2 * Amanda, The Advanced Maryland Automatic Network Disk Archiver
3 * Copyright (c) 1991-1999 University of Maryland at College Park
6 * Permission to use, copy, modify, distribute, and sell this software and its
7 * documentation for any purpose is hereby granted without fee, provided that
8 * the above copyright notice appear in all copies and that both that
9 * copyright notice and this permission notice appear in supporting
10 * documentation, and that the name of U.M. not be used in advertising or
11 * publicity pertaining to distribution of the software without specific,
12 * written prior permission. U.M. makes no representations about the
13 * suitability of this software for any purpose. It is provided "as is"
14 * without express or implied warranty.
16 * U.M. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL U.M.
18 * BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
20 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
21 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 * Authors: the Amanda Development Team. Its members are listed in a
24 * file named AUTHORS, in the root directory of this distribution.
26 /* $Id: dumper.c,v 1.190 2006/08/30 19:53:57 martinea Exp $
28 * requests remote amandad processes to dump filesystems
43 #include "fileheader.h"
44 #include "amfeatures.h"
45 #include "server_util.h"
48 #define dumper_debug(i,x) do { \
49 if ((i) <= debug_dumper) { \
62 #define CONNECT_TIMEOUT 5*60
64 #define STARTUP_TIMEOUT 60
67 int fd; /* file to flush to */
69 char *datain; /* data buffer markers */
72 pid_t compresspid; /* valid if fd is pipe to compress */
73 pid_t encryptpid; /* valid if fd is pipe to encrypt */
76 static char *handle = NULL;
78 static char *errstr = NULL;
79 static off_t dumpbytes;
80 static off_t dumpsize, headersize, origsize;
82 static comp_t srvcompress = COMP_NONE;
83 char *srvcompprog = NULL;
84 char *clntcompprog = NULL;
86 static encrypt_t srvencrypt = ENCRYPT_NONE;
87 char *srv_encrypt = NULL;
88 char *clnt_encrypt = NULL;
89 char *srv_decrypt_opt = NULL;
90 char *clnt_decrypt_opt = NULL;
92 static FILE *errf = NULL;
93 static char *hostname = NULL;
94 am_feature_t *their_features = NULL;
95 static char *diskname = NULL;
96 static char *qdiskname = NULL;
97 static char *device = NULL;
98 static char *options = NULL;
99 static char *progname = NULL;
100 static char *amandad_path=NULL;
101 static char *client_username=NULL;
102 static char *ssh_keys=NULL;
104 static char *dumpdate = NULL;
105 static char *dumper_timestamp = NULL;
106 static time_t conf_dtimeout;
107 static int indexfderror;
108 static int set_datafd;
110 static dumpfile_t file;
114 security_stream_t *fd;
123 #define NSTREAMS (int)(sizeof(streams) / sizeof(streams[0]))
125 static am_feature_t *our_features = NULL;
126 static char *our_feature_string = NULL;
128 /* local functions */
129 int main(int, char **);
130 static int do_dump(struct databuf *);
131 static void check_options(char *);
132 static void finish_tapeheader(dumpfile_t *);
133 static ssize_t write_tapeheader(int, dumpfile_t *);
134 static void databuf_init(struct databuf *, int);
135 static int databuf_write(struct databuf *, const void *, size_t);
136 static int databuf_flush(struct databuf *);
137 static void process_dumpeof(void);
138 static void process_dumpline(const char *);
139 static void add_msg_data(const char *, size_t);
140 static void parse_info_line(char *);
141 static void log_msgout(logtype_t);
142 static char * dumper_get_security_conf (char *, void *);
144 static int runcompress(int, pid_t *, comp_t);
145 static int runencrypt(int, pid_t *, encrypt_t);
147 static void sendbackup_response(void *, pkt_t *, security_handle_t *);
148 static int startup_dump(const char *, const char *, const char *, int,
149 const char *, const char *, const char *,
150 const char *, const char *, const char *);
151 static void stop_dump(void);
153 static void read_indexfd(void *, void *, ssize_t);
154 static void read_datafd(void *, void *, ssize_t);
155 static void read_mesgfd(void *, void *, ssize_t);
156 static void timeout(time_t);
157 static void timeout_callback(void *);
163 char *compmode = NULL;
164 char *compend = NULL;
165 char *encryptmode = NULL;
166 char *encryptend = NULL;
167 char *decryptmode = NULL;
168 char *decryptend = NULL;
170 /* parse the compression option */
171 if (strstr(options, "srvcomp-best;") != NULL)
172 srvcompress = COMP_BEST;
173 else if (strstr(options, "srvcomp-fast;") != NULL)
174 srvcompress = COMP_FAST;
175 else if ((compmode = strstr(options, "srvcomp-cust=")) != NULL) {
176 compend = strchr(compmode, ';');
178 srvcompress = COMP_SERVER_CUST;
180 srvcompprog = stralloc(compmode + strlen("srvcomp-cust="));
