2 Bacula(R) - The Network Backup Solution
4 Copyright (C) 2000-2017 Kern Sibbald
6 The original author of Bacula is Kern Sibbald, with contributions
7 from many others, a complete list can be found in the file AUTHORS.
9 You may use this file and others of this release according to the
10 license defined in the LICENSE file, which includes the Affero General
11 Public License, v3.0 ("AGPLv3") and some additional permissions and
12 terms pursuant to its AGPLv3 Section 7.
14 This notice must be preserved when any source code is
15 conveyed and/or propagated.
17 Bacula(R) is a registered trademark of Kern Sibbald.
20 * Bacula File Daemon restore.c Restorefiles.
22 * Kern Sibbald, November MM
32 const bool have_darwin_os = true;
34 const bool have_darwin_os = false;
37 #if defined(HAVE_CRYPTO)
38 const bool have_crypto = true;
40 const bool have_crypto = false;
44 const bool have_acl = true;
46 const bool have_acl = false;
50 const bool have_sha2 = true;
52 const bool have_sha2 = false;
55 #if defined(HAVE_XATTR)
56 const bool have_xattr = true;
58 const bool have_xattr = false;
61 /* Data received from Storage Daemon */
62 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
64 /* Forward referenced functions */
65 #if defined(HAVE_LIBZ)
66 static const char *zlib_strerror(int stat);
67 const bool have_libz = true;
69 const bool have_libz = false;
72 const bool have_lzo = true;
74 const bool have_lzo = false;
77 static void deallocate_cipher(r_ctx &rctx);
78 static void deallocate_fork_cipher(r_ctx &rctx);
79 static bool verify_signature(r_ctx &rctx);
80 static void free_signature(r_ctx &rctx);
81 static void free_session(r_ctx &rctx);
82 static bool close_previous_stream(r_ctx &rctx);
83 static int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen);
84 static bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
85 RESTORE_CIPHER_CTX *cipher_ctx);
88 * Close a bfd check that we are at the expected file offset.
89 * Makes use of some code from set_attributes().
91 static int bclose_chksize(r_ctx &rctx, BFILE *bfd, boffset_t osize)
93 char ec1[50], ec2[50];
97 fsize = blseek(bfd, 0, SEEK_CUR);
98 bclose(bfd); /* first close file */
99 if (fsize > 0 && fsize != osize) {
100 Qmsg3(jcr, M_WARNING, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
101 jcr->last_fname, edit_uint64(osize, ec1),
102 edit_uint64(fsize, ec2));
108 #ifdef HAVE_DARWIN_OS
109 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
111 struct attrlist attrList;
113 memset(&attrList, 0, sizeof(attrList));
114 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
115 attrList.commonattr = ATTR_CMN_FNDRINFO;
117 Dmsg0(130, "Restoring Finder Info\n");
118 jcr->ff->flags |= FO_HFSPLUS;
120 Jmsg(jcr, M_WARNING, 0, _("Invalid length of Finder Info (got %d, wanted 32)\n"), buflen);
124 if (setattrlist(jcr->last_fname, &attrList, buf, buflen, 0) != 0) {
125 Jmsg(jcr, M_WARNING, 0, _("Error setting Finder Info on \"%s\"\n"), jcr->last_fname);
133 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
141 * Cleanup of delayed restore stack with streams for later processing.
143 static void drop_delayed_restore_streams(r_ctx &rctx, bool reuse)
145 RESTORE_DATA_STREAM *rds;
147 if (!rctx.delayed_streams) {
149 rctx.delayed_streams = New(alist(10, owned_by_alist));
153 if (rctx.delayed_streams->empty()) {
157 foreach_alist(rds, rctx.delayed_streams) {
163 rctx.delayed_streams->destroy();
165 rctx.delayed_streams->init(10, owned_by_alist);
171 * Push a data stream onto the delayed restore stack for
174 static inline void push_delayed_restore_stream(r_ctx &rctx, char *msg, int msglen)
176 RESTORE_DATA_STREAM *rds;
181 if (!rctx.delayed_streams) {
182 rctx.delayed_streams = New(alist(10, owned_by_alist));
185 rds = (RESTORE_DATA_STREAM *)malloc(sizeof(RESTORE_DATA_STREAM));
186 rds->stream = rctx.stream;
187 rds->content = (char *)malloc(msglen);
188 memcpy(rds->content, msg, msglen);
189 rds->content_length = msglen;
190 rctx.delayed_streams->append(rds);
194 * Perform a restore of an ACL using the stream received.
195 * This can either be a delayed restore or direct restore.
197 static inline bool do_restore_acl(JCR *jcr, int stream, char *content,
198 uint32_t content_length)
203 switch (jcr->xacl->restore_acl(jcr, stream, content, content_length)) {
208 * Non-fatal errors, count them and when the number is under ACL_MAX_ERROR_PRINT_PER_JOB
209 * print the error message set by the lower level routine in jcr->errmsg.
211 if (jcr->xacl->get_acl_nr_errors() < ACL_MAX_ERROR_PRINT_PER_JOB) {
212 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
222 * Perform a restore of an XATTR using the stream received.
223 * This can either be a delayed restore or direct restore.
225 static inline bool do_restore_xattr(JCR *jcr, int stream, char *content,
226 uint32_t content_length)
231 switch (jcr->xacl->restore_xattr(jcr, stream, content, content_length)) {
236 * Non-fatal errors, count them and when the number is under XATTR_MAX_ERROR_PRINT_PER_JOB
237 * print the error message set by the lower level routine in jcr->errmsg.
