On Fri, Dec 6, 2019 at 1:44 AM Robert Haas <robertmh...@gmail.com> wrote:
> On Thu, Dec 5, 2019 at 11:22 AM Rushabh Lathia <rushabh.lat...@gmail.com>
> wrote:
> > Here is the whole stack of patches.
>
> I committed 0001, as that's just refactoring and I think (hope) it's
> uncontroversial. I think 0002-0005 need to be squashed together
> (crediting all authors properly and in the appropriate order) as it's
> quite hard to understand right now,
Please find attached single patch and I tried to add the credit to all
the authors.
There is one review comment from Jeevan Chalke, which still pending
to address is:
4.
> Why we need a "File" at the start of each entry as we are adding files
> only?
> I wonder if we also need to provide a tablespace name and directory marker
> so
> that we have "Tablespace" and "Dir" at the start.
>
Sorry, I am not quite sure about this, may be Robert is right person
to answer this.
and that Suraj's patch to validate
> the backup should be included in the patch stack. It needs
> documentation. Also, we need, either in that patch or a separate, TAP
> tests that exercise this feature. Things we should try to check:
>
> - Plain format backups can be verified against the manifest.
> - Tar format backups can be verified against the manifest after
> untarring (this might be a problem; not sure there's any guarantee
> that we have a working "tar" command available).
> - Verification succeeds for all available checksums algorithms and
> also for no checksum algorithm (should still check which files are
> present, and sizes).
> - If we tamper with a backup by removing a file, adding a file, or
> changing the size of a file, the modification is detected even without
> checksums.
> - If we tamper with a backup by changing the contents of a file but
> not the size, the modification is detected if checksums are used.
> - Everything above still works if there is user-defined tablespace
> that contains a table.
>
> --
> Robert Haas
> EnterpriseDB: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>
Thanks.
Rushabh Lathia
www.EnterpriseDB.com
From f36e63b8dcd24cc55fd3e475193d0e7df6454721 Mon Sep 17 00:00:00 2001
From: Rushabh Lathia <rushabh.lat...@enterprisedb.com>
Date: Fri, 6 Dec 2019 11:49:05 +0530
Subject: [PATCH] Backup manifest with file names, sizes, timestamps, optional
checksums.
Original patch from Robert Haas to create the backup manifest file. Fix
review comments, making checksum optional and provide user to choose the
checksum algorithm by me. Reviewed by Jeevan Chalke and me.
---
doc/src/sgml/protocol.sgml | 24 ++-
doc/src/sgml/ref/pg_basebackup.sgml | 12 ++
src/backend/access/transam/xlog.c | 3 +-
src/backend/replication/basebackup.c | 371 +++++++++++++++++++++++++++++++--
src/backend/replication/repl_gram.y | 6 +
src/backend/replication/repl_scanner.l | 1 +
src/bin/pg_basebackup/pg_basebackup.c | 130 +++++++++++-
src/include/replication/basebackup.h | 4 +-
8 files changed, 518 insertions(+), 33 deletions(-)
diff --git a/doc/src/sgml/protocol.sgml b/doc/src/sgml/protocol.sgml
index 8027521..bdff6f5 100644
--- a/doc/src/sgml/protocol.sgml
+++ b/doc/src/sgml/protocol.sgml
@@ -2466,15 +2466,19 @@ The commands accepted in replication mode are:
</varlistentry>
<varlistentry>
- <term><literal>BASE_BACKUP</literal> [ <literal>LABEL</literal> <replaceable>'label'</replaceable> ] [ <literal>PROGRESS</literal> ] [ <literal>FAST</literal> ] [ <literal>WAL</literal> ] [ <literal>NOWAIT</literal> ] [ <literal>MAX_RATE</literal> <replaceable>rate</replaceable> ] [ <literal>TABLESPACE_MAP</literal> ] [ <literal>NOVERIFY_CHECKSUMS</literal> ]
+ <term><literal>BASE_BACKUP</literal> [ <literal>LABEL</literal> <replaceable>'label'</replaceable> ] [ <literal>PROGRESS</literal> ] [ <literal>FAST</literal> ] [ <literal>WAL</literal> ] [ <literal>NOWAIT</literal> ] [ <literal>MAX_RATE</literal> <replaceable>rate</replaceable> ] [ <literal>TABLESPACE_MAP</literal> ] [ <literal>NOVERIFY_CHECKSUMS</literal> ] [ <literal>MANIFEST_CHECKSUMS</literal> <replaceable>'algorithm'</replaceable>]
<indexterm><primary>BASE_BACKUP</primary></indexterm>
</term>
<listitem>
<para>
Instructs the server to start streaming a base backup.
The system will automatically be put in backup mode before the backup
- is started, and taken out of it when the backup is complete. The
- following options are accepted:
+ is started, and taken out of it when the backup is complete. This also
+ store a manifest as part of each backup under the backup folder in a
+ file named backup_manifest. This file contains the list of files, and
+ the lengths of those files, file modified time and optional checksum
+ for each file as well as for a manifest file.The following options are
+ accepted:
<variablelist>
<varlistentry>
<term><literal>LABEL</literal> <replaceable>'label'</replaceable></term>
@@ -2576,6 +2580,20 @@ The commands accepted in replication mode are:
</para>
</listitem>
</varlistentry>
+
+ <varlistentry>
+ <term><literal>MANIFEST_CHECKSUMS</literal></term>
+ <listitem>
+ <para>
+ By default, checksum for each backup file in backup manifest file is
+ off. Specifying <literal>MANIFEST_CHECKSUMS</literal> when a checksum
+ algorithm name, enables the checksum for each backup file in backup
+ manifest file as well a for manifest file itself. Currently it supports
+ SHA256 and CRC32C as checksum algorithm.