183 } else if ((compmode = strstr(options, "comp-cust=")) != NULL) {
184 compend = strchr(compmode, ';');
186 srvcompress = COMP_CUST;
188 clntcompprog = stralloc(compmode + strlen("comp-cust="));
193 srvcompress = COMP_NONE;
197 /* now parse the encryption option */
198 if ((encryptmode = strstr(options, "encrypt-serv-cust=")) != NULL) {
199 encryptend = strchr(encryptmode, ';');
201 srvencrypt = ENCRYPT_SERV_CUST;
203 srv_encrypt = stralloc(encryptmode + strlen("encrypt-serv-cust="));
206 } else if ((encryptmode = strstr(options, "encrypt-cust=")) != NULL) {
207 encryptend = strchr(encryptmode, ';');
209 srvencrypt = ENCRYPT_CUST;
211 clnt_encrypt = stralloc(encryptmode + strlen("encrypt-cust="));
215 srvencrypt = ENCRYPT_NONE;
217 /* get the decryption option parameter */
218 if ((decryptmode = strstr(options, "server-decrypt-option=")) != NULL) {
219 decryptend = strchr(decryptmode, ';');
222 srv_decrypt_opt = stralloc(decryptmode + strlen("server-decrypt-option="));
225 } else if ((decryptmode = strstr(options, "client-decrypt-option=")) != NULL) {
226 decryptend = strchr(decryptmode, ';');
229 clnt_decrypt_opt = stralloc(decryptmode + strlen("client-decrypt-option="));
241 static struct databuf db;
242 struct cmdargs cmdargs;
246 in_port_t taper_port;
247 unsigned long malloc_hist_1, malloc_size_1;
248 unsigned long malloc_hist_2, malloc_size_2;
253 int new_argc, my_argc;
254 char **new_argv, **my_argv;
255 struct addrinfo hints;
257 struct addrinfo *gaires = NULL;
263 dbopen(DBG_SUBDIR_SERVER);
265 /* Don't die when child closes pipe */
266 signal(SIGPIPE, SIG_IGN);
268 malloc_size_1 = malloc_inuse(&malloc_hist_1);
270 erroutput_type = (ERR_AMANDALOG|ERR_INTERACTIVE);
271 set_logerror(logerror);
273 parse_conf(main_argc, main_argv, &new_argc, &new_argv);
278 config_name = stralloc(my_argv[1]);
279 config_dir = vstralloc(CONFIG_DIR, "/", config_name, "/", NULL);
281 char my_cwd[STR_SIZE];
283 if (getcwd(my_cwd, SIZEOF(my_cwd)) == NULL) {
284 error("cannot determine current working directory");
287 config_dir = stralloc2(my_cwd, "/");
288 if ((config_name = strrchr(my_cwd, '/')) != NULL) {
289 config_name = stralloc(config_name + 1);
295 our_features = am_init_feature_set();
296 our_feature_string = am_feature_to_string(our_features);
298 conffile = stralloc2(config_dir, CONFFILE_NAME);
299 if(read_conffile(conffile)) {
300 error("errors processing config file \"%s\"", conffile);
305 dbrename(config_name, DBG_SUBDIR_SERVER);
307 report_bad_conf_arg();
309 * Make our effective uid nonprivlidged, keeping save uid as root
310 * in case we need to get back (to bind privlidged ports, etc).
317 #if defined BSD_SECURITY && !defined SSH_SECURITY
319 error("must be run setuid root to communicate correctly");
325 "%s: pid %ld executable %s version %s\n",
326 get_pname(), (long) getpid(),
327 my_argv[0], version());
330 /* now, make sure we are a valid user */
332 if (getpwuid(getuid()) == NULL) {
333 error("can't get login name for my uid %ld", (long)getuid());
337 signal(SIGPIPE, SIG_IGN);
339 conf_dtimeout = (time_t)getconf_int(CNF_DTIMEOUT);
344 cmd = getcmd(&cmdargs);
349 error("error [dumper START: not enough args: timestamp]");
350 dumper_timestamp = newstralloc(dumper_timestamp, cmdargs.argv[2]);
376 cmdargs.argc++; /* true count of args */
379 if(a >= cmdargs.argc) {
380 error("error [dumper PORT-DUMP: not enough args: handle]");
383 handle = newstralloc(handle, cmdargs.argv[a++]);
385 if(a >= cmdargs.argc) {
386 error("error [dumper PORT-DUMP: not enough args: port]");
389 taper_port = (in_port_t)atoi(cmdargs.argv[a++]);
391 if(a >= cmdargs.argc) {
392 error("error [dumper PORT-DUMP: not enough args: hostname]");
395 hostname = newstralloc(hostname, cmdargs.argv[a++]);
397 if(a >= cmdargs.argc) {
398 error("error [dumper PORT-DUMP: not enough args: features]");
401 am_release_feature_set(their_features);
402 their_features = am_string_to_feature(cmdargs.argv[a++]);
404 if(a >= cmdargs.argc) {
405 error("error [dumper PORT-DUMP: not enough args: diskname]");
408 qdiskname = newstralloc(qdiskname, cmdargs.argv[a++]);
409 if (diskname != NULL)
411 diskname = unquote_string(qdiskname);
413 if(a >= cmdargs.argc) {
414 error("error [dumper PORT-DUMP: not enough args: device]");
417 device = newstralloc(device, cmdargs.argv[a++]);
418 if(strcmp(device,"NODEVICE") == 0)
421 if(a >= cmdargs.argc) {
422 error("error [dumper PORT-DUMP: not enough args: level]");
425 level = atoi(cmdargs.argv[a++]);
427 if(a >= cmdargs.argc) {
428 error("error [dumper PORT-DUMP: not enough args: dumpdate]");
431 dumpdate = newstralloc(dumpdate, cmdargs.argv[a++]);
433 if(a >= cmdargs.argc) {
434 error("error [dumper PORT-DUMP: not enough args: program]");
437 progname = newstralloc(progname, cmdargs.argv[a++]);
439 if(a >= cmdargs.argc) {
