2 Bacula(R) - The Network Backup Solution
4 Copyright (C) 2000-2016 Kern Sibbald
5 Copyright (C) 2000-2014 Free Software Foundation Europe e.V.
7 The original author of Bacula is Kern Sibbald, with contributions
8 from many others, a complete list can be found in the file AUTHORS.
10 You may use this file and others of this release according to the
11 license defined in the LICENSE file, which includes the Affero General
12 Public License, v3.0 ("AGPLv3") and some additional permissions and
13 terms pursuant to its AGPLv3 Section 7.
15 This notice must be preserved when any source code is
16 conveyed and/or propagated.
18 Bacula(R) is a registered trademark of Kern Sibbald.
21 * Bacula File Daemon restore.c Restorefiles.
23 * Kern Sibbald, November MM
34 const bool have_darwin_os = true;
36 const bool have_darwin_os = false;
39 #if defined(HAVE_CRYPTO)
40 const bool have_crypto = true;
42 const bool have_crypto = false;
46 const bool have_acl = true;
48 const bool have_acl = false;
52 const bool have_sha2 = true;
54 const bool have_sha2 = false;
57 #if defined(HAVE_XATTR)
58 const bool have_xattr = true;
60 const bool have_xattr = false;
63 /* Data received from Storage Daemon */
64 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
66 /* Forward referenced functions */
67 #if defined(HAVE_LIBZ)
68 static const char *zlib_strerror(int stat);
69 const bool have_libz = true;
71 const bool have_libz = false;
74 const bool have_lzo = true;
76 const bool have_lzo = false;
79 static void deallocate_cipher(r_ctx &rctx);
80 static void deallocate_fork_cipher(r_ctx &rctx);
81 static bool verify_signature(r_ctx &rctx);
82 static void free_signature(r_ctx &rctx);
83 static void free_session(r_ctx &rctx);
84 static bool close_previous_stream(r_ctx &rctx);
85 static int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen);
86 static bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
87 RESTORE_CIPHER_CTX *cipher_ctx);
90 * Close a bfd check that we are at the expected file offset.
91 * Makes use of some code from set_attributes().
93 static int bclose_chksize(r_ctx &rctx, BFILE *bfd, boffset_t osize)
95 char ec1[50], ec2[50];
99 fsize = blseek(bfd, 0, SEEK_CUR);
100 bclose(bfd); /* first close file */
101 if (fsize > 0 && fsize != osize) {
102 Qmsg3(jcr, M_WARNING, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
103 jcr->last_fname, edit_uint64(osize, ec1),
104 edit_uint64(fsize, ec2));
110 #ifdef HAVE_DARWIN_OS
111 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
113 struct attrlist attrList;
115 memset(&attrList, 0, sizeof(attrList));
116 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
117 attrList.commonattr = ATTR_CMN_FNDRINFO;
119 Dmsg0(130, "Restoring Finder Info\n");
120 jcr->ff->flags |= FO_HFSPLUS;
122 Jmsg(jcr, M_WARNING, 0, _("Invalid length of Finder Info (got %d, wanted 32)\n"), buflen);
126 if (setattrlist(jcr->last_fname, &attrList, buf, buflen, 0) != 0) {
127 Jmsg(jcr, M_WARNING, 0, _("Error setting Finder Info on \"%s\"\n"), jcr->last_fname);
135 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
143 * Cleanup of delayed restore stack with streams for later processing.
145 static void drop_delayed_restore_streams(r_ctx &rctx, bool reuse)
147 RESTORE_DATA_STREAM *rds;
149 if (!rctx.delayed_streams) {
151 rctx.delayed_streams = New(alist(10, owned_by_alist));
155 if (rctx.delayed_streams->empty()) {
159 foreach_alist(rds, rctx.delayed_streams) {
165 rctx.delayed_streams->destroy();
167 rctx.delayed_streams->init(10, owned_by_alist);
173 * Push a data stream onto the delayed restore stack for
176 static inline void push_delayed_restore_stream(r_ctx &rctx, char *msg, int msglen)
178 RESTORE_DATA_STREAM *rds;
183 if (!rctx.delayed_streams) {
184 rctx.delayed_streams = New(alist(10, owned_by_alist));
187 rds = (RESTORE_DATA_STREAM *)malloc(sizeof(RESTORE_DATA_STREAM));
188 rds->stream = rctx.stream;
189 rds->content = (char *)malloc(msglen);
190 memcpy(rds->content, msg, msglen);
191 rds->content_length = msglen;
192 rctx.delayed_streams->append(rds);
196 * Perform a restore of an ACL using the stream received.
197 * This can either be a delayed restore or direct restore.
199 static inline bool do_restore_acl(JCR *jcr, int stream, char *content,
200 uint32_t content_length)
202 switch (jcr->xacl->restore_acl(jcr, stream, content, content_length)) {
207 * Non-fatal errors, count them and when the number is under ACL_MAX_ERROR_PRINT_PER_JOB
208 * print the error message set by the lower level routine in jcr->errmsg.
210 if (jcr->xacl->get_acl_nr_errors() < ACL_MAX_ERROR_PRINT_PER_JOB) {
211 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
221 * Perform a restore of an XATTR using the stream received.
222 * This can either be a delayed restore or direct restore.
224 static inline bool do_restore_xattr(JCR *jcr, int stream, char *content,
225 uint32_t content_length)
227 switch (jcr->xacl->restore_xattr(jcr, stream, content, content_length)) {
232 * Non-fatal errors, count them and when the number is under XATTR_MAX_ERROR_PRINT_PER_JOB
233 * print the error message set by the lower level routine in jcr->errmsg.
