Skip to content

bscrypto: fix and update code, and move CLI parsing to cli11#1350

Closed
alaaeddineelamri wants to merge 40 commits intobareos:masterfrom
alaaeddineelamri:dev/alaaeddineelamri/master/bscsicrypto-to-CLI11
Closed

bscrypto: fix and update code, and move CLI parsing to cli11#1350
alaaeddineelamri wants to merge 40 commits intobareos:masterfrom
alaaeddineelamri:dev/alaaeddineelamri/master/bscsicrypto-to-CLI11

Conversation

@alaaeddineelamri
Copy link
Contributor

@alaaeddineelamri alaaeddineelamri commented Jan 4, 2023
edited
Loading

Thank you for contributing to the Bareos Project!

Description

This PR moves CLI parsing of bscrypto to CLI11, along with some code updates and refactoring.

Please check

  • Short description and the purpose of this PR is present above this paragraph
  • Your name is present in the AUTHORS file (optional)

If you have any questions or problems, please give a comment in the PR.

Helpful documentation and best practices

Checklist for the reviewer of the PR (will be processed by the Bareos team)

General
  • PR name is meaningful
  • Purpose of the PR is understood
  • Commit descriptions are understandable and well formatted
  • Check backport line
  • Is the PR title usable as CHANGELOG entry?
  • Separate commit for CHANGELOG.md ("update CHANGELOG.md"). The PR number is correct.
Source code quality
  • Source code changes are understandable
  • Variable and function names are meaningful
  • Code comments are correct (logically and spelling)
  • Required documentation changes are present and part of the PR
  • bareos-check-sources --since-merge does not report any problems
Tests
  • Decision taken that a test is required (if not, then remove this paragraph)
  • The choice of the type of test (unit test or systemtest) is reasonable
  • Testname matches exactly what is being tested
  • On a fail, output of the test leads quickly to the origin of the fault

@alaaeddineelamri alaaeddineelamri changed the title bscsicrypto: fix and update code, and move CLI parsing to cli11 bscrypto: fix and update code, and move CLI parsing to cli11 Jan 4, 2023
@bruno-at-bareos bruno-at-bareos self-requested a review January 5, 2023 10:47
@alaaeddineelamri alaaeddineelamri force-pushed the dev/alaaeddineelamri/master/bscsicrypto-to-CLI11 branch from 4200545 to 3ae1268 Compare January 6, 2023 09:29
@alaaeddineelamri alaaeddineelamri marked this pull request as draft January 11, 2023 18:05
@bruno-at-bareos bruno-at-bareos force-pushed the dev/alaaeddineelamri/master/bscsicrypto-to-CLI11 branch from 1e1fd5e to 549b375 Compare March 23, 2023 14:18
@bruno-at-bareos bruno-at-bareos force-pushed the dev/alaaeddineelamri/master/bscsicrypto-to-CLI11 branch from 549b375 to c7d3656 Compare June 19, 2023 09:29
@alaaeddineelamri alaaeddineelamri force-pushed the dev/alaaeddineelamri/master/bscsicrypto-to-CLI11 branch from 7fec029 to a06f9a0 Compare August 22, 2023 09:14
@bruno-at-bareos bruno-at-bareos force-pushed the dev/alaaeddineelamri/master/bscsicrypto-to-CLI11 branch from a06f9a0 to fd591fb Compare November 21, 2023 09:25
Alaa Eddine Elamri and others added 18 commits February 19, 2024 15:25
@bruno-at-bareos
refactor: bscrypto: keyfiles from C strings to std::string
76eecd3
@bruno-at-bareos
refactor: bscrypto: remove bailout
db2174c
@bruno-at-bareos
refactor: bscrypto: unify duplicated read keyfile code
c9fe1af
@bruno-at-bareos
bscrypto.cc: update bscrypto to use CLI11 for command line parsing
dba9c15
@bruno-at-bareos
remove long option names to makes exclude lists more readable
059f151
@bruno-at-bareos
Revert "remove long option names to makes exclude lists more readable"
6ccc56f 
This reverts commit 64101cd370cad47f3ebc86af4db58b6c6a58911f.
@bruno-at-bareos
doc: scsicryptosd fix scripts path and name
fddc153 
Signed-off-by: Bruno Friedmann <bruno.friedmann@bareos.com>
@bruno-at-bareos
developerFAQ: quote tapedevice list
9475374 
Without the quote example in copy and paste call the second
and beyond tape drives are called by sh (due to ; separator)

