2 * Amanda, The Advanced Maryland Automatic Network Disk Archiver
3 * Copyright (c) 1991-1999 University of Maryland at College Park
6 * Permission to use, copy, modify, distribute, and sell this software and its
7 * documentation for any purpose is hereby granted without fee, provided that
8 * the above copyright notice appear in all copies and that both that
9 * copyright notice and this permission notice appear in supporting
10 * documentation, and that the name of U.M. not be used in advertising or
11 * publicity pertaining to distribution of the software without specific,
12 * written prior permission. U.M. makes no representations about the
13 * suitability of this software for any purpose. It is provided "as is"
14 * without express or implied warranty.
16 * U.M. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL U.M.
18 * BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
19 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
20 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
21 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 * Authors: the Amanda Development Team. Its members are listed in a
24 * file named AUTHORS, in the root directory of this distribution.
26 /* $Id: dumper.c,v 1.190.2.2 2006/11/08 17:11:41 martinea Exp $
28 * requests remote amandad processes to dump filesystems
43 #include "fileheader.h"
44 #include "amfeatures.h"
45 #include "server_util.h"
56 #define CONNECT_TIMEOUT 5*60
58 #define STARTUP_TIMEOUT 60
61 int fd; /* file to flush to */
63 char *datain; /* data buffer markers */
66 pid_t compresspid; /* valid if fd is pipe to compress */
67 pid_t encryptpid; /* valid if fd is pipe to encrypt */
70 static char *handle = NULL;
72 static char *errstr = NULL;
73 static off_t dumpbytes;
74 static off_t dumpsize, headersize, origsize;
76 static comp_t srvcompress = COMP_NONE;
77 char *srvcompprog = NULL;
78 char *clntcompprog = NULL;
80 static encrypt_t srvencrypt = ENCRYPT_NONE;
81 char *srv_encrypt = NULL;
82 char *clnt_encrypt = NULL;
83 char *srv_decrypt_opt = NULL;
84 char *clnt_decrypt_opt = NULL;
86 static FILE *errf = NULL;
87 static char *hostname = NULL;
88 am_feature_t *their_features = NULL;
89 static char *diskname = NULL;
90 static char *qdiskname = NULL;
91 static char *device = NULL;
92 static char *options = NULL;
93 static char *progname = NULL;
94 static char *amandad_path=NULL;
95 static char *client_username=NULL;
96 static char *ssh_keys=NULL;
98 static char *dumpdate = NULL;
99 static char *dumper_timestamp = NULL;
100 static time_t conf_dtimeout;
101 static int indexfderror;
102 static int set_datafd;
104 static dumpfile_t file;
108 security_stream_t *fd;
117 #define NSTREAMS (int)(sizeof(streams) / sizeof(streams[0]))
119 static am_feature_t *our_features = NULL;
120 static char *our_feature_string = NULL;
122 /* local functions */
123 int main(int, char **);
124 static int do_dump(struct databuf *);
125 static void check_options(char *);
126 static void finish_tapeheader(dumpfile_t *);
127 static ssize_t write_tapeheader(int, dumpfile_t *);
128 static void databuf_init(struct databuf *, int);
129 static int databuf_write(struct databuf *, const void *, size_t);
130 static int databuf_flush(struct databuf *);
131 static void process_dumpeof(void);
132 static void process_dumpline(const char *);
133 static void add_msg_data(const char *, size_t);
134 static void parse_info_line(char *);
135 static void log_msgout(logtype_t);
136 static char * dumper_get_security_conf (char *, void *);
138 static int runcompress(int, pid_t *, comp_t);
139 static int runencrypt(int, pid_t *, encrypt_t);
141 static void sendbackup_response(void *, pkt_t *, security_handle_t *);
142 static int startup_dump(const char *, const char *, const char *, int,
143 const char *, const char *, const char *,
144 const char *, const char *, const char *);
145 static void stop_dump(void);
147 static void read_indexfd(void *, void *, ssize_t);
148 static void read_datafd(void *, void *, ssize_t);
149 static void read_mesgfd(void *, void *, ssize_t);
150 static void timeout(time_t);
151 static void timeout_callback(void *);
157 char *compmode = NULL;
158 char *compend = NULL;
159 char *encryptmode = NULL;
160 char *encryptend = NULL;
161 char *decryptmode = NULL;
162 char *decryptend = NULL;
164 /* parse the compression option */
165 if (strstr(options, "srvcomp-best;") != NULL)
166 srvcompress = COMP_BEST;
167 else if (strstr(options, "srvcomp-fast;") != NULL)
168 srvcompress = COMP_FAST;
169 else if ((compmode = strstr(options, "srvcomp-cust=")) != NULL) {
170 compend = strchr(compmode, ';');
172 srvcompress = COMP_SERV_CUST;
174 srvcompprog = stralloc(compmode + strlen("srvcomp-cust="));
177 } else if ((compmode = strstr(options, "comp-cust=")) != NULL) {
178 compend = strchr(compmode, ';');
180 srvcompress = COMP_CUST;
182 clntcompprog = stralloc(compmode + strlen("comp-cust="));
187 srvcompress = COMP_NONE;
191 /* now parse the encryption option */
192 if ((encryptmode = strstr(options, "encrypt-serv-cust=")) != NULL) {
193 encryptend = strchr(encryptmode, ';');
195 srvencrypt = ENCRYPT_SERV_CUST;
197 srv_encrypt = stralloc(encryptmode + strlen("encrypt-serv-cust="));
200 } else if ((encryptmode = strstr(options, "encrypt-cust=")) != NULL) {
201 encryptend = strchr(encryptmode, ';');
203 srvencrypt = ENCRYPT_CUST;
205 clnt_encrypt = stralloc(encryptmode + strlen("encrypt-cust="));
209 srvencrypt = ENCRYPT_NONE;
211 /* get the decryption option parameter */
212 if ((decryptmode = strstr(options, "server-decrypt-option=")) != NULL) {
213 decryptend = strchr(decryptmode, ';');
216 srv_decrypt_opt = stralloc(decryptmode + strlen("server-decrypt-option="));
219 } else if ((decryptmode = strstr(options, "client-decrypt-option=")) != NULL) {
220 decryptend = strchr(decryptmode, ';');
223 clnt_decrypt_opt = stralloc(decryptmode + strlen("client-decrypt-option="));
235 static struct databuf db;