239 if (jcr->xacl->get_xattr_nr_errors() < XATTR_MAX_ERROR_PRINT_PER_JOB) {
240 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
250 * Restore any data streams that are restored after the file
251 * is fully restored and has its attributes restored. Things
252 * like acls and xattr are restored after we set the file
253 * attributes otherwise we might clear some security flags
254 * by setting the attributes.
256 static inline bool pop_delayed_data_streams(r_ctx &rctx)
258 RESTORE_DATA_STREAM *rds;
262 * See if there is anything todo.
264 if (!rctx.delayed_streams ||
265 rctx.delayed_streams->empty()) {
270 * Only process known delayed data streams here.
271 * If you start using more delayed data streams
272 * be sure to add them in this loop and add the
275 * Currently we support delayed data stream
276 * processing for the following type of streams:
280 foreach_alist(rds, rctx.delayed_streams) {
281 switch (rds->stream) {
282 case STREAM_UNIX_ACCESS_ACL:
283 case STREAM_UNIX_DEFAULT_ACL:
284 case STREAM_XACL_AIX_TEXT:
285 case STREAM_XACL_DARWIN_ACCESS:
286 case STREAM_XACL_FREEBSD_DEFAULT:
287 case STREAM_XACL_FREEBSD_ACCESS:
288 case STREAM_XACL_HPUX_ACL_ENTRY:
289 case STREAM_XACL_IRIX_DEFAULT:
290 case STREAM_XACL_IRIX_ACCESS:
291 case STREAM_XACL_LINUX_DEFAULT:
292 case STREAM_XACL_LINUX_ACCESS:
293 case STREAM_XACL_TRU64_DEFAULT:
294 case STREAM_XACL_TRU64_DEFAULT_DIR:
295 case STREAM_XACL_TRU64_ACCESS:
296 case STREAM_XACL_SOLARIS_POSIX:
297 case STREAM_XACL_SOLARIS_NFS4:
298 case STREAM_XACL_AFS_TEXT:
299 case STREAM_XACL_AIX_AIXC:
300 case STREAM_XACL_AIX_NFS4:
301 case STREAM_XACL_FREEBSD_NFS4:
302 case STREAM_XACL_HURD_DEFAULT:
303 case STREAM_XACL_HURD_ACCESS:
304 if (!do_restore_acl(jcr, rds->stream, rds->content, rds->content_length)) {
308 case STREAM_XACL_HURD_XATTR:
309 case STREAM_XACL_IRIX_XATTR:
310 case STREAM_XACL_TRU64_XATTR:
311 case STREAM_XACL_AIX_XATTR:
312 case STREAM_XACL_OPENBSD_XATTR:
313 case STREAM_XACL_SOLARIS_SYS_XATTR:
314 case STREAM_XACL_DARWIN_XATTR:
315 case STREAM_XACL_FREEBSD_XATTR:
316 case STREAM_XACL_LINUX_XATTR:
317 case STREAM_XACL_NETBSD_XATTR:
318 if (!do_restore_xattr(jcr, rds->stream, rds->content, rds->content_length)) {
323 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
333 drop_delayed_restore_streams(rctx, true);
337 drop_delayed_restore_streams(rctx, true);
343 * Restore the requested files.
345 void do_restore(JCR *jcr)
348 uint32_t VolSessionId, VolSessionTime;
350 char ec1[50]; /* Buffer printing huge values */
351 uint32_t buf_size; /* client buffer size */
353 int64_t rsrc_len = 0; /* Original length of resource fork */
357 /* ***FIXME*** make configurable */
358 crypto_digest_t signing_algorithm = have_sha2 ?
359 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
360 memset(&rctx, 0, sizeof(rctx));
363 /* The following variables keep track of "known unknowns" */
364 int non_suppored_data = 0;
365 int non_suppored_attr = 0;
366 int non_suppored_rsrc = 0;
367 int non_suppored_finfo = 0;
368 int non_suppored_acl = 0;
369 int non_suppored_progname = 0;
370 int non_suppored_crypto = 0;
371 int non_suppored_xattr = 0;
373 sd = jcr->store_bsock;
374 jcr->setJobStatus(JS_Running);
377 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
380 buf_size = client->max_network_buffer_size;
382 buf_size = 0; /* use default */
384 if (!sd->set_buffer_size(buf_size, BNET_SETBUF_WRITE)) {
385 jcr->setJobStatus(JS_ErrorTerminated);
388 jcr->buf_size = sd->msglen;
390 /* use the same buffer size to decompress both gzip and lzo */
391 if (have_libz || have_lzo) {
392 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
393 jcr->compress_buf = get_memory(compress_buf_size);
394 jcr->compress_buf_size = compress_buf_size;
398 fdmsg = New(GetMsg(jcr, sd, rec_header, GETMSG_MAX_MSG_SIZE));
400 fdmsg->start_read_sock();
401 bmessage *bmsg = fdmsg->new_msg(); /* get a message, to exchange with fdmsg */
404 if (lzo_init() != LZO_E_OK) {
405 Jmsg(jcr, M_FATAL, 0, _("LZO init failed\n"));
411 rctx.cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
412 if (have_darwin_os) {
413 rctx.fork_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
418 * Get a record from the Storage daemon. We are guaranteed to
419 * receive records in the following order:
420 * 1. Stream record header
421 * 2. Stream data (one or more of the following in the order given)
422 * a. Attributes (Unix or Windows)
423 * b. Possibly stream encryption session data (e.g., symmetric session key)
424 * c. File data for the file
425 * d. Alternate data stream (e.g. Resource Fork)
429 * h. Possibly a cryptographic signature
430 * i. Possibly MD5 or SHA1 record
433 * NOTE: We keep track of two bacula file descriptors:
434 * 1. bfd for file data.
435 * This fd is opened for non empty files when an attribute stream is
436 * encountered and closed when we find the next attribute stream.