+ </para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
</para>
<para>
diff --git a/doc/src/sgml/ref/pg_basebackup.sgml b/doc/src/sgml/ref/pg_basebackup.sgml
index fc9e222..af7c731 100644
--- a/doc/src/sgml/ref/pg_basebackup.sgml
+++ b/doc/src/sgml/ref/pg_basebackup.sgml
@@ -536,6 +536,18 @@ PostgreSQL documentation
</para>
</listitem>
</varlistentry>
+
+ <varlistentry>
+ <term><option>--manifest-checksum <replaceable class="parameter">algorithm</replaceable></option></term>
+ <listitem>
+ <para>
+ Enables a checksum for the each backup file in manifest file as well as
+ for manifest file itself and will choose the given algorithm to generate
+ the checksum value.
+ </para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
</para>
diff --git a/src/backend/access/transam/xlog.c b/src/backend/access/transam/xlog.c
index 6bc1a6b..f0ad08a 100644
--- a/src/backend/access/transam/xlog.c
+++ b/src/backend/access/transam/xlog.c
@@ -10504,7 +10504,8 @@ do_pg_start_backup(const char *backupidstr, bool fast, TimeLineID *starttli_p,
ti->oid = pstrdup(de->d_name);
ti->path = pstrdup(buflinkpath.data);
ti->rpath = relpath ? pstrdup(relpath) : NULL;
- ti->size = infotbssize ? sendTablespace(fullpath, true) : -1;
+ ti->size = infotbssize ?
+ sendTablespace(fullpath, ti->oid, true, NULL) : -1;
if (tablespaces)
*tablespaces = lappend(*tablespaces, ti);
diff --git a/src/backend/replication/basebackup.c b/src/backend/replication/basebackup.c
index 1fa4551..b777d1f 100644
--- a/src/backend/replication/basebackup.c
+++ b/src/backend/replication/basebackup.c
@@ -19,6 +19,7 @@
#include "access/xlog_internal.h" /* for pg_start/stop_backup */
#include "catalog/pg_type.h"
#include "common/file_perm.h"
+#include "common/sha2.h"
#include "lib/stringinfo.h"
#include "libpq/libpq.h"
#include "libpq/pqformat.h"
@@ -53,18 +54,41 @@ typedef struct
bool sendtblspcmapfile;
} basebackup_options;
+/* Checksum algorithm option for manifest */
+enum manifestCheckSum
+{
+ MC_NONE = 0,
+ MC_SHA256,
+ MC_CRC32C
+};
+
+/* checksum algorithm context */
+typedef union checksumCtx
+{
+ pg_sha256_ctx sha256_ctx;
+ pg_crc32c crc_ctx;
+} ChecksumCtx;
static int64 sendDir(const char *path, int basepathlen, bool sizeonly,
- List *tablespaces, bool sendtblspclinks);
+ List *tablespaces, bool sendtblspclinks,
+ StringInfo manifest, const char *tsoid);
static bool sendFile(const char *readfilename, const char *tarfilename,
- struct stat *statbuf, bool missing_ok, Oid dboid);
-static void sendFileWithContent(const char *filename, const char *content);
+ struct stat *statbuf, bool missing_ok, Oid dboid,
+ StringInfo manifest, const char *tsoid);
+static void sendFileWithContent(const char *filename, const char *content,
+ StringInfo manifest);
static int64 _tarWriteHeader(const char *filename, const char *linktarget,
struct stat *statbuf, bool sizeonly);
static int64 _tarWriteDir(const char *pathbuf, int basepathlen, struct stat *statbuf,
bool sizeonly);
static void send_int8_string(StringInfoData *buf, int64 intval);
static void SendBackupHeader(List *tablespaces);
+static void InitializeManifest(StringInfo manifest);
+static void AddFileToManifest(StringInfo manifest, const char *tsoid,
+ const char *filename, size_t size, time_t mtime,
+ ChecksumCtx *cCtx);
+static void SendBackupManifest(StringInfo manifest);
+static char *escape_field_for_manifest(const char *s);
static void base_backup_cleanup(int code, Datum arg);
static void perform_base_backup(basebackup_options *opt);
static void parse_basebackup_options(List *options, basebackup_options *opt);
@@ -72,6 +96,9 @@ static void SendXlogRecPtrResult(XLogRecPtr ptr, TimeLineID tli);
static int compareWalFileNames(const ListCell *a, const ListCell *b);
static void throttle(size_t increment);
static bool is_checksummed_file(const char *fullpath, const char *filename);
+static void initialize_manifest_checksum(ChecksumCtx *cCtx);
+static void update_manifest_checksum(ChecksumCtx *cCtx, const char *buf, off_t cnt);
+static int finalize_manifest_checksum(ChecksumCtx *cCtx, char *checksumbuf);
/* Was the backup currently in-progress initiated in recovery mode? */
static bool backup_started_in_recovery = false;
@@ -122,6 +149,9 @@ static long long int total_checksum_failures;
/* Do not verify checksums. */
static bool noverify_checksums = false;
+
+static enum manifestCheckSum manifest_checksums = MC_NONE;
+
/*
* The contents of these directories are removed or recreated during server
* start so they are not included in backups. The directories themselves are
