import bacula-9.0.6-6.el8

This commit is contained in:
CentOS Sources 2021-05-26 08:09:38 +00:00 committed by Andrew Lukoshko
commit 2e4bf336ca
30 changed files with 3197 additions and 0 deletions

1
.bacula.metadata Normal file
View File

@ -0,0 +1 @@
207a56be12130d5a4505305045deb04e50b36938 SOURCES/bacula-9.0.6.tar.gz

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/bacula-9.0.6.tar.gz

84
SOURCES/README.Redhat Normal file
View File

@ -0,0 +1,84 @@
======== Features
- Standard components: director, storage, client, docs, bconsole.
- Graphical components: bat, bacula-tray-monitor (where supported).
- Tab completion for bconsole.
- Nagios plugin.
- HTML/PDF docs.
- Quick start guides.
- File Daemon bpipe-fd plugin.
- POSIX.1e capabilities for File Daemon.
- Systemd for Fedora and RHEL 7+.
- SysV init scripts for RHEL 5/6.
- GZIP/LZO compression.
- Static uid/gid of 133 (see "setup" package).
- No usermode / fedora-usermgmt stuff in the console packages.
- Docs no longer an arch specific subpackage.
- SQL libraries needed only by Director and Storage daemons.
- SQL backend management through the alternatives system.
======== Quick start
Please look at the following files for a quick start with the various database
backends:
- quickstart_mysql.txt
- quickstart_postgresql.txt
- quickstart_sqlite3.txt
======== PostgreSQL, MySQL and SQLite databases
Bacula director supports different databases backends, if you want to switch
away from the default PostgreSQL one you need to change the "libbaccats" (the
catalogue library) symlink to the real library.
To change to a different backend, issue the following command:
# alternatives --config libbaccats.so
There are 3 programs which provide 'libbaccats.so'.
Selection Command
-----------------------------------------------
1 /usr/lib64/libbaccats-mysql.so
2 /usr/lib64/libbaccats-sqlite3.so
*+ 3 /usr/lib64/libbaccats-postgresql.so
Enter to keep the current selection[+], or type selection number: 1
There is NO need to edit any part in the Bacula Director configuration; for the
purposes of the database creation steps, the bacula-dir.conf configuration file
can be left at their default values.
======== Switiching between PostgreSQL, MySQL and SQLite backends
To switch the configured backend to another one, follow the above procedure.
Again, there's no need to edit the Bacula Director configuration file; the
catalog resource can be left as is.
Importing and exporting data between the various database formats is up to the
user. If the database will be re-initialized from scratch, follow the quick
start guides mentioned above.
======== Upgrading from old Redhat releases
When upgrading from old Redhat releases, the "bacula-libs-sql" package takes
care of making the appropriate selection for the database backend based on what
was previously configured on the old system.
The default permissions in the "/etc/bacula" folder have changed; please perform
the following commands for restoring the permissions for the correct operation
of the daemons.
# chown -R root:root /etc/bacula
# chmod 755 /etc/bacula
# chmod 640 /etc/bacula/*
# chgrp bacula /etc/bacula/bacula-dir.conf /etc/bacula/query.sql
All the files that are part of the Director configuration (included with @) must
of course have the same permissions as the main configuration file.
======== Documentation
To see all the available documentation in both HTML and PDF formats, please
install the "bacula-docs" package.

View File

@ -0,0 +1,9 @@
diff --git a/scripts/logwatch/logfile.bacula.conf.in b/scripts/logwatch/logfile.bacula.conf.in
index 22b6e98..5d257ca 100644
--- a/scripts/logwatch/logfile.bacula.conf.in
+++ b/scripts/logwatch/logfile.bacula.conf.in
@@ -1,3 +1,3 @@
# What actual file? Defaults to LogPath if not absolute path....
-LogFile = @logdir@/bacula.log
+LogFile = @logdir@/*.log

View File

@ -0,0 +1,35 @@
diff -Naur bacula-7.0.4.old/autoconf/ltmain.sh bacula-7.0.4/autoconf/ltmain.sh
--- bacula-7.0.4.old/autoconf/ltmain.sh 2014-07-24 17:43:23.085243360 +0200
+++ bacula-7.0.4/autoconf/ltmain.sh 2014-07-24 17:45:12.505330842 +0200
@@ -2429,6 +2429,7 @@
-R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries
-shared only do dynamic linking of libtool libraries
-shrext SUFFIX override the standard shared library file extension
+ -soname SONAME override the standard shared object name
-static do not do any dynamic linking of uninstalled libtool libraries
-static-libtool-libs
do not do any dynamic linking of libtool libraries
@@ -5434,6 +5435,11 @@
prev=
continue
;;
+ soname)
+ soname_spec="$arg"
+ prev=
+ continue
+ ;;
weak)
func_append weak_libs " $arg"
prev=
@@ -5754,6 +5760,11 @@
continue
;;
+ -soname)
+ prev=soname
+ continue
+ ;;
+
-static | -static-libtool-libs)
# The effects of -static are defined in a previous loop.
# We used to do the same as -all-static on platforms that

