Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301, USA.
- Bacula® is a registered trademark of John Walker.
+ Bacula® is a registered trademark of Kern Sibbald.
The licensor of Bacula is the Free Software Foundation Europe
(FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
Switzerland, email:ftf@fsfeurope.org.
*
* Kern Sibbald, November MM
*
- * Version $Id$
- *
*/
#include "bacula.h"
#endif
#ifdef HAVE_SHA2
- const bool have_sha2 = true;
+const bool have_sha2 = true;
#else
- const bool have_sha2 = false;
+const bool have_sha2 = false;
#endif
+#if defined(HAVE_XATTR)
+const bool have_xattr = true;
+#else
+const bool have_xattr = false;
+#endif
/* Data received from Storage Daemon */
static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
intmax_t fork_size; /* Size of alternate stream */
int fork_flags; /* Options for extract_data() */
int32_t type; /* file type FT_ */
+ ATTR *attr; /* Pointer to attributes */
+ bool extract; /* set when extracting */
SIGNATURE *sig; /* Cryptographic signature (if any) for file */
CRYPTO_SESSION *cs; /* Cryptographic session data (if any) for file */
static void deallocate_fork_cipher(r_ctx &rctx);
static void free_signature(r_ctx &rctx);
static void free_session(r_ctx &rctx);
+static void close_previous_stream(r_ctx &rctx);
/*
* Close a bfd check that we are at the expected file offset.
- * Makes some code in set_attributes().
+ * Makes use of some code from set_attributes().
*/
static int bclose_chksize(JCR *jcr, BFILE *bfd, boffset_t osize)
{
{
BSOCK *sd;
uint32_t VolSessionId, VolSessionTime;
- bool extract = false;
int32_t file_index;
char ec1[50]; /* Buffer printing huge values */
uint32_t buf_size; /* client buffer size */
int stat;
- ATTR *attr;
intmax_t rsrc_len = 0; /* Original length of resource fork */
r_ctx rctx;
+ ATTR *attr;
/* ***FIXME*** make configurable */
crypto_digest_t signing_algorithm = have_sha2 ?
CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
int non_support_acl = 0;
int non_support_progname = 0;
int non_support_crypto = 0;
+ int non_support_xattr = 0;
#ifdef HAVE_DARWIN_OS
struct attrlist attrList;
if (have_libz) {
uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
- jcr->compress_buf = (char *)bmalloc(compress_buf_size);
+ jcr->compress_buf = get_memory(compress_buf_size);
jcr->compress_buf_size = compress_buf_size;
}
* d. Alternate data stream (e.g. Resource Fork)
* e. Finder info
* f. ACLs
- * g. Possibly a cryptographic signature
- * h. Possibly MD5 or SHA1 record
+ * g. XATTRs
+ * h. Possibly a cryptographic signature
+ * i. Possibly MD5 or SHA1 record
* 3. Repeat step 1
*
* NOTE: We keep track of two bacula file descriptors:
*/
binit(&rctx.bfd);
binit(&rctx.forkbfd);
- attr = new_attr(jcr);
- jcr->acl_text = get_pool_memory(PM_MESSAGE);
-
-
+ attr = rctx.attr = new_attr(jcr);
+ if (have_acl) {
+ jcr->acl_data = (acl_data_t *)malloc(sizeof(acl_data_t));
+ memset((caddr_t)jcr->acl_data, 0, sizeof(acl_data_t));
+ jcr->acl_data->content = get_pool_memory(PM_MESSAGE);
+ }
+ if (have_xattr) {
+ jcr->xattr_data = (xattr_data_t *)malloc(sizeof(xattr_data_t));
+ memset((caddr_t)jcr->xattr_data, 0, sizeof(xattr_data_t));
+ jcr->xattr_data->content = get_pool_memory(PM_MESSAGE);
+ }
while (bget_msg(sd) >= 0 && !job_canceled(jcr)) {
/* Remember previous stream type */
Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), sd->msg);
goto bail_out;
}
- Dmsg4(30, "Got hdr: Files=%d FilInx=%d Stream=%d, %s.\n",
- jcr->JobFiles, file_index, rctx.stream, stream_to_ascii(rctx.stream));
+ Dmsg5(50, "Got hdr: Files=%d FilInx=%d size=%d Stream=%d, %s.\n",
+ jcr->JobFiles, file_index, rctx.size, rctx.stream, stream_to_ascii(rctx.stream));
/* * Now we expect the Stream Data */
if (bget_msg(sd) < 0) {
if (rctx.size != (uint32_t)sd->msglen) {
Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
sd->msglen, rctx.size);
+ Dmsg2(50, "Actual data size %d not same as header %d\n",
+ sd->msglen, rctx.size);
goto bail_out;
}
- Dmsg3(30, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream),
- sd->msglen, extract);
+ Dmsg3(130, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream),
+ sd->msglen, rctx.extract);
/* If we change streams, close and reset alternate data streams */
if (rctx.prev_stream != rctx.stream) {
switch (rctx.stream) {
case STREAM_UNIX_ATTRIBUTES:
case STREAM_UNIX_ATTRIBUTES_EX:
- /*
- * If extracting, it was from previous stream, so
- * close the output file and validate the signature.
