]>
Commit | Line | Data |
---|---|---|
903310c4 MT |
1 | /* SmoothWall helper program - header file |
2 | * | |
3 | * This program is distributed under the terms of the GNU General Public | |
4 | * Licence. See the file COPYING for details. | |
5 | * Simple header file for all setuid progs. | |
6 | * | |
7 | */ | |
8 | ||
9 | #ifndef SETUID_H | |
10 | #define SETUID_H 1 | |
11 | ||
12 | #include <stdlib.h> | |
13 | #include <sys/types.h> | |
14 | ||
15 | /* As nothing in setuid.c uses STRING_SIZE specifically there's no real reason | |
16 | * to redefine it if it already is set */ | |
17 | #ifndef STRING_SIZE | |
18 | #define STRING_SIZE 256 | |
19 | #endif | |
20 | #define LETTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" | |
21 | #define NUMBERS "0123456789" | |
22 | #define LETTERS_NUMBERS LETTERS NUMBERS | |
23 | #define IP_NUMBERS "./" NUMBERS | |
24 | #define PORT_NUMBERS ":-" NUMBERS | |
25 | #define VALID_FQDN LETTERS_NUMBERS ".-" | |
26 | ||
27 | ||
28 | #define VALID_IP(ip) (strlen(ip) > 6 \ | |
29 | && strlen(ip) < 16 \ | |
30 | && strspn(ip, NUMBERS ".") == strlen(ip)) | |
31 | ||
32 | #define VALID_IP_AND_MASK(ip) (strlen(ip) > 6 \ | |
33 | && strlen(ip) < 32 \ | |
34 | && strspn(ip, IP_NUMBERS) == strlen(ip)) | |
35 | ||
36 | #define VALID_PORT(port) (strlen(port) \ | |
37 | && strlen(port) < 6 \ | |
38 | && strspn(port, NUMBERS) == strlen(port)) | |
39 | ||
40 | #define VALID_PORT_RANGE(port) (strlen(port) \ | |
41 | && strlen(port) < 12 \ | |
42 | && strspn(port, PORT_NUMBERS) == strlen(port)) | |
43 | ||
44 | #define VALID_SHORT_MASK(ip) (strlen(ip) > 1 \ | |
45 | && strlen(ip) < 3 \ | |
46 | && strspn(ip, NUMBERS) == strlen(ip)) | |
47 | ||
48 | /* Can't find any info on valid characters/length hopefully these are | |
49 | * reasonable guesses */ | |
50 | #define VALID_DEVICE(dev) (strlen(dev) \ | |
51 | && strlen(dev) < 16 \ | |
52 | && strspn(dev, LETTERS_NUMBERS ":.") == strlen(dev)) | |
53 | ||
54 | /* Again, can't find any hard and fast rules for protocol names, these | |
55 | * restrictions are based on the keywords currently listed in | |
56 | * <http://www.iana.org/assignments/protocol-numbers> | |
57 | * though currently the ipcop cgis will only pass tcp, udp or gre anyway */ | |
58 | #define VALID_PROTOCOL(prot) (strlen(prot) \ | |
59 | && strlen(prot) <16 \ | |
60 | && strspn(prot, LETTERS_NUMBERS "-") == strlen(prot)) | |
61 | ||
62 | extern char * trusted_env[4]; | |
63 | ||
64 | int system_core(char* command, uid_t uid, gid_t gid, char *error); | |
65 | int safe_system(char* command); | |
66 | int unpriv_system(char* command, uid_t uid, gid_t gid); | |
67 | size_t strlcat(char *dst, const char *src, size_t len); | |
68 | int initsetuid(void); | |
69 | ||
70 | /* check whether a file exists */ | |
71 | int file_exists(const char *fname); | |
72 | int file_exists_w(const char *fname); //wildcard filename test | |
73 | ||
74 | #endif |