2 Bacula® - The Network Backup Solution
4 Copyright (C) 2000-2008 Free Software Foundation Europe e.V.
6 The main author of Bacula is Kern Sibbald, with contributions from
7 many others, a complete list can be found in the file AUTHORS.
8 This program is Free Software; you can redistribute it and/or
9 modify it under the terms of version two of the GNU General Public
10 License as published by the Free Software Foundation and included
13 This program is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 Bacula® is a registered trademark of Kern Sibbald.
24 The licensor of Bacula is the Free Software Foundation Europe
25 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
26 Switzerland, email:ftf@fsfeurope.org.
29 * Bacula File Daemon restore.c Restorefiles.
31 * Kern Sibbald, November MM
42 const bool have_darwin_os = true;
44 const bool have_darwin_os = false;
47 #if defined(HAVE_CRYPTO)
48 const bool have_crypto = true;
50 const bool have_crypto = false;
54 const bool have_acl = true;
56 const bool have_acl = false;
60 const bool have_sha2 = true;
62 const bool have_sha2 = false;
65 #if defined(HAVE_XATTR)
66 const bool have_xattr = true;
68 const bool have_xattr = false;
71 /* Data received from Storage Daemon */
72 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
74 typedef struct restore_cipher_ctx {
75 CIPHER_CONTEXT *cipher;
78 POOLMEM *buf; /* Pointer to descryption buffer */
79 int32_t buf_len; /* Count of bytes currently in buf */
80 int32_t packet_len; /* Total bytes in packet */
87 BFILE bfd; /* File content */
88 uint64_t fileAddr; /* file write address */
89 uint32_t size; /* Size of file */
90 int flags; /* Options for extract_data() */
91 BFILE forkbfd; /* Alternative data stream */
92 uint64_t fork_addr; /* Write address for alternative stream */
93 intmax_t fork_size; /* Size of alternate stream */
94 int fork_flags; /* Options for extract_data() */
95 int32_t type; /* file type FT_ */
96 ATTR *attr; /* Pointer to attributes */
97 bool extract; /* set when extracting */
99 SIGNATURE *sig; /* Cryptographic signature (if any) for file */
100 CRYPTO_SESSION *cs; /* Cryptographic session data (if any) for file */
101 RESTORE_CIPHER_CTX cipher_ctx; /* Cryptographic restore context (if any) for file */
102 RESTORE_CIPHER_CTX fork_cipher_ctx; /* Cryptographic restore context (if any) for alternative stream */
106 /* Forward referenced functions */
107 #if defined(HAVE_LIBZ)
108 static const char *zlib_strerror(int stat);
109 const bool have_libz = true;
111 const bool have_libz = false;
114 static void deallocate_cipher(r_ctx &rctx);
115 static void deallocate_fork_cipher(r_ctx &rctx);
116 static void free_signature(r_ctx &rctx);
117 static void free_session(r_ctx &rctx);
118 static void close_previous_stream(r_ctx &rctx);
122 static bool verify_signature(JCR *jcr, r_ctx &rctx);
123 int32_t extract_data(JCR *jcr, r_ctx &rctx, POOLMEM *buf, int32_t buflen,
124 uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx);
125 bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags,
126 RESTORE_CIPHER_CTX *cipher_ctx);
130 * Close a bfd check that we are at the expected file offset.
131 * Makes use of some code from set_attributes().
133 static int bclose_chksize(JCR *jcr, BFILE *bfd, boffset_t osize)
135 char ec1[50], ec2[50];
138 fsize = blseek(bfd, 0, SEEK_CUR);
139 bclose(bfd); /* first close file */
140 if (fsize > 0 && fsize != osize) {
141 Qmsg3(jcr, M_ERROR, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
142 jcr->last_fname, edit_uint64(osize, ec1),
143 edit_uint64(fsize, ec2));
151 * Restore the requested files.
154 void do_restore(JCR *jcr)
157 uint32_t VolSessionId, VolSessionTime;
159 char ec1[50]; /* Buffer printing huge values */
160 uint32_t buf_size; /* client buffer size */
162 intmax_t rsrc_len = 0; /* Original length of resource fork */
165 /* ***FIXME*** make configurable */
166 crypto_digest_t signing_algorithm = have_sha2 ?
