2 Bacula® - The Network Backup Solution
4 Copyright (C) 2007-2010 Free Software Foundation Europe e.V.
6 The main author of Bacula is Kern Sibbald, with contributions from
7 many others, a complete list can be found in the file AUTHORS.
8 This program is Free Software; you can redistribute it and/or
9 modify it under the terms of version three of the GNU Affero General Public
10 License as published by the Free Software Foundation and included
13 This program is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU Affero General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 Bacula® is a registered trademark of Kern Sibbald.
24 The licensor of Bacula is the Free Software Foundation Europe
25 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
26 Switzerland, email:ftf@fsfeurope.org.
29 * Network Utility Routines
40 #ifndef ENODATA /* not defined on BSD systems */
45 #define socketRead(fd, buf, len) ::recv(fd, buf, len, 0)
46 #define socketWrite(fd, buf, len) ::send(fd, buf, len, 0)
47 #define socketClose(fd) ::closesocket(fd)
49 #define socketRead(fd, buf, len) ::read(fd, buf, len)
50 #define socketWrite(fd, buf, len) ::write(fd, buf, len)
51 #define socketClose(fd) ::close(fd)
55 * This is a non-class BSOCK "constructor" because we want to
56 * call the Bacula smartalloc routines instead of new.
60 BSOCK *bsock = (BSOCK *)malloc(sizeof(BSOCK));
67 memset(this, 0, sizeof(BSOCK));
69 msg = get_pool_memory(PM_MESSAGE);
70 errmsg = get_pool_memory(PM_MESSAGE);
72 * ****FIXME**** reduce this to a few hours once
73 * heartbeats are implemented
75 timeout = 60 * 60 * 6 * 24; /* 6 days timeout */
79 * This is our "class destructor" that ensures that we use
80 * smartalloc rather than the system free().
82 void BSOCK::free_bsock()
87 void BSOCK::free_tls()
89 free_tls_connection(this->tls);
94 * Try to connect to host for max_retry_time at retry_time intervals.
95 * Note, you must have called the constructor prior to calling
98 bool BSOCK::connect(JCR * jcr, int retry_interval, utime_t max_retry_time,
100 const char *name, char *host, char *service, int port,
106 time_t begin_time = time(NULL);
108 btimer_t *tid = NULL;
110 /* Try to trap out of OS call when time expires */
111 if (max_retry_time) {
112 tid = start_thread_timer(jcr, pthread_self(), (uint32_t)max_retry_time);
115 for (i = 0; !open(jcr, name, host, service, port, heart_beat, &fatal);
116 i -= retry_interval) {
118 if (fatal || (jcr && job_canceled(jcr))) {
121 Dmsg4(100, "Unable to connect to %s on %s:%d. ERR=%s\n",
122 name, host, port, be.bstrerror());
124 i = 60 * 5; /* complain again in 5 minutes */
126 Qmsg4(jcr, M_WARNING, 0, _(
127 "Could not connect to %s on %s:%d. ERR=%s\n"
128 "Retrying ...\n"), name, host, port, be.bstrerror());
130 bmicrosleep(retry_interval, 0);
132 if (begin_time + max_retry_time <= now) {
133 Qmsg4(jcr, M_FATAL, 0, _("Unable to connect to %s on %s:%d. ERR=%s\n"),
134 name, host, port, be.bstrerror());
142 stop_thread_timer(tid);
149 * Finish initialization of the pocket structure.
151 void BSOCK::fin_init(JCR * jcr, int sockfd, const char *who, const char *host, int port,
152 struct sockaddr *lclient_addr)
154 Dmsg3(100, "who=%s host=%s port=%d\n", who, host, port);
156 set_who(bstrdup(who));
157 set_host(bstrdup(host));
159 memcpy(&client_addr, lclient_addr, sizeof(client_addr));
164 * Copy the address from the configuration dlist that gets passed in
166 void BSOCK::set_source_address(dlist *src_addr_list)
170 // delete the object we already have, if it's allocated
177 addr = (IPADDR*) src_addr_list->first();
178 src_addr = New( IPADDR(*addr));
184 * Open a TCP connection to the server
186 * Returns BSOCK * pointer on success
189 bool BSOCK::open(JCR *jcr, const char *name, char *host, char *service,
190 int port, utime_t heart_beat, int *fatal)
195 bool connected = false;
201 * Fill in the structure serv_addr with the address of
202 * the server that we want to connect with.
