2 Bacula(R) - The Network Backup Solution
4 Copyright (C) 2000-2017 Kern Sibbald
6 The original author of Bacula is Kern Sibbald, with contributions
7 from many others, a complete list can be found in the file AUTHORS.
9 You may use this file and others of this release according to the
10 license defined in the LICENSE file, which includes the Affero General
11 Public License, v3.0 ("AGPLv3") and some additional permissions and
12 terms pursuant to its AGPLv3 Section 7.
14 This notice must be preserved when any source code is
15 conveyed and/or propagated.
17 Bacula(R) is a registered trademark of Kern Sibbald.
20 * Bacula File Daemon restore.c Restorefiles.
22 * Kern Sibbald, November MM
32 const bool have_darwin_os = true;
34 const bool have_darwin_os = false;
37 #if defined(HAVE_CRYPTO)
38 const bool have_crypto = true;
40 const bool have_crypto = false;
44 const bool have_acl = true;
46 const bool have_acl = false;
50 const bool have_sha2 = true;
52 const bool have_sha2 = false;
55 #if defined(HAVE_XATTR)
56 const bool have_xattr = true;
58 const bool have_xattr = false;
61 /* Data received from Storage Daemon */
62 static char rec_header[] = "rechdr %ld %ld %ld %ld %ld";
64 /* Forward referenced functions */
65 #if defined(HAVE_LIBZ)
66 static const char *zlib_strerror(int stat);
67 const bool have_libz = true;
69 const bool have_libz = false;
72 const bool have_lzo = true;
74 const bool have_lzo = false;
77 static void deallocate_cipher(r_ctx &rctx);
78 static void deallocate_fork_cipher(r_ctx &rctx);
79 static bool verify_signature(r_ctx &rctx);
80 static void free_signature(r_ctx &rctx);
81 static void free_session(r_ctx &rctx);
82 static bool close_previous_stream(r_ctx &rctx);
83 static int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen);
84 static bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
85 RESTORE_CIPHER_CTX *cipher_ctx);
88 * Close a bfd check that we are at the expected file offset.
89 * Makes use of some code from set_attributes().
91 static int bclose_chksize(r_ctx &rctx, BFILE *bfd, boffset_t osize)
93 char ec1[50], ec2[50];
97 fsize = blseek(bfd, 0, SEEK_CUR);
98 bclose(bfd); /* first close file */
99 if (fsize > 0 && fsize != osize) {
100 Qmsg3(jcr, M_WARNING, 0, _("Size of data or stream of %s not correct. Original %s, restored %s.\n"),
101 jcr->last_fname, edit_uint64(osize, ec1),
102 edit_uint64(fsize, ec2));
108 #ifdef HAVE_DARWIN_OS
109 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
111 struct attrlist attrList;
113 memset(&attrList, 0, sizeof(attrList));
114 attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
115 attrList.commonattr = ATTR_CMN_FNDRINFO;
117 Dmsg0(130, "Restoring Finder Info\n");
118 jcr->ff->flags |= FO_HFSPLUS;
120 Jmsg(jcr, M_WARNING, 0, _("Invalid length of Finder Info (got %d, wanted 32)\n"), buflen);
124 if (setattrlist(jcr->last_fname, &attrList, buf, buflen, 0) != 0) {
125 Jmsg(jcr, M_WARNING, 0, _("Error setting Finder Info on \"%s\"\n"), jcr->last_fname);
133 static bool restore_finderinfo(JCR *jcr, POOLMEM *buf, int32_t buflen)
141 * Cleanup of delayed restore stack with streams for later processing.
143 static void drop_delayed_restore_streams(r_ctx &rctx, bool reuse)
145 RESTORE_DATA_STREAM *rds;
147 if (!rctx.delayed_streams) {
149 rctx.delayed_streams = New(alist(10, owned_by_alist));
153 if (rctx.delayed_streams->empty()) {
157 foreach_alist(rds, rctx.delayed_streams) {
163 rctx.delayed_streams->destroy();
165 rctx.delayed_streams->init(10, owned_by_alist);
171 * Push a data stream onto the delayed restore stack for
174 static inline void push_delayed_restore_stream(r_ctx &rctx, char *msg, int msglen)
176 RESTORE_DATA_STREAM *rds;
181 if (!rctx.delayed_streams) {
182 rctx.delayed_streams = New(alist(10, owned_by_alist));
185 rds = (RESTORE_DATA_STREAM *)malloc(sizeof(RESTORE_DATA_STREAM));
186 rds->stream = rctx.stream;
187 rds->content = (char *)malloc(msglen);
188 memcpy(rds->content, msg, msglen);
189 rds->content_length = msglen;
190 rctx.delayed_streams->append(rds);
194 * Perform a restore of an ACL using the stream received.
195 * This can either be a delayed restore or direct restore.
197 static inline bool do_restore_acl(JCR *jcr, int stream, char *content,
198 uint32_t content_length)
204 switch (jcr->bacl->restore_acl(jcr, stream, content, content_length)) {
209 * Non-fatal errors, count them and when the number is under ACL_MAX_ERROR_PRINT_PER_JOB
210 * print the error message set by the lower level routine in jcr->errmsg.
212 if (jcr->bacl->get_acl_nr_errors() < ACL_MAX_ERROR_PRINT_PER_JOB) {
213 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
224 * Perform a restore of an XATTR using the stream received.
225 * This can either be a delayed restore or direct restore.
227 static inline bool do_restore_xattr(JCR *jcr, int stream, char *content,
228 uint32_t content_length)
235 switch (jcr->bxattr->restore_xattr(jcr, stream, content, content_length)) {
236 case bRC_BXATTR_fatal:
238 case bRC_BXATTR_error:
240 * Non-fatal errors, count them and when the number is under XATTR_MAX_ERROR_PRINT_PER_JOB
241 * print the error message set by the lower level routine in jcr->errmsg.
243 if (jcr->bxattr->get_xattr_nr_errors() < XATTR_MAX_ERROR_PRINT_PER_JOB) {
244 Jmsg(jcr, M_WARNING, 0, "%s", jcr->errmsg);
255 * Restore any data streams that are restored after the file
256 * is fully restored and has its attributes restored. Things
257 * like acls and xattr are restored after we set the file
258 * attributes otherwise we might clear some security flags
259 * by setting the attributes.
261 static inline bool pop_delayed_data_streams(r_ctx &rctx)
263 RESTORE_DATA_STREAM *rds;
267 * See if there is anything todo.
269 if (!rctx.delayed_streams ||
270 rctx.delayed_streams->empty()) {
275 * Only process known delayed data streams here.