167 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
168 memset(&rctx, 0, sizeof(rctx));
171 /* The following variables keep track of "known unknowns" */
172 int non_support_data = 0;
173 int non_support_attr = 0;
174 int non_support_rsrc = 0;
175 int non_support_finfo = 0;
176 int non_support_acl = 0;
177 int non_support_progname = 0;
178 int non_support_crypto = 0;
179 int non_support_xattr = 0;
181 #ifdef HAVE_DARWIN_OS
182 struct attrlist attrList;
183 memset(&attrList, 0, sizeof(attrList));
184 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
185 attrList.commonattr = ATTR_CMN_FNDRINFO;
189 sd = jcr->store_bsock;
190 set_jcr_job_status(jcr, JS_Running);
193 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
196 buf_size = client->max_network_buffer_size;
198 buf_size = 0; /* use default */
200 if (!bnet_set_buffer_size(sd, buf_size, BNET_SETBUF_WRITE)) {
201 set_jcr_job_status(jcr, JS_ErrorTerminated);
204 jcr->buf_size = sd->msglen;
206 /* St Bernard code goes here if implemented -- see end of file */
209 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
210 jcr->compress_buf = (char *)bmalloc(compress_buf_size);
211 jcr->compress_buf_size = compress_buf_size;
215 rctx.cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
216 if (have_darwin_os) {
217 rctx.fork_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
222 * Get a record from the Storage daemon. We are guaranteed to
223 * receive records in the following order:
224 * 1. Stream record header
225 * 2. Stream data (one or more of the following in the order given)
226 * a. Attributes (Unix or Win32)
227 * b. Possibly stream encryption session data (e.g., symmetric session key)
228 * c. File data for the file
229 * d. Alternate data stream (e.g. Resource Fork)
233 * h. Possibly a cryptographic signature
234 * i. Possibly MD5 or SHA1 record
237 * NOTE: We keep track of two bacula file descriptors:
238 * 1. bfd for file data.
239 * This fd is opened for non empty files when an attribute stream is
240 * encountered and closed when we find the next attribute stream.
241 * 2. fork_bfd for alternate data streams
242 * This fd is opened every time we encounter a new alternate data
243 * stream for the current file. When we find any other stream, we
245 * The expected size of the stream, fork_len, should be set when
247 * 3. Not all the stream data records are required -- e.g. if there
248 * is no fork, there is no alternate data stream, no ACL, ...
251 binit(&rctx.forkbfd);
252 attr = rctx.attr = new_attr(jcr);
254 jcr->acl_data = get_pool_memory(PM_MESSAGE);
255 jcr->total_acl_errors = 0;
258 jcr->xattr_data = get_pool_memory(PM_MESSAGE);
259 jcr->total_xattr_errors = 0;
262 while (bget_msg(sd) >= 0 && !job_canceled(jcr)) {
263 /* Remember previous stream type */
264 rctx.prev_stream = rctx.stream;
266 /* First we expect a Stream Record Header */
267 if (sscanf(sd->msg, rec_header, &VolSessionId, &VolSessionTime, &file_index,
268 &rctx.stream, &rctx.size) != 5) {
269 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), sd->msg);
272 Dmsg5(50, "Got hdr: Files=%d FilInx=%d size=%d Stream=%d, %s.\n",
273 jcr->JobFiles, file_index, rctx.size, rctx.stream, stream_to_ascii(rctx.stream));
275 /* * Now we expect the Stream Data */
276 if (bget_msg(sd) < 0) {
277 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), sd->bstrerror());
280 if (rctx.size != (uint32_t)sd->msglen) {
281 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
282 sd->msglen, rctx.size);
283 Dmsg2(50, "Actual data size %d not same as header %d\n",
284 sd->msglen, rctx.size);
287 Dmsg3(130, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream),
288 sd->msglen, rctx.extract);
290 /* If we change streams, close and reset alternate data streams */
291 if (rctx.prev_stream != rctx.stream) {
292 if (is_bopen(&rctx.forkbfd)) {
293 deallocate_fork_cipher(rctx);
294 bclose_chksize(jcr, &rctx.forkbfd, rctx.fork_size);
296 rctx.fork_size = -1; /* Use an impossible value and set a proper one below */
300 /* File Attributes stream */
301 switch (rctx.stream) {
302 case STREAM_UNIX_ATTRIBUTES:
303 case STREAM_UNIX_ATTRIBUTES_EX:
304 close_previous_stream(rctx); /* if any previous stream open, close it */
307 /* TODO: manage deleted files */
308 if (rctx.type == FT_DELETED) { /* deleted file */
313 * Unpack attributes and do sanity check them
315 if (!unpack_attributes_record(jcr, rctx.stream, sd->msg, attr)) {
319 if (file_index != attr->file_index) {
320 Jmsg(jcr, M_FATAL, 0, _("Record header file index %ld not equal record index %ld\n"),
321 file_index, attr->file_index);
322 Dmsg0(200, "File index error\n");
327 Dmsg3(200, "File %s\nattrib=%s\nattribsEx=%s\n", attr->fname,
328 attr->attr, attr->attrEx);
330 attr->data_stream = decode_stat(attr->attr, &attr->statp, &attr->LinkFI);
332 if (!is_restore_stream_supported(attr->data_stream)) {
333 if (!non_support_data++) {
334 Jmsg(jcr, M_ERROR, 0, _("%s stream not supported on this Client.\n"),
335 stream_to_ascii(attr->data_stream));
340 build_attr_output_fnames(jcr, attr);
343 * Try to actually create the file, which returns a status telling
344 * us if we need to extract or not.