204 if ((addr_list = bnet_host2ipaddrs(host, 0, &errstr)) == NULL) {
205 /* Note errstr is not malloc'ed */
206 Qmsg2(jcr, M_ERROR, 0, _("gethostbyname() for host \"%s\" failed: ERR=%s\n"),
208 Dmsg2(100, "bnet_host2ipaddrs() for host %s failed: ERR=%s\n",
214 foreach_dlist(ipaddr, addr_list) {
215 ipaddr->set_port_net(htons(port));
216 char allbuf[256 * 10];
218 Dmsg2(100, "Current %sAll %s\n",
219 ipaddr->build_address_str(curbuf, sizeof(curbuf)),
220 build_addresses_str(addr_list, allbuf, sizeof(allbuf)));
221 /* Open a TCP socket */
222 if ((sockfd = socket(ipaddr->get_family(), SOCK_STREAM, 0)) < 0) {
226 Pmsg3(000, _("Socket open error. proto=%d port=%d. ERR=%s\n"),
227 ipaddr->get_family(), ipaddr->get_port_host_order(), be.bstrerror());
231 /* Bind to the source address if it is set */
233 if (bind(sockfd, src_addr->get_sockaddr(), src_addr->get_sockaddr_len()) < 0) {
237 Pmsg2(000, _("Source address bind error. proto=%d. ERR=%s\n"),
238 src_addr->get_family(), be.bstrerror() );
244 * Keep socket from timing out from inactivity
246 if (setsockopt(sockfd, SOL_SOCKET, SO_KEEPALIVE, (sockopt_val_t)&turnon, sizeof(turnon)) < 0) {
248 Qmsg1(jcr, M_WARNING, 0, _("Cannot set SO_KEEPALIVE on socket: %s\n"),
251 #if defined(TCP_KEEPIDLE)
254 if (setsockopt(sockfd, IPPROTO_IP, TCP_KEEPIDLE, (sockopt_val_t)&opt, sizeof(opt)) < 0) {
256 Qmsg1(jcr, M_WARNING, 0, _("Cannot set SO_KEEPIDLE on socket: %s\n"),
262 /* connect to server */
263 if (::connect(sockfd, ipaddr->get_sockaddr(), ipaddr->get_sockaddr_len()) < 0) {
274 free_addresses(addr_list);
275 errno = save_errno | b_errno_win32;
279 * Keep socket from timing out from inactivity
280 * Do this a second time out of paranoia
282 if (setsockopt(sockfd, SOL_SOCKET, SO_KEEPALIVE, (sockopt_val_t)&turnon, sizeof(turnon)) < 0) {
284 Qmsg1(jcr, M_WARNING, 0, _("Cannot set SO_KEEPALIVE on socket: %s\n"),
287 fin_init(jcr, sockfd, name, host, port, ipaddr->get_sockaddr());
288 free_addresses(addr_list);
293 * Force read/write to use locking
295 bool BSOCK::set_locking()
299 return true; /* already set */
301 if ((stat = pthread_mutex_init(&m_mutex, NULL)) != 0) {
303 Qmsg(m_jcr, M_FATAL, 0, _("Could not init bsock mutex. ERR=%s\n"),
307 m_use_locking = true;
311 void BSOCK::clear_locking()
313 if (!m_use_locking) {
316 m_use_locking = false;
317 pthread_mutex_destroy(&m_mutex);
322 * Send a message over the network. The send consists of
323 * two network packets. The first is sends a 32 bit integer containing
324 * the length of the data packet which follows.
