From: Alain Spineux Date: Tue, 12 May 2020 20:37:46 +0000 (+0200) Subject: BEE Backport bacula/src/console/console_conf.h X-Git-Tag: Release-11.3.2~1589 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=278fddc81f199828fa6d61a21d1e503d1b2f04ad;p=thirdparty%2Fbacula.git BEE Backport bacula/src/console/console_conf.h This commit is the result of the squash of the following main commits: Author: Eric Bollengier Date: Wed Feb 5 12:00:41 2020 +0100 Fix *json segfault on OpenBSD In memcpy(&res_all, res, sizeof(res_all)); The res_all is likely bigger than res itself. We copy too much data, and on OpenBSD, we get segfaults. Author: Eric Bollengier Date: Tue Jan 7 11:27:45 2020 +0100 Fix #5840 Implement configurable history file size Author: Alain Spineux Date: Mon Apr 8 14:56:33 2019 +0200 PSK: Add new "TLS PSK Enable" directive to all resources - add the field to the resources - create default "psk_ctx" CONTEXT for each of them at startup --- diff --git a/bacula/src/console/console_conf.h b/bacula/src/console/console_conf.h index f6109331ac..c0a14f817b 100644 --- a/bacula/src/console/console_conf.h +++ b/bacula/src/console/console_conf.h @@ -1,7 +1,7 @@ /* Bacula(R) - The Network Backup Solution - Copyright (C) 2000-2018 Kern Sibbald + Copyright (C) 2000-2020 Kern Sibbald The original author of Bacula is Kern Sibbald, with contributions from many others, a complete list can be found in the file AUTHORS. @@ -54,11 +54,11 @@ enum { struct CONRES { RES hdr; char *rc_file; /* startup file */ - char *hist_file; /* command history file */ char *password; /* UA server password */ bool comm_compression; /* Enable comm line compression */ bool tls_authenticate; /* Authenticate with TLS */ bool tls_enable; /* Enable TLS on all connections */ + bool tls_psk_enable; /* Enable TLS-PSK on all connections */ bool tls_require; /* Require TLS on all connections */ char *tls_ca_certfile; /* TLS CA Certificate File */ char *tls_ca_certdir; /* TLS CA Certificate Directory */ @@ -66,8 +66,9 @@ struct CONRES { char *tls_keyfile; /* TLS Client Key File */ char *director; /* bind to director */ utime_t heartbeat_interval; /* Interval to send heartbeats to Dir */ - + bool require_fips; /* Check for FIPS module */ TLS_CONTEXT *tls_ctx; /* Shared TLS Context */ + TLS_CONTEXT *psk_ctx; /* Shared TLS-PSK Context */ }; /* Director */ @@ -78,14 +79,19 @@ struct DIRRES { char *password; /* UA server password */ bool tls_authenticate; /* Authenticate with TLS */ bool tls_enable; /* Enable TLS */ + bool tls_psk_enable; /* Enable TLS-PSK */ bool tls_require; /* Require TLS */ + bool require_fips; /* Check for FIPS module */ char *tls_ca_certfile; /* TLS CA Certificate File */ char *tls_ca_certdir; /* TLS CA Certificate Directory */ char *tls_certfile; /* TLS Client Certificate File */ char *tls_keyfile; /* TLS Client Key File */ utime_t heartbeat_interval; /* Interval to send heartbeats to Dir */ + char *hist_file; /* command history file */ + int32_t hist_file_size; /* command history file size */ TLS_CONTEXT *tls_ctx; /* Shared TLS Context */ + TLS_CONTEXT *psk_ctx; /* Shared TLS-PSK Context */ }; @@ -97,3 +103,6 @@ union URES { CONRES res_cons; RES hdr; }; + +/* Get the size of a give resource */ +int get_resource_size(int type);