236 struct cmdargs cmdargs;
240 in_port_t taper_port;
241 unsigned long malloc_hist_1, malloc_size_1;
242 unsigned long malloc_hist_2, malloc_size_2;
247 int new_argc, my_argc;
248 char **new_argv, **my_argv;
254 dbopen(DBG_SUBDIR_SERVER);
256 /* Don't die when child closes pipe */
257 signal(SIGPIPE, SIG_IGN);
259 malloc_size_1 = malloc_inuse(&malloc_hist_1);
261 erroutput_type = (ERR_AMANDALOG|ERR_INTERACTIVE);
262 set_logerror(logerror);
264 parse_server_conf(main_argc, main_argv, &new_argc, &new_argv);
269 config_name = stralloc(my_argv[1]);
270 config_dir = vstralloc(CONFIG_DIR, "/", config_name, "/", NULL);
272 char my_cwd[STR_SIZE];
274 if (getcwd(my_cwd, SIZEOF(my_cwd)) == NULL) {
275 error("cannot determine current working directory");
278 config_dir = stralloc2(my_cwd, "/");
279 if ((config_name = strrchr(my_cwd, '/')) != NULL) {
280 config_name = stralloc(config_name + 1);
286 our_features = am_init_feature_set();
287 our_feature_string = am_feature_to_string(our_features);
289 conffile = stralloc2(config_dir, CONFFILE_NAME);
290 if(read_conffile(conffile)) {
291 error("errors processing config file \"%s\"", conffile);
296 dbrename(config_name, DBG_SUBDIR_SERVER);
298 report_bad_conf_arg();
300 * Make our effective uid nonprivlidged, keeping save uid as root
301 * in case we need to get back (to bind privlidged ports, etc).
308 #if defined BSD_SECURITY && !defined SSH_SECURITY
310 error("must be run setuid root to communicate correctly");
316 "%s: pid %ld executable %s version %s\n",
317 get_pname(), (long) getpid(),
318 my_argv[0], version());
321 /* now, make sure we are a valid user */
323 if (getpwuid(getuid()) == NULL) {
324 error("can't get login name for my uid %ld", (long)getuid());
328 signal(SIGPIPE, SIG_IGN);
330 conf_dtimeout = getconf_int(CNF_DTIMEOUT);
335 cmd = getcmd(&cmdargs);
340 error("error [dumper START: not enough args: timestamp]");
341 dumper_timestamp = newstralloc(dumper_timestamp, cmdargs.argv[2]);
367 cmdargs.argc++; /* true count of args */
370 if(a >= cmdargs.argc) {
371 error("error [dumper PORT-DUMP: not enough args: handle]");
374 handle = newstralloc(handle, cmdargs.argv[a++]);
376 if(a >= cmdargs.argc) {
377 error("error [dumper PORT-DUMP: not enough args: port]");
380 taper_port = (in_port_t)atoi(cmdargs.argv[a++]);
382 if(a >= cmdargs.argc) {
383 error("error [dumper PORT-DUMP: not enough args: hostname]");
386 hostname = newstralloc(hostname, cmdargs.argv[a++]);
388 if(a >= cmdargs.argc) {
389 error("error [dumper PORT-DUMP: not enough args: features]");
392 am_release_feature_set(their_features);
393 their_features = am_string_to_feature(cmdargs.argv[a++]);
395 if(a >= cmdargs.argc) {
396 error("error [dumper PORT-DUMP: not enough args: diskname]");
399 qdiskname = newstralloc(qdiskname, cmdargs.argv[a++]);
400 if (diskname != NULL)
402 diskname = unquote_string(qdiskname);
404 if(a >= cmdargs.argc) {
405 error("error [dumper PORT-DUMP: not enough args: device]");
408 device = newstralloc(device, cmdargs.argv[a++]);
409 if(strcmp(device,"NODEVICE") == 0)
412 if(a >= cmdargs.argc) {
413 error("error [dumper PORT-DUMP: not enough args: level]");
416 level = atoi(cmdargs.argv[a++]);
418 if(a >= cmdargs.argc) {
419 error("error [dumper PORT-DUMP: not enough args: dumpdate]");
422 dumpdate = newstralloc(dumpdate, cmdargs.argv[a++]);
424 if(a >= cmdargs.argc) {
425 error("error [dumper PORT-DUMP: not enough args: program]");
428 progname = newstralloc(progname, cmdargs.argv[a++]);
430 if(a >= cmdargs.argc) {
431 error("error [dumper PORT-DUMP: not enough args: amandad_path]");
434 amandad_path = newstralloc(amandad_path, cmdargs.argv[a++]);
436 if(a >= cmdargs.argc) {
437 error("error [dumper PORT-DUMP: not enough args: client_username]");
439 client_username = newstralloc(client_username, cmdargs.argv[a++]);
441 if(a >= cmdargs.argc) {
442 error("error [dumper PORT-DUMP: not enough args: ssh_keys]");
444 ssh_keys = newstralloc(ssh_keys, cmdargs.argv[a++]);
446 if(a >= cmdargs.argc) {
447 error("error [dumper PORT-DUMP: not enough args: options]");
449 options = newstralloc(options, cmdargs.argv[a++]);
451 if(a != cmdargs.argc) {
452 error("error [dumper PORT-DUMP: too many args: %d != %d]",
457 if ((gethostbyname("localhost")) == NULL) {
458 errstr = newstralloc(errstr,
459 "could not resolve localhost");
461 putresult(FAILED, "%s %s\n", handle, q);
462 log_add(L_FAIL, "%s %s %s %d [%s]", hostname, qdiskname,
463 dumper_timestamp, level, errstr);
467 /* connect outf to chunker/taper port */
469 outfd = stream_client("localhost", taper_port,
470 STREAM_BUFSIZE, 0, NULL, 0);
473 errstr = newvstralloc(errstr, "port open: ",
474 strerror(errno), NULL);
476 putresult(FAILED, "%s %s\n", handle, q);
477 log_add(L_FAIL, "%s %s %s %d [%s]", hostname, qdiskname,
478 dumper_timestamp, level, errstr);
482 databuf_init(&db, outfd);
484 check_options(options);
486 rc = startup_dump(hostname,
498 putresult(rc == 2? FAILED : TRYAGAIN, "%s %s\n",
501 log_add(L_FAIL, "%s %s %s %d [%s]", hostname, qdiskname,
502 dumper_timestamp, level, errstr);
508 amfree(amandad_path);
509 amfree(client_username);
514 if(cmdargs.argc >= 1) {
515 q = squote(cmdargs.argv[1]);
516 } else if(cmdargs.argc >= 0) {
517 q = squote(cmdargs.argv[0]);
519 q = stralloc("(no input?)");
521 putresult(BAD_COMMAND, "%s\n", q);
528 } while(cmd != QUIT);
530 /* make sure root privilege is dropped */
531 if ( geteuid() == 0 ) {
536 free_new_argv(new_argc, new_argv);
537 free_server_config();
538 am_release_feature_set(our_features);
539 amfree(our_feature_string);
541 amfree(dumper_timestamp);
550 amfree(clntcompprog);
552 amfree(clnt_encrypt);
553 amfree(srv_decrypt_opt);
554 amfree(clnt_decrypt_opt);
559 malloc_size_2 = malloc_inuse(&malloc_hist_2);
561 if (malloc_size_1 != malloc_size_2) {
562 malloc_list(fileno(stderr), malloc_hist_1, malloc_hist_2);
566 return (0); /* exit */
571 * Initialize a databuf. Takes a writeable file descriptor.
