) {
1385 /* No full block of encrypted data available, write more data */
1389 Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
1391 cipher_ctx->buf_len += decrypted_len;
1392 wbuf = cipher_ctx->buf;
1394 /* If one full preserved block is available, write it to disk,
1395 * and then buffer any remaining data. This should be effecient
1396 * as long as Bacula's block size is not significantly smaller than the
1397 * encryption block size (extremely unlikely!)
1399 unser_crypto_packet_len(cipher_ctx);
1400 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1402 if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
1403 /* No full preserved block is available. */
1407 /* We have one full block, set up the filter input buffers */
1408 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1409 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1410 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1411 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1414 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1415 if (!sparse_data(jcr, bfd, &rctx.fileAddr, &wbuf, &wsize)) {
1420 if (flags & FO_COMPRESS) {
1421 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1426 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1429 jcr->JobBytes += wsize;
1430 rctx.fileAddr += wsize;
1431 Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1433 /* Clean up crypto buffers */
1434 if (flags & FO_ENCRYPT) {
1435 /* Move any remaining data to start of buffer */
1436 if (cipher_ctx->buf_len > 0) {
1437 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1438 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1439 cipher_ctx->buf_len);
1441 /* The packet was successfully written, reset the length so that
1442 * the next packet length may be re-read by unser_crypto_packet_len() */
1443 cipher_ctx->packet_len = 0;
1452 * If extracting, close any previous stream
1454 static bool close_previous_stream(r_ctx &rctx)
1459 * If extracting, it was from previous stream, so
1460 * close the output file and validate the signature.
1463 if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
1464 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
1465 Pmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
1466 is_bopen(&rctx.bfd));
1469 if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
1470 deallocate_cipher(rctx);
1471 deallocate_fork_cipher(rctx);
1474 if (rctx.jcr->plugin) {
1475 plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1477 set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1479 rctx.extract = false;
1481 /* Now perform the delayed restore of some specific data streams. */
1482 rtn = pop_delayed_data_streams(rctx);
1484 /* Verify the cryptographic signature, if any */
1485 rctx.type = rctx.attr->type;
1486 verify_signature(rctx);
1488 /* Free Signature */
1489 free_signature(rctx);
1491 rctx.jcr->ff->flags = 0;
1492 Dmsg0(130, "Stop extracting.\n");
1493 } else if (is_bopen(&rctx.bfd)) {
1494 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
1495 Pmsg0(000, "=== logic error !open\n");
1503 * In the context of jcr, flush any remaining data from the cipher context,
1504 * writing it to bfd.
1505 * Return value is true on success, false on failure.
1507 bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
1508 RESTORE_CIPHER_CTX *cipher_ctx)
1510 JCR *jcr = rctx.jcr;
1511 uint32_t decrypted_len = 0;
1512 char *wbuf; /* write buffer */
1513 uint32_t wsize; /* write size */
1514 char ec1[50]; /* Buffer printing huge values */
1515 bool second_pass = false;
1518 /* Write out the remaining block and free the cipher context */
1519 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1520 cipher_ctx->buf_len + cipher_ctx->block_size);
1522 if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1524 /* Writing out the final, buffered block failed. Shouldn't happen. */
1525 Jmsg3(jcr, M_ERROR, 0, _("Decryption error. buf_len=%d decrypt_len=%d on file %s\n"),
1526 cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
1529 Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
1530 /* If nothing new was decrypted, and our output buffer is empty, return */
1531 if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
1535 cipher_ctx->buf_len += decrypted_len;
1537 unser_crypto_packet_len(cipher_ctx);
1538 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1539 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1540 /* Decrypted, possibly decompressed output here. */
1541 wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1542 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1543 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1545 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1546 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1551 if (flags & FO_COMPRESS) {