326 * Returns: false on failure
337 if (!m_suppress_error_msgs) {
338 Qmsg4(m_jcr, M_ERROR, 0, _("Socket has errors=%d on call to %s:%s:%d\n"),
339 errors, m_who, m_host, m_port);
343 if (is_terminated()) {
344 if (!m_suppress_error_msgs) {
345 Qmsg4(m_jcr, M_ERROR, 0, _("Socket is terminated=%d on call to %s:%s:%d\n"),
346 is_terminated(), m_who, m_host, m_port);
350 if (msglen > 4000000) {
351 if (!m_suppress_error_msgs) {
352 Qmsg4(m_jcr, M_ERROR, 0,
353 _("Socket has insane msglen=%d on call to %s:%s:%d\n"),
354 msglen, m_who, m_host, m_port);
359 if (m_use_locking) P(m_mutex);
360 /* Compute total packet length */
362 pktsiz = sizeof(pktsiz); /* signal, no data */
364 pktsiz = msglen + sizeof(pktsiz); /* data */
366 /* Store packet length at head of message -- note, we
367 * have reserved an int32_t just before msg, so we can
370 hdr = (int32_t *)(msg - (int)sizeof(pktsiz));
371 *hdr = htonl(msglen); /* store signal/length */
373 out_msg_no++; /* increment message number */
375 /* send data packet */
376 timer_start = watchdog_time; /* start timer */
378 /* Full I/O done in one write */
379 rc = write_nbytes(this, (char *)hdr, pktsiz);
380 timer_start = 0; /* clear timer */
389 if (!m_suppress_error_msgs) {
390 Qmsg5(m_jcr, M_ERROR, 0,
391 _("Write error sending %d bytes to %s:%s:%d: ERR=%s\n"),
393 m_host, m_port, this->bstrerror());
396 Qmsg5(m_jcr, M_ERROR, 0,
397 _("Wrote %d bytes to %s:%s:%d, but only %d accepted.\n"),
398 msglen, m_who, m_host, m_port, rc);
402 if (m_use_locking) V(m_mutex);
407 * Format and send a message
408 * Returns: false on error
411 bool BSOCK::fsend(const char *fmt, ...)
416 if (errors || is_terminated()) {
419 /* This probably won't work, but we vsnprintf, then if we
420 * get a negative length or a length greater than our buffer
421 * (depending on which library is used), the printf was truncated, so
422 * get a bigger buffer and try again.
425 maxlen = sizeof_pool_memory(msg) - 1;
426 va_start(arg_ptr, fmt);
427 msglen = bvsnprintf(msg, maxlen, fmt, arg_ptr);
429 if (msglen > 0 && msglen < (maxlen - 5)) {
432 msg = realloc_pool_memory(msg, maxlen + maxlen / 2);
438 * Receive a message from the other end. Each message consists of
439 * two packets. The first is a header that contains the size
440 * of the data that follows in the second packet.
441 * Returns number of bytes read (may return zero)
442 * Returns -1 on signal (BNET_SIGNAL)
443 * Returns -2 on hard end of file (BNET_HARDEOF)
444 * Returns -3 on error (BNET_ERROR)
446 * Unfortunately, it is a bit complicated because we have these
449 * 2. Signal including end of data stream
450 * 3. Hard end of file
452 * Using is_bnet_stop() and is_bnet_error() you can figure this all out.
454 int32_t BSOCK::recv()
461 if (errors || is_terminated()) {
465 if (m_use_locking) P(m_mutex);
466 read_seqno++; /* bump sequence number */
467 timer_start = watchdog_time; /* set start wait time */
469 /* get data size -- in int32_t */
470 if ((nbytes = read_nbytes(this, (char *)&pktsiz, sizeof(int32_t))) <= 0) {
471 timer_start = 0; /* clear timer */
472 /* probably pipe broken because client died */
479 nbytes = BNET_HARDEOF; /* assume hard EOF received */
482 timer_start = 0; /* clear timer */
483 if (nbytes != sizeof(int32_t)) {
486 Qmsg5(m_jcr, M_ERROR, 0, _("Read expected %d got %d from %s:%s:%d\n"),
487 sizeof(int32_t), nbytes, m_who, m_host, m_port);
492 pktsiz = ntohl(pktsiz); /* decode no. of bytes that follow */
494 if (pktsiz == 0) { /* No data transferred */
495 timer_start = 0; /* clear timer */
498 nbytes = 0; /* zero bytes read */
502 /* If signal or packet size too big */
503 if (pktsiz < 0 || pktsiz > 1000000) {
504 if (pktsiz > 0) { /* if packet too big */
505 Qmsg3(m_jcr, M_FATAL, 0,
506 _("Packet size too big from \"%s:%s:%d. Terminating connection.\n"),
507 m_who, m_host, m_port);
508 pktsiz = BNET_TERMINATE; /* hang up */
510 if (pktsiz == BNET_TERMINATE) {
513 timer_start = 0; /* clear timer */
515 msglen = pktsiz; /* signal code */
516 nbytes = BNET_SIGNAL; /* signal */
520 /* Make sure the buffer is big enough + one byte for EOS */
521 if (pktsiz >= (int32_t) sizeof_pool_memory(msg)) {
522 msg = realloc_pool_memory(msg, pktsiz + 100);
525 timer_start = watchdog_time; /* set start wait time */
527 /* now read the actual data */
528 if ((nbytes = read_nbytes(this, msg, pktsiz)) <= 0) {
529 timer_start = 0; /* clear timer */
536 Qmsg4(m_jcr, M_ERROR, 0, _("Read error from %s:%s:%d: ERR=%s\n"),
537 m_who, m_host, m_port, this->bstrerror());
541 timer_start = 0; /* clear timer */
544 if (nbytes != pktsiz) {
547 Qmsg5(m_jcr, M_ERROR, 0, _("Read expected %d got %d from %s:%s:%d\n"),
548 pktsiz, nbytes, m_who, m_host, m_port);
552 /* always add a zero by to properly terminate any
553 * string that was send to us. Note, we ensured above that the
554 * buffer is at least one byte longer than the message length.