View File

@ -0,0 +1,680 @@
diff -Naur bacula-9.0.0.old/src/lib/lib.h bacula-9.0.0/src/lib/lib.h
--- bacula-9.0.0.old/src/lib/lib.h 2017-07-10 08:52:38.928834471 +0200
+++ bacula-9.0.0/src/lib/lib.h 2017-07-10 09:06:14.956314468 +0200
@@ -53,7 +53,6 @@
#include "fnmatch.h"
#endif
#include "md5.h"
-#include "sha1.h"
#include "tree.h"
#include "watchdog.h"
#include "btimers.h"
diff -Naur bacula-9.0.0.old/src/lib/Makefile.in bacula-9.0.0/src/lib/Makefile.in
--- bacula-9.0.0.old/src/lib/Makefile.in 2017-07-10 08:52:38.928834471 +0200
+++ bacula-9.0.0/src/lib/Makefile.in 2017-07-10 09:06:49.445973039 +0200
@@ -38,7 +38,7 @@
flist.h fnmatch.h guid_to_name.h htable.h lex.h \
lib.h lz4.h md5.h mem_pool.h message.h \
openssl.h parse_conf.h plugins.h protos.h queue.h rblist.h \
- runscript.h rwlock.h serial.h sellist.h sha1.h sha2.h \
+ runscript.h rwlock.h serial.h sellist.h sha2.h \
smartall.h status.h tls.h tree.h var.h \
watchdog.h workq.h ini.h \
lockmgr.h devlock.h output.h bwlimit.h
@@ -52,7 +52,7 @@
guid_to_name.c hmac.c jcr.c lex.c lz4.c alist.c dlist.c \
md5.c message.c mem_pool.c openssl.c \
plugins.c priv.c queue.c bregex.c \
- runscript.c rwlock.c scan.c sellist.c serial.c sha1.c sha2.c \
+ runscript.c rwlock.c scan.c sellist.c serial.c sha2.c \
signal.c smartall.c rblist.c tls.c tree.c \
util.c var.c watchdog.c workq.c btimers.c \
worker.c flist.c \
@@ -218,13 +218,6 @@
$(RMF) md5.o
$(CXX) $(DEFS) $(DEBUG) -c $(CPPFLAGS) -I$(srcdir) -I$(basedir) $(DINCLUDE) $(CFLAGS) md5.c
-sha1sum: Makefile sha1.o
- $(RMF) sha1.o
- $(CXX) -DSHA1_SUM $(DEFS) $(DEBUG) -c $(CPPFLAGS) -I$(srcdir) -I$(basedir) $(DINCLUDE) $(CFLAGS) sha1.c
- $(LIBTOOL_LINK) $(CXX) $(LDFLAGS) -L. -o $@ sha1.o $(DLIB) -lbac -lm $(LIBS) $(OPENSSL_LIBS)
- $(RMF) sha1.o
- $(CXX) $(DEFS) $(DEBUG) -c $(CPPFLAGS) -I$(srcdir) -I$(basedir) $(DINCLUDE) $(CFLAGS) sha1.c
-
bsnprintf: Makefile bsnprintf.o
$(RMF) bsnprintf.o
$(CXX) -DTEST_PROGRAM $(DEFS) $(DEBUG) -c $(CPPFLAGS) -I$(srcdir) -I$(basedir) $(DINCLUDE) $(CFLAGS) bsnprintf.c
@@ -274,7 +267,7 @@
clean: libtool-clean
@$(RMF) core a.out *.o *.bak *.tex *.pdf *~ *.intpro *.extpro 1 2 3
- @$(RMF) rwlock_test md5sum sha1sum
+ @$(RMF) rwlock_test md5sum
realclean: clean
@$(RMF) tags
diff -Naur bacula-9.0.0.old/src/lib/sha1.c bacula-9.0.0/src/lib/sha1.c
--- bacula-9.0.0.old/src/lib/sha1.c 2017-07-10 08:52:38.929834490 +0200
+++ bacula-9.0.0/src/lib/sha1.c 1970-01-01 01:00:00.000000000 +0100
@@ -1,510 +0,0 @@
-/*
- * sha1.c
- *
- * Description:
- * This file implements the Secure Hashing Algorithm 1 as
- * defined in FIPS PUB 180-1 published April 17, 1995.
- *
- * The SHA-1, produces a 160-bit message digest for a given
- * data stream. It should take about 2**n steps to find a
- * message with the same digest as a given message and
- * 2**(n/2) to find any two messages with the same digest,
- * when n is the digest size in bits. Therefore, this
- * algorithm can serve as a means of providing a
- * "fingerprint" for a message.
- *
- * Portability Issues:
- * SHA-1 is defined in terms of 32-bit "words". This code
- * uses <stdint.h> (included via "sha1.h" to define 32 and 8
- * bit unsigned integer types. If your C compiler does not
- * support 32 bit unsigned integers, this code is not
- * appropriate.
- *
- * Caveats:
- * SHA-1 is designed to work with messages less than 2^64 bits
- * long. Although SHA-1 allows a message digest to be generated
- * for messages of any number of bits less than 2^64, this
- * implementation only works with messages with a length that is
- * a multiple of the size of an 8-bit character.
- *
- * See sha1.h for copyright
- */
-
-#include "sha1.h"
-
-/*
- * Define the SHA1 circular left shift macro
- */
-#define SHA1CircularShift(bits,word) \
- (((word) << (bits)) | ((word) >> (32-(bits))))
-
-/* Local Function Prototyptes */
-static void SHA1PadMessage(SHA1Context *);
-static void SHA1ProcessMessageBlock(SHA1Context *);
-
-/*
- * SHA1Init
- *
- * Description:
- * This function will initialize the SHA1Context in preparation
- * for computing a new SHA1 message digest.
- *
- * Parameters:
- * context: [in/out]
- * The context to reset.
- *
- * Returns:
- * sha Error Code.
- *
- */
-int SHA1Init(SHA1Context *context)
-{
- if (!context)
- {
- return shaNull;
- }
-
- context->Length_Low = 0;
- context->Length_High = 0;
- context->Message_Block_Index = 0;
-
- context->Intermediate_Hash[0] = 0x67452301;
- context->Intermediate_Hash[1] = 0xEFCDAB89;
- context->Intermediate_Hash[2] = 0x98BADCFE;
- context->Intermediate_Hash[3] = 0x10325476;
- context->Intermediate_Hash[4] = 0xC3D2E1F0;
-
- context->Computed = 0;
- context->Corrupted = 0;
-
- return shaSuccess;
-}
-
-/*
- * SHA1Final
- *
- * Description:
- * This function will return the 160-bit message digest into the
- * Message_Digest array provided by the caller.
- * NOTE: The first octet of hash is stored in the 0th element,
- * the last octet of hash in the 19th element.
- *
- * Parameters:
- * context: [in/out]
- * The context to use to calculate the SHA-1 hash.
- * Message_Digest: [out]
- * Where the digest is returned.
- *
- * Returns:
- * sha Error Code.
- *
- */
-int SHA1Final(SHA1Context *context,
- uint8_t Message_Digest[SHA1HashSize])
-{
- int i;
-
- if (!context || !Message_Digest) {
- return shaNull;
- }
-
- if (context->Corrupted) {
- return context->Corrupted;
- }
-
- if (!context->Computed) {
- SHA1PadMessage(context);
- for(i=0; i<64; ++i) {
- /* message may be sensitive, clear it out */
- context->Message_Block[i] = 0;
- }
- context->Length_Low = 0; /* and clear length */
- context->Length_High = 0;
- context->Computed = 1;
-
- }
-
- for(i = 0; i < SHA1HashSize; ++i) {
- Message_Digest[i] = context->Intermediate_Hash[i>>2]
- >> 8 * ( 3 - ( i & 0x03 ) );
- }
-
- return shaSuccess;
-}
-
-/*
- * SHA1Update
- *
- * Description:
- * This function accepts an array of octets as the next portion
- * of the message.
- *
- * Parameters:
- * context: [in/out]
- * The SHA context to update
- * message_array: [in]
- * An array of characters representing the next portion of
- * the message.
- * length: [in]
- * The length of the message in message_array
- *
- * Returns:
- * sha Error Code.
- *
- */
-int SHA1Update(SHA1Context *context,
- const uint8_t *message_array,
- unsigned length)
-{
- if (!length) {
- return shaSuccess;
- }
-
- if (!context || !message_array) {
- return shaNull;
- }
-
- if (context->Computed) {
- context->Corrupted = shaStateError;
-
- return shaStateError;
- }
-
- if (context->Corrupted) {
- return context->Corrupted;
- }
- while(length-- && !context->Corrupted) {
- context->Message_Block[context->Message_Block_Index++] =
- (*message_array & 0xFF);
-
- context->Length_Low += 8;
- if (context->Length_Low == 0) {
- context->Length_High++;
- if (context->Length_High == 0) {
- /* Message is too long */
- context->Corrupted = 1;
- }
- }
-
- if (context->Message_Block_Index == 64) {
- SHA1ProcessMessageBlock(context);
- }
-
- message_array++;
- }
-
- return shaSuccess;
-}
-
-/*
- * SHA1ProcessMessageBlock
- *
- * Description:
- * This function will process the next 512 bits of the message
- * stored in the Message_Block array.
- *
- * Parameters:
- * None.
- *
- * Returns:
- * Nothing.
- *
- * Comments:
-
- * Many of the variable names in this code, especially the
- * single character names, were used because those were the
- * names used in the publication.
- *
- *
- */
-static void SHA1ProcessMessageBlock(SHA1Context *context)
-{
- const uint32_t K[] = { /* Constants defined in SHA-1 */
- 0x5A827999,
- 0x6ED9EBA1,
- 0x8F1BBCDC,
- 0xCA62C1D6
- };
- int t; /* Loop counter */
- uint32_t temp; /* Temporary word value */
- uint32_t W[80]; /* Word sequence */
- uint32_t A, B, C, D, E; /* Word buffers */
-
- /*
- * Initialize the first 16 words in the array W
- */
- for(t = 0; t < 16; t++) {
- W[t] = context->Message_Block[t * 4] << 24;
- W[t] |= context->Message_Block[t * 4 + 1] << 16;
- W[t] |= context->Message_Block[t * 4 + 2] << 8;
- W[t] |= context->Message_Block[t * 4 + 3];
- }
-
- for(t = 16; t < 80; t++) {
- W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
- }
-
- A = context->Intermediate_Hash[0];
- B = context->Intermediate_Hash[1];
- C = context->Intermediate_Hash[2];
- D = context->Intermediate_Hash[3];
- E = context->Intermediate_Hash[4];
-
- for(t = 0; t < 20; t++) {
- temp = SHA1CircularShift(5,A) +
- ((B & C) | ((~B) & D)) + E + W[t] + K[0];
- E = D;
- D = C;
- C = SHA1CircularShift(30,B);
-
- B = A;
- A = temp;
- }
-
- for(t = 20; t < 40; t++) {
- temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1];
- E = D;
- D = C;
- C = SHA1CircularShift(30,B);
- B = A;
- A = temp;
- }
-
- for(t = 40; t < 60; t++) {
- temp = SHA1CircularShift(5,A) +
- ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2];
- E = D;
- D = C;
- C = SHA1CircularShift(30,B);
- B = A;
- A = temp;
- }
-
- for(t = 60; t < 80; t++) {
- temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3];
- E = D;
- D = C;
- C = SHA1CircularShift(30,B);
- B = A;
