2 Bacula(R) - The Network Backup Solution
4 Copyright (C) 2000-2017 Kern Sibbald
5 Copyright (C) 2000-2014 Free Software Foundation Europe e.V.
7 The original author of Bacula is Kern Sibbald, with contributions
8 from many others, a complete list can be found in the file AUTHORS.
10 You may use this file and others of this release according to the
11 license defined in the LICENSE file, which includes the Affero General
12 Public License, v3.0 ("AGPLv3") and some additional permissions and
13 terms pursuant to its AGPLv3 Section 7.
15 This notice must be preserved when any source code is
16 conveyed and/or propagated.
18 Bacula(R) is a registered trademark of Kern Sibbald.
21 * Bacula File Daemon restore.c Restorefiles.
23 * Kern Sibbald, November MM
34 const bool have_darwin_os = true;
36 const bool have_darwin_os = false;
39 #if defined(HAVE_CRYPTO)
40 const bool have_crypto = true;
42 const bool have_crypto = false;
46 const bool have_acl = true;
48 const bool have_acl = false;
52 const bool have_sha2 = true;
54 const bool have_sha2 = false;
57 #if defined(HAVE_XATTR)
58 const bool have_xattr = true;
60 const bool have_xattr = false;
63 /* Data received from Storage Daemon */
64 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
66 /* Forward referenced functions */
67 #if defined(HAVE_LIBZ)
68 static const char *zlib_strerror(int stat);
69 const bool have_libz = true;
71 const bool have_libz = false;
74 const bool have_lzo = true;
76 const bool have_lzo = false;
79 static void deallocate_cipher(r_ctx &rctx);
80 static void deallocate_fork_cipher(r_ctx &rctx);
81 static bool verify_signature(r_ctx &rctx);
82 static void free_signature(r_ctx &rctx);
83 static void free_session(r_ctx &rctx);
84 static bool close_previous_stream(r_ctx &rctx);
85 static int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen);
86 static bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
87 RESTORE_CIPHER_CTX *cipher_ctx);
90 * Close a bfd check that we are at the expected file offset.
91 * Makes use of some code from set_attributes().
93 static int bclose_chksize(r_ctx &rctx, BFILE *bfd, boffset_t osize)
95 char ec1[50], ec2[50];
99 fsize = blseek(bfd, 0, SEEK_CUR);
100 bclose(bfd); /* first close file */
101 if (fsize > 0 && fsize != osize) {
102 Qmsg3(jcr, M_WARNING, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
103 jcr->last_fname, edit_uint64(osize, ec1),
104 edit_uint64(fsize, ec2));
110 #ifdef HAVE_DARWIN_OS
111 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
113 struct attrlist attrList;
115 memset(&attrList, 0, sizeof(attrList));
116 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
117 attrList.commonattr = ATTR_CMN_FNDRINFO;
119 Dmsg0(130, "Restoring Finder Info\n");
120 jcr->ff->flags |= FO_HFSPLUS;
122 Jmsg(jcr, M_WARNING, 0, _("Invalid length of Finder Info (got %d, wanted 32)\n"), buflen);
126 if (setattrlist(jcr->last_fname, &attrList, buf, buflen, 0) != 0) {
127 Jmsg(jcr, M_WARNING, 0, _("Error setting Finder Info on \"%s\"\n"), jcr->last_fname);
135 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
143 * Cleanup of delayed restore stack with streams for later processing.
145 static void drop_delayed_restore_streams(r_ctx &rctx, bool reuse)
147 RESTORE_DATA_STREAM *rds;
149 if (!rctx.delayed_streams) {
151 rctx.delayed_streams = New(alist(10, owned_by_alist));
155 if (rctx.delayed_streams->empty()) {
159 foreach_alist(rds, rctx.delayed_streams) {
165 rctx.delayed_streams->destroy();
167 rctx.delayed_streams->init(10, owned_by_alist);
173 * Push a data stream onto the delayed restore stack for
176 static inline void push_delayed_restore_stream(r_ctx &rctx, char *msg, int msglen)
178 RESTORE_DATA_STREAM *rds;
183 if (!rctx.delayed_streams) {
184 rctx.delayed_streams = New(alist(10, owned_by_alist));
187 rds = (RESTORE_DATA_STREAM *)malloc(sizeof(RESTORE_DATA_STREAM));
188 rds->stream = rctx.stream;
189 rds->content = (char *)malloc(msglen);
190 memcpy(rds->content, msg, msglen);
191 rds->content_length = msglen;
192 rctx.delayed_streams->append(rds);
196 * Perform a restore of an ACL using the stream received.
197 * This can either be a delayed restore or direct restore.
199 static inline bool do_restore_acl(JCR *jcr, int stream, char *content,
200 uint32_t content_length)
205 switch (jcr->xacl->restore_acl(jcr, stream, content, content_length)) {
210 * Non-fatal errors, count them and when the number is under ACL_MAX_ERROR_PRINT_PER_JOB
211 * print the error message set by the lower level routine in jcr->errmsg.
213 if (jcr->xacl->get_acl_nr_errors() < ACL_MAX_ERROR_PRINT_PER_JOB) {
214 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
224 * Perform a restore of an XATTR using the stream received.
225 * This can either be a delayed restore or direct restore.
227 static inline bool do_restore_xattr(JCR *jcr, int stream, char *content,
228 uint32_t content_length)
233 switch (jcr->xacl->restore_xattr(jcr, stream, content, content_length)) {
238 * Non-fatal errors, count them and when the number is under XATTR_MAX_ERROR_PRINT_PER_JOB
239 * print the error message set by the lower level routine in jcr->errmsg.
