webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Obsolete Binaerdateien entfernt.

Browse Source 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@459 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
This commit is contained in:
ms
2007-03-25 04:48:58 +00:00
parent d86ddb4871
commit 5b1396b0ea
8 changed files with 5 additions and 962 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
doc/language_issues.de
View File

@@ -212,6 +212,7 @@ WARNING: translation string unused: no set selected
WARNING: translation string unused: not enough disk space
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
WARNING: translation string unused: online help en
WARNING: translation string unused: openvpn client
WARNING: translation string unused: openvpn server
WARNING: translation string unused: optional data
@@ -326,8 +327,6 @@ WARNING: untranslated string: dial profile
WARNING: untranslated string: down
WARNING: untranslated string: firewall graphs
WARNING: untranslated string: invalid input for keepalive 1:2
WARNING: untranslated string: network pakfire
WARNING: untranslated string: network pakfire from
WARNING: untranslated string: otherip
WARNING: untranslated string: otherport
WARNING: untranslated string: pakfire configuration

3
doc/language_issues.en
View File

@@ -227,6 +227,7 @@ WARNING: translation string unused: not enough disk space
WARNING: translation string unused: notes
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
WARNING: translation string unused: online help en
WARNING: translation string unused: openvpn client
WARNING: translation string unused: openvpn server
WARNING: translation string unused: optional data
@@ -326,8 +327,6 @@ WARNING: untranslated string: IPFires hostname
WARNING: untranslated string: Number of IPs for the pie chart
WARNING: untranslated string: Number of Ports for the pie chart
WARNING: untranslated string: down
WARNING: untranslated string: network pakfire
WARNING: untranslated string: network pakfire from
WARNING: untranslated string: otherip
WARNING: untranslated string: otherport
WARNING: untranslated string: pakfire configuration

10
src/misc-progs/Makefile
View File

@@ -4,10 +4,9 @@ CFLAGS=-O2 -Wall
COMPILE=$(CC) $(CFLAGS)
PROGS = iowrap
SUID_PROGS = setdmzholes setportfw setfilters setxtaccess restartdhcp restartsnort \
restartsquid restartssh ipfirereboot \
ipfirebkcfg ipfirerscfg installpackage installfcdsl ipsecctrl \
setaliases ipfirebackup restartntpd \
SUID_PROGS = setdmzholes setportfw setfilters setxtaccess \
restartsquid restartssh ipfirereboot setaliases \
ipsecctrl restartntpd restartdhcp restartsnort \
restartapplejuice setdate rebuildhosts \
restartsyslogd logwatch openvpnctrl timecheckctrl \
restartwireless getipstat qosctrl launch-ether-wake \
@@ -102,6 +101,3 @@ timecheckctrl: timecheckctrl.c setuid.o ../install+setup/libsmooth/varval.o
getipstat: getipstat.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ getipstat.c setuid.o ../install+setup/libsmooth/varval.o -o $@
ipfirebackup: ipfirebackup.c setuid.o
$(COMPILE) -lcrypt ipfirebackup.c setuid.o -o $@

