diff --git a/doc/language_issues.de b/doc/language_issues.de index 62cef526b..ee0513376 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -212,6 +212,7 @@ WARNING: translation string unused: no set selected WARNING: translation string unused: not enough disk space WARNING: translation string unused: o-no WARNING: translation string unused: o-yes +WARNING: translation string unused: online help en WARNING: translation string unused: openvpn client WARNING: translation string unused: openvpn server WARNING: translation string unused: optional data @@ -326,8 +327,6 @@ WARNING: untranslated string: dial profile WARNING: untranslated string: down WARNING: untranslated string: firewall graphs WARNING: untranslated string: invalid input for keepalive 1:2 -WARNING: untranslated string: network pakfire -WARNING: untranslated string: network pakfire from WARNING: untranslated string: otherip WARNING: untranslated string: otherport WARNING: untranslated string: pakfire configuration diff --git a/doc/language_issues.en b/doc/language_issues.en index e78360883..cc0bf1a39 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -227,6 +227,7 @@ WARNING: translation string unused: not enough disk space WARNING: translation string unused: notes WARNING: translation string unused: o-no WARNING: translation string unused: o-yes +WARNING: translation string unused: online help en WARNING: translation string unused: openvpn client WARNING: translation string unused: openvpn server WARNING: translation string unused: optional data @@ -326,8 +327,6 @@ WARNING: untranslated string: IPFires hostname WARNING: untranslated string: Number of IPs for the pie chart WARNING: untranslated string: Number of Ports for the pie chart WARNING: untranslated string: down -WARNING: untranslated string: network pakfire -WARNING: untranslated string: network pakfire from WARNING: untranslated string: otherip WARNING: untranslated string: otherport WARNING: untranslated string: pakfire configuration diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile index bd2c082de..9992c2c14 100644 --- a/src/misc-progs/Makefile +++ b/src/misc-progs/Makefile @@ -4,10 +4,9 @@ CFLAGS=-O2 -Wall COMPILE=$(CC) $(CFLAGS) PROGS = iowrap -SUID_PROGS = setdmzholes setportfw setfilters setxtaccess restartdhcp restartsnort \ - restartsquid restartssh ipfirereboot \ - ipfirebkcfg ipfirerscfg installpackage installfcdsl ipsecctrl \ - setaliases ipfirebackup restartntpd \ +SUID_PROGS = setdmzholes setportfw setfilters setxtaccess \ + restartsquid restartssh ipfirereboot setaliases \ + ipsecctrl restartntpd restartdhcp restartsnort \ restartapplejuice setdate rebuildhosts \ restartsyslogd logwatch openvpnctrl timecheckctrl \ restartwireless getipstat qosctrl launch-ether-wake \ @@ -102,6 +101,3 @@ timecheckctrl: timecheckctrl.c setuid.o ../install+setup/libsmooth/varval.o getipstat: getipstat.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ getipstat.c setuid.o ../install+setup/libsmooth/varval.o -o $@ - -ipfirebackup: ipfirebackup.c setuid.o - $(COMPILE) -lcrypt ipfirebackup.c setuid.o -o $@ diff --git a/src/misc-progs/installfcdsl.c b/src/misc-progs/installfcdsl.c deleted file mode 100644 index e3e8a6ac5..000000000 --- a/src/misc-progs/installfcdsl.c +++ /dev/null @@ -1,88 +0,0 @@ -/* - * This file is part of the IPCop Firewall. - * - * IPCop is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * IPCop is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with IPCop; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * Copyright (C) 