241 if (jcr->xacl->get_xattr_nr_errors() < XATTR_MAX_ERROR_PRINT_PER_JOB) {
242 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
252 * Restore any data streams that are restored after the file
253 * is fully restored and has its attributes restored. Things
254 * like acls and xattr are restored after we set the file
255 * attributes otherwise we might clear some security flags
256 * by setting the attributes.
258 static inline bool pop_delayed_data_streams(r_ctx &rctx)
260 RESTORE_DATA_STREAM *rds;
264 * See if there is anything todo.
266 if (!rctx.delayed_streams ||
267 rctx.delayed_streams->empty()) {
272 * Only process known delayed data streams here.
273 * If you start using more delayed data streams
274 * be sure to add them in this loop and add the
277 * Currently we support delayed data stream
278 * processing for the following type of streams:
282 foreach_alist(rds, rctx.delayed_streams) {
283 switch (rds->stream) {
284 case STREAM_UNIX_ACCESS_ACL:
285 case STREAM_UNIX_DEFAULT_ACL:
286 case STREAM_XACL_AIX_TEXT:
287 case STREAM_XACL_DARWIN_ACCESS:
288 case STREAM_XACL_FREEBSD_DEFAULT:
289 case STREAM_XACL_FREEBSD_ACCESS:
290 case STREAM_XACL_HPUX_ACL_ENTRY:
291 case STREAM_XACL_IRIX_DEFAULT:
292 case STREAM_XACL_IRIX_ACCESS:
293 case STREAM_XACL_LINUX_DEFAULT:
294 case STREAM_XACL_LINUX_ACCESS:
295 case STREAM_XACL_TRU64_DEFAULT:
296 case STREAM_XACL_TRU64_DEFAULT_DIR:
297 case STREAM_XACL_TRU64_ACCESS:
298 case STREAM_XACL_SOLARIS_POSIX:
299 case STREAM_XACL_SOLARIS_NFS4:
300 case STREAM_XACL_AFS_TEXT:
301 case STREAM_XACL_AIX_AIXC:
302 case STREAM_XACL_AIX_NFS4:
303 case STREAM_XACL_FREEBSD_NFS4:
304 case STREAM_XACL_HURD_DEFAULT:
305 case STREAM_XACL_HURD_ACCESS:
306 if (!do_restore_acl(jcr, rds->stream, rds->content, rds->content_length)) {
310 case STREAM_XACL_HURD_XATTR:
311 case STREAM_XACL_IRIX_XATTR:
312 case STREAM_XACL_TRU64_XATTR:
313 case STREAM_XACL_AIX_XATTR:
314 case STREAM_XACL_OPENBSD_XATTR:
315 case STREAM_XACL_SOLARIS_SYS_XATTR:
316 case STREAM_XACL_DARWIN_XATTR:
317 case STREAM_XACL_FREEBSD_XATTR:
318 case STREAM_XACL_LINUX_XATTR:
319 case STREAM_XACL_NETBSD_XATTR:
320 if (!do_restore_xattr(jcr, rds->stream, rds->content, rds->content_length)) {
325 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
335 drop_delayed_restore_streams(rctx, true);
339 drop_delayed_restore_streams(rctx, true);
345 * Restore the requested files.
347 void do_restore(JCR *jcr)
350 uint32_t VolSessionId, VolSessionTime;
352 char ec1[50]; /* Buffer printing huge values */
353 uint32_t buf_size; /* client buffer size */
355 int64_t rsrc_len = 0; /* Original length of resource fork */
358 /* ***FIXME*** make configurable */
359 crypto_digest_t signing_algorithm = have_sha2 ?
360 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
361 memset(&rctx, 0, sizeof(rctx));
364 /* The following variables keep track of "known unknowns" */
365 int non_suppored_data = 0;
366 int non_suppored_attr = 0;
367 int non_suppored_rsrc = 0;
368 int non_suppored_finfo = 0;
369 int non_suppored_acl = 0;
370 int non_suppored_progname = 0;
371 int non_suppored_crypto = 0;
372 int non_suppored_xattr = 0;
374 sd = jcr->store_bsock;
375 jcr->setJobStatus(JS_Running);
378 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
381 buf_size = client->max_network_buffer_size;
383 buf_size = 0; /* use default */
385 if (!sd->set_buffer_size(buf_size, BNET_SETBUF_WRITE)) {
386 jcr->setJobStatus(JS_ErrorTerminated);
389 jcr->buf_size = sd->msglen;
391 /* use the same buffer size to decompress both gzip and lzo */
392 if (have_libz || have_lzo) {
393 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
394 jcr->compress_buf = get_memory(compress_buf_size);
395 jcr->compress_buf_size = compress_buf_size;
400 fdmsg = New(GetMsg(jcr, sd, rec_header, GETMSG_MAX_MSG_SIZE));
402 fdmsg->start_read_sock();
403 bmessage *bmsg = fdmsg->new_msg(); /* get a message, to exchange with fdmsg */
406 if (lzo_init() != LZO_E_OK) {
407 Jmsg(jcr, M_FATAL, 0, _("LZO init failed\n"));
413 rctx.cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
414 if (have_darwin_os) {
415 rctx.fork_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
420 * Get a record from the Storage daemon. We are guaranteed to
421 * receive records in the following order:
422 * 1. Stream record header
423 * 2. Stream data (one or more of the following in the order given)
424 * a. Attributes (Unix or Windows)
425 * b. Possibly stream encryption session data (e.g., symmetric session key)
426 * c. File data for the file
427 * d. Alternate data stream (e.g. Resource Fork)
431 * h. Possibly a cryptographic signature
432 * i. Possibly MD5 or SHA1 record
435 * NOTE: We keep track of two bacula file descriptors:
436 * 1. bfd for file data.
