Experimental: Turn off windows api on remote drives

Record whether the windows api was used for a file in the manifest.
Allows burp to backup from a remote drive as long as it is visible.
 + caution: if the drive is not always available, you will back up
   the same files over and over again

And Tweaks for release.

Change-Id: I4df8e34fd3f7e185aed30baae166ee404045a669

CHANGELOG

@@ -1,3 +1,12 @@
+2022-11-02 burp-3.1.4
+  * Experimental: Turn off windows api on remote drives
+    - record whether the windows api was used for a file in the manifest
+    - allows burp to backup from a remote drive as long as it is visible
+      + caution: if the drive is not always available, you will back up
+        the same files over and over again
+  * From tassilo:
+    - libressl>3.5 has X509_REVOKED_get0_serialNumber
+
 2022-09-01 burp-3.1.2
   * 904: openssl3 support
     - And switch to aes-cbc instead of blowfish, which is deprecated, for

DONATIONS

@@ -7,6 +7,21 @@ me via the website contact page and we can talk about alternatives.
 
 This is the list of donations received to date. Many thanks to all of you.
 
+Donations for 2022-11:
+ *      £67.18 CompuMatter
+ *       £5.00 Eckart K.
+ *       £2.50 Aaron W.
+
+Donations for 2022-10:
+ *     £117.18 CompuMatter
+ *       £5.00 Eckart K.
+ *       £2.50 Aaron W.
+
+Donations for 2022-09:
+ *       £5.00 Eckart K.
+ *       £5.00 Jordi S.
+ *       £2.50 Aaron W.
+
 Donations for 2022-08:
  *      £85.00 CompuMatter
  *       £5.00 Eckart K.

configure.ac

@@ -3,7 +3,7 @@ dnl Process this file with autoconf to produce a configure script.
 dnl require a recent autoconf
 AC_PREREQ([2.61])
 
-AC_INIT([Burp],[3.1.2],[https://github.com/grke/burp/issues],[burp],[http://burp.grke.net/])
+AC_INIT([Burp],[3.1.4],[https://github.com/grke/burp/issues],[burp],[http://burp.grke.net/])
 AC_CONFIG_AUX_DIR([autoconf])
 AC_CONFIG_HEADERS([src/config.h])
 AC_CONFIG_MACRO_DIR([m4])

src/attribs.c

@@ -110,6 +110,9 @@ int attribs_encode(struct sbuf *sb)
 	p += to_base64(sb->encryption, p);
 	*p++ = ' ';
 	p += to_base64(sb->salt, p);
+	*p++ = ' ';
+	// 0 means winapi is enabled, 1 means it is disabled.
+	p += to_base64(!sb->use_winapi, p);
 	*p = 0;
 
 	sb->attr.len=p-sb->attr.buf;
@@ -238,6 +241,12 @@ void attribs_decode(struct sbuf *sb)
 		return;
 	p+=eaten;
 	sb->salt=val;
+
+	if(!(eaten=from_base64(&val, p)))
+		return;
+	p+=eaten;
+	// 0 means winapi is enabled, 1 means it is disabled.
+	sb->use_winapi=!val;
 }
 
 int attribs_set_file_times(struct asfd *asfd,

src/bfile.c

@@ -501,10 +501,15 @@ static ssize_t bfile_write(struct BFILE *bfd, void *buf, size_t count)
 
 #endif
 
-static int bfile_open_for_send(struct BFILE *bfd, struct asfd *asfd,
-	const char *fname, int64_t winattr, int atime,
-	struct cntr *cntr)
-{
+static int bfile_open_for_send(
+	struct BFILE *bfd,
+	struct asfd *asfd,
+	const char *fname,
+	int use_backup_api,
+	int64_t winattr,
+	int atime,
+	struct cntr *cntr
+) {
 	if(bfd->mode!=BF_CLOSED)
 	{
 #ifdef HAVE_WIN32
@@ -525,7 +530,7 @@ static int bfile_open_for_send(struct BFILE *bfd, struct asfd *asfd,
 #endif
 	}
 