@@ -241,6 +271,7 @@ perform_base_backup(basebackup_options *opt)
TimeLineID endtli;
StringInfo labelfile;
StringInfo tblspc_map_file = NULL;
+ StringInfo manifest;
int datadirpathlen;
List *tablespaces = NIL;
@@ -250,6 +281,8 @@ perform_base_backup(basebackup_options *opt)
labelfile = makeStringInfo();
tblspc_map_file = makeStringInfo();
+ manifest = makeStringInfo();
+ InitializeManifest(manifest);
total_checksum_failures = 0;
@@ -286,7 +319,10 @@ perform_base_backup(basebackup_options *opt)
/* Add a node for the base directory at the end */
ti = palloc0(sizeof(tablespaceinfo));
- ti->size = opt->progress ? sendDir(".", 1, true, tablespaces, true) : -1;
+ if (opt->progress)
+ ti->size = sendDir(".", 1, true, tablespaces, true, NULL, NULL);
+ else
+ ti->size = -1;
tablespaces = lappend(tablespaces, ti);
/* Send tablespace header */
@@ -333,7 +369,8 @@ perform_base_backup(basebackup_options *opt)
struct stat statbuf;
/* In the main tar, include the backup_label first... */
- sendFileWithContent(BACKUP_LABEL_FILE, labelfile->data);
+ sendFileWithContent(BACKUP_LABEL_FILE, labelfile->data,
+ manifest);
/*
* Send tablespace_map file if required and then the bulk of
@@ -341,11 +378,12 @@ perform_base_backup(basebackup_options *opt)
*/
if (tblspc_map_file && opt->sendtblspcmapfile)
{
- sendFileWithContent(TABLESPACE_MAP, tblspc_map_file->data);
- sendDir(".", 1, false, tablespaces, false);
+ sendFileWithContent(TABLESPACE_MAP, tblspc_map_file->data,
+ manifest);
+ sendDir(".", 1, false, tablespaces, false, manifest, NULL);
}
else
- sendDir(".", 1, false, tablespaces, true);
+ sendDir(".", 1, false, tablespaces, true, manifest, NULL);
/* ... and pg_control after everything else. */
if (lstat(XLOG_CONTROL_FILE, &statbuf) != 0)
@@ -353,10 +391,11 @@ perform_base_backup(basebackup_options *opt)
(errcode_for_file_access(),
errmsg("could not stat file \"%s\": %m",
XLOG_CONTROL_FILE)));
- sendFile(XLOG_CONTROL_FILE, XLOG_CONTROL_FILE, &statbuf, false, InvalidOid);
+ sendFile(XLOG_CONTROL_FILE, XLOG_CONTROL_FILE, &statbuf,
+ false, InvalidOid, manifest, NULL);
}
else
- sendTablespace(ti->path, false);
+ sendTablespace(ti->path, ti->oid, false, manifest);
/*
* If we're including WAL, and this is the main data directory we
@@ -575,7 +614,7 @@ perform_base_backup(basebackup_options *opt)
* complete segment.
*/
StatusFilePath(pathbuf, walFileName, ".done");
- sendFileWithContent(pathbuf, "");
+ sendFileWithContent(pathbuf, "", manifest);
}
/*
@@ -598,16 +637,20 @@ perform_base_backup(basebackup_options *opt)
(errcode_for_file_access(),
errmsg("could not stat file \"%s\": %m", pathbuf)));
- sendFile(pathbuf, pathbuf, &statbuf, false, InvalidOid);
+ sendFile(pathbuf, pathbuf, &statbuf, false, InvalidOid, manifest,
+ NULL);
/* unconditionally mark file as archived */
StatusFilePath(pathbuf, fname, ".done");
- sendFileWithContent(pathbuf, "");
+ sendFileWithContent(pathbuf, "", manifest);
}
/* Send CopyDone message for the last tar file */
pq_putemptymessage('c');
}
+
+ SendBackupManifest(manifest);
+
SendXlogRecPtrResult(endptr, endtli);
if (total_checksum_failures)
@@ -651,6 +694,7 @@ parse_basebackup_options(List *options, basebackup_options *opt)
bool o_maxrate = false;
bool o_tablespace_map = false;
bool o_noverify_checksums = false;
+ bool o_manifest_checksums = false;
MemSet(opt, 0, sizeof(*opt));
foreach(lopt, options)
@@ -739,6 +783,27 @@ parse_basebackup_options(List *options, basebackup_options *opt)
noverify_checksums = true;
o_noverify_checksums = true;
}
+ else if (strcmp(defel->defname, "manifest_checksums") == 0)
+ {
+ char *manifest_checksum_algo = NULL;
+ if (o_manifest_checksums)
+ ereport(ERROR,
+ (errcode(ERRCODE_SYNTAX_ERROR),
+ errmsg("duplicate option \"%s\"", defel->defname)));
+ manifest_checksum_algo = strVal(defel->arg);
+
+ if (pg_strcasecmp(manifest_checksum_algo, "SHA256") == 0)
+ manifest_checksums = MC_SHA256;
+ else if (pg_strcasecmp(manifest_checksum_algo, "CRC32C") == 0)
+ manifest_checksums = MC_CRC32C;
+ else if (pg_strcasecmp(manifest_checksum_algo, "NONE") == 0)
+ manifest_checksums = MC_NONE;
+ else
+ ereport(ERROR,
+ (errcode(ERRCODE_SYNTAX_ERROR),
+ errmsg("invalid manifest_checksums option \"%s\"", manifest_checksum_algo)));
+ }
+
else
elog(ERROR, "option \"%s\" not recognized",
defel->defname);
@@ -860,6 +925,184 @@ SendBackupHeader(List *tablespaces)
pq_puttextmessage('C', "SELECT");
}
+static void
+InitializeManifest(StringInfo manifest)
+{
+ appendStringInfoString(manifest, "PostgreSQL-Backup-Manifest-Version 1\n");
+}
+
+/*
+ * Add an entry to the backup manifest for a file.
