+
+ STORE *store;
+ foreach_res(store, R_STORAGE) {
+ STORAGE_DBR sr;
+ MEDIATYPE_DBR mr;
+ if (store->media_type) {
+ bstrncpy(mr.MediaType, store->media_type, sizeof(mr.MediaType));
+ mr.ReadOnly = 0;
+ db_create_mediatype_record(NULL, db, &mr);
+ } else {
+ mr.MediaTypeId = 0;
+ }
+ bstrncpy(sr.Name, store->name(), sizeof(sr.Name));
+ sr.AutoChanger = store->autochanger;
+ db_create_storage_record(NULL, db, &sr);
+ store->StorageId = sr.StorageId; /* set storage Id */
+ if (!sr.created) { /* if not created, update it */
+ db_update_storage_record(NULL, db, &sr);
+ }
+
+ /* tls_require implies tls_enable */
+ if (store->tls_require) {
+ if (have_tls) {
+ store->tls_enable = true;
+ } else {
+ Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
+ OK = false;
+ }
+ }
+
+ if ((!store->tls_ca_certfile && !store->tls_ca_certdir) && store->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for Storage \"%s\" in %s.\n"),
+ store->hdr.name, configfile);
+ OK = false;
+ }
+
+ /* If everything is well, attempt to initialize our per-resource TLS context */
+ if (OK && (store->tls_enable || store->tls_require)) {
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ store->tls_ctx = new_tls_context(store->tls_ca_certfile,
+ store->tls_ca_certdir, store->tls_certfile,
+ store->tls_keyfile, NULL, NULL, NULL, true);
+
+ if (!store->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Storage \"%s\" in %s.\n"),
+ store->hdr.name, configfile);
+ OK = false;
+ }
+ }
+ }
+
+ /* Loop over all counters, defining them in each database */
+ /* Set default value in all counters */
+ COUNTER *counter;
+ foreach_res(counter, R_COUNTER) {
+ /* Write to catalog? */
+ if (!counter->created && counter->Catalog == catalog) {
+ COUNTER_DBR cr;
+ bstrncpy(cr.Counter, counter->hdr.name, sizeof(cr.Counter));
+ cr.MinValue = counter->MinValue;
+ cr.MaxValue = counter->MaxValue;
+ cr.CurrentValue = counter->MinValue;
+ if (counter->WrapCounter) {
+ bstrncpy(cr.WrapCounter, counter->WrapCounter->hdr.name, sizeof(cr.WrapCounter));
+ } else {
+ cr.WrapCounter[0] = 0; /* empty string */
+ }
+ if (db_create_counter_record(NULL, db, &cr)) {
+ counter->CurrentValue = cr.CurrentValue;
+ counter->created = true;
+ Dmsg2(100, "Create counter %s val=%d\n", counter->hdr.name, counter->CurrentValue);
+ }
+ }
+ if (!counter->created) {
+ counter->CurrentValue = counter->MinValue; /* default value */
+ }
+ }
+ db_close_database(NULL, db);
+ }
+
+ /* Loop over Consoles */
+ CONRES *cons;
+ foreach_res(cons, R_CONSOLE) {
+ /* tls_require implies tls_enable */
+ if (cons->tls_require) {
+ if (have_tls) {
+ cons->tls_enable = true;
+ } else {
+ Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
+ OK = false;
+ continue;
+ }
+ }
+
+ if (!cons->tls_certfile && cons->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Console \"%s\" in %s.\n"),
+ cons->hdr.name, configfile);
+ OK = false;
+ }
+
+ if (!cons->tls_keyfile && cons->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Console \"%s\" in %s.\n"),
+ cons->hdr.name, configfile);
+ OK = false;
+ }
+
+ if ((!cons->tls_ca_certfile && !cons->tls_ca_certdir) && cons->tls_enable && cons->tls_verify_peer) {
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\" or \"TLS CA"
+ " Certificate Dir\" are defined for Console \"%s\" in %s."
+ " At least one CA certificate store is required"
+ " when using \"TLS Verify Peer\".\n"),
+ cons->hdr.name, configfile);
+ OK = false;
+ }
+ /* If everything is well, attempt to initialize our per-resource TLS context */
+ if (OK && (cons->tls_enable || cons->tls_require)) {
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ cons->tls_ctx = new_tls_context(cons->tls_ca_certfile,
+ cons->tls_ca_certdir, cons->tls_certfile,
+ cons->tls_keyfile, NULL, NULL, cons->tls_dhfile, cons->tls_verify_peer);
+
+ if (!cons->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
+ cons->hdr.name, configfile);
+ OK = false;
+ }
+ }
+
+ }
+
+ /* Loop over Clients */
+ CLIENT *client;
+ foreach_res(client, R_CLIENT) {
+ /* tls_require implies tls_enable */
+ if (client->tls_require) {
+ if (have_tls) {
+ client->tls_enable = true;
+ } else {
+ Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
+ OK = false;
+ continue;
+ }
+ }
+
+ if ((!client->tls_ca_certfile && !client->tls_ca_certdir) && client->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for File daemon \"%s\" in %s.\n"),
+ client->hdr.name, configfile);
+ OK = false;
+ }
+
+ /* If everything is well, attempt to initialize our per-resource TLS context */
+ if (OK && (client->tls_enable || client->tls_require)) {
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ client->tls_ctx = new_tls_context(client->tls_ca_certfile,
+ client->tls_ca_certdir, client->tls_certfile,
+ client->tls_keyfile, NULL, NULL, NULL,
+ true);
+
+ if (!client->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
+ client->hdr.name, configfile);
+ OK = false;
+ }