X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=bacula%2Fsrc%2Ftray-monitor%2Fauthenticate.c;h=2735111a3181feb3376d51bbaf0c7ec4cf0ebadf;hb=afd4ac31e0f65357c5264c04b804e86b2095a304;hp=f43b4e04d79e1a2179b171a60c5ce8b4a3bd3297;hpb=105ddc5b0f41e269c1f3d7e3a65cac37bc4207ca;p=bacula%2Fbacula diff --git a/bacula/src/tray-monitor/authenticate.c b/bacula/src/tray-monitor/authenticate.c index f43b4e04d7..2735111a31 100644 --- a/bacula/src/tray-monitor/authenticate.c +++ b/bacula/src/tray-monitor/authenticate.c @@ -1,3 +1,30 @@ +/* + Bacula® - The Network Backup Solution + + Copyright (C) 2004-2008 Free Software Foundation Europe e.V. + + The main author of Bacula is Kern Sibbald, with contributions from + many others, a complete list can be found in the file AUTHORS. + This program is Free Software; you can redistribute it and/or + modify it under the terms of version two of the GNU General Public + License as published by the Free Software Foundation and included + in the file LICENSE. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301, USA. + + Bacula® is a registered trademark of Kern Sibbald. + The licensor of Bacula is the Free Software Foundation Europe + (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich, + Switzerland, email:ftf@fsfeurope.org. +*/ /* * * Bacula authentication. Provides authentication with @@ -10,24 +37,6 @@ * Basic tasks done here: * */ -/* - Copyright (C) 2004 Kern Sibbald and John Walker - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License - as published by the Free Software Foundation; either version 2 - of the License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public - License along with this program; if not, write to the Free - Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, - MA 02111-1307, USA. - */ #include "bacula.h" #include "tray-monitor.h" @@ -49,7 +58,7 @@ static char SDFDhello[] = "Hello Director %s calling\n"; /* Response from SD */ static char SDOKhello[] = "3000 OK Hello\n"; /* Response from FD */ -static char FDOKhello[] = "2000 OK Hello\n"; +static char FDOKhello[] = "2000 OK Hello"; /* Forward referenced functions */ @@ -61,6 +70,7 @@ int authenticate_director(JCR *jcr, MONITOR *mon, DIRRES *director) BSOCK *dir = jcr->dir_bsock; int tls_local_need = BNET_TLS_NONE; int tls_remote_need = BNET_TLS_NONE; + int compatible = true; char bashed_name[MAX_NAME_LENGTH]; char *password; @@ -70,22 +80,22 @@ int authenticate_director(JCR *jcr, MONITOR *mon, DIRRES *director) /* Timeout Hello after 5 mins */ btimer_t *tid = start_bsock_timer(dir, 60 * 5); - bnet_fsend(dir, DIRhello, bashed_name); + dir->fsend(DIRhello, bashed_name); - if (!cram_md5_get_auth(dir, password, &tls_remote_need) || - !cram_md5_auth(dir, password, tls_local_need)) { + if (!cram_md5_respond(dir, password, &tls_remote_need, &compatible) || + !cram_md5_challenge(dir, password, tls_local_need, compatible)) { stop_bsock_timer(tid); Jmsg0(jcr, M_FATAL, 0, _("Director authorization problem.\n" "Most likely the passwords do not agree.\n" - "Please see http://www.bacula.org/rel-manual/faq.html#AuthorizationErrors for help.\n")); + "Please see http://www.bacula.org/en/rel-manual/Bacula_Freque_Asked_Questi.html#SECTION003760000000000000000 for help.