580 db->datain = db->dataout = db->datalimit = NULL;
581 db->compresspid = -1;
587 * Updates the buffer pointer for the input data buffer. The buffer is
588 * written regardless of how much data is present, since we know we
589 * are writing to a socket (to chunker) and there is no need to maintain
598 db->buf = (char *)buf;
599 db->datain = db->datalimit = db->buf + size;
600 db->dataout = db->buf;
601 return databuf_flush(db);
605 * Write out the buffer to chunker.
614 * If there's no data, do nothing.
616 if (db->dataout >= db->datain) {
621 * Write out the buffer
623 written = fullwrite(db->fd, db->dataout,
624 (size_t)(db->datain - db->dataout));
626 db->dataout += written;
627 dumpbytes += (off_t)written;
629 if (dumpbytes >= (off_t)1024) {
630 dumpsize += (dumpbytes / (off_t)1024);
631 dumpbytes %= (off_t)1024;
634 errstr = squotef("data write: %s", strerror(errno));
637 db->datain = db->dataout = db->buf;
641 static int dump_result;
643 #define GOT_INFO_ENDLINE (1 << 0)
644 #define GOT_SIZELINE (1 << 1)
645 #define GOT_ENDLINE (1 << 2)
646 #define HEADER_DONE (1 << 3)
650 process_dumpeof(void)
652 /* process any partial line in msgbuf? !!! */
653 add_msg_data(NULL, 0);
654 if(!ISSET(status, GOT_SIZELINE) && dump_result < 2) {
655 /* make a note if there isn't already a failure */
657 "? %s: strange [missing size line from sendbackup]\n",
660 errstr = stralloc("missing size line from sendbackup");
662 dump_result = max(dump_result, 2);
665 if(!ISSET(status, GOT_ENDLINE) && dump_result < 2) {
667 "? %s: strange [missing end line from sendbackup]\n",
670 errstr = stralloc("missing end line from sendbackup");
672 dump_result = max(dump_result, 2);
677 * Parse an information line from the client.
678 * We ignore unknown parameters and only remember the last
685 static const struct {
690 { "BACKUP", file.program, SIZEOF(file.program) },
691 { "RECOVER_CMD", file.recover_cmd, SIZEOF(file.recover_cmd) },
692 { "COMPRESS_SUFFIX", file.comp_suffix, SIZEOF(file.comp_suffix) },
693 { "SERVER_CUSTOM_COMPRESS", file.srvcompprog, SIZEOF(file.srvcompprog) },
694 { "CLIENT_CUSTOM_COMPRESS", file.clntcompprog, SIZEOF(file.clntcompprog) },
695 { "SERVER_ENCRYPT", file.srv_encrypt, SIZEOF(file.srv_encrypt) },
696 { "CLIENT_ENCRYPT", file.clnt_encrypt, SIZEOF(file.clnt_encrypt) },
697 { "SERVER_DECRYPT_OPTION", file.srv_decrypt_opt, SIZEOF(file.srv_decrypt_opt) },
698 { "CLIENT_DECRYPT_OPTION", file.clnt_decrypt_opt, SIZEOF(file.clnt_decrypt_opt) }
703 if (strcmp(str, "end") == 0) {
704 SET(status, GOT_INFO_ENDLINE);
708 name = strtok(str, "=");
711 value = strtok(NULL, "");
715 for (i = 0; i < SIZEOF(fields) / SIZEOF(fields[0]); i++) {
716 if (strcmp(name, fields[i].name) == 0) {
717 strncpy(fields[i].value, value, fields[i].len - 1);
718 fields[i].value[fields[i].len - 1] = '\0';
734 /* normal backup output line */
737 /* sendbackup detected something strange */
738 dump_result = max(dump_result, 1);
741 /* a sendbackup line, just check them all since there are only 5 */
742 tok = strtok(buf, " ");
743 if (tok == NULL || strcmp(tok, "sendbackup:") != 0)
746 tok = strtok(NULL, " ");
750 if (strcmp(tok, "start") == 0) {
754 if (strcmp(tok, "size") == 0) {
755 tok = strtok(NULL, "");
757 origsize = OFF_T_ATOI(tok);
758 SET(status, GOT_SIZELINE);
763 if (strcmp(tok, "end") == 0) {
764 SET(status, GOT_ENDLINE);
768 if (strcmp(tok, "warning") == 0) {
769 dump_result = max(dump_result, 1);
773 if (strcmp(tok, "error") == 0) {
774 SET(status, GOT_ENDLINE);
775 dump_result = max(dump_result, 2);
777 tok = strtok(NULL, "");
778 if (tok == NULL || *tok != '[') {
779 errstr = newvstralloc(errstr, "bad remote error: ", str, NULL);
783 tok++; /* skip over '[' */
784 if ((enderr = strchr(tok, ']')) != NULL)
786 errstr = newstralloc(errstr, tok);
791 if (strcmp(tok, "info") == 0) {
792 tok = strtok(NULL, "");
794 parse_info_line(tok);
797 /* else we fall through to bad line */
802 dump_result = max(dump_result, 1);
805 fprintf(errf, "%s\n", str);
815 char *buf; /* buffer holding msg data */
816 size_t size; /* size of alloced buffer */
823 buflen = strlen(msg.buf);
828 * If our argument is NULL, then we need to flush out any remaining
834 fprintf(errf,"? %s: error [partial line in msgbuf: "
835 SIZE_T_FMT " bytes]\n", get_pname(),
836 (SIZE_T_FMT_TYPE)buflen);
837 fprintf(errf,"? %s: error [partial line in msgbuf: \"%s\"]\n",
838 get_pname(), msg.buf);
844 * Expand the buffer if it can't hold the new contents.