- */
- if (extract) {
- if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
- Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
- }
-
- if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
- deallocate_cipher(rctx);
- deallocate_fork_cipher(rctx);
- }
+ close_previous_stream(rctx); /* if any previous stream open, close it */
- set_attributes(jcr, attr, &rctx.bfd);
- extract = false;
- /* Verify the cryptographic signature, if any */
- rctx.type = attr->type;
- verify_signature(jcr, rctx);
-
- /* Free Signature */
- free_signature(rctx);
- free_session(rctx);
- jcr->ff->flags = 0;
- Dmsg0(30, "Stop extracting.\n");
- } else if (is_bopen(&rctx.bfd)) {
- Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
- bclose(&rctx.bfd);
+ /* TODO: manage deleted files */
+ if (rctx.type == FT_DELETED) { /* deleted file */
+ continue;
}
/*
if (!unpack_attributes_record(jcr, rctx.stream, sd->msg, attr)) {
goto bail_out;
}
+#ifdef xxx
if (file_index != attr->file_index) {
Jmsg(jcr, M_FATAL, 0, _("Record header file index %ld not equal record index %ld\n"),
file_index, attr->file_index);
- Dmsg0(100, "File index error\n");
+ Dmsg0(200, "File index error\n");
goto bail_out;
}
+#endif
Dmsg3(200, "File %s\nattrib=%s\nattribsEx=%s\n", attr->fname,
attr->attr, attr->attrEx);
build_attr_output_fnames(jcr, attr);
/*
- * Now determine if we are extracting or not.
+ * Try to actually create the file, which returns a status telling
+ * us if we need to extract or not.
*/
jcr->num_files_examined++;
- extract = false;
- stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
- Dmsg2(30, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
+ rctx.extract = false;
+ if (jcr->plugin) {
+ stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
+ } else {
+ stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
+ }
+ jcr->lock();
+ pm_strcpy(jcr->last_fname, attr->ofname);
+ jcr->last_type = attr->type;
+ jcr->unlock();
+ Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
switch (stat) {
case CF_ERROR:
case CF_SKIP:
+ pm_strcpy(jcr->last_fname, attr->ofname);
+ jcr->last_type = attr->type;
break;
case CF_EXTRACT: /* File created and we expect file data */
- extract = true;
+ rctx.extract = true;
/* FALLTHROUGH */
case CF_CREATED: /* File created, but there is no content */
- jcr->lock();
- pm_strcpy(jcr->last_fname, attr->ofname);
- jcr->last_type = attr->type;
- jcr->JobFiles++;
- jcr->unlock();
rctx.fileAddr = 0;
print_ls_output(jcr, attr);
/* Only restore the resource fork for regular files */
from_base64(&rsrc_len, attr->attrEx);
if (attr->type == FT_REG && rsrc_len > 0) {
- extract = true;
+ rctx.extract = true;
}
+
+ /*
+ * Count the resource forks not as regular files being restored.