235 if (jcr->xacl->get_xattr_nr_errors() < XATTR_MAX_ERROR_PRINT_PER_JOB) {
236 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
246 * Restore any data streams that are restored after the file
247 * is fully restored and has its attributes restored. Things
248 * like acls and xattr are restored after we set the file
249 * attributes otherwise we might clear some security flags
250 * by setting the attributes.
252 static inline bool pop_delayed_data_streams(r_ctx &rctx)
254 RESTORE_DATA_STREAM *rds;
258 * See if there is anything todo.
260 if (!rctx.delayed_streams ||
261 rctx.delayed_streams->empty()) {
266 * Only process known delayed data streams here.
267 * If you start using more delayed data streams
268 * be sure to add them in this loop and add the
271 * Currently we support delayed data stream
272 * processing for the following type of streams:
276 foreach_alist(rds, rctx.delayed_streams) {
277 switch (rds->stream) {
278 case STREAM_UNIX_ACCESS_ACL:
279 case STREAM_UNIX_DEFAULT_ACL:
280 case STREAM_XACL_AIX_TEXT:
281 case STREAM_XACL_DARWIN_ACCESS:
282 case STREAM_XACL_FREEBSD_DEFAULT:
283 case STREAM_XACL_FREEBSD_ACCESS:
284 case STREAM_XACL_HPUX_ACL_ENTRY:
285 case STREAM_XACL_IRIX_DEFAULT:
286 case STREAM_XACL_IRIX_ACCESS:
287 case STREAM_XACL_LINUX_DEFAULT:
288 case STREAM_XACL_LINUX_ACCESS:
289 case STREAM_XACL_TRU64_DEFAULT:
290 case STREAM_XACL_TRU64_DEFAULT_DIR:
291 case STREAM_XACL_TRU64_ACCESS:
292 case STREAM_XACL_SOLARIS_POSIX:
293 case STREAM_XACL_SOLARIS_NFS4:
294 case STREAM_XACL_AFS_TEXT:
295 case STREAM_XACL_AIX_AIXC:
296 case STREAM_XACL_AIX_NFS4:
297 case STREAM_XACL_FREEBSD_NFS4:
298 case STREAM_XACL_HURD_DEFAULT:
299 case STREAM_XACL_HURD_ACCESS:
300 if (!do_restore_acl(jcr, rds->stream, rds->content, rds->content_length)) {
304 case STREAM_XACL_HURD_XATTR:
305 case STREAM_XACL_IRIX_XATTR:
306 case STREAM_XACL_TRU64_XATTR:
307 case STREAM_XACL_AIX_XATTR:
308 case STREAM_XACL_OPENBSD_XATTR:
309 case STREAM_XACL_SOLARIS_SYS_XATTR:
310 case STREAM_XACL_DARWIN_XATTR:
311 case STREAM_XACL_FREEBSD_XATTR:
312 case STREAM_XACL_LINUX_XATTR:
313 case STREAM_XACL_NETBSD_XATTR:
314 if (!do_restore_xattr(jcr, rds->stream, rds->content, rds->content_length)) {
319 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
329 drop_delayed_restore_streams(rctx, true);
333 drop_delayed_restore_streams(rctx, true);
339 * Restore the requested files.
341 void do_restore(JCR *jcr)
344 uint32_t VolSessionId, VolSessionTime;
346 char ec1[50]; /* Buffer printing huge values */
347 uint32_t buf_size; /* client buffer size */
349 int64_t rsrc_len = 0; /* Original length of resource fork */
352 /* ***FIXME*** make configurable */
353 crypto_digest_t signing_algorithm = have_sha2 ?
354 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
355 memset(&rctx, 0, sizeof(rctx));
358 /* The following variables keep track of "known unknowns" */
359 int non_suppored_data = 0;
360 int non_suppored_attr = 0;
361 int non_suppored_rsrc = 0;
362 int non_suppored_finfo = 0;
363 int non_suppored_acl = 0;
364 int non_suppored_progname = 0;
365 int non_suppored_crypto = 0;
366 int non_suppored_xattr = 0;
368 sd = jcr->store_bsock;
369 jcr->setJobStatus(JS_Running);
372 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
375 buf_size = client->max_network_buffer_size;
377 buf_size = 0; /* use default */
379 if (!sd->set_buffer_size(buf_size, BNET_SETBUF_WRITE)) {
380 jcr->setJobStatus(JS_ErrorTerminated);
383 jcr->buf_size = sd->msglen;
385 /* use the same buffer size to decompress both gzip and lzo */
386 if (have_libz || have_lzo) {
387 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
388 jcr->compress_buf = get_memory(compress_buf_size);
389 jcr->compress_buf_size = compress_buf_size;
394 fdmsg = New(GetMsg(jcr, sd, rec_header, GETMSG_MAX_MSG_SIZE));
396 fdmsg->start_read_sock();
397 bmessage *bmsg = fdmsg->new_msg(); /* get a message, to exchange with fdmsg */
400 if (lzo_init() != LZO_E_OK) {
401 Jmsg(jcr, M_FATAL, 0, _("LZO init failed\n"));
407 rctx.cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
408 if (have_darwin_os) {
409 rctx.fork_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
414 * Get a record from the Storage daemon. We are guaranteed to
415 * receive records in the following order:
416 * 1. Stream record header
417 * 2. Stream data (one or more of the following in the order given)
418 * a. Attributes (Unix or Windows)
419 * b. Possibly stream encryption session data (e.g., symmetric session key)
420 * c. File data for the file
421 * d. Alternate data stream (e.g. Resource Fork)
425 * h. Possibly a cryptographic signature
426 * i. Possibly MD5 or SHA1 record
429 * NOTE: We keep track of two bacula file descriptors:
430 * 1. bfd for file data.