846 if ((buflen + len + 1) > msg.size) {
850 /* round up to next y, where y is a power of 2 */
851 #define ROUND(x, y) (((x) + (y) - 1) & ~((y) - 1))
853 newsize = ROUND(buflen + (ssize_t)len + 1, 256);
854 newbuf = alloc(newsize);
856 if (msg.buf != NULL) {
857 strncpy(newbuf, msg.buf, newsize);
866 * If there was a partial line from the last call, then
867 * append the new data to the end.
869 strncat(msg.buf, str, len);
872 * Process all lines in the buffer
873 * scanning line for unqouted newline.
875 for (ch = line = msg.buf; *ch != '\0'; ch++) {
877 in_quotes = !in_quotes;
878 } else if ((*ch == '\\') && (*(ch + 1) == '"')) {
880 } else if (!in_quotes && (*ch == '\n')) {
882 * Found an unqouted newline. Terminate and process line.
885 process_dumpline(line);
891 * If we did not process all of the data, move it to the front
892 * of the buffer so it is there next time.
895 buflen = strlen(line);
896 memmove(msg.buf, line, (size_t)buflen + 1);
910 if (fseek(errf, 0L, SEEK_SET) < 0) {
911 dbprintf(("log_msgout: warning - seek failed: %s\n", strerror(errno)));
913 while ((line = agets(errf)) != NULL) {
914 if (line[0] != '\0') {
915 log_add(typ, "%s", line);
926 * Fill in the rest of the tape header
933 assert(ISSET(status, HEADER_DONE));
935 file->type = F_DUMPFILE;
936 strncpy(file->datestamp, dumper_timestamp, sizeof(file->datestamp) - 1);
937 strncpy(file->name, hostname, SIZEOF(file->name) - 1);
938 strncpy(file->disk, diskname, SIZEOF(file->disk) - 1);
939 file->dumplevel = level;
942 * If we're doing the compression here, we need to override what
943 * sendbackup told us the compression was.
945 if (srvcompress != COMP_NONE) {
946 file->compressed = 1;
947 #ifndef UNCOMPRESS_OPT
948 #define UNCOMPRESS_OPT ""
950 if (srvcompress == COMP_SERV_CUST) {
951 snprintf(file->uncompress_cmd, SIZEOF(file->uncompress_cmd),
952 " %s %s |", srvcompprog, "-d");
953 strncpy(file->comp_suffix, "cust", SIZEOF(file->comp_suffix) - 1);
954 file->comp_suffix[SIZEOF(file->comp_suffix) - 1] = '\0';
955 strncpy(file->srvcompprog, srvcompprog, SIZEOF(file->srvcompprog) - 1);
956 file->srvcompprog[SIZEOF(file->srvcompprog) - 1] = '\0';
957 } else if ( srvcompress == COMP_CUST ) {
958 snprintf(file->uncompress_cmd, SIZEOF(file->uncompress_cmd),
959 " %s %s |", clntcompprog, "-d");
960 strncpy(file->comp_suffix, "cust", SIZEOF(file->comp_suffix) - 1);
961 file->comp_suffix[SIZEOF(file->comp_suffix) - 1] = '\0';
962 strncpy(file->clntcompprog, clntcompprog, SIZEOF(file->clntcompprog));
963 file->clntcompprog[SIZEOF(file->clntcompprog) - 1] = '\0';
965 snprintf(file->uncompress_cmd, SIZEOF(file->uncompress_cmd),
966 " %s %s |", UNCOMPRESS_PATH, UNCOMPRESS_OPT);
967 strncpy(file->comp_suffix, COMPRESS_SUFFIX,SIZEOF(file->comp_suffix) - 1);
968 file->comp_suffix[SIZEOF(file->comp_suffix) - 1] = '\0';
971 if (file->comp_suffix[0] == '\0') {
972 file->compressed = 0;
973 assert(SIZEOF(file->comp_suffix) >= 2);
974 strncpy(file->comp_suffix, "N", SIZEOF(file->comp_suffix) - 1);
975 file->comp_suffix[SIZEOF(file->comp_suffix) - 1] = '\0';
977 file->compressed = 1;
980 /* take care of the encryption header here */
981 if (srvencrypt != ENCRYPT_NONE) {
983 if (srvencrypt == ENCRYPT_SERV_CUST) {
984 snprintf(file->decrypt_cmd, SIZEOF(file->decrypt_cmd),
985 " %s %s |", srv_encrypt, srv_decrypt_opt);
986 strncpy(file->encrypt_suffix, "enc", SIZEOF(file->encrypt_suffix) - 1);
987 file->encrypt_suffix[SIZEOF(file->encrypt_suffix) - 1] = '\0';
988 strncpy(file->srv_encrypt, srv_encrypt, SIZEOF(file->srv_encrypt) - 1);
989 file->srv_encrypt[SIZEOF(file->srv_encrypt) - 1] = '\0';
990 strncpy(file->srv_decrypt_opt, srv_decrypt_opt, SIZEOF(file->srv_decrypt_opt) - 1);
991 file->srv_decrypt_opt[SIZEOF(file->srv_decrypt_opt) - 1] = '\0';
992 } else if ( srvencrypt == ENCRYPT_CUST ) {
993 snprintf(file->decrypt_cmd, SIZEOF(file->decrypt_cmd),
994 " %s %s |", clnt_encrypt, clnt_decrypt_opt);
995 strncpy(file->encrypt_suffix, "enc", SIZEOF(file->encrypt_suffix) - 1);
996 file->encrypt_suffix[SIZEOF(file->encrypt_suffix) - 1] = '\0';
997 strncpy(file->clnt_encrypt, clnt_encrypt, SIZEOF(file->clnt_encrypt) - 1);
998 file->clnt_encrypt[SIZEOF(file->clnt_encrypt) - 1] = '\0';
999 strncpy(file->clnt_decrypt_opt, clnt_decrypt_opt, SIZEOF(file->clnt_decrypt_opt));
1000 file->clnt_decrypt_opt[SIZEOF(file->clnt_decrypt_opt) - 1] = '\0';
1003 if (file->encrypt_suffix[0] == '\0') {
1004 file->encrypted = 0;
1005 assert(SIZEOF(file->encrypt_suffix) >= 2);
1006 strncpy(file->encrypt_suffix, "N", SIZEOF(file->encrypt_suffix) - 1);
1007 file->encrypt_suffix[SIZEOF(file->encrypt_suffix) - 1] = '\0';
1015 * Send an Amanda dump header to the output file.