+ */
+static void
+AddFileToManifest(StringInfo manifest, const char *tsoid,
+ const char *filename, size_t size, time_t mtime,
+ ChecksumCtx *cCtx)
+{
+ char pathbuf[MAXPGPATH];
+ char *escaped_filename;
+ static char timebuf[128];
+ static char checksumbuf[256];
+ char encode_checksumbuf[256];
+ struct pg_tm *tm;
+ char *checksumlabel = NULL;
+ int checksumbuflen;
+
+ /*
+ * If this file is part of a tablespace, the filename passed to this
+ * function will be relative to the tar file that contains it. We want
+ * the pathname relative to the data directory (ignoring the intermediate
+ * symlink traversal).
+ */
+ if (tsoid != NULL)
+ {
+ snprintf(pathbuf, sizeof(pathbuf), "pg_tblspc/%s/%s", tsoid, filename);
+ filename = pathbuf;
+ }
+
+ /* Escape filename, if necessary. */
+ escaped_filename = escape_field_for_manifest(filename);
+
+ /*
+ * Convert time to a string. Since it's not clear what time zone to use
+ * and since time zone definitions can change, possibly causing confusion,
+ * use GMT always.
+ */
+ tm = pg_gmtime(&mtime);
+ if (tm == NULL)
+ elog(ERROR, "could not convert epoch to timestamp: %m");
+ pg_strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S %Z", tm);
+
+ /* Generate final checksum and Convert it to hexadecimal. */
+ if (manifest_checksums != MC_NONE)
+ {
+ checksumbuflen = finalize_manifest_checksum(cCtx, checksumbuf);
+ switch (manifest_checksums)
+ {
+ case MC_SHA256:
+ checksumlabel = "SHA256:";
+ break;
+ case MC_CRC32C:
+ checksumlabel = "CRC32C:";
+ break;
+ case MC_NONE:
+ break;
+ }
+ checksumbuflen = hex_encode(checksumbuf,
+ checksumbuflen,
+ encode_checksumbuf);
+ encode_checksumbuf[checksumbuflen] = '\0';
+ }
+
+ /* Add to manifest. */
+ appendStringInfo(manifest, "File\t%s\t%zu\t%s\t%s%s\n",
+ escaped_filename == NULL ? filename : escaped_filename,
+ size, timebuf, checksumlabel ? checksumlabel : "",
+ manifest_checksums != MC_NONE ? encode_checksumbuf : "-");
+
+ /* Avoid leaking memory. */
+ if (escaped_filename != NULL)
+ pfree(escaped_filename);
+}
+
+/*
+ * Finalize the backup manifest, and send it to the client.
+ */
+static void
+SendBackupManifest(StringInfo manifest)
+{
+ char checksumbuf[256];
+ StringInfoData protobuf;
+ int checksumbuflen;
+ ChecksumCtx cCtx;
+
+ /* Checksum the manifest. */
+ if (manifest_checksums != MC_NONE)
+ {
+ initialize_manifest_checksum(&cCtx);
+ update_manifest_checksum(&cCtx, manifest->data, manifest->len);
+ checksumbuflen = finalize_manifest_checksum(&cCtx, (char *) checksumbuf);
+ appendStringInfoString(manifest, "Manifest-Checksum\t");
+ switch (manifest_checksums)
+ {
+ case MC_SHA256:
+ appendStringInfoString(manifest, "SHA256:");
+ break;
+ case MC_CRC32C:
+ appendStringInfoString(manifest, "CRC32C:");
+ break;
+ case MC_NONE:
+ break;
+ }
+ enlargeStringInfo(manifest, checksumbuflen * 2);
+ checksumbuflen = hex_encode(checksumbuf, checksumbuflen,
+ manifest->data + manifest->len);
+ manifest->len += checksumbuflen;
+ appendStringInfoChar(manifest, '\n');
+ }
+
+ /* Send CopyOutResponse message */
+ pq_beginmessage(&protobuf, 'H');
+ pq_sendbyte(&protobuf, 0); /* overall format */
+ pq_sendint16(&protobuf, 0); /* natts */
+ pq_endmessage(&protobuf);
+
+ /* Send CopyData message */
+ pq_putmessage('d', manifest->data, manifest->len);
+
+ /* And finally CopyDone message */
+ pq_putemptymessage('c');
+}
+
+/*
+ * Escape a field for inclusion in a manifest.