431 * This fd is opened for non empty files when an attribute stream is
432 * encountered and closed when we find the next attribute stream.
433 * 2. fork_bfd for alternate data streams
434 * This fd is opened every time we encounter a new alternate data
435 * stream for the current file. When we find any other stream, we
437 * The expected size of the stream, fork_len, should be set when
439 * 3. Not all the stream data records are required -- e.g. if there
440 * is no fork, there is no alternate data stream, no ACL, ...
443 binit(&rctx.forkbfd);
444 attr = rctx.attr = new_attr(jcr);
445 jcr->xacl = (XACL*)new_xacl();
448 while (fdmsg->bget_msg(&bmsg) >= 0 && !job_canceled(jcr)) {
449 /* Remember previous stream type */
450 rctx.prev_stream = rctx.stream;
452 /* First we expect a Stream Record Header */
454 if (sscanf(bmsg->rbuf, rec_header, &VolSessionId, &VolSessionTime, &file_index,
455 &rctx.full_stream, &rctx.size) != 5) {
456 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), bmsg->rbuf);
459 /* Strip off new stream high bits */
460 rctx.stream = rctx.full_stream & STREAMMASK_TYPE;
462 /* Now we expect the Stream Data */
463 if (fdmsg->bget_msg(&bmsg) < 0) {
464 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), sd->bstrerror());
467 if (rctx.size != (uint32_t)bmsg->origlen) {
468 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
469 bmsg->origlen, rctx.size);
470 Dmsg2(50, "Actual data size %d not same as header %d\n",
471 bmsg->origlen, rctx.size);
474 Dmsg3(620, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream),
475 bmsg->msglen, rctx.extract);
477 /* If we change streams, close and reset alternate data streams */
478 if (rctx.prev_stream != rctx.stream) {
479 if (is_bopen(&rctx.forkbfd)) {
480 deallocate_fork_cipher(rctx);
481 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
483 /* Use an impossible value and set a proper one below */
488 /* File Attributes stream */
489 switch (rctx.stream) {
490 case STREAM_UNIX_ATTRIBUTES:
491 case STREAM_UNIX_ATTRIBUTES_EX:
492 /* if any previous stream open, close it */
493 if (!close_previous_stream(rctx)) {
498 * TODO: manage deleted files
500 if (rctx.type == FT_DELETED) { /* deleted file */
504 * Restore objects should be ignored here -- they are
505 * returned at the beginning of the restore.
507 if (IS_FT_OBJECT(rctx.type)) {
512 * Unpack attributes and do sanity check them
514 if (!unpack_attributes_record(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen, attr)) {
518 attr->data_stream = decode_stat(attr->attr, &attr->statp, sizeof(attr->statp), &attr->LinkFI);
520 Dmsg5(100, "Stream %d: %s, File %s\nattrib=%s\nattribsEx=%s\n",
521 attr->data_stream, stream_to_ascii(attr->data_stream),
522 attr->fname, attr->attr, attr->attrEx);
523 Dmsg3(100, "=== msglen=%d attrExlen=%d msg=%s\n", bmsg->rbuflen,
524 strlen(attr->attrEx), bmsg->rbuf);
526 if (!is_restore_stream_supported(attr->data_stream)) {
527 Dmsg2(15, "Non-supported data stream %d: %s\n",
528 attr->data_stream, stream_to_ascii(attr->data_stream));
529 if (!non_suppored_data++) {
530 Jmsg(jcr, M_WARNING, 0, _("%s stream not supported on this Client.\n"),
531 stream_to_ascii(attr->data_stream));
536 build_attr_output_fnames(jcr, attr);
539 * Try to actually create the file, which returns a status telling
540 * us if we need to extract or not.
542 jcr->num_files_examined++;
543 rctx.extract = false;
544 stat = CF_CORE; /* By default, let Bacula's core handle it */
547 stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
550 if (stat == CF_CORE) {
551 stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
554 pm_strcpy(jcr->last_fname, attr->ofname);
555 jcr->last_type = attr->type;
557 Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
563 case CF_EXTRACT: /* File created and we expect file data */
565 /* FALLTHROUGH WANTED */
566 case CF_CREATED: /* File created, but there is no content */
567 /* File created, but there is no content */
569 print_ls_output(jcr, attr);
571 if (have_darwin_os) {
572 /* Only restore the resource fork for regular files */
573 from_base64(&rsrc_len, attr->attrEx);
574 if (attr->type == FT_REG && rsrc_len > 0) {
579 * Do not count the resource forks as regular files being restored.