1022 char buffer[DISK_BLOCK_BYTES];
1025 build_header(buffer, file, SIZEOF(buffer));
1027 written = write(outfd, buffer, SIZEOF(buffer));
1028 if(written == (ssize_t)sizeof(buffer))
1041 char *indexfile_tmp = NULL;
1042 char *indexfile_real = NULL;
1043 char level_str[NUM_STR_SIZE];
1047 double dumptime; /* Time dump took in secs */
1048 char *errfname = NULL;
1050 pid_t indexpid = -1;
1056 dumpbytes = dumpsize = headersize = origsize = (off_t)0;
1059 snprintf(level_str, SIZEOF(level_str), "%d", level);
1060 fn = sanitise_filename(diskname);
1061 errfname = newvstralloc(errfname,
1069 if((errf = fopen(errfname, "w+")) == NULL) {
1070 errstr = newvstralloc(errstr,
1071 "errfile open \"", errfname, "\": ",
1077 unlink(errfname); /* so it goes away on close */
1080 if (streams[INDEXFD].fd != NULL) {
1081 indexfile_real = getindexfname(hostname, diskname, dumper_timestamp, level);
1082 indexfile_tmp = stralloc2(indexfile_real, ".tmp");
1084 if (mkpdir(indexfile_tmp, 02755, (uid_t)-1, (gid_t)-1) == -1) {
1085 errstr = newvstralloc(errstr,
1091 amfree(indexfile_real);
1092 amfree(indexfile_tmp);
1095 indexout = open(indexfile_tmp, O_WRONLY | O_CREAT | O_TRUNC, 0600);
1096 if (indexout == -1) {
1097 errstr = newvstralloc(errstr, "err open ", indexfile_tmp, ": ",
1098 strerror(errno), NULL);
1101 if (runcompress(indexout, &indexpid, COMP_BEST) < 0) {
1108 * Schedule the indexfd for relaying to the index file
1110 security_stream_read(streams[INDEXFD].fd, read_indexfd, &indexout);
1114 * We only need to process messages initially. Once we have done
1115 * the header, we will start processing data too.
1117 security_stream_read(streams[MESGFD].fd, read_mesgfd, db);
1121 * Setup a read timeout
1123 timeout(conf_dtimeout);
1126 * Start the event loop. This will exit when all three events
1127 * (read the mesgfd, read the datafd, and timeout) are removed.
1131 if (dump_result > 1)
1134 runtime = stopclock();
1135 dumptime = (double)(runtime.r.tv_sec) +
1136 ((double)(runtime.r.tv_usec) / 1000000.0);
1138 dumpsize -= headersize; /* don't count the header */
1139 if (dumpsize < (off_t)0) /* XXX - maybe this should be fatal? */
1140 dumpsize = (off_t)0;
1143 errstr = alloc(128);
1144 snprintf(errstr, 128, "sec %s kb " OFF_T_FMT " kps %3.1lf orig-kb " OFF_T_FMT "",
1145 walltime_str(runtime),
1146 (OFF_T_FMT_TYPE)dumpsize,
1147 (isnormal(dumptime) ? ((double)dumpsize / (double)dumptime) : 0.0),
1148 (OFF_T_FMT_TYPE)origsize);
1149 q = squotef("[%s]", errstr);
1150 putresult(DONE, "%s " OFF_T_FMT " " OFF_T_FMT " %lu %s\n", handle,
1151 (OFF_T_FMT_TYPE)origsize,
1152 (OFF_T_FMT_TYPE)dumpsize,
1153 (unsigned long)((double)dumptime+0.5), q);
1156 switch(dump_result) {
1158 log_add(L_SUCCESS, "%s %s %s %d [%s]", hostname, qdiskname, dumper_timestamp, level, errstr);
1163 log_start_multiline();
1164 log_add(L_STRANGE, "%s %s %d [%s]", hostname, qdiskname, level, errstr);
1165 log_msgout(L_STRANGE);
1166 log_end_multiline();
1171 if (errf) afclose(errf);
1174 if (indexfile_tmp) {
1175 amwait_t index_status;
1177 /*@i@*/ aclose(indexout);
1178 waitpid(indexpid,&index_status,0);
1179 if (rename(indexfile_tmp, indexfile_real) != 0) {
1180 log_add(L_WARNING, "could not rename \"%s\" to \"%s\": %s",
1181 indexfile_tmp, indexfile_real, strerror(errno));
1183 amfree(indexfile_tmp);
1184 amfree(indexfile_real);
1187 if(db->compresspid != -1) {
1188 waitpid(db->compresspid,NULL,0);
1190 if(db->encryptpid != -1) {
1191 waitpid(db->encryptpid,NULL,0);
1199 q = squotef("[%s]", errstr);
1200 putresult(FAILED, "%s %s\n", handle, q);
1204 /* kill all child process */
1205 if (db->compresspid != -1) {
1206 fprintf(stderr,"%s: kill compress command\n",get_pname());
1207 if (kill(db->compresspid, SIGTERM) < 0) {
1209 fprintf(stderr,"%s: can't kill compress command: %s\n",
1210 get_pname(), strerror(errno));
1213 waitpid(db->compresspid,NULL,0);
1217 if (db->encryptpid != -1) {
1218 fprintf(stderr,"%s: kill encrypt command\n",get_pname());
1219 if (kill(db->encryptpid, SIGTERM) < 0) {
1221 fprintf(stderr,"%s: can't kill encrypt command: %s\n",
1222 get_pname(), strerror(errno));
1225 waitpid(db->encryptpid,NULL,0);
1229 if (indexpid != -1) {