437 * This fd is opened for non empty files when an attribute stream is
438 * encountered and closed when we find the next attribute stream.
439 * 2. fork_bfd for alternate data streams
440 * This fd is opened every time we encounter a new alternate data
441 * stream for the current file. When we find any other stream, we
443 * The expected size of the stream, fork_len, should be set when
445 * 3. Not all the stream data records are required -- e.g. if there
446 * is no fork, there is no alternate data stream, no ACL, ...
449 binit(&rctx.forkbfd);
450 attr = rctx.attr = new_attr(jcr);
451 jcr->xacl = (XACL*)new_xacl();
454 while (fdmsg->bget_msg(&bmsg) >= 0 && !job_canceled(jcr)) {
455 /* Remember previous stream type */
456 rctx.prev_stream = rctx.stream;
458 /* First we expect a Stream Record Header */
460 if (sscanf(bmsg->rbuf, rec_header, &VolSessionId, &VolSessionTime, &file_index,
461 &rctx.full_stream, &rctx.size) != 5) {
462 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), bmsg->rbuf);
465 /* Strip off new stream high bits */
466 rctx.stream = rctx.full_stream & STREAMMASK_TYPE;
468 /* Now we expect the Stream Data */
469 if (fdmsg->bget_msg(&bmsg) < 0) {
470 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), sd->bstrerror());
473 if (rctx.size != (uint32_t)bmsg->origlen) {
474 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
475 bmsg->origlen, rctx.size);
476 Dmsg2(50, "Actual data size %d not same as header %d\n",
477 bmsg->origlen, rctx.size);
480 Dmsg3(620, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream),
481 bmsg->msglen, rctx.extract);
483 /* If we change streams, close and reset alternate data streams */
484 if (rctx.prev_stream != rctx.stream) {
485 if (is_bopen(&rctx.forkbfd)) {
486 deallocate_fork_cipher(rctx);
487 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
489 /* Use an impossible value and set a proper one below */
494 /* File Attributes stream */
495 switch (rctx.stream) {
496 case STREAM_UNIX_ATTRIBUTES:
497 case STREAM_UNIX_ATTRIBUTES_EX:
498 /* if any previous stream open, close it */
499 if (!close_previous_stream(rctx)) {
504 * TODO: manage deleted files
506 if (rctx.type == FT_DELETED) { /* deleted file */
510 * Restore objects should be ignored here -- they are
511 * returned at the beginning of the restore.
513 if (IS_FT_OBJECT(rctx.type)) {
518 * Unpack attributes and do sanity check them
520 if (!unpack_attributes_record(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen, attr)) {
524 attr->data_stream = decode_stat(attr->attr, &attr->statp, sizeof(attr->statp), &attr->LinkFI);
526 Dmsg5(100, "Stream %d: %s, File %s\nattrib=%s\nattribsEx=%s\n",
527 attr->data_stream, stream_to_ascii(attr->data_stream),
528 attr->fname, attr->attr, attr->attrEx);
529 Dmsg3(100, "=== msglen=%d attrExlen=%d msg=%s\n", bmsg->rbuflen,
530 strlen(attr->attrEx), bmsg->rbuf);
532 if (!is_restore_stream_supported(attr->data_stream)) {
533 Dmsg2(15, "Non-supported data stream %d: %s\n",
534 attr->data_stream, stream_to_ascii(attr->data_stream));
535 if (!non_suppored_data++) {
536 Jmsg(jcr, M_WARNING, 0, _("%s stream not supported on this Client.\n"),
537 stream_to_ascii(attr->data_stream));
542 build_attr_output_fnames(jcr, attr);
545 * Try to actually create the file, which returns a status telling
546 * us if we need to extract or not.
548 jcr->num_files_examined++;
549 rctx.extract = false;
550 stat = CF_CORE; /* By default, let Bacula's core handle it */
553 stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
556 if (stat == CF_CORE) {
557 stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
560 pm_strcpy(jcr->last_fname, attr->ofname);
561 jcr->last_type = attr->type;
563 Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
569 case CF_EXTRACT: /* File created and we expect file data */
571 /* FALLTHROUGH WANTED */
572 case CF_CREATED: /* File created, but there is no content */
573 /* File created, but there is no content */
575 print_ls_output(jcr, attr);
577 if (have_darwin_os) {
578 /* Only restore the resource fork for regular files */
579 from_base64(&rsrc_len, attr->attrEx);
580 if (attr->type == FT_REG && rsrc_len > 0) {
585 * Do not count the resource forks as regular files being restored.