2004-10-14 Gilles Espinasse - * - * $Id: installfcdsl.c,v 1.1.2.4 2004/12/11 08:55:37 gespinasse Exp $ - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include "setuid.h" - -#define FCDSL_TGZ_PATH "/var/patches/fcdsl-x.tgz" - -char command[STRING_SIZE],tmpdir[] = "/tmp/fcdsl_XXXXXX"; - -void exithandler(void) -{ - if(strcmp(tmpdir,"/tmp/fcdsl_XXXXXX")) - { - chdir("/tmp"); - snprintf(command, STRING_SIZE - 1, "/bin/rm -rf %s", tmpdir); - if(safe_system(command)) - perror("Couldn't remove temp dir"); - } - /* remove loaded package */ - snprintf (command, STRING_SIZE-1, FCDSL_TGZ_PATH); - unlink (command); -} - -int main(void) -{ - if (!(initsetuid())) - exit(1); - - atexit(exithandler); - - - if (close(0)) { fprintf(stderr, "Couldn't close 0\n"); exit(1); } - if (open("/dev/zero", O_RDONLY) != 0) {fprintf(stderr, "Couldn't reopen stdin from /dev/zero\n"); exit(1); } - if (close(2)) { fprintf(stderr, "Couldn't close 2\n"); exit(1); } - if (! dup(1)) { fprintf(stderr, "Couldnt redirect stderr to stdout\n"); exit(1); } - - /* create temporary directory for testing untar */ - if (mkdtemp (tmpdir)==NULL) { - exit(1); - } - - /* Test untarring files from compressed archive */ - snprintf (command, STRING_SIZE-1, "/bin/tar -C %s -xzf %s lib/modules/*/misc/fcdsl*.o.gz " - "usr/lib/isdn/{fds?base.bin,fd?ubase.frm} etc/fcdsl/fcdsl*.conf etc/drdsl/drdsl* " - "var/run/need-depmod-* > /dev/null 2> /dev/null", tmpdir, FCDSL_TGZ_PATH); - if (safe_system (command)) { - fprintf (stderr, "Invalid archive\n"); - exit(1); - } - - /* Start (real) untarring files from compressed archive */ - snprintf (command, STRING_SIZE-1, "/bin/tar -C / -xzvf %s lib/modules/*/misc/fcdsl*.o.gz " - "usr/lib/isdn/{fds?base.bin,fd?ubase.frm} etc/fcdsl/fcdsl*.conf etc/drdsl/drdsl* " - "var/run/need-depmod-* ", FCDSL_TGZ_PATH); - if (safe_system (command)) { - fprintf (stderr, "Error installing modules\n"); - exit(1); - } - - exit(0); -} diff --git a/src/misc-progs/installpackage.c b/src/misc-progs/installpackage.c deleted file mode 100644 index dab9864d9..000000000 --- a/src/misc-progs/installpackage.c +++ /dev/null @@ -1,218 +0,0 @@ -/* This file is part of the IPCop Firewall. - * - * This program is distributed under the terms of the GNU General Public - * Licence. See the file COPYING for details. - * - * Copyright (C) 2004-05-31 Robert Kerr - * - * Loosely based on the smoothwall helper program by the same name, - * portions are (c) Lawrence Manning, 2001 - * - * $Id: installpackage.c,v 1.3.2.6 2005/08/22 20:51:38 eoberlander Exp $ - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "setuid.h" - -#define ERR_ANY 1 -#define ERR_TMPDIR 2 -#define ERR_SIG 3 -#define ERR_TAR 4 -#define ERR_INFO 5 -#define ERR_PACKLIST 6 -#define ERR_INSTALLED 7 -#define ERR_POPEN 8 -#define ERR_SETUP 9 -#define ERR_MISSING_PREVIOUS 10 -#define ERR_DISK 11 - -/* The lines in the package information file and the patches/installed list - * are often longer than STRING_SIZE so we use a larger buffer */ -#define BUFFER_SIZE 4096 - -char *info = NULL; -FILE *infofile = NULL; -char command[STRING_SIZE], tmpdir[] = "/var/log/pat_install_XXXXXX"; -void exithandler(void) -{ - if(info) free(info); - if(infofile) - { - flock(fileno(infofile), LOCK_UN); - fclose(infofile); - } - /* Cleanup tmpdir */ - chdir("/var/patches"); /* get out of it before erasing */ - snprintf(command, STRING_SIZE - 1, "/bin/rm -rf %s", tmpdir); - if(safe_system(command)) - perror("Couldn't remove temp dir"); -} - -int main(int argc, char *argv[]) -{ - char buffer[BUFFER_SIZE]; - int ret; - FILE *p; - - if (!