276 * If you start using more delayed data streams
277 * be sure to add them in this loop and add the
280 * Currently we support delayed data stream
281 * processing for the following type of streams:
285 foreach_alist(rds, rctx.delayed_streams) {
286 Dmsg1(0, "Delayed Stream=%d\n", rds->stream);
287 switch (rds->stream) {
288 case STREAM_UNIX_ACCESS_ACL:
289 case STREAM_UNIX_DEFAULT_ACL:
290 case STREAM_XACL_AIX_TEXT:
291 case STREAM_XACL_DARWIN_ACCESS:
292 case STREAM_XACL_FREEBSD_DEFAULT:
293 case STREAM_XACL_FREEBSD_ACCESS:
294 case STREAM_XACL_HPUX_ACL_ENTRY:
295 case STREAM_XACL_IRIX_DEFAULT:
296 case STREAM_XACL_IRIX_ACCESS:
297 case STREAM_XACL_LINUX_DEFAULT:
298 case STREAM_XACL_LINUX_ACCESS:
299 case STREAM_XACL_TRU64_DEFAULT:
300 case STREAM_XACL_TRU64_DEFAULT_DIR:
301 case STREAM_XACL_TRU64_ACCESS:
302 case STREAM_XACL_SOLARIS_POSIX:
303 case STREAM_XACL_SOLARIS_NFS4:
304 case STREAM_XACL_AFS_TEXT:
305 case STREAM_XACL_AIX_AIXC:
306 case STREAM_XACL_AIX_NFS4:
307 case STREAM_XACL_FREEBSD_NFS4:
308 case STREAM_XACL_HURD_DEFAULT:
309 case STREAM_XACL_HURD_ACCESS:
310 case STREAM_XACL_PLUGIN_ACL:
311 if (!do_restore_acl(jcr, rds->stream, rds->content, rds->content_length)) {
315 case STREAM_XACL_PLUGIN_XATTR:
316 case STREAM_XACL_HURD_XATTR:
317 case STREAM_XACL_IRIX_XATTR:
318 case STREAM_XACL_TRU64_XATTR:
319 case STREAM_XACL_AIX_XATTR:
320 case STREAM_XACL_OPENBSD_XATTR:
321 case STREAM_XACL_SOLARIS_SYS_XATTR:
322 case STREAM_XACL_DARWIN_XATTR:
323 case STREAM_XACL_FREEBSD_XATTR:
324 case STREAM_XACL_LINUX_XATTR:
325 case STREAM_XACL_NETBSD_XATTR:
326 if (!do_restore_xattr(jcr, rds->stream, rds->content, rds->content_length)) {
331 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
333 Dmsg2(0, "Unknown stream=%d data=%s\n", rds->stream, rds->content);
342 drop_delayed_restore_streams(rctx, true);
346 drop_delayed_restore_streams(rctx, true);
352 * Restore the requested files.
354 void do_restore(JCR *jcr)
357 uint32_t VolSessionId, VolSessionTime;
359 char ec1[50]; /* Buffer printing huge values */
360 uint32_t buf_size; /* client buffer size */
362 int64_t rsrc_len = 0; /* Original length of resource fork */
366 /* ***FIXME*** make configurable */
367 crypto_digest_t signing_algorithm = have_sha2 ?
368 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
369 memset(&rctx, 0, sizeof(rctx));
372 /* The following variables keep track of "known unknowns" */
373 int non_suppored_data = 0;
374 int non_suppored_attr = 0;
375 int non_suppored_rsrc = 0;
376 int non_suppored_finfo = 0;
377 int non_suppored_acl = 0;
378 int non_suppored_progname = 0;
379 int non_suppored_crypto = 0;
380 int non_suppored_xattr = 0;
382 sd = jcr->store_bsock;
383 jcr->setJobStatus(JS_Running);
386 CLIENT *client = (CLIENT *)GetNextRes(R_CLIENT, NULL);
389 buf_size = client->max_network_buffer_size;
391 buf_size = 0; /* use default */
393 if (!sd->set_buffer_size(buf_size, BNET_SETBUF_WRITE)) {
394 jcr->setJobStatus(JS_ErrorTerminated);
397 jcr->buf_size = sd->msglen;
399 /* use the same buffer size to decompress both gzip and lzo */
400 if (have_libz || have_lzo) {
401 uint32_t compress_buf_size = jcr->buf_size + 12 + ((jcr->buf_size+999) / 1000) + 100;
402 jcr->compress_buf = get_memory(compress_buf_size);
403 jcr->compress_buf_size = compress_buf_size;
407 fdmsg = New(GetMsg(jcr, sd, rec_header, GETMSG_MAX_MSG_SIZE));
409 fdmsg->start_read_sock();
410 bmessage *bmsg = fdmsg->new_msg(); /* get a message, to exchange with fdmsg */
413 if (lzo_init() != LZO_E_OK) {
414 Jmsg(jcr, M_FATAL, 0, _("LZO init failed\n"));
420 rctx.cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
421 if (have_darwin_os) {
422 rctx.fork_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
427 * Get a record from the Storage daemon. We are guaranteed to
428 * receive records in the following order:
429 * 1. Stream record header
430 * 2. Stream data (one or more of the following in the order given)
431 * a. Attributes (Unix or Windows)
432 * b. Possibly stream encryption session data (e.g., symmetric session key)
433 * c. File data for the file
434 * d. Alternate data stream (e.g. Resource Fork)
438 * h. Possibly a cryptographic signature
439 * i. Possibly MD5 or SHA1 record
442 * NOTE: We keep track of two bacula file descriptors:
443 * 1. bfd for file data.
444 * This fd is opened for non empty files when an attribute stream is
445 * encountered and closed when we find the next attribute stream.
446 * 2. fork_bfd for alternate data streams
447 * This fd is opened every time we encounter a new alternate data
448 * stream for the current file. When we find any other stream, we
450 * The expected size of the stream, fork_len, should be set when
452 * 3. Not all the stream data records are required -- e.g. if there
453 * is no fork, there is no alternate data stream, no ACL, ...
