From 1ea77d9669249bcd44647570e9f00f8d134c8fe1 Mon Sep 17 00:00:00 2001 From: Kern Sibbald Date: Thu, 1 May 2003 11:40:55 +0000 Subject: [PATCH] SSL configuration statements + Console resource git-svn-id: https://bacula.svn.sourceforge.net/svnroot/bacula/trunk@475 91ce42f0-d328-0410-95d8-f526ca767f89 --- bacula/src/console/authenticate.c | 10 +- bacula/src/console/console_conf.c | 100 +++++++-------- bacula/src/console/console_conf.h | 40 +++--- bacula/src/dird/dird_conf.c | 30 ++++- bacula/src/dird/dird_conf.h | 19 ++- bacula/src/filed/filed_conf.c | 160 ++++++++++++------------ bacula/src/filed/filed_conf.h | 40 +++--- bacula/src/lib/bnet.c | 11 ++ bacula/src/lib/cram-md5.c | 14 +-- bacula/src/lib/protos.h | 201 +++++++++++++++--------------- bacula/src/stored/stored_conf.c | 4 +- bacula/src/stored/stored_conf.h | 4 +- bacula/src/version.h | 4 +- 13 files changed, 343 insertions(+), 294 deletions(-) diff --git a/bacula/src/console/authenticate.c b/bacula/src/console/authenticate.c index 819b93ab19..de2b1a0cc9 100644 --- a/bacula/src/console/authenticate.c +++ b/bacula/src/console/authenticate.c @@ -55,24 +55,24 @@ int authenticate_director(JCR *jcr, DIRRES *director) if (!cram_md5_get_auth(dir, director->password) || !cram_md5_auth(dir, director->password)) { - Dmsg0(-1, _("Director authorization problem.\n" + Pmsg0(-1, _("Director authorization problem.\n" "Most likely the passwords do not agree.\n")); return 0; } Dmsg1(6, ">dird: %s", dir->msg); if (bnet_recv(dir) <= 0) { - Dmsg1(-1, "Bad response to Hello command: ERR=%s\n", + Pmsg1(-1, "Bad response to Hello command: ERR=%s\n", bnet_strerror(dir)); - Dmsg0(-1, "The Director is probably not running.\n"); + Pmsg0(-1, "The Director is probably not running.\n"); return 0; } Dmsg1(10, "msg); if (strncmp(dir->msg, OKhello, sizeof(OKhello)-1) != 0) { - Dmsg0(-1, "Director rejected Hello command\n"); + Pmsg0(-1, "Director rejected Hello command\n"); return 0; } else { - Dmsg1(-1, "%s", dir->msg); + Pmsg1(-1, "%s", dir->msg); } return 1; } diff --git a/bacula/src/console/console_conf.c b/bacula/src/console/console_conf.c index 48e4d63036..573bff15f8 100644 --- a/bacula/src/console/console_conf.c +++ b/bacula/src/console/console_conf.c @@ -8,14 +8,14 @@ * 1. The generic lexical scanner in lib/lex.c and lib/lex.h * * 2. The generic config scanner in lib/parse_config.c and - * lib/parse_config.h. - * These files contain the parser code, some utility - * routines, and the common store routines (name, int, - * string). + * lib/parse_config.h. + * These files contain the parser code, some utility + * routines, and the common store routines (name, int, + * string). * * 3. The daemon specific file, which contains the Resource - * definitions as well as any specific store routines - * for the resource records. + * definitions as well as any specific store routines + * for the resource records. * * Kern Sibbald, January MM, September MM */ @@ -71,7 +71,7 @@ static struct res_items cons_items[] = { {"description", store_str, ITEM(res_cons.hdr.desc), 0, 0, 0}, {"rcfile", store_dir, ITEM(res_cons.rc_file), 0, 0, 0}, {"historyfile", store_dir, ITEM(res_cons.hist_file), 0, 0, 0}, - {"sslcertificatedirectory", store_dir, ITEM(res_cons.ssl_certs), 0, 0, 0}, + {"requiressl", store_yesno, ITEM(res_cons.require_ssl), 1, ITEM_DEFAULT, 0}, {NULL, NULL, NULL, 0, 0, 0} }; @@ -94,7 +94,7 @@ static struct res_items dir_items[] = { struct s_res resources[] = { {"console", cons_items, R_CONSOLE, NULL}, {"director", dir_items, R_DIRECTOR, NULL}, - {NULL, NULL, 0, NULL} + {NULL, NULL, 0, NULL} }; @@ -108,19 +108,19 @@ void dump_resource(int type, RES *reshdr, void sendit(void *sock, char *fmt, ... printf("No record for %d %s\n", type, res_to_str(type)); return; } - if (type < 0) { /* no recursion */ + if (type < 0) { /* no recursion */ type = - type; recurse = 0; } switch (type) { case R_CONSOLE: printf("Console: name=%s rcfile=%s histfile=%s\n", reshdr->name, - res->res_cons.rc_file, res->res_cons.hist_file); - break; + res->res_cons.rc_file, res->res_cons.hist_file); + break; case R_DIRECTOR: printf("Director: name=%s address=%s DIRport=%d\n", reshdr->name, - res->res_dir.address, res->res_dir.DIRport); - break; + res->res_dir.address, res->res_dir.DIRport); + break; default: printf("Unknown resource type %d\n", type); } @@ -158,16 +158,16 @@ void free_resource(int type) switch (type) { case R_CONSOLE: - if (res->res_cons.rc_file) { - free(res->res_cons.rc_file); - } - if (res->res_cons.hist_file) { - free(res->res_cons.hist_file); - } + if (res->res_cons.rc_file) { + free(res->res_cons.rc_file); + } + if (res->res_cons.hist_file) { + free(res->res_cons.hist_file); + } case R_DIRECTOR: - if (res->res_dir.address) - free(res->res_dir.address); - break; + if (res->res_dir.address) + free(res->res_dir.address); + break; default: printf("Unknown resource type %d\n", type); } @@ -194,10 +194,10 @@ void save_resource(int type, struct res_items *items, int pass) */ for (i=0; items[i].name; i++) { if (items[i].flags & ITEM_REQUIRED) { - if (!bit_is_set(i, res_all.res_dir.hdr.item_present)) { + if (!bit_is_set(i, res_all.res_dir.hdr.item_present)) { Emsg2(M_ABORT, 0, "%s item is required in %s resource, but not found.