2 * Bacula File Daemon restore.c Restorefiles.
4 * Kern Sibbald, November MM
10 Bacula® - The Network Backup Solution
12 Copyright (C) 2000-2006 Free Software Foundation Europe e.V.
14 The main author of Bacula is Kern Sibbald, with contributions from
15 many others, a complete list can be found in the file AUTHORS.
16 This program is Free Software; you can redistribute it and/or
17 modify it under the terms of version two of the GNU General Public
18 License as published by the Free Software Foundation plus additions
19 that are listed in the file LICENSE.
21 This program is distributed in the hope that it will be useful, but
22 WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
24 General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program; if not, write to the Free Software
28 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
31 Bacula® is a registered trademark of John Walker.
32 The licensor of Bacula is the Free Software Foundation Europe
33 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
34 Switzerland, email:ftf@fsfeurope.org.
44 #if defined(HAVE_CRYPTO)
45 const bool have_crypto = true;
47 const bool have_crypto = false;
50 /* Data received from Storage Daemon */
51 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
53 /* Forward referenced functions */
54 #if defined(HAVE_LIBZ)
55 static const char *zlib_strerror(int stat);
56 const bool have_libz = true;
58 const bool have_libz = false;
61 int verify_signature(JCR *jcr, SIGNATURE *sig);
62 int32_t extract_data(JCR *jcr, BFILE *bfd, POOLMEM *buf, int32_t buflen,
63 uint64_t *addr, int flags, CIPHER_CONTEXT *cipher, uint32_t cipher_block_size);
64 bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags, CIPHER_CONTEXT *cipher,
65 uint32_t cipher_block_size);
67 #define RETRY 10 /* retry wait time */
70 * Close a bfd check that we are at the expected file offset.
71 * Makes some code in set_attributes().
73 int bclose_chksize(JCR *jcr, BFILE *bfd, boffset_t osize)
75 char ec1[50], ec2[50];
78 fsize = blseek(bfd, 0, SEEK_CUR);
79 bclose(bfd); /* first close file */
80 if (fsize > 0 && fsize != osize) {
81 Qmsg3(jcr, M_ERROR, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
82 jcr->last_fname, edit_uint64(osize, ec1),
83 edit_uint64(fsize, ec2));
90 * Restore the requested files.
93 void do_restore(JCR *jcr)
98 uint32_t VolSessionId, VolSessionTime;
101 char ec1[50]; /* Buffer printing huge values */
103 BFILE bfd; /* File content */
104 uint64_t fileAddr = 0; /* file write address */
105 uint32_t size; /* Size of file */
106 BFILE altbfd; /* Alternative data stream */
107 uint64_t alt_addr = 0; /* Write address for alternative stream */
108 intmax_t alt_size = 0; /* Size of alternate stream */
109 SIGNATURE *sig = NULL; /* Cryptographic signature (if any) for file */
110 CRYPTO_SESSION *cs = NULL; /* Cryptographic session data (if any) for file */
111 CIPHER_CONTEXT *cipher_ctx = NULL; /* Cryptographic cipher context (if any) for file */
112 uint32_t cipher_block_size = 0; /* Cryptographic algorithm block size for file */
113 int flags = 0; /* Options for extract_data() */
117 /* The following variables keep track of "known unknowns" */
118 int non_support_data = 0;
119 int non_support_attr = 0;
120 int non_support_rsrc = 0;
121 int non_support_finfo = 0;
122 int non_support_acl = 0;
123 int non_support_progname = 0;
125 /* Finally, set up for special configurations */
126 #ifdef HAVE_DARWIN_OS
127 intmax_t rsrc_len = 0; /* Original length of resource fork */
128 struct attrlist attrList;
130 memset(&attrList, 0, sizeof(attrList));
131 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
132 attrList.commonattr = ATTR_CMN_FNDRINFO;
135 sd = jcr->store_bsock;
136 set_jcr_job_status(jcr, JS_Running);
139 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
143 buf_size = client->max_network_buffer_size;