- A = temp;
- }
-
- context->Intermediate_Hash[0] += A;
- context->Intermediate_Hash[1] += B;
- context->Intermediate_Hash[2] += C;
- context->Intermediate_Hash[3] += D;
- context->Intermediate_Hash[4] += E;
-
- context->Message_Block_Index = 0;
-}
-
-/*
- * SHA1PadMessage
- *
-
- * Description:
- * According to the standard, the message must be padded to an even
- * 512 bits. The first padding bit must be a '1'. The last 64
- * bits represent the length of the original message. All bits in
- * between should be 0. This function will pad the message
- * according to those rules by filling the Message_Block array
- * accordingly. It will also call the ProcessMessageBlock function
- * provided appropriately. When it returns, it can be assumed that
- * the message digest has been computed.
- *
- * Parameters:
- * context: [in/out]
- * The context to pad
- * ProcessMessageBlock: [in]
- * The appropriate SHA*ProcessMessageBlock function
- * Returns:
- * Nothing.
- *
- */
-
-static void SHA1PadMessage(SHA1Context *context)
-{
- /*
- * Check to see if the current message block is too small to hold
- * the initial padding bits and length. If so, we will pad the
- * block, process it, and then continue padding into a second
- * block.
- */
- if (context->Message_Block_Index > 55) {
- context->Message_Block[context->Message_Block_Index++] = 0x80;
- while(context->Message_Block_Index < 64) {
- context->Message_Block[context->Message_Block_Index++] = 0;
- }
-
- SHA1ProcessMessageBlock(context);
-
- while(context->Message_Block_Index < 56) {
- context->Message_Block[context->Message_Block_Index++] = 0;
- }
- } else {
- context->Message_Block[context->Message_Block_Index++] = 0x80;
- while(context->Message_Block_Index < 56) {
-
- context->Message_Block[context->Message_Block_Index++] = 0;
- }
- }
-
- /*
- * Store the message length as the last 8 octets
- */
- context->Message_Block[56] = context->Length_High >> 24;
- context->Message_Block[57] = context->Length_High >> 16;
- context->Message_Block[58] = context->Length_High >> 8;
- context->Message_Block[59] = context->Length_High;
- context->Message_Block[60] = context->Length_Low >> 24;
- context->Message_Block[61] = context->Length_Low >> 16;
- context->Message_Block[62] = context->Length_Low >> 8;
- context->Message_Block[63] = context->Length_Low;
-
- SHA1ProcessMessageBlock(context);
-}
-
-#ifdef TEST_DRIVER
-
-/*
- * sha1test.c
- *
- * Description:
- * This file will exercise the SHA-1 code performing the three
- * tests documented in FIPS PUB 180-1 plus one which calls
- * SHA1Input with an exact multiple of 512 bits, plus a few
- * error test checks.
- *
- * Portability Issues:
- * None.
- *
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <string.h>
-#include "sha1.h"
-
-/*
- * Define patterns for testing
- */
-#define TEST1 "abc"
-#define TEST2a "abcdbcdecdefdefgefghfghighijhi"
-
-#define TEST2b "jkijkljklmklmnlmnomnopnopq"
-#define TEST2 TEST2a TEST2b
-#define TEST3 "a"
-#define TEST4a "01234567012345670123456701234567"
-#define TEST4b "01234567012345670123456701234567"
- /* an exact multiple of 512 bits */
-#define TEST4 TEST4a TEST4b
-char *testarray[4] =
-{
- TEST1,
- TEST2,
- TEST3,
- TEST4
-};
-long int repeatcount[4] = { 1, 1, 1000000, 10 };
-char *resultarray[4] =
-{
- "A9 99 3E 36 47 06 81 6A BA 3E 25 71 78 50 C2 6C 9C D0 D8 9D",
- "84 98 3E 44 1C 3B D2 6E BA AE 4A A1 F9 51 29 E5 E5 46 70 F1",
- "34 AA 97 3C D4 C4 DA A4 F6 1E EB 2B DB AD 27 31 65 34 01 6F",
- "DE A3 56 A2 CD DD 90 C7 A7 EC ED C5 EB B5 63 93 4F 46 04 52"
-};
-
-int main()
-{
- SHA1Context sha;
- int i, j, err;
- uint8_t Message_Digest[20];
-
- /*
- * Perform SHA-1 tests
- */
- for(j = 0; j < 4; ++j) {
- printf( "\nTest %d: %d, '%s'\n",
- j+1,
- repeatcount[j],
- testarray[j]);
-
- err = SHA1Init(&sha);
- if (err) {
- fprintf(stderr, "SHA1Reset Error %d.\n", err );
- break; /* out of for j loop */
- }
-
- for(i = 0; i < repeatcount[j]; ++i) {
-
- err = SHA1Input(&sha,
- (const unsigned char *) testarray[j],
- strlen(testarray[j]));
- if (err) {
- fprintf(stderr, "SHA1Input Error %d.\n", err );
- break; /* out of for i loop */
- }
- }
-
- err = SHA1Final(&sha, Message_Digest);
- if (err) {
- fprintf(stderr,
- "SHA1Result Error %d, could not compute message digest.\n",
- err );
- }
- else
- {
- printf("\t");
- for(i = 0; i < 20 ; ++i) {
- printf("%02X ", Message_Digest[i]);
- }
- printf("\n");
- }
- printf("Should match:\n");
- printf("\t%s\n", resultarray[j]);
- }
-
- /* Test some error returns */
- err = SHA1Input(&sha,(const unsigned char *) testarray[1], 1);
- printf ("\nError %d. Should be %d.\n", err, shaStateError );
- err = SHA1Init(0);
- printf ("\nError %d. Should be %d.\n", err, shaNull );
- return 0;
-}
-
-#endif /* TEST_DRIVER */
-
-#ifdef SHA1_SUM
-/*
- * Reads a single ASCII file and prints the HEX sha1 sum.
- */
-#include <stdio.h>
-int main(int argc, char *argv[])
-{
- FILE *fd;
- SHA1Context ctx;
- char buf[5000];
- char signature[25];
-
- if (argc < 1) {
- printf("Must have filename\n");
- exit(1);
- }
- fd = fopen(argv[1], "rb");
- if (!fd) {
- berrno be;
- printf("Could not open %s: ERR=%s\n", argv[1], be.bstrerror(errno));
- exit(1);
- }
- SHA1Init(&ctx);
- while (fgets(buf, sizeof(buf), fd)) {
- SHA1Update(&ctx, (unsigned char *)buf, strlen(buf));
- }
- SHA1Final(&ctx, (unsigned char *)signature);
- for (int i=0; i < 20; i++) {
- printf("%02x", signature[i]& 0xFF);
- }
- printf(" %s\n", argv[1]);
- fclose(fd);
-}
-#endif
diff -Naur bacula-9.0.0.old/src/lib/sha1.h bacula-9.0.0/src/lib/sha1.h
--- bacula-9.0.0.old/src/lib/sha1.h 2017-07-10 08:52:38.928834471 +0200
+++ bacula-9.0.0/src/lib/sha1.h 1970-01-01 01:00:00.000000000 +0100
@@ -1,107 +0,0 @@
-/*
- * sha1.h
- *
- * Description:
- * This is the header file for code which implements the Secure
- * Hashing Algorithm 1 as defined in FIPS PUB 180-1 published
- * April 17, 1995.
- *
- * Many of the variable names in this code, especially the
- * single character names, were used because those were the names
- * used in the publication.
- *
- * Please read the file sha1.c for more information.
- *
- * Full Copyright Statement
- *
- * Copyright (C) The Internet Society (2001). All Rights Reserved.
- *
- * This document and translations of it may be copied and furnished to
- * others, and derivative works that comment on or otherwise explain it
- * or assist in its implementation may be prepared, copied, published
- * and distributed, in whole or in part, without restriction of any
- * kind, provided that the above copyright notice and this paragraph are
- * included on all such copies and derivative works. However, this
- * document itself may not be modified in any way, such as by removing
- * the copyright notice or references to the Internet Society or other
- * Internet organizations, except as needed for the purpose of
- * developing Internet standards in which case the procedures for
- * copyrights defined in the Internet Standards process must be
- * followed, or as required to translate it into languages other than
- * English.
- *
- * The limited permissions granted above are perpetual and will not be
- * revoked by the Internet Society or its successors or assigns.
- *
- * This document and the information contained herein is provided on an
- * "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
- * TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
- * BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
- * HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
- * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
- *
- * Acknowledgement
- *
- * Funding for the RFC Editor function is currently provided by the
- * Internet Society.
- *
- */
-
-#ifndef _SHA1_H_
-#define _SHA1_H_
-
-#include "bacula.h"
-
-/*
- * If you do not have the ISO standard stdint.h header file, then you
- * must typdef the following:
- * name meaning
- * uint32_t unsigned 32 bit integer
- * uint8_t unsigned 8 bit integer (i.e., unsigned char)
- * int32_t integer of 32 bits
- *
- */
-
-#ifndef _SHA_enum_
-#define _SHA_enum_
-enum
-{
- shaSuccess = 0,
- shaNull, /* Null pointer parameter */
- shaInputTooLong, /* input data too long */
- shaStateError /* called Input after Result */
-};
-#endif
-#define SHA1HashSize 20
-
-/*
- * This structure will hold context information for the SHA-1
- * hashing operation
- */
-typedef struct SHA1Context
-{
- uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */
-
- uint32_t Length_Low; /* Message length in bits */
- uint32_t Length_High; /* Message length in bits */
-
- /* Index into message block array */
- int32_t Message_Block_Index;
- uint8_t Message_Block[64]; /* 512-bit message blocks */
-
- int Computed; /* Is the digest computed? */
- int Corrupted; /* Is the message digest corrupted? */
-} SHA1Context;
-
-/*
- * Function Prototypes
- */
-
-int SHA1Init(SHA1Context *);
-int SHA1Update(SHA1Context *,
- const uint8_t *,
- unsigned int);
-int SHA1Final(SHA1Context *,
- uint8_t Message_Digest[SHA1HashSize]);
-
-#endif