-	bfile_init(bfd, winattr, cntr);
+	bfile_init(bfd, use_backup_api, winattr, cntr);
 	if(bfile_open(bfd, asfd, fname, O_RDONLY|O_BINARY
 #ifdef O_NOFOLLOW
 		|O_NOFOLLOW
@@ -563,15 +568,19 @@ void bfile_setup_funcs(struct BFILE *bfd)
 	bfd->set_vss_strip=bfile_set_vss_strip;
 }
 
-void bfile_init(struct BFILE *bfd, int64_t winattr, struct cntr *cntr)
-{
+void bfile_init(
+	struct BFILE *bfd,
+	int use_backup_api,
+	int64_t winattr,
+	struct cntr *cntr
+) {
 	memset(bfd, 0, sizeof(struct BFILE));
 	bfd->mode=BF_CLOSED;
 	bfd->winattr=winattr;
 	bfd->cntr=cntr;
 	if(!bfd->open) bfile_setup_funcs(bfd);
 #ifdef HAVE_WIN32
-	bfile_set_win32_api(bfd, 1);
+	bfile_set_win32_api(bfd, use_backup_api);
 #else
 	bfd->fd=-1;
 #endif

src/bfile.h

@@ -29,7 +29,6 @@ struct BFILE
 	char *path;
 	struct cntr *cntr;
 	// Windows VSS headers tell us how much file data to expect.
-	// Protocol1 only for now.
 	size_t datalen;
 #ifdef HAVE_WIN32
 	uint8_t use_backup_api; /* set if using BackupRead/Write */
@@ -52,9 +51,15 @@ struct BFILE
 	int (*close)(struct BFILE *bfd, struct asfd *asfd);
 	ssize_t (*read)(struct BFILE *bfd, void *buf, size_t count);
 	ssize_t (*write)(struct BFILE *bfd, void *buf, size_t count);
-	int (*open_for_send)(struct BFILE *bfd, struct asfd *asfd,
-		const char *fname, int64_t winattr,
-		int atime, struct cntr *cntr);
+	int (*open_for_send)(
+		struct BFILE *bfd,
+		struct asfd *asfd,
+		const char *fname,
+		int use_backup_api,
+		int64_t winattr,
+		int atime,
+		struct cntr *cntr
+	);
 #ifdef HAVE_WIN32
 	void (*set_win32_api)(struct BFILE *bfd, int on);
 #endif
@@ -65,7 +70,12 @@ extern struct BFILE *bfile_alloc(void);
 extern void bfile_free(struct BFILE **bfd);
 // FIX THIS: should be possible to have this as a function pointer too.
 // Need to sort out the bfd in sbuf.
-extern void bfile_init(struct BFILE *bfd, int64_t winattr, struct cntr *cntr);
+extern void bfile_init(
+	struct BFILE *bfd,
+	int use_backup_api,
+	int64_t winattr,
+	struct cntr *cntr
+);
 extern void bfile_setup_funcs(struct BFILE *bfd);
 
 #ifdef HAVE_WIN32

src/client/backup_phase1.c

@@ -48,7 +48,6 @@
 
 static int encryption=ENCRYPTION_NONE;
 static enum cmd filesymbol=CMD_FILE;
-static enum cmd dirsymbol=CMD_DIRECTORY;
 #ifdef HAVE_WIN32
 static enum cmd metasymbol=CMD_VSS;
 static enum cmd vss_trail_symbol=CMD_VSS_T;
@@ -111,12 +110,13 @@ static int do_to_server(struct asfd *asfd,
 	int strip_vss=0;
 	split_vss=get_int(confs[OPT_SPLIT_VSS]);
 	strip_vss=get_int(confs[OPT_STRIP_VSS]);
+	sb->use_winapi=ff->use_winapi;
+	sb->winattr=ff->winattr;
 #endif
 	struct cntr *cntr=get_cntr(confs);
 	sb->compression=compression;
 	sb->encryption=encryption;
 	sb->statp=ff->statp;
-	sb->winattr=ff->winattr;
 	attribs_encode(sb);
 
 #ifdef HAVE_WIN32
@@ -160,6 +160,9 @@ static int my_send_file(struct asfd *asfd, struct FF_PKT *ff, struct conf **conf
 {
 	static struct sbuf *sb=NULL;
 	struct cntr *cntr=get_cntr(confs);
+#ifdef HAVE_WIN32
+	enum cmd dirsymbol=filesymbol;
+#endif
 
 	if(!sb && !(sb=sbuf_alloc())) return -1;
 