440 error("error [dumper PORT-DUMP: not enough args: amandad_path]");
443 amandad_path = newstralloc(amandad_path, cmdargs.argv[a++]);
445 if(a >= cmdargs.argc) {
446 error("error [dumper PORT-DUMP: not enough args: client_username]");
448 client_username = newstralloc(client_username, cmdargs.argv[a++]);
450 if(a >= cmdargs.argc) {
451 error("error [dumper PORT-DUMP: not enough args: ssh_keys]");
453 ssh_keys = newstralloc(ssh_keys, cmdargs.argv[a++]);
455 if(a >= cmdargs.argc) {
456 error("error [dumper PORT-DUMP: not enough args: options]");
458 options = newstralloc(options, cmdargs.argv[a++]);
460 if(a != cmdargs.argc) {
461 error("error [dumper PORT-DUMP: too many args: %d != %d]",
466 /* Double-check that 'localhost' resolves properly */
468 hints.ai_flags = AI_CANONNAME | AI_V4MAPPED | AI_ALL;
469 hints.ai_family = AF_UNSPEC;
471 hints.ai_flags = AI_CANONNAME;
472 hints.ai_family = AF_INET;
474 hints.ai_socktype = 0;
475 hints.ai_protocol = 0;
476 hints.ai_addrlen = 0;
477 hints.ai_addr = NULL;
478 hints.ai_canonname = NULL;
479 hints.ai_next = NULL;
480 res = getaddrinfo("localhost", NULL, &hints, &gaires);
483 hints.ai_flags = AI_CANONNAME;
484 hints.ai_family = AF_UNSPEC;
485 res = getaddrinfo("localhost", NULL, &hints, &gaires);
489 errstr = newvstralloc(errstr,
490 _("could not resolve localhost: "),
491 gai_strerror(res), NULL);
493 putresult(FAILED, "%s %s\n", handle, q);
494 log_add(L_FAIL, "%s %s %s %d [%s]", hostname, qdiskname,
495 dumper_timestamp, level, errstr);
499 if (gaires) freeaddrinfo(gaires);
501 /* connect outf to chunker/taper port */
503 outfd = stream_client("localhost", taper_port,
504 STREAM_BUFSIZE, 0, NULL, 0);
507 errstr = newvstralloc(errstr, "port open: ",
508 strerror(errno), NULL);
510 putresult(FAILED, "%s %s\n", handle, q);
511 log_add(L_FAIL, "%s %s %s %d [%s]", hostname, qdiskname,
512 dumper_timestamp, level, errstr);
516 databuf_init(&db, outfd);
518 check_options(options);
520 rc = startup_dump(hostname,
532 putresult(rc == 2? FAILED : TRYAGAIN, "%s %s\n",
535 log_add(L_FAIL, "%s %s %s %d [%s]", hostname, qdiskname,
536 dumper_timestamp, level, errstr);
542 amfree(amandad_path);
543 amfree(client_username);
548 if(cmdargs.argc >= 1) {
549 q = squote(cmdargs.argv[1]);
550 } else if(cmdargs.argc >= 0) {
551 q = squote(cmdargs.argv[0]);
553 q = stralloc("(no input?)");
555 putresult(BAD_COMMAND, "%s\n", q);
562 } while(cmd != QUIT);
564 /* make sure root privilege is dropped */
565 if ( geteuid() == 0 ) {
570 free_new_argv(new_argc, new_argv);
571 free_server_config();
572 am_release_feature_set(our_features);
573 amfree(our_feature_string);
575 amfree(dumper_timestamp);
584 amfree(clntcompprog);
586 amfree(clnt_encrypt);
587 amfree(srv_decrypt_opt);
588 amfree(clnt_decrypt_opt);
593 malloc_size_2 = malloc_inuse(&malloc_hist_2);
595 if (malloc_size_1 != malloc_size_2) {
596 malloc_list(fileno(stderr), malloc_hist_1, malloc_hist_2);
600 return (0); /* exit */
605 * Initialize a databuf. Takes a writeable file descriptor.
614 db->datain = db->dataout = db->datalimit = NULL;
615 db->compresspid = -1;
621 * Updates the buffer pointer for the input data buffer. The buffer is
622 * written regardless of how much data is present, since we know we
623 * are writing to a socket (to chunker) and there is no need to maintain
632 db->buf = (char *)buf;
633 db->datain = db->datalimit = db->buf + size;
634 db->dataout = db->buf;
635 return databuf_flush(db);
639 * Write out the buffer to chunker.
648 * If there's no data, do nothing.
650 if (db->dataout >= db->datain) {
655 * Write out the buffer
657 written = fullwrite(db->fd, db->dataout,
658 (size_t)(db->datain - db->dataout));
660 db->dataout += written;
661 dumpbytes += (off_t)written;
663 if (dumpbytes >= (off_t)1024) {
664 dumpsize += (dumpbytes / (off_t)1024);
665 dumpbytes %= (off_t)1024;
668 errstr = squotef("data write: %s", strerror(errno));
671 db->datain = db->dataout = db->buf;
675 static int dump_result;
677 #define GOT_INFO_ENDLINE (1 << 0)
678 #define GOT_SIZELINE (1 << 1)
679 #define GOT_ENDLINE (1 << 2)
680 #define HEADER_DONE (1 << 3)
684 process_dumpeof(void)
686 /* process any partial line in msgbuf? !!! */
687 add_msg_data(NULL, 0);
688 if(!ISSET(status, GOT_SIZELINE) && dump_result < 2) {
689 /* make a note if there isn't already a failure */
691 "? %s: strange [missing size line from sendbackup]\n",
694 errstr = stralloc("missing size line from sendbackup");
696 dump_result = max(dump_result, 2);
699 if(!ISSET(status, GOT_ENDLINE) && dump_result < 2) {
701 "? %s: strange [missing end line from sendbackup]\n",
704 errstr = stralloc("missing end line from sendbackup");
706 dump_result = max(dump_result, 2);
711 * Parse an information line from the client.