+ *
+ * We use the following escaping rule: If a field contains \t, \r, or \n,
+ * the field must be surrounded by double-quotes, and any internal double
+ * quotes must be doubled. Otherwise, no escaping is required.
+ *
+ * The return value is a new palloc'd string with escaping added, or NULL
+ * if no escaping is required.
+ */
+static char *
+escape_field_for_manifest(const char *s)
+{
+ bool escaping_required = false;
+ int escaped_length = 2;
+ const char *t;
+ char *result;
+ char *r;
+
+ for (t = s; *t != '\0'; ++t)
+ {
+ if (*t == '\t' || *t == '\r' || *t == '\n')
+ escaping_required = true;
+ if (*t == '"')
+ ++escaped_length;
+ ++escaped_length;
+ }
+
+ if (!escaping_required)
+ return NULL;
+
+ result = palloc(escaped_length + 1);
+ result[0] = '"';
+ result[escaped_length - 1] = '"';
+ result[escaped_length] = '\0';
+ r = result + 1;
+
+ for (t = s; *t != '\0'; ++t)
+ {
+ *(r++) = *t;
+ if (*t == '"')
+ *(r++) = *t;
+ }
+
+ Assert(r == &result[escaped_length - 1]);
+
+ return result;
+}
+
/*
* Send a single resultset containing just a single
* XLogRecPtr record (in text format)
@@ -920,11 +1163,13 @@ SendXlogRecPtrResult(XLogRecPtr ptr, TimeLineID tli)
* Inject a file with given name and content in the output tar stream.
*/
static void
-sendFileWithContent(const char *filename, const char *content)
+sendFileWithContent(const char *filename, const char *content,
+ StringInfo manifest)
{
struct stat statbuf;
int pad,
len;
+ ChecksumCtx cCtx;
len = strlen(content);
@@ -957,6 +1202,15 @@ sendFileWithContent(const char *filename, const char *content)
MemSet(buf, 0, pad);
pq_putmessage('d', buf, pad);
}
+
+ if (manifest_checksums != MC_NONE)
+ {
+ initialize_manifest_checksum(&cCtx);
+ update_manifest_checksum(&cCtx, content, len);
+ }
+
+ AddFileToManifest(manifest, NULL, filename, len, statbuf.st_mtime,
+ &cCtx);
}
/*
@@ -967,7 +1221,7 @@ sendFileWithContent(const char *filename, const char *content)
* Only used to send auxiliary tablespaces, not PGDATA.
*/
int64
-sendTablespace(char *path, bool sizeonly)
+sendTablespace(char *path, char *oid, bool sizeonly, StringInfo manifest)
{
int64 size;
char pathbuf[MAXPGPATH];
@@ -1000,7 +1254,7 @@ sendTablespace(char *path, bool sizeonly)
sizeonly);
/* Send all the files in the tablespace version directory */
- size += sendDir(pathbuf, strlen(path), sizeonly, NIL, true);
+ size += sendDir(pathbuf, strlen(path), sizeonly, NIL, true, manifest, oid);
return size;
}
@@ -1019,7 +1273,7 @@ sendTablespace(char *path, bool sizeonly)
*/
static int64
sendDir(const char *path, int basepathlen, bool sizeonly, List *tablespaces,
- bool sendtblspclinks)
+ bool sendtblspclinks, StringInfo manifest, const char *tsoid)
{
DIR *dir;
struct dirent *de;
@@ -1295,7 +1549,8 @@ sendDir(const char *path, int basepathlen, bool sizeonly, List *tablespaces,
skip_this_dir = true;
if (!skip_this_dir)
- size += sendDir(pathbuf, basepathlen, sizeonly, tablespaces, sendtblspclinks);
+ size += sendDir(pathbuf, basepathlen, sizeonly, tablespaces,
+ sendtblspclinks, manifest, tsoid);
}
else if (S_ISREG(statbuf.st_mode))
{
@@ -1303,7 +1558,8 @@ sendDir(const char *path, int basepathlen, bool sizeonly, List *tablespaces,
if (!sizeonly)
sent = sendFile(pathbuf, pathbuf + basepathlen + 1, &statbuf,
- true, isDbDir ? pg_atoi(lastDir + 1, sizeof(Oid), 0) : InvalidOid);
+ true, isDbDir ? pg_atoi(lastDir + 1, sizeof(Oid), 0) : InvalidOid,
+ manifest, tsoid);
if (sent || sizeonly)
{
@@ -1366,8 +1622,9 @@ is_checksummed_file(const char *fullpath, const char *filename)
* and the file did not exist.