595 /* set attributes now because file will not be extracted */
597 plugin_set_attributes(jcr, attr, &rctx.bfd);
599 set_attributes(jcr, attr, &rctx.bfd);
607 case STREAM_ENCRYPTED_SESSION_DATA:
608 crypto_error_t cryptoerr;
610 /* The current file will not be extracted, do not create a crypto session */
615 /* Is this an unexpected session data entry? */
617 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
618 rctx.extract = false;
623 /* Do we have any keys at all? */
624 if (!jcr->crypto.pki_recipients) {
625 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
626 rctx.extract = false;
631 if (jcr->crypto.digest) {
632 crypto_digest_free(jcr->crypto.digest);
634 jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
635 if (!jcr->crypto.digest) {
636 Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
637 rctx.extract = false;
642 /* Decode and save session keys. */
643 cryptoerr = crypto_session_decode((uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen,
644 jcr->crypto.pki_recipients, &rctx.cs);
646 case CRYPTO_ERROR_NONE:
649 case CRYPTO_ERROR_NORECIPIENT:
650 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
652 case CRYPTO_ERROR_DECRYPTION:
653 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
655 case CRYPTO_ERROR_NOSIGNER:
656 Jmsg(jcr, M_ERROR, 0, _("Signer not found. Decryption failed.\n"));
658 case CRYPTO_ERROR_INVALID_DIGEST:
659 Jmsg(jcr, M_ERROR, 0, _("Unsupported digest algorithm. Decrypt failed.\n"));
661 case CRYPTO_ERROR_INVALID_CRYPTO:
662 Jmsg(jcr, M_ERROR, 0, _("Unsupported encryption algorithm. Decrypt failed.\n"));
665 /* This shouldn't happen */
666 Jmsg2(jcr, M_ERROR, 0, _("An error=%d occurred while decoding encrypted session data stream: ERR=%s\n"),
667 cryptoerr, crypto_strerror(cryptoerr));
671 if (cryptoerr != CRYPTO_ERROR_NONE) {
672 rctx.extract = false;
679 case STREAM_FILE_DATA:
680 case STREAM_SPARSE_DATA:
681 case STREAM_WIN32_DATA:
682 case STREAM_GZIP_DATA:
683 case STREAM_SPARSE_GZIP_DATA:
684 case STREAM_WIN32_GZIP_DATA:
685 case STREAM_COMPRESSED_DATA:
686 case STREAM_SPARSE_COMPRESSED_DATA:
687 case STREAM_WIN32_COMPRESSED_DATA:
688 case STREAM_ENCRYPTED_FILE_DATA:
689 case STREAM_ENCRYPTED_WIN32_DATA:
690 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
691 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
692 case STREAM_ENCRYPTED_FILE_COMPRESSED_DATA:
693 case STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA:
694 /* Force an expected, consistent stream type here */
695 if (rctx.extract && (rctx.prev_stream == rctx.stream
696 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
697 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
698 || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
701 if (rctx.stream == STREAM_SPARSE_DATA
702 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
703 || rctx.stream == STREAM_SPARSE_GZIP_DATA) {
704 rctx.flags |= FO_SPARSE;
707 if (rctx.stream == STREAM_GZIP_DATA
708 || rctx.stream == STREAM_SPARSE_GZIP_DATA
709 || rctx.stream == STREAM_WIN32_GZIP_DATA
710 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
711 || rctx.stream == STREAM_COMPRESSED_DATA
712 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
713 || rctx.stream == STREAM_WIN32_COMPRESSED_DATA
714 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
715 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
716 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
717 rctx.flags |= FO_COMPRESS;
718 rctx.comp_stream = rctx.stream;
721 if (rctx.stream == STREAM_ENCRYPTED_FILE_DATA
722 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
723 || rctx.stream == STREAM_ENCRYPTED_WIN32_DATA
724 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
725 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
726 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
727 /* Set up a decryption context */
728 if (!rctx.cipher_ctx.cipher) {
730 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
731 rctx.extract = false;
736 if ((rctx.cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false,
737 &rctx.cipher_ctx.block_size)) == NULL) {
738 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
740 rctx.extract = false;
745 rctx.flags |= FO_ENCRYPT;
748 if (is_win32_stream(rctx.stream) &&
749 (win32decomp || !have_win32_api())) {
750 set_portable_backup(&rctx.bfd);
751 rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
754 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
755 rctx.extract = false;
763 * Resource fork stream - only recorded after a file to be restored
764 * Silently ignore if we cannot write - we already reported that
766 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
767 case STREAM_MACOS_FORK_DATA:
768 if (have_darwin_os) {
770 jcr->ff->flags |= FO_HFSPLUS;
772 if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
773 rctx.fork_flags |= FO_ENCRYPT;
775 /* Set up a decryption context */
776 if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
778 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
779 rctx.extract = false;
784 if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
785 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
787 rctx.extract = false;
795 if (rctx.prev_stream != rctx.stream) {
796 if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
797 Jmsg(jcr, M_WARNING, 0, _("Cannot open resource fork for %s.\n"), jcr->last_fname);
798 rctx.extract = false;
802 rctx.fork_size = rsrc_len;
803 Dmsg0(130, "Restoring resource fork\n");
806 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
807 rctx.extract = false;
808 bclose(&rctx.forkbfd);
817 case STREAM_HFSPLUS_ATTRIBUTES:
818 if (have_darwin_os) {
819 if (!restore_finderinfo(jcr, bmsg->rbuf, bmsg->rbuflen)) {
823 non_suppored_finfo++;
827 case STREAM_UNIX_ACCESS_ACL:
828 case STREAM_UNIX_DEFAULT_ACL:
829 case STREAM_XACL_AIX_TEXT:
830 case STREAM_XACL_DARWIN_ACCESS:
831 case STREAM_XACL_FREEBSD_DEFAULT:
832 case STREAM_XACL_FREEBSD_ACCESS:
833 case STREAM_XACL_HPUX_ACL_ENTRY:
834 case STREAM_XACL_IRIX_DEFAULT:
835 case STREAM_XACL_IRIX_ACCESS:
836 case STREAM_XACL_LINUX_DEFAULT:
837 case STREAM_XACL_LINUX_ACCESS:
838 case STREAM_XACL_TRU64_DEFAULT:
839 case STREAM_XACL_TRU64_DEFAULT_DIR:
840 case STREAM_XACL_TRU64_ACCESS:
841 case STREAM_XACL_SOLARIS_POSIX:
842 case STREAM_XACL_SOLARIS_NFS4:
843 case STREAM_XACL_AFS_TEXT:
844 case STREAM_XACL_AIX_AIXC:
845 case STREAM_XACL_AIX_NFS4:
846 case STREAM_XACL_FREEBSD_NFS4:
847 case STREAM_XACL_HURD_DEFAULT:
848 case STREAM_XACL_HURD_ACCESS:
850 * Do not restore ACLs when
851 * a) The current file is not extracted
852 * b) and it is not a directory (they are never "extracted")
853 * c) or the file name is empty
855 if ((!rctx.extract &&
856 jcr->last_type != FT_DIREND) ||
857 (*jcr->last_fname == 0)) {
862 * For anything that is not a directory we delay
863 * the restore of acls till a later stage.