@@ -186,7 +189,13 @@ static int my_send_file(struct asfd *asfd, struct FF_PKT *ff, struct conf **conf
 		case FT_DIR:
 		case FT_REPARSE:
 		case FT_JUNCTION:
+#ifdef HAVE_WIN32
+			if (!ff->use_winapi || get_int(confs[OPT_STRIP_VSS]))
+				dirsymbol=CMD_DIRECTORY;
 			return to_server(asfd, confs, ff, sb, dirsymbol);
+#else
+			return to_server(asfd, confs, ff, sb, CMD_DIRECTORY);
+#endif
 		case FT_LNK_S:
 			return to_server(asfd, confs, ff, sb, CMD_SOFT_LINK);
 		case FT_LNK_H:
@@ -231,15 +240,12 @@ int backup_phase1_client(struct asfd *asfd, struct conf **confs)
 		vss_trail_symbol=CMD_ENC_VSS_T;
 #endif
 	}
-#ifdef HAVE_WIN32
-	dirsymbol=filesymbol;
-	if(get_int(confs[OPT_STRIP_VSS]))
-		dirsymbol=CMD_DIRECTORY;
-#endif
 
 	if(!(ff=find_files_init(my_send_file))) goto end;
-	for(l=get_strlist(confs[OPT_STARTDIR]); l; l=l->next) if(l->flag)
-		if(find_files_begin(asfd, ff, confs, l->path)) goto end;
+	for(l=get_strlist(confs[OPT_STARTDIR]); l; l=l->next) {
+		if(l->flag && find_files_begin(asfd, ff, confs, l->path))
+			goto end;
+	}
 	ret=0;
 end:
 	cntr_print_end_phase1(get_cntr(confs));

src/client/backup_phase2.c

@@ -11,6 +11,7 @@
 #include "../log.h"
 #include "../md5.h"
 #include "../transfer.h"
+#include "cvss.h"
 #include "extrameta.h"
 #include "find.h"
 #include "backup_phase2.h"
@@ -235,6 +236,10 @@ static int deal_with_data(struct asfd *asfd, struct sbuf *sb,
 	iobuf_init(asfd->rbuf);
 
 #ifdef HAVE_WIN32
+	sb->use_winapi=get_use_winapi(
+		get_string(confs[OPT_REMOTE_DRIVES]),
+		sb->path.buf[0]
+	);
 	if(win32_lstat(sb->path.buf, &sb->statp, &sb->winattr))
 #else
 	if(lstat(sb->path.buf, &sb->statp))
@@ -259,10 +264,15 @@ static int deal_with_data(struct asfd *asfd, struct sbuf *sb,
 	if(sb->path.cmd!=CMD_METADATA
 	  && sb->path.cmd!=CMD_ENC_METADATA)
 	{
-		if(bfd->open_for_send(bfd, asfd,
-			sb->path.buf, sb->winattr,
-			get_int(confs[OPT_ATIME]), cntr))
-		{
+		if(bfd->open_for_send(
+			bfd,
+			asfd,
+			sb->path.buf,
+			sb->use_winapi,
+			sb->winattr,
+			get_int(confs[OPT_ATIME]),
+			cntr
+		)) {
 			forget++;
 			goto end;
 		}
@@ -436,7 +446,7 @@ static int do_backup_phase2_client(struct asfd *asfd,
 	if(!(bfd=bfile_alloc())
 	  || !(sb=sbuf_alloc()))
 		goto end;
-	bfile_init(bfd, 0, cntr);
+	bfile_init(bfd, 0, 0, cntr);
 