*/
static bool
-sendFile(const char *readfilename, const char *tarfilename, struct stat *statbuf,
- bool missing_ok, Oid dboid)
+sendFile(const char *readfilename, const char *tarfilename,
+ struct stat *statbuf, bool missing_ok, Oid dboid,
+ StringInfo manifest, const char *tsoid)
{
FILE *fp;
BlockNumber blkno = 0;
@@ -1384,6 +1641,9 @@ sendFile(const char *readfilename, const char *tarfilename, struct stat *statbuf
int segmentno = 0;
char *segmentpath;
bool verify_checksum = false;
+ ChecksumCtx cCtx;
+
+ initialize_manifest_checksum(&cCtx);
fp = AllocateFile(readfilename, "rb");
if (fp == NULL)
@@ -1553,6 +1813,9 @@ sendFile(const char *readfilename, const char *tarfilename, struct stat *statbuf
ereport(ERROR,
(errmsg("base backup could not send data, aborting backup")));
+ /* Also feed it to the checksum machinery. */
+ update_manifest_checksum(&cCtx, buf, cnt);
+
len += cnt;
throttle(cnt);
@@ -1577,6 +1840,7 @@ sendFile(const char *readfilename, const char *tarfilename, struct stat *statbuf
{
cnt = Min(sizeof(buf), statbuf->st_size - len);
pq_putmessage('d', buf, cnt);
+ update_manifest_checksum(&cCtx, buf, cnt);
len += cnt;
throttle(cnt);
}
@@ -1584,7 +1848,8 @@ sendFile(const char *readfilename, const char *tarfilename, struct stat *statbuf
/*
* Pad to 512 byte boundary, per tar format requirements. (This small
- * piece of data is probably not worth throttling.)
+ * piece of data is probably not worth throttling, and is not checksummed
+ * because it's not actually part of the file.)
*/
pad = ((len + 511) & ~511) - len;
if (pad > 0)
@@ -1607,6 +1872,8 @@ sendFile(const char *readfilename, const char *tarfilename, struct stat *statbuf
}
total_checksum_failures += checksum_failures;
+ AddFileToManifest(manifest, tsoid, tarfilename, statbuf->st_size,
+ statbuf->st_mtime, &cCtx);
return true;
}
@@ -1742,3 +2009,63 @@ throttle(size_t increment)
*/
throttled_last = GetCurrentTimestamp();
}
+
+/*
+ * Initialize the manifest checksum context according to the provided algorithm.
+ */
+static void
+initialize_manifest_checksum(ChecksumCtx *cCtx)
+{
+ switch (manifest_checksums)
+ {
+ case MC_SHA256:
+ pg_sha256_init(&cCtx->sha256_ctx);
+ break;
+ case MC_CRC32C:
+ INIT_CRC32C(cCtx->crc_ctx);
+ break;
+ case MC_NONE:
+ break;
+ }
+}
+
+static void
+update_manifest_checksum(ChecksumCtx *cCtx, const char *buf, off_t cnt)
+{
+ switch (manifest_checksums)
+ {
+ case MC_SHA256:
+ pg_sha256_update(&cCtx->sha256_ctx, (uint8 *) buf, cnt);
+ break;
+ case MC_CRC32C:
+ COMP_CRC32C(cCtx->crc_ctx, buf, cnt);
+ break;
+ case MC_NONE:
+ break;
+ }
+}
+
+/*
+ * Function calculate the final checksum for the provided context and returns
+ * the length of checksum.
+ */
+static int
+finalize_manifest_checksum(ChecksumCtx *cCtx, char *checksumbuf)
+{
+ int checksumlen = 0;
+ switch (manifest_checksums)
+ {
+ case MC_SHA256:
+ pg_sha256_final(&cCtx->sha256_ctx, (uint8 *)checksumbuf);
+ checksumlen = PG_SHA256_DIGEST_LENGTH;
+ break;
+ case MC_CRC32C:
+ FIN_CRC32C(cCtx->crc_ctx);
+ pg_ltoa(cCtx->crc_ctx, checksumbuf);
+ checksumlen = strlen(checksumbuf);
+ break;
+ case MC_NONE:
+ break;
+ }
+ return checksumlen;
+}
diff --git a/src/backend/replication/repl_gram.y b/src/backend/replication/repl_gram.y
index c4e11cc..e527dd2 100644
--- a/src/backend/replication/repl_gram.y
+++ b/src/backend/replication/repl_gram.y
@@ -87,6 +87,7 @@ static SQLCmd *make_sqlcmd(void);
%token K_EXPORT_SNAPSHOT
%token K_NOEXPORT_SNAPSHOT
%token K_USE_SNAPSHOT
+%token K_MANIFEST_CHECKSUMS
%type <node> command
%type <node> base_backup start_replication start_logical_replication
@@ -214,6 +215,11 @@ base_backup_opt:
$$ = makeDefElem("noverify_checksums",
(Node *)makeInteger(true), -1);
}
+ | K_MANIFEST_CHECKSUMS SCONST
+ {
+ $$ = makeDefElem("manifest_checksums",
+ (Node *)makeString($2), -1);
+ }
;
create_replication_slot:
diff --git a/src/backend/replication/repl_scanner.l b/src/backend/replication/repl_scanner.l
index 380faeb..1b73f1e 100644
--- a/src/backend/replication/repl_scanner.l
