1
0
mirror of https://github.com/pgbackrest/pgbackrest.git synced 2024-12-14 10:13:05 +02:00
Commit Graph

1095 Commits

Author SHA1 Message Date
David Steele
4e57b68916 v2.12: C Implementation of Archive Push
IMPORTANT NOTE: The new TLS/SSL implementation forbids dots in S3 bucket names per RFC-2818. This security fix is required for compliant hostname verification.

Bug Fixes:

* Fix issues when a path option is / terminated. (Reported by Marc Cousin.)
* Fix issues when log-level-file=off is set for the archive-get command. (Reported by Brad Nicholson.)
* Fix C code to recognize host:port option format like Perl does. (Reported by Kyle Nevins.)
* Fix issues with remote/local command logging options.

Improvements:

* The archive-push command is implemented entirely in C.
* Increase process-max limit to 999. (Suggested by Rakshitha-BR.)
* Improve error message when an S3 bucket name contains dots.

Documentation Improvements:

* Clarify that S3-compatible object stores are supported. (Suggested by Magnus Hagander.)
2019-04-11 09:14:22 -04:00
David Steele
df12cbb162 Fix C code to recognize host:port format like Perl does.
This was not an intentional feature in Perl, but it works, so it makes sense to implement the same syntax in C.

This is a break from other places where a -port option is explicitly supplied, so it may make sense to support both styles going forward.  This commit does not address that, however.

Reported by Kyle Nevins.
2019-04-10 17:48:34 -04:00
David Steele
25cea0bd0a Add process id to C archive-get and archive-push logging.
This was missed in the original migration.  There was no functional issue, but logging the process ids is useful for debugging.
2019-04-09 11:08:27 -04:00
David Steele
8c202c77da Add process id to ProtocolParallelJob.
This exposes the process that performed to job to the caller for logging purposes.
2019-04-09 11:01:35 -04:00
David Steele
4ace7edbd9 Allow process id in C logging
The default process id in C logging has always been zero.  This should have been updated when multi-processing was introduced in C, but it was missed.
2019-04-09 10:54:36 -04:00
David Steele
6099729e92 Improve error message when an S3 bucket name contains dots.
The Perl lib we have been using for TLS allows dots in wildcards, but this is forbidden by RFC-2818.  The new TLS implementation in C forbids this pattern, just as PostgreSQL and curl do.

However, this does present a problem for users who have been using bucket names with dots in older versions of pgBackRest.  Since this limitation exists for security reasons there appears to be no option but to take a hard line and do our best to notify the user of the issue as clearly as possible.
2019-04-08 19:38:06 -04:00
David Steele
21c83eea59 Fix issue setting log-level-file=off for the archive-get command.
This problem was not specific to archive-get, but that was the only place it was expressing in the last release.  The new archive-push was also affected.

The issue was with daemon processes that had closed all their file descriptors.  When exec'ing and setting up pipes to communicate with a child process the dup2() function created file descriptors that overlapped with the first descriptor (stdout) that was being duped into.  This descriptor was subsequently closed and wackiness ensued.

If logging was enabled (the default) that increased all the file descriptors by one and everything worked.

Fix this by checking if the file descriptor to be closed is the same one being dup'd into.  This solution may not be generally applicable but it works fine in this case.

Reported by Brad Nicholson.
2019-04-08 17:21:20 -04:00
David Steele
8ac422dca9 Close log file before exec().
The log file should be closed before exec() so the child process does not retain a reference to it.
2019-04-07 21:09:29 -04:00
David Steele
9f3425f6dd Skip coverage for macros with numbers in their name.
This was an oversight in the old regular expression.
2019-04-07 18:47:04 -04:00
David Steele
c72a94cfec Increase process-max limit to 999.
Recent hardware has outstripped the old default so increase it to something that should last for a while.