(initsetuid())) - exit(1); - - /* Sanitize arguments */ - if (argc < 2) - { - fprintf(stderr, "Missing arg\n"); - exit(1); - } - if (strspn(argv[1], NUMBERS) != strlen(argv[1])) - { - fprintf(stderr, "Bad arg\n"); - exit(1); - } - - if(!mkdtemp(tmpdir)) - { - perror("Unable to create secure temp dir"); - exit(ERR_TMPDIR); - } - - /* now exithandler will have something to erase */ - atexit(exithandler); - - /* verify and extract package */ - memset(command, 0, STRING_SIZE); - snprintf(command, STRING_SIZE-1, "/usr/bin/gpg --batch --homedir /root/.gnupg -o %s/patch.tar.gz --decrypt /var/patches/patch-%s.tar.gz.gpg", tmpdir, argv[1]); - ret = safe_system(command) >> 8; - if(ret==1) /* 1=> gpg-key error */ - { - fprintf(stderr, "Invalid package: signature check failed\n"); - exit(ERR_SIG); - } - if(ret==2) /* 2=> gpg pub key not found */ - { - fprintf(stderr, "Public signature not found (who signed package?) !\n"); - exit(ERR_SIG); - } - if(ret) /* retry extraction on other partition */ - { - rmdir(tmpdir); - strcpy (tmpdir,"/var/patches/install_XXXXXX"); - if(!mkdtemp(tmpdir)) - { - perror("Unable to create secure temp dir"); - _exit(ERR_TMPDIR); /* no need exit handler */ - } - memset(command, 0, STRING_SIZE); - snprintf(command, STRING_SIZE-1, "/usr/bin/gpg --batch --homedir /root/.gnupg -o %s/patch.tar.gz --decrypt /var/patches/patch-%s.tar.gz.gpg", tmpdir, argv[1]); - ret = safe_system(command); - if(ret) - { - fprintf(stderr, "Not enough disk space or gpg error %d !\n",ret); - exit(ERR_DISK); - } - } - /* no more needed gpg-package & make room */ - snprintf(command, STRING_SIZE-1, "/var/patches/patch-%s.tar.gz.gpg", argv[1]); - unlink ( command ); - - /* unzip the package */ - chdir (tmpdir); - if(safe_system("/bin/tar xzf patch.tar.gz")) - { - fprintf(stderr, "Invalid package: untar failed\n"); - exit(ERR_TAR); - } - /* And read 'information' to check validity */ - snprintf(buffer, STRING_SIZE-1, "%s/information", tmpdir); - if(!(infofile = fopen(buffer,"r"))) - { - if(errno == ENOENT) - fprintf(stderr, "Invalid package: contains no information file\n"); - else - perror("Unable to open package information file"); - exit(ERR_INFO); - } - if(!fgets(buffer, BUFFER_SIZE, infofile)) - { - perror("Couldn't read package information"); - exit(ERR_INFO); - } - fclose(infofile); - if(buffer[strlen(buffer)-1] == '\n') - buffer[strlen(buffer)-1] = '\0'; - if(!strchr(buffer,'|')) - { - fprintf(stderr, "Invalid package: malformed information string.\n"); - exit(ERR_INFO); - } - info = strdup(buffer); - - /* check if package is already installed */ - if(!(infofile = fopen(CONFIG_ROOT "/patches/installed","r+"))) - { - perror("Unable to open installed package list"); - exit(ERR_PACKLIST); - } - /* get exclusive lock to prevent a mess if 2 copies run at once, and set - * close-on-exec flag so the FD doesn't leak to the setup script */ - flock(fileno(infofile), LOCK_EX); - fcntl(fileno(infofile), F_SETFD, FD_CLOEXEC); - - while(fgets(buffer, BUFFER_SIZE, infofile)) - { - if(!strncmp(buffer, info, strlen(info))) - { - fprintf(stderr,"This package is already installed\n"); - exit(ERR_INSTALLED); - } - } - - /* install package */ - openlog("installpackage", LOG_PID, LOG_USER); - snprintf(command, STRING_SIZE - 1, "%s/setup", tmpdir); - /* FIXME: popen suffers from the same environment problems as system() */ - if (!