Copyright (C) 2000-2005 Kern Sibbald
This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License as
- published by the Free Software Foundation; either version 2 of
- the License, or (at your option) any later version.
+ modify it under the terms of the GNU General Public License
+ version 2 as amended with additional clauses defined in the
+ file LICENSE in the main source directory.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public
- License along with this program; if not, write to the Free
- Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- MA 02111-1307, USA.
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ the file LICENSE for additional details.
*/
void store_replace(LEX *lc, RES_ITEM *item, int index, int pass);
void init_device_resources();
-static char *configfile = NULL;
static char *runjob = NULL;
static int background = 1;
static void init_reload(void);
DIRRES *director; /* Director resource */
int FDConnectTimeout;
int SDConnectTimeout;
+char *configfile = NULL;
/* Globals Imported */
extern int r_first, r_last; /* first and last resources */
{
fprintf(stderr, _(
"Copyright (C) 2000-2005 Kern Sibbald.\n"
-"\nVersion: " VERSION " (" BDATE ")\n\n"
+"\nVersion: %s (%s)\n\n"
"Usage: dird [-f -s] [-c config_file] [-d debug_level] [config_file]\n"
" -c <file> set configuration file to file\n"
" -dnn set debug level to nn\n"
" -u userid\n"
" -v verbose user messages\n"
" -? print this message.\n"
-"\n"));
+"\n"), VERSION, BDATE);
exit(1);
}
char *uid = NULL;
char *gid = NULL;
+ setlocale(LC_ALL, "");
+ bindtextdomain("bacula", LOCALEDIR);
+ textdomain("bacula");
+
init_stack_dump();
my_name_is(argc, argv, "bacula-dir");
- textdomain("bacula");
init_msg(NULL, NULL); /* initialize message handler */
init_reload();
daemon_start_time = time(NULL);
parse_config(configfile);
+ if (init_crypto() != 0) {
+ Jmsg((JCR *)NULL, M_ERROR_TERM, 0, _("Cryptography library initialization failed.\n"));
+ }
+
if (!check_resources()) {
Jmsg((JCR *)NULL, M_ERROR_TERM, 0, _("Please correct configuration file: %s\n"), configfile);
}
init_console_msg(working_directory);
- init_python_interpreter(director->hdr.name, director->scripts_directory ?
- director->scripts_directory : ".", "DirStartUp");
+ init_python_interpreter(director->hdr.name, director->scripts_directory,
+ "DirStartUp");
set_thread_concurrency(director->MaxConcurrentJobs * 2 +
4 /* UA */ + 4 /* sched+watchdog+jobsvr+misc */);
init_job_server(director->MaxConcurrentJobs);
-// init_device_resources();
-
Dmsg0(200, "wait for next job\n");
/* Main loop -- call scheduler to get next job to run */
- while ((jcr = wait_for_next_job(runjob))) {
+ while ( (jcr = wait_for_next_job(runjob)) ) {
run_job(jcr); /* run job */
free_jcr(jcr); /* release jcr */
if (runjob) { /* command line, run a single job? */
/* Cleanup and then exit */
static void terminate_dird(int sig)
{
- static int already_here = FALSE;
+ static bool already_here = false;
if (already_here) { /* avoid recursive temination problems */
exit(1);
}
- already_here = TRUE;
+ already_here = true;
+ generate_daemon_event(NULL, "Exit");
write_state_file(director->working_directory, "bacula-dir", get_first_port_host_order(director->DIRaddrs));
delete_pid_file(director->pid_directory, "bacula-dir", get_first_port_host_order(director->DIRaddrs));
// signal(SIGCHLD, SIG_IGN); /* don't worry about children now */
term_ua_server();
term_msg(); /* terminate message handler */
stop_watchdog();
+ cleanup_crypto();
close_memory_pool(); /* release free memory in pool */
sm_dump(false);
exit(sig);
int reload_id = (int)((long int)ctx);
Dmsg3(100, "reload job_end JobId=%d table=%d cnt=%d\n", jcr->JobId,
reload_id, reload_table[reload_id].job_count);
- lock_jcr_chain();
+ lock_jobs();
LockRes();