589 /* set attributes now because file will not be extracted */
591 plugin_set_attributes(jcr, attr, &rctx.bfd);
593 set_attributes(jcr, attr, &rctx.bfd);
601 case STREAM_ENCRYPTED_SESSION_DATA:
602 crypto_error_t cryptoerr;
604 /* The current file will not be extracted, do not create a crypto session */
609 /* Is this an unexpected session data entry? */
611 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
612 rctx.extract = false;
617 /* Do we have any keys at all? */
618 if (!jcr->crypto.pki_recipients) {
619 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
620 rctx.extract = false;
625 if (jcr->crypto.digest) {
626 crypto_digest_free(jcr->crypto.digest);
628 jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
629 if (!jcr->crypto.digest) {
630 Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
631 rctx.extract = false;
636 /* Decode and save session keys. */
637 cryptoerr = crypto_session_decode((uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen,
638 jcr->crypto.pki_recipients, &rctx.cs);
640 case CRYPTO_ERROR_NONE:
643 case CRYPTO_ERROR_NORECIPIENT:
644 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
646 case CRYPTO_ERROR_DECRYPTION:
647 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
649 case CRYPTO_ERROR_NOSIGNER:
650 Jmsg(jcr, M_ERROR, 0, _("Signer not found. Decryption failed.\n"));
652 case CRYPTO_ERROR_INVALID_DIGEST:
653 Jmsg(jcr, M_ERROR, 0, _("Unsupported digest algorithm. Decrypt failed.\n"));
655 case CRYPTO_ERROR_INVALID_CRYPTO:
656 Jmsg(jcr, M_ERROR, 0, _("Unsupported encryption algorithm. Decrypt failed.\n"));
659 /* This shouldn't happen */
660 Jmsg2(jcr, M_ERROR, 0, _("An error=%d occurred while decoding encrypted session data stream: ERR=%s\n"),
661 cryptoerr, crypto_strerror(cryptoerr));
665 if (cryptoerr != CRYPTO_ERROR_NONE) {
666 rctx.extract = false;
673 case STREAM_FILE_DATA:
674 case STREAM_SPARSE_DATA:
675 case STREAM_WIN32_DATA:
676 case STREAM_GZIP_DATA:
677 case STREAM_SPARSE_GZIP_DATA:
678 case STREAM_WIN32_GZIP_DATA:
679 case STREAM_COMPRESSED_DATA:
680 case STREAM_SPARSE_COMPRESSED_DATA:
681 case STREAM_WIN32_COMPRESSED_DATA:
682 case STREAM_ENCRYPTED_FILE_DATA:
683 case STREAM_ENCRYPTED_WIN32_DATA:
684 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
685 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
686 case STREAM_ENCRYPTED_FILE_COMPRESSED_DATA:
687 case STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA:
688 /* Force an expected, consistent stream type here */
689 if (rctx.extract && (rctx.prev_stream == rctx.stream
690 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
691 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
692 || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
695 if (rctx.stream == STREAM_SPARSE_DATA
696 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
697 || rctx.stream == STREAM_SPARSE_GZIP_DATA) {
698 rctx.flags |= FO_SPARSE;
701 if (rctx.stream == STREAM_GZIP_DATA
702 || rctx.stream == STREAM_SPARSE_GZIP_DATA
703 || rctx.stream == STREAM_WIN32_GZIP_DATA
704 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
705 || rctx.stream == STREAM_COMPRESSED_DATA
706 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
707 || rctx.stream == STREAM_WIN32_COMPRESSED_DATA
708 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
709 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
710 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
711 rctx.flags |= FO_COMPRESS;
712 rctx.comp_stream = rctx.stream;
715 if (rctx.stream == STREAM_ENCRYPTED_FILE_DATA
716 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
717 || rctx.stream == STREAM_ENCRYPTED_WIN32_DATA
718 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
719 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
720 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
721 /* Set up a decryption context */
722 if (!rctx.cipher_ctx.cipher) {
724 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
725 rctx.extract = false;
730 if ((rctx.cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false,
731 &rctx.cipher_ctx.block_size)) == NULL) {
732 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
734 rctx.extract = false;
739 rctx.flags |= FO_ENCRYPT;
742 if (is_win32_stream(rctx.stream) &&
743 (win32decomp || !have_win32_api())) {
744 set_portable_backup(&rctx.bfd);
745 rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
748 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
749 rctx.extract = false;
757 * Resource fork stream - only recorded after a file to be restored
758 * Silently ignore if we cannot write - we already reported that
760 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
761 case STREAM_MACOS_FORK_DATA:
762 if (have_darwin_os) {
764 jcr->ff->flags |= FO_HFSPLUS;
766 if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
767 rctx.fork_flags |= FO_ENCRYPT;
769 /* Set up a decryption context */
770 if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
772 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
773 rctx.extract = false;
778 if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
779 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
781 rctx.extract = false;
789 if (rctx.prev_stream != rctx.stream) {
790 if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
791 Jmsg(jcr, M_WARNING, 0, _("Cannot open resource fork for %s.\n"), jcr->last_fname);
792 rctx.extract = false;
796 rctx.fork_size = rsrc_len;
797 Dmsg0(130, "Restoring resource fork\n");
800 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
801 rctx.extract = false;
802 bclose(&rctx.forkbfd);
811 case STREAM_HFSPLUS_ATTRIBUTES:
812 if (have_darwin_os) {
813 if (!restore_finderinfo(jcr, bmsg->rbuf, bmsg->rbuflen)) {
817 non_suppored_finfo++;
821 case STREAM_UNIX_ACCESS_ACL:
822 case STREAM_UNIX_DEFAULT_ACL:
823 case STREAM_XACL_AIX_TEXT:
824 case STREAM_XACL_DARWIN_ACCESS:
825 case STREAM_XACL_FREEBSD_DEFAULT:
826 case STREAM_XACL_FREEBSD_ACCESS:
827 case STREAM_XACL_HPUX_ACL_ENTRY:
828 case STREAM_XACL_IRIX_DEFAULT:
829 case STREAM_XACL_IRIX_ACCESS:
830 case STREAM_XACL_LINUX_DEFAULT:
831 case STREAM_XACL_LINUX_ACCESS:
832 case STREAM_XACL_TRU64_DEFAULT:
833 case STREAM_XACL_TRU64_DEFAULT_DIR:
834 case STREAM_XACL_TRU64_ACCESS:
835 case STREAM_XACL_SOLARIS_POSIX:
836 case STREAM_XACL_SOLARIS_NFS4:
837 case STREAM_XACL_AFS_TEXT:
838 case STREAM_XACL_AIX_AIXC:
839 case STREAM_XACL_AIX_NFS4:
840 case STREAM_XACL_FREEBSD_NFS4:
841 case STREAM_XACL_HURD_DEFAULT:
842 case STREAM_XACL_HURD_ACCESS:
844 * Do not restore ACLs when
845 * a) The current file is not extracted
846 * b) and it is not a directory (they are never "extracted")
847 * c) or the file name is empty
849 if ((!rctx.extract &&
850 jcr->last_type != FT_DIREND) ||
851 (*jcr->last_fname == 0)) {
856 * For anything that is not a directory we delay
857 * the restore of acls till a later stage.