88
src/misc-progs/installfcdsl.c
View File

@@ -1,88 +0,0 @@
/*
* This file is part of the IPCop Firewall.
*
* IPCop is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* IPCop is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with IPCop; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* Copyright (C) 2004-10-14 Gilles Espinasse <g.esp.ipcop@free.fr>
*
* $Id: installfcdsl.c,v 1.1.2.4 2004/12/11 08:55:37 gespinasse Exp $
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <fcntl.h>
#include <grp.h>
#include "setuid.h"
#define FCDSL_TGZ_PATH "/var/patches/fcdsl-x.tgz"
char command[STRING_SIZE],tmpdir[] = "/tmp/fcdsl_XXXXXX";
void exithandler(void)
{
if(strcmp(tmpdir,"/tmp/fcdsl_XXXXXX"))
{
chdir("/tmp");
snprintf(command, STRING_SIZE - 1, "/bin/rm -rf %s", tmpdir);
if(safe_system(command))
perror("Couldn't remove temp dir");
}
/* remove loaded package */
snprintf (command, STRING_SIZE-1, FCDSL_TGZ_PATH);
unlink (command);
}
int main(void)
{
if (!(initsetuid()))
exit(1);
atexit(exithandler);
if (close(0)) { fprintf(stderr, "Couldn't close 0\n"); exit(1); }
if (open("/dev/zero", O_RDONLY) != 0) {fprintf(stderr, "Couldn't reopen stdin from /dev/zero\n"); exit(1); }
if (close(2)) { fprintf(stderr, "Couldn't close 2\n"); exit(1); }
if (! dup(1)) { fprintf(stderr, "Couldnt redirect stderr to stdout\n"); exit(1); }
/* create temporary directory for testing untar */
if (mkdtemp (tmpdir)==NULL) {
exit(1);
}
/* Test untarring files from compressed archive */
snprintf (command, STRING_SIZE-1, "/bin/tar -C %s -xzf %s lib/modules/*/misc/fcdsl*.o.gz "
"usr/lib/isdn/{fds?base.bin,fd?ubase.frm} etc/fcdsl/fcdsl*.conf etc/drdsl/drdsl* "
"var/run/need-depmod-* > /dev/null 2> /dev/null", tmpdir, FCDSL_TGZ_PATH);
if (safe_system (command)) {
fprintf (stderr, "Invalid archive\n");
exit(1);
}
/* Start (real) untarring files from compressed archive */
snprintf (command, STRING_SIZE-1, "/bin/tar -C / -xzvf %s lib/modules/*/misc/fcdsl*.o.gz "
"usr/lib/isdn/{fds?base.bin,fd?ubase.frm} etc/fcdsl/fcdsl*.conf etc/drdsl/drdsl* "
"var/run/need-depmod-* ", FCDSL_TGZ_PATH);
if (safe_system (command)) {
fprintf (stderr, "Error installing modules\n");
exit(1);
}
exit(0);
}