\n", - items[i].name, resources[rindex]); - } + items[i].name, resources[rindex]); + } } } @@ -208,26 +208,26 @@ void save_resource(int type, struct res_items *items, int pass) */ if (pass == 2) { switch (type) { - /* Resources not containing a resource */ - case R_CONSOLE: - case R_DIRECTOR: - break; + /* Resources not containing a resource */ + case R_CONSOLE: + case R_DIRECTOR: + break; - default: + default: Emsg1(M_ERROR, 0, "Unknown resource type %d\n", type); - error = 1; - break; + error = 1; + break; } /* Note, the resoure name was already saved during pass 1, * so here, we can just release it. */ if (res_all.res_dir.hdr.name) { - free(res_all.res_dir.hdr.name); - res_all.res_dir.hdr.name = NULL; + free(res_all.res_dir.hdr.name); + res_all.res_dir.hdr.name = NULL; } if (res_all.res_dir.hdr.desc) { - free(res_all.res_dir.hdr.desc); - res_all.res_dir.hdr.desc = NULL; + free(res_all.res_dir.hdr.desc); + res_all.res_dir.hdr.desc = NULL; } return; } @@ -235,31 +235,31 @@ void save_resource(int type, struct res_items *items, int pass) /* The following code is only executed during pass 1 */ switch (type) { case R_CONSOLE: - size = sizeof(CONSRES); - break; + size = sizeof(CONSRES); + break; case R_DIRECTOR: - size = sizeof(DIRRES); - break; + size = sizeof(DIRRES); + break; default: printf("Unknown resource type %d\n", type); - error = 1; - size = 1; - break; + error = 1; + size = 1; + break; } /* Common */ if (!error) { res = (URES *)malloc(size); memcpy(res, &res_all, size); if (!resources[rindex].res_head) { - resources[rindex].res_head = (RES *)res; /* store first entry */ + resources[rindex].res_head = (RES *)res; /* store first entry */ } else { - RES *next; - /* Add new res to end of chain */ - for (next=resources[rindex].res_head; next->next; next=next->next) - { } - next->next = (RES *)res; + RES *next; + /* Add new res to end of chain */ + for (next=resources[rindex].res_head; next->next; next=next->next) + { } + next->next = (RES *)res; Dmsg2(90, "Inserting %s res: %s\n", res_to_str(type), - res->res_dir.hdr.name); + res->res_dir.hdr.name); } } } diff --git a/bacula/src/console/console_conf.h b/bacula/src/console/console_conf.h index e50e2e6f77..7326b55bfe 100644 --- a/bacula/src/console/console_conf.h +++ b/bacula/src/console/console_conf.h @@ -9,41 +9,41 @@ /* * Resource codes -- they must be sequential for indexing */ -#define R_FIRST 1001 +#define R_FIRST 1001 -#define R_CONSOLE 1001 -#define R_DIRECTOR 1002 +#define R_CONSOLE 1001 +#define R_DIRECTOR 1002 -#define R_LAST R_DIRECTOR +#define R_LAST R_DIRECTOR /* * Some resource attributes */ -#define R_NAME 1020 -#define R_ADDRESS 1021 -#define R_PASSWORD 1022 -#define R_TYPE 1023 -#define R_BACKUP 1024 +#define R_NAME 1020 +#define R_ADDRESS 1021 +#define R_PASSWORD 1022 +#define R_TYPE 1023 +#define R_BACKUP 1024 /* Definition of the contents of each Resource */ /* Console "globals" */ struct s_res_cons { - RES hdr; - char *rc_file; /* startup file */ - char *hist_file; /* command history file */ - char *ssl_certs; /* certificates directory */ + RES hdr; + char *rc_file; /* startup file */ + char *hist_file; /* command history file */ + int require_ssl; /* Require SSL on all connections */ }; typedef struct s_res_cons CONSRES; /* Director */ struct s_res_dir { - RES hdr; - int DIRport; /* UA server port */ - char *address; /* UA server address */ - char *password; /* UA server password */ - int enable_ssl; /* Use SSL */ + RES hdr; + int DIRport; /* UA server port */ + char *address; /* UA server address */ + char *password; /* UA server password */ + int enable_ssl; /* Use SSL */ }; typedef struct s_res_dir DIRRES; @@ -52,8 +52,8 @@ typedef struct s_res_dir DIRRES; * resource structure definitions. */ union u_res { - struct s_res_dir res_dir; - struct s_res_cons res_cons; + struct s_res_dir res_dir; + struct s_res_cons res_cons; RES hdr; }; diff --git a/bacula/src/dird/dird_conf.c b/bacula/src/dird/dird_conf.c index 38c03935ae..f9684021d7 100644 --- a/bacula/src/dird/dird_conf.c +++ b/bacula/src/dird/dird_conf.c @@ -95,7 +95,7 @@ static struct res_items dir_items[] = { {"workingdirectory", store_dir, ITEM(res_dir.working_directory), 0, ITEM_REQUIRED, 0}, {"piddirectory",store_dir, ITEM(res_dir.pid_directory), 0, ITEM_REQUIRED, 0}, {"subsysdirectory", store_dir, ITEM(res_dir.subsys_directory), 0, ITEM_REQUIRED, 0}, - {"sslcertificatedirectory", store_dir, ITEM(res_dir.ssl_certs), 0, 0, 0}, + {"requiressl", store_yesno, ITEM(res_dir.require_ssl), 1, ITEM_DEFAULT, 0}, {"enablessl", store_yesno, ITEM(res_dir.enable_ssl), 1, ITEM_DEFAULT, 0}, {"maximumconcurrentjobs", store_pint, ITEM(res_dir.MaxConcurrentJobs), 0, ITEM_DEFAULT, 1}, {"password", store_password, ITEM(res_dir.password), 0, ITEM_REQUIRED, 0}, @@ -104,6 +104,20 @@ static struct res_items dir_items[] = { {NULL, NULL, NULL, 0, 0, 0} }; +/* + * Console Resource + * + * name handler value code flags default_value + */ +static struct res_items con_items[] = { + {"name", store_name, ITEM(res_con.hdr.name), 0, ITEM_REQUIRED, 0}, + {"description", store_str, ITEM(res_con.hdr.desc), 0, 0, 0}, + {"enablessl", store_yesno, ITEM(res_con.enable_ssl), 1, ITEM_DEFAULT, 0}, + {"password", store_password, ITEM(res_con.password), 0, ITEM_REQUIRED, 0}, + {NULL, NULL, NULL, 0, 0, 0} +}; + + /* * Client or File daemon resource * @@ -287,6 +301,7 @@ extern struct res_items msgs_items[]; */ struct s_res resources[] = { {"director", dir_items, R_DIRECTOR, NULL}, + {"console", con_items, R_CONSOLE, NULL}, {"client", cli_items, R_CLIENT, NULL}, {"job", job_items, R_JOB, NULL}, {"storage", store_items, R_STORAGE, NULL}, @@ -403,6 +418,10 @@ void dump_resource(int type, RES *reshdr, void sendit(void *sock, char *fmt, ... dump_resource(-R_MSGS, (RES *)res->res_dir.messages, sendit, sock); } break; + case R_CONSOLE: + sendit(sock, "Console name=%s SSL=%d\n", + res->res_con.hdr.name, res->res_con.enable_ssl); + break; case R_CLIENT: sendit(sock, "Client: name=%s address=%s FDport=%d MaxJobs=%u\n", res->res_client.hdr.name, res->res_client.address, res->res_client.FDport, @@ -682,6 +701,11 @@ void free_resource(int type) free(res->res_dir.DIRaddr); } break; + case R_CONSOLE: + if (res->res_con.password) { + free(res->res_con.password); + } + break; case R_CLIENT: if (res->res_client.address) { free(res->res_client.address); @@ -836,6 +860,7 @@ void save_resource(int type, struct res_items *items, int pass) if (pass == 2) { switch (type) { /* Resources not containing a resource */ + case R_CONSOLE: case R_CATALOG: case R_STORAGE: case R_GROUP: @@ -920,6 +945,9 @@ void save_resource(int type, struct res_items *items, int pass) case R_DIRECTOR: size = sizeof(DIRRES); break; + case R_CONSOLE: + size = sizeof(CONRES); + break; case R_CLIENT: size =sizeof(CLIENT); break; diff --git a/bacula/src/dird/dird_conf.h b/bacula/src/dird/dird_conf.h index dce3f47030..14f47e98a4 100644 --- a/bacula/src/dird/dird_conf.h +++ b/bacula/src/dird/dird_conf.h @@ -43,8 +43,9 @@ #define R_POOL 1009 #define R_MSGS 1010 #define R_COUNTER 1011 +#define R_CONSOLE 1012 -#define R_LAST R_COUNTER +#define R_LAST R_CONSOLE /* * Some resource attributes @@ -86,12 +87,12 @@ struct s_res_dir { int DIRport; /* where we listen -- UA port server port */ char *DIRaddr; /* bind address */ char *password; /* Password for UA access */ + int enable_ssl; /* Use SSL for UA */ char *query_file; /* SQL query file */ char *working_directory; /* WorkingDirectory */ char *pid_directory; /* PidDirectory */ char *subsys_directory; /* SubsysDirectory */ - char *ssl_certs; /* SSL Certificates directory */ - int enable_ssl; /* Use SSL */ + int require_ssl; /* Require SSL for all connections */ struct s_res_msgs *messages; /* Daemon message handler */ uint32_t MaxConcurrentJobs; /* Max concurrent jobs for whole director */ utime_t FDConnectTimeout; /* timeout for connect in seconds */ @@ -99,6 +100,17 @@ struct s_res_dir { }; typedef struct s_res_dir DIRRES; +/* + * Console Resource + */ +struct s_res_con { + RES hdr; + char *password; /* UA server password */ + int enable_ssl; /* Use SSL */ +}; +typedef struct s_res_con CONRES; + + /* * Client Resource * @@ -298,6 +310,7 @@ typedef struct s_res_pool POOL; */ union u_res { struct s_res_dir res_dir; + struct s_res_con res_con; struct s_res_client res_client; struct s_res_store res_store; struct s_res_cat res_cat; diff --git a/bacula/src/filed/filed_conf.c b/bacula/src/filed/filed_conf.c index 2b3e253f3d..f2826032b6 100644 --- a/bacula/src/filed/filed_conf.c +++ b/bacula/src/filed/filed_conf.c @@ -8,14 +8,14 @@ * 1. The generic lexical scanner in lib/lex.c and lib/lex.h * * 2. The generic config scanner in lib/parse_config.c and - * lib/parse_config.h. - * These