X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=bacula%2Fsrc%2Ffiled%2Frestore.c;h=f9e8c5f8cb827b2f3db94c28b0335364fc22919b;hb=5c53840c9a02cefaaa45aee96c02c6f9cdaf3703;hp=461d79b9e599c816fae4d5760ae987081fdbc11c;hpb=42867b26d894413176e71e518841400da7581217;p=bacula%2Fbacula diff --git a/bacula/src/filed/restore.c b/bacula/src/filed/restore.c index 461d79b9e5..f9e8c5f8cb 100644 --- a/bacula/src/filed/restore.c +++ b/bacula/src/filed/restore.c @@ -30,8 +30,6 @@ * * Kern Sibbald, November MM * - * Version $Id$ - * */ #include "bacula.h" @@ -57,11 +55,16 @@ const bool have_acl = false; #endif #ifdef HAVE_SHA2 - const bool have_sha2 = true; +const bool have_sha2 = true; #else - const bool have_sha2 = false; +const bool have_sha2 = false; #endif +#if defined(HAVE_XATTR) +const bool have_xattr = true; +#else +const bool have_xattr = false; +#endif /* Data received from Storage Daemon */ static char rec_header[] = "rechdr %ld %ld %ld %ld %ld"; @@ -88,6 +91,8 @@ struct r_ctx { intmax_t fork_size; /* Size of alternate stream */ int fork_flags; /* Options for extract_data() */ int32_t type; /* file type FT_ */ + ATTR *attr; /* Pointer to attributes */ + bool extract; /* set when extracting */ SIGNATURE *sig; /* Cryptographic signature (if any) for file */ CRYPTO_SESSION *cs; /* Cryptographic session data (if any) for file */ @@ -108,6 +113,7 @@ static void deallocate_cipher(r_ctx &rctx); static void deallocate_fork_cipher(r_ctx &rctx); static void free_signature(r_ctx &rctx); static void free_session(r_ctx &rctx); +static void close_previous_stream(r_ctx &rctx); @@ -147,14 +153,13 @@ void do_restore(JCR *jcr) { BSOCK *sd; uint32_t VolSessionId, VolSessionTime; - bool extract = false; int32_t file_index; char ec1[50]; /* Buffer printing huge values */ uint32_t buf_size; /* client buffer size */ int stat; - ATTR *attr; intmax_t rsrc_len = 0; /* Original length of resource fork */ r_ctx rctx; + ATTR *attr; /* ***FIXME*** make configurable */ crypto_digest_t signing_algorithm = have_sha2 ? CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1; @@ -169,6 +174,7 @@ void do_restore(JCR *jcr) int non_support_acl = 0; int non_support_progname = 0; int non_support_crypto = 0; + int non_support_xattr = 0; #ifdef HAVE_DARWIN_OS struct attrlist attrList; @@ -199,7 +205,7 @@ void do_restore(JCR *jcr) if (have_libz) { uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100; - jcr->compress_buf = (char *)bmalloc(compress_buf_size); + jcr->compress_buf = get_memory(compress_buf_size); jcr->compress_buf_size = compress_buf_size; } @@ -221,8 +227,9 @@ void do_restore(JCR *jcr) * d. Alternate data stream (e.g. Resource Fork) * e. Finder info * f. ACLs - * g. Possibly a cryptographic signature - * h. Possibly MD5 or SHA1 record + * g. XATTRs + * h. Possibly a cryptographic signature + * i. Possibly MD5 or SHA1 record * 3. Repeat step 1 * * NOTE: We keep track of two bacula file descriptors: @@ -240,10 +247,17 @@ void do_restore(JCR *jcr) */ binit(&rctx.bfd); binit(&rctx.forkbfd); - attr = new_attr(jcr); - jcr->acl_text = get_pool_memory(PM_MESSAGE); - - + attr = rctx.attr = new_attr(jcr); + if (have_acl) { + jcr->acl_data = (acl_data_t *)malloc(sizeof(acl_data_t)); + memset((caddr_t)jcr->acl_data, 0, sizeof(acl_data_t)); + jcr->acl_data->content = get_pool_memory(PM_MESSAGE); + } + if (have_xattr) { + jcr->xattr_data = (xattr_data_t *)malloc(sizeof(xattr_data_t)); + memset((caddr_t)jcr->xattr_data, 0, sizeof(xattr_data_t)); + jcr->xattr_data->content = get_pool_memory(PM_MESSAGE); + } while (bget_msg(sd) >= 0 && !job_canceled(jcr)) { /* Remember previous stream type */ @@ -255,8 +269,8 @@ void do_restore(JCR *jcr) Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), sd->msg); goto bail_out; } - Dmsg4(130, "Got hdr: Files=%d FilInx=%d Stream=%d, %s.