1552 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1557 Dmsg0(130, "Call store_data\n");
1558 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1561 jcr->JobBytes += wsize;
1562 Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1564 /* Move any remaining data to start of buffer. */
1565 if (cipher_ctx->buf_len > 0) {
1566 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1567 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1568 cipher_ctx->buf_len);
1570 /* The packet was successfully written, reset the length so that the next
1571 * packet length may be re-read by unser_crypto_packet_len() */
1572 cipher_ctx->packet_len = 0;
1574 if (cipher_ctx->buf_len >0 && !second_pass) {
1579 /* Stop decryption */
1580 cipher_ctx->buf_len = 0;
1581 cipher_ctx->packet_len = 0;
1586 static void deallocate_cipher(r_ctx &rctx)
1588 /* Flush and deallocate previous stream's cipher context */
1589 if (rctx.cipher_ctx.cipher) {
1590 flush_cipher(rctx, &rctx.bfd, &rctx.fileAddr, rctx.flags, rctx.comp_stream, &rctx.cipher_ctx);
1591 crypto_cipher_free(rctx.cipher_ctx.cipher);
1592 rctx.cipher_ctx.cipher = NULL;
1596 static void deallocate_fork_cipher(r_ctx &rctx)
1599 /* Flush and deallocate previous stream's fork cipher context */
1600 if (rctx.fork_cipher_ctx.cipher) {
1601 flush_cipher(rctx, &rctx.forkbfd, &rctx.fork_addr, rctx.fork_flags, rctx.comp_stream, &rctx.fork_cipher_ctx);
1602 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1603 rctx.fork_cipher_ctx.cipher = NULL;
1607 static void free_signature(r_ctx &rctx)
1610 crypto_sign_free(rctx.sig);
1615 static void free_session(r_ctx &rctx)
1618 crypto_session_free(rctx.cs);
1624 * Verify the signature for the last restored file
1625 * Return value is either true (signature correct)
1626 * or false (signature could not be verified).
1627 * TODO landonf: Implement without using find_one_file and
1628 * without re-reading the file.
1630 static bool verify_signature(r_ctx &rctx)
1632 JCR *jcr = rctx.jcr;
1633 X509_KEYPAIR *keypair;
1634 DIGEST *digest = NULL;
1636 uint64_t saved_bytes;
1637 crypto_digest_t signing_algorithm = have_sha2 ?
1638 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
1639 crypto_digest_t algorithm;
1640 SIGNATURE *sig = rctx.sig;
1643 if (!jcr->crypto.pki_sign) {
1644 /* no signature OK */
1648 if (rctx.type == FT_REGE || rctx.type == FT_REG || rctx.type == FT_RAW) {
1649 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"),
1656 /* Iterate through the trusted signers */
1657 foreach_alist(keypair, jcr->crypto.pki_signers) {
1658 err = crypto_sign_get_digest(sig, jcr->crypto.pki_keypair, algorithm, &digest);
1660 case CRYPTO_ERROR_NONE:
1661 Dmsg0(50, "== Got digest\n");
1663 * We computed jcr->crypto.digest using signing_algorithm while writing
1664 * the file. If it is not the same as the algorithm used for
1665 * this file, punt by releasing the computed algorithm and
1666 * computing by re-reading the file.
1668 if (algorithm != signing_algorithm) {
1669 if (jcr->crypto.digest) {
1670 crypto_digest_free(jcr->crypto.digest);
1671 jcr->crypto.digest = NULL;
1674 if (jcr->crypto.digest) {
1675 /* Use digest computed while writing the file to verify
1677 if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
1678 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1679 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1680 jcr->last_fname, crypto_strerror(err));
1684 /* Signature found, digest allocated. Old method,
1685 * re-read the file and compute the digest */
1686 jcr->crypto.digest = digest;
1688 /* Checksum the entire file
1689 * Make sure we don't modify JobBytes by saving and
1691 saved_bytes = jcr->JobBytes;
1692 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
1693 Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
1695 jcr->JobBytes = saved_bytes;
1698 jcr->JobBytes = saved_bytes;
1700 /* Verify the signature */
1701 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
1702 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1703 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1704 jcr->last_fname, crypto_strerror(err));
1707 jcr->crypto.digest = NULL;
1710 /* Valid signature */
1711 Dmsg1(50, "Signature good on %s\n", jcr->last_fname);
1712 crypto_digest_free(digest);
1715 case CRYPTO_ERROR_NOSIGNER:
1716 /* Signature not found, try again */
1718 crypto_digest_free(digest);
1723 /* Something strange happened (that shouldn't happen!)... */
1724 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
1730 Dmsg1(50, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
1734 crypto_digest_free(digest);