218
src/misc-progs/installpackage.c
View File

@@ -1,218 +0,0 @@
/* This file is part of the IPCop Firewall.
*
* This program is distributed under the terms of the GNU General Public
* Licence. See the file COPYING for details.
*
* Copyright (C) 2004-05-31 Robert Kerr <rkerr@go.to>
*
* Loosely based on the smoothwall helper program by the same name,
* portions are (c) Lawrence Manning, 2001
*
* $Id: installpackage.c,v 1.3.2.6 2005/08/22 20:51:38 eoberlander Exp $
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <sys/file.h>
#include <fcntl.h>
#include <syslog.h>
#include <time.h>
#include "setuid.h"
#define ERR_ANY 1
#define ERR_TMPDIR 2
#define ERR_SIG 3
#define ERR_TAR 4
#define ERR_INFO 5
#define ERR_PACKLIST 6
#define ERR_INSTALLED 7
#define ERR_POPEN 8
#define ERR_SETUP 9
#define ERR_MISSING_PREVIOUS 10
#define ERR_DISK 11
/* The lines in the package information file and the patches/installed list
* are often longer than STRING_SIZE so we use a larger buffer */
#define BUFFER_SIZE 4096
char *info = NULL;
FILE *infofile = NULL;
char command[STRING_SIZE], tmpdir[] = "/var/log/pat_install_XXXXXX";
void exithandler(void)
{
if(info) free(info);
if(infofile)
{
flock(fileno(infofile), LOCK_UN);
fclose(infofile);
}
/* Cleanup tmpdir */
chdir("/var/patches"); /* get out of it before erasing */
snprintf(command, STRING_SIZE - 1, "/bin/rm -rf %s", tmpdir);
if(safe_system(command))
perror("Couldn't remove temp dir");
}
int main(int argc, char *argv[])
{
char buffer[BUFFER_SIZE];
int ret;
FILE *p;
if (!(initsetuid()))
exit(1);
/* Sanitize arguments */
if (argc < 2)
{
fprintf(stderr, "Missing arg\n");
exit(1);
}
if (strspn(argv[1], NUMBERS) != strlen(argv[1]))
{
fprintf(stderr, "Bad arg\n");
exit(1);
}
if(!mkdtemp(tmpdir))
{
perror("Unable to create secure temp dir");
exit(ERR_TMPDIR);
}
/* now exithandler will have something to erase */
atexit(exithandler);
/* verify and extract package */
memset(command, 0, STRING_SIZE);
snprintf(command, STRING_SIZE-1, "/usr/bin/gpg --batch --homedir /root/.gnupg -o %s/patch.tar.gz --decrypt /var/patches/patch-%s.tar.gz.gpg", tmpdir, argv[1]);
ret = safe_system(command) >> 8;
if(ret==1) /* 1=> gpg-key error */
{
fprintf(stderr, "Invalid package: signature check failed\n");
exit(ERR_SIG);
}
if(ret==2) /* 2=> gpg pub key not found */
{
fprintf(stderr, "Public signature not found (who signed package?) !\n");
exit(ERR_SIG);
}
if(ret) /* retry extraction on other partition */
{
rmdir(tmpdir);
strcpy (tmpdir,"/var/patches/install_XXXXXX");
if(!mkdtemp(tmpdir))
{
perror("Unable to create secure temp dir");
_exit(ERR_TMPDIR); /* no need exit handler */
}
memset(command, 0, STRING_SIZE);
snprintf(command, STRING_SIZE-1, "/usr/bin/gpg --batch --homedir /root/.gnupg -o %s/patch.tar.gz --decrypt /var/patches/patch-%s.tar.gz.gpg", tmpdir, argv[1]);
ret = safe_system(command);
if(ret)
{
fprintf(stderr, "Not enough disk space or gpg error %d !\n",ret);
exit(ERR_DISK);
}
}
/* no more needed gpg-package & make room */
snprintf(command, STRING_SIZE-1, "/var/patches/patch-%s.tar.gz.gpg", argv[1]);
unlink ( command );
/* unzip the package */
chdir (tmpdir);
if(safe_system("/bin/tar xzf patch.tar.gz"))
{
fprintf(stderr, "Invalid package: untar failed\n");
exit(ERR_TAR);
}
/* And read 'information' to check validity */
snprintf(buffer, STRING_SIZE-1, "%s/information", tmpdir);
if(!(infofile = fopen(buffer,"r")))
{
if(errno == ENOENT)
fprintf(stderr, "Invalid package: contains no information file\n");
else
perror("Unable to open package information file");
exit(ERR_INFO);
}
if(!fgets(buffer, BUFFER_SIZE, infofile))
{
perror("Couldn't read package information");
exit(ERR_INFO);
}
fclose(infofile);
if(buffer[strlen(buffer)-1] == '\n')
buffer[strlen(buffer)-1] = '\0';
if(!strchr(buffer,'|'))
{
fprintf(stderr, "Invalid package: malformed information string.\n");
exit(ERR_INFO);
}
info = strdup(buffer);
/* check if package is already installed */
if(!(infofile = fopen(CONFIG_ROOT "/patches/installed","r+")))
{
perror("Unable to open installed package list");
exit(ERR_PACKLIST);
}
/* get exclusive lock to prevent a mess if 2 copies run at once, and set
* close-on-exec flag so the FD doesn't leak to the setup script */
flock(fileno(infofile), LOCK_EX);
fcntl(fileno(infofile), F_SETFD, FD_CLOEXEC);
while(fgets(buffer, BUFFER_SIZE, infofile))
{
if(!strncmp(buffer, info, strlen(info)))
{
fprintf(stderr,"This package is already installed\n");
exit(ERR_INSTALLED);
}
}
/* install package */
openlog("installpackage", LOG_PID, LOG_USER);
snprintf(command, STRING_SIZE - 1, "%s/setup", tmpdir);
/* FIXME: popen suffers from the same environment problems as system() */
if (!(p = popen(command, "r")))
{
fprintf(stderr,"popen() failed\n");
closelog();
exit(ERR_POPEN);
}
setvbuf(p, NULL, _IOLBF, 255);
while (fgets(buffer, STRING_SIZE, p))
{
syslog(LOG_INFO, "%s", buffer);
}
ret = pclose(p);
closelog();
if(ret)
{
fprintf(stderr, "setup script returned exit code %d\n", ret>>8);
exit(ERR_SETUP);
}
/* write to package db */
if(strncmp(info, "000|", 4))
{
time_t curtime = time(NULL);
strftime(buffer, STRING_SIZE, "%Y-%m-%d", gmtime(&curtime));
fprintf(infofile, "%s|%s\n", info, buffer);
flock(fileno(infofile), LOCK_UN);
fclose(infofile);
} else { /* Full system upgrade to new version */
flock(fileno(infofile), LOCK_UN);
fclose(infofile);
unlink(CONFIG_ROOT "/patches/available");
unlink(CONFIG_ROOT "/patches/installed");
}
free(info);
exit(0);
}