712 * We ignore unknown parameters and only remember the last
719 static const struct {
724 { "BACKUP", file.program, SIZEOF(file.program) },
725 { "DUMPER", file.dumper, SIZEOF(file.dumper) },
726 { "RECOVER_CMD", file.recover_cmd, SIZEOF(file.recover_cmd) },
727 { "COMPRESS_SUFFIX", file.comp_suffix, SIZEOF(file.comp_suffix) },
728 { "SERVER_CUSTOM_COMPRESS", file.srvcompprog, SIZEOF(file.srvcompprog) },
729 { "CLIENT_CUSTOM_COMPRESS", file.clntcompprog, SIZEOF(file.clntcompprog) },
730 { "SERVER_ENCRYPT", file.srv_encrypt, SIZEOF(file.srv_encrypt) },
731 { "CLIENT_ENCRYPT", file.clnt_encrypt, SIZEOF(file.clnt_encrypt) },
732 { "SERVER_DECRYPT_OPTION", file.srv_decrypt_opt, SIZEOF(file.srv_decrypt_opt) },
733 { "CLIENT_DECRYPT_OPTION", file.clnt_decrypt_opt, SIZEOF(file.clnt_decrypt_opt) }
738 if (strcmp(str, "end") == 0) {
739 SET(status, GOT_INFO_ENDLINE);
743 name = strtok(str, "=");
746 value = strtok(NULL, "");
750 for (i = 0; i < SIZEOF(fields) / SIZEOF(fields[0]); i++) {
751 if (strcmp(name, fields[i].name) == 0) {
752 strncpy(fields[i].value, value, fields[i].len - 1);
753 fields[i].value[fields[i].len - 1] = '\0';
769 /* normal backup output line */
772 /* sendbackup detected something strange */
773 dump_result = max(dump_result, 1);
776 /* a sendbackup line, just check them all since there are only 5 */
777 tok = strtok(buf, " ");
778 if (tok == NULL || strcmp(tok, "sendbackup:") != 0)
781 tok = strtok(NULL, " ");
785 if (strcmp(tok, "start") == 0) {
789 if (strcmp(tok, "size") == 0) {
790 tok = strtok(NULL, "");
792 origsize = OFF_T_ATOI(tok);
793 SET(status, GOT_SIZELINE);
798 if (strcmp(tok, "end") == 0) {
799 SET(status, GOT_ENDLINE);
803 if (strcmp(tok, "warning") == 0) {
804 dump_result = max(dump_result, 1);
808 if (strcmp(tok, "error") == 0) {
809 SET(status, GOT_ENDLINE);
810 dump_result = max(dump_result, 2);
812 tok = strtok(NULL, "");
813 if (tok == NULL || *tok != '[') {
814 errstr = newvstralloc(errstr, "bad remote error: ", str, NULL);
818 tok++; /* skip over '[' */
819 if ((enderr = strchr(tok, ']')) != NULL)
821 errstr = newstralloc(errstr, tok);
826 if (strcmp(tok, "info") == 0) {
827 tok = strtok(NULL, "");
829 parse_info_line(tok);
832 /* else we fall through to bad line */
837 dump_result = max(dump_result, 1);
840 fprintf(errf, "%s\n", str);
850 char *buf; /* buffer holding msg data */
851 size_t size; /* size of alloced buffer */
858 buflen = strlen(msg.buf);
863 * If our argument is NULL, then we need to flush out any remaining
869 fprintf(errf,"? %s: error [partial line in msgbuf: "
870 SIZE_T_FMT " bytes]\n", get_pname(),
871 (SIZE_T_FMT_TYPE)buflen);
872 fprintf(errf,"? %s: error [partial line in msgbuf: \"%s\"]\n",
873 get_pname(), msg.buf);
879 * Expand the buffer if it can't hold the new contents.
881 if ((buflen + len + 1) > msg.size) {
885 /* round up to next y, where y is a power of 2 */
886 #define ROUND(x, y) (((x) + (y) - 1) & ~((y) - 1))
888 newsize = ROUND(buflen + (ssize_t)len + 1, 256);
889 newbuf = alloc(newsize);
891 if (msg.buf != NULL) {
892 strncpy(newbuf, msg.buf, newsize);
901 * If there was a partial line from the last call, then
902 * append the new data to the end.
904 strncat(msg.buf, str, len);
907 * Process all lines in the buffer
908 * scanning line for unqouted newline.
910 for (ch = line = msg.buf; *ch != '\0'; ch++) {
912 in_quotes = !in_quotes;
913 } else if ((*ch == '\\') && (*(ch + 1) == '"')) {
915 } else if (!in_quotes && (*ch == '\n')) {
917 * Found an unqouted newline. Terminate and process line.
920 process_dumpline(line);
926 * If we did not process all of the data, move it to the front
927 * of the buffer so it is there next time.
930 buflen = strlen(line);
931 memmove(msg.buf, line, (size_t)buflen + 1);
945 if (fseek(errf, 0L, SEEK_SET) < 0) {
946 dbprintf(("log_msgout: warning - seek failed: %s\n", strerror(errno)));
948 while ((line = agets(errf)) != NULL) {
949 if (line[0] != '\0') {
950 log_add(typ, "%s", line);
961 * Fill in the rest of the tape header
968 assert(ISSET(status, HEADER_DONE));
970 file->type = F_DUMPFILE;
971 strncpy(file->datestamp, dumper_timestamp, sizeof(file->datestamp) - 1);
972 strncpy(file->name, hostname, SIZEOF(file->name) - 1);
973 strncpy(file->disk, diskname, SIZEOF(file->disk) - 1);
974 file->dumplevel = level;
977 * If we're doing the compression here, we need to override what
978 * sendbackup told us the compression was.
980 if (srvcompress != COMP_NONE) {
981 file->compressed = 1;
982 #ifndef UNCOMPRESS_OPT
983 #define UNCOMPRESS_OPT ""
985 if (srvcompress == COMP_SERVER_CUST) {
986 snprintf(file->uncompress_cmd, SIZEOF(file->uncompress_cmd),
987 " %s %s |", srvcompprog, "-d");