556 msg[nbytes] = 0; /* terminate in case it is a string */
557 sm_check(__FILE__, __LINE__, false);
560 if (m_use_locking) V(m_mutex);
561 return nbytes; /* return actual length of message */
568 bool BSOCK::signal(int signal)
571 if (signal == BNET_TERMINATE) {
572 m_suppress_error_msgs = true;
578 * Despool spooled attributes
580 bool BSOCK::despool(void update_attr_spool_size(ssize_t size), ssize_t tsize)
584 ssize_t last = 0, size = 0;
586 JCR *jcr = get_jcr();
590 #if defined(HAVE_POSIX_FADVISE) && defined(POSIX_FADV_WILLNEED)
591 posix_fadvise(fileno(m_spool_fd), 0, 0, POSIX_FADV_WILLNEED);
594 while (fread((char *)&pktsiz, 1, sizeof(int32_t), m_spool_fd) ==
596 size += sizeof(int32_t);
597 msglen = ntohl(pktsiz);
599 if (msglen > (int32_t)sizeof_pool_memory(msg)) {
600 msg = realloc_pool_memory(msg, msglen + 1);
602 nbytes = fread(msg, 1, msglen, m_spool_fd);
603 if (nbytes != (size_t)msglen) {
605 Dmsg2(400, "nbytes=%d msglen=%d\n", nbytes, msglen);
606 Qmsg1(get_jcr(), M_FATAL, 0, _("fread attr spool error. ERR=%s\n"),
608 update_attr_spool_size(tsize - last);
612 if ((++count & 0x3F) == 0) {
613 update_attr_spool_size(size - last);
618 if (jcr && job_canceled(jcr)) {
622 update_attr_spool_size(tsize - last);
623 if (ferror(m_spool_fd)) {
624 Qmsg(jcr, M_FATAL, 0, _("fread attr spool I/O error.\n"));
631 * Return the string for the error that occurred
632 * on the socket. Only the first error is retained.
634 const char *BSOCK::bstrerror()
637 if (errmsg == NULL) {
638 errmsg = get_pool_memory(PM_MESSAGE);
640 pm_strcpy(errmsg, be.bstrerror(b_errno));
644 int BSOCK::get_peer(char *buf, socklen_t buflen)
646 #if !defined(HAVE_WIN32)
647 if (peer_addr.sin_family == 0) {
648 socklen_t salen = sizeof(peer_addr);
649 int rval = (getpeername)(m_fd, (struct sockaddr *)&peer_addr, &salen);
650 if (rval < 0) return rval;
652 if (!inet_ntop(peer_addr.sin_family, &peer_addr.sin_addr, buf, buflen))
662 * Set the network buffer size, suggested size is in size.
