X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=bacula%2Fsrc%2Ffiled%2Ffiled_conf.c;h=5812c904b1f6ea2d77b2d9aebb6af414c987d9ad;hb=c37638750b04e222c9436d70c55d28193c58a86f;hp=0f5274d593d973566dcd7e6147d7389f1cf4f88c;hpb=35b473accde9302e56dc6cca25be49ebd71cc2c0;p=bacula%2Fbacula diff --git a/bacula/src/filed/filed_conf.c b/bacula/src/filed/filed_conf.c index 0f5274d593..5812c904b1 100644 --- a/bacula/src/filed/filed_conf.c +++ b/bacula/src/filed/filed_conf.c @@ -22,19 +22,32 @@ * Version $Id$ */ /* - Copyright (C) 2000-2005 Kern Sibbald + Bacula® - The Network Backup Solution - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License - version 2 as amended with additional clauses defined in the - file LICENSE in the main source directory. + Copyright (C) 2000-2006 Free Software Foundation Europe e.V. - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - the file LICENSE for additional details. + The main author of Bacula is Kern Sibbald, with contributions from + many others, a complete list can be found in the file AUTHORS. + This program is Free Software; you can redistribute it and/or + modify it under the terms of version two of the GNU General Public + License as published by the Free Software Foundation plus additions + that are listed in the file LICENSE. - */ + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301, USA. + + Bacula® is a registered trademark of John Walker. + The licensor of Bacula is the Free Software Foundation Europe + (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich, + Switzerland, email:ftf@fsfeurope.org. +*/ #include "bacula.h" #include "filed.h" @@ -57,15 +70,14 @@ RES **res_head = sres_head; * then move it to allocated memory when the resource * scan is complete. */ -#if defined(HAVE_WIN32) && !defined(HAVE_CYGWIN) +#if defined(_MSC_VER) extern "C" { // work around visual compiler mangling variables URES res_all; - int res_all_size = sizeof(res_all); } #else URES res_all; -int res_all_size = sizeof(res_all); #endif +int res_all_size = sizeof(res_all); /* Definition of records permitted within each * resource with the routine to process the record @@ -89,13 +101,18 @@ static RES_ITEM cli_items[] = { {"heartbeatinterval", store_time, ITEM(res_client.heartbeat_interval), 0, ITEM_DEFAULT, 0}, {"sdconnecttimeout", store_time,ITEM(res_client.SDConnectTimeout), 0, ITEM_DEFAULT, 60 * 30}, {"maximumnetworkbuffersize", store_pint, ITEM(res_client.max_network_buffer_size), 0, 0, 0}, - {"tlsenable", store_yesno, ITEM(res_client.tls_enable), 0, 0, 0}, - {"tlsrequire", store_yesno, ITEM(res_client.tls_require), 0, 0, 0}, - {"tlscacertificatefile", store_dir, ITEM(res_client.tls_ca_certfile), 0, 0, 0}, - {"tlscacertificatedir", store_dir, ITEM(res_client.tls_ca_certdir), 0, 0, 0}, - {"tlscertificate", store_dir, ITEM(res_client.tls_certfile), 0, 0, 0}, - {"tlskey", store_dir, ITEM(res_client.tls_keyfile), 0, 0, 0}, - {NULL, NULL, NULL, 0, 0, 0} + {"pkisignatures", store_bool, ITEM(res_client.pki_sign), 0, ITEM_DEFAULT, 0}, + {"pkiencryption", store_bool, ITEM(res_client.pki_encrypt), 0, ITEM_DEFAULT, 0}, + {"pkikeypair", store_dir, ITEM(res_client.pki_keypair_file), 0, 0, 0}, + {"pkisigner", store_alist_str, ITEM(res_client.pki_signing_key_files), 0, 0, 0}, + {"pkimasterkey", store_alist_str, ITEM(res_client.pki_master_key_files), 0, 0, 0}, + {"tlsenable", store_bool, ITEM(res_client.tls_enable), 