988 strncpy(file->comp_suffix, "cust", SIZEOF(file->comp_suffix) - 1);
989 file->comp_suffix[SIZEOF(file->comp_suffix) - 1] = '\0';
990 strncpy(file->srvcompprog, srvcompprog, SIZEOF(file->srvcompprog) - 1);
991 file->srvcompprog[SIZEOF(file->srvcompprog) - 1] = '\0';
992 } else if ( srvcompress == COMP_CUST ) {
993 snprintf(file->uncompress_cmd, SIZEOF(file->uncompress_cmd),
994 " %s %s |", clntcompprog, "-d");
995 strncpy(file->comp_suffix, "cust", SIZEOF(file->comp_suffix) - 1);
996 file->comp_suffix[SIZEOF(file->comp_suffix) - 1] = '\0';
997 strncpy(file->clntcompprog, clntcompprog, SIZEOF(file->clntcompprog));
998 file->clntcompprog[SIZEOF(file->clntcompprog) - 1] = '\0';
1000 snprintf(file->uncompress_cmd, SIZEOF(file->uncompress_cmd),
1001 " %s %s |", UNCOMPRESS_PATH, UNCOMPRESS_OPT);
1002 strncpy(file->comp_suffix, COMPRESS_SUFFIX,SIZEOF(file->comp_suffix) - 1);
1003 file->comp_suffix[SIZEOF(file->comp_suffix) - 1] = '\0';
1006 if (file->comp_suffix[0] == '\0') {
1007 file->compressed = 0;
1008 assert(SIZEOF(file->comp_suffix) >= 2);
1009 strncpy(file->comp_suffix, "N", SIZEOF(file->comp_suffix) - 1);
1010 file->comp_suffix[SIZEOF(file->comp_suffix) - 1] = '\0';
1012 file->compressed = 1;
1015 /* take care of the encryption header here */
1016 if (srvencrypt != ENCRYPT_NONE) {
1018 if (srvencrypt == ENCRYPT_SERV_CUST) {
1019 snprintf(file->decrypt_cmd, SIZEOF(file->decrypt_cmd),
1020 " %s %s |", srv_encrypt, srv_decrypt_opt);
1021 strncpy(file->encrypt_suffix, "enc", SIZEOF(file->encrypt_suffix) - 1);
1022 file->encrypt_suffix[SIZEOF(file->encrypt_suffix) - 1] = '\0';
1023 strncpy(file->srv_encrypt, srv_encrypt, SIZEOF(file->srv_encrypt) - 1);
1024 file->srv_encrypt[SIZEOF(file->srv_encrypt) - 1] = '\0';
1025 strncpy(file->srv_decrypt_opt, srv_decrypt_opt, SIZEOF(file->srv_decrypt_opt) - 1);
1026 file->srv_decrypt_opt[SIZEOF(file->srv_decrypt_opt) - 1] = '\0';
1027 } else if ( srvencrypt == ENCRYPT_CUST ) {
1028 snprintf(file->decrypt_cmd, SIZEOF(file->decrypt_cmd),
1029 " %s %s |", clnt_encrypt, clnt_decrypt_opt);
1030 strncpy(file->encrypt_suffix, "enc", SIZEOF(file->encrypt_suffix) - 1);
1031 file->encrypt_suffix[SIZEOF(file->encrypt_suffix) - 1] = '\0';
1032 strncpy(file->clnt_encrypt, clnt_encrypt, SIZEOF(file->clnt_encrypt) - 1);
1033 file->clnt_encrypt[SIZEOF(file->clnt_encrypt) - 1] = '\0';
1034 strncpy(file->clnt_decrypt_opt, clnt_decrypt_opt, SIZEOF(file->clnt_decrypt_opt));
1035 file->clnt_decrypt_opt[SIZEOF(file->clnt_decrypt_opt) - 1] = '\0';
1038 if (file->encrypt_suffix[0] == '\0') {
1039 file->encrypted = 0;
1040 assert(SIZEOF(file->encrypt_suffix) >= 2);
1041 strncpy(file->encrypt_suffix, "N", SIZEOF(file->encrypt_suffix) - 1);
1042 file->encrypt_suffix[SIZEOF(file->encrypt_suffix) - 1] = '\0';
1050 * Send an Amanda dump header to the output file.
1057 char buffer[DISK_BLOCK_BYTES];
1060 build_header(buffer, file, SIZEOF(buffer));
1062 written = fullwrite(outfd, buffer, SIZEOF(buffer));
1063 if(written == (ssize_t)sizeof(buffer))
1075 char *indexfile_tmp = NULL;
1076 char *indexfile_real = NULL;
1077 char level_str[NUM_STR_SIZE];
1081 double dumptime; /* Time dump took in secs */
1082 char *errfname = NULL;
1084 pid_t indexpid = -1;
1090 dumpbytes = dumpsize = headersize = origsize = (off_t)0;
1093 snprintf(level_str, SIZEOF(level_str), "%d", level);
1094 fn = sanitise_filename(diskname);
1095 errfname = newvstralloc(errfname,
1103 if((errf = fopen(errfname, "w+")) == NULL) {
1104 errstr = newvstralloc(errstr,
1105 "errfile open \"", errfname, "\": ",
1111 unlink(errfname); /* so it goes away on close */
1114 if (streams[INDEXFD].fd != NULL) {
1115 indexfile_real = getindexfname(hostname, diskname, dumper_timestamp, level);
1116 indexfile_tmp = stralloc2(indexfile_real, ".tmp");
1118 if (mkpdir(indexfile_tmp, 02755, (uid_t)-1, (gid_t)-1) == -1) {
1119 errstr = newvstralloc(errstr,
1125 amfree(indexfile_real);
1126 amfree(indexfile_tmp);
1129 indexout = open(indexfile_tmp, O_WRONLY | O_CREAT | O_TRUNC, 0600);
1130 if (indexout == -1) {
1131 errstr = newvstralloc(errstr, "err open ", indexfile_tmp, ": ",
1132 strerror(errno), NULL);
1135 if (runcompress(indexout, &indexpid, COMP_BEST) < 0) {
1142 * Schedule the indexfd for relaying to the index file
1144 security_stream_read(streams[INDEXFD].fd, read_indexfd, &indexout);
1148 * We only need to process messages initially. Once we have done
1149 * the header, we will start processing data too.
1151 security_stream_read(streams[MESGFD].fd, read_mesgfd, db);
1155 * Setup a read timeout
1157 timeout(conf_dtimeout);
1160 * Start the event loop. This will exit when all three events
1161 * (read the mesgfd, read the datafd, and timeout) are removed.