View File

@ -0,0 +1,39 @@
diff -Naur bacula-9.0.0.old/src/dird/bacula-dir.conf.in bacula-9.0.0/src/dird/bacula-dir.conf.in
--- bacula-9.0.0.old/src/dird/bacula-dir.conf.in 2017-07-10 08:52:38.930834509 +0200
+++ bacula-9.0.0/src/dird/bacula-dir.conf.in 2017-07-10 08:53:11.189444548 +0200
@@ -18,7 +18,7 @@
Director { # define myself
Name = @basename@-dir
DIRport = @dir_port@ # where we listen for UA connections
- QueryFile = "@scriptdir@/query.sql"
+ QueryFile = "@sysconfdir@/query.sql"
WorkingDirectory = "@working_dir@"
PidDirectory = "@piddir@"
Maximum Concurrent Jobs = 20
diff -Naur bacula-9.0.0.old/src/dird/Makefile.in bacula-9.0.0/src/dird/Makefile.in
--- bacula-9.0.0.old/src/dird/Makefile.in 2017-07-10 08:52:38.930834509 +0200
+++ bacula-9.0.0/src/dird/Makefile.in 2017-07-10 08:54:24.363828341 +0200
@@ -124,11 +124,11 @@
@if test "x${dir_group}" != "x" -a "x${DESTDIR}" = "x" ; then \
chgrp -f ${dir_group} ${DESTDIR}${sysconfdir}/$$destconf ; \
fi
- @if test -f ${DESTDIR}${scriptdir}/query.sql; then \
+ @if test -f ${DESTDIR}${sysconfdir}/query.sql; then \
echo " ==> Saving existing query.sql to query.sql.old"; \
- $(MV) -f ${DESTDIR}${scriptdir}/query.sql ${DESTDIR}${scriptdir}/query.sql.old; \
+ $(MV) -f ${DESTDIR}${sysconfdir}/query.sql ${DESTDIR}${sysconfdir}/query.sql.old; \
fi
- ${INSTALL_DATA} query.sql ${DESTDIR}${scriptdir}/query.sql
+ ${INSTALL_DATA} query.sql ${DESTDIR}${sysconfdir}/query.sql
@if test -f static-bacula-dir; then \
$(LIBTOOL_INSTALL) $(INSTALL_PROGRAM) static-bacula-dir $(DESTDIR)$(sbindir)/static-bacula-dir; \
fi
@@ -137,7 +137,7 @@
uninstall:
(cd $(DESTDIR)$(sbindir); $(RMF) bacula-dir bdirjson)
(cd $(DESTDIR)$(sysconfdir); $(RMF) bacula-dir.conf bacula-dir.conf.new)
- (cd $(DESTDIR)$(scriptdir); $(RMF) query.sql)
+ (cd $(DESTDIR)$(sysconfdir); $(RMF) query.sql)

View File

@ -0,0 +1,21 @@
diff -Naur bacula-9.0.0.old/src/lib/message.c bacula-9.0.0/src/lib/message.c
--- bacula-9.0.0.old/src/lib/message.c 2017-07-10 08:52:38.928834471 +0200
+++ bacula-9.0.0/src/lib/message.c 2017-07-10 09:04:34.923403834 +0200
@@ -28,6 +28,7 @@
*
*/
+#include <assert.h>
#include "bacula.h"
#include "jcr.h"
@@ -1367,7 +1368,8 @@
if (type == M_ABORT) {
char *p = 0;
- p[0] = 0; /* generate segmentation violation */
+ // p[0] = 0; /* generate segmentation violation */
+ assert(p!=NULL);
}
if (type == M_ERROR_TERM) {
exit(1);

View File

@ -0,0 +1,39 @@
diff -Naur bacula-9.0.2.old/scripts/bacula-tray-monitor.desktop.in bacula-9.0.2/scripts/bacula-tray-monitor.desktop.in
--- bacula-9.0.2.old/scripts/bacula-tray-monitor.desktop.in 2017-07-24 15:22:19.884540422 +0200
+++ bacula-9.0.2/scripts/bacula-tray-monitor.desktop.in 2017-07-24 15:37:02.175038149 +0200
@@ -1,10 +1,9 @@
[Desktop Entry]
Name=Bacula Monitor
Comment=Notification Tray Monitor
-Icon=/usr/share/pixmaps/bacula-tray-monitor.xpm
+Icon=/usr/share/pixmaps/bacula-tray-monitor.png
Exec=@sbindir@/bacula-tray-monitor -c @sysconfdir@/tray-monitor.conf
Terminal=false
Type=Application
-Encoding=UTF-8
X-Desktop-File-Install-Version=0.3
-Categories=System;Application;Utility;X-Red-Hat-Base;
+Categories=Utility;
diff -Naur bacula-9.0.2.old/scripts/bat.desktop.in bacula-9.0.2/scripts/bat.desktop.in
--- bacula-9.0.2.old/scripts/bat.desktop.in 2017-07-24 15:22:19.884540422 +0200
+++ bacula-9.0.2/scripts/bat.desktop.in 2017-07-24 15:36:22.753301014 +0200
@@ -5,7 +5,6 @@
Exec=@sbindir@/bat -c @sysconfdir@/bat.conf
Terminal=false
Type=Application
-Encoding=UTF-8
StartupNotify=true
X-Desktop-File-Install-Version=0.3
-Categories=System;Application;Utility;X-Red-Hat-Base;
+Categories=Utility;
diff -Naur bacula-9.0.2.old/scripts/Makefile.in bacula-9.0.2/scripts/Makefile.in
--- bacula-9.0.2.old/scripts/Makefile.in 2017-07-24 15:22:19.884540422 +0200
+++ bacula-9.0.2/scripts/Makefile.in 2017-07-24 15:25:03.829605989 +0200
@@ -67,7 +67,6 @@
$(MV) -f ${DESTDIR}${scriptdir}/baculabackupreport ${DESTDIR}${scriptdir}/baculabackupreport.old; \
fi
$(INSTALL_SCRIPT) baculabackupreport $(DESTDIR)$(scriptdir)/baculabackupreport
- $(INSTALL_SCRIPT) bacula-tray-monitor.desktop $(DESTDIR)$(scriptdir)/bacula-tray-monitor.desktop
chmod 0644 $(DESTDIR)$(scriptdir)/btraceback.gdb \
$(DESTDIR)$(scriptdir)/btraceback.dbx \
$(DESTDIR)$(scriptdir)/btraceback.mdb