+++ b/src/backend/replication/repl_scanner.l
@@ -107,6 +107,7 @@ EXPORT_SNAPSHOT { return K_EXPORT_SNAPSHOT; }
NOEXPORT_SNAPSHOT { return K_NOEXPORT_SNAPSHOT; }
USE_SNAPSHOT { return K_USE_SNAPSHOT; }
WAIT { return K_WAIT; }
+MANIFEST_CHECKSUMS { return K_MANIFEST_CHECKSUMS; }
"," { return ','; }
";" { return ';'; }
diff --git a/src/bin/pg_basebackup/pg_basebackup.c b/src/bin/pg_basebackup/pg_basebackup.c
index 16886fb..7d5ed0d 100644
--- a/src/bin/pg_basebackup/pg_basebackup.c
+++ b/src/bin/pg_basebackup/pg_basebackup.c
@@ -88,6 +88,12 @@ typedef struct UnpackTarState
FILE *file;
} UnpackTarState;
+typedef struct WriteManifestState
+{
+ char filename[MAXPGPATH];
+ FILE *file;
+} WriteManifestState;
+
typedef void (*WriteDataCallback) (size_t nbytes, char *buf,
void *callback_data);
@@ -135,6 +141,7 @@ static bool temp_replication_slot = true;
static bool create_slot = false;
static bool no_slot = false;
static bool verify_checksums = true;
+static char *manifest_checksums = NULL;
static bool success = false;
static bool made_new_pgdata = false;
@@ -180,6 +187,12 @@ static void ReceiveTarCopyChunk(size_t r, char *copybuf, void *callback_data);
static void ReceiveAndUnpackTarFile(PGconn *conn, PGresult *res, int rownum);
static void ReceiveTarAndUnpackCopyChunk(size_t r, char *copybuf,
void *callback_data);
+static void ReceiveBackupManifest(PGconn *conn);
+static void ReceiveBackupManifestChunk(size_t r, char *copybuf,
+ void *callback_data);
+static void ReceiveBackupManifestInMemory(PGconn *conn, PQExpBuffer buf);
+static void ReceiveBackupManifestInMemoryChunk(size_t r, char *copybuf,
+ void *callback_data);
static void BaseBackup(void);
static bool reached_end_position(XLogRecPtr segendpos, uint32 timeline,
@@ -386,6 +399,8 @@ usage(void)
printf(_(" --no-slot prevent creation of temporary replication slot\n"));
printf(_(" --no-verify-checksums\n"
" do not verify checksums\n"));
+ printf(_(" --manifest-checksums=SHA256|CRC32C|NONE\n"
+ " calculate checksums for manifest files using provided algorithm\n"));
printf(_(" -?, --help show this help, then exit\n"));
printf(_("\nConnection options:\n"));
printf(_(" -d, --dbname=CONNSTR connection string\n"));
@@ -924,8 +939,8 @@ ReceiveCopyData(PGconn *conn, WriteDataCallback callback,
res = PQgetResult(conn);
if (PQresultStatus(res) != PGRES_COPY_OUT)
{
- pg_log_error("could not get COPY data stream: %s",
- PQerrorMessage(conn));
+ pg_log_error("could not get COPY data stream: %s [%s]",
+ PQerrorMessage(conn), PQresStatus(PQresultStatus(res)));
exit(1);
}
PQclear(res);
@@ -1170,6 +1185,31 @@ ReceiveTarFile(PGconn *conn, PGresult *res, int rownum)
}
}
+ /*
+ * Normally, we emit the backup manifest as a separate file, but when
+ * we're writing a tarfile to stdout, we don't have that option, so
+ * include it in the one tarfile we've got.
+ */
+ if (strcmp(basedir, "-") == 0)
+ {
+ char header[512];
+ PQExpBufferData buf;
+
+ initPQExpBuffer(&buf);
+ ReceiveBackupManifestInMemory(conn, &buf);
+ if (PQExpBufferDataBroken(buf))
+ {
+ pg_log_error("out of memory");
+ exit(1);
+ }
+ tarCreateHeader(header, "backup_manifest", NULL, buf.len,
+ pg_file_create_mode, 04000, 02000,
+ time(NULL));
+ writeTarData(&state, header, sizeof(header));
+ writeTarData(&state, buf.data, buf.len);
+ termPQExpBuffer(&buf);
+ }
+
/* 2 * 512 bytes empty data at end of file */
writeTarData(&state, zerobuf, sizeof(zerobuf));
@@ -1417,6 +1457,64 @@ get_tablespace_mapping(const char *dir)
/*
+ * Receive the backup manifest file and write it out to a file.
+ */
+static void
+ReceiveBackupManifest(PGconn *conn)
+{
+ WriteManifestState state;
+
+ snprintf(state.filename, sizeof(state.filename),
+ "%s/backup_manifest", basedir);
+ state.file = fopen(state.filename, "wb");
+ if (state.file == NULL)
+ {
+ pg_log_error("could not create file \"%s\": %m", state.filename);
+ exit(1);
+ }
+
+ ReceiveCopyData(conn, ReceiveBackupManifestChunk, &state);
+
+ fclose(state.file);
+}
+
+/*
+ * Receive one chunk of the backup manifest file and write it out to a file.