1165 if (dump_result > 1)
1168 runtime = stopclock();
1169 dumptime = (double)(runtime.r.tv_sec) +
1170 ((double)(runtime.r.tv_usec) / 1000000.0);
1172 dumpsize -= headersize; /* don't count the header */
1173 if (dumpsize < (off_t)0) /* XXX - maybe this should be fatal? */
1174 dumpsize = (off_t)0;
1177 errstr = alloc(128);
1178 snprintf(errstr, 128, "sec %s kb " OFF_T_FMT " kps %3.1lf orig-kb " OFF_T_FMT "",
1179 walltime_str(runtime),
1180 (OFF_T_FMT_TYPE)dumpsize,
1181 (isnormal(dumptime) ? ((double)dumpsize / (double)dumptime) : 0.0),
1182 (OFF_T_FMT_TYPE)origsize);
1183 q = squotef("[%s]", errstr);
1184 putresult(DONE, "%s " OFF_T_FMT " " OFF_T_FMT " %lu %s\n", handle,
1185 (OFF_T_FMT_TYPE)origsize,
1186 (OFF_T_FMT_TYPE)dumpsize,
1187 (unsigned long)((double)dumptime+0.5), q);
1190 switch(dump_result) {
1192 log_add(L_SUCCESS, "%s %s %s %d [%s]", hostname, qdiskname, dumper_timestamp, level, errstr);
1197 log_start_multiline();
1198 log_add(L_STRANGE, "%s %s %d [%s]", hostname, qdiskname, level, errstr);
1199 log_msgout(L_STRANGE);
1200 log_end_multiline();
1205 if (errf) afclose(errf);
1208 if (indexfile_tmp) {
1209 amwait_t index_status;
1211 /*@i@*/ aclose(indexout);
1212 waitpid(indexpid,&index_status,0);
1213 if (rename(indexfile_tmp, indexfile_real) != 0) {
1214 log_add(L_WARNING, "could not rename \"%s\" to \"%s\": %s",
1215 indexfile_tmp, indexfile_real, strerror(errno));
1217 amfree(indexfile_tmp);
1218 amfree(indexfile_real);
1221 if(db->compresspid != -1) {
1222 waitpid(db->compresspid,NULL,0);
1224 if(db->encryptpid != -1) {
1225 waitpid(db->encryptpid,NULL,0);
1233 q = squotef("[%s]", errstr);
1234 putresult(FAILED, "%s %s\n", handle, q);
1238 /* kill all child process */
1239 if (db->compresspid != -1) {
1240 fprintf(stderr,"%s: kill compress command\n",get_pname());
1241 if (kill(db->compresspid, SIGTERM) < 0) {
1243 fprintf(stderr,"%s: can't kill compress command: %s\n",
1244 get_pname(), strerror(errno));
1247 waitpid(db->compresspid,NULL,0);
1251 if (db->encryptpid != -1) {
1252 fprintf(stderr,"%s: kill encrypt command\n",get_pname());
1253 if (kill(db->encryptpid, SIGTERM) < 0) {
1255 fprintf(stderr,"%s: can't kill encrypt command: %s\n",
1256 get_pname(), strerror(errno));
1259 waitpid(db->encryptpid,NULL,0);
1263 if (indexpid != -1) {
1264 fprintf(stderr,"%s: kill index command\n",get_pname());
1265 if (kill(indexpid, SIGTERM) < 0) {
1267 fprintf(stderr,"%s: can't kill index command: %s\n",
1268 get_pname(),strerror(errno));
1271 waitpid(indexpid,NULL,0);
1275 log_start_multiline();
1276 log_add(L_FAIL, "%s %s %s %d [%s]", hostname, qdiskname, dumper_timestamp,
1281 log_end_multiline();
1283 if (errf) afclose(errf);
1285 if (indexfile_tmp) {
1286 unlink(indexfile_tmp);
1287 amfree(indexfile_tmp);
1288 amfree(indexfile_real);
1295 * Callback for reads on the mesgfd stream
1303 struct databuf *db = cookie;
1309 errstr = newstralloc2(errstr, "mesg read: ",
1310 security_stream_geterror(streams[MESGFD].fd));
1317 * EOF. Just shut down the mesg stream.
1320 security_stream_close(streams[MESGFD].fd);
1321 streams[MESGFD].fd = NULL;
1323 * If the data fd and index fd has also shut down, then we're done.
1325 if ((set_datafd == 0 || streams[DATAFD].fd == NULL) &&
1326 streams[INDEXFD].fd == NULL)
1331 assert(buf != NULL);
1332 add_msg_data(buf, (size_t)size);
1333 security_stream_read(streams[MESGFD].fd, read_mesgfd, cookie);
1337 if (ISSET(status, GOT_INFO_ENDLINE) && !ISSET(status, HEADER_DONE)) {
1338 SET(status, HEADER_DONE);
1339 /* time to do the header */
1340 finish_tapeheader(&file);
1341 if (write_tapeheader(db->fd, &file)) {
1342 errstr = newstralloc2(errstr, "write_tapeheader: ",
1348 dumpsize += (off_t)DISK_BLOCK_KB;
1349 headersize += (off_t)DISK_BLOCK_KB;
1351 if (srvencrypt == ENCRYPT_SERV_CUST) {
1352 if (runencrypt(db->fd, &db->encryptpid, srvencrypt) < 0) {
1359 * Now, setup the compress for the data output, and start
1360 * reading the datafd.
1362 if ((srvcompress != COMP_NONE) && (srvcompress != COMP_CUST)) {
1363 if (runcompress(db->fd, &db->compresspid, srvcompress) < 0) {
1369 security_stream_read(streams[DATAFD].fd, read_datafd, db);
1374 * Reset the timeout for future reads
1376 timeout(conf_dtimeout);
1380 * Callback for reads on the datafd stream
1388 struct databuf *db = cookie;
1393 * The read failed. Error out
1396 errstr = newstralloc2(errstr, "data read: ",
1397 security_stream_geterror(streams[DATAFD].fd));
1403 /* The header had better be written at this point */
1404 assert(ISSET(status, HEADER_DONE));
1407 * EOF. Stop and return.
1411 if (dumpbytes != (off_t)0) {
1412 dumpsize += (off_t)1;
1414 security_stream_close(streams[DATAFD].fd);
1415 streams[DATAFD].fd = NULL;
1417 * If the mesg fd and index fd has also shut down, then we're done.
1419 if (streams[MESGFD].fd == NULL && streams[INDEXFD].fd == NULL)
1425 * We read something. Add it to the databuf and reschedule for
1428 assert(buf != NULL);
1429 if (databuf_write(db, buf, (size_t)size) < 0) {
1430 errstr = newstralloc2(errstr, "data write: ", strerror(errno));
1437 * Reset the timeout for future reads
1439 timeout(conf_dtimeout);
1441 security_stream_read(streams[DATAFD].fd, read_datafd, cookie);
1445 * Callback for reads on the index stream
1455 assert(cookie != NULL);
1456 fd = *(int *)cookie;
1459 errstr = newstralloc2(errstr, "index read: ",
1460 security_stream_geterror(streams[INDEXFD].fd));
1467 * EOF. Stop and return.
1470 security_stream_close(streams[INDEXFD].fd);
1471 streams[INDEXFD].fd = NULL;
1473 * If the mesg fd has also shut down, then we're done.
1475 if ((set_datafd == 0 || streams[DATAFD].fd == NULL) &&
1476 streams[MESGFD].fd == NULL)
1481 assert(buf != NULL);
1484 * We ignore error while writing to the index file.
1486 if (fullwrite(fd, buf, (size_t)size) < 0) {
1487 /* Ignore error, but schedule another read. */
1488 if(indexfderror == 0) {
1490 log_add(L_INFO, "Index corrupted for %s:%s", hostname, qdiskname);
1493 security_stream_read(streams[INDEXFD].fd, read_indexfd, cookie);
1497 * Startup a timeout in the event handler. If the arg is 0,
1498 * then remove the timeout.