437 * 2. fork_bfd for alternate data streams
438 * This fd is opened every time we encounter a new alternate data
439 * stream for the current file. When we find any other stream, we
441 * The expected size of the stream, fork_len, should be set when
443 * 3. Not all the stream data records are required -- e.g. if there
444 * is no fork, there is no alternate data stream, no ACL, ...
447 binit(&rctx.forkbfd);
448 attr = rctx.attr = new_attr(jcr);
449 jcr->xacl = (XACL*)new_xacl();
452 while ((bget_ret = fdmsg->bget_msg(&bmsg)) >= 0 && !job_canceled(jcr)) {
453 time_t now = time(NULL);
454 if (jcr->last_stat_time == 0) {
455 jcr->last_stat_time = now;
456 jcr->stat_interval = 30; /* Default 30 seconds */
457 } else if (now >= jcr->last_stat_time + jcr->stat_interval) {
458 jcr->dir_bsock->fsend("Progress JobId=%ld files=%ld bytes=%lld bps=%ld\n",
459 jcr->JobId, jcr->JobFiles, jcr->JobBytes, jcr->LastRate);
460 jcr->last_stat_time = now;
463 /* Remember previous stream type */
464 rctx.prev_stream = rctx.stream;
466 /* First we expect a Stream Record Header */
468 if (sscanf(bmsg->rbuf, rec_header, &VolSessionId, &VolSessionTime, &file_index,
469 &rctx.full_stream, &rctx.size) != 5) {
470 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), bmsg->rbuf);
473 /* Strip off new stream high bits */
474 rctx.stream = rctx.full_stream & STREAMMASK_TYPE;
476 /* Now we expect the Stream Data */
477 if ((bget_ret = fdmsg->bget_msg(&bmsg)) < 0) {
478 if (bget_ret != BNET_EXT_TERMINATE) {
479 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), sd->bstrerror());
481 /* The error has been handled somewhere else, just quit */
485 if (rctx.size != (uint32_t)bmsg->origlen) {
486 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
487 bmsg->origlen, rctx.size);
488 Dmsg2(50, "Actual data size %d not same as header %d\n",
489 bmsg->origlen, rctx.size);
493 /* If we change streams, close and reset alternate data streams */
494 if (rctx.prev_stream != rctx.stream) {
495 if (is_bopen(&rctx.forkbfd)) {
496 deallocate_fork_cipher(rctx);
497 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
499 /* Use an impossible value and set a proper one below */
504 /* File Attributes stream */
505 switch (rctx.stream) {
506 case STREAM_UNIX_ATTRIBUTES:
507 case STREAM_UNIX_ATTRIBUTES_EX:
508 /* if any previous stream open, close it */
509 if (!close_previous_stream(rctx)) {
514 * TODO: manage deleted files
516 if (rctx.type == FT_DELETED) { /* deleted file */
520 * Restore objects should be ignored here -- they are
521 * returned at the beginning of the restore.
523 if (IS_FT_OBJECT(rctx.type)) {
528 * Unpack attributes and do sanity check them
530 if (!unpack_attributes_record(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen, attr)) {
534 attr->data_stream = decode_stat(attr->attr, &attr->statp, sizeof(attr->statp), &attr->LinkFI);
536 Dmsg5(100, "Stream %d: %s, File %s\nattrib=%s\nattribsEx=%s\n",
537 attr->data_stream, stream_to_ascii(attr->data_stream),
538 attr->fname, attr->attr, attr->attrEx);
539 Dmsg3(100, "=== msglen=%d attrExlen=%d msg=%s\n", bmsg->rbuflen,
540 strlen(attr->attrEx), bmsg->rbuf);
542 if (!is_restore_stream_supported(attr->data_stream)) {
543 Dmsg2(15, "Non-supported data stream %d: %s\n",
544 attr->data_stream, stream_to_ascii(attr->data_stream));
545 if (!non_suppored_data++) {
546 Jmsg(jcr, M_WARNING, 0, _("%s stream not supported on this Client.\n"),
547 stream_to_ascii(attr->data_stream));
552 build_attr_output_fnames(jcr, attr);
555 * Try to actually create the file, which returns a status telling
556 * us if we need to extract or not.
558 jcr->num_files_examined++;
559 rctx.extract = false;
560 stat = CF_CORE; /* By default, let Bacula's core handle it */
563 stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
566 if (stat == CF_CORE) {
567 stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
570 pm_strcpy(jcr->last_fname, attr->ofname);
571 jcr->last_type = attr->type;
573 Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
579 case CF_EXTRACT: /* File created and we expect file data */
581 /* FALLTHROUGH WANTED */
582 case CF_CREATED: /* File created, but there is no content */
583 /* File created, but there is no content */
585 print_ls_output(jcr, attr);
587 if (have_darwin_os) {
588 /* Only restore the resource fork for regular files */
589 from_base64(&rsrc_len, attr->attrEx);
590 if (attr->type == FT_REG && rsrc_len > 0) {
595 * Do not count the resource forks as regular files being restored.