346 jcr->num_files_examined++;
347 rctx.extract = false;
349 stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
351 stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
354 pm_strcpy(jcr->last_fname, attr->ofname);
355 jcr->last_type = attr->type;
357 Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
361 pm_strcpy(jcr->last_fname, attr->ofname);
362 jcr->last_type = attr->type;
364 case CF_EXTRACT: /* File created and we expect file data */
367 case CF_CREATED: /* File created, but there is no content */
370 print_ls_output(jcr, attr);
372 if (have_darwin_os) {
373 /* Only restore the resource fork for regular files */
374 from_base64(&rsrc_len, attr->attrEx);
375 if (attr->type == FT_REG && rsrc_len > 0) {
380 /* set attributes now because file will not be extracted */
382 plugin_set_attributes(jcr, attr, &rctx.bfd);
384 set_attributes(jcr, attr, &rctx.bfd);
392 case STREAM_ENCRYPTED_SESSION_DATA:
393 crypto_error_t cryptoerr;
395 /* Is this an unexpected session data entry? */
397 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
398 rctx.extract = false;
403 /* Do we have any keys at all? */
404 if (!jcr->crypto.pki_recipients) {
405 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
406 rctx.extract = false;
411 if (jcr->crypto.digest) {
412 crypto_digest_free(jcr->crypto.digest);
414 jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
415 if (!jcr->crypto.digest) {
416 Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
417 rctx.extract = false;
422 /* Decode and save session keys. */
423 cryptoerr = crypto_session_decode((uint8_t *)sd->msg, (uint32_t)sd->msglen,
424 jcr->crypto.pki_recipients, &rctx.cs);
426 case CRYPTO_ERROR_NONE:
429 case CRYPTO_ERROR_NORECIPIENT:
430 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
432 case CRYPTO_ERROR_DECRYPTION:
433 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
436 /* Shouldn't happen */
437 Jmsg1(jcr, M_ERROR, 0, _("An error occurred while decoding encrypted session data stream: %s\n"), crypto_strerror(cryptoerr));
441 if (cryptoerr != CRYPTO_ERROR_NONE) {
442 rctx.extract = false;
449 case STREAM_FILE_DATA:
450 case STREAM_SPARSE_DATA:
451 case STREAM_WIN32_DATA:
452 case STREAM_GZIP_DATA:
453 case STREAM_SPARSE_GZIP_DATA:
454 case STREAM_WIN32_GZIP_DATA:
455 case STREAM_ENCRYPTED_FILE_DATA:
456 case STREAM_ENCRYPTED_WIN32_DATA:
457 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
458 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
459 /* Force an expected, consistent stream type here */
460 if (rctx.extract && (rctx.prev_stream == rctx.stream
461 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
462 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
463 || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
466 if (rctx.stream == STREAM_SPARSE_DATA ||
467 rctx.stream == STREAM_SPARSE_GZIP_DATA) {
468 rctx.flags |= FO_SPARSE;
471 if (rctx.stream == STREAM_GZIP_DATA
472 || rctx.stream == STREAM_SPARSE_GZIP_DATA
473 || rctx.stream == STREAM_WIN32_GZIP_DATA
474 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
475 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
476 rctx.flags |= FO_GZIP;
479 if (rctx.stream == STREAM_ENCRYPTED_FILE_DATA
480 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
481 || rctx.stream == STREAM_ENCRYPTED_WIN32_DATA
482 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
483 /* Set up a decryption context */