145 buf_size = 0; /* use default */
147 if (!bnet_set_buffer_size(sd, buf_size, BNET_SETBUF_WRITE)) {
148 set_jcr_job_status(jcr, JS_ErrorTerminated);
151 jcr->buf_size = sd->msglen;
153 #ifdef stbernard_implemented
154 / #if defined(HAVE_WIN32)
155 bool bResumeOfmOnExit = FALSE;
156 if (isOpenFileManagerRunning()) {
157 if ( pauseOpenFileManager() ) {
158 Jmsg(jcr, M_INFO, 0, _("Open File Manager paused\n") );
159 bResumeOfmOnExit = TRUE;
162 Jmsg(jcr, M_ERROR, 0, _("FAILED to pause Open File Manager\n") );
166 char username[UNLEN+1];
167 DWORD usize = sizeof(username);
168 int privs = enable_backup_privileges(NULL, 1);
169 if (GetUserName(username, &usize)) {
170 Jmsg2(jcr, M_INFO, 0, _("Running as '%s'. Privmask=%#08x\n"), username,
172 Jmsg(jcr, M_WARNING, 0, _("Failed to retrieve current UserName\n"));
178 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
179 jcr->compress_buf = (char *)bmalloc(compress_buf_size);
180 jcr->compress_buf_size = compress_buf_size;
184 jcr->crypto_buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
185 jcr->crypto_buf_len = 0;
186 jcr->crypto_packet_len = 0;
190 * Get a record from the Storage daemon. We are guaranteed to
191 * receive records in the following order:
192 * 1. Stream record header
194 * a. Attributes (Unix or Win32)
195 * b. Possibly stream encryption session data (e.g., symmetric session key)
196 * or c. File data for the file
197 * or d. Alternate data stream (e.g. Resource Fork)
200 * or g. Possibly a cryptographic signature
201 * or h. Possibly MD5 or SHA1 record
204 * NOTE: We keep track of two bacula file descriptors:
205 * 1. bfd for file data.
206 * This fd is opened for non empty files when an attribute stream is
207 * encountered and closed when we find the next attribute stream.
208 * 2. alt_bfd for alternate data streams
209 * This fd is opened every time we encounter a new alternate data
210 * stream for the current file. When we find any other stream, we
212 * The expected size of the stream, alt_len, should be set when
218 jcr->acl_text = get_pool_memory(PM_MESSAGE);
220 while (bget_msg(sd) >= 0 && !job_canceled(jcr)) {
221 /* Remember previous stream type */
222 prev_stream = stream;
224 /* First we expect a Stream Record Header */
225 if (sscanf(sd->msg, rec_header, &VolSessionId, &VolSessionTime, &file_index,
226 &stream, &size) != 5) {
227 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), sd->msg);
230 Dmsg4(30, "Got hdr: Files=%d FilInx=%d Stream=%d, %s.\n",
231 jcr->JobFiles, file_index, stream, stream_to_ascii(stream));
233 /* * Now we expect the Stream Data */
234 if (bget_msg(sd) < 0) {
235 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), bnet_strerror(sd));
238 if (size != (uint32_t)sd->msglen) {
239 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"), sd->msglen, size);
242 Dmsg3(30, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(stream),
243 sd->msglen, extract);
245 /* If we change streams, close and reset alternate data streams */
246 if (prev_stream != stream) {
247 if (is_bopen(&altbfd)) {
248 bclose_chksize(jcr, &altbfd, alt_size);
250 alt_size = -1; /* Use an impossible value and set a proper one below */
254 /* File Attributes stream */
256 case STREAM_UNIX_ATTRIBUTES:
257 case STREAM_UNIX_ATTRIBUTES_EX:
259 * If extracting, it was from previous stream, so
260 * close the output file and validate the signature.
263 if (size > 0 && !is_bopen(&bfd)) {
264 Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
266 /* Flush and deallocate previous stream's cipher context */
267 if (cipher_ctx && prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
268 flush_cipher(jcr, &bfd, &fileAddr, flags, cipher_ctx, cipher_block_size);
269 crypto_cipher_free(cipher_ctx);
272 set_attributes(jcr, attr, &bfd);
275 /* Verify the cryptographic signature, if any */
278 // Failure is reported in verify_signature() ...