\n", - jcr->JobFiles, file_index, rctx.stream, stream_to_ascii(rctx.stream)); + Dmsg5(50, "Got hdr: Files=%d FilInx=%d size=%d Stream=%d, %s.\n", + jcr->JobFiles, file_index, rctx.size, rctx.stream, stream_to_ascii(rctx.stream)); /* * Now we expect the Stream Data */ if (bget_msg(sd) < 0) { @@ -266,10 +280,12 @@ void do_restore(JCR *jcr) if (rctx.size != (uint32_t)sd->msglen) { Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"), sd->msglen, rctx.size); + Dmsg2(50, "Actual data size %d not same as header %d\n", + sd->msglen, rctx.size); goto bail_out; } Dmsg3(130, "Got stream: %s len=%d extract=%d\n", stream_to_ascii(rctx.stream), - sd->msglen, extract); + sd->msglen, rctx.extract); /* If we change streams, close and reset alternate data streams */ if (rctx.prev_stream != rctx.stream) { @@ -285,40 +301,8 @@ void do_restore(JCR *jcr) switch (rctx.stream) { case STREAM_UNIX_ATTRIBUTES: case STREAM_UNIX_ATTRIBUTES_EX: - /* - * If extracting, it was from previous stream, so - * close the output file and validate the signature. - */ - if (extract) { - if (rctx.size > 0 && !is_bopen(&rctx.bfd)) { - Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should be open\n")); - } - - if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) { - deallocate_cipher(rctx); - deallocate_fork_cipher(rctx); - } - - if (jcr->plugin) { - plugin_set_attributes(jcr, attr, &rctx.bfd); - } else { - set_attributes(jcr, attr, &rctx.bfd); - } - extract = false; + close_previous_stream(rctx); /* if any previous stream open, close it */ - /* Verify the cryptographic signature, if any */ - rctx.type = attr->type; - verify_signature(jcr, rctx); - - /* Free Signature */ - free_signature(rctx); - free_session(rctx); - jcr->ff->flags = 0; - Dmsg0(130, "Stop extracting.\n"); - } else if (is_bopen(&rctx.bfd)) { - Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should not be open\n")); - bclose(&rctx.bfd); - } /* TODO: manage deleted files */ if (rctx.type == FT_DELETED) { /* deleted file */ @@ -331,12 +315,14 @@ void do_restore(JCR *jcr) if (!unpack_attributes_record(jcr, rctx.stream, sd->msg, attr)) { goto bail_out; } +#ifdef xxx if (file_index != attr->file_index) { Jmsg(jcr, M_FATAL, 0, _("Record header file index %ld not equal record index %ld\n"), file_index, attr->file_index); Dmsg0(200, "File index error\n"); goto bail_out; } +#endif Dmsg3(200, "File %s\nattrib=%s\nattribsEx=%s\n", attr->fname, attr->attr, attr->attrEx); @@ -358,26 +344,27 @@ void do_restore(JCR *jcr) * us if we need to extract or not. */ jcr->num_files_examined++; - extract = false; + rctx.extract = false; if (jcr->plugin) { stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace); } else { stat = create_file(jcr, attr, &rctx.bfd, jcr->replace); } + jcr->lock(); + pm_strcpy(jcr->last_fname, attr->ofname); + jcr->last_type = attr->type; + jcr->unlock(); Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat); switch (stat) { case CF_ERROR: case CF_SKIP: + pm_strcpy(jcr->last_fname, attr->ofname); + jcr->last_type = attr->type; break; case CF_EXTRACT: /* File created and we expect file data */ - extract = true; + rctx.extract = true; /* FALLTHROUGH */ case CF_CREATED: /* File created, but there is no content */ - jcr->lock(); - pm_strcpy(jcr->last_fname, attr->ofname); - jcr->last_type = attr->type; - jcr->JobFiles++; - jcr->unlock(); rctx.fileAddr = 0; print_ls_output(jcr, attr); @@ -385,10 +372,20 @@ void do_restore(JCR *jcr) /* Only restore the resource fork for regular files */ from_base64(&rsrc_len, attr->attrEx); if (attr->type == FT_REG && rsrc_len > 