484 if (!rctx.cipher_ctx.cipher) {
486 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
487 rctx.extract = false;
492 if ((rctx.cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false,
493 &rctx.cipher_ctx.block_size)) == NULL) {
494 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
496 rctx.extract = false;
501 rctx.flags |= FO_ENCRYPT;
504 if (is_win32_stream(rctx.stream) && !have_win32_api()) {
505 set_portable_backup(&rctx.bfd);
506 rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
509 if (extract_data(jcr, rctx, sd->msg, sd->msglen, &rctx.fileAddr,
510 rctx.flags, &rctx.cipher_ctx) < 0) {
517 /* Resource fork stream - only recorded after a file to be restored */
518 /* Silently ignore if we cannot write - we already reported that */
519 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
520 case STREAM_MACOS_FORK_DATA:
521 #ifdef HAVE_DARWIN_OS
523 jcr->ff->flags |= FO_HFSPLUS;
525 if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
526 rctx.fork_flags |= FO_ENCRYPT;
528 /* Set up a decryption context */
529 if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
531 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
532 rctx.extract = false;
537 if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
538 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
540 rctx.extract = false;
548 if (rctx.prev_stream != rctx.stream) {
549 if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
550 Jmsg(jcr, M_ERROR, 0, _(" Cannot open resource fork for %s.\n"), jcr->last_fname);
551 rctx.extract = false;
555 rctx.fork_size = rsrc_len;
556 Dmsg0(130, "Restoring resource fork\n");
559 if (extract_data(jcr, rctx, sd->msg, sd->msglen, &rctx.fork_addr, rctx.fork_flags,
560 &rctx.fork_cipher_ctx) < 0) {
561 bclose(&rctx.forkbfd);
570 case STREAM_HFSPLUS_ATTRIBUTES:
571 #ifdef HAVE_DARWIN_OS
572 Dmsg0(130, "Restoring Finder Info\n");
573 jcr->ff->flags |= FO_HFSPLUS;
574 if (sd->msglen != 32) {
575 Jmsg(jcr, M_ERROR, 0, _(" Invalid length of Finder Info (got %d, not 32)\n"), sd->msglen);
578 if (setattrlist(jcr->last_fname, &attrList, sd->msg, sd->msglen, 0) != 0) {
579 Jmsg(jcr, M_ERROR, 0, _(" Could not set Finder Info on %s\n"), jcr->last_fname);
587 case STREAM_UNIX_ACCESS_ACL:
588 case STREAM_UNIX_DEFAULT_ACL:
589 case STREAM_ACL_AIX_TEXT:
590 case STREAM_ACL_DARWIN_ACCESS_ACL:
591 case STREAM_ACL_FREEBSD_DEFAULT_ACL:
592 case STREAM_ACL_FREEBSD_ACCESS_ACL:
593 case STREAM_ACL_HPUX_ACL_ENTRY:
594 case STREAM_ACL_IRIX_DEFAULT_ACL:
595 case STREAM_ACL_IRIX_ACCESS_ACL:
596 case STREAM_ACL_LINUX_DEFAULT_ACL:
597 case STREAM_ACL_LINUX_ACCESS_ACL:
598 case STREAM_ACL_TRU64_DEFAULT_ACL:
599 case STREAM_ACL_TRU64_DEFAULT_DIR_ACL:
600 case STREAM_ACL_TRU64_ACCESS_ACL:
601 case STREAM_ACL_SOLARIS_ACLENT:
602 case STREAM_ACL_SOLARIS_ACE:
604 * Do not restore ACLs when
605 * a) The current file is not extracted
606 * b) and it is not a directory (they are never "extracted")
607 * c) or the file name is empty
609 if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) {
613 pm_memcpy(jcr->acl_data, sd->msg, sd->msglen);
614 jcr->acl_data_len = sd->msglen;
615 switch (parse_acl_streams(jcr, rctx.stream)) {
616 case bacl_exit_fatal:
618 case bacl_exit_error:
620 * Non-fatal errors, count them and when the number is under ACL_REPORT_ERR_MAX_PER_JOB
621 * print the error message set by the lower level routine in jcr->errmsg.