279 verify_signature(jcr, sig);
281 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"), jcr->last_fname);
286 crypto_sign_free(sig);
290 crypto_session_free(cs);
293 Dmsg0(30, "Stop extracting.\n");
294 } else if (is_bopen(&bfd)) {
295 Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
300 * Unpack and do sanity check fo attributes.
302 if (!unpack_attributes_record(jcr, stream, sd->msg, attr)) {
305 if (file_index != attr->file_index) {
306 Jmsg(jcr, M_FATAL, 0, _("Record header file index %ld not equal record index %ld\n"),
307 file_index, attr->file_index);
308 Dmsg0(100, "File index error\n");
312 Dmsg3(200, "File %s\nattrib=%s\nattribsEx=%s\n", attr->fname,
313 attr->attr, attr->attrEx);
315 attr->data_stream = decode_stat(attr->attr, &attr->statp, &attr->LinkFI);
317 if (!is_restore_stream_supported(attr->data_stream)) {
318 if (!non_support_data++) {
319 Jmsg(jcr, M_ERROR, 0, _("%s stream not supported on this Client.\n"),
320 stream_to_ascii(attr->data_stream));
325 build_attr_output_fnames(jcr, attr);
328 * Now determine if we are extracting or not.
330 jcr->num_files_examined++;
331 Dmsg1(30, "Outfile=%s\n", attr->ofname);
333 stat = create_file(jcr, attr, &bfd, jcr->replace);
338 case CF_EXTRACT: /* File created and we expect file data */
341 case CF_CREATED: /* File created, but there is no content */
343 pm_strcpy(jcr->last_fname, attr->ofname);
344 jcr->last_type = attr->type;
348 print_ls_output(jcr, attr);
349 #ifdef HAVE_DARWIN_OS
350 /* Only restore the resource fork for regular files */
351 from_base64(&rsrc_len, attr->attrEx);
352 if (attr->type == FT_REG && rsrc_len > 0) {
357 /* set attributes now because file will not be extracted */
358 set_attributes(jcr, attr, &bfd);
365 case STREAM_ENCRYPTED_SESSION_DATA:
366 crypto_error_t cryptoerr;
368 /* Do we have any keys at all? */
369 if (!jcr->pki_recipients) {
370 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
376 /* Decode and save session keys. */
377 cryptoerr = crypto_session_decode((uint8_t *)sd->msg, (uint32_t)sd->msglen, jcr->pki_recipients, &cs);
379 case CRYPTO_ERROR_NONE:
382 case CRYPTO_ERROR_NORECIPIENT:
383 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
385 case CRYPTO_ERROR_DECRYPTION:
386 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
389 /* Shouldn't happen */
390 Jmsg1(jcr, M_ERROR, 0, _("An error occured while decoding encrypted session data stream: %s\n"), crypto_strerror(cryptoerr));
394 if (cryptoerr != CRYPTO_ERROR_NONE) {
400 /* Set up a decryption context */
401 if ((cipher_ctx = crypto_cipher_new(cs, false, &cipher_block_size)) == NULL) {
402 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
403 crypto_session_free(cs);
412 case STREAM_FILE_DATA:
413 case STREAM_SPARSE_DATA:
414 case STREAM_WIN32_DATA:
415 case STREAM_GZIP_DATA:
416 case STREAM_SPARSE_GZIP_DATA:
417 case STREAM_WIN32_GZIP_DATA:
418 case STREAM_ENCRYPTED_FILE_DATA:
419 case STREAM_ENCRYPTED_WIN32_DATA:
420 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
421 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
422 /* Force an expected, consistent stream type here */
423 if (extract && (prev_stream == stream || prev_stream == STREAM_UNIX_ATTRIBUTES
424 || prev_stream == STREAM_UNIX_ATTRIBUTES_EX
425 || prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
428 if (stream == STREAM_SPARSE_DATA || stream == STREAM_SPARSE_GZIP_DATA) {