865 if (jcr->last_type != FT_DIREND) {
866 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
868 if (!do_restore_acl(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
877 case STREAM_XACL_HURD_XATTR:
878 case STREAM_XACL_IRIX_XATTR:
879 case STREAM_XACL_TRU64_XATTR:
880 case STREAM_XACL_AIX_XATTR:
881 case STREAM_XACL_OPENBSD_XATTR:
882 case STREAM_XACL_SOLARIS_SYS_XATTR:
883 case STREAM_XACL_DARWIN_XATTR:
884 case STREAM_XACL_FREEBSD_XATTR:
885 case STREAM_XACL_LINUX_XATTR:
886 case STREAM_XACL_NETBSD_XATTR:
888 * Do not restore Extended Attributes when
889 * a) The current file is not extracted
890 * b) and it is not a directory (they are never "extracted")
891 * c) or the file name is empty
893 if ((!rctx.extract &&
894 jcr->last_type != FT_DIREND) ||
895 (*jcr->last_fname == 0)) {
900 * For anything that is not a directory we delay
901 * the restore of xattr till a later stage.
903 if (jcr->last_type != FT_DIREND) {
904 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
906 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
911 non_suppored_xattr++;
915 case STREAM_XACL_SOLARIS_XATTR:
917 * Do not restore Extended Attributes when
918 * a) The current file is not extracted
919 * b) and it is not a directory (they are never "extracted")
920 * c) or the file name is empty
922 if ((!rctx.extract &&
923 jcr->last_type != FT_DIREND) ||
924 (*jcr->last_fname == 0)) {
928 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
932 non_suppored_xattr++;
936 case STREAM_SIGNED_DIGEST:
937 /* Is this an unexpected signature? */
939 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
940 free_signature(rctx);
943 /* Save signature. */
944 if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen)) == NULL) {
945 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
949 case STREAM_MD5_DIGEST:
950 case STREAM_SHA1_DIGEST:
951 case STREAM_SHA256_DIGEST:
952 case STREAM_SHA512_DIGEST:
955 case STREAM_PROGRAM_NAMES:
956 case STREAM_PROGRAM_DATA:
957 if (!non_suppored_progname) {
958 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
959 non_suppored_progname++;
963 case STREAM_PLUGIN_NAME:
964 if (!close_previous_stream(rctx)) {
967 Dmsg1(150, "restore stream_plugin_name=%s\n", bmsg->rbuf);
968 plugin_name_stream(jcr, bmsg->rbuf);
971 case STREAM_RESTORE_OBJECT:
972 break; /* these are sent by Director */
975 if (!close_previous_stream(rctx)) {
978 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
980 Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, bmsg->rbuf);
982 } /* end switch(stream) */
984 } /* end while get_msg() */
987 * If output file is still open, it was the last one in the
988 * archive since we just hit an end of file, so close the file.
990 if (is_bopen(&rctx.forkbfd)) {
991 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
994 if (!close_previous_stream(rctx)) {
997 jcr->setJobStatus(JS_Terminated);
1001 jcr->setJobStatus(JS_ErrorTerminated);
1005 fdmsg->wait_read_sock();
1010 * First output the statistics.