456 binit(&rctx.forkbfd);
457 attr = rctx.attr = new_attr(jcr);
459 jcr->bacl = (BACL*)new_bacl();
462 jcr->bxattr = (BXATTR*)new_bxattr();
466 while ((bget_ret = fdmsg->bget_msg(&bmsg)) >= 0 && !job_canceled(jcr)) {
467 time_t now = time(NULL);
468 if (jcr->last_stat_time == 0) {
469 jcr->last_stat_time = now;
470 jcr->stat_interval = 30; /* Default 30 seconds */
471 } else if (now >= jcr->last_stat_time + jcr->stat_interval) {
472 jcr->dir_bsock->fsend("Progress JobId=%ld files=%ld bytes=%lld bps=%ld\n",
473 jcr->JobId, jcr->JobFiles, jcr->JobBytes, jcr->LastRate);
474 jcr->last_stat_time = now;
477 /* Remember previous stream type */
478 rctx.prev_stream = rctx.stream;
480 /* First we expect a Stream Record Header */
482 if (sscanf(bmsg->rbuf, rec_header, &VolSessionId, &VolSessionTime, &file_index,
483 &rctx.full_stream, &rctx.size) != 5) {
484 Jmsg1(jcr, M_FATAL, 0, _("Record header scan error: %s\n"), bmsg->rbuf);
487 /* Strip off new stream high bits */
488 rctx.stream = rctx.full_stream & STREAMMASK_TYPE;
490 /* Now we expect the Stream Data */
491 if ((bget_ret = fdmsg->bget_msg(&bmsg)) < 0) {
492 if (bget_ret != BNET_EXT_TERMINATE) {
493 Jmsg1(jcr, M_FATAL, 0, _("Data record error. ERR=%s\n"), sd->bstrerror());
495 /* The error has been handled somewhere else, just quit */
499 if (rctx.size != (uint32_t)bmsg->origlen) {
500 Jmsg2(jcr, M_FATAL, 0, _("Actual data size %d not same as header %d\n"),
501 bmsg->origlen, rctx.size);
502 Dmsg2(50, "Actual data size %d not same as header %d\n",
503 bmsg->origlen, rctx.size);
507 /* If we change streams, close and reset alternate data streams */
508 if (rctx.prev_stream != rctx.stream) {
509 if (is_bopen(&rctx.forkbfd)) {
510 deallocate_fork_cipher(rctx);
511 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
513 /* Use an impossible value and set a proper one below */
518 /* File Attributes stream */
519 switch (rctx.stream) {
520 case STREAM_UNIX_ATTRIBUTES:
521 case STREAM_UNIX_ATTRIBUTES_EX:
522 /* if any previous stream open, close it */
523 if (!close_previous_stream(rctx)) {
528 * TODO: manage deleted files
530 if (rctx.type == FT_DELETED) { /* deleted file */
534 * Restore objects should be ignored here -- they are
535 * returned at the beginning of the restore.
537 if (IS_FT_OBJECT(rctx.type)) {
542 * Unpack attributes and do sanity check them
544 if (!unpack_attributes_record(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen, attr)) {
548 attr->data_stream = decode_stat(attr->attr, &attr->statp, sizeof(attr->statp), &attr->LinkFI);
550 Dmsg5(100, "Stream %d: %s, File %s\nattrib=%s\nattribsEx=%s\n",
551 attr->data_stream, stream_to_ascii(attr->data_stream),
552 attr->fname, attr->attr, attr->attrEx);
553 Dmsg3(100, "=== msglen=%d attrExlen=%d msg=%s\n", bmsg->rbuflen,
554 strlen(attr->attrEx), bmsg->rbuf);
556 if (!is_restore_stream_supported(attr->data_stream)) {
557 Dmsg2(15, "Non-supported data stream %d: %s\n",
558 attr->data_stream, stream_to_ascii(attr->data_stream));
559 if (!non_suppored_data++) {
560 Jmsg(jcr, M_WARNING, 0, _("%s stream not supported on this Client.\n"),
561 stream_to_ascii(attr->data_stream));
566 build_attr_output_fnames(jcr, attr);
569 * Try to actually create the file, which returns a status telling
570 * us if we need to extract or not.
572 jcr->num_files_examined++;
573 rctx.extract = false;
574 stat = CF_CORE; /* By default, let Bacula's core handle it */
577 stat = plugin_create_file(jcr, attr, &rctx.bfd, jcr->replace);
580 if (stat == CF_CORE) {
581 stat = create_file(jcr, attr, &rctx.bfd, jcr->replace);
584 pm_strcpy(jcr->last_fname, attr->ofname);
585 jcr->last_type = attr->type;
587 Dmsg2(130, "Outfile=%s create_file stat=%d\n", attr->ofname, stat);
593 case CF_EXTRACT: /* File created and we expect file data */
595 /* FALLTHROUGH WANTED */
596 case CF_CREATED: /* File created, but there is no content */
597 /* File created, but there is no content */
599 print_ls_output(jcr, attr);
601 if (have_darwin_os) {
602 /* Only restore the resource fork for regular files */
603 from_base64(&rsrc_len, attr->attrEx);
604 if (attr->type == FT_REG && rsrc_len > 0) {
609 * Do not count the resource forks as regular files being restored.
619 /* set attributes now because file will not be extracted */
621 plugin_set_attributes(jcr, attr, &rctx.bfd);
623 set_attributes(jcr, attr, &rctx.bfd);
632 case STREAM_ENCRYPTED_SESSION_DATA:
633 crypto_error_t cryptoerr;
635 /* The current file will not be extracted, do not create a crypto session */
640 /* Is this an unexpected session data entry? */
642 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic session data stream.\n"));
643 rctx.extract = false;
648 /* Do we have any keys at all? */
649 if (!jcr->crypto.pki_recipients) {
650 Jmsg(jcr, M_ERROR, 0, _("No private decryption keys have been defined to decrypt encrypted backup data.\n"));
651 rctx.extract = false;
656 if (jcr->crypto.digest) {
657 crypto_digest_free(jcr->crypto.digest);
659 jcr->crypto.digest = crypto_digest_new(jcr, signing_algorithm);
660 if (!jcr->crypto.digest) {
661 Jmsg0(jcr, M_FATAL, 0, _("Could not create digest.\n"));
662 rctx.extract = false;
667 /* Decode and save session keys. */
668 cryptoerr = crypto_session_decode((uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen,
669 jcr->crypto.pki_recipients, &rctx.cs);
671 case CRYPTO_ERROR_NONE:
674 case CRYPTO_ERROR_NORECIPIENT:
675 Jmsg(jcr, M_ERROR, 0, _("Missing private key required to decrypt encrypted backup data.\n"));
677 case CRYPTO_ERROR_DECRYPTION:
678 Jmsg(jcr, M_ERROR, 0, _("Decrypt of the session key failed.\n"));
680 case CRYPTO_ERROR_NOSIGNER:
681 Jmsg(jcr, M_ERROR, 0, _("Signer not found. Decryption failed.\n"));
683 case CRYPTO_ERROR_INVALID_DIGEST:
684 Jmsg(jcr, M_ERROR, 0, _("Unsupported digest algorithm. Decrypt failed.\n"));
686 case CRYPTO_ERROR_INVALID_CRYPTO:
687 Jmsg(jcr, M_ERROR, 0, _("Unsupported encryption algorithm. Decrypt failed.\n"));
690 /* This shouldn't happen */
691 Jmsg2(jcr, M_ERROR, 0, _("An error=%d occurred while decoding encrypted session data stream: ERR=%s\n"),
692 cryptoerr, crypto_strerror(cryptoerr));