432 if (stream == STREAM_GZIP_DATA || stream == STREAM_SPARSE_GZIP_DATA
433 || stream == STREAM_WIN32_GZIP_DATA || stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
434 || stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
438 if (stream == STREAM_ENCRYPTED_FILE_DATA
439 || stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
440 || stream == STREAM_ENCRYPTED_WIN32_DATA
441 || stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
445 if (is_win32_stream(stream) && !have_win32_api()) {
446 set_portable_backup(&bfd);
447 flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
450 if (extract_data(jcr, &bfd, sd->msg, sd->msglen, &fileAddr, flags,
451 cipher_ctx, cipher_block_size) < 0) {
459 /* Resource fork stream - only recorded after a file to be restored */
460 /* Silently ignore if we cannot write - we already reported that */
461 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
463 case STREAM_MACOS_FORK_DATA:
464 #ifdef HAVE_DARWIN_OS
466 if (prev_stream != stream) {
467 if (bopen_rsrc(&altbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
468 Jmsg(jcr, M_ERROR, 0, _(" Cannot open resource fork for %s.\n"), jcr->last_fname);
473 Dmsg0(30, "Restoring resource fork\n");
476 if (extract_data(jcr, &altbfd, sd->msg, sd->msglen, &alt_addr, flags,
477 cipher_ctx, cipher_block_size) < 0) {
488 case STREAM_HFSPLUS_ATTRIBUTES:
489 #ifdef HAVE_DARWIN_OS
490 Dmsg0(30, "Restoring Finder Info\n");
491 if (sd->msglen != 32) {
492 Jmsg(jcr, M_ERROR, 0, _(" Invalid length of Finder Info (got %d, not 32)\n"), sd->msglen);
495 if (setattrlist(jcr->last_fname, &attrList, sd->msg, sd->msglen, 0) != 0) {
496 Jmsg(jcr, M_ERROR, 0, _(" Could not set Finder Info on %s\n"), jcr->last_fname);
503 case STREAM_UNIX_ATTRIBUTES_ACCESS_ACL:
505 pm_strcpy(jcr->acl_text, sd->msg);
506 Dmsg2(400, "Restoring ACL type 0x%2x <%s>\n", BACL_TYPE_ACCESS, jcr->acl_text);
507 if (bacl_set(jcr, BACL_TYPE_ACCESS) != 0) {
508 Qmsg1(jcr, M_WARNING, 0, _("Can't restore ACL of %s\n"), jcr->last_fname);
515 case STREAM_UNIX_ATTRIBUTES_DEFAULT_ACL:
517 pm_strcpy(jcr->acl_text, sd->msg);
518 Dmsg2(400, "Restoring ACL type 0x%2x <%s>\n", BACL_TYPE_DEFAULT, jcr->acl_text);
519 if (bacl_set(jcr, BACL_TYPE_DEFAULT) != 0) {
520 Qmsg1(jcr, M_WARNING, 0, _("Can't restore default ACL of %s\n"), jcr->last_fname);
527 case STREAM_SIGNED_DIGEST:
528 /* Save signature. */
529 if (extract && (sig = crypto_sign_decode((uint8_t *)sd->msg, (uint32_t)sd->msglen)) == NULL) {
530 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
534 case STREAM_MD5_DIGEST:
535 case STREAM_SHA1_DIGEST:
536 case STREAM_SHA256_DIGEST:
537 case STREAM_SHA512_DIGEST:
540 case STREAM_PROGRAM_NAMES:
541 case STREAM_PROGRAM_DATA:
542 if (!non_support_progname) {
543 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
544 non_support_progname++;
549 /* If extracting, wierd stream (not 1 or 2), close output file anyway */
551 Dmsg1(30, "Found wierd stream %d\n", stream);
552 if (size > 0 && !is_bopen(&bfd)) {
553 Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
555 /* Flush and deallocate cipher context */
557 flush_cipher(jcr, &bfd, &fileAddr, flags, cipher_ctx, cipher_block_size);
558 crypto_cipher_free(cipher_ctx);
561 set_attributes(jcr, attr, &bfd);
563 /* Verify the cryptographic signature if any */
566 // Failure is reported in verify_signature() ...