if (--reload_table[reload_id].job_count <= 0) {
free_saved_resources(reload_id);
}
UnlockRes();
- unlock_jcr_chain();
+ unlock_jobs();
}
static int find_free_reload_table_entry()
sigaddset(&set, SIGHUP);
sigprocmask(SIG_BLOCK, &set, NULL);
-// Jmsg(NULL, M_INFO, 0, "Entering experimental reload config code. Bug reports will not be accepted.\n");
-
- lock_jcr_chain();
+ lock_jobs();
LockRes();
table = find_free_reload_table_entry();
job_end_push(jcr, reload_job_end_cb, (void *)((long int)table));
njobs++;
}
- free_locked_jcr(jcr);
+ free_jcr(jcr);
}
}
SDConnectTimeout = director->SDConnectTimeout;
Dmsg0(0, "Director's configuration file reread.\n");
-// init_device_resources(); /* Update Device resources */
-
/* Now release saved resources, if no jobs using the resources */
if (njobs == 0) {
free_saved_resources(table);
bail_out:
UnlockRes();
- unlock_jcr_chain();
+ unlock_jobs();
sigprocmask(SIG_UNBLOCK, &set, NULL);
signal(SIGHUP, reload_config);
already_here = false;
configfile);
OK = false;
}
+ /* tls_require implies tls_enable */
+ if (director->tls_require) {
+ if (have_tls) {
+ director->tls_enable = true;
+ } else {
+ Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
+ OK = false;
+ }
+ }
+
+ if (!director->tls_certfile && director->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
+ }
+
+ if (!director->tls_keyfile && director->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
+ }
+
+ if ((!director->tls_ca_certfile && !director->tls_ca_certdir) && director->tls_enable && director->tls_verify_peer) {
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\" or \"TLS CA"
+ " Certificate Dir\" are defined for Director \"%s\" in %s."
+ " At least one CA certificate store is required"
+ " when using \"TLS Verify Peer\".\n"),
+ director->hdr.name, configfile);
+ OK = false;
+ }
+
+ /* If everything is well, attempt to initialize our per-resource TLS context */
+ if (OK && (director->tls_enable || director->tls_require)) {
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ director->tls_ctx = new_tls_context(director->tls_ca_certfile,
+ director->tls_ca_certdir, director->tls_certfile,
+ director->tls_keyfile, NULL, NULL, director->tls_dhfile,
+ director->tls_verify_peer);
+
+ if (!director->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Director \"%s\" in %s.\n"),
+ director->hdr.name, configfile);
+ OK = false;
+ }
+ }
}
if (!job) {
job->hdr.name, job_items[i].name, *def_svalue, i, offset);
svalue = (char **)((char *)job + offset);
if (*svalue) {
- Pmsg1(000, "Hey something is wrong. p=0x%lu\n", *svalue);
+ Pmsg1(000, _("Hey something is wrong. p=0x%lu\n"), *svalue);
}
*svalue = bstrdup(*def_svalue);
set_bit(i, job->hdr.item_present);
job->hdr.name, job_items[i].name, i, offset);
svalue = (char **)((char *)job + offset);
if (*svalue) {
- Pmsg1(000, "Hey something is wrong. p=0x%lu\n", *svalue);
+ Pmsg1(000, _("Hey something is wrong. p=0x%lu\n"), *svalue);
}
*svalue = *def_svalue;
set_bit(i, job->hdr.item_present);
for (i=0; job_items[i].name; i++) {
if (job_items[i].flags & ITEM_REQUIRED) {
if (!bit_is_set(i, job->hdr.item_present)) {
- Jmsg(NULL, M_FATAL, 0, "\"%s\" directive in Job \"%s\" resource is required, but not found.\n",
+ Jmsg(NULL, M_FATAL, 0, _("\"%s\" directive in Job \"%s\" resource is required, but not found.\n"),
job_items[i].name, job->hdr.name);
OK = false;
}
}
/* If this triggers, take a look at lib/parse_conf.h */
if (i >= MAX_RES_ITEMS) {
- Emsg0(M_ERROR_TERM, 0, "Too many items in Job resource\n");
+ Emsg0(M_ERROR_TERM, 0, _("Too many items in Job resource\n"));
}
}
} /* End loop over Job res */
if (!sr.created) { /* if not created, update it */
db_update_storage_record(NULL, db, &sr);
}
+
+ /* tls_require implies tls_enable */
+ if (store->tls_require) {
+ if (have_tls) {
+ store->tls_enable = true;