\n")); return 0; } Dmsg1(6, ">dird: %s", dir->msg); - if (bnet_recv(dir) <= 0) { + if (dir->recv() <= 0) { stop_bsock_timer(tid); Jmsg1(jcr, M_FATAL, 0, _("Bad response to Hello command: ERR=%s\n"), - bnet_strerror(dir)); + dir->bstrerror()); return 0; } Dmsg1(10, "msg); @@ -94,7 +104,7 @@ int authenticate_director(JCR *jcr, MONITOR *mon, DIRRES *director) Jmsg0(jcr, M_FATAL, 0, _("Director rejected Hello command\n")); return 0; } else { - Jmsg0(jcr, M_FATAL, 0, dir->msg); + Jmsg0(jcr, M_INFO, 0, dir->msg); } return 1; } @@ -108,6 +118,7 @@ int authenticate_storage_daemon(JCR *jcr, MONITOR *monitor, STORE* store) char dirname[MAX_NAME_LENGTH]; int tls_local_need = BNET_TLS_NONE; int tls_remote_need = BNET_TLS_NONE; + int compatible = true; /* * Send my name to the Storage daemon then do authentication @@ -116,23 +127,23 @@ int authenticate_storage_daemon(JCR *jcr, MONITOR *monitor, STORE* store) bash_spaces(dirname); /* Timeout Hello after 5 mins */ btimer_t *tid = start_bsock_timer(sd, 60 * 5); - if (!bnet_fsend(sd, SDFDhello, dirname)) { + if (!sd->fsend(SDFDhello, dirname)) { stop_bsock_timer(tid); Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to Storage daemon. ERR=%s\n"), bnet_strerror(sd)); return 0; } - if (!cram_md5_get_auth(sd, store->password, &tls_remote_need) || - !cram_md5_auth(sd, store->password, tls_local_need)) { + if (!cram_md5_respond(sd, store->password, &tls_remote_need, &compatible) || + !cram_md5_challenge(sd, store->password, tls_local_need, compatible)) { stop_bsock_timer(tid); Jmsg0(jcr, M_FATAL, 0, _("Director and Storage daemon passwords or names not the same.\n" - "Please see http://www.bacula.org/rel-manual/faq.html#AuthorizationErrors for help.\n")); + "Please see http://www.bacula.org/en/rel-manual/Bacula_Freque_Asked_Questi.html#SECTION003760000000000000000 for help.\n")); return 0; } Dmsg1(116, ">stored: %s", sd->msg); - if (bnet_recv(sd) <= 0) { + if (sd->recv() <= 0) { stop_bsock_timer(tid); Jmsg1(jcr, M_FATAL, 0, _("bdirdbstrerror()); return 0; } Dmsg1(110, "msg); @@ -153,6 +164,7 @@ int authenticate_file_daemon(JCR *jcr, MONITOR *monitor, CLIENT* client) char dirname[MAX_NAME_LENGTH]; int tls_local_need = BNET_TLS_NONE; int tls_remote_need = BNET_TLS_NONE; + int compatible = true; /* * Send my name to the File daemon then do authentication @@ -161,28 +173,28 @@ int authenticate_file_daemon(JCR *jcr, MONITOR *monitor, CLIENT* client) bash_spaces(dirname); /* Timeout Hello after 5 mins */ btimer_t *tid = start_bsock_timer(fd, 60 * 5); - if (!bnet_fsend(fd, SDFDhello, dirname)) { + if (!fd->fsend(SDFDhello, dirname)) { stop_bsock_timer(tid); Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to File daemon. ERR=%s\n"), bnet_strerror(fd)); return 0; } - if (!cram_md5_get_auth(fd, client->password, &tls_remote_need) || - !cram_md5_auth(fd, client->password, tls_local_need)) { + if (!cram_md5_respond(fd, client->password, &tls_remote_need, &compatible) || + !cram_md5_challenge(fd, client->password, tls_local_need, compatible)) { stop_bsock_timer(tid); Jmsg(jcr, M_FATAL, 0, _("Director and File daemon passwords or names not the same.\n" - "Please see http://www.bacula.org/rel-manual/faq.html#AuthorizationErrors for help.\n")); + "Please see http://www.bacula.org/en/rel-manual/Bacula_Freque_Asked_Questi.html#SECTION003760000000000000000 for help.\n")); return 0; } Dmsg1(116, ">filed: %s", fd->msg); - if (bnet_recv(fd) <= 0) { + if (fd->recv() <= 0) { stop_bsock_timer(tid); Jmsg(jcr, M_FATAL, 0, _("Bad response from File daemon to Hello command: ERR=%s\n"), - bnet_strerror(fd)); + fd->bstrerror()); return 0; } Dmsg1(110, "msg); stop_bsock_timer(tid); - if (strncmp(fd->msg, FDOKhello, sizeof(FDOKhello)) != 0) { + if (strncmp(fd->msg, FDOKhello, sizeof(FDOKhello)-1) != 0) { Jmsg(jcr, M_FATAL, 0, _("File daemon rejected Hello command\n")); return 0; }