623 if (jcr->total_acl_errors < ACL_REPORT_ERR_MAX_PER_JOB) {
624 Qmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
626 jcr->total_acl_errors++;
636 case STREAM_XATTR_SOLARIS_SYS:
637 case STREAM_XATTR_SOLARIS:
638 case STREAM_XATTR_DARWIN:
639 case STREAM_XATTR_FREEBSD:
640 case STREAM_XATTR_LINUX:
641 case STREAM_XATTR_NETBSD:
643 * Do not restore Extended Attributes when
644 * a) The current file is not extracted
645 * b) and it is not a directory (they are never "extracted")
646 * c) or the file name is empty
648 if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) {
652 pm_memcpy(jcr->xattr_data, sd->msg, sd->msglen);
653 jcr->xattr_data_len = sd->msglen;
654 switch (parse_xattr_streams(jcr, rctx.stream)) {
655 case bxattr_exit_fatal:
657 case bxattr_exit_error:
659 * Non-fatal errors, count them and when the number is under XATTR_REPORT_ERR_MAX_PER_JOB
660 * print the error message set by the lower level routine in jcr->errmsg.
662 if (jcr->total_xattr_errors < XATTR_REPORT_ERR_MAX_PER_JOB) {
663 Qmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
665 jcr->total_xattr_errors++;
675 case STREAM_SIGNED_DIGEST:
676 /* Is this an unexpected signature? */
678 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
679 free_signature(rctx);
682 /* Save signature. */
683 if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)sd->msg, (uint32_t)sd->msglen)) == NULL) {
684 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
688 case STREAM_MD5_DIGEST:
689 case STREAM_SHA1_DIGEST:
690 case STREAM_SHA256_DIGEST:
691 case STREAM_SHA512_DIGEST:
694 case STREAM_PROGRAM_NAMES:
695 case STREAM_PROGRAM_DATA:
696 if (!non_support_progname) {
697 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
698 non_support_progname++;
702 case STREAM_PLUGIN_NAME:
703 close_previous_stream(rctx);
704 Dmsg1(50, "restore stream_plugin_name=%s\n", sd->msg);
705 plugin_name_stream(jcr, sd->msg);
709 close_previous_stream(rctx);
710 Jmsg(jcr, M_ERROR, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
712 Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, sd->msg);
714 } /* end switch(stream) */
716 } /* end while get_msg() */
719 * If output file is still open, it was the last one in the
720 * archive since we just hit an end of file, so close the file.
722 if (is_bopen(&rctx.forkbfd)) {
723 bclose_chksize(jcr, &rctx.forkbfd, rctx.fork_size);
726 close_previous_stream(rctx);
727 set_jcr_job_status(jcr, JS_Terminated);
731 set_jcr_job_status(jcr, JS_ErrorTerminated);
734 /* Free Signature & Crypto Data */
735 free_signature(rctx);
737 if (jcr->crypto.digest) {
738 crypto_digest_free(jcr->crypto.digest);
739 jcr->crypto.digest = NULL;
742 /* Free file cipher restore context */
743 if (rctx.cipher_ctx.cipher) {
744 crypto_cipher_free(rctx.cipher_ctx.cipher);
745 rctx.cipher_ctx.cipher = NULL;
747 if (rctx.cipher_ctx.buf) {
748 free_pool_memory(rctx.cipher_ctx.buf);
749 rctx.cipher_ctx.buf = NULL;
752 /* Free alternate stream cipher restore context */
753 if (rctx.fork_cipher_ctx.cipher) {
754 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
755 rctx.fork_cipher_ctx.cipher = NULL;
757 if (rctx.fork_cipher_ctx.buf) {
758 free_pool_memory(rctx.fork_cipher_ctx.buf);
759 rctx.fork_cipher_ctx.buf = NULL;
762 if (jcr->compress_buf) {
763 free(jcr->compress_buf);
764 jcr->compress_buf = NULL;
765 jcr->compress_buf_size = 0;
768 if (have_xattr && jcr->xattr_data) {
769 free_pool_memory(jcr->xattr_data);
770 jcr->xattr_data = NULL;
772 if (have_acl && jcr->acl_data) {
773 free_pool_memory(jcr->acl_data);
774 jcr->acl_data = NULL;
777 bclose(&rctx.forkbfd);
779 free_attr(rctx.attr);
780 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
781 edit_uint64(jcr->JobBytes, ec1));
782 if (jcr->total_acl_errors > 0) {
783 Jmsg(jcr, M_ERROR, 0, _("Encountered %ld acl errors while doing restore\n"),
784 jcr->total_acl_errors);
786 if (jcr->total_xattr_errors > 0) {
787 Jmsg(jcr, M_ERROR, 0, _("Encountered %ld xattr errors while doing restore\n"),
788 jcr->total_xattr_errors);
790 if (non_support_data > 1 || non_support_attr > 1) {
791 Jmsg(jcr, M_ERROR, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
792 non_support_data, non_support_attr);
794 if (non_support_rsrc) {
795 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_support_rsrc);
797 if (non_support_finfo) {
798 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_support_rsrc);
800 if (non_support_acl) {
801 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_support_acl);
803 if (non_support_crypto) {
804 Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_support_acl);
806 if (non_support_xattr) {
807 Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_support_xattr);
814 * Convert ZLIB error code into an ASCII message
816 static const char *zlib_strerror(int stat)
823 return _("Zlib errno");
825 return _("Zlib stream error");
827 return _("Zlib data error");
829 return _("Zlib memory error");
831 return _("Zlib buffer error");
832 case Z_VERSION_ERROR:
833 return _("Zlib version error");
840 static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
842 Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
843 return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
847 * Verify the signature for the last restored file
848 * Return value is either true (signature correct)
849 * or false (signature could not be verified).