1012 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
1013 edit_uint64(jcr->JobBytes, ec1));
1016 if (jcr->xacl->get_acl_nr_errors() > 0) {
1017 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld acl errors while doing restore\n"), jcr->xacl->get_acl_nr_errors());
1019 if (jcr->xacl->get_xattr_nr_errors() > 0) {
1020 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld xattr errors while doing restore\n"), jcr->xacl->get_xattr_nr_errors());
1023 if (non_suppored_data > 1 || non_suppored_attr > 1) {
1024 Jmsg(jcr, M_WARNING, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
1025 non_suppored_data, non_suppored_attr);
1027 if (non_suppored_rsrc) {
1028 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_suppored_rsrc);
1030 if (non_suppored_finfo) {
1031 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_suppored_finfo);
1033 if (non_suppored_acl) {
1034 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_suppored_acl);
1036 if (non_suppored_crypto) {
1037 Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_suppored_acl);
1039 if (non_suppored_xattr) {
1040 Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_suppored_xattr);
1043 /* Free Signature & Crypto Data */
1044 free_signature(rctx);
1046 if (jcr->crypto.digest) {
1047 crypto_digest_free(jcr->crypto.digest);
1048 jcr->crypto.digest = NULL;
1051 /* Free file cipher restore context */
1052 if (rctx.cipher_ctx.cipher) {
1053 crypto_cipher_free(rctx.cipher_ctx.cipher);
1054 rctx.cipher_ctx.cipher = NULL;
1057 if (rctx.cipher_ctx.buf) {
1058 free_pool_memory(rctx.cipher_ctx.buf);
1059 rctx.cipher_ctx.buf = NULL;
1062 /* Free alternate stream cipher restore context */
1063 if (rctx.fork_cipher_ctx.cipher) {
1064 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1065 rctx.fork_cipher_ctx.cipher = NULL;
1067 if (rctx.fork_cipher_ctx.buf) {
1068 free_pool_memory(rctx.fork_cipher_ctx.buf);
1069 rctx.fork_cipher_ctx.buf = NULL;
1072 if (jcr->compress_buf) {
1073 free_pool_memory(jcr->compress_buf);
1074 jcr->compress_buf = NULL;
1075 jcr->compress_buf_size = 0;
1083 /* Free the delayed stream stack list. */
1084 if (rctx.delayed_streams) {
1085 drop_delayed_restore_streams(rctx, false);
1086 delete rctx.delayed_streams;
1090 bclose(&rctx.forkbfd);
1092 free_attr(rctx.attr);
1097 * Convert ZLIB error code into an ASCII message
1099 static const char *zlib_strerror(int stat)
1106 return _("Zlib errno");
1107 case Z_STREAM_ERROR:
1108 return _("Zlib stream error");
1110 return _("Zlib data error");
1112 return _("Zlib memory error");
1114 return _("Zlib buffer error");
1115 case Z_VERSION_ERROR:
1116 return _("Zlib version error");
1123 static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
1125 Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
1126 return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
1129 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length)
1134 unser_begin(*data, OFFSET_FADDR_SIZE);
1135 unser_uint64(faddr);
1136 if (*addr != faddr) {
1138 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
1140 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
1141 edit_uint64(*addr, ec1), jcr->last_fname,
1142 be.bstrerror(bfd->berrno));
1146 *data += OFFSET_FADDR_SIZE;
1147 *length -= OFFSET_FADDR_SIZE;
1151 bool decompress_data(JCR *jcr, int32_t stream, char **data, uint32_t *length)
1153 #if defined(HAVE_LZO) || defined(HAVE_LIBZ)
1154 char ec1[50]; /* Buffer printing huge values */
1157 Dmsg1(200, "Stream found in decompress_data(): %d\n", stream);
1158 if(stream == STREAM_COMPRESSED_DATA || stream == STREAM_SPARSE_COMPRESSED_DATA || stream == STREAM_WIN32_COMPRESSED_DATA
1159 || stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA || stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA)
1161 uint32_t comp_magic, comp_len;
1162 uint16_t comp_level, comp_version;
1164 lzo_uint compress_len;
1165 const unsigned char *cbuf;
1166 int r, real_compress_len;
1169 /* read compress header */
1171 unser_begin(*data, sizeof(comp_stream_header));
1172 unser_uint32(comp_magic);
1173 unser_uint32(comp_len);
1174 unser_uint16(comp_level);
1175 unser_uint16(comp_version);
1176 Dmsg4(200, "Compressed data stream found: magic=0x%x, len=%d, level=%d, ver=0x%x\n", comp_magic, comp_len,
1177 comp_level, comp_version);
1180 if (comp_version != COMP_HEAD_VERSION) {
1181 Qmsg(jcr, M_ERROR, 0, _("Compressed header version error. Got=0x%x want=0x%x\n"), comp_version, COMP_HEAD_VERSION);
1185 if (comp_len + sizeof(comp_stream_header) != *length) {
1186 Qmsg(jcr, M_ERROR, 0, _("Compressed header size error. comp_len=%d, msglen=%d\n"),
1190 switch(comp_magic) {
1192 case COMPRESS_LZO1X:
1193 compress_len = jcr->compress_buf_size;
1194 cbuf = (const unsigned char*)*data + sizeof(comp_stream_header);
1195 real_compress_len = *length - sizeof(comp_stream_header);
1196 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1197 while ((r=lzo1x_decompress_safe(cbuf, real_compress_len,
1198 (unsigned char *)jcr->compress_buf, &compress_len, NULL)) == LZO_E_OUTPUT_OVERRUN)
1201 * The buffer size is too small, try with a bigger one
1203 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1204 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1205 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1208 if (r != LZO_E_OK) {
1209 Qmsg(jcr, M_ERROR, 0, _("LZO uncompression error on file %s. ERR=%d\n"),
1210 jcr->last_fname, r);
1213 *data = jcr->compress_buf;
1214 *length = compress_len;
1215 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1219 Qmsg(jcr, M_ERROR, 0, _("Compression algorithm 0x%x found, but not supported!\n"), comp_magic);
1228 * NOTE! We only use uLong and Byte because they are
1229 * needed by the zlib routines, they should not otherwise
1230 * be used in Bacula.
1232 compress_len = jcr->compress_buf_size;
1233 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1234 while ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
1235 (const Byte *)*data, (uLong)*length)) == Z_BUF_ERROR)
1237 /* The buffer size is too small, try with a bigger one. */
1238 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1239 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1240 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1244 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
1245 jcr->last_fname, zlib_strerror(stat));
1248 *data = jcr->compress_buf;
1249 *length = compress_len;
1250 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1253 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
1259 static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
1262 if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
1263 unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
1264 unser_uint32(ctx->packet_len);
1265 ctx->packet_len += CRYPTO_LEN_SIZE;
1269 static bool store_data(r_ctx &rctx, char *data, const int32_t length, bool win32_decomp)
1271 JCR *jcr = rctx.jcr;
1272 BFILE *bfd = &rctx.bfd;
1275 if (jcr->crypto.digest) {
1276 crypto_digest_update(jcr->crypto.digest, (uint8_t *)data, length);
1279 if (!processWin32BackupAPIBlock(bfd, data, length)) {
1281 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
1282 jcr->last_fname, be.bstrerror(bfd->berrno));
1285 } else if ((wstat=bwrite(bfd, data, length)) != (ssize_t)length) {
1288 int len = strlen(jcr->last_fname);
1290 * If this is the first write and the "file" is a directory
1291 * or a drive letter, then only issue a warning as we are
1292 * not able to reset the metadata, then continue.