605 /* set attributes now because file will not be extracted */
607 plugin_set_attributes(jcr, attr, &rctx.bfd);
609 set_attributes(jcr, attr, &rctx.bfd);
618 case STREAM_ENCRYPTED_SESSION_DATA:
619 crypto_error_t cryptoerr;
621 /* The current file will not be extracted, do not create a crypto session */
626 /* Is this an unexpected session data entry? */
628 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
629 rctx.extract = false;
634 /* Do we have any keys at all? */
635 if (!jcr->crypto.pki_recipients) {
636 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
637 rctx.extract = false;
642 if (jcr->crypto.digest) {
643 crypto_digest_free(jcr->crypto.digest);
645 jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
646 if (!jcr->crypto.digest) {
647 Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
648 rctx.extract = false;
653 /* Decode and save session keys. */
654 cryptoerr = crypto_session_decode((uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen,
655 jcr->crypto.pki_recipients, &rctx.cs);
657 case CRYPTO_ERROR_NONE:
660 case CRYPTO_ERROR_NORECIPIENT:
661 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
663 case CRYPTO_ERROR_DECRYPTION:
664 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
666 case CRYPTO_ERROR_NOSIGNER:
667 Jmsg(jcr, M_ERROR, 0, _("Signer not found. Decryption failed.\n"));
669 case CRYPTO_ERROR_INVALID_DIGEST:
670 Jmsg(jcr, M_ERROR, 0, _("Unsupported digest algorithm. Decrypt failed.\n"));
672 case CRYPTO_ERROR_INVALID_CRYPTO:
673 Jmsg(jcr, M_ERROR, 0, _("Unsupported encryption algorithm. Decrypt failed.\n"));
676 /* This shouldn't happen */
677 Jmsg2(jcr, M_ERROR, 0, _("An error=%d occurred while decoding encrypted session data stream: ERR=%s\n"),
678 cryptoerr, crypto_strerror(cryptoerr));
682 if (cryptoerr != CRYPTO_ERROR_NONE) {
683 rctx.extract = false;
690 case STREAM_FILE_DATA:
691 case STREAM_SPARSE_DATA:
692 case STREAM_WIN32_DATA:
693 case STREAM_GZIP_DATA:
694 case STREAM_SPARSE_GZIP_DATA:
695 case STREAM_WIN32_GZIP_DATA:
696 case STREAM_COMPRESSED_DATA:
697 case STREAM_SPARSE_COMPRESSED_DATA:
698 case STREAM_WIN32_COMPRESSED_DATA:
699 case STREAM_ENCRYPTED_FILE_DATA:
700 case STREAM_ENCRYPTED_WIN32_DATA:
701 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
702 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
703 case STREAM_ENCRYPTED_FILE_COMPRESSED_DATA:
704 case STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA:
705 /* Force an expected, consistent stream type here */
706 if (rctx.extract && (rctx.prev_stream == rctx.stream
707 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
708 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
709 || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
712 if (rctx.stream == STREAM_SPARSE_DATA
713 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
714 || rctx.stream == STREAM_SPARSE_GZIP_DATA)
716 rctx.flags |= FO_SPARSE;
719 if (rctx.stream == STREAM_GZIP_DATA
720 || rctx.stream == STREAM_SPARSE_GZIP_DATA
721 || rctx.stream == STREAM_WIN32_GZIP_DATA
722 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
723 || rctx.stream == STREAM_COMPRESSED_DATA
724 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
725 || rctx.stream == STREAM_WIN32_COMPRESSED_DATA
726 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
727 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
728 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
729 rctx.flags |= FO_COMPRESS;
730 rctx.comp_stream = rctx.stream;
733 if (rctx.stream == STREAM_ENCRYPTED_FILE_DATA
734 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
735 || rctx.stream == STREAM_ENCRYPTED_WIN32_DATA
736 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
737 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
738 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
739 /* Set up a decryption context */
740 if (!rctx.cipher_ctx.cipher) {
742 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
743 rctx.extract = false;
748 if ((rctx.cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false,
749 &rctx.cipher_ctx.block_size)) == NULL) {
750 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
752 rctx.extract = false;
757 rctx.flags |= FO_ENCRYPT;
760 if (is_win32_stream(rctx.stream) &&
761 (win32decomp || !have_win32_api())) {
762 set_portable_backup(&rctx.bfd);
763 rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
766 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
767 rctx.extract = false;
775 * Resource fork stream - only recorded after a file to be restored
776 * Silently ignore if we cannot write - we already reported that
778 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
779 case STREAM_MACOS_FORK_DATA:
780 if (have_darwin_os) {
782 jcr->ff->flags |= FO_HFSPLUS;
784 if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
785 rctx.fork_flags |= FO_ENCRYPT;
787 /* Set up a decryption context */
788 if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
790 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
791 rctx.extract = false;
796 if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
797 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
799 rctx.extract = false;
807 if (rctx.prev_stream != rctx.stream) {
808 if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
809 Jmsg(jcr, M_WARNING, 0, _("Cannot open resource fork for %s.\n"), jcr->last_fname);
810 rctx.extract = false;
814 rctx.fork_size = rsrc_len;
815 Dmsg0(130, "Restoring resource fork\n");
818 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
819 rctx.extract = false;
820 bclose(&rctx.forkbfd);
829 case STREAM_HFSPLUS_ATTRIBUTES:
830 if (have_darwin_os) {
831 if (!restore_finderinfo(jcr, bmsg->rbuf, bmsg->rbuflen)) {
835 non_suppored_finfo++;
839 case STREAM_UNIX_ACCESS_ACL:
840 case STREAM_UNIX_DEFAULT_ACL:
841 case STREAM_XACL_AIX_TEXT:
842 case STREAM_XACL_DARWIN_ACCESS:
843 case STREAM_XACL_FREEBSD_DEFAULT:
844 case STREAM_XACL_FREEBSD_ACCESS:
845 case STREAM_XACL_HPUX_ACL_ENTRY:
846 case STREAM_XACL_IRIX_DEFAULT:
847 case STREAM_XACL_IRIX_ACCESS:
848 case STREAM_XACL_LINUX_DEFAULT:
849 case STREAM_XACL_LINUX_ACCESS:
850 case STREAM_XACL_TRU64_DEFAULT:
851 case STREAM_XACL_TRU64_DEFAULT_DIR:
852 case STREAM_XACL_TRU64_ACCESS:
853 case STREAM_XACL_SOLARIS_POSIX:
854 case STREAM_XACL_SOLARIS_NFS4:
855 case STREAM_XACL_AFS_TEXT:
856 case STREAM_XACL_AIX_AIXC:
857 case STREAM_XACL_AIX_NFS4:
858 case STREAM_XACL_FREEBSD_NFS4:
859 case STREAM_XACL_HURD_DEFAULT:
860 case STREAM_XACL_HURD_ACCESS:
862 * Do not restore ACLs when
863 * a) The current file is not extracted
864 * b) and it is not a directory (they are never "extracted")
865 * c) or the file name is empty
867 if ((!rctx.extract &&
868 jcr->last_type != FT_DIREND) ||
869 (*jcr->last_fname == 0)) {
874 * For anything that is not a directory we delay
875 * the restore of acls till a later stage.