View File

@ -0,0 +1,9 @@
diff -Naur bacula-9.0.4.old/src/cats/make_sqlite3_tables.in bacula-9.0.4/src/cats/make_sqlite3_tables.in
--- bacula-9.0.4.old/src/cats/make_sqlite3_tables.in 2017-09-15 13:38:22.717599355 +0200
+++ bacula-9.0.4/src/cats/make_sqlite3_tables.in 2017-09-15 13:38:36.414851879 +0200
@@ -481,4 +481,5 @@
echo ""
chmod 640 ${db_name}.db
+chown bacula:bacula ${db_name}.db
exit 0

View File

@ -0,0 +1,39 @@
diff -Naur bacula-9.0.6.old/src/qt-console/bat.pro.in bacula-9.0.6/src/qt-console/bat.pro.in
--- bacula-9.0.6.old/src/qt-console/bat.pro.in 2017-12-07 15:44:44.737173178 +0100
+++ bacula-9.0.6/src/qt-console/bat.pro.in 2017-12-07 15:44:55.118366334 +0100
@@ -6,7 +6,7 @@
#
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
#
-CONFIG += qt debug @QWT@
+CONFIG += qt release @QWT@
greaterThan(QT_MAJOR_VERSION, 4): QT += widgets
@@ -15,7 +15,7 @@
bins.files = bat
confs.path = /$(DESTDIR)@sysconfdir@
confs.commands = ./install_conf_file
-help.path = /$(DESTDIR)@docdir@
+help.path = /$(DESTDIR)@htmldir@
help.files = help/*.html images/status.png images/mail-message-new.png
datarootdir = @datarootdir@
diff -Naur bacula-9.0.6.old/src/qt-console/main.cpp bacula-9.0.6/src/qt-console/main.cpp
--- bacula-9.0.6.old/src/qt-console/main.cpp 2017-12-07 15:44:44.742173271 +0100
+++ bacula-9.0.6/src/qt-console/main.cpp 2017-12-07 15:44:55.119366353 +0100
@@ -29,11 +29,11 @@
#include <QTranslator>
/*
- * We need Qt version 4.8.4 or later to be able to comple correctly
+ * We need Qt version 4.6.2 or later to be able to comple correctly
*/
-#if QT_VERSION < 0x040804
+#if QT_VERSION < 0x040602
#error "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
-#error "You need Qt version 4.8.4 or later to build Bat"
+#error "You need Qt version 4.6.2 or later to build Bat"
#error "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
#endif

View File

@ -0,0 +1,43 @@
diff -Naur bacula-9.0.6.old/src/lib/crypto.c bacula-9.0.6/src/lib/crypto.c
--- bacula-9.0.6.old/src/lib/crypto.c 2017-12-07 15:42:03.771178189 +0100
+++ bacula-9.0.6/src/lib/crypto.c 2017-12-07 15:42:25.300578772 +0100
@@ -42,7 +42,7 @@
* For OpenSSL version 1.x, EVP_PKEY_encrypt no longer
* exists. It was not an official API.
*/
-#ifdef HAVE_OPENSSLv1
+#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
#define EVP_PKEY_encrypt EVP_PKEY_encrypt_old
#define EVP_PKEY_decrypt EVP_PKEY_decrypt_old
#endif
diff -Naur bacula-9.0.6.old/src/lib/tls.c bacula-9.0.6/src/lib/tls.c
--- bacula-9.0.6.old/src/lib/tls.c 2017-12-07 15:42:03.770178170 +0100
+++ bacula-9.0.6/src/lib/tls.c 2017-12-07 15:42:26.891608376 +0100
@@ -47,9 +47,6 @@
#include "openssl-compat.h"
-/* No anonymous ciphers, no <128 bit ciphers, no export ciphers, no MD5 ciphers */
-#define TLS_DEFAULT_CIPHERS "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
-
/* TLS Context Structure */
struct TLS_Context {
SSL_CTX *openssl;
@@ -206,7 +203,7 @@
SSL_CTX_set_options(ctx->openssl, SSL_OP_SINGLE_DH_USE);
}
- if (SSL_CTX_set_cipher_list(ctx->openssl, TLS_DEFAULT_CIPHERS) != 1) {
+ if (SSL_CTX_set_cipher_list(ctx->openssl, "PROFILE=SYSTEM") != 1) {
Jmsg0(NULL, M_ERROR, 0,
_("Error setting cipher list, no valid ciphers available\n"));
goto err;
@@ -328,7 +325,7 @@
extname = OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(ext)));
if (strcmp(extname, "subjectAltName") == 0) {
-#ifdef HAVE_OPENSSLv1
+#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
const X509V3_EXT_METHOD *method;
#else
X509V3_EXT_METHOD *method;

View File

@ -0,0 +1,12 @@
diff -urNp old/src/qt-console/pages.h new/src/qt-console/pages.h
--- old/src/qt-console/pages.h 2017-11-21 18:37:16.000000000 +0100
+++ new/src/qt-console/pages.h 2018-02-06 12:37:04.490297821 +0100
@@ -21,7 +21,7 @@
/*
* Dirk Bartley, March 2007
*/
-
+#include <QtGlobal>
#if QT_VERSION >= 0x050000
#include <QtWidgets>
#else

View File

@ -0,0 +1,33 @@
--- bacula-9.0.6.old/src/qt-console/tray-monitor/task.cpp 2018-01-28 15:19:14.055587280 -0600
+++ bacula-9.0.6/src/qt-console/tray-monitor/task.cpp 2018-01-28 15:18:55.151599308 -0600
@@ -992,15 +992,15 @@
}
/* cache the file set */
- res->bs->fsend(".bvfs_update jobid=%s\n", jobs.toUtf8());
+ res->bs->fsend(".bvfs_update jobid=%s\n", bstrdup(jobs.toUtf8()) );
while (get_next_line(res)) {
Dmsg2(dbglvl, "<- %d %s\n", res->bs->msglen, curline);
}
if (pathid == 0) {
- res->bs->fsend(".bvfs_lsdirs jobid=%s path=\"\"\n", jobs.toUtf8());
+ res->bs->fsend(".bvfs_lsdirs jobid=%s path=\"\"\n", bstrdup(jobs.toUtf8()));
} else {
- res->bs->fsend(".bvfs_lsdirs jobid=%s pathid=%lld\n", jobs.toUtf8(), pathid);
+ res->bs->fsend(".bvfs_lsdirs jobid=%s pathid=%lld\n", bstrdup(jobs.toUtf8()), pathid);
}
while (get_next_line(res)) {
@@ -1024,9 +1024,9 @@
/* then, request files */
if (pathid == 0) {
- res->bs->fsend(".bvfs_lsfiles jobid=%s path=\"\"\n", jobs.toUtf8());
+ res->bs->fsend(".bvfs_lsfiles jobid=%s path=\"\"\n", bstrdup(jobs.toUtf8()));
} else {
- res->bs->fsend(".bvfs_lsfiles jobid=%s pathid=%lld\n", jobs.toUtf8(), pathid);
+ res->bs->fsend(".bvfs_lsfiles jobid=%s pathid=%lld\n", bstrdup(jobs.toUtf8()), pathid);
}
while (get_next_line(res)) {

View File

@ -0,0 +1,303 @@
Author: Vaclav Dolezal <vdolezal@redhat.com>
Date: Mon Aug 12 14:51:39 2019 +0200
Use functions from OpenSSL for HMAC, MD5 and random bytes
diff --git a/bacula/src/dird/dird_conf.c b/bacula/src/dird/dird_conf.c
index 02fae0bab..dff241356 100644
--- a/bacula/src/dird/dird_conf.c
+++ b/bacula/src/dird/dird_conf.c
@@ -42,6 +42,10 @@
#include "bacula.h"
#include "dird.h"
+#if HAVE_OPENSSL
+# include <openssl/evp.h>
+#endif
+
/* Define the first and last resource ID record
* types. Note, these should be unique for each
* daemon though not a requirement.
@@ -1645,6 +1649,11 @@ void free_resource(RES *rres, int type)
free(res->res_fs.exclude_items);
}
res->res_fs.num_excludes = 0;
+#if HAVE_OPENSSL
+ EVP_MD_CTX_free(res->res_fs.md5c);
+ res->res_fs.md5c = NULL;
+ res->res_fs.have_MD5 = false;
+#endif
break;
case R_POOL:
if (res->res_pool.pool_type) {
diff --git a/bacula/src/dird/dird_conf.h b/bacula/src/dird/dird_conf.h
index 5174a7a14..4e910c5bd 100644
--- a/bacula/src/dird/dird_conf.h
+++ b/bacula/src/dird/dird_conf.h
@@ -24,6 +24,10 @@
/* NOTE: #includes at the end of this file */
+#if HAVE_OPENSSL
+# include <openssl/evp.h>
+#endif
+
/*
* Resource codes -- they must be sequential for indexing
*/
@@ -591,7 +595,11 @@ public:
INCEXE **exclude_items;
int32_t num_excludes;
bool have_MD5; /* set if MD5 initialized */
+#if HAVE_OPENSSL
+ EVP_MD_CTX *md5c; /* MD5 of include/exclude */
+#else
struct MD5Context md5c; /* MD5 of include/exclude */
+#endif
char MD5[30]; /* base 64 representation of MD5 */
bool ignore_fs_changes; /* Don't force Full if FS changed */
bool enable_vss; /* Enable Volume Shadow Copy */
diff --git a/bacula/src/dird/inc_conf.c b/bacula/src/dird/inc_conf.c
index 3f4fbf55e..64b422242 100644
--- a/bacula/src/dird/inc_conf.c
+++ b/bacula/src/dird/inc_conf.c
@@ -32,6 +32,10 @@
#include <regex.h>
#endif
+#if HAVE_OPENSSL
+# include <openssl/evp.h>
+#endif
+
/* Forward referenced subroutines */
void store_inc(LEX *lc, RES_ITEM *item, int index, int pass);
@@ -354,7 +358,17 @@ static void store_newinc(LEX *lc, RES_ITEM *item, int index, int pass)
bool options;
if (!res_all.res_fs.have_MD5) {
+#if HAVE_OPENSSL
+ res_all.res_fs.md5c = EVP_MD_CTX_new();
+ if (!res_all.res_fs.md5c
+ || !EVP_DigestInit_ex(res_all.res_fs.md5c, EVP_md5(), NULL)
+ ) {
+ Emsg1(M_ERROR_TERM, 0, "MD5 computation failed: %s\n",
+ ERR_reason_error_string(ERR_peek_last_error()));
+ }
+#else
MD5Init(&res_all.res_fs.md5c);
+#endif
res_all.res_fs.have_MD5 = true;
}
memset(&res_incexe, 0, sizeof(INCEXE));
@@ -620,7 +634,13 @@ static void store_fname(LEX *lc, RES_ITEM2 *item, int index, int pass, bool excl
}
case T_QUOTED_STRING:
if (res_all.res_fs.have_MD5) {
+#if HAVE_OPENSSL
+ if (!EVP_DigestUpdate(res_all.res_fs.md5c, (void *)lc->str, (size_t) lc->str_len))
+ Emsg1(M_ERROR_TERM, 0, "MD5 computation failed: %s\n",
+ ERR_reason_error_string(ERR_peek_last_error()));
+#else
MD5Update(&res_all.res_fs.md5c, (unsigned char *)lc->str, lc->str_len);
+#endif
}
incexe = &res_incexe;
if (incexe->name_list.size() == 0) {
@@ -663,7 +683,13 @@ static void store_plugin_name(LEX *lc, RES_ITEM2 *item, int index, int pass, boo
}
case T_QUOTED_STRING:
if (res_all.res_fs.have_MD5) {
+#if HAVE_OPENSSL
+ if (!EVP_DigestUpdate(res_all.res_fs.md5c, (void *)lc->str, (size_t) lc->str_len))
+ Emsg1(M_ERROR_TERM, 0, "MD5 computation failed: %s\n",
+ ERR_reason_error_string(ERR_peek_last_error()));
+#else
MD5Update(&res_all.res_fs.md5c, (unsigned char *)lc->str, lc->str_len);
+#endif
}
incexe = &res_incexe;
if (incexe->plugin_list.size() == 0) {
diff --git a/bacula/src/dird/job.c b/bacula/src/dird/job.c
index b5b39c7d5..7d69f0157 100644
--- a/bacula/src/dird/job.c
+++ b/bacula/src/dird/job.c
@@ -25,6 +25,10 @@
#include "bacula.h"
#include "dird.h"
+#if HAVE_OPENSSL
+# include <openssl/evp.h>
+#endif
+
/* Forward referenced subroutines */
static void *job_thread(void *arg);
static void job_monitor_watchdog(watchdog_t *self);
@@ -1308,10 +1312,27 @@ bool get_or_create_fileset_record(JCR *jcr)
memset(&fsr, 0, sizeof(FILESET_DBR));
bstrncpy(fsr.FileSet, jcr->fileset->hdr.name, sizeof(fsr.FileSet));
if (jcr->fileset->have_MD5) {
+#if HAVE_OPENSSL
+ EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
+ if (!mdctx)
+ Emsg1(M_ERROR_TERM, 0, "MD5 computation failed: %s\n",
+ ERR_reason_error_string(ERR_peek_last_error()));
+#else
struct MD5Context md5c;
+#endif
unsigned char digest[MD5HashSize];
+#if HAVE_OPENSSL
+ if (!EVP_MD_CTX_copy_ex(mdctx, jcr->fileset->md5c)
+ || !EVP_DigestFinal_ex(mdctx, digest, NULL)
+ ) {
+ Emsg1(M_ERROR_TERM, 0, "MD5 computation failed: %s\n",
+ ERR_reason_error_string(ERR_peek_last_error()));
+ }
+ EVP_MD_CTX_free(mdctx);
+#else
memcpy(&md5c, &jcr->fileset->md5c, sizeof(md5c));
MD5Final(digest, &md5c);
+#endif
/*
* Keep the flag (last arg) set to false otherwise old FileSets will
* get new MD5 sums and the user will get Full backups on everything
diff --git a/bacula/src/lib/hmac.c b/bacula/src/lib/hmac.c
index a8d5e3dc0..dc3b78383 100644
--- a/bacula/src/lib/hmac.c
+++ b/bacula/src/lib/hmac.c
@@ -26,6 +26,10 @@
*/
#include "bacula.h"
+#if HAVE_OPENSSL
+# include <openssl/hmac.h>
+#endif
+
#define PAD_LEN 64 /* PAD length */
#define SIG_LEN MD5HashSize /* MD5 digest length */
@@ -36,6 +40,19 @@ hmac_md5(
uint8_t* key, /* pointer to authentication key */
int key_len, /* length of authentication key */
uint8_t *hmac) /* returned hmac-md5 */
+#if HAVE_OPENSSL
+{
+ if (!HMAC(
+ EVP_md5(),
+ key, key_len,
+ text, text_len,
+ hmac, NULL
+ )) {
+ Emsg0(M_ERROR_TERM, 0, "HMAC computation failed\n");
+ }
+
+}
+#else
{
MD5Context md5c;
uint8_t k_ipad[PAD_LEN]; /* inner padding - key XORd with ipad */
@@ -90,6 +107,7 @@ hmac_md5(
MD5Update(&md5c, hmac, SIG_LEN); /* hash inner hash */
MD5Final(hmac, &md5c); /* store results */
}
+#endif
/*
Test Vectors (Trailing '\0' of a character string not included in test):
diff --git a/bacula/src/lib/parse_conf.c b/bacula/src/lib/parse_conf.c
index cb3573fbd..3f3f93fdc 100644
--- a/bacula/src/lib/parse_conf.c
+++ b/bacula/src/lib/parse_conf.c
@@ -59,6 +59,10 @@
#define MAX_PATH 1024
#endif
+#if HAVE_OPENSSL
+# include <openssl/evp.h>
+#endif
+
/*
* Define the Union of all the common resource structure definitions.
*/
@@ -538,7 +542,11 @@ void store_dir(LEX *lc, RES_ITEM *item, int index, int pass)
void store_password(LEX *lc, RES_ITEM *item, int index, int pass)
{
unsigned int i, j;
+#if HAVE_OPENSSL
+ EVP_MD_CTX *mdctx = NULL;
+#else
struct MD5Context md5c;
+#endif
unsigned char digest[CRYPTO_DIGEST_MD5_SIZE];
char sig[100];
@@ -548,9 +556,21 @@ void store_password(LEX *lc, RES_ITEM *item, int index, int pass)
} else {
lex_get_token(lc, T_STRING);
if (pass == 1) {
+#if HAVE_OPENSSL
+ mdctx = EVP_MD_CTX_new();
+ if (!mdctx
+ || !EVP_DigestInit_ex(mdctx, EVP_md5(), NULL)
+ || !EVP_DigestUpdate(mdctx, (const void *) lc->str, (size_t) lc->str_len)
+ || !EVP_DigestFinal_ex(mdctx, digest, NULL)
+ ) {
+ Emsg1(M_ERROR_TERM, 0, "MD5 computation failed: %s\n",
+ ERR_reason_error_string(ERR_peek_last_error()));
+ }
+#else
MD5Init(&md5c);
MD5Update(&md5c, (unsigned char *) (lc->str), lc->str_len);
MD5Final(digest, &md5c);
+#endif
for (i = j = 0; i < sizeof(digest); i++) {
sprintf(&sig[j], "%02x", digest[i]);
j += 2;
diff --git a/bacula/src/lib/util.c b/bacula/src/lib/util.c
index 2c425aa4c..e82b907d8 100644
--- a/bacula/src/lib/util.c
+++ b/bacula/src/lib/util.c
@@ -707,6 +707,35 @@ int do_shell_expansion(char *name, int name_len)
from SpeakFreely by John Walker */
void make_session_key(char *key, char *seed, int mode)
+#if HAVE_OPENSSL
+{
+ int j, k;
+ unsigned char buf[16];
+
+ (void) seed;
+
+ if (!RAND_bytes(buf, sizeof(buf)))
+ Emsg1(M_ERROR_TERM, 0, "Random bytes generation failed: %s\n",
+ ERR_reason_error_string(ERR_peek_last_error()));
+
+ if (mode) {
+ for (j = k = 0; j < 16; j++) {
+ unsigned char rb = buf[j];
+
+#define Rad16(x) ((x) + 'A')
+ key[k++] = Rad16((rb >> 4) & 0xF);
+ key[k++] = Rad16(rb & 0xF);
+#undef Rad16
+ if (j & 1) {
+ key[k++] = '-';
+ }
+ }
+ key[--k] = 0;
+ } else {
+ memcpy(key, buf, sizeof(buf));
+ }
+}
+#else
{
int j, k;
struct MD5Context md5c;
@@ -790,6 +819,7 @@ void make_session_key(char *key, char *seed, int mode)
}
}
#undef nextrand
+#endif
void encode_session_key(char *encode, char *session, char *key, int maxlen)
{