files contain the parser code, some utility - * routines, and the common store routines (name, int, - * string). + * lib/parse_config.h. + * These files contain the parser code, some utility + * routines, and the common store routines (name, int, + * string). * * 3. The daemon specific file, which contains the Resource - * definitions as well as any specific store routines - * for the resource records. + * definitions as well as any specific store routines + * for the resource records. * * Kern Sibbald, September MM * @@ -78,8 +78,7 @@ static struct res_items cli_items[] = { {"workingdirectory", store_dir, ITEM(res_client.working_directory), 0, ITEM_REQUIRED, 0}, {"piddirectory", store_dir, ITEM(res_client.pid_directory), 0, ITEM_REQUIRED, 0}, {"subsysdirectory", store_dir, ITEM(res_client.subsys_directory), 0, ITEM_REQUIRED, 0}, - {"sslcertificatedirectory", store_dir, ITEM(res_client.ssl_certs), 0, 0, 0}, - {"enablessl", store_yesno, ITEM(res_client.enable_ssl),1, ITEM_DEFAULT, 0}, + {"requiressl", store_yesno, ITEM(res_client.require_ssl),1, ITEM_DEFAULT, 0}, {"maximumconcurrentjobs", store_pint, ITEM(res_client.MaxConcurrentJobs), 0, ITEM_DEFAULT, 3}, {"messages", store_res, ITEM(res_client.messages), R_MSGS, 0, 0}, {NULL, NULL, NULL, 0, 0, 0} @@ -91,6 +90,7 @@ static struct res_items dir_items[] = { {"description", store_str, ITEM(res_dir.hdr.desc), 0, 0, 0}, {"password", store_password, ITEM(res_dir.password), 0, ITEM_REQUIRED, 0}, {"address", store_str, ITEM(res_dir.address), 0, 0, 0}, + {"enablessl", store_yesno, ITEM(res_dir.enable_ssl),1, ITEM_DEFAULT, 0}, {NULL, NULL, NULL, 0, 0, 0} }; @@ -106,7 +106,7 @@ struct s_res resources[] = { {"filedaemon", cli_items, R_CLIENT, NULL}, {"client", cli_items, R_CLIENT, NULL}, /* alias for filedaemon */ {"messages", msgs_items, R_MSGS, NULL}, - {NULL, NULL, 0, NULL} + {NULL, NULL, 0, NULL} }; @@ -120,26 +120,26 @@ void dump_resource(int type, RES *reshdr, void sendit(void *sock, char *fmt, ... sendit(sock, "No record for %d %s\n", type, res_to_str(type)); return; } - if (type < 0) { /* no recursion */ + if (type < 0) { /* no recursion */ type = - type; recurse = 0; } switch (type) { case R_DIRECTOR: sendit(sock, "Director: name=%s password=%s\n", reshdr->name, - res->res_dir.password); - break; + res->res_dir.password); + break; case R_CLIENT: sendit(sock, "Client: name=%s FDport=%d\n", reshdr->name, - res->res_client.FDport); - break; + res->res_client.FDport); + break; case R_MSGS: sendit(sock, "Messages: name=%s\n", res->res_msgs.hdr.name); - if (res->res_msgs.mail_cmd) + if (res->res_msgs.mail_cmd) sendit(sock, " mailcmd=%s\n", res->res_msgs.mail_cmd); - if (res->res_msgs.operator_cmd) + if (res->res_msgs.operator_cmd) sendit(sock, " opcmd=%s\n", res->res_msgs.operator_cmd); - break; + break; default: sendit(sock, "Unknown resource type %d\n", type); } @@ -177,35 +177,35 @@ void free_resource(int type) switch (type) { case R_DIRECTOR: - if (res->res_dir.password) { - free(res->res_dir.password); - } - if (res->res_dir.address) { - free(res->res_dir.address); - } - break; + if (res->res_dir.password) { + free(res->res_dir.password); + } + if (res->res_dir.address) { + free(res->res_dir.address); + } + break; case R_CLIENT: - if (res->res_client.working_directory) { - free(res->res_client.working_directory); - } - if (res->res_client.pid_directory) { - free(res->res_client.pid_directory); - } - if (res->res_client.subsys_directory) { - free(res->res_client.subsys_directory); - } - if (res->res_client.FDaddr) { - free(res->res_client.FDaddr); - } - break; + if (res->res_client.working_directory) { + free(res->res_client.working_directory); + } + if (res->res_client.pid_directory) { + free(res->res_client.pid_directory); + } + if (res->res_client.subsys_directory) { + free(res->res_client.subsys_directory); + } + if (res->res_client.FDaddr) { + free(res->res_client.FDaddr); + } + break; case R_MSGS: - if (res->res_msgs.mail_cmd) - free(res->res_msgs.mail_cmd); - if (res->res_msgs.operator_cmd) - free(res->res_msgs.operator_cmd); - free_msgs_res((MSGS *)res); /* free message resource */ - res = NULL; - break; + if (res->res_msgs.mail_cmd) + free(res->res_msgs.mail_cmd); + if (res->res_msgs.operator_cmd) + free(res->res_msgs.operator_cmd); + free_msgs_res((MSGS *)res); /* free message resource */ + res = NULL; + break; default: printf("Unknown resource type %d\n", type); } @@ -235,10 +235,10 @@ void save_resource(int type, struct res_items *items, int pass) */ for (i=0; items[i].name; i++) { if (items[i].flags & ITEM_REQUIRED) { - if (!bit_is_set(i, res_all.res_dir.hdr.item_present)) { + if (!bit_is_set(i, res_all.res_dir.hdr.item_present)) { Emsg2(M_ABORT, 0, _("%s item is required in %s resource, but not found.