859 if (jcr->last_type != FT_DIREND) {
860 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
862 if (!do_restore_acl(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
871 case STREAM_XACL_HURD_XATTR:
872 case STREAM_XACL_IRIX_XATTR:
873 case STREAM_XACL_TRU64_XATTR:
874 case STREAM_XACL_AIX_XATTR:
875 case STREAM_XACL_OPENBSD_XATTR:
876 case STREAM_XACL_SOLARIS_SYS_XATTR:
877 case STREAM_XACL_DARWIN_XATTR:
878 case STREAM_XACL_FREEBSD_XATTR:
879 case STREAM_XACL_LINUX_XATTR:
880 case STREAM_XACL_NETBSD_XATTR:
882 * Do not restore Extended Attributes when
883 * a) The current file is not extracted
884 * b) and it is not a directory (they are never "extracted")
885 * c) or the file name is empty
887 if ((!rctx.extract &&
888 jcr->last_type != FT_DIREND) ||
889 (*jcr->last_fname == 0)) {
894 * For anything that is not a directory we delay
895 * the restore of xattr till a later stage.
897 if (jcr->last_type != FT_DIREND) {
898 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
900 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
905 non_suppored_xattr++;
909 case STREAM_XACL_SOLARIS_XATTR:
911 * Do not restore Extended Attributes when
912 * a) The current file is not extracted
913 * b) and it is not a directory (they are never "extracted")
914 * c) or the file name is empty
916 if ((!rctx.extract &&
917 jcr->last_type != FT_DIREND) ||
918 (*jcr->last_fname == 0)) {
922 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
926 non_suppored_xattr++;
930 case STREAM_SIGNED_DIGEST:
931 /* Is this an unexpected signature? */
933 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
934 free_signature(rctx);
937 /* Save signature. */
938 if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen)) == NULL) {
939 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
943 case STREAM_MD5_DIGEST:
944 case STREAM_SHA1_DIGEST:
945 case STREAM_SHA256_DIGEST:
946 case STREAM_SHA512_DIGEST:
949 case STREAM_PROGRAM_NAMES:
950 case STREAM_PROGRAM_DATA:
951 if (!non_suppored_progname) {
952 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
953 non_suppored_progname++;
957 case STREAM_PLUGIN_NAME:
958 if (!close_previous_stream(rctx)) {
961 Dmsg1(150, "restore stream_plugin_name=%s\n", bmsg->rbuf);
962 plugin_name_stream(jcr, bmsg->rbuf);
965 case STREAM_RESTORE_OBJECT:
966 break; /* these are sent by Director */
969 if (!close_previous_stream(rctx)) {
972 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
974 Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, bmsg->rbuf);
976 } /* end switch(stream) */
978 } /* end while get_msg() */
981 * If output file is still open, it was the last one in the
982 * archive since we just hit an end of file, so close the file.
984 if (is_bopen(&rctx.forkbfd)) {
985 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
988 if (!close_previous_stream(rctx)) {
991 jcr->setJobStatus(JS_Terminated);
995 jcr->setJobStatus(JS_ErrorTerminated);
999 fdmsg->wait_read_sock();
1004 * First output the statistics.