1504 static event_handle_t *ev_timeout = NULL;
1507 * First, remove a timeout if one is active.
1509 if (ev_timeout != NULL) {
1510 event_release(ev_timeout);
1515 * Now, schedule a new one if 'seconds' is greater than 0
1518 ev_timeout = event_register((event_id_t)seconds, EV_TIME, timeout_callback, NULL);
1522 * This is the callback for timeout(). If this is reached, then we
1523 * have a data timeout.
1529 (void)unused; /* Quiet unused parameter warning */
1531 assert(unused == NULL);
1532 errstr = newstralloc(errstr, "data timeout");
1538 * This is called when everything needs to shut down so event_loop()
1546 for (i = 0; i < NSTREAMS; i++) {
1547 if (streams[i].fd != NULL) {
1548 security_stream_close(streams[i].fd);
1549 streams[i].fd = NULL;
1557 * Runs compress with the first arg as its stdout. Returns
1558 * 0 on success or negative if error, and it's pid via the second
1559 * argument. The outfd arg is dup2'd to the pipe to the compress
1568 int outpipe[2], rval;
1571 assert(pid != NULL);
1573 /* outpipe[0] is pipe's stdin, outpipe[1] is stdout. */
1574 if (pipe(outpipe) < 0) {
1575 errstr = newstralloc2(errstr, "pipe: ", strerror(errno));
1579 switch (*pid = fork()) {
1581 errstr = newstralloc2(errstr, "couldn't fork: ", strerror(errno));
1586 rval = dup2(outpipe[1], outfd);
1588 errstr = newstralloc2(errstr, "couldn't dup2: ", strerror(errno));
1593 if (dup2(outpipe[0], 0) < 0) {
1594 error("err dup2 in: %s", strerror(errno));
1597 if (dup2(outfd, 1) == -1) {
1598 error("err dup2 out: %s", strerror(errno));
1602 if (comptype != COMP_SERVER_CUST) {
1603 execlp(COMPRESS_PATH, COMPRESS_PATH, ( comptype == COMP_BEST ?
1604 COMPRESS_BEST_OPT : COMPRESS_FAST_OPT), (char *)NULL);
1605 error("error: couldn't exec %s: %s", COMPRESS_PATH, strerror(errno));
1607 } else if (*srvcompprog) {
1608 execlp(srvcompprog, srvcompprog, (char *)0);
1609 error("error: couldn't exec server custom filter%s.\n", srvcompprog);
1618 * Runs encrypt with the first arg as its stdout. Returns
1619 * 0 on success or negative if error, and it's pid via the second
1620 * argument. The outfd arg is dup2'd to the pipe to the encrypt
1627 encrypt_t encrypttype)
1629 int outpipe[2], rval;
1632 assert(pid != NULL);
1634 /* outpipe[0] is pipe's stdin, outpipe[1] is stdout. */
1635 if (pipe(outpipe) < 0) {
1636 errstr = newstralloc2(errstr, "pipe: ", strerror(errno));
1640 switch (*pid = fork()) {
1642 errstr = newstralloc2(errstr, "couldn't fork: ", strerror(errno));
1647 rval = dup2(outpipe[1], outfd);
1649 errstr = newstralloc2(errstr, "couldn't dup2: ", strerror(errno));
1654 if (dup2(outpipe[0], 0) < 0) {
1655 error("err dup2 in: %s", strerror(errno));
1658 if (dup2(outfd, 1) < 0 ) {
1659 error("err dup2 out: %s", strerror(errno));
1663 if ((encrypttype == ENCRYPT_SERV_CUST) && *srv_encrypt) {
1664 execlp(srv_encrypt, srv_encrypt, (char *)0);
1665 error("error: couldn't exec server encryption%s.\n", srv_encrypt);
1674 /* -------------------- */
1677 sendbackup_response(
1680 security_handle_t * sech)
1682 int ports[NSTREAMS], *response_error = datap, i;
1687 assert(response_error != NULL);
1688 assert(sech != NULL);
1691 errstr = newvstralloc(errstr, "[request failed: ",
1692 security_geterror(sech), "]", NULL);
1693 *response_error = 1;
1697 security_close_connection(sech, hostname);
1700 memset(ports, 0, SIZEOF(ports));
1701 if (pkt->type == P_NAK) {
1702 #if defined(PACKET_DEBUG)
1703 fprintf(stderr, "got nak response:\n----\n%s\n----\n\n", pkt->body);
1706 tok = strtok(pkt->body, " ");
1707 if (tok == NULL || strcmp(tok, "ERROR") != 0)
1710 tok = strtok(NULL, "\n");
1712 errstr = newvstralloc(errstr, "NAK: ", tok, NULL);
1713 *response_error = 1;
1716 errstr = newstralloc(errstr, "request NAK");
1717 *response_error = 2;
1722 if (pkt->type != P_REP) {
1723 errstr = newvstralloc(errstr, "received strange packet type ",
1724 pkt_type2str(pkt->type), ": ", pkt->body, NULL);
1725 *response_error = 1;
1730 fprintf(stderr, "got response:\n----\n%s\n----\n\n", pkt->body);
1733 for(i = 0; i < NSTREAMS; i++) {
1735 streams[i].fd = NULL;
1739 while((tok = strtok(p, " \n")) != NULL) {
1743 * Error response packets have "ERROR" followed by the error message
1744 * followed by a newline.
1746 if (strcmp(tok, "ERROR") == 0) {
1747 tok = strtok(NULL, "\n");
1749 tok = "[bogus error packet]";
1750 errstr = newstralloc(errstr, tok);
1751 *response_error = 2;
1756 * Regular packets have CONNECT followed by three streams
1758 if (strcmp(tok, "CONNECT") == 0) {
1761 * Parse the three stream specifiers out of the packet.