0) { - extract = true; + rctx.extract = true; } + + /* + * Count the resource forks not as regular files being restored. + */ + if (rsrc_len == 0) { + jcr->JobFiles++; + } + } else { + jcr->JobFiles++; } - if (!extract) { + + if (!rctx.extract) { /* set attributes now because file will not be extracted */ if (jcr->plugin) { plugin_set_attributes(jcr, attr, &rctx.bfd); @@ -407,7 +404,7 @@ void do_restore(JCR *jcr) /* Is this an unexpected session data entry? */ if (rctx.cs) { Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n")); - extract = false; + rctx.extract = false; bclose(&rctx.bfd); continue; } @@ -415,7 +412,7 @@ void do_restore(JCR *jcr) /* Do we have any keys at all? */ if (!jcr->crypto.pki_recipients) { Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n")); - extract = false; + rctx.extract = false; bclose(&rctx.bfd); break; } @@ -426,7 +423,7 @@ void do_restore(JCR *jcr) jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm); if (!jcr->crypto.digest) { Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n")); - extract = false; + rctx.extract = false; bclose(&rctx.bfd); break; } @@ -451,7 +448,7 @@ void do_restore(JCR *jcr) } if (cryptoerr != CRYPTO_ERROR_NONE) { - extract = false; + rctx.extract = false; bclose(&rctx.bfd); continue; } @@ -469,7 +466,7 @@ void do_restore(JCR *jcr) case STREAM_ENCRYPTED_FILE_GZIP_DATA: case STREAM_ENCRYPTED_WIN32_GZIP_DATA: /* Force an expected, consistent stream type here */ - if (extract && (rctx.prev_stream == rctx.stream + if (rctx.extract && (rctx.prev_stream == rctx.stream || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) { @@ -496,7 +493,7 @@ void do_restore(JCR *jcr) if (!rctx.cipher_ctx.cipher) { if (!rctx.cs) { Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname); - extract = false; + rctx.extract = false; bclose(&rctx.bfd); continue; } @@ -505,7 +502,7 @@ void do_restore(JCR *jcr) &rctx.cipher_ctx.block_size)) == NULL) { Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname); free_session(rctx); - extract = false; + rctx.extract = false; bclose(&rctx.bfd); continue; } @@ -518,107 +515,173 @@ void do_restore(JCR *jcr) rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */ } - if (extract_data(jcr, &rctx.bfd, sd->msg, sd->msglen, &rctx.fileAddr, + if (extract_data(jcr, &rctx.bfd, sd->msg, sd->msglen, &rctx.fileAddr, rctx.flags, &rctx.cipher_ctx) < 0) { - extract = false; + rctx.extract = false; bclose(&rctx.bfd); continue; } } break; - /* Resource fork stream - only recorded after a file to be restored */ - /* Silently ignore if we cannot write - we already reported that */ + /* + * Resource fork stream - only recorded after a file to be restored + * Silently ignore if we cannot write - we already reported that + */ case STREAM_ENCRYPTED_MACOS_FORK_DATA: case STREAM_MACOS_FORK_DATA: -#ifdef HAVE_DARWIN_OS - rctx.fork_flags = 0; - jcr->ff->flags |= FO_HFSPLUS; - - if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) { - rctx.fork_flags |= FO_ENCRYPT; - - /* Set up a decryption context */ - if (extract && !rctx.fork_cipher_ctx.cipher) { - if (!rctx.cs) { - Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname); - extract = false; - bclose(&rctx.bfd); - continue; - } + if (have_darwin_os) { + rctx.fork_flags = 0; + jcr->ff->flags |= FO_HFSPLUS; - if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) { - Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname); - free_session(rctx); - extract = false; - bclose(&rctx.bfd); - continue; + if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) { + rctx.fork_flags |= FO_ENCRYPT; + + /* Set up a decryption context */ + if (rctx.extract && !rctx.fork_cipher_ctx.cipher) { + if (!rctx.cs) { + Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname); + rctx.extract = false; + bclose(&rctx.bfd); + continue; + } + + if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) { + Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname); + free_session(rctx); + rctx.extract = false; + bclose(&rctx.bfd); + continue; + } } } - } - if (extract) { - if (rctx.prev_stream != rctx.stream) { - if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) { - Jmsg(jcr, M_ERROR, 0, _(" Cannot open resource fork for %s.