1230 fprintf(stderr,"%s: kill index command\n",get_pname());
1231 if (kill(indexpid, SIGTERM) < 0) {
1233 fprintf(stderr,"%s: can't kill index command: %s\n",
1234 get_pname(),strerror(errno));
1237 waitpid(indexpid,NULL,0);
1241 log_start_multiline();
1242 log_add(L_FAIL, "%s %s %s %d [%s]", hostname, qdiskname, dumper_timestamp,
1247 log_end_multiline();
1249 if (errf) afclose(errf);
1251 if (indexfile_tmp) {
1252 unlink(indexfile_tmp);
1253 amfree(indexfile_tmp);
1254 amfree(indexfile_real);
1261 * Callback for reads on the mesgfd stream
1269 struct databuf *db = cookie;
1275 errstr = newstralloc2(errstr, "mesg read: ",
1276 security_stream_geterror(streams[MESGFD].fd));
1283 * EOF. Just shut down the mesg stream.
1286 security_stream_close(streams[MESGFD].fd);
1287 streams[MESGFD].fd = NULL;
1289 * If the data fd and index fd has also shut down, then we're done.
1291 if ((set_datafd == 0 || streams[DATAFD].fd == NULL) &&
1292 streams[INDEXFD].fd == NULL)
1297 assert(buf != NULL);
1298 add_msg_data(buf, (size_t)size);
1299 security_stream_read(streams[MESGFD].fd, read_mesgfd, cookie);
1304 * Reset the timeout for future reads
1306 timeout(conf_dtimeout);
1308 if (ISSET(status, GOT_INFO_ENDLINE) && !ISSET(status, HEADER_DONE)) {
1309 SET(status, HEADER_DONE);
1310 /* time to do the header */
1311 finish_tapeheader(&file);
1312 if (write_tapeheader(db->fd, &file)) {
1313 errstr = newstralloc2(errstr, "write_tapeheader: ",
1319 dumpsize += (off_t)DISK_BLOCK_KB;
1320 headersize += (off_t)DISK_BLOCK_KB;
1322 if (srvencrypt == ENCRYPT_SERV_CUST) {
1323 if (runencrypt(db->fd, &db->encryptpid, srvencrypt) < 0) {
1330 * Now, setup the compress for the data output, and start
1331 * reading the datafd.
1333 if ((srvcompress != COMP_NONE) && (srvcompress != COMP_CUST)) {
1334 if (runcompress(db->fd, &db->compresspid, srvcompress) < 0) {
1340 security_stream_read(streams[DATAFD].fd, read_datafd, db);
1346 * Callback for reads on the datafd stream
1354 struct databuf *db = cookie;
1359 * The read failed. Error out
1362 errstr = newstralloc2(errstr, "data read: ",
1363 security_stream_geterror(streams[DATAFD].fd));
1370 * Reset the timeout for future reads
1372 timeout(conf_dtimeout);
1374 /* The header had better be written at this point */
1375 assert(ISSET(status, HEADER_DONE));
1378 * EOF. Stop and return.
1382 if (dumpbytes != (off_t)0) {
1383 dumpsize += (off_t)1;
1385 security_stream_close(streams[DATAFD].fd);
1386 streams[DATAFD].fd = NULL;
1388 * If the mesg fd and index fd has also shut down, then we're done.
1390 if (streams[MESGFD].fd == NULL && streams[INDEXFD].fd == NULL)
1396 * We read something. Add it to the databuf and reschedule for
1399 assert(buf != NULL);
1400 if (databuf_write(db, buf, (size_t)size) < 0) {
1401 errstr = newstralloc2(errstr, "data write: ", strerror(errno));
1406 security_stream_read(streams[DATAFD].fd, read_datafd, cookie);
1410 * Callback for reads on the index stream
1420 assert(cookie != NULL);
1421 fd = *(int *)cookie;
1424 errstr = newstralloc2(errstr, "index read: ",
1425 security_stream_geterror(streams[INDEXFD].fd));
1432 * EOF. Stop and return.
1435 security_stream_close(streams[INDEXFD].fd);
1436 streams[INDEXFD].fd = NULL;
1438 * If the mesg fd has also shut down, then we're done.
1440 if ((set_datafd == 0 || streams[DATAFD].fd == NULL) &&
1441 streams[MESGFD].fd == NULL)
1446 assert(buf != NULL);
1449 * We ignore error while writing to the index file.
1451 if (fullwrite(fd, buf, (size_t)size) < 0) {
1452 /* Ignore error, but schedule another read. */
1453 if(indexfderror == 0) {
1455 log_add(L_INFO, "Index corrupted for %s:%s", hostname, qdiskname);
1458 security_stream_read(streams[INDEXFD].fd, read_indexfd, cookie);
1462 * Startup a timeout in the event handler. If the arg is 0,
1463 * then remove the timeout.
1469 static event_handle_t *ev_timeout = NULL;
1472 * First, remove a timeout if one is active.
1474 if (ev_timeout != NULL) {
1475 event_release(ev_timeout);
1480 * Now, schedule a new one if 'seconds' is greater than 0
1483 ev_timeout = event_register((event_id_t)seconds, EV_TIME, timeout_callback, NULL);
1487 * This is the callback for timeout(). If this is reached, then we
1488 * have a data timeout.