1006 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
1007 edit_uint64(jcr->JobBytes, ec1));
1009 if (jcr->xacl->get_acl_nr_errors() > 0) {
1010 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld acl errors while doing restore\n"), jcr->xacl->get_acl_nr_errors());
1012 if (jcr->xacl->get_xattr_nr_errors() > 0) {
1013 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld xattr errors while doing restore\n"), jcr->xacl->get_xattr_nr_errors());
1016 if (non_suppored_data > 1 || non_suppored_attr > 1) {
1017 Jmsg(jcr, M_WARNING, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
1018 non_suppored_data, non_suppored_attr);
1020 if (non_suppored_rsrc) {
1021 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_suppored_rsrc);
1023 if (non_suppored_finfo) {
1024 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_suppored_finfo);
1026 if (non_suppored_acl) {
1027 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_suppored_acl);
1029 if (non_suppored_crypto) {
1030 Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_suppored_acl);
1032 if (non_suppored_xattr) {
1033 Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_suppored_xattr);
1036 /* Free Signature & Crypto Data */
1037 free_signature(rctx);
1039 if (jcr->crypto.digest) {
1040 crypto_digest_free(jcr->crypto.digest);
1041 jcr->crypto.digest = NULL;
1044 /* Free file cipher restore context */
1045 if (rctx.cipher_ctx.cipher) {
1046 crypto_cipher_free(rctx.cipher_ctx.cipher);
1047 rctx.cipher_ctx.cipher = NULL;
1050 if (rctx.cipher_ctx.buf) {
1051 free_pool_memory(rctx.cipher_ctx.buf);
1052 rctx.cipher_ctx.buf = NULL;
1055 /* Free alternate stream cipher restore context */
1056 if (rctx.fork_cipher_ctx.cipher) {
1057 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1058 rctx.fork_cipher_ctx.cipher = NULL;
1060 if (rctx.fork_cipher_ctx.buf) {
1061 free_pool_memory(rctx.fork_cipher_ctx.buf);
1062 rctx.fork_cipher_ctx.buf = NULL;
1065 if (jcr->compress_buf) {
1066 free_pool_memory(jcr->compress_buf);
1067 jcr->compress_buf = NULL;
1068 jcr->compress_buf_size = 0;
1076 /* Free the delayed stream stack list. */
1077 if (rctx.delayed_streams) {
1078 drop_delayed_restore_streams(rctx, false);
1079 delete rctx.delayed_streams;
1083 bclose(&rctx.forkbfd);
1085 free_attr(rctx.attr);
1090 * Convert ZLIB error code into an ASCII message
1092 static const char *zlib_strerror(int stat)
1099 return _("Zlib errno");
1100 case Z_STREAM_ERROR:
1101 return _("Zlib stream error");
1103 return _("Zlib data error");
1105 return _("Zlib memory error");
1107 return _("Zlib buffer error");
1108 case Z_VERSION_ERROR:
1109 return _("Zlib version error");
1116 static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
1118 Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
1119 return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
1122 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length)
1127 unser_begin(*data, OFFSET_FADDR_SIZE);
1128 unser_uint64(faddr);
1129 if (*addr != faddr) {
1131 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
1133 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
1134 edit_uint64(*addr, ec1), jcr->last_fname,
1135 be.bstrerror(bfd->berrno));
1139 *data += OFFSET_FADDR_SIZE;
1140 *length -= OFFSET_FADDR_SIZE;
1144 bool decompress_data(JCR *jcr, int32_t stream, char **data, uint32_t *length)
1146 #if defined(HAVE_LZO) || defined(HAVE_LIBZ)
1147 char ec1[50]; /* Buffer printing huge values */
1150 Dmsg1(200, "Stream found in decompress_data(): %d\n", stream);
1151 if(stream == STREAM_COMPRESSED_DATA || stream == STREAM_SPARSE_COMPRESSED_DATA || stream == STREAM_WIN32_COMPRESSED_DATA
1152 || stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA || stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA)
1154 uint32_t comp_magic, comp_len;
1155 uint16_t comp_level, comp_version;
1157 lzo_uint compress_len;
1158 const unsigned char *cbuf;
1159 int r, real_compress_len;
1162 /* read compress header */
1164 unser_begin(*data, sizeof(comp_stream_header));
1165 unser_uint32(comp_magic);
1166 unser_uint32(comp_len);
1167 unser_uint16(comp_level);
1168 unser_uint16(comp_version);
1169 Dmsg4(200, "Compressed data stream found: magic=0x%x, len=%d, level=%d, ver=0x%x\n", comp_magic, comp_len,
1170 comp_level, comp_version);
1173 if (comp_version != COMP_HEAD_VERSION) {
1174 Qmsg(jcr, M_ERROR, 0, _("Compressed header version error. Got=0x%x want=0x%x\n"), comp_version, COMP_HEAD_VERSION);
1178 if (comp_len + sizeof(comp_stream_header) != *length) {
1179 Qmsg(jcr, M_ERROR, 0, _("Compressed header size error. comp_len=%d, msglen=%d\n"),
1183 switch(comp_magic) {
1185 case COMPRESS_LZO1X:
1186 compress_len = jcr->compress_buf_size;
1187 cbuf = (const unsigned char*)*data + sizeof(comp_stream_header);
1188 real_compress_len = *length - sizeof(comp_stream_header);
1189 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1190 while ((r=lzo1x_decompress_safe(cbuf, real_compress_len,
1191 (unsigned char *)jcr->compress_buf, &compress_len, NULL)) == LZO_E_OUTPUT_OVERRUN)
1194 * The buffer size is too small, try with a bigger one
1196 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1197 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1198 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1201 if (r != LZO_E_OK) {
1202 Qmsg(jcr, M_ERROR, 0, _("LZO uncompression error on file %s. ERR=%d\n"),
1203 jcr->last_fname, r);
1206 *data = jcr->compress_buf;
1207 *length = compress_len;
1208 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1212 Qmsg(jcr, M_ERROR, 0, _("Compression algorithm 0x%x found, but not supported!\n"), comp_magic);
1221 * NOTE! We only use uLong and Byte because they are
1222 * needed by the zlib routines, they should not otherwise
1223 * be used in Bacula.
1225 compress_len = jcr->compress_buf_size;
1226 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1227 while ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
1228 (const Byte *)*data, (uLong)*length)) == Z_BUF_ERROR)
1230 /* The buffer size is too small, try with a bigger one. */
1231 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1232 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1233 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1237 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
1238 jcr->last_fname, zlib_strerror(stat));
1241 *data = jcr->compress_buf;
1242 *length = compress_len;
1243 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1246 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
1252 static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
1255 if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
1256 unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
1257 unser_uint32(ctx->packet_len);
1258 ctx->packet_len += CRYPTO_LEN_SIZE;
1262 static bool store_data(r_ctx &rctx, char *data, const int32_t length, bool win32_decomp)
1264 JCR *jcr = rctx.jcr;
1265 BFILE *bfd = &rctx.bfd;
1268 if (jcr->crypto.digest) {
1269 crypto_digest_update(jcr->crypto.digest, (uint8_t *)data, length);
1272 if (!processWin32BackupAPIBlock(bfd, data, length)) {
1274 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
1275 jcr->last_fname, be.bstrerror(bfd->berrno));
1278 } else if ((wstat=bwrite(bfd, data, length)) != (ssize_t)length) {
1281 int len = strlen(jcr->last_fname);
1283 * If this is the first write and the "file" is a directory
1284 * or a drive letter, then only issue a warning as we are
1285 * not able to reset the metadata, then continue.