850 * TODO landonf: Implement without using find_one_file and
851 * without re-reading the file.
853 static bool verify_signature(JCR *jcr, r_ctx &rctx)
855 X509_KEYPAIR *keypair;
856 DIGEST *digest = NULL;
858 uint64_t saved_bytes;
859 crypto_digest_t signing_algorithm = have_sha2 ?
860 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
861 crypto_digest_t algorithm;
862 SIGNATURE *sig = rctx.sig;
865 if (!jcr->crypto.pki_sign) {
866 return true; /* no signature OK */
869 if (rctx.type == FT_REGE || rctx.type == FT_REG || rctx.type == FT_RAW) {
870 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"),
877 /* Iterate through the trusted signers */
878 foreach_alist(keypair, jcr->crypto.pki_signers) {
879 err = crypto_sign_get_digest(sig, jcr->crypto.pki_keypair, algorithm, &digest);
881 case CRYPTO_ERROR_NONE:
882 Dmsg0(50, "== Got digest\n");
884 * We computed jcr->crypto.digest using signing_algorithm while writing
885 * the file. If it is not the same as the algorithm used for
886 * this file, punt by releasing the computed algorithm and
887 * computing by re-reading the file.
889 if (algorithm != signing_algorithm) {
890 if (jcr->crypto.digest) {
891 crypto_digest_free(jcr->crypto.digest);
892 jcr->crypto.digest = NULL;
895 if (jcr->crypto.digest) {
896 /* Use digest computed while writing the file to verify the signature */
897 if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
898 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
899 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
900 jcr->last_fname, crypto_strerror(err));
904 /* Signature found, digest allocated. Old method,
905 * re-read the file and compute the digest
907 jcr->crypto.digest = digest;
909 /* Checksum the entire file */
910 /* Make sure we don't modify JobBytes by saving and restoring it */
911 saved_bytes = jcr->JobBytes;
912 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
913 Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
915 jcr->JobBytes = saved_bytes;
918 jcr->JobBytes = saved_bytes;
920 /* Verify the signature */
921 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
922 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
923 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
924 jcr->last_fname, crypto_strerror(err));
927 jcr->crypto.digest = NULL;
930 /* Valid signature */
931 Dmsg1(50, "Signature good on %s\n", jcr->last_fname);
932 crypto_digest_free(digest);
935 case CRYPTO_ERROR_NOSIGNER:
936 /* Signature not found, try again */
938 crypto_digest_free(digest);
943 /* Something strange happened (that shouldn't happen!)... */
944 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
950 Dmsg1(50, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
954 crypto_digest_free(digest);
959 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length)
964 unser_begin(*data, SPARSE_FADDR_SIZE);
966 if (*addr != faddr) {
968 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
970 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
971 edit_uint64(*addr, ec1), jcr->last_fname,
972 be.bstrerror(bfd->berrno));
976 *data += SPARSE_FADDR_SIZE;
977 *length -= SPARSE_FADDR_SIZE;
981 bool decompress_data(JCR *jcr, char **data, uint32_t *length)
986 char ec1[50]; /* Buffer printing huge values */
989 * NOTE! We only use uLong and Byte because they are
990 * needed by the zlib routines, they should not otherwise
993 compress_len = jcr->compress_buf_size;
994 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
995 if ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
996 (const Byte *)*data, (uLong)*length)) != Z_OK) {
997 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
998 jcr->last_fname, zlib_strerror(stat));
1001 *data = jcr->compress_buf;
1002 *length = compress_len;
1003 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1006 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
1011 static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
1014 if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
1015 unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
1016 unser_uint32(ctx->packet_len);
1017 ctx->packet_len += CRYPTO_LEN_SIZE;
1021 bool store_data(JCR *jcr, BFILE *bfd, char *data, const int32_t length, bool win32_decomp)
1023 if (jcr->crypto.digest) {
1024 crypto_digest_update(jcr->crypto.digest, (uint8_t *)data, length);
1027 if (!processWin32BackupAPIBlock(bfd, data, length)) {
1029 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
1030 jcr->last_fname, be.bstrerror(bfd->berrno));
1033 } else if (bwrite(bfd, data, length) != (ssize_t)length) {
1035 Jmsg2(jcr, M_ERROR, 0, _("Write error on %s: %s\n"),
1036 jcr->last_fname, be.bstrerror(bfd->berrno));
1044 * In the context of jcr, write data to bfd.