1494 (void)unused; /* Quiet unused parameter warning */
1496 assert(unused == NULL);
1497 errstr = newstralloc(errstr, "data timeout");
1503 * This is called when everything needs to shut down so event_loop()
1511 for (i = 0; i < NSTREAMS; i++) {
1512 if (streams[i].fd != NULL) {
1513 security_stream_close(streams[i].fd);
1514 streams[i].fd = NULL;
1522 * Runs compress with the first arg as its stdout. Returns
1523 * 0 on success or negative if error, and it's pid via the second
1524 * argument. The outfd arg is dup2'd to the pipe to the compress
1533 int outpipe[2], rval;
1536 assert(pid != NULL);
1538 /* outpipe[0] is pipe's stdin, outpipe[1] is stdout. */
1539 if (pipe(outpipe) < 0) {
1540 errstr = newstralloc2(errstr, "pipe: ", strerror(errno));
1544 switch (*pid = fork()) {
1546 errstr = newstralloc2(errstr, "couldn't fork: ", strerror(errno));
1551 rval = dup2(outpipe[1], outfd);
1553 errstr = newstralloc2(errstr, "couldn't dup2: ", strerror(errno));
1558 if (dup2(outpipe[0], 0) < 0) {
1559 error("err dup2 in: %s", strerror(errno));
1562 if (dup2(outfd, 1) == -1) {
1563 error("err dup2 out: %s", strerror(errno));
1567 if (comptype != COMP_SERV_CUST) {
1568 execlp(COMPRESS_PATH, COMPRESS_PATH, ( comptype == COMP_BEST ?
1569 COMPRESS_BEST_OPT : COMPRESS_FAST_OPT), (char *)NULL);
1570 error("error: couldn't exec %s: %s", COMPRESS_PATH, strerror(errno));
1572 } else if (*srvcompprog) {
1573 execlp(srvcompprog, srvcompprog, (char *)0);
1574 error("error: couldn't exec server custom filter%s.\n", srvcompprog);
1583 * Runs encrypt with the first arg as its stdout. Returns
1584 * 0 on success or negative if error, and it's pid via the second
1585 * argument. The outfd arg is dup2'd to the pipe to the encrypt
1592 encrypt_t encrypttype)
1594 int outpipe[2], rval;
1597 assert(pid != NULL);
1599 /* outpipe[0] is pipe's stdin, outpipe[1] is stdout. */
1600 if (pipe(outpipe) < 0) {
1601 errstr = newstralloc2(errstr, "pipe: ", strerror(errno));
1605 switch (*pid = fork()) {
1607 errstr = newstralloc2(errstr, "couldn't fork: ", strerror(errno));
1612 rval = dup2(outpipe[1], outfd);
1614 errstr = newstralloc2(errstr, "couldn't dup2: ", strerror(errno));
1619 if (dup2(outpipe[0], 0) < 0) {
1620 error("err dup2 in: %s", strerror(errno));
1623 if (dup2(outfd, 1) < 0 ) {
1624 error("err dup2 out: %s", strerror(errno));
1628 if ((encrypttype == ENCRYPT_SERV_CUST) && *srv_encrypt) {
1629 execlp(srv_encrypt, srv_encrypt, (char *)0);
1630 error("error: couldn't exec server encryption%s.\n", srv_encrypt);
1639 /* -------------------- */
1642 sendbackup_response(
1645 security_handle_t * sech)
1647 int ports[NSTREAMS], *response_error = datap, i;
1652 assert(response_error != NULL);
1653 assert(sech != NULL);
1655 security_close_connection(sech, hostname);
1658 errstr = newvstralloc(errstr, "[request failed: ",
1659 security_geterror(sech), "]", NULL);
1660 *response_error = 1;
1665 memset(ports, 0, SIZEOF(ports));
1666 if (pkt->type == P_NAK) {
1667 #if defined(PACKET_DEBUG)
1668 fprintf(stderr, "got nak response:\n----\n%s\n----\n\n", pkt->body);
1671 tok = strtok(pkt->body, " ");
1672 if (tok == NULL || strcmp(tok, "ERROR") != 0)
1675 tok = strtok(NULL, "\n");
1677 errstr = newvstralloc(errstr, "NAK: ", tok, NULL);
1678 *response_error = 1;
1681 errstr = newstralloc(errstr, "request NAK");
1682 *response_error = 2;
1687 if (pkt->type != P_REP) {
1688 errstr = newvstralloc(errstr, "received strange packet type ",
1689 pkt_type2str(pkt->type), ": ", pkt->body, NULL);
1690 *response_error = 1;
1695 fprintf(stderr, "got response:\n----\n%s\n----\n\n", pkt->body);
1698 for(i = 0; i < NSTREAMS; i++) {
1700 streams[i].fd = NULL;
1704 while((tok = strtok(p, " \n")) != NULL) {
1708 * Error response packets have "ERROR" followed by the error message
1709 * followed by a newline.
1711 if (strcmp(tok, "ERROR") == 0) {
1712 tok = strtok(NULL, "\n");
1714 tok = "[bogus error packet]";
1715 errstr = newstralloc(errstr, tok);
1716 *response_error = 2;
1721 * Regular packets have CONNECT followed by three streams
1723 if (strcmp(tok, "CONNECT") == 0) {
1726 * Parse the three stream specifiers out of the packet.