(p = popen(command, "r"))) - { - fprintf(stderr,"popen() failed\n"); - closelog(); - exit(ERR_POPEN); - } - setvbuf(p, NULL, _IOLBF, 255); - while (fgets(buffer, STRING_SIZE, p)) - { - syslog(LOG_INFO, "%s", buffer); - } - ret = pclose(p); - closelog(); - - if(ret) - { - fprintf(stderr, "setup script returned exit code %d\n", ret>>8); - exit(ERR_SETUP); - } - - /* write to package db */ - if(strncmp(info, "000|", 4)) - { - time_t curtime = time(NULL); - strftime(buffer, STRING_SIZE, "%Y-%m-%d", gmtime(&curtime)); - fprintf(infofile, "%s|%s\n", info, buffer); - flock(fileno(infofile), LOCK_UN); - fclose(infofile); - } else { /* Full system upgrade to new version */ - flock(fileno(infofile), LOCK_UN); - fclose(infofile); - unlink(CONFIG_ROOT "/patches/available"); - unlink(CONFIG_ROOT "/patches/installed"); - } - free(info); - exit(0); -} diff --git a/src/misc-progs/ipfirebackup.c b/src/misc-progs/ipfirebackup.c deleted file mode 100644 index d3f1efafb..000000000 --- a/src/misc-progs/ipfirebackup.c +++ /dev/null @@ -1,290 +0,0 @@ -/* - * This file is part of the IPCop Firewall. - * - * IPCop is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * IPCop is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with IPCop; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * Copyright (C) 2002-06-02 Mark Wormgoor - * - * $Id: ipcopbackup.c,v 1.8.2.6 2006/01/20 13:30:42 franck78 Exp $ - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "setuid.h" - -// want a bigger buffer to concatenate a possibly long string -#define COMMAND_SIZE 4000 -//Append lines contained in 'inputfile' to 'string' -int catlist(char* inputfile, - char* string ) { - - struct stat s; // input file stats - char buffer[STRING_SIZE]; // read buffer - - if (stat(inputfile,&s) != 0) return 1; - if (s.st_size+strlen(string)>COMMAND_SIZE) return 1; // too big! - int f = open(inputfile, O_RDONLY); - if (!f) return 1; // cannot open file - - int count; - while ((count = read(f, buffer, STRING_SIZE - 1))) { - int j; - for (j=0; j /dev/null", floppy_dev); - if (safe_system(command)) { - perror( "Error: No floppy in drive or bad floppy in drive" ); - exit(1); - } - - /* Clearing disk */ - snprintf (command, STRING_SIZE-1, "/bin/dd if=/dev/zero of=%s bs=1k 2> /dev/null", floppy_dev); - safe_system (command); - - /* Start tarring files to floppy */ - snprintf (command, COMMAND_SIZE-1, "/bin/tar -X " CONFIG_ROOT"/backup/exclude.system " - "-X " CONFIG_ROOT"/backup/exclude.user " - "-C / -cvzf %s " - "-T " CONFIG_ROOT"/backup/include.user ", - floppy_dev); - /* add include.system file content to 'command' */ - if (catlist(CONFIG_ROOT "/backup/include.system", command)) { - fprintf(stderr, "Couldn't open backup system include file\n"); - exit (1); - } - safe_system (command); - - /* Now check it */ - snprintf (command, STRING_SIZE-1,"/bin/echo 'Checking'; /bin/tar -tzf %s" , floppy_dev); - safe_system (command); - - exit(0); -} - - -// Just verify that root password is ok -int checkrootpass (char* passwd) { - - struct passwd *pw; - struct spwd *spwd; - - if ((pw = getpwnam("root")) == NULL) { - return (0); // root unknown....! - } - - // get shadowed password - spwd = getspnam("root"); - - //and use it in right place - if (spwd) - pw->pw_passwd = spwd->sp_pwdp; - - return (strcmp ( crypt(passwd, pw->pw_passwd), //encrypt cleartext - pw->pw_passwd) == 0 //compare to encrypted version - ) ? 1 : 0; // true or false -} - - -int main (int argc, char *argv[]) { - char command[STRING_SIZE]; - - if (argc < 3) { // at least two args always needed, avoid some testing. - fprintf (stderr, "Err %s: used from cgi only !\n", argv[0]); - exit (1); - } - - if (!initsetuid()){ - fprintf (stderr, "Err %s: cannot setuid !