1763 for (i = 0; i < NSTREAMS; i++) {
1764 tok = strtok(NULL, " ");
1765 if (tok == NULL || strcmp(tok, streams[i].name) != 0) {
1766 extra = vstralloc("CONNECT token is \"",
1767 tok ? tok : "(null)",
1774 tok = strtok(NULL, " \n");
1775 if (tok == NULL || sscanf(tok, "%d", &ports[i]) != 1) {
1776 extra = vstralloc("CONNECT ",
1779 tok ? tok : "(null)",
1780 "\": expected a port number",
1789 * OPTIONS [options string] '\n'
1791 if (strcmp(tok, "OPTIONS") == 0) {
1792 tok = strtok(NULL, "\n");
1794 extra = stralloc("OPTIONS token is missing");
1798 while((p = strchr(tok, ';')) != NULL) {
1801 if(strncmp_const_skip(tok, "features=", tok, ch) == 0) {
1802 am_release_feature_set(their_features);
1803 if((their_features = am_string_to_feature(tok)) == NULL) {
1804 errstr = newvstralloc(errstr,
1805 "OPTIONS: bad features value: ",
1816 extra = vstralloc("next token is \"",
1817 tok ? tok : "(null)",
1818 "\": expected \"CONNECT\", \"ERROR\" or \"OPTIONS\"",
1824 * Connect the streams to their remote ports
1826 for (i = 0; i < NSTREAMS; i++) {
1829 streams[i].fd = security_stream_client(sech, ports[i]);
1830 if (streams[i].fd == NULL) {
1831 errstr = newvstralloc(errstr,
1832 "[could not connect ", streams[i].name, " stream: ",
1833 security_geterror(sech), "]", NULL);
1839 * Authenticate the streams
1841 for (i = 0; i < NSTREAMS; i++) {
1842 if (streams[i].fd == NULL)
1844 #ifdef KRB4_SECURITY
1846 * XXX krb4 historically never authenticated the index stream!
1847 * We need to reproduce this lossage here to preserve compatibility
1849 * It is wrong to delve into sech, but we have no choice here.
1851 if (strcasecmp(sech->driver->name, "krb4") == 0 && i == INDEXFD)
1854 if (security_stream_auth(streams[i].fd) < 0) {
1855 errstr = newvstralloc(errstr,
1856 "[could not authenticate ", streams[i].name, " stream: ",
1857 security_stream_geterror(streams[i].fd), "]", NULL);
1863 * The MESGFD and DATAFD streams are mandatory. If we didn't get
1866 if (streams[MESGFD].fd == NULL || streams[DATAFD].fd == NULL) {
1867 errstr = newstralloc(errstr, "[couldn't open MESG or INDEX streams]");
1871 /* everything worked */
1872 *response_error = 0;
1876 errstr = newvstralloc(errstr,
1877 "[parse of reply message failed: ",
1878 extra ? extra : "(no additional information)",
1882 *response_error = 2;
1887 *response_error = 1;
1891 dumper_get_security_conf(
1895 (void)arg; /* Quiet unused parameter warning */
1897 if(!string || !*string)
1900 if(strcmp(string, "krb5principal")==0) {
1901 return(getconf_str(CNF_KRB5PRINCIPAL));
1902 } else if(strcmp(string, "krb5keytab")==0) {
1903 return(getconf_str(CNF_KRB5KEYTAB));
1904 } else if(strcmp(string, "amandad_path")==0) {
1905 return (amandad_path);
1906 } else if(strcmp(string, "client_username")==0) {
1907 return (client_username);
1908 } else if(strcmp(string, "ssh_keys")==0) {
1916 const char *hostname,
1920 const char *dumpdate,
1921 const char *progname,
1922 const char *amandad_path,
1923 const char *client_username,
1924 const char *ssh_keys,
1925 const char *options)
1927 char level_string[NUM_STR_SIZE];
1929 char *authopt, *endauthopt, authoptbuf[80];
1931 const security_driver_t *secdrv;
1938 (void)disk; /* Quiet unused parameter warning */
1939 (void)amandad_path; /* Quiet unused parameter warning */
1940 (void)client_username; /* Quiet unused parameter warning */
1941 (void)ssh_keys; /* Quiet unused parameter warning */
1943 has_features = am_has_feature(their_features, fe_req_options_features);
1944 has_hostname = am_has_feature(their_features, fe_req_options_hostname);
1945 has_config = am_has_feature(their_features, fe_req_options_config);
1946 has_device = am_has_feature(their_features, fe_sendbackup_req_device);
1949 * Default to bsd authentication if none specified. This is gross.
1951 * Options really need to be pre-parsed into some sort of structure
1952 * much earlier, and then flattened out again before transmission.
1954 authopt = strstr(options, "auth=");
1955 if (authopt == NULL) {
1958 endauthopt = strchr(authopt, ';');
1959 if ((endauthopt == NULL) ||
1960 ((sizeof(authoptbuf) - 1) < (size_t)(endauthopt - authopt))) {
1963 authopt += strlen("auth=");
1964 strncpy(authoptbuf, authopt, (size_t)(endauthopt - authopt));
1965 authoptbuf[endauthopt - authopt] = '\0';
1966 authopt = authoptbuf;
1970 snprintf(level_string, SIZEOF(level_string), "%d", level);
1971 if(strcmp(progname, "DUMP") == 0
1972 || strcmp(progname, "GNUTAR") == 0) {
1975 backup_api = "BACKUP ";
1977 req = vstralloc("SERVICE sendbackup\n",
1979 has_features ? "features=" : "",
1980 has_features ? our_feature_string : "",
1981 has_features ? ";" : "",
1982 has_hostname ? "hostname=" : "",
1983 has_hostname ? hostname : "",
1984 has_hostname ? ";" : "",
1985 has_config ? "config=" : "",
1986 has_config ? config_name : "",
1987 has_config ? ";" : "",
1989 backup_api, progname,
1991 " ", device && has_device ? device : "",
1994 " OPTIONS ", options,
1995 /* compat: if auth=krb4, send krb4-auth */
1996 (strcasecmp(authopt, "krb4") ? "" : "krb4-auth"),
2000 fprintf(stderr, "send request:\n----\n%s\n----\n\n", req);
2001 secdrv = security_getdriver(authopt);
2002 if (secdrv == NULL) {
2003 error("no '%s' security driver available for host '%s'",
2008 protocol_sendreq(hostname, secdrv, dumper_get_security_conf, req,
2009 STARTUP_TIMEOUT, sendbackup_response, &response_error);
2014 return (response_error);