877 if (jcr->last_type != FT_DIREND) {
878 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
880 if (!do_restore_acl(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
889 case STREAM_XACL_HURD_XATTR:
890 case STREAM_XACL_IRIX_XATTR:
891 case STREAM_XACL_TRU64_XATTR:
892 case STREAM_XACL_AIX_XATTR:
893 case STREAM_XACL_OPENBSD_XATTR:
894 case STREAM_XACL_SOLARIS_SYS_XATTR:
895 case STREAM_XACL_DARWIN_XATTR:
896 case STREAM_XACL_FREEBSD_XATTR:
897 case STREAM_XACL_LINUX_XATTR:
898 case STREAM_XACL_NETBSD_XATTR:
900 * Do not restore Extended Attributes when
901 * a) The current file is not extracted
902 * b) and it is not a directory (they are never "extracted")
903 * c) or the file name is empty
905 if ((!rctx.extract &&
906 jcr->last_type != FT_DIREND) ||
907 (*jcr->last_fname == 0)) {
912 * For anything that is not a directory we delay
913 * the restore of xattr till a later stage.
915 if (jcr->last_type != FT_DIREND) {
916 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
918 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
923 non_suppored_xattr++;
927 case STREAM_XACL_SOLARIS_XATTR:
929 * Do not restore Extended Attributes when
930 * a) The current file is not extracted
931 * b) and it is not a directory (they are never "extracted")
932 * c) or the file name is empty
934 if ((!rctx.extract &&
935 jcr->last_type != FT_DIREND) ||
936 (*jcr->last_fname == 0)) {
940 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
944 non_suppored_xattr++;
948 case STREAM_SIGNED_DIGEST:
949 /* Is this an unexpected signature? */
951 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
952 free_signature(rctx);
955 /* Save signature. */
956 if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen)) == NULL) {
957 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
961 case STREAM_MD5_DIGEST:
962 case STREAM_SHA1_DIGEST:
963 case STREAM_SHA256_DIGEST:
964 case STREAM_SHA512_DIGEST:
967 case STREAM_PROGRAM_NAMES:
968 case STREAM_PROGRAM_DATA:
969 if (!non_suppored_progname) {
970 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
971 non_suppored_progname++;
975 case STREAM_PLUGIN_NAME:
976 if (!close_previous_stream(rctx)) {
979 Dmsg1(150, "restore stream_plugin_name=%s\n", bmsg->rbuf);
980 plugin_name_stream(jcr, bmsg->rbuf);
983 case STREAM_RESTORE_OBJECT:
984 break; /* these are sent by Director */
987 if (!close_previous_stream(rctx)) {
990 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
992 Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, bmsg->rbuf);
994 } /* end switch(stream) */
996 /* Debug code: check if we must hangup or blowup */
997 if (handle_hangup_blowup(jcr, jcr->JobFiles, jcr->JobBytes)) {
1002 } /* end while bufmsg->bget_msg(&bmsg)) */
1004 if (bget_ret == BNET_EXT_TERMINATE) {
1008 * If output file is still open, it was the last one in the
1009 * archive since we just hit an end of file, so close the file.
1011 if (is_bopen(&rctx.forkbfd)) {
1012 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
1015 if (!close_previous_stream(rctx)) {
1018 jcr->setJobStatus(JS_Terminated);
1022 jcr->setJobStatus(JS_ErrorTerminated);
1026 fdmsg->wait_read_sock(jcr->is_job_canceled());
1031 * First output the statistics.