\n", argv[0]); - exit (1); - } - - // save on normal floppy for use during reinstall ONLY - if ( (strcmp(argv[1],"-savecfg" ) == 0) && - (strcmp(argv[2],"floppy") == 0) ) - savecfg_floppy("/dev/floppy"); // to do: mount usb floppy.... - - if ( (strcmp(argv[1],"-proc" ) == 0) && - (strcmp(argv[2],"partitions") == 0) ) { // issue cat /proc/partitions - - int fi; - if ( (fi = open("/proc/partitions", O_RDONLY))==-1) exit (1); // cannot open file - char string[STRING_SIZE]; - int count; - while ((count = read(fi, string, STRING_SIZE))) { - write (1, string, count); - } - close (fi); - exit (0); - } - - // output result of 'glob' function - if ( (strcmp(argv[1],"-glob" ) == 0)) { - glob_t g; - if (glob (argv[2],0,NULL,&g) == 0) { - char** pstr = g.gl_pathv; // base array - while (*pstr) { // while not NULL - printf ("%s\n", *pstr); // pstr is a pointer to array of char* - pstr++; // next pointer - } - globfree (&g); - } - exit (0); - } - - // tell if the backup.key is present - if ( (strcmp(argv[1],"-key" ) == 0) && - (strcmp(argv[2],"exist") == 0) ) { // check key existence - if ( !(file_exists(BACKUP_KEY)) ) { - fprintf (stderr, "Err %s: backup key "BACKUP_KEY" does not exist !\n", argv[0]); - exit (ERR_KEY); - } - exit (0); - } - - // cat the backup.key, for saving it - if ( strcmp(argv[1],"-keycat" ) == 0) { - if (! checkrootpass (argv[2])) exit (1); // but only if root pw provided - int fi; - if ( (fi = open(BACKUP_KEY, O_RDONLY))==-1) exit (1); // cannot open file - char string[STRING_SIZE]; - int count; - while ((count = read(fi, string, STRING_SIZE))) { - write (1, string, count); - } - close (fi); - exit (0); - } - - // generate a new backup.key ONLY if inexistant - if ( (strcmp(argv[1],"-key" ) == 0) && - (strcmp(argv[2],"new") == 0) ) { - if ( (file_exists(BACKUP_KEY)) ) { - fprintf (stderr, "Err %s: backup key "BACKUP_KEY" already exists !\n", argv[0]); - exit (ERR_KEY); - } - //ok we can generate it - if (safe_system ("/usr/sbin/ipsec ranbits 256 > " BACKUP_KEY)) { - fprintf (stderr, "Err %s: couldn't create key !\n", argv[0]); - exit (ERR_KEY); - } - chmod(BACKUP_KEY, S_IRUSR); // protect it - exit (0); - } - - // import a backup.key only if non existent - if ( (strcmp(argv[1],"-key" ) == 0) && - (strcmp(argv[2],"import") == 0) ) { - if ( (file_exists(BACKUP_KEY)) ) { - unlink (MOUNTPOINT"/key"); // clean anyway - fprintf (stderr, "Err %s: backup key "BACKUP_KEY" already exists !\n", argv[0]); - exit (ERR_KEY); - } - - int fi, fo; - if ( (fi = open(MOUNTPOINT"/key", O_RDONLY))==-1) { - fprintf (stderr, "Err %s: no backup key "MOUNTPOINT"/key to import !\n", argv[0]); - exit (ERR_KEY); // cannot open file - } - - if ( (fo = open(BACKUP_KEY, O_WRONLY | O_CREAT ))==-1) { - close (fi); - unlink (MOUNTPOINT"/key"); // clean anyway - fprintf (stderr, "Err %s: backup key "BACKUP_KEY" creation error !\n", argv[0]); - exit (ERR_KEY); - } - - char buffer[STRING_SIZE]; - int count; - while ((count = read(fi, buffer, STRING_SIZE))) { - write (fo, buffer, count); - } - close (fo); - close (fi); - unlink (MOUNTPOINT"/key"); - exit (0); - } - - // disk functions like mount umount,... - if ((strspn(argv[2], LETTERS_NUMBERS ) == strlen(argv[2])) && - (strlen(argv[2]) >2) && (strlen(argv[2]) <6)) { - if (strcmp(argv[1],"-M") == 0) { // M sda1 => mount /dev/sda1 /mountpoint - //safe_system("/bin/sync"); - snprintf(command, STRING_SIZE - 1,"/bin/mount -t vfat -o,uid=99,gid=99 /dev/%s "MOUNTPOINT, argv[2]); - safe_system(command); - //safe_system("/bin/sync"); - }else - if (strcmp(argv[1],"-U") == 0) { // U sda1 => umount /dev/sda1 - //safe_system("/bin/sync"); - snprintf(command, STRING_SIZE - 1,"/bin/umount /dev/%s", argv[2]); - safe_system(command); - safe_system("/bin/sync"); - }else - if (strcmp(argv[1],"-f") == 0) { // f sda1 => mke2fs /dev/sda1 - snprintf(command, STRING_SIZE - 1,"/sbin/mke2fs -q /dev/%s", argv[2]); - //safe_system(command); - //safe_system("/bin/sync"); - }else - if (strcmp(argv[1],"-F") == 0) { // F sda => fdisk /dev/sda - //safe_system("/bin/sync"); - snprintf(command, STRING_SIZE - 1,"/bin/dd if=/dev/zero of=/dev/%s count=2 bs=512", argv[2]); - //safe_system(command); - snprintf(command, STRING_SIZE - 1,"/bin/echo \"n\np\n1\n1\n\nw\nq\n\"|/sbin/fdisk /dev/%s", argv[2]); - //safe_system(command); - snprintf(command, STRING_SIZE - 1,"/sbin/mke2fs -q /dev/%s1", argv[2]); // beware of %s1 - //safe_system(command); - //safe_system("/bin/sync"); - }else { - fprintf (stderr, "Err %s: bad command !\n", argv[0]); - exit (1); - } - exit (0); - }else { - fprintf (stderr, "Err %s: bad arg !\n", argv[0]); - exit (1); - } - return 0; -} diff --git a/src/misc-progs/ipfirebkcfg.c b/src/misc-progs/ipfirebkcfg.c deleted file mode 100644 index c12f7f591..000000000 --- a/src/misc-progs/ipfirebkcfg.c +++ /dev/null @@ -1,239 +0,0 @@ -/* - * This file is part of the IPCop Firewall. - * - * IPCop is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * IPCop is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with IPCop; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * Copyright (C) 2003-06-25 Tim Butterfield - * - * $Id: ipcopbkcfg.c,v 1.2.2.6 2005/11/20 23:20:13 franck78 Exp $ - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "setuid.h" - - -#define EXCLUDE_HARDWARE "exclude.hardware" // exclude file not used on backup but only optionally on restore -#define TMP_TAR "/tmp/backup.tar" - -char tempincfilename[STRING_SIZE] = ""; /* temp include file name */ -char tempexcfilename[STRING_SIZE] = ""; /* temp exclude file name */ -char temptarfilename[STRING_SIZE] = ""; - -/* add fname contents to outfile */ -void add_file(int outfile, const char *fname, int verbose) -{ - FILE *freadfile; - char fbuff[STRING_SIZE]; - - if (!(freadfile = fopen(fname, "r"))) { - /* skip this file */ - return; - } - - while (fgets(fbuff, STRING_SIZE-1, freadfile) != NULL) { - int offset=0; - char *ch; - char chk_space=1; - - /* trim string in place - don't remove spaces in middle */ - ch = fbuff; - while (*ch) { - if (*ch == '\r' || *ch == '\n') { - *ch = '\0'; - } - - if (offset) { - *(ch-offset) = *ch; - } - - if (*ch == '\t' || *ch == ' ') { - if (chk_space) { - offset++; - } - } else { - chk_space=0; - } - - ch++; - } - - /* remove trailing spaces */ - ch = fbuff + strlen(fbuff) - 1; - while (*ch) { - if (*ch == '\t' || *ch == ' ') { - *ch = '\0'; - --ch; - } else { - break; - } - } - - /* validate name and add it */ - chdir ("/"); /* support both absolute and relative path */ - if (*fbuff) { - if (file_exists_w(fbuff)) { - strcat(fbuff, "\n"); - write(outfile, fbuff, strlen(fbuff)); - if (verbose) - fprintf(stdout, " %s", fbuff); - } - } - } - fclose(freadfile); -} - - -/* combine files starting with fnamebase into outfile */ -int cmb_files(int outfile, const char *fnamebase, int verbose) -{ - /* scan the directory and add matching files */ - struct dirent **namelist; - int namecount; - char addfilename[STRING_SIZE]; - - /* scan the directory and get a count of the files */ - if ((namecount=scandir(CONFIG_ROOT"/backup", &namelist, 