696 if (cryptoerr != CRYPTO_ERROR_NONE) {
697 rctx.extract = false;
704 case STREAM_FILE_DATA:
705 case STREAM_SPARSE_DATA:
706 case STREAM_WIN32_DATA:
707 case STREAM_GZIP_DATA:
708 case STREAM_SPARSE_GZIP_DATA:
709 case STREAM_WIN32_GZIP_DATA:
710 case STREAM_COMPRESSED_DATA:
711 case STREAM_SPARSE_COMPRESSED_DATA:
712 case STREAM_WIN32_COMPRESSED_DATA:
713 case STREAM_ENCRYPTED_FILE_DATA:
714 case STREAM_ENCRYPTED_WIN32_DATA:
715 case STREAM_ENCRYPTED_FILE_GZIP_DATA:
716 case STREAM_ENCRYPTED_WIN32_GZIP_DATA:
717 case STREAM_ENCRYPTED_FILE_COMPRESSED_DATA:
718 case STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA:
719 /* Force an expected, consistent stream type here */
720 if (rctx.extract && (rctx.prev_stream == rctx.stream
721 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES
722 || rctx.prev_stream == STREAM_UNIX_ATTRIBUTES_EX
723 || rctx.prev_stream == STREAM_ENCRYPTED_SESSION_DATA)) {
726 if (rctx.stream == STREAM_SPARSE_DATA
727 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
728 || rctx.stream == STREAM_SPARSE_GZIP_DATA)
730 rctx.flags |= FO_SPARSE;
733 if (rctx.stream == STREAM_GZIP_DATA
734 || rctx.stream == STREAM_SPARSE_GZIP_DATA
735 || rctx.stream == STREAM_WIN32_GZIP_DATA
736 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
737 || rctx.stream == STREAM_COMPRESSED_DATA
738 || rctx.stream == STREAM_SPARSE_COMPRESSED_DATA
739 || rctx.stream == STREAM_WIN32_COMPRESSED_DATA
740 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
741 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
742 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
743 rctx.flags |= FO_COMPRESS;
744 rctx.comp_stream = rctx.stream;
747 if (rctx.stream == STREAM_ENCRYPTED_FILE_DATA
748 || rctx.stream == STREAM_ENCRYPTED_FILE_GZIP_DATA
749 || rctx.stream == STREAM_ENCRYPTED_WIN32_DATA
750 || rctx.stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA
751 || rctx.stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA
752 || rctx.stream == STREAM_ENCRYPTED_WIN32_GZIP_DATA) {
753 /* Set up a decryption context */
754 if (!rctx.cipher_ctx.cipher) {
756 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
757 rctx.extract = false;
762 if ((rctx.cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false,
763 &rctx.cipher_ctx.block_size)) == NULL) {
764 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
766 rctx.extract = false;
771 rctx.flags |= FO_ENCRYPT;
774 if (is_win32_stream(rctx.stream) &&
775 (win32decomp || !have_win32_api())) {
776 set_portable_backup(&rctx.bfd);
777 rctx.flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
780 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
781 rctx.extract = false;
789 * Resource fork stream - only recorded after a file to be restored
790 * Silently ignore if we cannot write - we already reported that
792 case STREAM_ENCRYPTED_MACOS_FORK_DATA:
793 case STREAM_MACOS_FORK_DATA:
794 if (have_darwin_os) {
796 jcr->ff->flags |= FO_HFSPLUS;
798 if (rctx.stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
799 rctx.fork_flags |= FO_ENCRYPT;
801 /* Set up a decryption context */
802 if (rctx.extract && !rctx.fork_cipher_ctx.cipher) {
804 Jmsg1(jcr, M_ERROR, 0, _("Missing encryption session data stream for %s\n"), jcr->last_fname);
805 rctx.extract = false;
810 if ((rctx.fork_cipher_ctx.cipher = crypto_cipher_new(rctx.cs, false, &rctx.fork_cipher_ctx.block_size)) == NULL) {
811 Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
813 rctx.extract = false;
821 if (rctx.prev_stream != rctx.stream) {
822 if (bopen_rsrc(&rctx.forkbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
823 Jmsg(jcr, M_WARNING, 0, _("Cannot open resource fork for %s.\n"), jcr->last_fname);
824 rctx.extract = false;
828 rctx.fork_size = rsrc_len;
829 Dmsg0(130, "Restoring resource fork\n");
832 if (extract_data(rctx, bmsg->rbuf, bmsg->rbuflen) < 0) {
833 rctx.extract = false;
834 bclose(&rctx.forkbfd);
843 case STREAM_HFSPLUS_ATTRIBUTES:
844 if (have_darwin_os) {
845 if (!restore_finderinfo(jcr, bmsg->rbuf, bmsg->rbuflen)) {
849 non_suppored_finfo++;
853 case STREAM_UNIX_ACCESS_ACL:
854 case STREAM_UNIX_DEFAULT_ACL:
855 case STREAM_XACL_AIX_TEXT:
856 case STREAM_XACL_DARWIN_ACCESS:
857 case STREAM_XACL_FREEBSD_DEFAULT:
858 case STREAM_XACL_FREEBSD_ACCESS:
859 case STREAM_XACL_HPUX_ACL_ENTRY:
860 case STREAM_XACL_IRIX_DEFAULT:
861 case STREAM_XACL_IRIX_ACCESS:
862 case STREAM_XACL_LINUX_DEFAULT:
863 case STREAM_XACL_LINUX_ACCESS:
864 case STREAM_XACL_TRU64_DEFAULT:
865 case STREAM_XACL_TRU64_DEFAULT_DIR:
866 case STREAM_XACL_TRU64_ACCESS:
867 case STREAM_XACL_SOLARIS_POSIX:
868 case STREAM_XACL_SOLARIS_NFS4:
869 case STREAM_XACL_AFS_TEXT:
870 case STREAM_XACL_AIX_AIXC:
871 case STREAM_XACL_AIX_NFS4:
872 case STREAM_XACL_FREEBSD_NFS4:
873 case STREAM_XACL_HURD_DEFAULT:
874 case STREAM_XACL_HURD_ACCESS:
875 case STREAM_XACL_PLUGIN_ACL:
877 * Do not restore ACLs when
878 * a) The current file is not extracted
879 * b) and it is not a directory (they are never "extracted")
880 * c) or the file name is empty
882 if ((!rctx.extract &&
883 jcr->last_type != FT_DIREND) ||
884 (*jcr->last_fname == 0)) {
889 * For anything that is not a directory we delay
890 * the restore of acls till a later stage.
892 if (jcr->last_type != FT_DIREND) {
893 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
895 if (!do_restore_acl(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
904 case STREAM_XACL_PLUGIN_XATTR:
905 case STREAM_XACL_HURD_XATTR:
906 case STREAM_XACL_IRIX_XATTR:
907 case STREAM_XACL_TRU64_XATTR:
908 case STREAM_XACL_AIX_XATTR:
909 case STREAM_XACL_OPENBSD_XATTR:
910 case STREAM_XACL_SOLARIS_SYS_XATTR:
911 case STREAM_XACL_DARWIN_XATTR:
912 case STREAM_XACL_FREEBSD_XATTR:
913 case STREAM_XACL_LINUX_XATTR:
914 case STREAM_XACL_NETBSD_XATTR:
916 * Do not restore Extended Attributes when
917 * a) The current file is not extracted
918 * b) and it is not a directory (they are never "extracted")
919 * c) or the file name is empty
921 if ((!rctx.extract &&
922 jcr->last_type != FT_DIREND) ||
923 (*jcr->last_fname == 0)) {
928 * For anything that is not a directory we delay
929 * the restore of xattr till a later stage.
