*
*/
/*
- Copyright (C) 2000-2005 Kern Sibbald
+ Copyright (C) 2000-2006 Kern Sibbald
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
/* Imported Functions */
extern void *handle_client_request(void *dir_sock);
-/* Imported Variables */
-extern time_t watchdog_sleep_time;
-
/* Forward referenced functions */
void terminate_filed(int sig);
static int check_resources();
/* Exported variables */
CLIENT *me; /* my resource */
-char OK_msg[] = "2000 OK\n";
-char TERM_msg[] = "2999 Terminate\n";
bool no_signals = false;
-#if defined(HAVE_CYGWIN) || defined(HAVE_WIN32)
-const int win32_client = 1;
-#else
-const int win32_client = 0;
-#endif
-
#define CONFIG_FILE "./bacula-fd.conf" /* default config file */
char *configfile = NULL;
static bool foreground = false;
-static bool inetd_request = false;
static workq_t dir_workq; /* queue of work from Director */
static pthread_t server_tid;
static void usage()
{
- Pmsg2(-1, _(
-"Copyright (C) 2000-2005 Kern Sibbald\n"
+ Pmsg3(-1, _(
+"Copyright (C) 2000-%s Kern Sibbald\n"
"\nVersion: %s (%s)\n\n"
"Usage: bacula-fd [-f -s] [-c config_file] [-d debug_level]\n"
" -c <file> use <file> as configuration file\n"
" -dnn set debug level to nn\n"
" -f run in foreground (for debugging)\n"
" -g groupid\n"
-" -i inetd request\n"
" -s no signals (for debugging)\n"
" -t test configuration file and exit\n"
" -u userid\n"
" -v verbose user messages\n"
" -? print this message.\n"
-"\n"), VERSION, BDATE);
+"\n"), BYEAR, VERSION, BDATE);
exit(1);
}
* Main Bacula Unix Client Program
*
*/
-#if defined(HAVE_CYGWIN) || defined(HAVE_WIN32)
+#if defined(HAVE_WIN32)
#define main BaculaMain
#endif
init_msg(NULL, NULL);
daemon_start_time = time(NULL);
- while ((ch = getopt(argc, argv, "c:d:fg:istu:v?")) != -1) {
+ while ((ch = getopt(argc, argv, "c:d:fg:stu:v?")) != -1) {
switch (ch) {
case 'c': /* configuration file */
if (configfile != NULL) {
gid = optarg;
break;
- case 'i':
- inetd_request = true;
- break;
case 's':
no_signals = true;
break;
terminate_filed(0);
}
- if (!foreground &&!inetd_request) {
+ if (!foreground) {
daemon_start();
init_stack_dump(); /* set new pid */
}
}
server_tid = pthread_self();
- if (inetd_request) {
- /* Socket is on fd 0 */
- struct sockaddr client_addr;
- int port = -1;
- socklen_t client_addr_len = sizeof(client_addr);
- if (getsockname(0, &client_addr, &client_addr_len) == 0) {
- /* MA BUG 6 remove ifdefs */
- port = sockaddr_get_port_net_order(&client_addr);
- }
- BSOCK *bs = init_bsock(NULL, 0, "client", "unknown client", port, &client_addr);
- handle_client_request((void *)bs);
- } else {
- /* Become server, and handle requests */
- IPADDR *p;
- foreach_dlist(p, me->FDaddrs) {
- Dmsg1(10, "filed: listening on port %d\n", p->get_port_host_order());
- }
- bnet_thread_server(me->FDaddrs, me->MaxConcurrentJobs, &dir_workq, handle_client_request);
+ /* Become server, and handle requests */
+ IPADDR *p;
+ foreach_dlist(p, me->FDaddrs) {
+ Dmsg1(10, "filed: listening on port %d\n", p->get_port_host_order());
}
+ bnet_thread_server(me->FDaddrs, me->MaxConcurrentJobs, &dir_workq, handle_client_request);
terminate_filed(0);
exit(0); /* should never get here */
me->pki_sign = true;
}
- if ((me->pki_encrypt || me->pki_sign) && !me->pki_keypairfile) {
+ if ((me->pki_encrypt || me->pki_sign) && !me->pki_keypair_file) {
Emsg2(M_FATAL, 0, _("\"PKI Key Pair\" must be defined for File"
" daemon \"%s\" in %s if either \"PKI Sign\" or"
" \"PKI Encrypt\" are enabled.\n"), me->hdr.name, configfile);
/* If everything is well, attempt to initialize our public/private keys */
if (OK && (me->pki_encrypt || me->pki_sign)) {
char *filepath;
-
/* Load our keypair */
me->pki_keypair = crypto_keypair_new();
if (!me->pki_keypair) {
Emsg0(M_FATAL, 0, _("Failed to allocate a new keypair object.\n"));
OK = false;
} else {
- if (!crypto_keypair_load_cert(me->pki_keypair, me->pki_keypairfile)) {
+ if (!crypto_keypair_load_cert(me->pki_keypair, me->pki_keypair_file)) {
Emsg2(M_FATAL, 0, _("Failed to load public certificate for File"
" daemon \"%s\" in %s.\n"), me->hdr.name, configfile);
OK = false;
}
- if (!crypto_keypair_load_key(me->pki_keypair, me->pki_keypairfile, NULL, NULL)) {
+ if (!crypto_keypair_load_key(me->pki_keypair, me->pki_keypair_file, NULL, NULL)) {
Emsg2(M_FATAL, 0, _("Failed to load private key for File"
" daemon \"%s\" in %s.\n"), me->hdr.name, configfile);
OK = false;
* Trusted Signers. We're always trusted.