290
src/misc-progs/ipfirebackup.c
View File

@@ -1,290 +0,0 @@
/*
* This file is part of the IPCop Firewall.
*
* IPCop is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* IPCop is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with IPCop; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* Copyright (C) 2002-06-02 Mark Wormgoor <mark@wormgoor.com>
*
* $Id: ipcopbackup.c,v 1.8.2.6 2006/01/20 13:30:42 franck78 Exp $
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <pwd.h>
#include <shadow.h>
#include <crypt.h>
#include <glob.h>
#include "setuid.h"
// want a bigger buffer to concatenate a possibly long string
#define COMMAND_SIZE 4000
//Append lines contained in 'inputfile' to 'string'
int catlist(char* inputfile,
char* string ) {
struct stat s; // input file stats
char buffer[STRING_SIZE]; // read buffer
if (stat(inputfile,&s) != 0) return 1;
if (s.st_size+strlen(string)>COMMAND_SIZE) return 1; // too big!
int f = open(inputfile, O_RDONLY);
if (!f) return 1; // cannot open file
int count;
while ((count = read(f, buffer, STRING_SIZE - 1))) {
int j;
for (j=0; j<count; j++) { //replace newlines with spaces
if (buffer[j] == '\n') buffer[j] = ' ';
}
buffer[j] = '\0';
strcat (string,buffer); // append to string
}
close (f);
return 0; //success
}
// make a raw backup to floppy_dev (no partitioning)
int savecfg_floppy(char* floppy_dev) {
char command[COMMAND_SIZE]; // because copy each filename here
// want special output...
if (close(0)) { fprintf(stderr, "Couldn't close 0\n"); exit(1); }
if (open("/dev/zero", O_RDONLY) != 0) {fprintf(stderr, "Couldn't reopen stdin from /dev/zero\n"); exit(1); }
if (close(2)) { fprintf(stderr, "Couldn't close 2\n"); exit(1); }
if (! dup(1)) { fprintf(stderr, "Couldnt redirect stderr to stdout\n"); exit(1); }
/* Make sure floppy device name is up to date */
safe_system ("/usr/sbin/updfstab");
/* Darren Critchley - check for floppy disk in disk drive before continuing */
snprintf (command, STRING_SIZE-1, "dd if=%s of=/dev/null bs=1k count=1 2> /dev/null", floppy_dev);
if (safe_system(command)) {
perror( "Error: No floppy in drive or bad floppy in drive" );
exit(1);
}
/* Clearing disk */
snprintf (command, STRING_SIZE-1, "/bin/dd if=/dev/zero of=%s bs=1k 2> /dev/null", floppy_dev);
safe_system (command);
/* Start tarring files to floppy */
snprintf (command, COMMAND_SIZE-1, "/bin/tar -X " CONFIG_ROOT"/backup/exclude.system "
"-X " CONFIG_ROOT"/backup/exclude.user "
"-C / -cvzf %s "
"-T " CONFIG_ROOT"/backup/include.user ",
floppy_dev);
/* add include.system file content to 'command' */
if (catlist(CONFIG_ROOT "/backup/include.system", command)) {
fprintf(stderr, "Couldn't open backup system include file\n");
exit (1);
}
safe_system (command);
/* Now check it */
snprintf (command, STRING_SIZE-1,"/bin/echo '<b>Checking</b>'; /bin/tar -tzf %s" , floppy_dev);
safe_system (command);
exit(0);
}
// Just verify that root password is ok
int checkrootpass (char* passwd) {
struct passwd *pw;
struct spwd *spwd;
if ((pw = getpwnam("root")) == NULL) {
return (0); // root unknown....!
}
// get shadowed password
spwd = getspnam("root");
//and use it in right place
if (spwd)
pw->pw_passwd = spwd->sp_pwdp;
return (strcmp ( crypt(passwd, pw->pw_passwd), //encrypt cleartext
pw->pw_passwd) == 0 //compare to encrypted version
) ? 1 : 0; // true or false
}
int main (int argc, char *argv[]) {
char command[STRING_SIZE];
if (argc < 3) { // at least two args always needed, avoid some testing.
fprintf (stderr, "Err %s: used from cgi only !\n", argv[0]);
exit (1);
}
if (!initsetuid()){
fprintf (stderr, "Err %s: cannot setuid !\n", argv[0]);
exit (1);
}
// save on normal floppy for use during reinstall ONLY
if ( (strcmp(argv[1],"-savecfg" ) == 0) &&
(strcmp(argv[2],"floppy") == 0) )
savecfg_floppy("/dev/floppy"); // to do: mount usb floppy....
if ( (strcmp(argv[1],"-proc" ) == 0) &&
(strcmp(argv[2],"partitions") == 0) ) { // issue cat /proc/partitions
int fi;