931 if (jcr->last_type != FT_DIREND) {
932 push_delayed_restore_stream(rctx, bmsg->rbuf, bmsg->rbuflen);
934 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
939 non_suppored_xattr++;
943 case STREAM_XACL_SOLARIS_XATTR:
945 * Do not restore Extended Attributes when
946 * a) The current file is not extracted
947 * b) and it is not a directory (they are never "extracted")
948 * c) or the file name is empty
950 if ((!rctx.extract &&
951 jcr->last_type != FT_DIREND) ||
952 (*jcr->last_fname == 0)) {
956 if (!do_restore_xattr(jcr, rctx.stream, bmsg->rbuf, bmsg->rbuflen)) {
960 non_suppored_xattr++;
964 case STREAM_SIGNED_DIGEST:
965 /* Is this an unexpected signature? */
967 Jmsg0(jcr, M_ERROR, 0, _("Unexpected cryptographic signature data stream.\n"));
968 free_signature(rctx);
971 /* Save signature. */
972 if (rctx.extract && (rctx.sig = crypto_sign_decode(jcr, (uint8_t *)bmsg->rbuf, (uint32_t)bmsg->rbuflen)) == NULL) {
973 Jmsg1(jcr, M_ERROR, 0, _("Failed to decode message signature for %s\n"), jcr->last_fname);
977 case STREAM_MD5_DIGEST:
978 case STREAM_SHA1_DIGEST:
979 case STREAM_SHA256_DIGEST:
980 case STREAM_SHA512_DIGEST:
983 case STREAM_PROGRAM_NAMES:
984 case STREAM_PROGRAM_DATA:
985 if (!non_suppored_progname) {
986 Pmsg0(000, "Got Program Name or Data Stream. Ignored.\n");
987 non_suppored_progname++;
991 case STREAM_PLUGIN_NAME:
992 if (!close_previous_stream(rctx)) {
995 Dmsg1(150, "restore stream_plugin_name=%s\n", bmsg->rbuf);
996 plugin_name_stream(jcr, bmsg->rbuf);
999 case STREAM_RESTORE_OBJECT:
1000 break; /* these are sent by Director */
1003 if (!close_previous_stream(rctx)) {
1006 Jmsg(jcr, M_WARNING, 0, _("Unknown stream=%d ignored. This shouldn't happen!\n"),
1008 Dmsg2(0, "Unknown stream=%d data=%s\n", rctx.stream, bmsg->rbuf);
1010 } /* end switch(stream) */
1012 /* Debug code: check if we must hangup or blowup */
1013 if (handle_hangup_blowup(jcr, jcr->JobFiles, jcr->JobBytes)) {
1018 } /* end while bufmsg->bget_msg(&bmsg)) */
1020 if (bget_ret == BNET_EXT_TERMINATE) {
1024 * If output file is still open, it was the last one in the
1025 * archive since we just hit an end of file, so close the file.
1027 if (is_bopen(&rctx.forkbfd)) {
1028 bclose_chksize(rctx, &rctx.forkbfd, rctx.fork_size);
1031 if (!close_previous_stream(rctx)) {
1034 jcr->setJobStatus(JS_Terminated);
1038 jcr->setJobStatus(JS_ErrorTerminated);
1042 fdmsg->wait_read_sock(jcr->is_job_canceled());
1047 * First output the statistics.
1049 Dmsg2(10, "End Do Restore. Files=%d Bytes=%s\n", jcr->JobFiles,
1050 edit_uint64(jcr->JobBytes, ec1));
1053 if (jcr->bacl && jcr->bacl->get_acl_nr_errors() > 0) {
1054 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld acl errors while doing restore\n"), jcr->bacl->get_acl_nr_errors());
1058 if (jcr->bxattr && jcr->bxattr->get_xattr_nr_errors() > 0) {
1059 Jmsg(jcr, M_WARNING, 0, _("Encountered %ld xattr errors while doing restore\n"), jcr->bxattr->get_xattr_nr_errors());
1063 if (non_suppored_data > 1 || non_suppored_attr > 1) {
1064 Jmsg(jcr, M_WARNING, 0, _("%d non-supported data streams and %d non-supported attrib streams ignored.\n"),
1065 non_suppored_data, non_suppored_attr);
1067 if (non_suppored_rsrc) {
1068 Jmsg(jcr, M_INFO, 0, _("%d non-supported resource fork streams ignored.\n"), non_suppored_rsrc);
1070 if (non_suppored_finfo) {
1071 Jmsg(jcr, M_INFO, 0, _("%d non-supported Finder Info streams ignored.\n"), non_suppored_finfo);
1073 if (non_suppored_acl) {
1074 Jmsg(jcr, M_INFO, 0, _("%d non-supported acl streams ignored.\n"), non_suppored_acl);
1076 if (non_suppored_crypto) {
1077 Jmsg(jcr, M_INFO, 0, _("%d non-supported crypto streams ignored.\n"), non_suppored_acl);
1079 if (non_suppored_xattr) {
1080 Jmsg(jcr, M_INFO, 0, _("%d non-supported xattr streams ignored.\n"), non_suppored_xattr);
1083 /* Free Signature & Crypto Data */
1084 free_signature(rctx);
1086 if (jcr->crypto.digest) {
1087 crypto_digest_free(jcr->crypto.digest);
1088 jcr->crypto.digest = NULL;
1091 /* Free file cipher restore context */
1092 if (rctx.cipher_ctx.cipher) {
1093 crypto_cipher_free(rctx.cipher_ctx.cipher);
1094 rctx.cipher_ctx.cipher = NULL;
1097 if (rctx.cipher_ctx.buf) {
1098 free_pool_memory(rctx.cipher_ctx.buf);
1099 rctx.cipher_ctx.buf = NULL;
1102 /* Free alternate stream cipher restore context */
1103 if (rctx.fork_cipher_ctx.cipher) {
1104 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1105 rctx.fork_cipher_ctx.cipher = NULL;
1107 if (rctx.fork_cipher_ctx.buf) {
1108 free_pool_memory(rctx.fork_cipher_ctx.buf);
1109 rctx.fork_cipher_ctx.buf = NULL;
1112 if (jcr->compress_buf) {
1113 free_pool_memory(jcr->compress_buf);
1114 jcr->compress_buf = NULL;
1115 jcr->compress_buf_size = 0;
1126 delete(jcr->bxattr);
1131 /* Free the delayed stream stack list. */
1132 if (rctx.delayed_streams) {
1133 drop_delayed_restore_streams(rctx, false);
1134 delete rctx.delayed_streams;
1139 rctx.efs->destroy();
1144 bclose(&rctx.forkbfd);
1146 free_attr(rctx.attr);
1151 * Convert ZLIB error code into an ASCII message
1153 static const char *zlib_strerror(int stat)
1160 return _("Zlib errno");
1161 case Z_STREAM_ERROR:
1162 return _("Zlib stream error");
1164 return _("Zlib data error");
1166 return _("Zlib memory error");
1168 return _("Zlib buffer error");
1169 case Z_VERSION_ERROR:
1170 return _("Zlib version error");
1177 static int do_file_digest(JCR *jcr, FF_PKT *ff_pkt, bool top_level)
1179 Dmsg1(50, "do_file_digest jcr=%p\n", jcr);
1180 return (digest_file(jcr, ff_pkt, jcr->crypto.digest));