1045 * We write buflen bytes in buf at addr. addr is updated in place.
1046 * The flags specify whether to use sparse files or compression.
1047 * Return value is the number of bytes written, or -1 on errors.
1049 int32_t extract_data(JCR *jcr, r_ctx &rctx, POOLMEM *buf, int32_t buflen,
1050 uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx)
1052 BFILE *bfd = &rctx.bfd;
1053 char *wbuf; /* write buffer */
1054 uint32_t wsize; /* write size */
1055 uint32_t rsize; /* read size */
1056 uint32_t decrypted_len = 0; /* Decryption output length */
1057 char ec1[50]; /* Buffer printing huge values */
1060 jcr->ReadBytes += rsize;
1064 if (flags & FO_ENCRYPT) {
1065 ASSERT(cipher_ctx->cipher);
1067 /* NOTE: We must implement block preserving semantics for the
1068 * non-streaming compression and sparse code. */
1071 * Grow the crypto buffer, if necessary.
1072 * crypto_cipher_update() will process only whole blocks,
1073 * buffering the remaining input.
1075 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1076 cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
1078 /* Decrypt the input block */
1079 if (!crypto_cipher_update(cipher_ctx->cipher,
1080 (const u_int8_t *)wbuf,
1082 (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1084 /* Decryption failed. Shouldn't happen. */
1085 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
1089 if (decrypted_len == 0) {
1090 /* No full block of encrypted data available, write more data */
1094 Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
1096 cipher_ctx->buf_len += decrypted_len;
1097 wbuf = cipher_ctx->buf;
1099 /* If one full preserved block is available, write it to disk,
1100 * and then buffer any remaining data. This should be effecient
1101 * as long as Bacula's block size is not significantly smaller than the
1102 * encryption block size (extremely unlikely!) */
1103 unser_crypto_packet_len(cipher_ctx);
1104 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1106 if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
1107 /* No full preserved block is available. */
1111 /* We have one full block, set up the filter input buffers */
1112 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1113 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1114 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1115 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1118 if (flags & FO_SPARSE) {
1119 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1124 if (flags & FO_GZIP) {
1125 if (!decompress_data(jcr, &wbuf, &wsize)) {
1130 if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1133 jcr->JobBytes += wsize;
1135 Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1137 /* Clean up crypto buffers */
1138 if (flags & FO_ENCRYPT) {
1139 /* Move any remaining data to start of buffer */
1140 if (cipher_ctx->buf_len > 0) {
1141 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1142 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1143 cipher_ctx->buf_len);
1145 /* The packet was successfully written, reset the length so that the next
1146 * packet length may be re-read by unser_crypto_packet_len() */
1147 cipher_ctx->packet_len = 0;
1152 rctx.extract = false;
1159 * If extracting, close any previous stream
1161 static void close_previous_stream(r_ctx &rctx)
1164 * If extracting, it was from previous stream, so
1165 * close the output file and validate the signature.
1168 if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
1169 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
1170 Dmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
1171 is_bopen(&rctx.bfd));
1174 if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
1175 deallocate_cipher(rctx);
1176 deallocate_fork_cipher(rctx);
1179 if (rctx.jcr->plugin) {
1180 plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1182 set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1184 rctx.extract = false;
1186 /* Verify the cryptographic signature, if any */
1187 rctx.type = rctx.attr->type;
1188 verify_signature(rctx.jcr, rctx);
1190 /* Free Signature */
1191 free_signature(rctx);
1193 rctx.jcr->ff->flags = 0;
1194 Dmsg0(130, "Stop extracting.\n");
1195 } else if (is_bopen(&rctx.bfd)) {
1196 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
1197 Dmsg0(000, "=== logic error !open\n");
1204 * In the context of jcr, flush any remaining data from the cipher context,
1205 * writing it to bfd.