if ( (fi = open("/proc/partitions", O_RDONLY))==-1) exit (1); // cannot open file
char string[STRING_SIZE];
int count;
while ((count = read(fi, string, STRING_SIZE))) {
write (1, string, count);
}
close (fi);
exit (0);
}
// output result of 'glob' function
if ( (strcmp(argv[1],"-glob" ) == 0)) {
glob_t g;
if (glob (argv[2],0,NULL,&g) == 0) {
char** pstr = g.gl_pathv; // base array
while (*pstr) { // while not NULL
printf ("%s\n", *pstr); // pstr is a pointer to array of char*
pstr++; // next pointer
}
globfree (&g);
}
exit (0);
}
// tell if the backup.key is present
if ( (strcmp(argv[1],"-key" ) == 0) &&
(strcmp(argv[2],"exist") == 0) ) { // check key existence
if ( !(file_exists(BACKUP_KEY)) ) {
fprintf (stderr, "Err %s: backup key "BACKUP_KEY" does not exist !\n", argv[0]);
exit (ERR_KEY);
}
exit (0);
}
// cat the backup.key, for saving it
if ( strcmp(argv[1],"-keycat" ) == 0) {
if (! checkrootpass (argv[2])) exit (1); // but only if root pw provided
int fi;
if ( (fi = open(BACKUP_KEY, O_RDONLY))==-1) exit (1); // cannot open file
char string[STRING_SIZE];
int count;
while ((count = read(fi, string, STRING_SIZE))) {
write (1, string, count);
}
close (fi);
exit (0);
}
// generate a new backup.key ONLY if inexistant
if ( (strcmp(argv[1],"-key" ) == 0) &&
(strcmp(argv[2],"new") == 0) ) {
if ( (file_exists(BACKUP_KEY)) ) {
fprintf (stderr, "Err %s: backup key "BACKUP_KEY" already exists !\n", argv[0]);
exit (ERR_KEY);
}
//ok we can generate it
if (safe_system ("/usr/sbin/ipsec ranbits 256 > " BACKUP_KEY)) {
fprintf (stderr, "Err %s: couldn't create key !\n", argv[0]);
exit (ERR_KEY);
}
chmod(BACKUP_KEY, S_IRUSR); // protect it
exit (0);
}
// import a backup.key only if non existent
if ( (strcmp(argv[1],"-key" ) == 0) &&
(strcmp(argv[2],"import") == 0) ) {
if ( (file_exists(BACKUP_KEY)) ) {
unlink (MOUNTPOINT"/key"); // clean anyway
fprintf (stderr, "Err %s: backup key "BACKUP_KEY" already exists !\n", argv[0]);
exit (ERR_KEY);
}
int fi, fo;
if ( (fi = open(MOUNTPOINT"/key", O_RDONLY))==-1) {
fprintf (stderr, "Err %s: no backup key "MOUNTPOINT"/key to import !\n", argv[0]);
exit (ERR_KEY); // cannot open file
}
if ( (fo = open(BACKUP_KEY, O_WRONLY | O_CREAT ))==-1) {
close (fi);
unlink (MOUNTPOINT"/key"); // clean anyway
fprintf (stderr, "Err %s: backup key "BACKUP_KEY" creation error !\n", argv[0]);
exit (ERR_KEY);
}
char buffer[STRING_SIZE];
int count;
while ((count = read(fi, buffer, STRING_SIZE))) {
write (fo, buffer, count);
}
close (fo);
close (fi);
unlink (MOUNTPOINT"/key");
exit (0);
}
// disk functions like mount umount,...
if ((strspn(argv[2], LETTERS_NUMBERS ) == strlen(argv[2])) &&
(strlen(argv[2]) >2) && (strlen(argv[2]) <6)) {
if (strcmp(argv[1],"-M") == 0) { // M sda1 => mount /dev/sda1 /mountpoint
//safe_system("/bin/sync");
snprintf(command, STRING_SIZE - 1,"/bin/mount -t vfat -o,uid=99,gid=99 /dev/%s "MOUNTPOINT, argv[2]);
safe_system(command);
//safe_system("/bin/sync");
}else
if (strcmp(argv[1],"-U") == 0) { // U sda1 => umount /dev/sda1
//safe_system("/bin/sync");
snprintf(command, STRING_SIZE - 1,"/bin/umount /dev/%s", argv[2]);
safe_system(command);
safe_system("/bin/sync");
}else
if (strcmp(argv[1],"-f") == 0) { // f sda1 => mke2fs /dev/sda1
snprintf(command, STRING_SIZE - 1,"/sbin/mke2fs -q /dev/%s", argv[2]);
//safe_system(command);
//safe_system("/bin/sync");
}else
if (strcmp(argv[1],"-F") == 0) { // F sda => fdisk /dev/sda
//safe_system("/bin/sync");
snprintf(command, STRING_SIZE - 1,"/bin/dd if=/dev/zero of=/dev/%s count=2 bs=512", argv[2]);
//safe_system(command);
snprintf(command, STRING_SIZE - 1,"/bin/echo \"n\np\n1\n1\n\nw\nq\n\"|/sbin/fdisk /dev/%s", argv[2]);
//safe_system(command);
snprintf(command, STRING_SIZE - 1,"/sbin/mke2fs -q /dev/%s1", argv[2]); // beware of %s1
//safe_system(command);
//safe_system("/bin/sync");
}else {
fprintf (stderr, "Err %s: bad command !\n", argv[0]);
exit (1);
}
exit (0);
}else {
fprintf (stderr, "Err %s: bad arg !\n", argv[0]);
exit (1);
}
return 0;
}