\n"), jcr->last_fname); - extract = false; - continue; - } + if (rctx.extract) { + if (rctx.prev_stream != rctx.stream) { + if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) { + Jmsg(jcr, M_ERROR, 0, _(" Cannot open resource fork for %s.\n"), jcr->last_fname); + rctx.extract = false; + continue; + } - rctx.fork_size = rsrc_len; - Dmsg0(130, "Restoring resource fork\n"); - } + rctx.fork_size = rsrc_len; + Dmsg0(130, "Restoring resource fork\n"); + } - if (extract_data(jcr, &rctx.forkbfd, sd->msg, sd->msglen, &rctx.fork_addr, rctx.fork_flags, - &rctx.fork_cipher_ctx) < 0) { - extract = false; - bclose(&rctx.forkbfd); - continue; + if (extract_data(jcr, &rctx.forkbfd, sd->msg, sd->msglen, &rctx.fork_addr, rctx.fork_flags, + &rctx.fork_cipher_ctx) < 0) { + rctx.extract = false; + bclose(&rctx.forkbfd); + continue; + } } + } else { + non_support_rsrc++; } -#else - non_support_rsrc++; -#endif break; case STREAM_HFSPLUS_ATTRIBUTES: -#ifdef HAVE_DARWIN_OS - Dmsg0(130, "Restoring Finder Info\n"); - jcr->ff->flags |= FO_HFSPLUS; - if (sd->msglen != 32) { - Jmsg(jcr, M_ERROR, 0, _(" Invalid length of Finder Info (got %d, not 32)\n"), sd->msglen); - continue; - } - if (setattrlist(jcr->last_fname, &attrList, sd->msg, sd->msglen, 0) != 0) { - Jmsg(jcr, M_ERROR, 0, _(" Could not set Finder Info on %s\n"), jcr->last_fname); - continue; + if (have_darwin_os) { + Dmsg0(130, "Restoring Finder Info\n"); + jcr->ff->flags |= FO_HFSPLUS; + if (sd->msglen != 32) { + Jmsg(jcr, M_ERROR, 0, _(" Invalid length of Finder Info (got %d, not 32)\n"), sd->msglen); + continue; + } + if (setattrlist(jcr->last_fname, &attrList, sd->msg, sd->msglen, 0) != 0) { + Jmsg(jcr, M_ERROR, 0, _(" Could not set Finder Info on %s\n"), jcr->last_fname); + continue; + } + } else { + non_support_finfo++; } -#else - non_support_finfo++; -#endif break; case STREAM_UNIX_ACCESS_ACL: + case STREAM_UNIX_DEFAULT_ACL: + case STREAM_ACL_AIX_TEXT: + case STREAM_ACL_DARWIN_ACCESS_ACL: + case STREAM_ACL_FREEBSD_DEFAULT_ACL: + case STREAM_ACL_FREEBSD_ACCESS_ACL: + case STREAM_ACL_HPUX_ACL_ENTRY: + case STREAM_ACL_IRIX_DEFAULT_ACL: + case STREAM_ACL_IRIX_ACCESS_ACL: + case STREAM_ACL_LINUX_DEFAULT_ACL: + case STREAM_ACL_LINUX_ACCESS_ACL: + case STREAM_ACL_TRU64_DEFAULT_ACL: + case STREAM_ACL_TRU64_DEFAULT_DIR_ACL: + case STREAM_ACL_TRU64_ACCESS_ACL: + case STREAM_ACL_SOLARIS_ACLENT: + case STREAM_ACL_SOLARIS_ACE: + /* + * Do not restore ACLs when + * a) The current file is not extracted + * b) and it is not a directory (they are never "extracted") + * c) or the file name is empty + */ + if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) { + break; + } if (have_acl) { - pm_strcpy(jcr->acl_text, sd->msg); - Dmsg2(400, "Restoring ACL type 0x%2x <%s>\n", BACL_TYPE_ACCESS, jcr->acl_text); - if (bacl_set(jcr, BACL_TYPE_ACCESS) != 0) { - Qmsg1(jcr, M_WARNING, 0, _("Can't restore ACL of %s\n"), jcr->last_fname); + pm_memcpy(jcr->acl_data->content, sd->msg, sd->msglen); + jcr->acl_data->content_length = sd->msglen; + switch (parse_acl_streams(jcr, rctx.stream)) { + case bacl_exit_fatal: + goto bail_out; + case bacl_exit_error: + /* + * Non-fatal errors, count them and when the