1206 * Return value is true on success, false on failure.
1208 bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags,
1209 RESTORE_CIPHER_CTX *cipher_ctx)
1211 uint32_t decrypted_len = 0;
1212 char *wbuf; /* write buffer */
1213 uint32_t wsize; /* write size */
1214 char ec1[50]; /* Buffer printing huge values */
1215 bool second_pass = false;
1218 /* Write out the remaining block and free the cipher context */
1219 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf, cipher_ctx->buf_len +
1220 cipher_ctx->block_size);
1222 if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1224 /* Writing out the final, buffered block failed. Shouldn't happen. */
1225 Jmsg3(jcr, M_ERROR, 0, _("Decryption error. buf_len=%d decrypt_len=%d on file %s\n"),
1226 cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
1229 Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
1230 /* If nothing new was decrypted, and our output buffer is empty, return */
1231 if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
1235 cipher_ctx->buf_len += decrypted_len;
1237 unser_crypto_packet_len(cipher_ctx);
1238 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1239 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1240 wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Decrypted, possibly decompressed output here. */
1241 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1242 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1244 if (flags & FO_SPARSE) {
1245 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1250 if (flags & FO_GZIP) {
1251 if (!decompress_data(jcr, &wbuf, &wsize)) {
1256 Dmsg0(130, "Call store_data\n");
1257 if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1260 jcr->JobBytes += wsize;
1261 Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1263 /* Move any remaining data to start of buffer */
1264 if (cipher_ctx->buf_len > 0) {
1265 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1266 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1267 cipher_ctx->buf_len);
1269 /* The packet was successfully written, reset the length so that the next
1270 * packet length may be re-read by unser_crypto_packet_len() */
1271 cipher_ctx->packet_len = 0;
1273 if (cipher_ctx->buf_len >0 && !second_pass) {
1278 /* Stop decryption */
1279 cipher_ctx->buf_len = 0;
1280 cipher_ctx->packet_len = 0;
1285 static void deallocate_cipher(r_ctx &rctx)
1287 /* Flush and deallocate previous stream's cipher context */
1288 if (rctx.cipher_ctx.cipher) {
1289 flush_cipher(rctx.jcr, &rctx.bfd, &rctx.fileAddr, rctx.flags, &rctx.cipher_ctx);
1290 crypto_cipher_free(rctx.cipher_ctx.cipher);
1291 rctx.cipher_ctx.cipher = NULL;
1295 static void deallocate_fork_cipher(r_ctx &rctx)
1298 /* Flush and deallocate previous stream's fork cipher context */
1299 if (rctx.fork_cipher_ctx.cipher) {
1300 flush_cipher(rctx.jcr, &rctx.forkbfd, &rctx.fork_addr, rctx.fork_flags, &rctx.fork_cipher_ctx);
1301 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1302 rctx.fork_cipher_ctx.cipher = NULL;
1306 static void free_signature(r_ctx &rctx)
1309 crypto_sign_free(rctx.sig);
1314 static void free_session(r_ctx &rctx)
1317 crypto_session_free(rctx.cs);
1323 /* This code if implemented goes above */
1324 #ifdef stbernard_implemented
1325 / #if defined(HAVE_WIN32)
1326 bool bResumeOfmOnExit = FALSE;
1327 if (isOpenFileManagerRunning()) {
1328 if ( pauseOpenFileManager() ) {
1329 Jmsg(jcr, M_INFO, 0, _("Open File Manager paused\n") );
1330 bResumeOfmOnExit = TRUE;
1333 Jmsg(jcr, M_ERROR, 0, _("FAILED to pause Open File Manager\n") );
1337 char username[UNLEN+1];
1338 DWORD usize = sizeof(username);
1339 int privs = enable_backup_privileges(NULL, 1);
1340 if (GetUserName(username, &usize)) {
1341 Jmsg2(jcr, M_INFO, 0, _("Running as '%s'. Privmask=%#08x\n"), username,
1343 Jmsg(jcr, M_WARNING, 0, _("Failed to retrieve current UserName\n"));