239
src/misc-progs/ipfirebkcfg.c
View File

@@ -1,239 +0,0 @@
/*
* This file is part of the IPCop Firewall.
*
* IPCop is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* IPCop is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with IPCop; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* Copyright (C) 2003-06-25 Tim Butterfield <timbutterfield@mindspring.com>
*
* $Id: ipcopbkcfg.c,v 1.2.2.6 2005/11/20 23:20:13 franck78 Exp $
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <grp.h>
#include <dirent.h>
#include "setuid.h"
#define EXCLUDE_HARDWARE "exclude.hardware" // exclude file not used on backup but only optionally on restore
#define TMP_TAR "/tmp/backup.tar"
char tempincfilename[STRING_SIZE] = ""; /* temp include file name */
char tempexcfilename[STRING_SIZE] = ""; /* temp exclude file name */
char temptarfilename[STRING_SIZE] = "";
/* add fname contents to outfile */
void add_file(int outfile, const char *fname, int verbose)
{
FILE *freadfile;
char fbuff[STRING_SIZE];
if (!(freadfile = fopen(fname, "r"))) {
/* skip this file */
return;
}
while (fgets(fbuff, STRING_SIZE-1, freadfile) != NULL) {
int offset=0;
char *ch;
char chk_space=1;
/* trim string in place - don't remove spaces in middle */
ch = fbuff;
while (*ch) {
if (*ch == '\r' || *ch == '\n') {
*ch = '\0';
}
if (offset) {
*(ch-offset) = *ch;
}
if (*ch == '\t' || *ch == ' ') {
if (chk_space) {
offset++;
}
} else {
chk_space=0;
}
ch++;
}
/* remove trailing spaces */
ch = fbuff + strlen(fbuff) - 1;
while (*ch) {
if (*ch == '\t' || *ch == ' ') {
*ch = '\0';
--ch;
} else {
break;
}
}
/* validate name and add it */
chdir ("/"); /* support both absolute and relative path */
if (*fbuff) {
if (file_exists_w(fbuff)) {
strcat(fbuff, "\n");
write(outfile, fbuff, strlen(fbuff));
if (verbose)
fprintf(stdout, " %s", fbuff);
}
}
}
fclose(freadfile);
}
/* combine files starting with fnamebase into outfile */
int cmb_files(int outfile, const char *fnamebase, int verbose)
{
/* scan the directory and add matching files */
struct dirent **namelist;
int namecount;
char addfilename[STRING_SIZE];
/* scan the directory and get a count of the files */
if ((namecount=scandir(CONFIG_ROOT"/backup", &namelist, 0, alphasort))<0) {
fprintf(stderr, "No files found\n");
exit(1);
}
/* process the scanned names */
while (namecount--) {
/* check names - compare beginning of name, ignoring case, ignore EXCLUDE_HARDWARE */
if ((strncasecmp(fnamebase, namelist[namecount]->d_name, strlen(fnamebase))==0) &&
(strncmp(EXCLUDE_HARDWARE,namelist[namecount]->d_name, strlen(EXCLUDE_HARDWARE)))) {
/* add the contents for this name to output file */
sprintf(addfilename, CONFIG_ROOT"/backup/%s", namelist[namecount]->d_name);
if (verbose)
fprintf(stdout, "%s\n", namelist[namecount]->d_name);
add_file(outfile, addfilename, verbose);
free(namelist[namecount]);
if (verbose)
fprintf(stdout, "\n");
}
}
free(namelist);
return 0;
}
void exithandler(void)
{
/* clean up temporary files */
if (temptarfilename)