1033 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
1034 edit_uint64(jcr->JobBytes, ec1));
1037 if (jcr->xacl->get_acl_nr_errors() > 0) {
1038 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld acl errors while doing restore\n"), jcr->xacl->get_acl_nr_errors());
1040 if (jcr->xacl->get_xattr_nr_errors() > 0) {
1041 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld xattr errors while doing restore\n"), jcr->xacl->get_xattr_nr_errors());
1044 if (non_suppored_data > 1 || non_suppored_attr > 1) {
1045 Jmsg(jcr, M_WARNING, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
1046 non_suppored_data, non_suppored_attr);
1048 if (non_suppored_rsrc) {
1049 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_suppored_rsrc);
1051 if (non_suppored_finfo) {
1052 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_suppored_finfo);
1054 if (non_suppored_acl) {
1055 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_suppored_acl);
1057 if (non_suppored_crypto) {
1058 Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_suppored_acl);
1060 if (non_suppored_xattr) {
1061 Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_suppored_xattr);
1064 /* Free Signature & Crypto Data */
1065 free_signature(rctx);
1067 if (jcr->crypto.digest) {
1068 crypto_digest_free(jcr->crypto.digest);
1069 jcr->crypto.digest = NULL;
1072 /* Free file cipher restore context */
1073 if (rctx.cipher_ctx.cipher) {
1074 crypto_cipher_free(rctx.cipher_ctx.cipher);
1075 rctx.cipher_ctx.cipher = NULL;
1078 if (rctx.cipher_ctx.buf) {
1079 free_pool_memory(rctx.cipher_ctx.buf);
1080 rctx.cipher_ctx.buf = NULL;
1083 /* Free alternate stream cipher restore context */
1084 if (rctx.fork_cipher_ctx.cipher) {
1085 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1086 rctx.fork_cipher_ctx.cipher = NULL;
1088 if (rctx.fork_cipher_ctx.buf) {
1089 free_pool_memory(rctx.fork_cipher_ctx.buf);
1090 rctx.fork_cipher_ctx.buf = NULL;
1093 if (jcr->compress_buf) {
1094 free_pool_memory(jcr->compress_buf);
1095 jcr->compress_buf = NULL;
1096 jcr->compress_buf_size = 0;
1104 /* Free the delayed stream stack list. */
1105 if (rctx.delayed_streams) {
1106 drop_delayed_restore_streams(rctx, false);
1107 delete rctx.delayed_streams;
1111 bclose(&rctx.forkbfd);
1113 free_attr(rctx.attr);
1118 * Convert ZLIB error code into an ASCII message
1120 static const char *zlib_strerror(int stat)
1127 return _("Zlib errno");
1128 case Z_STREAM_ERROR:
1129 return _("Zlib stream error");
1131 return _("Zlib data error");
1133 return _("Zlib memory error");
1135 return _("Zlib buffer error");
1136 case Z_VERSION_ERROR:
1137 return _("Zlib version error");
1144 static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
1146 Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
1147 return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
1150 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length, int flags)
1155 unser_begin(*data, OFFSET_FADDR_SIZE);
1156 unser_uint64(faddr);
1157 /* We seek only if we have a SPARSE stream, not for OFFSET */
1158 if ((flags & FO_SPARSE) && *addr != faddr) {
1160 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
1162 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
1163 edit_uint64(*addr, ec1), jcr->last_fname,
1164 be.bstrerror(bfd->berrno));
1168 *data += OFFSET_FADDR_SIZE;
1169 *length -= OFFSET_FADDR_SIZE;
1173 bool decompress_data(JCR *jcr, int32_t stream, char **data, uint32_t *length)
1175 #if defined(HAVE_LZO) || defined(HAVE_LIBZ)
1176 char ec1[50]; /* Buffer printing huge values */
1179 Dmsg1(200, "Stream found in decompress_data(): %d\n", stream);
1180 if(stream == STREAM_COMPRESSED_DATA || stream == STREAM_SPARSE_COMPRESSED_DATA || stream == STREAM_WIN32_COMPRESSED_DATA
1181 || stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA || stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA)
1183 uint32_t comp_magic, comp_len;
1184 uint16_t comp_level, comp_version;
1186 lzo_uint compress_len;
1187 const unsigned char *cbuf;
1188 int r, real_compress_len;
1191 /* read compress header */
1193 unser_begin(*data, sizeof(comp_stream_header));
1194 unser_uint32(comp_magic);
1195 unser_uint32(comp_len);
1196 unser_uint16(comp_level);
1197 unser_uint16(comp_version);
1198 Dmsg4(200, "Compressed data stream found: magic=0x%x, len=%d, level=%d, ver=0x%x\n", comp_magic, comp_len,
1199 comp_level, comp_version);
1202 if (comp_version != COMP_HEAD_VERSION) {
1203 Qmsg(jcr, M_ERROR, 0, _("Compressed header version error. Got=0x%x want=0x%x\n"), comp_version, COMP_HEAD_VERSION);
1207 if (comp_len + sizeof(comp_stream_header) != *length) {
1208 Qmsg(jcr, M_ERROR, 0, _("Compressed header size error. comp_len=%d, msglen=%d\n"),
1212 switch(comp_magic) {
1214 case COMPRESS_LZO1X:
1215 compress_len = jcr->compress_buf_size;
1216 cbuf = (const unsigned char*)*data + sizeof(comp_stream_header);
1217 real_compress_len = *length - sizeof(comp_stream_header);
1218 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1219 while ((r=lzo1x_decompress_safe(cbuf, real_compress_len,
1220 (unsigned char *)jcr->compress_buf, &compress_len, NULL)) == LZO_E_OUTPUT_OVERRUN)
1223 * The buffer size is too small, try with a bigger one
1225 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1226 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1227 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1230 if (r != LZO_E_OK) {
1231 Qmsg(jcr, M_ERROR, 0, _("LZO uncompression error on file %s. ERR=%d\n"),
1232 jcr->last_fname, r);
1235 *data = jcr->compress_buf;
1236 *length = compress_len;
1237 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1241 Qmsg(jcr, M_ERROR, 0, _("Compression algorithm 0x%x found, but not supported!\n"), comp_magic);
1250 * NOTE! We only use uLong and Byte because they are
1251 * needed by the zlib routines, they should not otherwise
1252 * be used in Bacula.
1254 compress_len = jcr->compress_buf_size;
1255 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1256 while ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
1257 (const Byte *)*data, (uLong)*length)) == Z_BUF_ERROR)
1259 /* The buffer size is too small, try with a bigger one. */
1260 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1261 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1262 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1266 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
1267 jcr->last_fname, zlib_strerror(stat));
1270 *data = jcr->compress_buf;
1271 *length = compress_len;
1272 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1275 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
1281 static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
1284 if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
1285 unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
1286 unser_uint32(ctx->packet_len);
1287 ctx->packet_len += CRYPTO_LEN_SIZE;
1291 static bool store_data(r_ctx &rctx, char *data, const int32_t length, bool win32_decomp)
1293 JCR *jcr = rctx.jcr;
1294 BFILE *bfd = &rctx.bfd;
1297 if (jcr->crypto.digest) {
1298 crypto_digest_update(jcr->crypto.digest, (uint8_t *)data, length);
1301 if (!processWin32BackupAPIBlock(bfd, data, length)) {
1303 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
1304 jcr->last_fname, be.bstrerror(bfd->berrno));
1307 } else if ((wstat=bwrite(bfd, data, length)) != (ssize_t)length) {
1310 int len = strlen(jcr->last_fname);
1312 * If this is the first write and the "file" is a directory
1313 * or a drive letter, then only issue a warning as we are
1314 * not able to reset the metadata, then continue.