1293 * If the above is true and we have an error code 91
1294 * (directory not empty), supress the error entirely.
1296 if (bfd->block == 0 && len >= 2 && (jcr->last_fname[len-1] == '/' ||
1297 jcr->last_fname[len-1] == ':')) {
1299 if (bfd->lerror == 91) { /* Directory not empty */
1300 type = 0; /* suppress error */
1305 /* Insufficient bytes written */
1306 Jmsg4(jcr, type, 0, _("Wrong write size error at byte=%lld block=%d wanted=%d wrote=%d\n"),
1307 bfd->total_bytes, bfd->block, length, wstat);
1310 Jmsg6(jcr, type, 0, _("Write error at byte=%lld block=%d write_len=%d lerror=%d on %s: ERR=%s\n"),
1311 bfd->total_bytes, bfd->block, length, bfd->lerror,
1312 jcr->last_fname, be.bstrerror(bfd->berrno));
1316 /* Ignore errors? */
1317 if (type == M_WARNING || type == 0 || no_win32_write_errors) {
1326 * In the context of jcr, write data to bfd.
1327 * We write buflen bytes in buf at addr. addr is updated in place.
1328 * The flags specify whether to use sparse files or compression.
1329 * Return value is the number of bytes written, or -1 on errors.
1331 int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen)
1333 JCR *jcr = rctx.jcr;
1334 BFILE *bfd = &rctx.bfd;
1335 int flags = rctx.flags;
1336 int32_t stream = rctx.stream;
1337 RESTORE_CIPHER_CTX *cipher_ctx = &rctx.cipher_ctx;
1338 char *wbuf; /* write buffer */
1339 uint32_t wsize; /* write size */
1340 uint32_t rsize; /* read size */
1341 uint32_t decrypted_len = 0; /* Decryption output length */
1342 char ec1[50]; /* Buffer printing huge values */
1345 jcr->ReadBytes += rsize;
1349 if (flags & FO_ENCRYPT) {
1350 ASSERT(cipher_ctx->cipher);
1353 * Grow the crypto buffer, if necessary.
1354 * crypto_cipher_update() will process only whole blocks,
1355 * buffering the remaining input.
1357 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1358 cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
1360 /* Decrypt the input block */
1361 if (!crypto_cipher_update(cipher_ctx->cipher,
1362 (const u_int8_t *)wbuf,
1364 (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1366 /* Decryption failed. Shouldn't happen. */
1367 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
1371 if (decrypted_len == 0) {
1372 /* No full block of encrypted data available, write more data */
1376 Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
1378 cipher_ctx->buf_len += decrypted_len;
1379 wbuf = cipher_ctx->buf;
1381 /* If one full preserved block is available, write it to disk,
1382 * and then buffer any remaining data. This should be effecient
1383 * as long as Bacula's block size is not significantly smaller than the
1384 * encryption block size (extremely unlikely!)
1386 unser_crypto_packet_len(cipher_ctx);
1387 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1389 if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
1390 /* No full preserved block is available. */
1394 /* We have one full block, set up the filter input buffers */
1395 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1396 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1397 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1398 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1401 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1402 if (!sparse_data(jcr, bfd, &rctx.fileAddr, &wbuf, &wsize)) {
1407 if (flags & FO_COMPRESS) {
1408 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1413 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1416 jcr->JobBytes += wsize;
1417 rctx.fileAddr += wsize;
1418 Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1420 /* Clean up crypto buffers */
1421 if (flags & FO_ENCRYPT) {
1422 /* Move any remaining data to start of buffer */
1423 if (cipher_ctx->buf_len > 0) {
1424 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1425 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1426 cipher_ctx->buf_len);
1428 /* The packet was successfully written, reset the length so that
1429 * the next packet length may be re-read by unser_crypto_packet_len() */
1430 cipher_ctx->packet_len = 0;
1439 * If extracting, close any previous stream
1441 static bool close_previous_stream(r_ctx &rctx)
1446 * If extracting, it was from previous stream, so
1447 * close the output file and validate the signature.
1450 if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
1451 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
1452 Pmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
1453 is_bopen(&rctx.bfd));
1456 if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
1457 deallocate_cipher(rctx);
1458 deallocate_fork_cipher(rctx);
1461 if (rctx.jcr->plugin) {
1462 plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1464 set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1466 rctx.extract = false;
1468 /* Now perform the delayed restore of some specific data streams. */
1469 rtn = pop_delayed_data_streams(rctx);
1471 /* Verify the cryptographic signature, if any */
1472 rctx.type = rctx.attr->type;
1473 verify_signature(rctx);
1475 /* Free Signature */
1476 free_signature(rctx);
1478 rctx.jcr->ff->flags = 0;
1479 Dmsg0(130, "Stop extracting.\n");
1480 } else if (is_bopen(&rctx.bfd)) {
1481 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
1482 Pmsg0(000, "=== logic error !open\n");
1490 * In the context of jcr, flush any remaining data from the cipher context,
1491 * writing it to bfd.
1492 * Return value is true on success, false on failure.