+ */
+ if (rsrc_len == 0) {
+ jcr->JobFiles++;
+ }
+ } else {
+ jcr->JobFiles++;
}
- if (!extract) {
+
+ if (!rctx.extract) {
/* set attributes now because file will not be extracted */
- set_attributes(jcr, attr, &rctx.bfd);
+ if (jcr->plugin) {
+ plugin_set_attributes(jcr, attr, &rctx.bfd);
+ } else {
+ set_attributes(jcr, attr, &rctx.bfd);
+ }
}
break;
}
/* Is this an unexpected session data entry? */
if (rctx.cs) {
Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
- extract = false;
+ rctx.extract = false;
bclose(&rctx.bfd);
continue;
}
/* Do we have any keys at all? */
if (!jcr->crypto.pki_recipients) {
Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
- extract = false;
+ rctx.extract = false;
bclose(&rctx.bfd);
break;
}
jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
if (!jcr->crypto.digest) {
Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
- extract = false;
+ rctx.extract = false;
bclose(&rctx.bfd);
break;
}
}
if (cryptoerr != CRYPTO_ERROR_NONE) {
- extract = false;
+ rctx.extract = false;
bclose(&rctx.bfd);
continue;
}
case STREAM_ENCRYPTED_FILE_GZIP_DATA:
case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
/* Force an expected, consistent stream type here */
- if (extract && (rctx.prev_stream == rctx.stream
+ if (rctx.extract && (rctx.prev_stream == rctx.stream
|| rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
|| rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
|| rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
if (!rctx.cipher_ctx.cipher) {
if (!rctx.cs) {
Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
- extract = false;
+ rctx.extract = false;
bclose(&rctx.bfd);
continue;
}
&rctx.cipher_ctx.block_size)) == NULL) {
Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
free_session(rctx);
- extract = false;
+ rctx.extract = false;
bclose(&rctx.bfd);
continue;
}
rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
}
- if (extract_data(jcr, &rctx.bfd, sd->msg, sd->msglen, &rctx.fileAddr,
+ if (extract_data(jcr, &rctx.bfd, sd->msg, sd->msglen, &rctx.fileAddr,
rctx.flags, &rctx.cipher_ctx) < 0) {
- extract = false;
+ rctx.extract = false;
bclose(&rctx.bfd);
continue;
}
}
break;
- /* Resource fork stream - only recorded after a file to be restored */
- /* Silently ignore if we cannot write - we already reported that */
+ /*
+ * Resource fork stream - only recorded after a file to be restored
+ * Silently ignore if we cannot write - we already reported that
+ */
case STREAM_ENCRYPTED_MACOS_FORK_DATA:
case STREAM_MACOS_FORK_DATA:
-#ifdef HAVE_DARWIN_OS
- rctx.fork_flags = 0;
- jcr->ff->flags |= FO_HFSPLUS;
-
- if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
- rctx.fork_flags |= FO_ENCRYPT;
-
- /* Set up a decryption context */
- if (extract && !rctx.fork_cipher_ctx.cipher) {
- if (!rctx.cs) {
- Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
- extract = false;
- bclose(&rctx.bfd);
- continue;
- }
+ if (have_darwin_os) {
+ rctx.fork_flags = 0;
+ jcr->ff->flags |= FO_HFSPLUS;
- if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
- Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
- free_session(rctx);
- extract = false;
- bclose(&rctx.bfd);
- continue;
+ if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
+ rctx.fork_flags |= FO_ENCRYPT;
+
+ /* Set up a decryption context */
+ if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
+ if (!rctx.cs) {
+ Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
+ rctx.extract = false;
+ bclose(&rctx.bfd);
+ continue;
+ }
+
+ if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
+ Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
+ free_session(rctx);
+ rctx.extract = false;
+ bclose(&rctx.bfd);
+ continue;
+ }
}
}
- }
- if (extract) {
- if (rctx.prev_stream != rctx.stream) {
- if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
- Jmsg(jcr, M_ERROR, 0, _(" Cannot open resource fork for %s.\n"), jcr->last_fname);
- extract = false;
- continue;
- }
+ if (rctx.extract) {
+ if (rctx.prev_stream != rctx.stream) {
+ if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
+ Jmsg(jcr, M_ERROR, 0, _(" Cannot open resource fork for %s.\n"), jcr->last_fname);
+ rctx.extract = false;
+ continue;
+ }
- rctx.fork_size = rsrc_len;
- Dmsg0(30, "Restoring resource fork\n");
- }
+ rctx.fork_size = rsrc_len;
+ Dmsg0(130, "Restoring resource fork\n");
+ }
- if (extract_data(jcr, &rctx.forkbfd, sd->msg, sd->msglen, &rctx.fork_addr, rctx.fork_flags,
- &rctx.fork_cipher_ctx) < 0) {
- extract = false;
- bclose(&rctx.forkbfd);
- continue;
+ if (extract_data(jcr, &rctx.forkbfd, sd->msg, sd->msglen, &rctx.fork_addr, rctx.fork_flags,
+ &rctx.fork_cipher_ctx) < 0) {
+ rctx.extract = false;
+ bclose(&rctx.forkbfd);
+ continue;
+ }
}
+ } else {
+ non_support_rsrc++;
}
-#else
- non_support_rsrc++;
-#endif
break;
case STREAM_HFSPLUS_ATTRIBUTES:
-#ifdef HAVE_DARWIN_OS
- Dmsg0(30, "Restoring Finder Info\n");
- jcr->ff->flags |= FO_HFSPLUS;
- if (sd->msglen != 32) {
- Jmsg(jcr, M_ERROR, 0, _(" Invalid length of Finder Info (got %d, not 32)\n"), sd->msglen);
- continue;
- }
- if (setattrlist(jcr->last_fname, &attrList, sd->msg, sd->msglen, 0) != 0) {
- Jmsg(jcr, M_ERROR, 0, _(" Could not set Finder Info on %s\n"), jcr->last_fname);
- continue;
+ if (have_darwin_os) {
+ Dmsg0(130, "Restoring Finder Info\n");
+ jcr->ff->flags |= FO_HFSPLUS;
+ if (sd->msglen != 32) {
+ Jmsg(jcr, M_ERROR, 0, _(" Invalid length of Finder Info (got %d, not 32)\n"), sd->msglen);
+ continue;
+ }
+ if (setattrlist(jcr->last_fname, &attrList, sd->msg, sd->msglen, 0) != 0) {
+ Jmsg(jcr, M_ERROR, 0, _(" Could not set Finder Info on %s\n"), jcr->last_fname);
+ continue;
+ }
+ } else {
+ non_support_finfo++;
}
-#else
- non_support_finfo++;
-#endif
break;
case STREAM_UNIX_ACCESS_ACL:
+ case STREAM_UNIX_DEFAULT_ACL:
+ case STREAM_ACL_AIX_TEXT:
+ case STREAM_ACL_DARWIN_ACCESS_ACL:
+ case STREAM_ACL_FREEBSD_DEFAULT_ACL:
+ case STREAM_ACL_FREEBSD_ACCESS_ACL:
+ case STREAM_ACL_HPUX_ACL_ENTRY:
+ case STREAM_ACL_IRIX_DEFAULT_ACL:
+ case STREAM_ACL_IRIX_ACCESS_ACL:
+ case STREAM_ACL_LINUX_DEFAULT_ACL:
+ case STREAM_ACL_LINUX_ACCESS_ACL:
+ case STREAM_ACL_TRU64_DEFAULT_ACL:
+ case STREAM_ACL_TRU64_DEFAULT_DIR_ACL:
+ case STREAM_ACL_TRU64_ACCESS_ACL:
+ case STREAM_ACL_SOLARIS_ACLENT:
+ case STREAM_ACL_SOLARIS_ACE:
+ /*
+ * Do not restore ACLs when
+ * a) The current file is not extracted
+ * b) and it is not a directory (they are never "extracted")
+ * c) or the file name is empty
+ */
+ if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) {
+ break;
+ }
if (have_acl) {
- pm_strcpy(jcr->acl_text, sd->msg);
- Dmsg2(400, "Restoring ACL type 0x%2x <%s>\n", BACL_TYPE_ACCESS, jcr->acl_text);
- if (bacl_set(jcr, BACL_TYPE_ACCESS) != 0) {
- Qmsg1(jcr, M_WARNING, 0, _("Can't restore ACL of %s\n"), jcr->last_fname);
+ pm_memcpy(jcr->acl_data->content, sd->msg, sd->msglen);
+ jcr->acl_data->content_length = sd->msglen;
+ switch (parse_acl_streams(jcr, rctx.stream)) {
+ case bacl_exit_fatal:
+ goto bail_out;
+ case bacl_exit_error:
+ /*
+ * Non-fatal errors, count them and when the number is under ACL_REPORT_ERR_MAX_PER_JOB
+ * print the error message set by the lower level routine in jcr->errmsg.