unlink (temptarfilename);
if (tempincfilename)
unlink (tempincfilename);
if (tempexcfilename)
unlink (tempexcfilename);
}
int main(int argc, char**argv)
{
int verbose=0;
char command[STRING_SIZE];
char hostname[STRING_SIZE];
int includefile, excludefile;
if (!(initsetuid()))
exit(1);
if (argc==2 && strcmp(argv[1],"--verbose")==0)
verbose=1; // display to stdout wich (ex|in)clude files are used
gethostname(hostname, STRING_SIZE-1);
if (!file_exists(BACKUP_KEY)) {
fprintf (stderr, "Couldn't locate encryption key\n");
exit (ERR_KEY);
}
/* now exithandler will have something to erase */
atexit(exithandler);
/* combine every include and exclude files in backup directory into two temp file
* at the exception of exclude.hardware only used optionally on restore */
/* create/open temp output file */
// Todo: use -X exclude.files and for include.files, build the list on command line
// to avoid unneccesary files manipulations
strcpy (tempincfilename, "/tmp/backup-inclusion.XXXXXX");
strcpy (tempexcfilename, "/tmp/backup-exclusion.XXXXXX");
if ( (!(includefile = mkstemp (tempincfilename)) > 0) ||
(!(excludefile = mkstemp (tempexcfilename)) > 0) ){
fprintf(stderr, "Couldn't create temporary file.\n");
exit(1);
}
cmb_files(includefile, "include.", verbose);
close(includefile);
cmb_files(excludefile, "exclude.", verbose);
close(excludefile);
/* Create temporary tarfile */
strcpy (temptarfilename, TMP_TAR);
/* Start tarring files to temp archive
W (verify) and z (compress) tar options can't be used together, so separate tar from gzip */
snprintf (command, STRING_SIZE-1, "/bin/tar -T %s -X %s -C / -cWf %s > /dev/null 2> /dev/null",
tempincfilename, tempexcfilename, temptarfilename);
if (safe_system (command)) {
fprintf (stderr, "Couldn't create %s file\n", temptarfilename);
exit (ERR_TAR);
}
unlink (tempincfilename);
strcpy (tempincfilename,"");
unlink (tempexcfilename);
strcpy (tempincfilename,"");
/* Compress archive */
snprintf (command, STRING_SIZE-1, "/bin/gzip -c < %s > "MOUNTPOINT"/%s.tar.gz", temptarfilename, hostname);
if (safe_system (command)) {
fprintf (stderr, "Couldn't create "MOUNTPOINT"%s.tar.gz file\n", hostname);
exit (ERR_GZ);
}
unlink (temptarfilename);
strcpy (temptarfilename,"");
/* Display to stdout include files names */
snprintf (command, STRING_SIZE-1, "/bin/tar -ztf "MOUNTPOINT"/%s.tar.gz", hostname);
if (safe_system (command)) {
fprintf (stderr, "Couldn't read %s.tar.gz file\n", hostname);
exit (ERR_TAR);
}
/* Encrypt archive */
snprintf (command, STRING_SIZE-1,
"/usr/bin/openssl des3 -e -salt -in "MOUNTPOINT"/%s.tar.gz "
"-out "MOUNTPOINT"/%s.dat -kfile " BACKUP_KEY, hostname, hostname);
if (safe_system (command)) {
fprintf (stderr, "Couldn't encrypt archive\n");
exit (ERR_ENCRYPT);
}
snprintf (command, STRING_SIZE-1, MOUNTPOINT"/%s.tar.gz", hostname);
unlink (command);
/* Make sure web can overwrite */
snprintf (command, STRING_SIZE-1, MOUNTPOINT"/%s.dat", hostname);
chown (command, 99, 99);
exit(0);
}