Suggested by Rakshitha-BR.
2019-04-07 18:20:03 -04:00
David Steele
9a7eab9428 Allow three-digits process IDs in logging.
This is required to support process-max > 99 or else there will be formatting/alignment issues in the logs.
2019-04-07 18:12:07 -04:00
David Steele
e97b8241a5 Clarify that S3-compatible object stores are supported.
The documentation mentioned Amazon S3 frequently but failed to mention that other S3-compatible object stores are also supported.

Tone down the specific mentions of Amazon S3 and replace them with "S3-compatible object store" when appropriate.

Suggested by Magnus Hagander.
2019-04-03 11:40:12 +01:00
David Steele
4c63279a19 Add forkSafe() to handle fork errors.
fork() rarely fails but we should definitely detect when it does so.
2019-04-02 13:50:02 +01:00
David Steele
1b48684713 The archive-push command is implemented entirely in C.
This new implementation should behave exactly like the old Perl code with the exception of updated log messages.

Remove as much of the Perl code as possible without breaking other commands.
2019-03-29 13:26:33 +00:00
David Steele
251dbede8f Add locking capability to the remote command.
When a repository server is configured, commands that modify the repository acquire a remote lock as well as a local lock for extra protection against multiple writers.

Instead of the custom logic used in Perl, make remote locking part of the command configuration.

This also means that the C remote needs the stanza since it is used to construct the lock name.  We may need to revisit this at a later date.
2019-03-27 21:14:06 +00:00
David Steele
7db8cedd68 Add protocolKeepAlive() to send noops to all remotes.
While the local processes are doing their jobs the remote connection from the main process may timeout.

Send occasional noops to ensure that doesn't happen.
2019-03-27 20:59:28 +00:00
David Steele
f8cbf5d78c Add TEST_64BIT() macro to detect 64-bit platforms.
This may not be the best way to detect 64-bit platforms but it seems to be working fine so far.

Create a macro to make it clearer what is being done and to make it easier to change the implementation.
2019-03-27 20:52:23 +00:00
David Steele
5ee8388f48 Build test harness with the same warnings as code being tested.
The test harness was not being built with warnings which caused some wackiness with an improperly structured switch.  Just use the same warnings as the code being tested.

Also enable warnings on code that is not directly being tested since other code modules are frequently modified during testing.
2019-03-26 08:20:55 +02:00
David Steele
abba2bd132 Add strLstMergeAnti() for merge anti-joins.
We deal with some pretty big lists in archive-push so a nested-loop anti-join looked like it would not be efficient enough.

This merge anti-join should do the trick even though both lists must be sorted first.
2019-03-25 20:35:20 +04:00
David Steele
538e2c7474 Add storagePg()/storagePgWrite() to storage helper.
Add read/write storage helper functions for the PostgreSQL data directory.
2019-03-25 09:45:36 +04:00
David Steele
444b4f8640 Allow warnings to be written by archiveAsyncStatusOkWrite().
Migrate this feature to the C code since archive-push will need it.
2019-03-25 09:17:15 +04:00
David Steele
8820d69574 Use a single file to handle global errors in async archiving.
The prior behavior on a global error (i.e. not file specific) was to write an individual error file for each WAL file being processed.  On retry each of these error files would be removed, and if the error was persistent, they would then be recreated.  In a busy environment this could mean tens or hundreds of thousands of files.

Another issue was that the error files could not be written until a list of WAL files to process had been generated.  This was easy enough for archive-get but archive-push requires more processing and any errors that happened when generating the list would only be reported in the pgBackRest log rather than the PostgreSQL log.

Instead write a global.error file that applies to any WAL file that does not have an explicit ok or error file.  This reduces churn and allows more errors to be reported directly to PostgreSQL.
2019-03-25 08:12:38 +04:00
David Steele
1fff60ad2a Remove unused infoArchiveCheckPg() function.
The idea was to use this function for archive-push, but in the end archive-push required two very different versions of the function.
2019-03-24 14:34:45 +04:00
David Steele
8560db5c42 Add constants for .ok/.error status extensions. 2019-03-24 13:54:05 +04:00
David Steele
7cf7373761 Refactor PostgreSQL interface to remove most code duplication.
Having a copy per version worked well until it was time to add new features or modify existing functions.  Then it was necessary to modify every version and try to keep them all in sync.