1315 * If the above is true and we have an error code 91
1316 * (directory not empty), supress the error entirely.
1318 if (bfd->block == 0 && len >= 2 && (jcr->last_fname[len-1] == '/' ||
1319 jcr->last_fname[len-1] == ':')) {
1321 if (bfd->lerror == 91) { /* Directory not empty */
1322 type = 0; /* suppress error */
1327 /* Insufficient bytes written */
1328 Jmsg4(jcr, type, 0, _("Wrong write size error at byte=%lld block=%d wanted=%d wrote=%d\n"),
1329 bfd->total_bytes, bfd->block, length, wstat);
1332 Jmsg6(jcr, type, 0, _("Write error at byte=%lld block=%d write_len=%d lerror=%d on %s: ERR=%s\n"),
1333 bfd->total_bytes, bfd->block, length, bfd->lerror,
1334 jcr->last_fname, be.bstrerror(bfd->berrno));
1338 /* Ignore errors? */
1339 if (type == M_WARNING || type == 0 || no_win32_write_errors) {
1348 * In the context of jcr, write data to bfd.
1349 * We write buflen bytes in buf at addr. addr is updated in place.
1350 * The flags specify whether to use sparse files or compression.
1351 * Return value is the number of bytes written, or -1 on errors.
1353 int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen)
1355 JCR *jcr = rctx.jcr;
1356 BFILE *bfd = &rctx.bfd;
1357 int flags = rctx.flags;
1358 int32_t stream = rctx.stream;
1359 RESTORE_CIPHER_CTX *cipher_ctx = &rctx.cipher_ctx;
1360 char *wbuf; /* write buffer */
1361 uint32_t wsize; /* write size */
1362 uint32_t rsize; /* read size */
1363 uint32_t decrypted_len = 0; /* Decryption output length */
1364 char ec1[50]; /* Buffer printing huge values */
1367 jcr->ReadBytes += rsize;
1371 if (flags & FO_ENCRYPT) {
1372 ASSERT(cipher_ctx->cipher);
1375 * Grow the crypto buffer, if necessary.
1376 * crypto_cipher_update() will process only whole blocks,
1377 * buffering the remaining input.
1379 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1380 cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
1382 /* Decrypt the input block */
1383 if (!crypto_cipher_update(cipher_ctx->cipher,
1384 (const u_int8_t *)wbuf,
1386 (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1388 /* Decryption failed. Shouldn't happen. */
1389 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
1393 if (decrypted_len == 0) {
1394 /* No full block of encrypted data available, write more data */
1398 Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
1400 cipher_ctx->buf_len += decrypted_len;
1401 wbuf = cipher_ctx->buf;
1403 /* If one full preserved block is available, write it to disk,
1404 * and then buffer any remaining data. This should be effecient
1405 * as long as Bacula's block size is not significantly smaller than the
1406 * encryption block size (extremely unlikely!)
1408 unser_crypto_packet_len(cipher_ctx);
1409 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1411 if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
1412 /* No full preserved block is available. */
1416 /* We have one full block, set up the filter input buffers */
1417 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1418 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1419 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1420 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1423 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1424 if (!sparse_data(jcr, bfd, &rctx.fileAddr, &wbuf, &wsize, flags)) {
1429 if (flags & FO_COMPRESS) {
1430 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1435 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1438 jcr->JobBytes += wsize;
1439 rctx.fileAddr += wsize;
1440 Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1442 /* Clean up crypto buffers */
1443 if (flags & FO_ENCRYPT) {
1444 /* Move any remaining data to start of buffer */
1445 if (cipher_ctx->buf_len > 0) {
1446 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1447 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1448 cipher_ctx->buf_len);
1450 /* The packet was successfully written, reset the length so that
1451 * the next packet length may be re-read by unser_crypto_packet_len() */
1452 cipher_ctx->packet_len = 0;
1461 * If extracting, close any previous stream
1463 static bool close_previous_stream(r_ctx &rctx)
1468 * If extracting, it was from previous stream, so
1469 * close the output file and validate the signature.
1472 if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
1473 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
1474 Pmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
1475 is_bopen(&rctx.bfd));
1478 if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
1479 deallocate_cipher(rctx);
1480 deallocate_fork_cipher(rctx);
1483 if (rctx.jcr->plugin) {
1484 plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1486 set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1488 rctx.extract = false;
1490 /* Now perform the delayed restore of some specific data streams. */
1491 rtn = pop_delayed_data_streams(rctx);
1493 /* Verify the cryptographic signature, if any */
1494 rctx.type = rctx.attr->type;
1495 verify_signature(rctx);
1497 /* Free Signature */
1498 free_signature(rctx);
1500 rctx.jcr->ff->flags = 0;
1501 Dmsg0(130, "Stop extracting.\n");
1502 } else if (is_bopen(&rctx.bfd)) {
1503 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
1504 Pmsg0(000, "=== logic error !open\n");
1512 * In the context of jcr, flush any remaining data from the cipher context,
1513 * writing it to bfd.
1514 * Return value is true on success, false on failure.