1183 bool sparse_data(JCR *jcr, BFILE *bfd, uint64_t *addr, char **data, uint32_t *length, int flags)
1188 unser_begin(*data, OFFSET_FADDR_SIZE);
1189 unser_uint64(faddr);
1190 /* We seek only if we have a SPARSE stream, not for OFFSET */
1191 if ((flags & FO_SPARSE) && *addr != faddr) {
1193 if (blseek(bfd, (boffset_t)*addr, SEEK_SET) < 0) {
1195 Jmsg3(jcr, M_ERROR, 0, _("Seek to %s error on %s: ERR=%s\n"),
1196 edit_uint64(*addr, ec1), jcr->last_fname,
1197 be.bstrerror(bfd->berrno));
1201 *data += OFFSET_FADDR_SIZE;
1202 *length -= OFFSET_FADDR_SIZE;
1206 bool decompress_data(JCR *jcr, int32_t stream, char **data, uint32_t *length)
1208 #if defined(HAVE_LZO) || defined(HAVE_LIBZ)
1209 char ec1[50]; /* Buffer printing huge values */
1212 Dmsg1(200, "Stream found in decompress_data(): %d\n", stream);
1213 if(stream == STREAM_COMPRESSED_DATA || stream == STREAM_SPARSE_COMPRESSED_DATA || stream == STREAM_WIN32_COMPRESSED_DATA
1214 || stream == STREAM_ENCRYPTED_FILE_COMPRESSED_DATA || stream == STREAM_ENCRYPTED_WIN32_COMPRESSED_DATA)
1216 uint32_t comp_magic, comp_len;
1217 uint16_t comp_level, comp_version;
1219 lzo_uint compress_len;
1220 const unsigned char *cbuf;
1221 int r, real_compress_len;
1224 /* read compress header */
1226 unser_begin(*data, sizeof(comp_stream_header));
1227 unser_uint32(comp_magic);
1228 unser_uint32(comp_len);
1229 unser_uint16(comp_level);
1230 unser_uint16(comp_version);
1231 Dmsg4(200, "Compressed data stream found: magic=0x%x, len=%d, level=%d, ver=0x%x\n", comp_magic, comp_len,
1232 comp_level, comp_version);
1235 if (comp_version != COMP_HEAD_VERSION) {
1236 Qmsg(jcr, M_ERROR, 0, _("Compressed header version error. Got=0x%x want=0x%x\n"), comp_version, COMP_HEAD_VERSION);
1240 if (comp_len + sizeof(comp_stream_header) != *length) {
1241 Qmsg(jcr, M_ERROR, 0, _("Compressed header size error. comp_len=%d, msglen=%d\n"),
1245 switch(comp_magic) {
1247 case COMPRESS_LZO1X:
1248 compress_len = jcr->compress_buf_size;
1249 cbuf = (const unsigned char*)*data + sizeof(comp_stream_header);
1250 real_compress_len = *length - sizeof(comp_stream_header);
1251 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1252 while ((r=lzo1x_decompress_safe(cbuf, real_compress_len,
1253 (unsigned char *)jcr->compress_buf, &compress_len, NULL)) == LZO_E_OUTPUT_OVERRUN)
1256 * The buffer size is too small, try with a bigger one
1258 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1259 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1260 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1263 if (r != LZO_E_OK) {
1264 Qmsg(jcr, M_ERROR, 0, _("LZO uncompression error on file %s. ERR=%d\n"),
1265 jcr->last_fname, r);
1268 *data = jcr->compress_buf;
1269 *length = compress_len;
1270 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1274 Qmsg(jcr, M_ERROR, 0, _("Compression algorithm 0x%x found, but not supported!\n"), comp_magic);
1283 * NOTE! We only use uLong and Byte because they are
1284 * needed by the zlib routines, they should not otherwise
1285 * be used in Bacula.
1287 compress_len = jcr->compress_buf_size;
1288 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1289 while ((stat=uncompress((Byte *)jcr->compress_buf, &compress_len,
1290 (const Byte *)*data, (uLong)*length)) == Z_BUF_ERROR)
1292 /* The buffer size is too small, try with a bigger one. */
1293 compress_len = jcr->compress_buf_size = jcr->compress_buf_size + (jcr->compress_buf_size >> 1);
1294 Dmsg2(200, "Comp_len=%d msglen=%d\n", compress_len, *length);
1295 jcr->compress_buf = check_pool_memory_size(jcr->compress_buf,
1299 Qmsg(jcr, M_ERROR, 0, _("Uncompression error on file %s. ERR=%s\n"),
1300 jcr->last_fname, zlib_strerror(stat));
1303 *data = jcr->compress_buf;
1304 *length = compress_len;
1305 Dmsg2(200, "Write uncompressed %d bytes, total before write=%s\n", compress_len, edit_uint64(jcr->JobBytes, ec1));
1308 Qmsg(jcr, M_ERROR, 0, _("GZIP data stream found, but GZIP not configured!\n"));
1314 static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
1317 if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
1318 unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
1319 unser_uint32(ctx->packet_len);
1320 ctx->packet_len += CRYPTO_LEN_SIZE;
1324 static bool store_data(r_ctx &rctx, char *data, const int32_t length, bool win32_decomp)
1326 JCR *jcr = rctx.jcr;
1327 BFILE *bfd = &rctx.bfd;
1330 if (jcr->crypto.digest) {
1331 crypto_digest_update(jcr->crypto.digest, (uint8_t *)data, length);
1334 if (!test_write_efs_data(rctx, data, length)) {
1336 Jmsg2(jcr, M_ERROR, 0, _("Write error on %s: ERR=%s\n"),
1337 jcr->last_fname, be.bstrerror(bfd->berrno));
1344 if (bfd->fattrs & FILE_ATTRIBUTE_ENCRYPTED) {
1345 if (!p_WriteEncryptedFileRaw) {
1346 Jmsg0(jcr, M_FATAL, 0, _("Windows Encrypted data not supported on this OS.\n"));
1349 if (!win_write_efs_data(rctx, data, length)) {
1351 Jmsg2(jcr, M_ERROR, 0, _("Encrypted file write error on %s: ERR=%s\n"),
1352 jcr->last_fname, be.bstrerror(bfd->berrno));
1359 if (!processWin32BackupAPIBlock(bfd, data, length)) {
1361 Jmsg2(jcr, M_ERROR, 0, _("Write error in Win32 Block Decomposition on %s: %s\n"),
1362 jcr->last_fname, be.bstrerror(bfd->berrno));
1365 } else if ((wstat=bwrite(bfd, data, length)) != (ssize_t)length) {
1368 int len = strlen(jcr->last_fname);
1370 * If this is the first write and the "file" is a directory
1371 * or a drive letter, then only issue a warning as we are
1372 * not able to reset the metadata, then continue.