+ */
+ if (jcr->acl_data->nr_errors < ACL_REPORT_ERR_MAX_PER_JOB) {
+ Qmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
+ }
+ jcr->acl_data->nr_errors++;
+ break;
+ case bacl_exit_ok:
+ break;
}
} else {
non_support_acl++;
}
break;
- case STREAM_UNIX_DEFAULT_ACL:
- if (have_acl) {
- pm_strcpy(jcr->acl_text, sd->msg);
- Dmsg2(400, "Restoring ACL type 0x%2x <%s>\n", BACL_TYPE_DEFAULT, jcr->acl_text);
- if (bacl_set(jcr, BACL_TYPE_DEFAULT) != 0) {
- Qmsg1(jcr, M_WARNING, 0, _("Can't restore default ACL of %s\n"), jcr->last_fname);
+ case STREAM_XATTR_SOLARIS_SYS:
+ case STREAM_XATTR_SOLARIS:
+ case STREAM_XATTR_DARWIN:
+ case STREAM_XATTR_FREEBSD:
+ case STREAM_XATTR_LINUX:
+ case STREAM_XATTR_NETBSD:
+ /*
+ * Do not restore Extended Attributes when
+ * a) The current file is not extracted
+ * b) and it is not a directory (they are never "extracted")
+ * c) or the file name is empty
+ */
+ if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) {
+ break;
+ }
+ if (have_xattr) {
+ pm_memcpy(jcr->xattr_data->content, sd->msg, sd->msglen);
+ jcr->xattr_data->content_length = sd->msglen;
+ switch (parse_xattr_streams(jcr, rctx.stream)) {
+ case bxattr_exit_fatal:
+ goto bail_out;
+ case bxattr_exit_error:
+ /*
+ * Non-fatal errors, count them and when the number is under XATTR_REPORT_ERR_MAX_PER_JOB
+ * print the error message set by the lower level routine in jcr->errmsg.
+ */
+ if (jcr->xattr_data->nr_errors < XATTR_REPORT_ERR_MAX_PER_JOB) {
+ Qmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
+ }
+ jcr->xattr_data->nr_errors++;
+ break;
+ case bxattr_exit_ok:
+ break;
}
} else {
- non_support_acl++;
+ non_support_xattr++;
}
break;
continue;
}
/* Save signature. */
- if (extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)sd->msg, (uint32_t)sd->msglen)) == NULL) {
+ if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)sd->msg, (uint32_t)sd->msglen)) == NULL) {
Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
}
break;
}
break;
- default:
- /* If extracting, wierd stream (not 1 or 2), close output file anyway */
- if (extract) {
- Dmsg1(30, "Found wierd stream %d\n", rctx.stream);
- if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
- Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
- }
- /* Flush and deallocate cipher context */
- deallocate_cipher(rctx);
- deallocate_fork_cipher(rctx);
-
- set_attributes(jcr, attr, &rctx.bfd);
+ case STREAM_PLUGIN_NAME:
+ close_previous_stream(rctx);
+ Dmsg1(50, "restore stream_plugin_name=%s\n", sd->msg);
+ plugin_name_stream(jcr, sd->msg);
+ break;
- /* Verify the cryptographic signature if any */
- rctx.type = attr->type;
- verify_signature(jcr, rctx);
- extract = false;
- } else if (is_bopen(&rctx.bfd)) {
- Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
- bclose(&rctx.bfd);
- }
+ default:
+ close_previous_stream(rctx);
Jmsg(jcr, M_ERROR, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
rctx.stream);
Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, sd->msg);
} /* end while get_msg() */
- /* If output file is still open, it was the last one in the
+ /*
+ * If output file is still open, it was the last one in the
* archive since we just hit an end of file, so close the file.