\n"), - items[i].name, resources[rindex]); - } + items[i].name, resources[rindex]); + } } } @@ -249,33 +249,33 @@ void save_resource(int type, struct res_items *items, int pass) */ if (pass == 2) { switch (type) { - /* Resources not containing a resource */ - case R_MSGS: - case R_DIRECTOR: - break; + /* Resources not containing a resource */ + case R_MSGS: + case R_DIRECTOR: + break; - /* Resources containing another resource */ - case R_CLIENT: - if ((res = (URES *)GetResWithName(R_CLIENT, res_all.res_dir.hdr.name)) == NULL) { + /* Resources containing another resource */ + case R_CLIENT: + if ((res = (URES *)GetResWithName(R_CLIENT, res_all.res_dir.hdr.name)) == NULL) { Emsg1(M_ABORT, 0, "Cannot find Client resource %s\n", res_all.res_dir.hdr.name); - } - res->res_client.messages = res_all.res_client.messages; - break; - default: + } + res->res_client.messages = res_all.res_client.messages; + break; + default: Emsg1(M_ERROR, 0, _("Unknown resource type %d\n"), type); - error = 1; - break; + error = 1; + break; } /* Note, the resoure name was already saved during pass 1, * so here, we can just release it. */ if (res_all.res_dir.hdr.name) { - free(res_all.res_dir.hdr.name); - res_all.res_dir.hdr.name = NULL; + free(res_all.res_dir.hdr.name); + res_all.res_dir.hdr.name = NULL; } if (res_all.res_dir.hdr.desc) { - free(res_all.res_dir.hdr.desc); - res_all.res_dir.hdr.desc = NULL; + free(res_all.res_dir.hdr.desc); + res_all.res_dir.hdr.desc = NULL; } return; } @@ -283,34 +283,34 @@ void save_resource(int type, struct res_items *items, int pass) /* The following code is only executed on pass 1 */ switch (type) { case R_DIRECTOR: - size = sizeof(DIRRES); - break; + size = sizeof(DIRRES); + break; case R_CLIENT: - size = sizeof(CLIENT); - break; + size = sizeof(CLIENT); + break; case R_MSGS: - size = sizeof(MSGS); - break; + size = sizeof(MSGS); + break; default: printf(_("Unknown resource type %d\n"), type); - error = 1; - size = 1; - break; + error = 1; + size = 1; + break; } /* Common */ if (!error) { res = (URES *)malloc(size); memcpy(res, &res_all, size); if (!resources[rindex].res_head) { - resources[rindex].res_head = (RES *)res; /* store first entry */ + resources[rindex].res_head = (RES *)res; /* store first entry */ } else { - RES *next; - /* Add new res to end of chain */ - for (next=resources[rindex].res_head; next->next; next=next->next) - { } - next->next = (RES *)res; + RES *next; + /* Add new res to end of chain */ + for (next=resources[rindex].res_head; next->next; next=next->next) + { } + next->next = (RES *)res; Dmsg2(90, "Inserting %s res: %s\n", res_to_str(type), - res->res_dir.hdr.name); + res->res_dir.hdr.name); } } } diff --git a/bacula/src/filed/filed_conf.h b/bacula/src/filed/filed_conf.h index d2d028b4c4..71142bedcd 100644 --- a/bacula/src/filed/filed_conf.h +++ b/bacula/src/filed/filed_conf.h @@ -28,40 +28,40 @@ /* * Resource codes -- they must be sequential for indexing */ -#define R_FIRST 1001 +#define R_FIRST 1001 -#define R_DIRECTOR 1001 -#define R_CLIENT 1002 -#define R_MSGS 1003 +#define R_DIRECTOR 1001 +#define R_CLIENT 1002 +#define R_MSGS 1003 -#define R_LAST R_MSGS +#define R_LAST R_MSGS /* * Some resource attributes */ -#define R_NAME 1020 -#define R_ADDRESS 1021 -#define R_PASSWORD 1022 -#define R_TYPE 1023 +#define R_NAME 1020 +#define R_ADDRESS 1021 +#define R_PASSWORD 1022 +#define R_TYPE 1023 /* Definition of the contents of each Resource */ struct s_res_dir { - RES hdr; - char *password; /* Director password */ - char *address; /* Director address or zero */ + RES hdr; + char *password; /* Director password */ + char *address; /* Director address or zero */ + int enable_ssl; /* Use SSL for this Director */ }; typedef struct s_res_dir DIRRES; struct s_res_client { - RES hdr; - int FDport; /* where we listen for Directors */ - char *FDaddr; /* bind address */ + RES hdr; + int FDport; /* where we listen for Directors */ + char *FDaddr; /* bind address */ char *working_directory; char *pid_directory; char *subsys_directory; - char *ssl_certs; /* SSL Certificates directory */ - int enable_ssl; /* Use SSL */ + int require_ssl; /* Require SSL on all connections */ struct s_res_msgs *messages; /* daemon message handler */ int MaxConcurrentJobs; }; @@ -73,9 +73,9 @@ typedef struct s_res_client CLIENT; * resource structure definitions. */ union u_res { - struct s_res_dir res_dir; - struct s_res_client res_client; - struct s_res_msgs res_msgs; + struct s_res_dir res_dir; + struct s_res_client res_client; + struct