Signed-off-by: Bruno Friedmann <bruno.friedmann@bareos.com>
@bruno-at-bareos
tests: add scsicrypto
59ec4d6 
- add sudoers.d/build.in configuration as sample
- test-setup will start/stop mhvtl.target and add blank medias

These tests need to have the autochanger and tapes flag for cmake
enabled and use mhvtl (preferably >1.7-0).
@bruno-at-bareos
tests: scsicrypto enable all checks
d9af4d5
@bruno-at-bareos
tests: scsicrypto add comment about failures
af15dc9
@bruno-at-bareos
tests: give extra time for mhvtl to settle before invalidating tapes
f8ea154
@bruno-at-bareos
bscrypto.cc: fix issue of reduced keydata size
0a5f7ff
@bruno-at-bareos
bscrypto.cc: fix issue of missing last character from key
2afbdc9 
`bstrncpy` makes sure the destination string is always null terminated,
which results in the last character of the string being replaced with `0`
 which in turn makes the passphrase string missing its last character
@bruno-at-bareos
tests: fix typos and make some names clearer
26a6476
@bruno-at-bareos
bscrypto.cc: remove mutual exclusion of -k and -w
43fcf1a
@bruno-at-bareos
tests: activate plugins
daee495 
Co-authored-by: Bruno Friedmann <bruno.friedmann@bareos.com>
@bruno-at-bareos
systemtests: remove obsolete plugin option values
5f0d690
@bruno-at-bareos bruno-at-bareos force-pushed the dev/alaaeddineelamri/master/bscsicrypto-to-CLI11 branch from fd591fb to c1a1bd7 Compare February 20, 2024 10:59
@sebsura
bscrypto: fix asan problems
ef81834 
passphrase is not a cstring (no null terminator) so it cannot be
printed with %s; bstrncpy can copy length + 1 bytes but only length
bytes were allocated; etc.
@bruno-at-bareos bruno-at-bareos force-pushed the dev/alaaeddineelamri/master/bscsicrypto-to-CLI11 branch from cc574a4 to ef81834 Compare February 27, 2024 09:25
@bruno-at-bareos
Copy link
Contributor

bruno-at-bareos commented Feb 29, 2024

Last stage of fixes to be done:

When used by the tools the key in log output is not similar than during backup/restore

29-fév-2024 13:36:39.422351 bareos-sd (200): scsicrypto/scsicrypto-sd.cc:359-2 scsicrypto-sd: Loading new crypto key [Eya3t/(z|3B+)5G8mAmAR2<Rfh4p(d#

# versus
29-fév-2024 14:09:47.125765 bls (200): scsicrypto/scsicrypto-sd.cc:359-0 scsicrypto-sd: Loading new crypto key ˯�TQ�����e�g���K�▒�(&v����������Bo

29-fév-2024 14:14:11.315839 bextract (200): scsicrypto/scsicrypto-sd.cc:359-0 scsicrypto-sd: Loading new crypto key ˯�TQ�����e�g���K�▒�(&v����������Bo

@sebsura
Copy link
Contributor

sebsura commented Mar 1, 2024
edited
Loading 

  if (dcr->jcr && dcr->jcr->sd_impl->director) {
    director = dcr->jcr->sd_impl->director;
    if (director->keyencrkey.value) {
[...]

These values need to exist for unwrapping to occur. Seems like this is not the case when the tools are used.
Is it possible that you forgot to specify -D/--director when starting the tools ? If you do not do so, then it will not load the director resource, leaving the plugin to think that there is no KEK.

@bruno-at-bareos
testrunner finish tools testing part.
7f90e6e 
add --director mandatory configuration parameter for tools to
precise which KEK has to be used.
@bruno-at-bareos
check return of clearing encryption from drive
96ebec2
@bruno-at-bareos bruno-at-bareos mentioned this pull request Mar 12, 2024
Merged
13 tasks
@bruno-at-bareos
Copy link
Contributor

bruno-at-bareos commented Mar 12, 2024

Closing the work is now happening in #1734

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bruno-at-bareos bruno-at-bareos Awaiting requested review from bruno-at-bareos

Assignees

@alaaeddineelamri alaaeddineelamri

@bruno-at-bareos bruno-at-bareos

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@alaaeddineelamri @bruno-at-bareos @sebsura