0, alphasort))<0) { - fprintf(stderr, "No files found\n"); - exit(1); - } - - /* process the scanned names */ - while (namecount--) { - /* check names - compare beginning of name, ignoring case, ignore EXCLUDE_HARDWARE */ - if ((strncasecmp(fnamebase, namelist[namecount]->d_name, strlen(fnamebase))==0) && - (strncmp(EXCLUDE_HARDWARE,namelist[namecount]->d_name, strlen(EXCLUDE_HARDWARE)))) { - /* add the contents for this name to output file */ - sprintf(addfilename, CONFIG_ROOT"/backup/%s", namelist[namecount]->d_name); - if (verbose) - fprintf(stdout, "%s\n", namelist[namecount]->d_name); - add_file(outfile, addfilename, verbose); - free(namelist[namecount]); - if (verbose) - fprintf(stdout, "\n"); - } - } - free(namelist); - return 0; -} - -void exithandler(void) -{ - /* clean up temporary files */ - if (temptarfilename) - unlink (temptarfilename); - if (tempincfilename) - unlink (tempincfilename); - if (tempexcfilename) - unlink (tempexcfilename); -} - -int main(int argc, char**argv) -{ - int verbose=0; - char command[STRING_SIZE]; - char hostname[STRING_SIZE]; - int includefile, excludefile; - - if (!(initsetuid())) - exit(1); - - if (argc==2 && strcmp(argv[1],"--verbose")==0) - verbose=1; // display to stdout wich (ex|in)clude files are used - - gethostname(hostname, STRING_SIZE-1); - - if (!file_exists(BACKUP_KEY)) { - fprintf (stderr, "Couldn't locate encryption key\n"); - exit (ERR_KEY); - } - - /* now exithandler will have something to erase */ - atexit(exithandler); - - /* combine every include and exclude files in backup directory into two temp file - * at the exception of exclude.hardware only used optionally on restore */ - /* create/open temp output file */ - // Todo: use -X exclude.files and for include.files, build the list on command line - // to avoid unneccesary files manipulations - strcpy (tempincfilename, "/tmp/backup-inclusion.XXXXXX"); - strcpy (tempexcfilename, "/tmp/backup-exclusion.XXXXXX"); - if ( (!(includefile = mkstemp (tempincfilename)) > 0) || - (!(excludefile = mkstemp (tempexcfilename)) > 0) ){ - fprintf(stderr, "Couldn't create temporary file.\n"); - exit(1); - } - cmb_files(includefile, "include.", verbose); - close(includefile); - cmb_files(excludefile, "exclude.", verbose); - close(excludefile); - - /* Create temporary tarfile */ - strcpy (temptarfilename, TMP_TAR); - - /* Start tarring files to temp archive - W (verify) and z (compress) tar options can't be used together, so separate tar from gzip */ - snprintf (command, STRING_SIZE-1, "/bin/tar -T %s -X %s -C / -cWf %s > /dev/null 2> /dev/null", - tempincfilename, tempexcfilename, temptarfilename); - if (safe_system (command)) { - fprintf (stderr, "Couldn't create %s file\n", temptarfilename); - exit (ERR_TAR); - } - unlink (tempincfilename); - strcpy (tempincfilename,""); - unlink (tempexcfilename); - strcpy (tempincfilename,""); - - /* Compress archive */ - snprintf (command, STRING_SIZE-1, "/bin/gzip -c < %s > "MOUNTPOINT"/%s.tar.gz", temptarfilename, hostname); - if (safe_system (command)) { - fprintf (stderr, "Couldn't create "MOUNTPOINT"%s.tar.gz file\n", hostname); - exit (ERR_GZ); - } - unlink (temptarfilename); - strcpy (temptarfilename,""); - - /* Display to stdout include files names */ - snprintf (command, STRING_SIZE-1, "/bin/tar -ztf "MOUNTPOINT"/%s.tar.gz", hostname); - if (safe_system (command)) { - fprintf (stderr, "Couldn't read %s.tar.gz file\n", hostname); - exit (ERR_TAR); - } - - /* Encrypt archive */ - snprintf (command, STRING_SIZE-1, - "/usr/bin/openssl des3 -e -salt -in "MOUNTPOINT"/%s.tar.gz " - "-out "MOUNTPOINT"/%s.dat -kfile " BACKUP_KEY, hostname, hostname); - if (safe_system (command)) { - fprintf (stderr, "Couldn't encrypt archive\n"); - exit (ERR_ENCRYPT); - } - snprintf (command, STRING_SIZE-1, MOUNTPOINT"/%s.tar.gz", hostname); - unlink (command); - - /* Make sure web can overwrite */ - snprintf (command, STRING_SIZE-1, MOUNTPOINT"/%s.dat", hostname); - chown (command, 99, 99); - - exit(0); -} diff --git a/src/misc-progs/ipfirerscfg.c b/src/misc-progs/ipfirerscfg.c deleted file mode 100644 index 2e9839546..000000000 --- a/src/misc-progs/ipfirerscfg.c +++ /dev/null @@ -1,116 +0,0 @@ -/* - * This file is part of the IPCop Firewall. - * - * IPCop is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * IPCop is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with IPCop; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * - * Copyright (C) 2003-06-25 Tim Butterfield - * - * $Id: ipcoprscfg.c,v 1.2.2.6 2005/11/21 00:11:39 franck78 Exp $ - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "setuid.h" - -#define TMP_FILEZ "/tmp/TMPFILE.tar.gz" -#define TMP_FILE "/tmp/TMPFILE.tar" - -/* check existence of a data file */ -int data_exists(const char *hostname) { - char fname[STRING_SIZE]; - snprintf (fname, STRING_SIZE-1, MOUNTPOINT"/%s.dat", hostname); - return file_exists(fname); -} - - -int main(int argc, char**argv) { - int rshardware=0; - char command[STRING_SIZE]; - char hostname[STRING_SIZE]; - - if (argc==2 && strcmp(argv[1],"--hardware")==0) - rshardware=1; // restore hardware settings - - gethostname(hostname, STRING_SIZE-1); - - /* Init setuid */ - if (!initsetuid()) - exit(1); - - /* if a key file exists, an encrypted .dat is required */ - if (!file_exists(BACKUP_KEY)) { - fprintf (stderr, "Missing encryption key\n"); - exit (ERR_DECRYPT); - } - - - if (!data_exists(hostname)) { - fprintf (stderr, "Missing encrypted archive "MOUNTPOINT"/%s.dat archive\n", hostname); - exit (ERR_DAT); - } - - /* decrypt .dat file to tmp file */ - snprintf (command, STRING_SIZE-1, "/usr/bin/openssl des3 -d -salt -in "MOUNTPOINT"/%s.dat -out "TMP_FILEZ" -kfile "BACKUP_KEY" > /dev/null 2> /dev/null", hostname); - if (safe_system (command)) { - fprintf (stderr, "Couldn't decrypt "MOUNTPOINT"/%s.dat archive\n", hostname); - exit (ERR_DECRYPT); - } - - /* create temporary directory for testing untar */ - char tmp_dir[STRING_SIZE]; - - strcpy (tmp_dir,"cfg_XXXXXXX"); - if (mkdtemp (tmp_dir)==NULL) { - unlink (TMP_FILEZ); - exit (ERR_ANY); - } - - /* Start (test) untarring files from compressed archive */ - snprintf (command, STRING_SIZE-1, "/bin/tar -C %s -xzvf "TMP_FILEZ" > /dev/null 2> /dev/null",tmp_dir); - if (safe_system (command)) { - fprintf (stderr, "Archive have errors!\n"); - unlink (TMP_FILEZ); - exit (ERR_UNTARTST); - } - - /* remove temporary directory */ - snprintf (command, STRING_SIZE-1, "/bin/rm -rf %s > /dev/null 2> /dev/null",tmp_dir); - safe_system (command); - - /* Start (real) untarring files from compressed archive */ - char extraX[STRING_SIZE] = ""; - int retcode = 0; - if (rshardware==0) { /* extra eXclusion from restore */ - strcpy (extraX, "-X "CONFIG_ROOT"/backup/exclude.hardware "); - } - snprintf (command, STRING_SIZE-1, "/bin/tar -C / -xzvf "TMP_FILEZ" -X "CONFIG_ROOT"/backup/exclude.system %s > /dev/null 2> /dev/null", extraX); - if (safe_system (command)) { - fprintf (stderr, "Error restoring archive\n"); - retcode = ERR_UNTAR; - } - - /* remove temporary archive copy */ - unlink (TMP_FILEZ); - - exit(retcode); -}