BEE Backport bacula/src/console/console_conf.h

This commit is the result of the squash of the following main commits:

Author: Eric Bollengier <eric@baculasystems.com>
Date:   Wed Feb 5 12:00:41 2020 +0100

    Fix *json segfault on OpenBSD

    In memcpy(&res_all, res, sizeof(res_all));

    The res_all is likely bigger than res itself. We
    copy too much data, and on OpenBSD, we get segfaults.

Author: Eric Bollengier <eric@baculasystems.com>
Date:   Tue Jan 7 11:27:45 2020 +0100

    Fix #5840 Implement configurable history file size

Author: Alain Spineux <alain@baculasystems.com>
Date:   Mon Apr 8 14:56:33 2019 +0200

    PSK: Add new "TLS PSK Enable" directive to all resources

    - add the field to the resources
    - create default "psk_ctx" CONTEXT for each of them at startup

diff --git a/bacula/src/console/console_conf.h b/bacula/src/console/console_conf.h
index f6109331ac19be29113ba1ef09a51d5e85a411d7..c0a14f817b4d6f9fa92c49603256ca37bfe6a975 100644 (file)
--- a/bacula/src/console/console_conf.h
+++ b/bacula/src/console/console_conf.h
@@ -1,7 +1,7 @@
 /*
    Bacula(R) - The Network Backup Solution
 
-   Copyright (C) 2000-2018 Kern Sibbald
+   Copyright (C) 2000-2020 Kern Sibbald
 
    The original author of Bacula is Kern Sibbald, with contributions
    from many others, a complete list can be found in the file AUTHORS.
@@ -54,11 +54,11 @@ enum {
 struct CONRES {
    RES   hdr;
    char *rc_file;                     /* startup file */
-   char *hist_file;                   /* command history file */
    char *password;                    /* UA server password */
    bool comm_compression;             /* Enable comm line compression */
    bool tls_authenticate;             /* Authenticate with TLS */
    bool tls_enable;                   /* Enable TLS on all connections */
+   bool tls_psk_enable;               /* Enable TLS-PSK on all connections */
    bool tls_require;                  /* Require TLS on all connections */
    char *tls_ca_certfile;             /* TLS CA Certificate File */
    char *tls_ca_certdir;              /* TLS CA Certificate Directory */
@@ -66,8 +66,9 @@ struct CONRES {
    char *tls_keyfile;                 /* TLS Client Key File */
    char *director;                    /* bind to director */
    utime_t heartbeat_interval;        /* Interval to send heartbeats to Dir */
-
+   bool require_fips;                  /* Check for FIPS module */
    TLS_CONTEXT *tls_ctx;              /* Shared TLS Context */
+   TLS_CONTEXT *psk_ctx;              /* Shared TLS-PSK Context */
 };
 
 /* Director */
@@ -78,14 +79,19 @@ struct DIRRES {
    char *password;                    /* UA server password */
    bool tls_authenticate;             /* Authenticate with TLS */
    bool tls_enable;                   /* Enable TLS */
+   bool tls_psk_enable;               /* Enable TLS-PSK */
    bool tls_require;                  /* Require TLS */
+   bool require_fips;                  /* Check for FIPS module */
    char *tls_ca_certfile;             /* TLS CA Certificate File */
    char *tls_ca_certdir;              /* TLS CA Certificate Directory */
    char *tls_certfile;                /* TLS Client Certificate File */
    char *tls_keyfile;                 /* TLS Client Key File */
    utime_t heartbeat_interval;        /* Interval to send heartbeats to Dir */
+   char *hist_file;                   /* command history file */
+   int32_t hist_file_size;            /* command history file size */
 
    TLS_CONTEXT *tls_ctx;              /* Shared TLS Context */
+   TLS_CONTEXT *psk_ctx;              /* Shared TLS-PSK Context */
 };
 
 
@@ -97,3 +103,6 @@ union URES {
    CONRES res_cons;
    RES hdr;
 };
+
+/* Get the size of a give resource */
+int get_resource_size(int type);