 	if(!resume)
 	{

src/client/cvss.c

@@ -28,11 +28,28 @@ BOOL CtrlHandler(DWORD fdwCtrlType)
 	}
 }
 
+static int in_remote_drives(const char *remote_drives, char letter)
+{
+	int d;
+	for(d=0; remote_drives && remote_drives[d]; d++) {
+		if(toupper(letter)==toupper(remote_drives[d])) {
+			return 1;
+		}
+	}
+	return 0;
+}
+
+int get_use_winapi(const char *remote_drives, char letter)
+{
+	return !in_remote_drives(remote_drives, letter);
+}
+
 int win32_start_vss(struct asfd *asfd, struct conf **confs)
 {
 	int errors=0;
 	struct cntr *cntr=get_cntr(confs);
 	const char *drives_vss=get_string(confs[OPT_VSS_DRIVES]);
+	const char *drives_remote=get_string(confs[OPT_REMOTE_DRIVES]);
 
 	if(SetConsoleCtrlHandler((PHANDLER_ROUTINE) CtrlHandler, TRUE))
 		logp("Control handler registered.\n");
@@ -45,14 +62,14 @@ int win32_start_vss(struct asfd *asfd, struct conf **confs)
 
 	if(g_pVSSClient->InitializeForBackup(asfd, cntr))
 	{
-		char szWinDriveLetters[27];
+		char drive_letters[27];
 		// Tell vss which drives to snapshot.
 		if(drives_vss)
 		{
 			unsigned int i=0;
 			for(i=0; i<strlen(drives_vss) && i<26; i++)
-			  szWinDriveLetters[i]=toupper(drives_vss[i]);
-			szWinDriveLetters[i]='\0';
+			  drive_letters[i]=toupper(drives_vss[i]);
+			drive_letters[i]='\0';
 		}
 		else
 		{
@@ -70,21 +87,27 @@ int win32_start_vss(struct asfd *asfd, struct conf **confs)
 				  && isalpha(path[0]) && path[1]==':')
 				{
 					int x=0;
+					char letter=toupper(path[0]);
 					// Try not to add the same letter twice.
 					for(x=0; x<j; x++)
-					  if(toupper(path[0])==szWinDriveLetters[x])
+					  if(letter==drive_letters[x])
 						break;
 					if(x<j) continue;
-					szWinDriveLetters[j++]=toupper(path[0]);
+
+					if(in_remote_drives(
+						drives_remote,
+						letter
+					)) continue;
+					drive_letters[j++]=letter;
 				}
 			}
-			szWinDriveLetters[j]='\0';
+			drive_letters[j]='\0';
 		}
 		logp("Generate VSS snapshots.\n");
 		logp("Driver=\"%s\", Drive(s)=\"%s\"\n",
 			g_pVSSClient->GetDriverName(),
-			szWinDriveLetters);
-		if(!g_pVSSClient->CreateSnapshots(szWinDriveLetters))
+			drive_letters);
+		if(!g_pVSSClient->CreateSnapshots(drive_letters))
 		{
 			berrno be;
 			berrno_init(&be);
@@ -96,12 +119,11 @@ int win32_start_vss(struct asfd *asfd, struct conf **confs)
 		else
 		{
 			int i;
-			for(i=0; i<(int)strlen(szWinDriveLetters); i++)
+			for(i=0; i<(int)strlen(drive_letters); i++)
 			{
-			  logp("VSS drive letters: %d\n", i);
-			  if(islower(szWinDriveLetters[i]))
+			  if(islower(drive_letters[i]))
 			  {
-				logw(asfd, cntr, "Generate VSS snapshot of drive \"%c:\\\" failed.\n", szWinDriveLetters[i]);
+				logw(asfd, cntr, "Generate VSS snapshot of drive \"%c:\\\" failed.\n", drive_letters[i]);
 				errors++;
 			  }
 			}

src/client/cvss.h

@@ -2,14 +2,19 @@
 #define _CLIENT_VSS_H
 
 #if defined(WIN32_VSS)
+#include "../bfile.h"
 extern int win32_start_vss(struct asfd *asfd, struct conf **confs);
 extern int win32_stop_vss(void);
 extern int get_vss(BFILE *bfd, char **vssdata, size_t *vlen);
 extern int set_vss(BFILE *bfd, const char *vssdata, size_t vlen);
-#endif // WIN32_VSS
+#endif
 
 #if defined(HAVE_WIN32)
 extern int win32_enable_backup_privileges();
-#endif  /* HAVE_WIN32 */
+extern int get_use_winapi(
+	const char *vss_drives,
+	char letter
+);
+#endif
 
 #endif