116
src/misc-progs/ipfirerscfg.c
View File

@@ -1,116 +0,0 @@
/*
* This file is part of the IPCop Firewall.
*
* IPCop is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* IPCop is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with IPCop; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* Copyright (C) 2003-06-25 Tim Butterfield <timbutterfield@mindspring.com>
*
* $Id: ipcoprscfg.c,v 1.2.2.6 2005/11/21 00:11:39 franck78 Exp $
*
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <grp.h>
#include <dirent.h>
#include "setuid.h"
#define TMP_FILEZ "/tmp/TMPFILE.tar.gz"
#define TMP_FILE "/tmp/TMPFILE.tar"
/* check existence of a data file */
int data_exists(const char *hostname) {
char fname[STRING_SIZE];
snprintf (fname, STRING_SIZE-1, MOUNTPOINT"/%s.dat", hostname);
return file_exists(fname);
}
int main(int argc, char**argv) {
int rshardware=0;
char command[STRING_SIZE];
char hostname[STRING_SIZE];
if (argc==2 && strcmp(argv[1],"--hardware")==0)
rshardware=1; // restore hardware settings
gethostname(hostname, STRING_SIZE-1);
/* Init setuid */
if (!initsetuid())
exit(1);
/* if a key file exists, an encrypted .dat is required */
if (!file_exists(BACKUP_KEY)) {
fprintf (stderr, "Missing encryption key\n");
exit (ERR_DECRYPT);
}
if (!data_exists(hostname)) {
fprintf (stderr, "Missing encrypted archive "MOUNTPOINT"/%s.dat archive\n", hostname);
exit (ERR_DAT);
}
/* decrypt .dat file to tmp file */
snprintf (command, STRING_SIZE-1, "/usr/bin/openssl des3 -d -salt -in "MOUNTPOINT"/%s.dat -out "TMP_FILEZ" -kfile "BACKUP_KEY" > /dev/null 2> /dev/null", hostname);
if (safe_system (command)) {
fprintf (stderr, "Couldn't decrypt "MOUNTPOINT"/%s.dat archive\n", hostname);
exit (ERR_DECRYPT);
}
/* create temporary directory for testing untar */
char tmp_dir[STRING_SIZE];
strcpy (tmp_dir,"cfg_XXXXXXX");
if (mkdtemp (tmp_dir)==NULL) {
unlink (TMP_FILEZ);
exit (ERR_ANY);
}
/* Start (test) untarring files from compressed archive */
snprintf (command, STRING_SIZE-1, "/bin/tar -C %s -xzvf "TMP_FILEZ" > /dev/null 2> /dev/null",tmp_dir);
if (safe_system (command)) {
fprintf (stderr, "Archive have errors!\n");
unlink (TMP_FILEZ);
exit (ERR_UNTARTST);
}
/* remove temporary directory */
snprintf (command, STRING_SIZE-1, "/bin/rm -rf %s > /dev/null 2> /dev/null",tmp_dir);
safe_system (command);
/* Start (real) untarring files from compressed archive */
char extraX[STRING_SIZE] = "";
int retcode = 0;
if (rshardware==0) { /* extra eXclusion from restore */
strcpy (extraX, "-X "CONFIG_ROOT"/backup/exclude.hardware ");
}
snprintf (command, STRING_SIZE-1, "/bin/tar -C / -xzvf "TMP_FILEZ" -X "CONFIG_ROOT"/backup/exclude.system %s > /dev/null 2> /dev/null", extraX);
if (safe_system (command)) {
fprintf (stderr, "Error restoring archive\n");
retcode = ERR_UNTAR;
}
/* remove temporary archive copy */
unlink (TMP_FILEZ);
exit(retcode);
}