*/
me->pki_signers = New(alist(10, not_owned_by_alist));
- me->pki_signers->append(crypto_keypair_dup(me->pki_keypair));
+ if (me->pki_keypair) {
+ me->pki_signers->append(crypto_keypair_dup(me->pki_keypair));
+ }
- /* If additional trusted keys have been specified, load them up */
- if (me->pki_trustedkeys) {
- foreach_alist(filepath, me->pki_trustedkeys) {
+ /* If additional signing public keys have been specified, load them up */
+ if (me->pki_signing_key_files) {
+ foreach_alist(filepath, me->pki_signing_key_files) {
X509_KEYPAIR *keypair;
keypair = crypto_keypair_new();
} else {
if (crypto_keypair_load_cert(keypair, filepath)) {
me->pki_signers->append(keypair);
+
+ /* Attempt to load a private key, if available */
+ if (crypto_keypair_has_key(filepath)) {
+ if (!crypto_keypair_load_key(keypair, filepath, NULL, NULL)) {
+ Emsg3(M_FATAL, 0, _("Failed to load private key from file %s for File"
+ " daemon \"%s\" in %s.\n"), filepath, me->hdr.name, configfile);
+ OK = false;
+ }
+ }
+
} else {
Emsg3(M_FATAL, 0, _("Failed to load trusted signer certificate"
" from file %s for File daemon \"%s\" in %s.\n"), filepath, me->hdr.name, configfile);
}
}
- if (me->pki_encrypt) {
- /*
- * Trusted readers. We're always trusted.
- * The symmetric session key will be encrypted for each of these readers.
- */
- me->pki_readers = New(alist(10, not_owned_by_alist));
- me->pki_readers->append(crypto_keypair_dup(me->pki_keypair));
+ /*
+ * Crypto recipients. We're always included as a recipient.
+ * The symmetric session key will be encrypted for each of these readers.
+ */
+ me->pki_recipients = New(alist(10, not_owned_by_alist));
+ if (me->pki_keypair) {
+ me->pki_recipients->append(crypto_keypair_dup(me->pki_keypair));
+ }
- /* If additional keys have been specified, load them up */
- if (me->pki_masterkeys) {
- foreach_alist(filepath, me->pki_masterkeys) {
- X509_KEYPAIR *keypair;
+ /* If additional keys have been specified, load them up */
+ if (me->pki_master_key_files) {
+ foreach_alist(filepath, me->pki_master_key_files) {
+ X509_KEYPAIR *keypair;
- keypair = crypto_keypair_new();
- if (!keypair) {
- Emsg0(M_FATAL, 0, _("Failed to allocate a new keypair object.\n"));
- OK = false;
+ keypair = crypto_keypair_new();
+ if (!keypair) {
+ Emsg0(M_FATAL, 0, _("Failed to allocate a new keypair object.\n"));
+ OK = false;
+ } else {
+ if (crypto_keypair_load_cert(keypair, filepath)) {
+ me->pki_recipients->append(keypair);
} else {
- if (crypto_keypair_load_cert(keypair, filepath)) {
- me->pki_signers->append(keypair);
- } else {
- Emsg3(M_FATAL, 0, _("Failed to load master key certificate"
- " from file %s for File daemon \"%s\" in %s.\n"), filepath, me->hdr.name, configfile);
- OK = false;
- }
+ Emsg3(M_FATAL, 0, _("Failed to load master key certificate"
+ " from file %s for File daemon \"%s\" in %s.\n"), filepath, me->hdr.name, configfile);
+ OK = false;
}
}
}