1 /*
2    Bacula(R) - The Network Backup Solution
3 
4    Copyright (C) 2000-2020 Kern Sibbald
5 
6    The original author of Bacula is Kern Sibbald, with contributions
7    from many others, a complete list can be found in the file AUTHORS.
8 
9    You may use this file and others of this release according to the
10    license defined in the LICENSE file, which includes the Affero General
11    Public License, v3.0 ("AGPLv3") and some additional permissions and
12    terms pursuant to its AGPLv3 Section 7.
13 
14    This notice must be preserved when any source code is
15    conveyed and/or propagated.
16 
17    Bacula(R) is a registered trademark of Kern Sibbald.
18 */
19 /*
20  * Bacula File Daemon specific configuration
21  *
22  *     Kern Sibbald, Sep MM
23  */
24 
25 /*
26  * Resource codes -- they must be sequential for indexing
27  * TODO: Check if we can change R_codes to enum like for other daemons.
28  */
29 #define R_FIRST                       1001
30 
31 #define R_DIRECTOR                    1001
32 #define R_CLIENT                      1002
33 #define R_MSGS                        1003
34 #define R_CONSOLE                     1004
35 #define R_COLLECTOR                   1005
36 #define R_SCHEDULE                    1006
37 #define R_LAST                        R_SCHEDULE
38 
39 /*
40  * Some resource attributes
41  */
42 #define R_NAME                        1020
43 #define R_ADDRESS                     1021
44 #define R_PASSWORD                    1022
45 #define R_TYPE                        1023
46 
47 /* Cipher/Digest keyword structure */
48 struct s_ct {
49    const char *type_name;
50    int32_t type_value;
51 };
52 
53 struct DIRINFO
54 {
55    char *password;                    /* Director password */
56    char *address;                     /* Director address or zero */
57    int   heartbeat_interval;
58    int   comm_compression;
59    int32_t DIRport;
60    bool tls_authenticate;             /* Authenticate with TSL */
61    bool tls_enable;                   /* Enable TLS */
62    bool tls_psk_enable;               /* Enable TLS-PSK */
63    bool tls_require;                  /* Require TLS */
64    bool tls_verify_peer;              /* TLS Verify Client Certificate */
65    char *tls_ca_certfile;             /* TLS CA Certificate File */
66    char *tls_ca_certdir;              /* TLS CA Certificate Directory */
67    char *tls_certfile;                /* TLS Server Certificate File */
68    char *tls_keyfile;                 /* TLS Server Key File */
69    char *tls_dhfile;                  /* TLS Diffie-Hellman Parameters */
70    alist *tls_allowed_cns;            /* TLS Allowed Clients */
71    TLS_CONTEXT *tls_ctx;              /* Shared TLS Context */
72    TLS_CONTEXT *psk_ctx;              /* Shared TLS-PSK Context */
73 };
74 
75 /* Definition of the contents of each Resource */
76 struct CONSRES {
77    RES   hdr;
78    DIRINFO dirinfo;
79 };
80 
81 /* Run structure contained in Schedule Resource */
82 class RUNRES: public RUNBASE {
83 public:
84    RUNRES *next;                     /* points to next run record */
85    utime_t MaxConnectTime;           /* max connect time in sec from Sched time */
86    bool MaxConnectTime_set;          /* MaxConnectTime given */
87 
88    void copyall(RUNRES *src);
89    void clearall();
90 };
91 
92 /*
93  *   Schedule Resource
94  */
95 class SCHEDRES {
96 public:
97    RES   hdr;
98    RUNRES *run;
99    bool Enabled;                      /* set if enabled */
100 
101    /* Methods */
name()102    char *name() const { return hdr.name; };
is_enabled()103    bool is_enabled() { return Enabled;};
setEnabled(bool val)104    void setEnabled(bool val) { Enabled = val;};
105 };
106 
107 /* Definition of the contents of each Resource */
108 struct DIRRES {
109    RES   hdr;
110    DIRINFO dirinfo;
111    bool monitor;                      /* Have only access to status and .status functions */