0, 0, 0}, + {"tlsrequire", store_bool, ITEM(res_client.tls_require), 0, 0, 0}, + {"tlscacertificatefile", store_dir, ITEM(res_client.tls_ca_certfile), 0, 0, 0}, + {"tlscacertificatedir", store_dir, ITEM(res_client.tls_ca_certdir), 0, 0, 0}, + {"tlscertificate", store_dir, ITEM(res_client.tls_certfile), 0, 0, 0}, + {"tlskey", store_dir, ITEM(res_client.tls_keyfile), 0, 0, 0}, + {NULL, NULL, {0}, 0, 0, 0} }; /* Directors that can use our services */ @@ -104,17 +121,17 @@ static RES_ITEM dir_items[] = { {"description", store_str, ITEM(res_dir.hdr.desc), 0, 0, 0}, {"password", store_password, ITEM(res_dir.password), 0, ITEM_REQUIRED, 0}, {"address", store_str, ITEM(res_dir.address), 0, 0, 0}, - {"monitor", store_yesno, ITEM(res_dir.monitor), 1, ITEM_DEFAULT, 0}, - {"tlsenable", store_yesno, ITEM(res_dir.tls_enable), 0, 0, 0}, - {"tlsrequire", store_yesno, ITEM(res_dir.tls_require), 0, 0, 0}, - {"tlsverifypeer", store_yesno, ITEM(res_dir.tls_verify_peer), 1, ITEM_DEFAULT, 1}, + {"monitor", store_bool, ITEM(res_dir.monitor), 0, ITEM_DEFAULT, 0}, + {"tlsenable", store_bool, ITEM(res_dir.tls_enable), 0, 0, 0}, + {"tlsrequire", store_bool, ITEM(res_dir.tls_require), 0, 0, 0}, + {"tlsverifypeer", store_bool, ITEM(res_dir.tls_verify_peer), 0, ITEM_DEFAULT, 1}, {"tlscacertificatefile", store_dir, ITEM(res_dir.tls_ca_certfile), 0, 0, 0}, {"tlscacertificatedir", store_dir, ITEM(res_dir.tls_ca_certdir), 0, 0, 0}, {"tlscertificate", store_dir, ITEM(res_dir.tls_certfile), 0, 0, 0}, {"tlskey", store_dir, ITEM(res_dir.tls_keyfile), 0, 0, 0}, {"tlsdhfile", store_dir, ITEM(res_dir.tls_dhfile), 0, 0, 0}, {"tlsallowedcn", store_alist_str, ITEM(res_dir.tls_allowed_cns), 0, 0, 0}, - {NULL, NULL, NULL, 0, 0, 0} + {NULL, NULL, {0}, 0, 0, 0} }; /* Message resource */ @@ -240,6 +257,37 @@ void free_resource(RES *sres, int type) if (res->res_client.FDaddrs) { free_addresses(res->res_client.FDaddrs); } + + if (res->res_client.pki_keypair_file) { + free(res->res_client.pki_keypair_file); + } + if (res->res_client.pki_keypair) { + crypto_keypair_free(res->res_client.pki_keypair); + } + + if (res->res_client.pki_signing_key_files) { + delete res->res_client.pki_signing_key_files; + } + if (res->res_client.pki_signers) { + X509_KEYPAIR *keypair; + foreach_alist(keypair, res->res_client.pki_signers) { + crypto_keypair_free(keypair); + } + delete res->res_client.pki_signers; + } + + if (res->res_client.pki_master_key_files) { + delete res->res_client.pki_master_key_files; + } + + if (res->res_client.pki_recipients) { + X509_KEYPAIR *keypair; + foreach_alist(keypair, res->res_client.pki_recipients) { + crypto_keypair_free(keypair); + } + delete res->res_client.pki_recipients; + } + if (res->res_client.tls_ctx) { free_tls_context(res->res_client.tls_ctx); } @@ -321,6 +369,12 @@ void save_resource(int type, RES_ITEM *items, int pass) if ((res = (URES *)GetResWithName(R_CLIENT, res_all.res_dir.hdr.name)) == NULL) { Emsg1(M_ABORT, 0, _("Cannot find Client resource %s\n"), res_all.res_dir.hdr.name); } + res->res_client.pki_signing_key_files = res_all.res_client.pki_signing_key_files; + res->res_client.pki_master_key_files = res_all.res_client.pki_master_key_files; + + res->res_client.pki_signers = res_all.res_client.pki_signers; + res->res_client.pki_recipients = res_all.res_client.pki_recipients; + res->res_client.messages = res_all.res_client.messages; break; default: