dir/console: show information about connection handshake tries

- Jobmessage and Console output show connection tries to (old) filedaemon
bareos · Sep 24, 2018 · 3a59ee4 · 3a59ee4
1 parent 25b4da7
commit 3a59ee4
Show file tree

Hide file tree

Showing 8 changed files with 89 additions and 21 deletions.
diff --git a/core/src/console/console.cc b/core/src/console/console.cc
@@ -909,19 +909,6 @@ BareosSocket *ConnectToDirector(JobControlRecord &jcr, utime_t heart_beat, char
   return UA_sock;
 }
 
-void OutputCipherString(BareosSocket *UA_sock)
-{
-   if (UA_sock->tls_conn) {
-     std::string m;
-     m = "Secure connection cipher: ";
-     m += UA_sock->tls_conn->TlsCipherGetName();
-     m += "\n";
-     ConsoleOutput(m.c_str());
-   } else {
-     ConsoleOutput("Cleartext connection\n");
-   }
-}
-
 } /* namespace console */
 /*
  * Main Bareos Console -- User Interface Program
@@ -1102,7 +1089,7 @@ int main(int argc, char *argv[])
 
    ConsoleOutput(errmsg);
 
-   OutputCipherString(UA_sock);
+   UA_sock->OutputCipherMessageString(ConsoleOutput);
 
 #if defined(HAVE_PAM)
    if (console_resource) { /* not for root console */

diff --git a/core/src/dird/fd_cmds.cc b/core/src/dird/fd_cmds.cc
@@ -159,7 +159,55 @@ static bool connect_outbound_to_file_daemon(JobControlRecord *jcr, int retry_int
    return result;
 }
 
-bool ConnectToFileDaemon(JobControlRecord *jcr, int retry_interval, int max_retry_time, bool verbose)
+static void OutputMessageForConnectionTry(JobControlRecord *jcr, UaContext *ua)
+{
+   std::string m;
+
+   if (jcr->res.client->connection_successful_handshake_ == ClientConnectionHandshakeMode::kUndefined
+    || jcr->res.client->connection_successful_handshake_ == ClientConnectionHandshakeMode::kFailed) {
+      m = "\nTry to establish a secure connection by ";
+   } else {
+      m = "\nUsing previously recognized ";
+   }
+
+   switch (jcr->connection_handshake_try_) {
+      case ClientConnectionHandshakeMode::kTlsFirst:
+         m += "immediate TLS handshake: ";
+         break;
+      case ClientConnectionHandshakeMode::kCleartextFirst:
+         m += "cleartext handshake: ";
+         break;
+      default:
+         m += "unknown mode\n";
+         break;
+   }
+
+   Jmsg(jcr, M_INFO, 0, m.c_str());
+   if (ua) {
+      ua->SendMsg(m.c_str());
+   }
+}
+
+static void SendInfoChosenCipher(JobControlRecord *jcr, UaContext *ua)
+{
+   std::string str;
+   jcr->file_bsock->GetCipherMessageString(str);
+   Jmsg(jcr, M_INFO, 0, str.c_str());
+   if (ua) { /* only whith console connection */
+      ua->SendRawMsg(str.c_str());
+   }
+}
+
+static void SendInfoFailed(JobControlRecord *jcr, UaContext *ua)
+{
+   Jmsg(jcr, M_INFO, 0, "Failed");
+   if (ua) { /* only whith console connection */
+      ua->SendRawMsg("Failed");
+   }
+}
+
+bool ConnectToFileDaemon(JobControlRecord *jcr, int retry_interval, int max_retry_time, bool verbose,
+                         UaContext *ua)
 {
    bool success = false;
    bool tcp_connect_failed = false;
@@ -188,11 +236,13 @@ bool ConnectToFileDaemon(JobControlRecord *jcr, int retry_interval, int max_retr
         }
      }
 
-     /* try to establish tls and authenticate the daemon */
+     OutputMessageForConnectionTry(jcr, ua);
+
      if (jcr->file_bsock) {
         jcr->setJobStatus(JS_Running);
         if (AuthenticateWithFileDaemon(jcr)) {
            success = true;
+           SendInfoChosenCipher(jcr, ua);
            jcr->res.client->connection_successful_handshake_ = jcr->connection_handshake_try_;
         } else {
           /* authentication failed due to
@@ -206,6 +256,7 @@ bool ConnectToFileDaemon(JobControlRecord *jcr, int retry_interval, int max_retr
                delete jcr->file_bsock;
                jcr->file_bsock = nullptr;
             }
+            SendInfoFailed(jcr, ua);
             jcr->resetJobStatus(JS_Running);
             jcr->connection_handshake_try_ = ClientConnectionHandshakeMode::kCleartextFirst;
             break;
@@ -1101,7 +1152,7 @@ bool CancelFileDaemonJob(UaContext *ua, JobControlRecord *jcr)
    BareosSocket *fd;
 
    ua->jcr->res.client = jcr->res.client;
-   if (!ConnectToFileDaemon(ua->jcr, 10, me->FDConnectTimeout, true)) {
+   if (!ConnectToFileDaemon(ua->jcr, 10, me->FDConnectTimeout, true, ua)) {
       ua->ErrorMsg(_("Failed to connect to File daemon.\n"));
       return false;
    }
@@ -1140,7 +1191,7 @@ void DoNativeClientStatus(UaContext *ua, ClientResource *client, char *cmd)
                    client->name(), client->address, client->FDport);
    }
 