+ */
+static void
+ReceiveBackupManifestChunk(size_t r, char *copybuf, void *callback_data)
+{
+ WriteManifestState *state = callback_data;
+
+ if (fwrite(copybuf, r, 1, state->file) != 1)
+ {
+ pg_log_error("could not write to file \"%s\": %m", state->filename);
+ exit(1);
+ }
+}
+
+/*
+ * Receive the backup manifest file and write it out to a file.
+ */
+static void
+ReceiveBackupManifestInMemory(PGconn *conn, PQExpBuffer buf)
+{
+ ReceiveCopyData(conn, ReceiveBackupManifestInMemoryChunk, buf);
+}
+
+/*
+ * Receive one chunk of the backup manifest file and write it out to a file.
+ */
+static void
+ReceiveBackupManifestInMemoryChunk(size_t r, char *copybuf,
+ void *callback_data)
+{
+ PQExpBuffer buf = callback_data;
+
+ appendPQExpBuffer(buf, copybuf, r);
+}
+
+/*
* Receive a tar format stream from the connection to the server, and unpack
* the contents of it into a directory. Only files, directories and
* symlinks are supported, no other kinds of special files.
@@ -1658,6 +1756,7 @@ BaseBackup(void)
maxServerMajor;
int serverVersion,
serverMajor;
+ int writing_to_stdout;
Assert(conn != NULL);
@@ -1725,7 +1824,7 @@ BaseBackup(void)
}
basebkp =
- psprintf("BASE_BACKUP LABEL '%s' %s %s %s %s %s %s %s",
+ psprintf("BASE_BACKUP LABEL '%s' %s %s %s %s %s %s %s MANIFEST_CHECKSUMS '%s'",
escaped_label,
showprogress ? "PROGRESS" : "",
includewal == FETCH_WAL ? "WAL" : "",
@@ -1733,7 +1832,8 @@ BaseBackup(void)
includewal == NO_WAL ? "" : "NOWAIT",
maxrate_clause ? maxrate_clause : "",
format == 't' ? "TABLESPACE_MAP" : "",
- verify_checksums ? "" : "NOVERIFY_CHECKSUMS");
+ verify_checksums ? "" : "NOVERIFY_CHECKSUMS",
+ manifest_checksums ? manifest_checksums : "NONE");
if (PQsendQuery(conn, basebkp) == 0)
{
@@ -1821,7 +1921,8 @@ BaseBackup(void)
/*
* When writing to stdout, require a single tablespace
*/
- if (format == 't' && strcmp(basedir, "-") == 0 && PQntuples(res) > 1)
+ writing_to_stdout = format == 't' && strcmp(basedir, "-") == 0;
+ if (writing_to_stdout && PQntuples(res) > 1)
{
pg_log_error("can only write single tablespace to stdout, database has %d",
PQntuples(res));
@@ -1850,6 +1951,19 @@ BaseBackup(void)
ReceiveAndUnpackTarFile(conn, res, i);
} /* Loop over all tablespaces */
+ /*
+ * Now receive backup manifest, if appropriate.
+ *
+ * If we're writing a tarfile to stdout, ReceiveTarFile will have already
+ * processed the backup manifest and included it in the output tarfile.
+ * Such a configuration doesn't allow for writing multiple files.
+ *
+ * If we're talking to an older server, it won't send a backup manifest,
+ * so don't try to receive one.
+ */
+ if (!writing_to_stdout && serverMajor >= 1300)
+ ReceiveBackupManifest(conn);
+
if (showprogress)
{
progress_report(PQntuples(res), NULL, true);
@@ -2052,6 +2166,7 @@ main(int argc, char **argv)
{"waldir", required_argument, NULL, 1},
{"no-slot", no_argument, NULL, 2},
{"no-verify-checksums", no_argument, NULL, 3},
+ {"manifest-checksums", required_argument, NULL, 'm'},
{NULL, 0, NULL, 0}
};
int c;
@@ -2079,7 +2194,7 @@ main(int argc, char **argv)
atexit(cleanup_directories_atexit);
- while ((c = getopt_long(argc, argv, "CD:F:r:RS:T:X:l:nNzZ:d:c:h:p:U:s:wWkvP",
+ while ((c = getopt_long(argc, argv, "CD:F:r:RS:T:X:l:nNzZ:d:c:h:p:U:s:wWkvPm:",
long_options, &option_index)) != -1)
{
switch (c)
@@ -2220,6 +2335,9 @@ main(int argc, char **argv)
case 3:
verify_checksums = false;
break;
+ case 'm':
+ manifest_checksums = pg_strdup(optarg);
+ break;
default:
/*
diff --git a/src/include/replication/basebackup.h b/src/include/replication/basebackup.h
index 503a5b9..8fe0136 100644
--- a/src/include/replication/basebackup.h
+++ b/src/include/replication/basebackup.h
@@ -12,6 +12,7 @@
#ifndef _BASEBACKUP_H
#define _BASEBACKUP_H
+#include "lib/stringinfo.h"
#include "nodes/replnodes.h"
/*
@@ -31,6 +32,7 @@ typedef struct
extern void SendBaseBackup(BaseBackupCmd *cmd);
-extern int64 sendTablespace(char *path, bool sizeonly);
+extern int64 sendTablespace(char *path, char *oid, bool sizeonly,
+ StringInfo manifest);
#endif /* _BASEBACKUP_H */
--
1.8.3.1