1286 * If the above is true and we have an error code 91
1287 * (directory not empty), supress the error entirely.
1289 if (bfd->block == 0 && len >= 2 && (jcr->last_fname[len-1] == '/' ||
1290 jcr->last_fname[len-1] == ':')) {
1292 if (bfd->lerror == 91) { /* Directory not empty */
1293 type = 0; /* suppress error */
1298 /* Insufficient bytes written */
1299 Jmsg4(jcr, type, 0, _("Wrong write size error at byte=%lld block=%d wanted=%d wrote=%d\n"),
1300 bfd->total_bytes, bfd->block, length, wstat);
1303 Jmsg6(jcr, type, 0, _("Write error at byte=%lld block=%d write_len=%d lerror=%d on %s: ERR=%s\n"),
1304 bfd->total_bytes, bfd->block, length, bfd->lerror,
1305 jcr->last_fname, be.bstrerror(bfd->berrno));
1309 /* Ignore errors? */
1310 if (type == M_WARNING || type == 0 || no_win32_write_errors) {
1319 * In the context of jcr, write data to bfd.
1320 * We write buflen bytes in buf at addr. addr is updated in place.
1321 * The flags specify whether to use sparse files or compression.
1322 * Return value is the number of bytes written, or -1 on errors.
1324 int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen)
1326 JCR *jcr = rctx.jcr;
1327 BFILE *bfd = &rctx.bfd;
1328 int flags = rctx.flags;
1329 int32_t stream = rctx.stream;
1330 RESTORE_CIPHER_CTX *cipher_ctx = &rctx.cipher_ctx;
1331 char *wbuf; /* write buffer */
1332 uint32_t wsize; /* write size */
1333 uint32_t rsize; /* read size */
1334 uint32_t decrypted_len = 0; /* Decryption output length */
1335 char ec1[50]; /* Buffer printing huge values */
1338 jcr->ReadBytes += rsize;
1342 if (flags & FO_ENCRYPT) {
1343 ASSERT(cipher_ctx->cipher);
1346 * Grow the crypto buffer, if necessary.
1347 * crypto_cipher_update() will process only whole blocks,
1348 * buffering the remaining input.
1350 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1351 cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
1353 /* Decrypt the input block */
1354 if (!crypto_cipher_update(cipher_ctx->cipher,
1355 (const u_int8_t *)wbuf,
1357 (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1359 /* Decryption failed. Shouldn't happen. */
1360 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
1364 if (decrypted_len == 0) {
1365 /* No full block of encrypted data available, write more data */
1369 Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
1371 cipher_ctx->buf_len += decrypted_len;
1372 wbuf = cipher_ctx->buf;
1374 /* If one full preserved block is available, write it to disk,
1375 * and then buffer any remaining data. This should be effecient
1376 * as long as Bacula's block size is not significantly smaller than the
1377 * encryption block size (extremely unlikely!)
1379 unser_crypto_packet_len(cipher_ctx);
1380 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1382 if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
1383 /* No full preserved block is available. */
1387 /* We have one full block, set up the filter input buffers */
1388 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1389 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1390 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1391 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1394 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1395 if (!sparse_data(jcr, bfd, &rctx.fileAddr, &wbuf, &wsize)) {
1400 if (flags & FO_COMPRESS) {
1401 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1406 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1409 jcr->JobBytes += wsize;
1410 rctx.fileAddr += wsize;
1411 Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1413 /* Clean up crypto buffers */
1414 if (flags & FO_ENCRYPT) {
1415 /* Move any remaining data to start of buffer */
1416 if (cipher_ctx->buf_len > 0) {
1417 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1418 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1419 cipher_ctx->buf_len);
1421 /* The packet was successfully written, reset the length so that
1422 * the next packet length may be re-read by unser_crypto_packet_len() */
1423 cipher_ctx->packet_len = 0;
1432 * If extracting, close any previous stream
1434 static bool close_previous_stream(r_ctx &rctx)
1439 * If extracting, it was from previous stream, so
1440 * close the output file and validate the signature.
1443 if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
1444 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
1445 Pmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
1446 is_bopen(&rctx.bfd));
1449 if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
1450 deallocate_cipher(rctx);
1451 deallocate_fork_cipher(rctx);
1454 if (rctx.jcr->plugin) {
1455 plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1457 set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1459 rctx.extract = false;
1461 /* Now perform the delayed restore of some specific data streams. */
1462 rtn = pop_delayed_data_streams(rctx);
1464 /* Verify the cryptographic signature, if any */
1465 rctx.type = rctx.attr->type;
1466 verify_signature(rctx);
1468 /* Free Signature */
1469 free_signature(rctx);
1471 rctx.jcr->ff->flags = 0;
1472 Dmsg0(130, "Stop extracting.\n");
1473 } else if (is_bopen(&rctx.bfd)) {
1474 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
1475 Pmsg0(000, "=== logic error !open\n");
1483 * In the context of jcr, flush any remaining data from the cipher context,
1484 * writing it to bfd.
1485 * Return value is true on success, false on failure.