-   if (!ConnectToFileDaemon(ua->jcr, 1, 15, false)) {
+   if (!ConnectToFileDaemon(ua->jcr, 1, 15, false, ua)) {
       ua->SendMsg(_("Failed to connect to Client %s.\n====\n"),
          client->name());
       if (ua->jcr->file_bsock) {
@@ -1191,7 +1242,7 @@ void DoClientResolve(UaContext *ua, ClientResource *client)
                    client->name(), client->address, client->FDport);
    }
 
-   if (!ConnectToFileDaemon(ua->jcr, 1, 15, false)) {
+   if (!ConnectToFileDaemon(ua->jcr, 1, 15, false, ua)) {
       ua->SendMsg(_("Failed to connect to Client %s.\n====\n"),
          client->name());
       if (ua->jcr->file_bsock) {

diff --git a/core/src/dird/fd_cmds.h b/core/src/dird/fd_cmds.h
@@ -24,7 +24,8 @@
 
 namespace directordaemon {
 
-bool ConnectToFileDaemon(JobControlRecord *jcr, int retry_interval, int max_retry_time, bool verbose);
+bool ConnectToFileDaemon(JobControlRecord *jcr, int retry_interval, int max_retry_time, bool verbose,
+                         UaContext *ua = nullptr);
 int  SendJobInfo(JobControlRecord *jcr);
 bool SendIncludeList(JobControlRecord *jcr);
 bool SendExcludeList(JobControlRecord *jcr);

diff --git a/core/src/dird/ua.h b/core/src/dird/ua.h
@@ -130,6 +130,7 @@ class UaContext {
    /*
     * The below are in ua_output.c
     */
+   void SendRawMsg(const char *msg);
    void SendMsg(const char *fmt, ...);
    void ErrorMsg(const char *fmt, ...);
    void WarningMsg(const char *fmt, ...);

diff --git a/core/src/dird/ua_dotcmds.cc b/core/src/dird/ua_dotcmds.cc
@@ -775,7 +775,7 @@ static void DoClientCmd(UaContext *ua, ClientResource *client, const char *cmd)
    /* Try to connect for 15 seconds */
    ua->SendMsg(_("Connecting to Client %s at %s:%d\n"),
       client->name(), client->address, client->FDport);
-   if (!ConnectToFileDaemon(ua->jcr, 1, 15, false)) {
+   if (!ConnectToFileDaemon(ua->jcr, 1, 15, false, ua)) {
       ua->ErrorMsg(_("Failed to connect to Client.\n"));
       return;
    }

diff --git a/core/src/dird/ua_output.cc b/core/src/dird/ua_output.cc
@@ -1818,6 +1818,12 @@ void UaContext::SendMsg(const char *fmt, ...)
    send->message(NULL, message);
 }
 
+void UaContext::SendRawMsg(const char *msg)
+{
+   SendMsg(msg);
+}
+
+
 /**
  * This is an error condition with a command. The gui should put
  *  up an error or critical dialog box.  The command is aborted.

diff --git a/core/src/lib/bsock.cc b/core/src/lib/bsock.cc
@@ -627,6 +627,26 @@ bool BareosSocket::IsCleartextBareosHello()
   return false;
 }
 
+void BareosSocket::GetCipherMessageString(std::string &str)
+{
+   if (tls_conn) {
+     std::string m;
+     m = "Secure connection with cipher ";
+     m += tls_conn->TlsCipherGetName();
+     m += "\n";
+     str = m;
+   } else {
+     str = "Cleartext connection\n";
+   }
+}
+
+void BareosSocket::OutputCipherMessageString(std::function<void(const char *)> output_cb)
+{
+   std::string str;
+   GetCipherMessageString(str);
+   output_cb(str.c_str());
+}
+
 /**
  * Try to limit the bandwidth of a network connection
  */

diff --git a/core/src/lib/bsock.h b/core/src/lib/bsock.h
@@ -182,6 +182,8 @@ class BareosSocket : public SmartAlloc {
   void SetSourceAddress(dlist *src_addr_list);
   void ControlBwlimit(int bytes); /* in bsock.c */
   bool IsCleartextBareosHello();
+  void OutputCipherMessageString(std::function<void(const char *)>);
+  void GetCipherMessageString(std::string &str);
 
   bool AuthenticateOutboundConnection(JobControlRecord *jcr,
                                       const char *what,