1373 * If the above is true and we have an error code 91
1374 * (directory not empty), supress the error entirely.
1376 if (bfd->block == 0 && len >= 2 && (jcr->last_fname[len-1] == '/' ||
1377 jcr->last_fname[len-1] == ':')) {
1379 if (bfd->lerror == 91) { /* Directory not empty */
1380 type = 0; /* suppress error */
1385 /* Insufficient bytes written */
1386 Jmsg4(jcr, type, 0, _("Wrong write size error at byte=%lld block=%d wanted=%d wrote=%d\n"),
1387 bfd->total_bytes, bfd->block, length, wstat);
1390 Jmsg6(jcr, type, 0, _("Write error at byte=%lld block=%d write_len=%d lerror=%d on %s: ERR=%s\n"),
1391 bfd->total_bytes, bfd->block, length, bfd->lerror,
1392 jcr->last_fname, be.bstrerror(bfd->berrno));
1396 /* Ignore errors? */
1397 if (type == M_WARNING || type == 0 || no_win32_write_errors) {
1406 * In the context of jcr, write data to bfd.
1407 * We write buflen bytes in buf at addr. addr is updated in place.
1408 * The flags specify whether to use sparse files or compression.
1409 * Return value is the number of bytes written, or -1 on errors.
1411 int32_t extract_data(r_ctx &rctx, POOLMEM *buf, int32_t buflen)
1413 JCR *jcr = rctx.jcr;
1414 BFILE *bfd = &rctx.bfd;
1415 int flags = rctx.flags;
1416 int32_t stream = rctx.stream;
1417 RESTORE_CIPHER_CTX *cipher_ctx = &rctx.cipher_ctx;
1418 char *wbuf; /* write buffer */
1419 uint32_t wsize; /* write size */
1420 uint32_t rsize; /* read size */
1421 uint32_t decrypted_len = 0; /* Decryption output length */
1422 char ec1[50]; /* Buffer printing huge values */
1425 jcr->ReadBytes += rsize;
1429 if (flags & FO_ENCRYPT) {
1430 ASSERT(cipher_ctx->cipher);
1433 * Grow the crypto buffer, if necessary.
1434 * crypto_cipher_update() will process only whole blocks,
1435 * buffering the remaining input.
1437 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1438 cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
1440 /* Decrypt the input block */
1441 if (!crypto_cipher_update(cipher_ctx->cipher,
1442 (const u_int8_t *)wbuf,
1444 (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1446 /* Decryption failed. Shouldn't happen. */
1447 Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
1451 if (decrypted_len == 0) {
1452 /* No full block of encrypted data available, write more data */
1456 Dmsg2(200, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
1458 cipher_ctx->buf_len += decrypted_len;
1459 wbuf = cipher_ctx->buf;
1461 /* If one full preserved block is available, write it to disk,
1462 * and then buffer any remaining data. This should be effecient
1463 * as long as Bacula's block size is not significantly smaller than the
1464 * encryption block size (extremely unlikely!)
1466 unser_crypto_packet_len(cipher_ctx);
1467 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1469 if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
1470 /* No full preserved block is available. */
1474 /* We have one full block, set up the filter input buffers */
1475 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1476 wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1477 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1478 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1481 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1482 if (!sparse_data(jcr, bfd, &rctx.fileAddr, &wbuf, &wsize, flags)) {
1487 if (flags & FO_COMPRESS) {
1488 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1493 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1496 jcr->JobBytes += wsize;
1497 rctx.fileAddr += wsize;
1498 Dmsg2(130, "Write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1500 /* Clean up crypto buffers */
1501 if (flags & FO_ENCRYPT) {
1502 /* Move any remaining data to start of buffer */
1503 if (cipher_ctx->buf_len > 0) {
1504 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1505 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1506 cipher_ctx->buf_len);
1508 /* The packet was successfully written, reset the length so that
1509 * the next packet length may be re-read by unser_crypto_packet_len() */
1510 cipher_ctx->packet_len = 0;
1519 * If extracting, close any previous stream
1521 static bool close_previous_stream(r_ctx &rctx)
1526 * If extracting, it was from previous stream, so
1527 * close the output file and validate the signature.
1530 if (rctx.size > 0 && !is_bopen(&rctx.bfd)) {
1531 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
1532 Pmsg2(000, "=== logic error size=%d bopen=%d\n", rctx.size,
1533 is_bopen(&rctx.bfd));
1536 if (rctx.prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
1537 deallocate_cipher(rctx);
1538 deallocate_fork_cipher(rctx);
1542 rctx.efs->finish_work();
1547 if (rctx.jcr->plugin) {
1548 plugin_set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1550 set_attributes(rctx.jcr, rctx.attr, &rctx.bfd);
1552 rctx.extract = false;
1554 /* Now perform the delayed restore of some specific data streams. */
1555 rtn = pop_delayed_data_streams(rctx);
1557 /* Verify the cryptographic signature, if any */
1558 rctx.type = rctx.attr->type;
1559 verify_signature(rctx);
1561 /* Free Signature */
1562 free_signature(rctx);
1564 rctx.jcr->ff->flags = 0;
1565 Dmsg0(130, "Stop extracting.\n");
1566 } else if (is_bopen(&rctx.bfd)) {
1567 Jmsg0(rctx.jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
1568 Pmsg0(000, "=== logic error !open\n");
1576 * In the context of jcr, flush any remaining data from the cipher context,
1577 * writing it to bfd.
1578 * Return value is true on success, false on failure.