Consolidate all the PostgreSQL types into a single file using #if for type versions.  Many types do not change or change infrequently so this cuts down on duplication.  In addition, it is far easier to see what has changed when a new version is added.

Use macros to write the interface functions.  There is still duplication here since some changes require a new copy of the macro, but it is far less than before.
2019-03-21 21:11:36 +04:00
David Steele
e938a89250 Add WAL info to PostgreSQL interface.
This allows the WAL header to be read for any supported version on PostgreSQL.
2019-03-19 19:44:06 +04:00
David Steele
5c732e9929 Remove redundant documentation from PostgreSQL interface files and clarify ambiguous function names.
Move the documentation to postgres/interface.c so it can be updated without having to update N source files.

The "is" function was not very specific so rename to "controlIs".
2019-03-18 22:10:25 +04:00
David Steele
e26d510d0c Use restore command for remote performances tests.
Since archive-push is being moved to C, the Perl remote will no longer work with that command.

Eventually this module will need to be rewritten in C, but for now just use the restore command which is planned to be migrated last.
2019-03-17 22:11:35 +04:00
David Steele
856a369b86 Add file write to the S3 storage driver.
Now that repositories are writable the storage drivers that don't yet support file writes need to be updated to do so.

Note that the part size for multi-part upload has not been defined as a proper constant.  This will become an option in the near future so it doesn't seem worth creating a constant that we might then forget to remove.
2019-03-17 22:00:54 +04:00
David Steele
7193738288 Add document creation to XML objects.
The xml objects only exposed read methods of the underlying libxml2.

This worked for S3 commands that only received data but to send data we need to be able to create XML documents from scratch.

Add the ability to create empty documents and add nodes and contents.
2019-03-17 21:38:07 +04:00
David Steele
8ebc6d6c34 Add file write to the remote storage driver.
Now that repositories are writable the storage drivers that don't yet support file writes need to be updated to do so.
2019-03-16 21:50:19 +04:00
David Steele
2d386cd266 Move WAL path prefix logic into walPath().
This logic is used by both archive-push and archive-get.
2019-03-16 16:14:10 +04:00
David Steele
12273a1034 Add storageRepoWrite() to storage helper.
Writable repos are allowed with the addition of the CIFS driver, so add a helper function.
2019-03-16 15:48:50 +04:00
David Steele
66c2f4cd2e Make notion of current PostgreSQL info ID in C align with Perl.
The C code was assuming that the current PostgreSQL version in archive.info/backup.info was the most recent item in the history, but this is not always the case with some stanza-upgrade scenarios.  If a cluster is restored from before the upgrade and stanza-upgrade is run again, it will revert db-id to the original history item.

Instead, load db-id from the db section explicitly as the Perl code does.

This did not affect archive-get since it does a reverse scan through the history versions and does not rely on the current version.
2019-03-16 15:27:38 +04:00
David Steele
b2b2cf0511 Fix issues with remote/local command logging options.
Logging was being enable on local/remote processes even if --log-subprocess was not specified, so fix that.

Also, make sure that stderr is enabled at error level as it was on Perl.  This helps expose error information for debugging.

For remotes, suppress log and lock paths since these are not applicable on remote hosts.  These options should be set in the local config if they need to be overridden.
2019-03-16 15:00:02 +04:00
David Steele
d377e926c8 httpClientRequest() accepts a body parameter.
None of our C HTTP requests have needed to output a body, but they will with the migration of archive-push.

