int authenticate_storage_daemon(JCR *jcr)
{
BSOCK *sd = jcr->store_bsock;
+ char dirname[MAX_NAME_LENGTH];
+ int ssl_need = BNET_SSL_NONE;
/*
* Send my name to the Storage daemon then do authentication
*/
- if (!bnet_fsend(sd, hello, director->hdr.name)) {
- Emsg1(M_FATAL, 0, _("Auth send error. ERR=%s\n"), bnet_strerror(sd));
+ bstrncpy(dirname, director->hdr.name, sizeof(dirname));
+ bash_spaces(dirname);
+ /* Timeout Hello after 5 mins */
+ btimer_t *tid = start_bsock_timer(sd, 60 * 5);
+ if (!bnet_fsend(sd, hello, dirname)) {
+ stop_bsock_timer(tid);
+ Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to Storage daemon. ERR=%s\n"), bnet_strerror(sd));
+ return 0;
}
- if (!cram_md5_get_auth(sd, jcr->store->password) ||
- !cram_md5_auth(sd, jcr->store->password)) {
- Emsg0(M_FATAL, 0, _("Storage daemon authorization failed.\n"));
+ if (!cram_md5_get_auth(sd, jcr->store->password, ssl_need) ||
+ !cram_md5_auth(sd, jcr->store->password, ssl_need)) {
+ stop_bsock_timer(tid);
+ Jmsg0(jcr, M_FATAL, 0, _("Director and Storage daemon passwords or names not the same.\n"));
return 0;
}
- Dmsg1(6, ">stored: %s", sd->msg);
+ Dmsg1(116, ">stored: %s", sd->msg);
if (bnet_recv(sd) <= 0) {
- Emsg1(M_FATAL, 0, _("bdird<stored: bad response to Hello command: ERR=%s\n"),
+ stop_bsock_timer(tid);
+ Jmsg1(jcr, M_FATAL, 0, _("bdird<stored: bad response to Hello command: ERR=%s\n"),
bnet_strerror(sd));
return 0;
}
- Dmsg1(10, "<stored: %s", sd->msg);
+ Dmsg1(110, "<stored: %s", sd->msg);
+ stop_bsock_timer(tid);
if (strncmp(sd->msg, OKhello, sizeof(OKhello)) != 0) {
- Emsg0(M_FATAL, 0, _("Storage daemon rejected Hello command\n"));
+ Jmsg0(jcr, M_FATAL, 0, _("Storage daemon rejected Hello command\n"));
return 0;
}
return 1;
int authenticate_file_daemon(JCR *jcr)
{
BSOCK *fd = jcr->file_bsock;
+ char dirname[MAX_NAME_LENGTH];
+ int ssl_need = BNET_SSL_NONE;
/*
* Send my name to the File daemon then do authentication
*/
- bnet_fsend(fd, hello, director->hdr.name);
- if (!cram_md5_get_auth(fd, jcr->client->password) ||
- !cram_md5_auth(fd, jcr->client->password)) {
- Emsg0(M_FATAL, 0, _("File daemon authentication failed.\n"));
+ bstrncpy(dirname, director->hdr.name, sizeof(dirname));
+ bash_spaces(dirname);
+ /* Timeout Hello after 5 mins */
+ btimer_t *tid = start_bsock_timer(fd, 60 * 5);
+ if (!bnet_fsend(fd, hello, dirname)) {
+ stop_bsock_timer(tid);
+ Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to File daemon. ERR=%s\n"), bnet_strerror(fd));
+ return 0;
+ }
+ if (!cram_md5_get_auth(fd, jcr->client->password, ssl_need) ||
+ !cram_md5_auth(fd, jcr->client->password, ssl_need)) {
+ stop_bsock_timer(tid);
+ Jmsg(jcr, M_FATAL, 0, _("Director and File daemon passwords or names not the same.\n"));
return 0;
}
- Dmsg1(6, ">filed: %s", fd->msg);
+ Dmsg1(116, ">filed: %s", fd->msg);
if (bnet_recv(fd) <= 0) {
- Emsg1(M_FATAL, 0, _("bdird<filed: bad response to Hello command: ERR=%s\n"),
+ stop_bsock_timer(tid);
+ Jmsg(jcr, M_FATAL, 0, _("Bad response from File daemon to Hello command: ERR=%s\n"),
bnet_strerror(fd));
return 0;
}
- Dmsg1(10, "<stored: %s", fd->msg);
+ Dmsg1(110, "<stored: %s", fd->msg);
+ stop_bsock_timer(tid);
if (strncmp(fd->msg, FDOKhello, sizeof(FDOKhello)) != 0) {
- Emsg0(M_FATAL, 0, _("File daemon rejected Hello command\n"));
+ Jmsg(jcr, M_FATAL, 0, _("File daemon rejected Hello command\n"));
return 0;
}
return 1;
/*********************************************************************
*
*/
-int authenticate_user_agent(BSOCK *ua)
+int authenticate_user_agent(UAContext *uac)
{
- char name[128];
- int ok = 0;
-
+ char name[MAX_NAME_LENGTH];
+ int ssl_need = BNET_SSL_NONE;
+ bool ok;
+ BSOCK *ua = uac->UA_sock;
+
+ if (ua->msglen < 16 || ua->msglen >= MAX_NAME_LENGTH + 15) {
+ Emsg4(M_ERROR, 0, _("UA Hello from %s:%s:%d is invalid. Len=%d\n"), ua->who,
+ ua->host, ua->port, ua->msglen);
+ return 0;
+ }
if (sscanf(ua->msg, "Hello %127s calling\n", name) != 1) {
- Emsg1(M_FATAL, 0, _("Authentication failure: %s"), ua->msg);
+ ua->msg[100] = 0; /* terminate string */
+ Emsg4(M_ERROR, 0, _("UA Hello from %s:%s:%d is invalid. Got: %s\n"), ua->who,
+ ua->host, ua->port, ua->msg);
return 0;
}
-
- ok = cram_md5_auth(ua, director->password) &&
- cram_md5_get_auth(ua, director->password);
-
+// Dmsg2(000, "Console=%s addr=%s\n", name, inet_ntoa(ua->client_addr.sin_addr));
+ name[sizeof(name)-1] = 0; /* terminate name */
+ if (strcmp(name, "*UserAgent*") == 0) { /* default console */
+ ok = cram_md5_auth(ua, director->password, ssl_need) &&
+ cram_md5_get_auth(ua, director->password, ssl_need);
+ } else {
+ unbash_spaces(name);
+ CONRES *cons = (CONRES *)GetResWithName(R_CONSOLE, name);
+ if (cons) {
+ ok = cram_md5_auth(ua, cons->password, ssl_need) &&
+ cram_md5_get_auth(ua, cons->password, ssl_need);
+ if (ok) {
+ uac->cons = cons; /* save console resource pointer */
+ }
+ } else {
+ ok = false;
+ }
+ }
if (!ok) {
bnet_fsend(ua, "%s", _(Dir_sorry));
- Emsg0(M_WARNING, 0, _("Unable to authenticate User Agent\n"));
+ Emsg4(M_ERROR, 0, _("Unable to authenticate console \"%s\" at %s:%s:%d.\n"),
+ name, ua->who, ua->host, ua->port);
+ sleep(5);
return 0;
}
- bnet_fsend(ua, "1000 OK: %s Version: " VERSION " (" DATE ")\n", my_name);
+ bnet_fsend(ua, "1000 OK: %s Version: " VERSION " (" BDATE ")\n", my_name);
return 1;
}