115
SOURCES/bacula-dir.init Normal file
View File

@ -0,0 +1,115 @@
#!/bin/sh
#
# bacula-dir Takes care of starting and stopping the Bacula Director.
#
# chkconfig: - 80 20
# description: The Bacula Director is the daemon responsible for all the logic \
# regarding the backup infrastructure: database, file retention, \
# tape indexing, scheduling.
### BEGIN INIT INFO
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Short-Description: Bacula Director Daemon.
# Description: The Bacula Director is the daemon responsible for all the logic
# regarding the backup infrastructure: database, file retention,
# tape indexing, scheduling.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
exec="/usr/sbin/bacula-dir"
prog="bacula-dir"
CONFIG="/etc/bacula/bacula-dir.conf"
OPTS="-c $CONFIG"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
lockfile=/var/lock/subsys/$prog
if [ "$DIR_USER" != '' ]; then
OPTS="$OPTS -u $DIR_USER"
fi
if [ "$DIR_GROUP" != '' ]; then
OPTS="$OPTS -g $DIR_GROUP"
fi
start() {
[ -x $exec ] || exit 5
[ -f $config ] || exit 6
echo -n $"Starting $prog: "
daemon $prog $OPTS
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
sleep 1
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
# run checks to determine if the service is running or use generic status
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?

View File

@ -0,0 +1,13 @@
[Unit]
Description=Bacula-Director, the Backup-server
Documentation=man:bacula-dir(8)
After=network.target nss-lookup.target
[Service]
Environment=CONFIG=/etc/bacula/bacula-dir.conf
EnvironmentFile=-/etc/sysconfig/bacula-dir
ExecStart=/usr/sbin/bacula-dir -f $OPTS -c $CONFIG -u $DIR_USER -g $DIR_GROUP
Restart=on-failure
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,9 @@
# User and group for bacula director
# If no user is set bacula will run as root
DIR_USER=bacula
DIR_GROUP=bacula
# Useful for debugging
#
# OPTS="-d 200"

113
SOURCES/bacula-fd.init Normal file
View File

@ -0,0 +1,113 @@
#!/bin/sh
#
# bacula-fd Takes care of starting and stopping the Bacula File Daemon.
#
# chkconfig: - 80 20
# description: The Bacula File Daemon is the daemon responsible for backing up \
# data on the system.
### BEGIN INIT INFO
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Short-Description: Bacula File Daemon.
# Description: The Bacula File Daemon is the daemon responsible for backing up
# data on the system.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
exec="/usr/sbin/bacula-fd"
prog="bacula-fd"
CONFIG="/etc/bacula/bacula-fd.conf"
OPTS="-c $CONFIG"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
lockfile=/var/lock/subsys/$prog
if [ "$FD_USER" != '' ]; then
OPTS="$OPTS -u $FD_USER"
fi
if [ "$FD_GROUP" != '' ]; then
OPTS="$OPTS -g $FD_GROUP"
fi
start() {
[ -x $exec ] || exit 5
[ -f $config ] || exit 6
echo -n $"Starting $prog: "
daemon $prog $OPTS
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
sleep 1
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
# run checks to determine if the service is running or use generic status
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?