Also, add constants that are useful when POSTing/PUTing data.
2019-03-16 13:07:43 +04:00
David Steele
078df66e2c Add httpHeaderDup().
Allow duplication of headers and updating of redactions.
2019-03-16 12:51:37 +04:00
David Steele
be670e2545 Add hash size constants and extern hash type constant.
The size constants are convenient for creating data structures of the proper size.

The hash type constant must be extern'd so that results can be pulled from a filter.
2019-03-16 12:32:54 +04:00
David Steele
76560b3cf0 Add missing const to cryptoHashOne() and cryptoHashOneStr(). 2019-03-16 12:26:25 +04:00
David Steele
0eb4c2c829 Fix incorrect buffer size used in cryptoHashOne().
This was missing when bufUsed() was introduced.

It is not currently a live issue, but becomes a problem in the new archive-push code where the entire buffer is not always used.
2019-03-16 12:21:16 +04:00
David Steele
b68d1d60a1 Add cvtSSizeToZ() and debug macros. 2019-03-15 22:16:50 +04:00
David Steele
5554377632 Make strLstDup() null-tolerant.
Duping a NULL StringList without checking if it is NULL is a useful capability.
2019-03-15 10:20:52 +04:00
David Steele
9382283586 Fix issues when a path option is / terminated.
This condition was not being properly checked for in the C code and it caused problems in the info command, at the very least.

Instead of applying a local fix, introduce a new path option type that will rigorously check the format of any incoming paths.

Reported by Marc Cousin.
2019-03-14 13:48:33 +04:00
David Steele
b8ebea6b1c Add separate archive-push-async command.
This command was previously forked off from the archive-push command which required a bit of artificial option and log manipulation.

A separate command is easier to test and will work on platforms that don't have fork(), e.g. Windows.
2019-03-14 13:38:55 +04:00
David Steele
982b47c5ec Add CIFS storage driver.
This driver borrows heavily from the Posix driver.

At this point the only difference is that CIFS does not allow explicit directory fsyncs so they need to be suppressed.  At some point the CIFS diver will also omit link support.

With the addition of this driver repository storage is now writable.
2019-03-14 13:28:33 +04:00
David Steele
cf5a5b7b9a Begin v2.12 development. 2019-03-11 10:43:35 +02:00
David Steele
68d20edea6 v2.11: C Implementation of Archive Get
Bug Fixes:

* Fix possible truncated WAL segments when an error occurs mid-write. (Reported by blogh.)
* Fix info command missing WAL min/max when stanza specified. (Fixed by Stefan Fercot.)
* Fix non-compliant JSON for options passed from C to Perl. (Reported by Leo Khomenko.)

Improvements:

* The archive-get command is implemented entirely in C.
* Enable socket keep-alive on older Perl versions. (Contributed by Marc Cousin.)
* Error when parameters are passed to a command that does not accept parameters. (Suggested by Jason O'Donnell.)
* Add hints when unable to find a WAL segment in the archive. (Suggested by Hans-Jürgen Schönig.)
* Improve error when hostname cannot be found in a certificate. (Suggested by James Badger.)
* Add additional options to backup.manifest for debugging purposes. (Contributed by blogh.)
2019-03-10 18:56:00 +02:00
David Steele
2ef5ad70a2 Move crypto module to common/crypto.
It makes sense for the crypto code to be in common since it is not pgBackRest-specific.

Also combine the crypto tests into a single module.
2019-03-10 13:27:30 +02:00
David Steele
95597be81e Move compress module to common/compress.
It makes sense for the compression code to be in common since it is not pgBackRest-specific.
2019-03-10 13:11:20 +02:00
blogh
e4e2606fce Add additional options to backup.manifest for debugging purposes.
Add the buffer-size, compress-level, compress-level-network, and process-max options to the backup:option section in backup.manifest to aid in debugging.

It may also make sense to propagate these options up to backup.info so they can be displayed in the info command, but for now this is deemed sufficient.

Contributed by blogh.
2019-03-10 11:03:52 +02:00