s_res_msgs res_msgs; RES hdr; }; diff --git a/bacula/src/lib/bnet.c b/bacula/src/lib/bnet.c index 9db53808e6..18e1e13010 100644 --- a/bacula/src/lib/bnet.c +++ b/bacula/src/lib/bnet.c @@ -348,6 +348,17 @@ bnet_send(BSOCK *bsock) return 1; } +/* + * Establish an SSL connection. + * If listen is set, the other end initiates the request. + * If listen is not set, I initiate it. + */ +int +bnet_ssl(BSOCK *bsock, char *password, int listen) +{ + return 1; +} + /* * Wait for a specified time for data to appear on * the BSOCK connection. diff --git a/bacula/src/lib/cram-md5.c b/bacula/src/lib/cram-md5.c index 7d788381a6..200d775950 100644 --- a/bacula/src/lib/cram-md5.c +++ b/bacula/src/lib/cram-md5.c @@ -41,13 +41,14 @@ int cram_md5_auth(BSOCK *bs, char *password) uint8_t hmac[20]; gettimeofday(&t1, &tz); - for (i=0; i<4; i++) + for (i=0; i<4; i++) { gettimeofday(&t2, &tz); + } srandom((t1.tv_sec&0xffff) * (t2.tv_usec&0xff)); if (!gethostname(host, sizeof(host))) { bstrncpy(host, my_name, sizeof(host)); } - sprintf((char *)chal, "<%u.%u@%s>", (uint32_t)random(), (uint32_t)time(NULL), host); + bsnprintf(chal, sizeof(chal), "<%u.%u@%s>", (uint32_t)random(), (uint32_t)time(NULL), host); if (!bnet_fsend(bs, "auth cram-md5 %s\n", chal)) { return 0; } @@ -59,13 +60,8 @@ int cram_md5_auth(BSOCK *bs, char *password) hmac_md5((uint8_t *)chal, strlen(chal), (uint8_t *)password, strlen(password), hmac); bin_to_base64(host, (char *)hmac, 16); ok = strcmp(bs->msg, host) == 0; - if (ok) { - Dmsg3(99, "Authenticate %s: wanted %s, got %s\n", - ok ? "OK" : "NOT OK", host, bs->msg); - } else { - Dmsg3(99, "Authenticate %s: wanted %s, got %s\n", - ok ? "OK" : "NOT OK", host, bs->msg); - } + Dmsg3(99, "Authenticate %s: wanted %s, got %s\n", + ok ? "OK" : "NOT OK", host, bs->msg); if (ok) { bnet_fsend(bs, "1000 OK auth\n"); } else { diff --git a/bacula/src/lib/protos.h b/bacula/src/lib/protos.h index 4e0abd6dbb..966047e59c 100644 --- a/bacula/src/lib/protos.h +++ b/bacula/src/lib/protos.h @@ -24,138 +24,139 @@ */ /* base64.c */ -void base64_init (void); -int to_base64 (intmax_t value, char *where); -int from_base64 (intmax_t *value, char *where); -int bin_to_base64 (char *buf, char *bin, int len); +void base64_init (void); +int to_base64 (intmax_t value, char *where); +int from_base64 (intmax_t *value, char *where); +int bin_to_base64 (char *buf, char *bin, int len); /* bmisc.c */ -char *bstrncpy (char *dest, const char *src, int maxlen); -char *bstrncat (char *dest, const char *src, int maxlen); -void *b_malloc (char *file, int line, size_t size); +char *bstrncpy (char *dest, const char *src, int maxlen); +char *bstrncat (char *dest, const char *src, int maxlen); +void *b_malloc (char *file, int line, size_t size); #ifndef DEBUG -void *bmalloc (size_t size); +void *bmalloc (size_t size); #endif -void *brealloc (void *buf, size_t size); -void *bcalloc (size_t size1, size_t size2); -int bsnprintf (char *str, size_t size, const char *format, ...); -int bvsnprintf (char *str, size_t size, const char *format, va_list ap); -int pool_sprintf (char *pool_buf, char *fmt, ...); -void create_pid_file (char *dir, char *progname, int port); -int delete_pid_file (char *dir, char *progname, int port); -void drop (char *uid, char *gid); -int bmicrosleep (time_t sec, long msec); +void *brealloc (void *buf, size_t size); +void *bcalloc (size_t size1, size_t size2); +int bsnprintf (char *str, size_t size, const char *format, ...); +int bvsnprintf (char *str, size_t size, const char *format, va_list ap); +int pool_sprintf (char *pool_buf, char *fmt, ...); +void create_pid_file (char *dir, char *progname, int port); +int delete_pid_file (char *dir, char *progname, int port); +void drop (char *uid, char *gid); +int bmicrosleep (time_t sec, long msec); /* bnet.c */ -int32_t bnet_recv (BSOCK *bsock); -int bnet_send (BSOCK *bsock); -int bnet_fsend (BSOCK *bs, char *fmt, ...); -int bnet_set_buffer_size (BSOCK *bs, uint32_t size, int rw); -int bnet_sig (BSOCK *bs, int sig); -BSOCK * bnet_connect (void *jcr, int retry_interval, - int max_retry_time, char *name, char *host, char *service, - int port, int verbose); -int bnet_wait_data (BSOCK *bsock, int sec); -void bnet_close (BSOCK *bsock); -BSOCK * init_bsock (void *jcr, int sockfd, char *who, char *ip, int port); -BSOCK * dup_bsock (BSOCK *bsock); -void term_bsock (BSOCK *bsock); -char * bnet_strerror (BSOCK *bsock); -char * bnet_sig_to_ascii (BSOCK *bsock); -int bnet_wait_data (BSOCK *bsock, int sec); -int bnet_despool (BSOCK *bsock); -int is_bnet_stop (BSOCK *bsock); -int is_bnet_error (BSOCK *bsock); -void bnet_suppress_error_messages(BSOCK *bsock, int