1728 for (i = 0; i < NSTREAMS; i++) {
1729 tok = strtok(NULL, " ");
1730 if (tok == NULL || strcmp(tok, streams[i].name) != 0) {
1731 extra = vstralloc("CONNECT token is \"",
1732 tok ? tok : "(null)",
1739 tok = strtok(NULL, " \n");
1740 if (tok == NULL || sscanf(tok, "%d", &ports[i]) != 1) {
1741 extra = vstralloc("CONNECT ",
1744 tok ? tok : "(null)",
1745 "\": expected a port number",
1754 * OPTIONS [options string] '\n'
1756 if (strcmp(tok, "OPTIONS") == 0) {
1757 tok = strtok(NULL, "\n");
1759 extra = stralloc("OPTIONS token is missing");
1763 while((p = strchr(tok, ';')) != NULL) {
1765 #define sc "features="
1766 if(strncmp(tok, sc, SIZEOF(sc) - 1) == 0) {
1767 tok += SIZEOF(sc) - 1;
1769 am_release_feature_set(their_features);
1770 if((their_features = am_string_to_feature(tok)) == NULL) {
1771 errstr = newvstralloc(errstr,
1772 "OPTIONS: bad features value: ",
1783 extra = vstralloc("next token is \"",
1784 tok ? tok : "(null)",
1785 "\": expected \"CONNECT\", \"ERROR\" or \"OPTIONS\"",
1791 * Connect the streams to their remote ports
1793 for (i = 0; i < NSTREAMS; i++) {
1796 streams[i].fd = security_stream_client(sech, ports[i]);
1797 if (streams[i].fd == NULL) {
1798 errstr = newvstralloc(errstr,
1799 "[could not connect ", streams[i].name, " stream: ",
1800 security_geterror(sech), "]", NULL);
1806 * Authenticate the streams
1808 for (i = 0; i < NSTREAMS; i++) {
1809 if (streams[i].fd == NULL)
1811 #ifdef KRB4_SECURITY
1813 * XXX krb4 historically never authenticated the index stream!
1814 * We need to reproduce this lossage here to preserve compatibility
1816 * It is wrong to delve into sech, but we have no choice here.
1818 if (strcasecmp(sech->driver->name, "krb4") != 0 && i == INDEXFD)
1821 if (security_stream_auth(streams[i].fd) < 0) {
1822 errstr = newvstralloc(errstr,
1823 "[could not authenticate ", streams[i].name, " stream: ",
1824 security_stream_geterror(streams[i].fd), "]", NULL);
1830 * The MESGFD and DATAFD streams are mandatory. If we didn't get
1833 if (streams[MESGFD].fd == NULL || streams[DATAFD].fd == NULL) {
1834 errstr = newstralloc(errstr, "[couldn't open MESG or INDEX streams]");
1838 /* everything worked */
1839 *response_error = 0;
1840 security_close_connection(sech, hostname);
1844 errstr = newvstralloc(errstr,
1845 "[parse of reply message failed: ",
1846 extra ? extra : "(no additional information)",
1850 *response_error = 2;
1851 security_close_connection(sech, hostname);
1856 *response_error = 1;
1857 security_close_connection(sech, hostname);
1861 dumper_get_security_conf(
1865 (void)arg; /* Quiet unused parameter warning */
1867 if(!string || !*string)
1870 if(strcmp(string, "krb5principal")==0) {
1871 return(getconf_str(CNF_KRB5PRINCIPAL));
1872 } else if(strcmp(string, "krb5keytab")==0) {
1873 return(getconf_str(CNF_KRB5KEYTAB));
1874 } else if(strcmp(string, "amandad_path")==0) {
1875 return (amandad_path);
1876 } else if(strcmp(string, "client_username")==0) {
1877 return (client_username);
1878 } else if(strcmp(string, "ssh_keys")==0) {
1886 const char *hostname,
1890 const char *dumpdate,
1891 const char *progname,
1892 const char *amandad_path,
1893 const char *client_username,
1894 const char *ssh_keys,
1895 const char *options)
1897 char level_string[NUM_STR_SIZE];
1899 char *authopt, *endauthopt, authoptbuf[80];
1901 const security_driver_t *secdrv;
1908 (void)disk; /* Quiet unused parameter warning */
1909 (void)amandad_path; /* Quiet unused parameter warning */
1910 (void)client_username; /* Quiet unused parameter warning */
1911 (void)ssh_keys; /* Quiet unused parameter warning */
1913 has_features = am_has_feature(their_features, fe_req_options_features);
1914 has_hostname = am_has_feature(their_features, fe_req_options_hostname);
1915 has_config = am_has_feature(their_features, fe_req_options_config);
1916 has_device = am_has_feature(their_features, fe_sendbackup_req_device);
1919 * Default to bsd authentication if none specified. This is gross.
1921 * Options really need to be pre-parsed into some sort of structure
1922 * much earlier, and then flattened out again before transmission.
1924 authopt = strstr(options, "auth=");
1925 if (authopt == NULL) {
1928 endauthopt = strchr(authopt, ';');
1929 if ((endauthopt == NULL) ||
1930 ((sizeof(authoptbuf) - 1) < (size_t)(endauthopt - authopt))) {
1933 authopt += strlen("auth=");
1934 strncpy(authoptbuf, authopt, (size_t)(endauthopt - authopt));
1935 authoptbuf[endauthopt - authopt] = '\0';
1936 authopt = authoptbuf;
1940 snprintf(level_string, SIZEOF(level_string), "%d", level);
1941 if(strncmp(progname, "DUMP", 4) == 0
1942 || strncmp(progname, "GNUTAR", 6) == 0) {
1945 dumper_api = "DUMPER ";
1947 req = vstralloc("SERVICE sendbackup\n",
1949 has_features ? "features=" : "",
1950 has_features ? our_feature_string : "",
1951 has_features ? ";" : "",
1952 has_hostname ? "hostname=" : "",
1953 has_hostname ? hostname : "",
1954 has_hostname ? ";" : "",
1955 has_config ? "config=" : "",
1956 has_config ? config_name : "",
1957 has_config ? ";" : "",
1959 dumper_api, progname,
1961 " ", device && has_device ? device : "",
1964 " OPTIONS ", options,
1965 /* compat: if auth=krb4, send krb4-auth */
1966 (strcasecmp(authopt, "krb4") ? "" : "krb4-auth"),
1970 fprintf(stderr, "send request:\n----\n%s\n----\n\n", req);
1971 secdrv = security_getdriver(authopt);
1972 if (secdrv == NULL) {
1973 error("no '%s' security driver available for host '%s'",
1978 protocol_sendreq(hostname, secdrv, dumper_get_security_conf, req,
1979 STARTUP_TIMEOUT, sendbackup_response, &response_error);
1984 return (response_error);