*/
if (is_bopen(&rctx.forkbfd)) {
bclose_chksize(jcr, &rctx.forkbfd, rctx.fork_size);
}
- if (extract) {
- /* Flush and deallocate cipher context */
- deallocate_cipher(rctx);
- deallocate_fork_cipher(rctx);
-
- set_attributes(jcr, attr, &rctx.bfd);
-
- /* Verify the cryptographic signature on the last file, if any */
- rctx.type = attr->type;
- verify_signature(jcr, rctx);
- }
-
- if (is_bopen(&rctx.bfd)) {
- bclose(&rctx.bfd);
- }
+ close_previous_stream(rctx);
set_jcr_job_status(jcr, JS_Terminated);
goto ok_out;
set_jcr_job_status(jcr, JS_ErrorTerminated);
ok_out:
- /* Free Signature & Crypto Data */
+ /*
+ * First output the statistics.
+ */
+ Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
+ edit_uint64(jcr->JobBytes, ec1));
+ if (have_acl && jcr->acl_data->nr_errors > 0) {
+ Jmsg(jcr, M_ERROR, 0, _("Encountered %ld acl errors while doing restore\n"),
+ jcr->acl_data->nr_errors);
+ }
+ if (have_xattr && jcr->xattr_data->nr_errors > 0) {
+ Jmsg(jcr, M_ERROR, 0, _("Encountered %ld xattr errors while doing restore\n"),
+ jcr->xattr_data->nr_errors);
+ }
+ if (non_support_data > 1 || non_support_attr > 1) {
+ Jmsg(jcr, M_ERROR, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
+ non_support_data, non_support_attr);
+ }
+ if (non_support_rsrc) {
+ Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_support_rsrc);
+ }
+ if (non_support_finfo) {
+ Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_support_rsrc);
+ }
+ if (non_support_acl) {
+ Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_support_acl);
+ }
+ if (non_support_crypto) {
+ Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_support_acl);
+ }
+ if (non_support_xattr) {
+ Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_support_xattr);
+ }
+
+ /*
+ * Free Signature & Crypto Data
+ */
free_signature(rctx);
free_session(rctx);
if (jcr->crypto.digest) {
jcr->crypto.digest = NULL;
}
- /* Free file cipher restore context */
+ /*
+ * Free file cipher restore context
+ */
if (rctx.cipher_ctx.cipher) {
crypto_cipher_free(rctx.cipher_ctx.cipher);
rctx.cipher_ctx.cipher = NULL;
}
+
if (rctx.cipher_ctx.buf) {
free_pool_memory(rctx.cipher_ctx.buf);
rctx.cipher_ctx.buf = NULL;
}
- /* Free alternate stream cipher restore context */
+ /*
+ * Free alternate stream cipher restore context
+ */
if (rctx.fork_cipher_ctx.cipher) {
crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
rctx.fork_cipher_ctx.cipher = NULL;
}
if (jcr->compress_buf) {
- free(jcr->compress_buf);
+ free_pool_memory(jcr->compress_buf);
jcr->compress_buf = NULL;
jcr->compress_buf_size = 0;
}
- bclose(&rctx.forkbfd);
- bclose(&rctx.bfd);
- free_attr(attr);
- free_pool_memory(jcr->acl_text);
- Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
- edit_uint64(jcr->JobBytes, ec1));
- if (non_support_data > 1 || non_support_attr > 1) {
- Jmsg(jcr, M_ERROR, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
- non_support_data, non_support_attr);
- }
- if (non_support_rsrc) {
- Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_support_rsrc);
- }
- if (non_support_finfo) {
- Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_support_rsrc);
- }
- if (non_support_acl) {
- Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_support_acl);
+
+ if (have_acl && jcr->acl_data) {
+ free_pool_memory(jcr->acl_data->content);
+ free(jcr->acl_data);
+ jcr->acl_data = NULL;
}
- if (non_support_crypto) {
- Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_support_acl);
+
+ if (have_xattr && jcr->xattr_data) {
+ free_pool_memory(jcr->xattr_data->content);
+ free(jcr->xattr_data);
+ jcr->xattr_data = NULL;
}
+ bclose(&rctx.forkbfd);
+ bclose(&rctx.bfd);
+ free_attr(rctx.attr);
}
#ifdef HAVE_LIBZ
}
#endif
-static int do_file_digest(FF_PKT *ff_pkt, void *pkt, bool top_level)
+static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
{
- JCR *jcr = (JCR *)pkt;
Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
}
* be used in Bacula.