663 * Actual size obtained is returned in bs->msglen
665 * Returns: false on failure
668 bool BSOCK::set_buffer_size(uint32_t size, int rw)
670 uint32_t dbuf_size, start_size;
672 #if defined(IP_TOS) && defined(IPTOS_THROUGHPUT)
674 opt = IPTOS_THROUGHPUT;
675 setsockopt(fd, IPPROTO_IP, IP_TOS, (sockopt_val_t)&opt, sizeof(opt));
681 dbuf_size = DEFAULT_NETWORK_BUFFER_SIZE;
683 start_size = dbuf_size;
684 if ((msg = realloc_pool_memory(msg, dbuf_size + 100)) == NULL) {
685 Qmsg0(get_jcr(), M_FATAL, 0, _("Could not malloc BSOCK data buffer\n"));
690 * If user has not set the size, use the OS default -- i.e. do not
691 * try to set it. This allows sys admins to set the size they
692 * want in the OS, and Bacula will comply. See bug #1493
699 if (rw & BNET_SETBUF_READ) {
700 while ((dbuf_size > TAPE_BSIZE) && (setsockopt(m_fd, SOL_SOCKET,
701 SO_RCVBUF, (sockopt_val_t) & dbuf_size, sizeof(dbuf_size)) < 0)) {
703 Qmsg1(get_jcr(), M_ERROR, 0, _("sockopt error: %s\n"), be.bstrerror());
704 dbuf_size -= TAPE_BSIZE;
706 Dmsg1(200, "set network buffer size=%d\n", dbuf_size);
707 if (dbuf_size != start_size) {
708 Qmsg1(get_jcr(), M_WARNING, 0,
709 _("Warning network buffer = %d bytes not max size.\n"), dbuf_size);
711 if (dbuf_size % TAPE_BSIZE != 0) {
712 Qmsg1(get_jcr(), M_ABORT, 0,
713 _("Network buffer size %d not multiple of tape block size.\n"),
720 dbuf_size = DEFAULT_NETWORK_BUFFER_SIZE;
722 start_size = dbuf_size;
723 if (rw & BNET_SETBUF_WRITE) {
724 while ((dbuf_size > TAPE_BSIZE) && (setsockopt(m_fd, SOL_SOCKET,
725 SO_SNDBUF, (sockopt_val_t) & dbuf_size, sizeof(dbuf_size)) < 0)) {
727 Qmsg1(get_jcr(), M_ERROR, 0, _("sockopt error: %s\n"), be.bstrerror());
728 dbuf_size -= TAPE_BSIZE;
730 Dmsg1(900, "set network buffer size=%d\n", dbuf_size);
731 if (dbuf_size != start_size) {
732 Qmsg1(get_jcr(), M_WARNING, 0,
733 _("Warning network buffer = %d bytes not max size.\n"), dbuf_size);
735 if (dbuf_size % TAPE_BSIZE != 0) {
736 Qmsg1(get_jcr(), M_ABORT, 0,
737 _("Network buffer size %d not multiple of tape block size.\n"),
747 * Set socket non-blocking
748 * Returns previous socket flag
750 int BSOCK::set_nonblocking()
755 /* Get current flags */
756 if ((oflags = fcntl(m_fd, F_GETFL, 0)) < 0) {
758 Qmsg1(get_jcr(), M_ABORT, 0, _("fcntl F_GETFL error. ERR=%s\n"), be.bstrerror());
761 /* Set O_NONBLOCK flag */
762 if ((fcntl(m_fd, F_SETFL, oflags|O_NONBLOCK)) < 0) {
764 Qmsg1(get_jcr(), M_ABORT, 0, _("fcntl F_SETFL error. ERR=%s\n"), be.bstrerror());
774 ioctlsocket(m_fd, FIONBIO, &ioctlArg);
782 * Set socket blocking
783 * Returns previous socket flags
785 int BSOCK::set_blocking()
789 /* Get current flags */
790 if ((oflags = fcntl(m_fd, F_GETFL, 0)) < 0) {
792 Qmsg1(get_jcr(), M_ABORT, 0, _("fcntl F_GETFL error. ERR=%s\n"), be.bstrerror());
795 /* Set O_NONBLOCK flag */
796 if ((fcntl(m_fd, F_SETFL, oflags & ~O_NONBLOCK)) < 0) {
798 Qmsg1(get_jcr(), M_ABORT, 0, _("fcntl F_SETFL error. ERR=%s\n"), be.bstrerror());
808 ioctlsocket(m_fd, FIONBIO, &ioctlArg);
816 * Restores socket flags
818 void BSOCK::restore_blocking (int flags)
821 if ((fcntl(m_fd, F_SETFL, flags)) < 0) {
823 Qmsg1(get_jcr(), M_ABORT, 0, _("fcntl F_SETFL error. ERR=%s\n"), be.bstrerror());
826 m_blocking = (flags & O_NONBLOCK) ? true : false;
828 u_long ioctlArg = flags;
830 ioctlsocket(m_fd, FIONBIO, &ioctlArg);
836 * Wait for a specified time for data to appear on
837 * the BSOCK connection.
839 * Returns: 1 if data available
843 int BSOCK::wait_data(int sec, int usec)
849 FD_SET((unsigned)m_fd, &fdset);
853 switch (select(m_fd + 1, &fdset, NULL, NULL, &tv)) {
854 case 0: /* timeout */
859 if (errno == EINTR) {
862 return -1; /* error return */
871 * As above, but returns on interrupt
873 int BSOCK::wait_data_intr(int sec, int usec)
882 FD_SET((unsigned)m_fd, &fdset);
885 switch (select(m_fd + 1, &fdset, NULL, NULL, &tv)) {
886 case 0: /* timeout */
891 return -1; /* error return */
900 * Note, this routine closes and destroys all the sockets
901 * that are open including the duped ones.