+ } else {
+ Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
+ OK = false;
+ }
+ }
+
+ if ((!store->tls_ca_certfile && !store->tls_ca_certdir) && store->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for Storage \"%s\" in %s.\n"),
+ store->hdr.name, configfile);
+ OK = false;
+ }
+
+ /* If everything is well, attempt to initialize our per-resource TLS context */
+ if (OK && (store->tls_enable || store->tls_require)) {
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ store->tls_ctx = new_tls_context(store->tls_ca_certfile,
+ store->tls_ca_certdir, store->tls_certfile,
+ store->tls_keyfile, NULL, NULL, NULL, true);
+
+ if (!store->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for Storage \"%s\" in %s.\n"),
+ store->hdr.name, configfile);
+ OK = false;
+ }
+ }
}
/* Loop over all counters, defining them in each database */
db_close_database(NULL, db);
}
+ /* Loop over Consoles */
+ CONRES *cons;
+ foreach_res(cons, R_CONSOLE) {
+ /* tls_require implies tls_enable */
+ if (cons->tls_require) {
+ if (have_tls) {
+ cons->tls_enable = true;
+ } else {
+ Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
+ OK = false;
+ continue;
+ }
+ }
+
+ if (!cons->tls_certfile && cons->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Certificate\" file not defined for Console \"%s\" in %s.\n"),
+ cons->hdr.name, configfile);
+ OK = false;
+ }
+
+ if (!cons->tls_keyfile && cons->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("\"TLS Key\" file not defined for Console \"%s\" in %s.\n"),
+ cons->hdr.name, configfile);
+ OK = false;
+ }
+
+ if ((!cons->tls_ca_certfile && !cons->tls_ca_certdir) && cons->tls_enable && cons->tls_verify_peer) {
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\" or \"TLS CA"
+ " Certificate Dir\" are defined for Console \"%s\" in %s."
+ " At least one CA certificate store is required"
+ " when using \"TLS Verify Peer\".\n"),
+ cons->hdr.name, configfile);
+ OK = false;
+ }
+ /* If everything is well, attempt to initialize our per-resource TLS context */
+ if (OK && (cons->tls_enable || cons->tls_require)) {
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ cons->tls_ctx = new_tls_context(cons->tls_ca_certfile,
+ cons->tls_ca_certdir, cons->tls_certfile,
+ cons->tls_keyfile, NULL, NULL, cons->tls_dhfile, cons->tls_verify_peer);
+
+ if (!cons->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
+ cons->hdr.name, configfile);
+ OK = false;
+ }
+ }
+
+ }
+
+ /* Loop over Clients */
+ CLIENT *client;
+ foreach_res(client, R_CLIENT) {
+ /* tls_require implies tls_enable */
+ if (client->tls_require) {
+ if (have_tls) {
+ client->tls_enable = true;
+ } else {
+ Jmsg(NULL, M_FATAL, 0, _("TLS required but not configured in Bacula.\n"));
+ OK = false;
+ continue;
+ }
+ }
+
+ if ((!client->tls_ca_certfile && !client->tls_ca_certdir) && client->tls_enable) {
+ Jmsg(NULL, M_FATAL, 0, _("Neither \"TLS CA Certificate\""
+ " or \"TLS CA Certificate Dir\" are defined for File daemon \"%s\" in %s.\n"),
+ client->hdr.name, configfile);
+ OK = false;
+ }
+
+ /* If everything is well, attempt to initialize our per-resource TLS context */
+ if (OK && (client->tls_enable || client->tls_require)) {
+ /* Initialize TLS context:
+ * Args: CA certfile, CA certdir, Certfile, Keyfile,
+ * Keyfile PEM Callback, Keyfile CB Userdata, DHfile, Verify Peer */
+ client->tls_ctx = new_tls_context(client->tls_ca_certfile,
+ client->tls_ca_certdir, client->tls_certfile,
+ client->tls_keyfile, NULL, NULL, NULL,
+ true);
+
+ if (!client->tls_ctx) {
+ Jmsg(NULL, M_FATAL, 0, _("Failed to initialize TLS context for File daemon \"%s\" in %s.\n"),
+ client->hdr.name, configfile);
+ OK = false;
+ }
+ }
+ }
+
UnlockRes();
if (OK) {
close_msg(NULL); /* close temp message handler */
projects / bacula / bacula / blobdiff