14
SOURCES/bacula-fd.service Normal file
View File

@ -0,0 +1,14 @@
[Unit]
Description=Bacula-FileDaemon, a Backup-client
Documentation=man:bacula-fd(8)
After=network.target nss-lookup.target
[Service]
Environment=CONFIG=/etc/bacula/bacula-fd.conf
EnvironmentFile=-/etc/sysconfig/bacula-fd
ExecStart=/usr/sbin/bacula-fd -f $OPTS -c $CONFIG -u $FD_USER -g $FD_GROUP
IOSchedulingClass=idle
Restart=on-failure
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,21 @@
# User and group for bacula client
# If no user is set bacula will run as root
FD_USER=root
FD_GROUP=root
# Useful for debugging
#
# OPTS="-d 200"
# Set the following options if you want to run bacula-fd with ReadAll
# capabilities after UID/GID switch.
#
# This allows the File Daemon to keep root read but drop write permission.
# This, however, has the side effect of disabling backups of extended
# attributes because this requires super user privileges.
#
# OPTS="-k"
# FD_USER="bacula"
# FD_GROUP="bacula"

115
SOURCES/bacula-sd.init Normal file
View File

@ -0,0 +1,115 @@
#!/bin/sh
#
# bacula-sd Takes care of starting and stopping the Bacula Storage Daemon.
#
# chkconfig: - 80 20
# description: The Bacula Storage Daemon is the daemon responsible for saving \
# backed up data on the various File Daemon to the appropriate \
# storage devices.
### BEGIN INIT INFO
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Short-Description: Bacula Storage Daemon.
# Description: The Bacula Storage Daemon is the daemon responsible for saving
# backed up data on the various File Daemon to the appropriate
# storage devices.
### END INIT INFO
# Source function library.
. /etc/init.d/functions
exec="/usr/sbin/bacula-sd"
prog="bacula-sd"
CONFIG="/etc/bacula/bacula-sd.conf"
OPTS="-c $CONFIG"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
lockfile=/var/lock/subsys/$prog
if [ "$SD_USER" != '' ]; then
OPTS="$OPTS -u $SD_USER"
fi
if [ "$SD_GROUP" != '' ]; then
OPTS="$OPTS -g $SD_GROUP"
fi
start() {
[ -x $exec ] || exit 5
[ -f $config ] || exit 6
echo -n $"Starting $prog: "
daemon $prog $OPTS
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
sleep 2
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
# run checks to determine if the service is running or use generic status
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?

13
SOURCES/bacula-sd.service Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description=Bacula-StorageDaemon, the storage-server
Documentation=man:bacula-sd(8)
After=network.target nss-lookup.target
[Service]
Environment=CONFIG=/etc/bacula/bacula-sd.conf
EnvironmentFile=-/etc/sysconfig/bacula-sd
ExecStart=/usr/sbin/bacula-sd -f $OPTS -c $CONFIG -u $SD_USER -g $SD_GROUP
Restart=on-failure
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,9 @@
# Users for bacula storage
# If no user is set bacula will run as root
SD_USER=bacula
SD_GROUP=tape
# Useful for debugging
#
# OPTS="-d 200"

Binary file not shown.

After

Width:  |  Height:  |  Size: 407 B

9
SOURCES/bacula.logrotate Normal file
View File

@ -0,0 +1,9 @@
# Bacula logrotate script
/var/log/bacula/*.log {
monthly
rotate 4
notifempty
missingok
}

View File

@ -0,0 +1,55 @@
======== Quick installation guide with the MySQL backend ========
Perform the following commands to install Bacula with its default configuration
and all daemons and consoles in one server.
1) Install packages
# yum -y install mysql-server \
bacula-director bacula-storage bacula-client \
bacula-console bacula-console-bat
2) Select the MySQL database backend
# alternatives --set libbaccats.so /usr/lib64/libbaccats-mysql.so
3) Create database
# systemctl enable mysqld.service
# systemctl start mysqld.service
# cd /usr/libexec/bacula
# ./create_bacula_database mysql
# ./make_bacula_tables mysql
# ./grant_bacula_privileges mysql
4) Change passwords in /etc/bacula/*.conf with something you like.
# sed -i -e 's/@@DIR_PASSWORD@@/dir-password/g' \
-e 's/@@FD_PASSWORD@@/fd-password/g' \
-e 's/@@SD_PASSWORD@@/sd-password/g' \
-e 's/@@MON_DIR_PASSWORD@@/mon-dir-password/g' \
-e 's/@@MON_FD_PASSWORD@@/mon-fd-password/g' \
-e 's/@@MON_SD_PASSWORD@@/mon-sd-password/g' \
/etc/bacula/*.conf
5) Enable daemons and check they are working
# systemctl enable bacula-dir.service
# systemctl enable bacula-sd.service
# systemctl enable bacula-fd.service
# systemctl start bacula-dir.service
# echo status dir=bacula-dir | bconsole
# systemctl start bacula-sd.service
# echo status storage=bacula-sd | bconsole
# systemctl start bacula-fd.service
# echo status client=bacula-fd | bconsole
6) To grant console access to regular users add the read permission to the
console configuration files. Remember that there is no authentication check; so
a user that can launch the console can perform any command.
# chmod +r /etc/bacula/bconsole.conf /etc/bacula/bat.conf

View File

@ -0,0 +1,57 @@
======== Quick installation guide with the default PostgreSQL backend ========
Perform the following commands to install Bacula with its default configuration
and all daemons and consoles in one server.
1) Install packages
# yum -y install postgresql-server \
bacula-director bacula-storage bacula-client \
bacula-console bacula-console-bat
2) Select the PostgreSQL database backend
# alternatives --set libbaccats.so /usr/lib64/libbaccats-postgresql.so
3) Create database
# postgresql-setup initdb
# systemctl enable postgresql.service
# systemctl start postgresql.service
# su - postgres
$ cd /usr/libexec/bacula
$ ./create_bacula_database
$ ./make_bacula_tables
$ ./grant_bacula_privileges
4) Change passwords in /etc/bacula/*.conf with something you like.
# sed -i -e 's/@@DIR_PASSWORD@@/dir-password/g' \
-e 's/@@FD_PASSWORD@@/fd-password/g' \
-e 's/@@SD_PASSWORD@@/sd-password/g' \
-e 's/@@MON_DIR_PASSWORD@@/mon-dir-password/g' \
-e 's/@@MON_FD_PASSWORD@@/mon-fd-password/g' \
-e 's/@@MON_SD_PASSWORD@@/mon-sd-password/g' \
/etc/bacula/*.conf
5) Enable daemons and check they are working
# systemctl enable bacula-dir.service
# systemctl enable bacula-sd.service
# systemctl enable bacula-fd.service
# systemctl start bacula-dir.service
# echo status dir=bacula-dir | bconsole
# systemctl start bacula-sd.service
# echo status storage=bacula-sd | bconsole
# systemctl start bacula-fd.service
# echo status client=bacula-fd | bconsole
6) To grant console access to regular users add the read permission to the
console configuration files. Remember that there is no authentication check; so
a user that can launch the console can perform any command.
# chmod +r /etc/bacula/bconsole.conf /etc/bacula/bat.conf

View File

@ -0,0 +1,52 @@
======== Quick installation guide with the SQLite backend ========
Perform the following commands to install Bacula with its default configuration
and all daemons and consoles in one server.
1) Install packages
# yum -y install sqlite \
bacula-director bacula-storage bacula-client \
bacula-console bacula-console-bat
2) Select the SQLite database backend
# alternatives --set libbaccats.so /usr/lib64/libbaccats-sqlite3.so
3) Create database
# cd /usr/libexec/bacula
# ./create_bacula_database sqlite3
# ./make_bacula_tables sqlite3
# ./grant_bacula_privileges sqlite3
4) Change passwords in /etc/bacula/*.conf with something you like.
# sed -i -e 's/@@DIR_PASSWORD@@/dir-password/g' \
-e 's/@@FD_PASSWORD@@/fd-password/g' \
-e 's/@@SD_PASSWORD@@/sd-password/g' \
-e 's/@@MON_DIR_PASSWORD@@/mon-dir-password/g' \
-e 's/@@MON_FD_PASSWORD@@/mon-fd-password/g' \
-e 's/@@MON_SD_PASSWORD@@/mon-sd-password/g' \
/etc/bacula/*.conf
5) Enable daemons and check they are working
# systemctl enable bacula-dir.service
# systemctl enable bacula-sd.service
# systemctl enable bacula-fd.service
# systemctl start bacula-dir.service
# echo status dir=bacula-dir | bconsole
# systemctl start bacula-sd.service
# echo status storage=bacula-sd | bconsole
# systemctl start bacula-fd.service
# echo status client=bacula-fd | bconsole
6) To grant console access to regular users add the read permission to the
console configuration files. Remember that there is no authentication check; so
a user that can launch the console can perform any command.
# chmod +r /etc/bacula/bconsole.conf /etc/bacula/bat.conf

1254
SPECS/bacula.spec Normal file

File diff suppressed because it is too large Load Diff