1487 bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
1488 RESTORE_CIPHER_CTX *cipher_ctx)
1490 JCR *jcr = rctx.jcr;
1491 uint32_t decrypted_len = 0;
1492 char *wbuf; /* write buffer */
1493 uint32_t wsize; /* write size */
1494 char ec1[50]; /* Buffer printing huge values */
1495 bool second_pass = false;
1498 /* Write out the remaining block and free the cipher context */
1499 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1500 cipher_ctx->buf_len + cipher_ctx->block_size);
1502 if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1504 /* Writing out the final, buffered block failed. Shouldn't happen. */
1505 Jmsg3(jcr, M_ERROR, 0, _("Decryption error. buf_len=%d decrypt_len=%d on file %s\n"),
1506 cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
1509 Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
1510 /* If nothing new was decrypted, and our output buffer is empty, return */
1511 if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
1515 cipher_ctx->buf_len += decrypted_len;
1517 unser_crypto_packet_len(cipher_ctx);
1518 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1519 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1520 /* Decrypted, possibly decompressed output here. */
1521 wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1522 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1523 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1525 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1526 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
1531 if (flags & FO_COMPRESS) {
1532 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1537 Dmsg0(130, "Call store_data\n");
1538 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1541 jcr->JobBytes += wsize;
1542 Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1544 /* Move any remaining data to start of buffer. */
1545 if (cipher_ctx->buf_len > 0) {
1546 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1547 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1548 cipher_ctx->buf_len);
1550 /* The packet was successfully written, reset the length so that the next
1551 * packet length may be re-read by unser_crypto_packet_len() */
1552 cipher_ctx->packet_len = 0;
1554 if (cipher_ctx->buf_len >0 && !second_pass) {
1559 /* Stop decryption */
1560 cipher_ctx->buf_len = 0;
1561 cipher_ctx->packet_len = 0;
1566 static void deallocate_cipher(r_ctx &rctx)
1568 /* Flush and deallocate previous stream's cipher context */
1569 if (rctx.cipher_ctx.cipher) {
1570 flush_cipher(rctx, &rctx.bfd, &rctx.fileAddr, rctx.flags, rctx.comp_stream, &rctx.cipher_ctx);
1571 crypto_cipher_free(rctx.cipher_ctx.cipher);
1572 rctx.cipher_ctx.cipher = NULL;
1576 static void deallocate_fork_cipher(r_ctx &rctx)
1579 /* Flush and deallocate previous stream's fork cipher context */
1580 if (rctx.fork_cipher_ctx.cipher) {
1581 flush_cipher(rctx, &rctx.forkbfd, &rctx.fork_addr, rctx.fork_flags, rctx.comp_stream, &rctx.fork_cipher_ctx);
1582 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1583 rctx.fork_cipher_ctx.cipher = NULL;
1587 static void free_signature(r_ctx &rctx)
1590 crypto_sign_free(rctx.sig);
1595 static void free_session(r_ctx &rctx)
1598 crypto_session_free(rctx.cs);
1604 * Verify the signature for the last restored file
1605 * Return value is either true (signature correct)
1606 * or false (signature could not be verified).
1607 * TODO landonf: Implement without using find_one_file and
1608 * without re-reading the file.
1610 static bool verify_signature(r_ctx &rctx)
1612 JCR *jcr = rctx.jcr;
1613 X509_KEYPAIR *keypair;
1614 DIGEST *digest = NULL;
1616 uint64_t saved_bytes;
1617 crypto_digest_t signing_algorithm = have_sha2 ?
1618 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
1619 crypto_digest_t algorithm;
1620 SIGNATURE *sig = rctx.sig;
1623 if (!jcr->crypto.pki_sign) {
1624 /* no signature OK */
1628 if (rctx.type == FT_REGE || rctx.type == FT_REG || rctx.type == FT_RAW) {
1629 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"),
1636 /* Iterate through the trusted signers */
1637 foreach_alist(keypair, jcr->crypto.pki_signers) {
1638 err = crypto_sign_get_digest(sig, jcr->crypto.pki_keypair, algorithm, &digest);
1640 case CRYPTO_ERROR_NONE:
1641 Dmsg0(50, "== Got digest\n");
1643 * We computed jcr->crypto.digest using signing_algorithm while writing
1644 * the file. If it is not the same as the algorithm used for
1645 * this file, punt by releasing the computed algorithm and
1646 * computing by re-reading the file.
1648 if (algorithm != signing_algorithm) {
1649 if (jcr->crypto.digest) {
1650 crypto_digest_free(jcr->crypto.digest);
1651 jcr->crypto.digest = NULL;
1654 if (jcr->crypto.digest) {
1655 /* Use digest computed while writing the file to verify
1657 if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
1658 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1659 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1660 jcr->last_fname, crypto_strerror(err));
1664 /* Signature found, digest allocated. Old method,
1665 * re-read the file and compute the digest */
1666 jcr->crypto.digest = digest;
1668 /* Checksum the entire file
1669 * Make sure we don't modify JobBytes by saving and
1671 saved_bytes = jcr->JobBytes;
1672 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
1673 Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
1675 jcr->JobBytes = saved_bytes;
1678 jcr->JobBytes = saved_bytes;
1680 /* Verify the signature */
1681 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
1682 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1683 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1684 jcr->last_fname, crypto_strerror(err));
1687 jcr->crypto.digest = NULL;
1690 /* Valid signature */
1691 Dmsg1(50, "Signature good on %s\n", jcr->last_fname);
1692 crypto_digest_free(digest);
1695 case CRYPTO_ERROR_NOSIGNER:
1696 /* Signature not found, try again */
1698 crypto_digest_free(digest);
1703 /* Something strange happened (that shouldn't happen!)... */
1704 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
1710 Dmsg1(50, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
1714 crypto_digest_free(digest);