flag); +int32_t bnet_recv (BSOCK *bsock); +int bnet_send (BSOCK *bsock); +int bnet_fsend (BSOCK *bs, char *fmt, ...); +int bnet_set_buffer_size (BSOCK *bs, uint32_t size, int rw); +int bnet_sig (BSOCK *bs, int sig); +int bnet_ssl (BSOCK *bsock, char *password, int listen); +BSOCK * bnet_connect (void *jcr, int retry_interval, + int max_retry_time, char *name, char *host, char *service, + int port, int verbose); +int bnet_wait_data (BSOCK *bsock, int sec); +void bnet_close (BSOCK *bsock); +BSOCK * init_bsock (void *jcr, int sockfd, char *who, char *ip, int port); +BSOCK * dup_bsock (BSOCK *bsock); +void term_bsock (BSOCK *bsock); +char * bnet_strerror (BSOCK *bsock); +char * bnet_sig_to_ascii (BSOCK *bsock); +int bnet_wait_data (BSOCK *bsock, int sec); +int bnet_despool (BSOCK *bsock); +int is_bnet_stop (BSOCK *bsock); +int is_bnet_error (BSOCK *bsock); +void bnet_suppress_error_messages(BSOCK *bsock, int flag); /* cram-md5.c */ int cram_md5_get_auth(BSOCK *bs, char *password); int cram_md5_auth(BSOCK *bs, char *password); void hmac_md5(uint8_t* text, int text_len, uint8_t* key, - int key_len, uint8_t *hmac); + int key_len, uint8_t *hmac); /* crc32.c */ uint32_t bcrc32(uint8_t *buf, int len); /* daemon.c */ -void daemon_start (); +void daemon_start (); /* edit.c */ -uint64_t str_to_uint64(char *str); -int64_t str_to_int64(char *str); -char * edit_uint64_with_commas (uint64_t val, char *buf); -char * add_commas (char *val, char *buf); -char * edit_uint64 (uint64_t val, char *buf); -int duration_to_utime (char *str, utime_t *value); -int size_to_uint64(char *str, int str_len, uint64_t *rtn_value); -char *edit_utime (utime_t val, char *buf); -int is_a_number (const char *num); -int is_an_integer (const char *n); +uint64_t str_to_uint64(char *str); +int64_t str_to_int64(char *str); +char * edit_uint64_with_commas (uint64_t val, char *buf); +char * add_commas (char *val, char *buf); +char * edit_uint64 (uint64_t val, char *buf); +int duration_to_utime (char *str, utime_t *value); +int size_to_uint64(char *str, int str_len, uint64_t *rtn_value); +char *edit_utime (utime_t val, char *buf); +int is_a_number (const char *num); +int is_an_integer (const char *n); /* lex.c */ -LEX * lex_close_file (LEX *lf); -LEX * lex_open_file (LEX *lf, char *fname, LEX_ERROR_HANDLER *scan_error); -int lex_get_char (LEX *lf); -void lex_unget_char (LEX *lf); -char * lex_tok_to_str (int token); -int lex_get_token (LEX *lf, int expect); +LEX * lex_close_file (LEX *lf); +LEX * lex_open_file (LEX *lf, char *fname, LEX_ERROR_HANDLER *scan_error); +int lex_get_char (LEX *lf); +void lex_unget_char (LEX *lf); +char * lex_tok_to_str (int token); +int lex_get_token (LEX *lf, int expect); /* message.c */ -void my_name_is (int argc, char *argv[], char *name); -void init_msg (void *jcr, MSGS *msg); -void term_msg (void); -void close_msg (void *jcr); -void add_msg_dest (MSGS *msg, int dest, int type, char *where, char *dest_code); -void rem_msg_dest (MSGS *msg, int dest, int type, char *where); -void Jmsg (void *jcr, int type, int level, char *fmt, ...); -void dispatch_message (void *jcr, int type, int level, char *buf); -void init_console_msg (char *wd); -void free_msgs_res (MSGS *msgs); -int open_spool_file (void *jcr, BSOCK *bs); -int close_spool_file (void *vjcr, BSOCK *bs); +void my_name_is (int argc, char *argv[], char *name); +void init_msg (void *jcr, MSGS *msg); +void term_msg (void); +void close_msg (void *jcr); +void add_msg_dest (MSGS *msg, int dest, int type, char *where, char *dest_code); +void rem_msg_dest (MSGS *msg, int dest, int type, char *where); +void Jmsg (void *jcr, int type, int level, char *fmt, ...); +void dispatch_message (void *jcr, int type, int level, char *buf); +void init_console_msg (char *wd); +void free_msgs_res (MSGS *msgs); +int open_spool_file (void *jcr, BSOCK *bs); +int close_spool_file (void *vjcr, BSOCK *bs); /* bnet_server.c */ -void bnet_thread_server(char *bind_addr, int port, int max_clients, workq_t *client_wq, - void *handle_client_request(void *bsock)); -void bnet_server (int port, void handle_client_request(BSOCK *bsock)); -int net_connect (int port); -BSOCK * bnet_bind (int port); -BSOCK * bnet_accept (BSOCK *bsock, char *who); +void bnet_thread_server(char *bind_addr, int port, int max_clients, workq_t *client_wq, + void *handle_client_request(void *bsock)); +void bnet_server (int port, void handle_client_request(BSOCK *bsock)); +int net_connect (int port); +BSOCK * bnet_bind (int port); +BSOCK * bnet_accept (BSOCK *bsock, char *who); /* signal.c */ -void init_signals (void terminate(int sig)); -void init_stack_dump (void); +void init_signals (void terminate(int sig)); +void init_stack_dump (void); /* util.c */ -void lcase (char *str); -void bash_spaces (char *str); -void unbash_spaces (char *str); -void strip_trailing_junk (char *str); -void strip_trailing_slashes (char *dir); -int skip_spaces (char **msg); -int skip_nonspaces (char **msg); -int fstrsch (char *a, char *b); -char * encode_time (time_t time, char *buf); -char * encode_mode (mode_t mode, char *buf); -int do_shell_expansion (char *name); -int is_buf_zero (char *buf, int len); -void jobstatus_to_ascii (int JobStatus, char *msg, int maxlen); -void pm_strcat (POOLMEM **pm, char *str); -void pm_strcpy (POOLMEM **pm, char *str); -int run_program (char *prog, int wait, POOLMEM *results); -char * job_type_to_str (int type); -char * job_status_to_str (int stat); -char * job_level_to_str (int level); -void makeSessionKey (char *key, char *seed, int mode); -BPIPE * open_bpipe(char *prog, int wait, char *mode); -int close_wpipe(BPIPE *bpipe); -int close_bpipe(BPIPE *bpipe); -POOLMEM *edit_job_codes(void *jcr, char *omsg, char *imsg, char *to); +void lcase (char *str); +void bash_spaces (char *str); +void unbash_spaces (char *str); +void strip_trailing_junk (char *str); +void strip_trailing_slashes (char *dir); +int skip_spaces (char **msg); +int skip_nonspaces (char **msg); +int fstrsch (char *a, char *b); +char * encode_time (time_t time, char *buf); +char * encode_mode (mode_t mode, char *buf); +int do_shell_expansion (char *name); +int is_buf_zero (char *buf, int len); +void jobstatus_to_ascii (int JobStatus, char *msg, int maxlen); +void pm_strcat (POOLMEM **pm, char *str); +void pm_strcpy (POOLMEM **pm, char *str); +int run_program (char *prog, int wait, POOLMEM *results); +char * job_type_to_str (int type); +char * job_status_to_str (int stat); +char * job_level_to_str (int level); +void makeSessionKey (char *key, char *seed, int mode); +BPIPE * open_bpipe(char *prog, int wait, char *mode); +int close_wpipe(BPIPE *bpipe); +int close_bpipe(BPIPE *bpipe); +POOLMEM *edit_job_codes(void *jcr, char *omsg, char *imsg, char *to); void parse_command_args(POOLMEM *cmd, POOLMEM *args, int *argc, - char **argk, char **argv); + char **argk, char **argv); char *next_arg(char **s); diff --git a/bacula/src/stored/stored_conf.c b/bacula/src/stored/stored_conf.c index c14148d39b..a87d959e5a 100644 --- a/bacula/src/stored/stored_conf.c +++ b/bacula/src/stored/stored_conf.c @@ -62,8 +62,7 @@ static struct res_items store_items[] = { {"workingdirectory", store_dir, ITEM(res_store.working_directory), 0, ITEM_REQUIRED, 0}, {"piddirectory", store_dir, ITEM(res_store.pid_directory), 0, ITEM_REQUIRED, 0}, {"subsysdirectory", store_dir, ITEM(res_store.subsys_directory), 0, ITEM_REQUIRED, 0}, - {"sslcertificatedirectory", store_dir,ITEM(res_store.ssl_certs), 0, 0, 0}, - {"enablessl", store_yesno,ITEM(res_store.enable_ssl), 1, ITEM_DEFAULT, 0}, + {"requiressl", store_yesno,ITEM(res_store.require_ssl), 1, ITEM_DEFAULT, 0}, {"maximumconcurrentjobs", store_pint, ITEM(res_store.max_concurrent_jobs), 0, ITEM_DEFAULT, 3}, {NULL, NULL, 0, 0, 0, 0} }; @@ -75,6 +74,7 @@ static struct res_items dir_items[] = { {"description", store_str, ITEM(res_dir.hdr.desc), 0, 0, 0}, {"password", store_password, ITEM(res_dir.password), 0, ITEM_REQUIRED, 0}, {"address", store_str, ITEM(res_dir.address), 0, 0, 0}, + {"enablessl", store_yesno, ITEM(res_dir.enable_ssl), 1, ITEM_DEFAULT, 0}, {NULL, NULL, 0, 0, 0, 0} }; diff --git a/bacula/src/stored/stored_conf.h b/bacula/src/stored/stored_conf.h index b4253c204c..f535d839f7 100644 --- a/bacula/src/stored/stored_conf.h +++ b/bacula/src/stored/stored_conf.h @@ -45,6 +45,7 @@ struct s_res_dir { char *password; /* Director password */ char *address; /* Director IP address or zero */ + int enable_ssl; /* Use SSL with this Director */ }; typedef struct s_res_dir DIRRES; @@ -60,8 +61,7 @@ struct s_res_store { char *working_directory; /* working directory for checkpoints */ char *pid_directory; char *subsys_directory; - char *ssl_certs; /* SSL Certificates directory */ - int enable_ssl; /* Use SSL */ + int require_ssl; /* Require SSL on all connections */ uint32_t max_concurrent_jobs; /* maximum concurrent jobs to run */ struct s_res_msgs *messages; /* Daemon message handler */ }; diff --git a/bacula/src/version.h b/bacula/src/version.h index 5bf9a0aa53..1892d014ff 100644 --- a/bacula/src/version.h +++ b/bacula/src/version.h @@ -1,8 +1,8 @@ /* */ #define VERSION "1.30a" #define VSTRING "1" -#define BDATE "30 April 2003" -#define LSMDATE "30Apr03" +#define BDATE "01 May 2003" +#define LSMDATE "01May03" /* Debug flags */ #define DEBUG 1 -- 2.39.5