number is under ACL_REPORT_ERR_MAX_PER_JOB + * print the error message set by the lower level routine in jcr->errmsg. + */ + if (jcr->acl_data->nr_errors < ACL_REPORT_ERR_MAX_PER_JOB) { + Qmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg); + } + jcr->acl_data->nr_errors++; + break; + case bacl_exit_ok: + break; } } else { non_support_acl++; } break; - case STREAM_UNIX_DEFAULT_ACL: - if (have_acl) { - pm_strcpy(jcr->acl_text, sd->msg); - Dmsg2(400, "Restoring ACL type 0x%2x <%s>\n", BACL_TYPE_DEFAULT, jcr->acl_text); - if (bacl_set(jcr, BACL_TYPE_DEFAULT) != 0) { - Qmsg1(jcr, M_WARNING, 0, _("Can't restore default ACL of %s\n"), jcr->last_fname); + case STREAM_XATTR_SOLARIS_SYS: + case STREAM_XATTR_SOLARIS: + case STREAM_XATTR_DARWIN: + case STREAM_XATTR_FREEBSD: + case STREAM_XATTR_LINUX: + case STREAM_XATTR_NETBSD: + /* + * Do not restore Extended Attributes when + * a) The current file is not extracted + * b) and it is not a directory (they are never "extracted") + * c) or the file name is empty + */ + if ((!rctx.extract && jcr->last_type != FT_DIREND) || (*jcr->last_fname == 0)) { + break; + } + if (have_xattr) { + pm_memcpy(jcr->xattr_data->content, sd->msg, sd->msglen); + jcr->xattr_data->content_length = sd->msglen; + switch (parse_xattr_streams(jcr, rctx.stream)) { + case bxattr_exit_fatal: + goto bail_out; + case bxattr_exit_error: + /* + * Non-fatal errors, count them and when the number is under XATTR_REPORT_ERR_MAX_PER_JOB + * print the error message set by the lower level routine in jcr->errmsg. + */ + if (jcr->xattr_data->nr_errors < XATTR_REPORT_ERR_MAX_PER_JOB) { + Qmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg); + } + jcr->xattr_data->nr_errors++; + break; + case bxattr_exit_ok: + break; } } else { - non_support_acl++; + non_support_xattr++; } break; @@ -630,7 +693,7 @@ void do_restore(JCR *jcr) continue; } /* Save signature. */ - if (extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)sd->msg, (uint32_t)sd->msglen)) == NULL) { + if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)sd->msg, (uint32_t)sd->msglen)) == NULL) { Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname); } break; @@ -650,35 +713,13 @@ void do_restore(JCR *jcr) break; case STREAM_PLUGIN_NAME: - Dmsg1(000, "restore stream_plugin_name=%s\n", sd->msg); + close_previous_stream(rctx); + Dmsg1(50, "restore stream_plugin_name=%s\n", sd->msg); plugin_name_stream(jcr, sd->msg); break; default: - /* If extracting, wierd stream (not 1 or 2), close output file anyway */ - if (extract) { - Dmsg1(130, "Found wierd stream %d\n", rctx.stream); - if (rctx.size > 0 && !is_bopen(&rctx.bfd)) { - Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should be open\n")); - } - /* Flush and deallocate cipher context */ - deallocate_cipher(rctx); - deallocate_fork_cipher(rctx); - - if (jcr->plugin) { - plugin_set_attributes(jcr, attr, &rctx.bfd); - } else { - set_attributes(jcr, attr, &rctx.bfd); - } - - /* Verify the cryptographic signature if any */ - rctx.type = attr->type; - verify_signature(jcr, rctx); - extract = false; - } else if (is_bopen(&rctx.bfd)) { - Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should not be open\n")); - bclose(&rctx.bfd); - } + close_previous_stream(rctx); Jmsg(jcr, M_ERROR, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"), rctx.stream); Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, sd->msg); @@ -687,32 +728,15 @@ void do_restore(JCR *jcr) } /* end while get_msg() */ - /* If output file is still open, it was the last one in the + /* + * If output file is still open, it was the last one in the * archive since we just hit an end of file, so close the file. */ if (is_bopen(&rctx.forkbfd)) { bclose_chksize(jcr, &rctx.forkbfd, rctx.fork_size); } - if (extract) { - /* Flush and deallocate cipher context */ - deallocate_cipher(rctx); - deallocate_fork_cipher(rctx); - - if (jcr->plugin) { - plugin_set_attributes(jcr, attr, &rctx.bfd); - } else { - set_attributes(jcr, attr, &rctx.bfd); - } - - /* Verify the cryptographic signature on the last file, if any */ - rctx.type = attr->type; - verify_signature(jcr, rctx); - } - - if (is_bopen(&rctx.bfd)) { - bclose(&rctx.bfd); - } + close_previous_stream(rctx); set_jcr_job_status(jcr, JS_Terminated); goto ok_out; @@ -720,7 +744,42 @@ bail_out: set_jcr_job_status(jcr, JS_ErrorTerminated); ok_out: - /* Free Signature & Crypto Data */ + /* + * First output the statistics. + */ + Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles, + edit_uint64(jcr->JobBytes, ec1)); + if (have_acl && jcr->acl_data->nr_errors > 0) { + Jmsg(jcr, M_ERROR, 0, _("Encountered %ld acl errors while doing restore\n"), + jcr->acl_data->nr_errors); + } + if (have_xattr && jcr->xattr_data->nr_errors > 0) { + Jmsg(jcr, M_ERROR, 0, _("Encountered %ld xattr errors while doing restore\n"), + jcr->xattr_data->nr_errors); + } + if (non_support_data > 1 || non_support_attr > 1) { + Jmsg(jcr, M_ERROR, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"), + non_support_data, non_support_attr); + } + if (non_support_rsrc) { + Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_support_rsrc); + } + if (non_support_finfo) { + Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_support_rsrc); + } + if (non_support_acl) { + Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_support_acl); + } + if (non_support_crypto) { + Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_support_acl); + } + if (non_support_xattr) { + Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_support_xattr); + } + + /* + * Free Signature & Crypto Data + */ free_signature(rctx); free_session(rctx); if (jcr->crypto.digest) { @@ -728,17 +787,22 @@ ok_out: jcr->crypto.digest = NULL; } - /* Free file cipher restore context */ + /* + * Free file cipher restore context + */ if (rctx.cipher_ctx.cipher) { crypto_cipher_free(rctx.cipher_ctx.cipher); rctx.cipher_ctx.cipher = NULL; } + if (rctx.cipher_ctx.buf) { free_pool_memory(rctx.cipher_ctx.buf); rctx.cipher_ctx.buf = NULL; } - /* Free alternate stream cipher restore context */ + /* + * Free alternate stream cipher restore context + */ if (rctx.fork_cipher_ctx.cipher) { crypto_cipher_free(rctx.fork_cipher_ctx.cipher); rctx.fork_cipher_ctx.cipher = NULL; @@ -749,33 +813,26 @@ ok_out: } if (jcr->compress_buf) { - free(jcr->compress_buf); + free_pool_memory(jcr->compress_buf); jcr->compress_buf = NULL; jcr->compress_buf_size = 0; } - bclose(&rctx.forkbfd); - bclose(&rctx.bfd); - free_attr(attr); - free_pool_memory(jcr->acl_text); - Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles, - edit_uint64(jcr->JobBytes, ec1)); - if (non_support_data > 1 || non_support_attr > 1) { - Jmsg(jcr, M_ERROR, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"), - non_support_data, non_support_attr); - } - if (non_support_rsrc) { - Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_support_rsrc); - } - if (non_support_finfo) { - Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_support_rsrc); - } - if (non_support_acl) { - Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_support_acl); + + if (have_acl && jcr->acl_data) { + free_pool_memory(jcr->acl_data->content); + free(jcr->acl_data); + jcr->acl_data = NULL; } - if (non_support_crypto) { - Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_support_acl); + + if (have_xattr && jcr->xattr_data) { + free_pool_memory(jcr->xattr_data->content); + free(jcr->xattr_data); + jcr->xattr_data = NULL; } + bclose(&rctx.forkbfd); + bclose(&rctx.bfd); + free_attr(rctx.attr); } #ifdef HAVE_LIBZ @@ -961,10 +1018,18 @@ bool decompress_data(JCR *jcr, char **data, uint32_t *length) */ compress_len = jcr->compress_buf_size; Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length); - if ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len, - (const Byte *)*data, (uLong)*length)) != Z_OK) { + while ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len, + (const Byte *)*data, (uLong)*length)) == Z_BUF_ERROR) + { + /* The buffer size is too small, try with a bigger one */ + compress_len = jcr->compress_buf_size = jcr->compress_buf_size + jcr->compress_buf_size >> 1; + Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length); + jcr->compress_buf = check_pool_memory_size(jcr->compress_buf, + compress_len); + } + if (stat != Z_OK) { Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"), - jcr->last_fname, zlib_strerror(stat)); + jcr->last_fname, zlib_strerror(stat)); return false; } *data = jcr->compress_buf; @@ -1016,7 +1081,7 @@ bool store_data(JCR *jcr, BFILE *bfd, char *data, const int32_t length, bool win * Return value is the number of bytes written, or -1 on errors. */ int32_t extract_data(JCR *jcr, BFILE *bfd, POOLMEM *buf, int32_t buflen, - uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx) + uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx) { char *wbuf; /* write buffer */ uint32_t wsize; /* write size */ @@ -1051,7 +1116,7 @@ int32_t extract_data(JCR *jcr, BFILE *bfd, POOLMEM *buf, int32_t buflen, &decrypted_len)) { /* Decryption failed. Shouldn't happen. */ Jmsg(jcr, M_FATAL, 0, _("Decryption error\n")); - return -1; + goto bail_out; } if (decrypted_len == 0) { @@ -1085,18 +1150,18 @@ int32_t extract_data(JCR *jcr, BFILE *bfd, POOLMEM *buf, int32_t buflen, if (flags & FO_SPARSE) { if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) { - return -1; + goto bail_out; } } if (flags & FO_GZIP) { if (!decompress_data(jcr, &wbuf, &wsize)) { - return -1; + goto bail_out; } } if (!store_data(jcr, bfd, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) { - return -1; + goto bail_out; } jcr->JobBytes += wsize; *addr += wsize; @@ -1115,8 +1180,57 @@ int32_t extract_data(JCR *jcr, BFILE *bfd, POOLMEM *buf, int32_t buflen, cipher_ctx->packet_len = 0; } return wsize; + +bail_out: + return -1; } + +/* + * If extracting, close any previous stream + */ +static void close_previous_stream(r_ctx &rctx) +{ + /* + * If extracting, it was from previous stream, so + * close the output file and validate the signature. + */ + if (rctx.extract) { + if (rctx.size > 0 && !is_bopen(&rctx.bfd)) { + Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n")); + Dmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size, + is_bopen(&rctx.bfd)); + } + + if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) { + deallocate_cipher(rctx); + deallocate_fork_cipher(rctx); + } + + if (rctx.jcr->plugin) { + plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd); + } else { + set_attributes(rctx.jcr, rctx.attr, &rctx.bfd); + } + rctx.extract = false; + + /* Verify the cryptographic signature, if any */ + rctx.type = rctx.attr->type; + verify_signature(rctx.jcr, rctx); + + /* Free Signature */ + free_signature(rctx); + free_session(rctx); + rctx.jcr->ff->flags = 0; + Dmsg0(130, "Stop extracting.\n"); + } else if (is_bopen(&rctx.bfd)) { + Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n")); + Dmsg0(000, "=== logic error !open\n"); + bclose(&rctx.bfd); + } +} + + /* * In the context of jcr, flush any remaining data from the cipher context, * writing it to bfd.