567 verify_signature(jcr, sig);
569 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"), jcr->last_fname);
574 } else if (is_bopen(&bfd)) {
575 Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
578 Jmsg(jcr, M_ERROR, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"), stream);
579 Dmsg2(0, "None of above!!! stream=%d data=%s\n", stream,sd->msg);
581 } /* end switch(stream) */
583 } /* end while get_msg() */
585 /* If output file is still open, it was the last one in the
586 * archive since we just hit an end of file, so close the file.
588 if (is_bopen(&altbfd)) {
589 bclose_chksize(jcr, &altbfd, alt_size);
592 /* Flush and deallocate cipher context */
594 flush_cipher(jcr, &bfd, &fileAddr, flags, cipher_ctx, cipher_block_size);
595 crypto_cipher_free(cipher_ctx);
598 set_attributes(jcr, attr, &bfd);
600 /* Verify the cryptographic signature on the last file, if any */
603 // Failure is reported in verify_signature() ...
604 verify_signature(jcr, sig);
606 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"), jcr->last_fname);
611 if (is_bopen(&bfd)) {
615 set_jcr_job_status(jcr, JS_Terminated);
619 set_jcr_job_status(jcr, JS_ErrorTerminated);
622 /* Free Signature & Crypto Data */
624 crypto_sign_free(sig);
628 crypto_session_free(cs);
632 crypto_cipher_free(cipher_ctx);
635 if (jcr->compress_buf) {
636 free(jcr->compress_buf);
637 jcr->compress_buf = NULL;
638 jcr->compress_buf_size = 0;
640 if (jcr->crypto_buf) {
641 free_pool_memory(jcr->crypto_buf);
642 jcr->crypto_buf = NULL;
647 free_pool_memory(jcr->acl_text);
648 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
649 edit_uint64(jcr->JobBytes, ec1));
650 if (non_support_data > 1 || non_support_attr > 1) {
651 Jmsg(jcr, M_ERROR, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
652 non_support_data, non_support_attr);
654 if (non_support_rsrc) {
655 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_support_rsrc);
657 if (non_support_finfo) {
658 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_support_rsrc);
660 if (non_support_acl) {
661 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_support_acl);
667 * Convert ZLIB error code into an ASCII message
669 static const char *zlib_strerror(int stat)
676 return _("Zlib errno");
678 return _("Zlib stream error");
680 return _("Zlib data error");
682 return _("Zlib memory error");
684 return _("Zlib buffer error");
685 case Z_VERSION_ERROR:
686 return _("Zlib version error");
692 static int do_file_digest(FF_PKT *ff_pkt, void *pkt, bool top_level)
694 JCR *jcr = (JCR *)pkt;
695 return (digest_file(jcr, ff_pkt, jcr->digest));
699 * Verify the signature for the last restored file
700 * Return value is either true (signature correct)
701 * or false (signature could not be verified).
702 * TODO landonf: Better signature failure handling.
704 int verify_signature(JCR *jcr, SIGNATURE *sig)
706 X509_KEYPAIR *keypair;
707 DIGEST *digest = NULL;
710 /* Iterate through the trusted signers */
711 foreach_alist(keypair, jcr->pki_signers) {
712 err = crypto_sign_get_digest(sig, jcr->pki_keypair, &digest);
715 case CRYPTO_ERROR_NONE:
716 /* Signature found, digest allocated */
717 jcr->digest = digest;
719 /* Checksum the entire file */
720 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr, jcr->last_fname, (dev_t)-1, 1) != 0) {
721 Qmsg(jcr, M_ERROR, 0, _("Signature validation failed for %s: \n"), jcr->last_fname);
725 /* Verify the signature */
726 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
727 Dmsg1(100, "Bad signature on %s\n", jcr->last_fname);
728 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
729 crypto_digest_free(digest);
733 /* Valid signature */
734 Dmsg1(100, "Signature good on %s\n", jcr->last_fname);
735 crypto_digest_free(digest);
738 case CRYPTO_ERROR_NOSIGNER:
739 /* Signature not found, try again */
742 /* Something strange happened (that shouldn't happen!)... */
743 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
745 crypto_digest_free(digest);
752 Dmsg1(100, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
753 crypto_digest_free(digest);
757 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length)
762 unser_begin(*data, SPARSE_FADDR_SIZE);
764 if (*addr != faddr) {
766 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
768 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
769 edit_uint64(*addr, ec1), jcr->last_fname,
770 be.strerror(bfd->berrno));
774 *data += SPARSE_FADDR_SIZE;
775 *length -= SPARSE_FADDR_SIZE;
779 bool decompress_data(JCR *jcr, char **data, uint32_t *length)
784 char ec1[50]; /* Buffer printing huge values */
787 * NOTE! We only use uLong and Byte because they are
788 * needed by the zlib routines, they should not otherwise
791 compress_len = jcr->compress_buf_size;
792 Dmsg2(100, "Comp_len=%d msglen=%d\n", compress_len, *length);
793 if ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
794 (const Byte *)*data, (uLong)*length)) != Z_OK) {
795 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
796 jcr->last_fname, zlib_strerror(stat));
799 *data = jcr->compress_buf;
800 *length = compress_len;
801 Dmsg2(100, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
804 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
809 static void unser_crypto_packet_len(JCR *jcr)
812 if (jcr->crypto_packet_len == 0 && jcr->crypto_buf_len >= CRYPTO_LEN_SIZE) {
813 unser_begin(&jcr->crypto_buf[0], CRYPTO_LEN_SIZE);
814 unser_uint32(jcr->crypto_packet_len);
815 jcr->crypto_packet_len += CRYPTO_LEN_SIZE;
819 bool store_data(JCR *jcr, BFILE *bfd, char *data, const int32_t length, bool win32_decomp)
822 if (!processWin32BackupAPIBlock(bfd, data, length)) {
824 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
825 jcr->last_fname, be.strerror(bfd->berrno));
828 } else if (bwrite(bfd, data, length) != (ssize_t)length) {
830 Jmsg2(jcr, M_ERROR, 0, _("Write error on %s: %s\n"),
831 jcr->last_fname, be.strerror(bfd->berrno));
839 * In the context of jcr, write data to bfd.
840 * We write buflen bytes in buf at addr. addr is updated in place.
841 * The flags specify whether to use sparse files or compression.
842 * Return value is the number of bytes written, or -1 on errors.
844 int32_t extract_data(JCR *jcr, BFILE *bfd, POOLMEM *buf, int32_t buflen,
845 uint64_t *addr, int flags, CIPHER_CONTEXT *cipher, uint32_t cipher_block_size)
847 char *wbuf; /* write buffer */
848 uint32_t wsize; /* write size */
849 uint32_t rsize; /* read size */
850 uint32_t decrypted_len = 0; /* Decryption output length */
851 char ec1[50]; /* Buffer printing huge values */
854 jcr->ReadBytes += rsize;
858 if (flags & FO_ENCRYPT) {
861 /* NOTE: We must implement block preserving semantics for the
862 * non-streaming compression and sparse code. */
865 * Grow the crypto buffer, if necessary.
866 * crypto_cipher_update() will process only whole blocks,
867 * buffering the remaining input.