1494 bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
1495 RESTORE_CIPHER_CTX *cipher_ctx)
1497 JCR *jcr = rctx.jcr;
1498 uint32_t decrypted_len = 0;
1499 char *wbuf; /* write buffer */
1500 uint32_t wsize; /* write size */
1501 char ec1[50]; /* Buffer printing huge values */
1502 bool second_pass = false;
1505 /* Write out the remaining block and free the cipher context */
1506 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1507 cipher_ctx->buf_len + cipher_ctx->block_size);
1509 if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1511 /* Writing out the final, buffered block failed. Shouldn't happen. */
1512 Jmsg3(jcr, M_ERROR, 0, _("Decryption error. buf_len=%d decrypt_len=%d on file %s\n"),
1513 cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
1516 Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
1517 /* If nothing new was decrypted, and our output buffer is empty, return */
1518 if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
1522 cipher_ctx->buf_len += decrypted_len;
1524 unser_crypto_packet_len(cipher_ctx);
1525 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1526 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1527 /* Decrypted, possibly decompressed output here. */
1528 wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1529 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1530 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1532 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1533 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1538 if (flags & FO_COMPRESS) {
1539 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1544 Dmsg0(130, "Call store_data\n");
1545 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1548 jcr->JobBytes += wsize;
1549 Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1551 /* Move any remaining data to start of buffer. */
1552 if (cipher_ctx->buf_len > 0) {
1553 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1554 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1555 cipher_ctx->buf_len);
1557 /* The packet was successfully written, reset the length so that the next
1558 * packet length may be re-read by unser_crypto_packet_len() */
1559 cipher_ctx->packet_len = 0;
1561 if (cipher_ctx->buf_len >0 && !second_pass) {
1566 /* Stop decryption */
1567 cipher_ctx->buf_len = 0;
1568 cipher_ctx->packet_len = 0;
1573 static void deallocate_cipher(r_ctx &rctx)
1575 /* Flush and deallocate previous stream's cipher context */
1576 if (rctx.cipher_ctx.cipher) {
1577 flush_cipher(rctx, &rctx.bfd, &rctx.fileAddr, rctx.flags, rctx.comp_stream, &rctx.cipher_ctx);
1578 crypto_cipher_free(rctx.cipher_ctx.cipher);
1579 rctx.cipher_ctx.cipher = NULL;
1583 static void deallocate_fork_cipher(r_ctx &rctx)
1586 /* Flush and deallocate previous stream's fork cipher context */
1587 if (rctx.fork_cipher_ctx.cipher) {
1588 flush_cipher(rctx, &rctx.forkbfd, &rctx.fork_addr, rctx.fork_flags, rctx.comp_stream, &rctx.fork_cipher_ctx);
1589 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1590 rctx.fork_cipher_ctx.cipher = NULL;
1594 static void free_signature(r_ctx &rctx)
1597 crypto_sign_free(rctx.sig);
1602 static void free_session(r_ctx &rctx)
1605 crypto_session_free(rctx.cs);
1611 * Verify the signature for the last restored file
1612 * Return value is either true (signature correct)
1613 * or false (signature could not be verified).
1614 * TODO landonf: Implement without using find_one_file and
1615 * without re-reading the file.
1617 static bool verify_signature(r_ctx &rctx)
1619 JCR *jcr = rctx.jcr;
1620 X509_KEYPAIR *keypair;
1621 DIGEST *digest = NULL;
1623 uint64_t saved_bytes;
1624 crypto_digest_t signing_algorithm = have_sha2 ?
1625 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
1626 crypto_digest_t algorithm;
1627 SIGNATURE *sig = rctx.sig;
1630 if (!jcr->crypto.pki_sign) {
1631 /* no signature OK */
1635 if (rctx.type == FT_REGE || rctx.type == FT_REG || rctx.type == FT_RAW) {
1636 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"),
1643 /* Iterate through the trusted signers */
1644 foreach_alist(keypair, jcr->crypto.pki_signers) {
1645 err = crypto_sign_get_digest(sig, jcr->crypto.pki_keypair, algorithm, &digest);
1647 case CRYPTO_ERROR_NONE:
1648 Dmsg0(50, "== Got digest\n");
1650 * We computed jcr->crypto.digest using signing_algorithm while writing
1651 * the file. If it is not the same as the algorithm used for
1652 * this file, punt by releasing the computed algorithm and
1653 * computing by re-reading the file.
1655 if (algorithm != signing_algorithm) {
1656 if (jcr->crypto.digest) {
1657 crypto_digest_free(jcr->crypto.digest);
1658 jcr->crypto.digest = NULL;
1661 if (jcr->crypto.digest) {
1662 /* Use digest computed while writing the file to verify
1664 if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
1665 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1666 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1667 jcr->last_fname, crypto_strerror(err));
1671 /* Signature found, digest allocated. Old method,
1672 * re-read the file and compute the digest */
1673 jcr->crypto.digest = digest;
1675 /* Checksum the entire file
1676 * Make sure we don't modify JobBytes by saving and
1678 saved_bytes = jcr->JobBytes;
1679 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
1680 Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
1682 jcr->JobBytes = saved_bytes;
1685 jcr->JobBytes = saved_bytes;
1687 /* Verify the signature */
1688 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
1689 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1690 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1691 jcr->last_fname, crypto_strerror(err));
1694 jcr->crypto.digest = NULL;
1697 /* Valid signature */
1698 Dmsg1(50, "Signature good on %s\n", jcr->last_fname);
1699 crypto_digest_free(digest);
1702 case CRYPTO_ERROR_NOSIGNER:
1703 /* Signature not found, try again */
1705 crypto_digest_free(digest);
1710 /* Something strange happened (that shouldn't happen!)... */
1711 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
1717 Dmsg1(50, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
1721 crypto_digest_free(digest);