1580 bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t stream,
1581 RESTORE_CIPHER_CTX *cipher_ctx)
1583 JCR *jcr = rctx.jcr;
1584 uint32_t decrypted_len = 0;
1585 char *wbuf; /* write buffer */
1586 uint32_t wsize; /* write size */
1587 char ec1[50]; /* Buffer printing huge values */
1588 bool second_pass = false;
1591 /* Write out the remaining block and free the cipher context */
1592 cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
1593 cipher_ctx->buf_len + cipher_ctx->block_size);
1595 if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
1597 /* Writing out the final, buffered block failed. Shouldn't happen. */
1598 Jmsg3(jcr, M_ERROR, 0, _("Decryption error. buf_len=%d decrypt_len=%d on file %s\n"),
1599 cipher_ctx->buf_len, decrypted_len, jcr->last_fname);
1602 Dmsg2(130, "Flush decrypt len=%d buf_len=%d\n", decrypted_len, cipher_ctx->buf_len);
1603 /* If nothing new was decrypted, and our output buffer is empty, return */
1604 if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
1608 cipher_ctx->buf_len += decrypted_len;
1610 unser_crypto_packet_len(cipher_ctx);
1611 Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
1612 wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
1613 /* Decrypted, possibly decompressed output here. */
1614 wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
1615 cipher_ctx->buf_len -= cipher_ctx->packet_len;
1616 Dmsg2(130, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
1618 if ((flags & FO_SPARSE) || (flags & FO_OFFSETS)) {
1619 if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize, flags)) {
1624 if (flags & FO_COMPRESS) {
1625 if (!decompress_data(jcr, stream, &wbuf, &wsize)) {
1630 Dmsg0(130, "Call store_data\n");
1631 if (!store_data(rctx, wbuf, wsize, (flags & FO_WIN32DECOMP) != 0)) {
1634 jcr->JobBytes += wsize;
1635 Dmsg2(130, "Flush write %u bytes, JobBytes=%s\n", wsize, edit_uint64(jcr->JobBytes, ec1));
1637 /* Move any remaining data to start of buffer. */
1638 if (cipher_ctx->buf_len > 0) {
1639 Dmsg1(130, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
1640 memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
1641 cipher_ctx->buf_len);
1643 /* The packet was successfully written, reset the length so that the next
1644 * packet length may be re-read by unser_crypto_packet_len() */
1645 cipher_ctx->packet_len = 0;
1647 if (cipher_ctx->buf_len >0 && !second_pass) {
1652 /* Stop decryption */
1653 cipher_ctx->buf_len = 0;
1654 cipher_ctx->packet_len = 0;
1659 static void deallocate_cipher(r_ctx &rctx)
1661 /* Flush and deallocate previous stream's cipher context */
1662 if (rctx.cipher_ctx.cipher) {
1663 flush_cipher(rctx, &rctx.bfd, &rctx.fileAddr, rctx.flags, rctx.comp_stream, &rctx.cipher_ctx);
1664 crypto_cipher_free(rctx.cipher_ctx.cipher);
1665 rctx.cipher_ctx.cipher = NULL;
1669 static void deallocate_fork_cipher(r_ctx &rctx)
1672 /* Flush and deallocate previous stream's fork cipher context */
1673 if (rctx.fork_cipher_ctx.cipher) {
1674 flush_cipher(rctx, &rctx.forkbfd, &rctx.fork_addr, rctx.fork_flags, rctx.comp_stream, &rctx.fork_cipher_ctx);
1675 crypto_cipher_free(rctx.fork_cipher_ctx.cipher);
1676 rctx.fork_cipher_ctx.cipher = NULL;
1680 static void free_signature(r_ctx &rctx)
1683 crypto_sign_free(rctx.sig);
1688 static void free_session(r_ctx &rctx)
1691 crypto_session_free(rctx.cs);
1697 * Verify the signature for the last restored file
1698 * Return value is either true (signature correct)
1699 * or false (signature could not be verified).
1700 * TODO landonf: Implement without using find_one_file and
1701 * without re-reading the file.
1703 static bool verify_signature(r_ctx &rctx)
1705 JCR *jcr = rctx.jcr;
1706 X509_KEYPAIR *keypair;
1707 DIGEST *digest = NULL;
1709 uint64_t saved_bytes;
1710 crypto_digest_t signing_algorithm = have_sha2 ?
1711 CRYPTO_DIGEST_SHA256 : CRYPTO_DIGEST_SHA1;
1712 crypto_digest_t algorithm;
1713 SIGNATURE *sig = rctx.sig;
1716 if (!jcr->crypto.pki_sign) {
1717 /* no signature OK */
1721 if (rctx.type == FT_REGE || rctx.type == FT_REG || rctx.type == FT_RAW) {
1722 Jmsg1(jcr, M_ERROR, 0, _("Missing cryptographic signature for %s\n"),
1729 /* Iterate through the trusted signers */
1730 foreach_alist(keypair, jcr->crypto.pki_signers) {
1731 err = crypto_sign_get_digest(sig, jcr->crypto.pki_keypair, algorithm, &digest);
1733 case CRYPTO_ERROR_NONE:
1734 Dmsg0(50, "== Got digest\n");
1736 * We computed jcr->crypto.digest using signing_algorithm while writing
1737 * the file. If it is not the same as the algorithm used for
1738 * this file, punt by releasing the computed algorithm and
1739 * computing by re-reading the file.
1741 if (algorithm != signing_algorithm) {
1742 if (jcr->crypto.digest) {
1743 crypto_digest_free(jcr->crypto.digest);
1744 jcr->crypto.digest = NULL;
1747 if (jcr->crypto.digest) {
1748 /* Use digest computed while writing the file to verify
1750 if ((err = crypto_sign_verify(sig, keypair, jcr->crypto.digest)) != CRYPTO_ERROR_NONE) {
1751 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1752 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1753 jcr->last_fname, crypto_strerror(err));
1757 /* Signature found, digest allocated. Old method,
1758 * re-read the file and compute the digest */
1759 jcr->crypto.digest = digest;
1761 /* Checksum the entire file
1762 * Make sure we don't modify JobBytes by saving and
1764 saved_bytes = jcr->JobBytes;
1765 if (find_one_file(jcr, jcr->ff, do_file_digest, jcr->last_fname, (dev_t)-1, 1) != 0) {
1766 Jmsg(jcr, M_ERROR, 0, _("Digest one file failed for file: %s\n"),
1768 jcr->JobBytes = saved_bytes;
1771 jcr->JobBytes = saved_bytes;
1773 /* Verify the signature */
1774 if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
1775 Dmsg1(50, "Bad signature on %s\n", jcr->last_fname);
1776 Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for file %s: ERR=%s\n"),
1777 jcr->last_fname, crypto_strerror(err));
1780 jcr->crypto.digest = NULL;
1783 /* Valid signature */
1784 Dmsg1(50, "Signature good on %s\n", jcr->last_fname);
1785 crypto_digest_free(digest);
1788 case CRYPTO_ERROR_NOSIGNER:
1789 /* Signature not found, try again */
1791 crypto_digest_free(digest);
1796 /* Something strange happened (that shouldn't happen!)... */
1797 Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
1803 Dmsg1(50, "Could not find a valid public key for signature on %s\n", jcr->last_fname);
1807 crypto_digest_free(digest);