filed: enabled immediate tls connection with storage

- filed -> storage at job start
bareos · Sep 20, 2018 · 585c9c6 · 585c9c6
1 parent db64a50
commit 585c9c6
Show file tree

Hide file tree

Showing 6 changed files with 51 additions and 10 deletions.
diff --git a/core/src/filed/dir_cmd.cc b/core/src/filed/dir_cmd.cc
@@ -1535,7 +1535,9 @@ static bool StorageCmd(JobControlRecord *jcr)
   char stored_addr[MAX_NAME_LENGTH];
   PoolMem sd_auth_key(PM_MESSAGE);
   BareosSocket *dir = jcr->dir_bsock;
-  BareosSocket *sd; /* storage daemon bsock */
+  BareosSocket *sd = nullptr; /* storage daemon bsock */
+  TlsResource *tls_resource = nullptr;
+  std::string qualified_resource_name;
 
   sd = New(BareosSocketTCP);
   if (me->nokeepalive) { sd->ClearKeepalive(); }
@@ -1587,6 +1589,17 @@ static bool StorageCmd(JobControlRecord *jcr)
 
   jcr->store_bsock = sd;
 
+  if (!my_config->GetQualifiedResourceNameTypeConverter()->ResourceToString(jcr->client_name, my_config->r_own_,
+                                                                            qualified_resource_name)) {
+    goto bail_out;
+  }
+
+  tls_resource = dynamic_cast<TlsResource *>(me);
+  if (!sd->DoTlsHandshake(4, tls_resource, false, qualified_resource_name.c_str(), jcr->sd_auth_key,
+                               jcr)) {
+    goto bail_out;
+  }
+
   sd->fsend("Hello Start Job %s\n", jcr->Job);
   if (!AuthenticateWithStoragedaemon(jcr)) {
     Jmsg(jcr, M_FATAL, 0, _("Failed to authenticate Storage daemon.\n"));

diff --git a/core/src/include/jcr.h b/core/src/include/jcr.h
@@ -681,6 +681,7 @@ DLL_IMP_EXP extern JobControlRecord *get_jcr_by_id(uint32_t JobId);
 DLL_IMP_EXP extern JobControlRecord *get_jcr_by_session(uint32_t SessionId, uint32_t SessionTime);
 DLL_IMP_EXP extern JobControlRecord *get_jcr_by_partial_name(char *Job);
 DLL_IMP_EXP extern JobControlRecord *get_jcr_by_full_name(char *Job);
+DLL_IMP_EXP extern const char *jcr_get_authenticate_key_by_client_name(const char *client_name);
 DLL_IMP_EXP extern JobControlRecord *get_next_jcr(JobControlRecord *jcr);
 DLL_IMP_EXP extern void SetJcrJobStatus(JobControlRecord *jcr, int JobStatus);
 DLL_IMP_EXP extern int DLL_IMP_EXP num_jobs_run;

diff --git a/core/src/lib/jcr.cc b/core/src/lib/jcr.cc
@@ -828,6 +828,25 @@ JobControlRecord *get_jcr_by_full_name(char *Job)
   return jcr;
 }
 
+const char *jcr_get_authenticate_key_by_client_name(const char *client_name)
+{
+  if (!client_name) { return nullptr; }
+
+  JobControlRecord *jcr;
+  const char *auth_key;
+  foreach_jcr(jcr)
+  {
+    if (bstrcmp(jcr->client_name, client_name)) {
+      auth_key = jcr->sd_auth_key;
+      Dmsg3(debuglevel, "Inc get_jcr jid=%u UseCount=%d Job=%s\n", jcr->JobId, jcr->UseCount(), jcr->Job);
+      break;
+    }
+  }
+  endeach_jcr(jcr);
+
+  return auth_key;
+}
+
 static void UpdateWaitTime(JobControlRecord *jcr, int newJobStatus)
 {
   bool enter_in_waittime;

diff --git a/core/src/lib/res.cc b/core/src/lib/res.cc
@@ -30,6 +30,7 @@
 #include "include/bareos.h"
 #include "generic_res.h"
 #include "lib/edit.h"
+#include "include/jcr.h"
 #include "qualified_resource_name_type_converter.h"
 
 /* Forward referenced subroutines */
@@ -155,6 +156,11 @@ bool ConfigurationParser::GetTlsPskByFullyQualifiedResourceName(ConfigurationPar
     psk = tls->password.value;
     return true;
   }
+  const char *psk_cstr = jcr_get_authenticate_key_by_client_name(name.c_str());
+  if (psk_cstr) {
+    psk = psk_cstr;
+    return true;
+  }
   return false;
 }
 

diff --git a/core/src/stored/stored_conf.cc b/core/src/stored/stored_conf.cc
@@ -498,14 +498,15 @@ static void ParseConfigCb(LEX *lc, ResourceItem *item, int index, int pass)
 
 static void ConfigReadyCallback(ConfigurationParser &my_config)
 {
-  std::map<int, std::string> map;
-  map.insert(std::make_pair(R_DIRECTOR, "R_DIRECTOR"));
-//  map.insert(std::make_pair(R_CLIENT, "R_CLIENT"));
-  map.insert(std::make_pair(R_NDMP, "R_NDMP"));
-  map.insert(std::make_pair(R_STORAGE, "R_STORAGE"));
-  map.insert(std::make_pair(R_MSGS, "R_MSGS"));
-  map.insert(std::make_pair(R_DEVICE, "R_DEVICE"));
-  map.insert(std::make_pair(R_AUTOCHANGER, "R_AUTOCHANGER"));
+  std::map<int, std::string> map = {
+    { R_DIRECTOR, "R_DIRECTOR" },
+    { R_CLIENT, "R_CLIENT" }, /* needed for client name conversion */
+    { R_NDMP, "R_NDMP" },
+    { R_STORAGE, "R_STORAGE" },
+    { R_MSGS, "R_MSGS" },
+    { R_DEVICE, "R_DEVICE" },
+    { R_AUTOCHANGER, "R_AUTOCHANGER"}
+  };
   my_config.InitializeQualifiedResourceNameTypeConverter(map);
 }
 

diff --git a/core/src/stored/stored_conf.h b/core/src/stored/stored_conf.h
@@ -44,8 +44,9 @@ enum {
    R_DEVICE,
    R_MSGS,
    R_AUTOCHANGER,
+   R_CLIENT, /* needed for client name conversion */
    R_FIRST = R_DIRECTOR,
-   R_LAST = R_AUTOCHANGER             /* keep this updated */
+   R_LAST = R_CLIENT             /* keep this updated */
 };
 
 enum {