915 for (; bsock; bsock = next) {
916 next = bsock->m_next; /* get possible pointer to next before destoryed */
917 if (!bsock->m_duped) {
918 /* Shutdown tls cleanly. */
920 tls_bsock_shutdown(bsock);
921 free_tls_connection(bsock->tls);
924 if (bsock->is_timed_out()) {
925 shutdown(bsock->m_fd, SHUT_RDWR); /* discard any pending I/O */
927 socketClose(bsock->m_fd); /* normal close */
934 void BSOCK::destroy()
937 free_pool_memory(msg);
940 ASSERT(1 == 0); /* double close */
943 free_pool_memory(errmsg);
961 /* Commands sent to Director */
962 static char hello[] = "Hello %s calling\n";
964 /* Response from Director */
965 static char OKhello[] = "1000 OK:";
968 * Authenticate Director
970 bool BSOCK::authenticate_director(const char *name, const char *password,
971 TLS_CONTEXT *tls_ctx, char *msg, int msglen)
973 int tls_local_need = BNET_TLS_NONE;
974 int tls_remote_need = BNET_TLS_NONE;
975 int compatible = true;
976 char bashed_name[MAX_NAME_LENGTH];
977 BSOCK *dir = this; /* for readability */
981 * Send my name to the Director then do authentication
984 /* Timeout Hello after 15 secs */
985 dir->start_timer(15);
986 dir->fsend(hello, bashed_name);
988 if (get_tls_enable(tls_ctx)) {
989 tls_local_need = get_tls_enable(tls_ctx) ? BNET_TLS_REQUIRED : BNET_TLS_OK;
992 /* respond to Dir challenge */
993 if (!cram_md5_respond(dir, password, &tls_remote_need, &compatible) ||
994 /* Now challenge dir */
995 !cram_md5_challenge(dir, password, tls_local_need, compatible)) {
996 bsnprintf(msg, msglen, _("Director authorization problem at \"%s:%d\"\n"),
997 dir->host(), dir->port());
1001 /* Verify that the remote host is willing to meet our TLS requirements */
1002 if (tls_remote_need < tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
1003 bsnprintf(msg, msglen, _("Authorization problem:"
1004 " Remote server at \"%s:%d\" did not advertise required TLS support.\n"),
1005 dir->host(), dir->port());
1009 /* Verify that we are willing to meet the remote host's requirements */
1010 if (tls_remote_need > tls_local_need && tls_local_need != BNET_TLS_OK && tls_remote_need != BNET_TLS_OK) {
1011 bsnprintf(msg, msglen, _("Authorization problem with Director at \"%s:%d\":"
1012 " Remote server requires TLS.\n"),
1013 dir->host(), dir->port());
1018 /* Is TLS Enabled? */
1020 if (tls_local_need >= BNET_TLS_OK && tls_remote_need >= BNET_TLS_OK) {
1021 /* Engage TLS! Full Speed Ahead! */
1022 if (!bnet_tls_client(tls_ctx, dir, NULL)) {
1023 bsnprintf(msg, msglen, _("TLS negotiation failed with Director at \"%s:%d\"\n"),
1024 dir->host(), dir->port());
1030 Dmsg1(6, ">dird: %s", dir->msg);
1031 if (dir->recv() <= 0) {
1033 bsnprintf(msg, msglen, _("Bad response to Hello command: ERR=%s\n"
1034 "The Director at \"%s:%d\" is probably not running.\n"),
1035 dir->bstrerror(), dir->host(), dir->port());
1040 Dmsg1(10, "<dird: %s", dir->msg);
1041 if (strncmp(dir->msg, OKhello, sizeof(OKhello)-1) != 0) {
1042 bsnprintf(msg, msglen, _("Director at \"%s:%d\" rejected Hello command\n"),
1043 dir->host(), dir->port());
1046 bsnprintf(msg, msglen, "%s", dir->msg);
1052 bsnprintf(msg, msglen, _("Authorization problem with Director at \"%s:%d\"\n"
1053 "Most likely the passwords do not agree.\n"
1054 "If you are using TLS, there may have been a certificate validation error during the TLS handshake.\n"
1055 "Please see http://www.bacula.org/en/rel-manual/Bacula_Freque_Asked_Questi.html#SECTION003760000000000000000 for help.\n"),
1056 dir->host(), dir->port());