1516 bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
1517 RESTORE_CIPHER_CTX *cipher_ctx)
1519 JCR *jcr = rctx.jcr;
1520 uint32_t decrypted_len = 0;
1521 char *wbuf; /* write buffer */
1522 uint32_t wsize; /* write size */
1523 char ec1[50]; /* Buffer printing huge values */
1524 bool second_pass = false;
1527 /* Write out the remaining block and free the cipher context */
1528 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1529 cipher_ctx->buf_len + cipher_ctx->block_size);
1531 if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1533 /* Writing out the final, buffered block failed. Shouldn't happen. */
1534 Jmsg3(jcr, M_ERROR, 0, _("Decryption error. buf_len=%d decrypt_len=%d on file %s\n"),
1535 cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
1538 Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
1539 /* If nothing new was decrypted, and our output buffer is empty, return */
1540 if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
1544 cipher_ctx->buf_len += decrypted_len;
1546 unser_crypto_packet_len(cipher_ctx);
1547 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1548 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1549 /* Decrypted, possibly decompressed output here. */
1550 wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1551 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1552 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1554 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1555 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize, flags)) {
1560 if (flags & FO_COMPRESS) {
1561 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1566 Dmsg0(130, "Call store_data\n");
1567 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1570 jcr->JobBytes += wsize;
1571 Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1573 /* Move any remaining data to start of buffer. */
1574 if (cipher_ctx->buf_len > 0) {
1575 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1576 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1577 cipher_ctx->buf_len);
1579 /* The packet was successfully written, reset the length so that the next
1580 * packet length may be re-read by unser_crypto_packet_len() */
1581 cipher_ctx->packet_len = 0;
1583 if (cipher_ctx->buf_len >0 && !second_pass) {
1588 /* Stop decryption */
1589 cipher_ctx->buf_len = 0;
1590 cipher_ctx->packet_len = 0;
1595 static void deallocate_cipher(r_ctx &rctx)
1597 /* Flush and deallocate previous stream's cipher context */
1598 if (rctx.cipher_ctx.cipher) {
1599 flush_cipher(rctx, &rctx.bfd, &rctx.fileAddr, rctx.flags, rctx.comp_stream, &rctx.cipher_ctx);
1600 crypto_cipher_free(rctx.cipher_ctx.cipher);
1601 rctx.cipher_ctx.cipher = NULL;
1605 static void deallocate_fork_cipher(r_ctx &rctx)
1608 /* Flush and deallocate previous stream's fork cipher context */
1609 if (rctx.fork_cipher_ctx.cipher) {
1610 flush_cipher(rctx, &rctx.forkbfd, &rctx.fork_addr, rctx.fork_flags, rctx.comp_stream, &rctx.fork_cipher_ctx);
1611 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1612 rctx.fork_cipher_ctx.cipher = NULL;
1616 static void free_signature(r_ctx &rctx)
1619 crypto_sign_free(rctx.sig);
1624 static void free_session(r_ctx &rctx)
1627 crypto_session_free(rctx.cs);
1633 * Verify the signature for the last restored file
1634 * Return value is either true (signature correct)
1635 * or false (signature could not be verified).
1636 * TODO landonf: Implement without using find_one_file and
1637 * without re-reading the file.
1639 static bool verify_signature(r_ctx &rctx)
1641 JCR *jcr = rctx.jcr;
1642 X509_KEYPAIR *keypair;
1643 DIGEST *digest = NULL;
1645 uint64_t saved_bytes;
1646 crypto_digest_t signing_algorithm = have_sha2 ?
1647 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
1648 crypto_digest_t algorithm;
1649 SIGNATURE *sig = rctx.sig;
1652 if (!jcr->crypto.pki_sign) {
1653 /* no signature OK */
1657 if (rctx.type == FT_REGE || rctx.type == FT_REG || rctx.type == FT_RAW) {
1658 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"),
1665 /* Iterate through the trusted signers */
1666 foreach_alist(keypair, jcr->crypto.pki_signers) {
1667 err = crypto_sign_get_digest(sig, jcr->crypto.pki_keypair, algorithm, &digest);
1669 case CRYPTO_ERROR_NONE:
1670 Dmsg0(50, "== Got digest\n");
1672 * We computed jcr->crypto.digest using signing_algorithm while writing
1673 * the file. If it is not the same as the algorithm used for
1674 * this file, punt by releasing the computed algorithm and
1675 * computing by re-reading the file.
1677 if (algorithm != signing_algorithm) {
1678 if (jcr->crypto.digest) {
1679 crypto_digest_free(jcr->crypto.digest);
1680 jcr->crypto.digest = NULL;
1683 if (jcr->crypto.digest) {
1684 /* Use digest computed while writing the file to verify
1686 if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
1687 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1688 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1689 jcr->last_fname, crypto_strerror(err));
1693 /* Signature found, digest allocated. Old method,
1694 * re-read the file and compute the digest */
1695 jcr->crypto.digest = digest;
1697 /* Checksum the entire file
1698 * Make sure we don't modify JobBytes by saving and
1700 saved_bytes = jcr->JobBytes;
1701 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
1702 Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
1704 jcr->JobBytes = saved_bytes;
1707 jcr->JobBytes = saved_bytes;
1709 /* Verify the signature */
1710 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
1711 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1712 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1713 jcr->last_fname, crypto_strerror(err));
1716 jcr->crypto.digest = NULL;
1719 /* Valid signature */
1720 Dmsg1(50, "Signature good on %s\n", jcr->last_fname);
1721 crypto_digest_free(digest);
1724 case CRYPTO_ERROR_NOSIGNER:
1725 /* Signature not found, try again */
1727 crypto_digest_free(digest);
1732 /* Something strange happened (that shouldn't happen!)... */
1733 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
1739 Dmsg1(50, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
1743 crypto_digest_free(digest);