869 jcr->crypto_buf = check_pool_memory_size(jcr->crypto_buf,
870 jcr->crypto_buf_len + wsize + cipher_block_size);
872 /* Decrypt the input block */
873 if (!crypto_cipher_update(cipher,
874 (const u_int8_t *)wbuf,
876 (u_int8_t *)&jcr->crypto_buf[jcr->crypto_buf_len],
878 /* Decryption failed. Shouldn't happen. */
879 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
883 if (decrypted_len == 0) {
884 /* No full block of encrypted data available, write more data */
888 Dmsg2(100, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
890 jcr->crypto_buf_len += decrypted_len;
891 wbuf = jcr->crypto_buf;
893 /* If one full preserved block is available, write it to disk,
894 * and then buffer any remaining data. This should be effecient
895 * as long as Bacula's block size is not significantly smaller than the
896 * encryption block size (extremely unlikely!) */
897 unser_crypto_packet_len(jcr);
898 Dmsg1(500, "Crypto unser block size=%d\n", jcr->crypto_packet_len - CRYPTO_LEN_SIZE);
900 if (jcr->crypto_packet_len == 0 || jcr->crypto_buf_len < jcr->crypto_packet_len) {
901 /* No full preserved block is available. */
905 /* We have one full block, set up the filter input buffers */
906 wsize = jcr->crypto_packet_len - CRYPTO_LEN_SIZE;
907 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
908 jcr->crypto_buf_len -= jcr->crypto_packet_len;
909 Dmsg2(30, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, jcr->crypto_buf_len);
912 if (flags & FO_SPARSE) {
913 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
918 if (flags & FO_GZIP) {
919 if (!decompress_data(jcr, &wbuf, &wsize)) {
923 Dmsg2(30, "Write %u bytes, total before write=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
926 if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
930 jcr->JobBytes += wsize;
933 /* Clean up crypto buffers */
934 if (flags & FO_ENCRYPT) {
935 /* Move any remaining data to start of buffer */
936 if (jcr->crypto_buf_len > 0) {
937 Dmsg1(30, "Moving %u buffered bytes to start of buffer\n", jcr->crypto_buf_len);
938 memmove(jcr->crypto_buf, &jcr->crypto_buf[jcr->crypto_packet_len],
939 jcr->crypto_buf_len);
941 /* The packet was successfully written, reset the length so that the next
942 * packet length may be re-read by unser_crypto_packet_len() */
943 jcr->crypto_packet_len = 0;
950 * In the context of jcr, flush any remaining data from the cipher context,
952 * Return value is true on success, false on failure.
954 bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags, CIPHER_CONTEXT *cipher,
955 uint32_t cipher_block_size)
957 uint32_t decrypted_len;
958 char *wbuf; /* write buffer */
959 uint32_t wsize; /* write size */
960 char ec1[50]; /* Buffer printing huge values */
962 /* Write out the remaining block and free the cipher context */
963 jcr->crypto_buf = check_pool_memory_size(jcr->crypto_buf, jcr->crypto_buf_len +
966 if (!crypto_cipher_finalize(cipher, (uint8_t *)&jcr->crypto_buf[jcr->crypto_buf_len],
968 /* Writing out the final, buffered block failed. Shouldn't happen. */
969 Jmsg1(jcr, M_FATAL, 0, _("Decryption error for %s\n"), jcr->last_fname);
972 /* If nothing new was decrypted, and our output buffer is empty, return */
973 if (decrypted_len == 0 && jcr->crypto_buf_len == 0) {
977 jcr->crypto_buf_len += decrypted_len;
979 unser_crypto_packet_len(jcr);
980 Dmsg1(500, "Crypto unser block size=%d\n", jcr->crypto_packet_len - CRYPTO_LEN_SIZE);
981 wsize = jcr->crypto_packet_len - CRYPTO_LEN_SIZE;
982 wbuf = &jcr->crypto_buf[CRYPTO_LEN_SIZE]; /* Decrypted, possibly decompressed output here. */
984 if (jcr->crypto_buf_len != jcr->crypto_packet_len) {
985 Jmsg2(jcr, M_FATAL, 0,
986 _("Unexpected number of bytes remaining at end of file, received %u, expected %u\n"),
987 jcr->crypto_packet_len, jcr->crypto_buf_len);
991 jcr->crypto_buf_len = 0;
992 jcr->crypto_packet_len = 0;
994 if (flags & FO_SPARSE) {
995 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1000 if (flags & FO_GZIP) {
1001 decompress_data(jcr, &wbuf, &wsize);
1003 Dmsg2(30, "Write %u bytes, total before write=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1006 if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1010 jcr->JobBytes += wsize;