*/
compress_len = jcr->compress_buf_size;
- Dmsg2(100, "Comp_len=%d msglen=%d\n", compress_len, *length);
- if ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
- (const Byte *)*data, (uLong)*length)) != Z_OK) {
+ Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
+ while ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
+ (const Byte *)*data, (uLong)*length)) == Z_BUF_ERROR)
+ {
+ /* The buffer size is too small, try with a bigger one */
+ compress_len = jcr->compress_buf_size = jcr->compress_buf_size + jcr->compress_buf_size >> 1;
+ Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
+ jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
+ compress_len);
+ }
+ if (stat != Z_OK) {
Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
- jcr->last_fname, zlib_strerror(stat));
+ jcr->last_fname, zlib_strerror(stat));
return false;
}
*data = jcr->compress_buf;
*length = compress_len;
- Dmsg2(100, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
+ Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
return true;
#else
Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
* Return value is the number of bytes written, or -1 on errors.
*/
int32_t extract_data(JCR *jcr, BFILE *bfd, POOLMEM *buf, int32_t buflen,
- uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx)
+ uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx)
{
char *wbuf; /* write buffer */
uint32_t wsize; /* write size */
&decrypted_len)) {
/* Decryption failed. Shouldn't happen. */
Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
- return -1;
+ goto bail_out;
}
if (decrypted_len == 0) {
return 0;
}
- Dmsg2(100, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
+ Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
cipher_ctx->buf_len += decrypted_len;
wbuf = cipher_ctx->buf;
wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
cipher_ctx->buf_len -= cipher_ctx->packet_len;
- Dmsg2(30, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
+ Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
}
if (flags & FO_SPARSE) {
if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
- return -1;
+ goto bail_out;
}
}
if (flags & FO_GZIP) {
if (!decompress_data(jcr, &wbuf, &wsize)) {
- return -1;
+ goto bail_out;
}
}
if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
- return -1;
+ goto bail_out;
}
jcr->JobBytes += wsize;
*addr += wsize;
- Dmsg2(30, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
+ Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
/* Clean up crypto buffers */
if (flags & FO_ENCRYPT) {
/* Move any remaining data to start of buffer */
if (cipher_ctx->buf_len > 0) {
- Dmsg1(30, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
+ Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
cipher_ctx->buf_len);
}
* packet length may be re-read by unser_crypto_packet_len() */
cipher_ctx->packet_len = 0;
}
-
return wsize;
+
+bail_out:
+ return -1;
+}
+
+
+/*
+ * If extracting, close any previous stream
+ */
+static void close_previous_stream(r_ctx &rctx)
+{
+ /*
+ * If extracting, it was from previous stream, so
+ * close the output file and validate the signature.
+ */
+ if (rctx.extract) {
+ if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
+ Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
+ Dmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
+ is_bopen(&rctx.bfd));
+ }
+
+ if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
+ deallocate_cipher(rctx);
+ deallocate_fork_cipher(rctx);
+ }
+
+ if (rctx.jcr->plugin) {
+ plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
+ } else {
+ set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
+ }
+ rctx.extract = false;
+
+ /* Verify the cryptographic signature, if any */
+ rctx.type = rctx.attr->type;
+ verify_signature(rctx.jcr, rctx);
+
+ /* Free Signature */
+ free_signature(rctx);
+ free_session(rctx);
+ rctx.jcr->ff->flags = 0;
+ Dmsg0(130, "Stop extracting.\n");
+ } else if (is_bopen(&rctx.bfd)) {
+ Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
+ Dmsg0(000, "=== logic error !open\n");
+ bclose(&rctx.bfd);
+ }
}
+
/*
* In the context of jcr, flush any remaining data from the cipher context,
* writing it to bfd.
cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
}
- Dmsg2(30, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
+ Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
/* If nothing new was decrypted, and our output buffer is empty, return */
if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
return true;
wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Decrypted, possibly decompressed output here. */
cipher_ctx->buf_len -= cipher_ctx->packet_len;
- Dmsg2(30, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
+ Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
if (flags & FO_SPARSE) {
if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {
}
}
- Dmsg0(30, "Call store_data\n");
+ Dmsg0(130, "Call store_data\n");
if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
return false;
}
jcr->JobBytes += wsize;
- Dmsg2(30, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
+ Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
/* Move any remaining data to start of buffer */
if (cipher_ctx->buf_len > 0) {
- Dmsg1(30, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
+ Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
cipher_ctx->buf_len);
}
projects / bacula / bacula / blobdiff