112    bool remote;                       /* Remote console, can run and control jobs */
113    bool connect_to_dir;               /* Connect the Director to get jobs */
114    uint64_t max_bandwidth_per_job;    /* Bandwidth limitation (per director) */
115    alist *disable_cmds;               /* Commands to disable */
116    bool *disabled_cmds_array;         /* Disabled commands array */
117    CONSRES *console;
118    SCHEDRES *schedule;                /* Know when to connect the Director */
119    int reconnection_time;             /* Reconnect after a given time */
120 };
121 
122 struct CLIENT {
123    RES   hdr;
124    dlist *FDaddrs;
125    dlist *FDsrc_addr;                 /* address to source connections from */
126    char *working_directory;
127    char *pid_directory;
128    char *subsys_directory;
129    char *plugin_directory;            /* Plugin directory */
130    char *scripts_directory;
131    char *snapshot_command;
132    char *dedup_index_dir;             /* Directory for local dedup cache (deprecated) */
133    MSGS *messages;                    /* daemon message handler */
134    uint32_t MaxConcurrentJobs;
135    utime_t SDConnectTimeout;          /* timeout in seconds */
136    utime_t heartbeat_interval;        /* Interval to send heartbeats */
137    uint32_t max_network_buffer_size;  /* max network buf size */
138    bool comm_compression;             /* Enable comm line compression */
139    bool pki_sign;                     /* Enable Data Integrity Verification via Digital Signatures */
140    bool pki_encrypt;                  /* Enable Data Encryption */
141    bool local_dedup;                  /* Enable Client (local) deduplication */
142    char *pki_keypair_file;            /* PKI Key Pair File */
143    alist *pki_signing_key_files;      /* PKI Signing Key Files */
144    alist *pki_master_key_files;       /* PKI Master Key Files */
145    int32_t pki_cipher;               /* PKI Cipher type */
146    int32_t pki_digest;               /* PKI Digest type */
147    bool tls_authenticate;             /* Authenticate with TLS */
148    bool tls_enable;                   /* Enable TLS */
149    bool tls_psk_enable;               /* Enable TLS-PSK */
150    bool tls_require;                  /* Require TLS */
151    char *tls_ca_certfile;             /* TLS CA Certificate File */
152    char *tls_ca_certdir;              /* TLS CA Certificate Directory */
153    char *tls_certfile;                /* TLS Client Certificate File */
154    char *tls_keyfile;                 /* TLS Client Key File */
155 
156    X509_KEYPAIR *pki_keypair;         /* Shared PKI Public/Private Keypair */
157    alist *pki_signers;                /* Shared PKI Trusted Signers */
158    alist *pki_recipients;             /* Shared PKI Recipients */
159    TLS_CONTEXT *tls_ctx;              /* Shared TLS Context */
160    TLS_CONTEXT *psk_ctx;              /* Shared TLS-PSK Context */
161    char *verid;                       /* Custom Id to print in version command */
162    uint64_t max_bandwidth_per_job;    /* Bandwidth limitation (global) */
163    bool require_fips;                  /* Check for FIPS module */
164    bool allow_dedup_cache;            /* allow the use of dedup cache for rehydration */
165    alist *disable_cmds;               /* Commands to disable */
166    bool *disabled_cmds_array;         /* Disabled commands array */
167 };
168 
169 /* Get the size of a resource object */
170 int get_resource_size(int type);
171 
172 /* Define the Union of all the above
173  * resource structure definitions.
174  */
175 union URES {
176    DIRRES       res_dir;
177    CLIENT       res_client;
178    MSGS         res_msgs;
179    CONSRES      res_cons;
180    RES          hdr;
181    COLLECTOR    res_collector;
182    SCHEDRES     res_sched;
183 };
184