X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=html%2Fcgi-bin%2Fbackup.cgi;h=cac4146ab94e59e5ab93e3c06ce763b5045435c7;hb=ea72700a3b5f53680b218e9261593806bdc5f7d4;hp=d160349ff1d2e36f4302c02b02238b6dfe63ca73;hpb=19b01b74f9b9e7cb01943f6c118b45d1eced9b4c;p=people%2Fpmueller%2Fipfire-2.x.git

diff --git a/html/cgi-bin/backup.cgi b/html/cgi-bin/backup.cgi
index d160349ff1..cac4146ab9 100644
--- a/html/cgi-bin/backup.cgi
+++ b/html/cgi-bin/backup.cgi
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007  Michael Tremer & Christian Schmidt                      #
+# Copyright (C) 2005-2013  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,6 +24,7 @@ use strict;
 #use warnings;
 #use CGI::Carp 'fatalsToBrowser';
 use File::Copy;
+use File::Basename;
 
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
@@ -35,6 +36,8 @@ my %cgiparams=();
 my %checked = ();
 my $message = "";
 my $errormessage = "";
+my @backups = "";
+my @backupisos = "";
 
 $a = new CGI;
 
@@ -56,38 +59,25 @@ system("/usr/local/bin/backupctrl makedirs >/dev/null 2>&1 ") unless ( -e '/var/
 ############################################################################################################################
 ############################################## System calls ohne Http Header ###############################################
 
-# Replace slashes from filename
-$cgiparams{'FILE'} =~ s/\///;
-
-if ( $cgiparams{'ACTION'} eq "download" )
-{
-		open(DLFILE, "</var/ipfire/backup/$cgiparams{'FILE'}") or die "Unable to open $cgiparams{'FILE'}: $!";
-		my @fileholder = <DLFILE>;
-		print "Content-Type:application/x-download\n";
-		print "Content-Disposition:attachment;filename=$cgiparams{'FILE'}\n\n";
-		print @fileholder;
-		exit (0);
-}
-if ( $cgiparams{'ACTION'} eq "downloadiso" )
-{
-		open(DLFILE, "</var/tmp/backupiso/$cgiparams{'FILE'}") or die "Unable to open $cgiparams{'FILE'}: $!";
-		my @fileholder = <DLFILE>;
-		print "Content-Type:application/x-download\n";
-		print "Content-Disposition:attachment;filename=$cgiparams{'FILE'}\n\n";
-		print @fileholder;
-		exit (0);
-}
-if ( $cgiparams{'ACTION'} eq "downloadaddon" )
-{
-		open(DLFILE, "</var/ipfire/backup/addons/backup/$cgiparams{'FILE'}") or die "Unable to open $cgiparams{'FILE'}: $!";
-		my @fileholder = <DLFILE>;
-		print "Content-Type:application/x-download\n";
-		print "Content-Disposition:attachment;filename=$cgiparams{'FILE'}\n\n";
-		print @fileholder;
-		exit (0);
-}
-elsif ( $cgiparams{'ACTION'} eq "restore" )
-{
+if ($cgiparams{'ACTION'} eq "download") {
+		my $file = &sanitise_file($cgiparams{'FILE'});
+		exit(1) unless defined($file);
+
+		&deliver_file($file);
+		exit(0);
+} elsif ($cgiparams{'ACTION'} eq "downloadiso") {
+		my $file = &sanitise_file($cgiparams{'FILE'});
+		exit(1) unless defined($file);
+
+		&deliver_file($file);
+		exit(0);
+} elsif ($cgiparams{'ACTION'} eq "downloadaddon") {
+		my $file = &sanitise_file($cgiparams{'FILE'});
+		exit(1) unless defined($file);
+
+		&deliver_file($file);
+		exit(0);
+} elsif ( $cgiparams{'ACTION'} eq "restore") {
 		my $upload = $a->param("UPLOAD");
 		open UPLOADFILE, ">/tmp/restore.ipf";
 		binmode $upload;
@@ -134,11 +124,20 @@ if ( $cgiparams{'ACTION'} eq "backup" )
 }
 if ( $cgiparams{'ACTION'} eq "addonbackup" )
 {
+	# Exit if there is any dots or slashes in the addon name
+	exit(1) if ($cgiparams{'ADDON'} =~ /(\.|\/)/);
+
+	# Check if the addon exists
+	exit(1) unless (-e "/var/ipfire/backup/addons/includes/$cgiparams{'ADDON'}");
+
 	system("/usr/local/bin/backupctrl addonbackup $cgiparams{'ADDON'} >/dev/null 2>&1");
 }
 elsif ( $cgiparams{'ACTION'} eq "delete" )
 {
-	system("/usr/local/bin/backupctrl $cgiparams{'FILE'} >/dev/null 2>&1");
+	my $file = &sanitise_file($cgiparams{'FILE'});
+	exit(1) unless defined($file);
+
+	system("/usr/local/bin/backupctrl $file >/dev/null 2>&1");
 }
 
 ############################################################################################################################
@@ -150,10 +149,15 @@ if ( $message ne "" ){
 	&Header::closebox();
 }
 
-my @backups = `cd /var/ipfire/backup/ && ls *.ipf 2>/dev/null`;
-my @backupisos = `cd /var/tmp/backupiso/ && ls *.iso 2>/dev/null`;
+if ( -e "/var/ipfire/backup/" ){
+	@backups = `cd /var/ipfire/backup/ && ls *.ipf 2>/dev/null`;
+}
+
+if ( -e "/var/tmp/backupiso/" ){
+	@backupisos = `cd /var/tmp/backupiso/ && ls *.iso 2>/dev/null`;
+}
 
-&Header::openbox('100%', 'center', $Lang::tr{'backup'});
+&Header::openbox('100%', 'center', );
 
 print <<END
 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
@@ -163,7 +167,13 @@ print <<END
 	<td align='left'>
 		<input type='radio' name='BACKUPLOGS' value='include'/> $Lang::tr{'include logfiles'}<br/>
 		<input type='radio' name='BACKUPLOGS' value='exclude' checked='checked'/> $Lang::tr{'exclude logfiles'}<br/>
-		<input type='radio' name='BACKUPLOGS' value='iso' /> $Lang::tr{'generate iso'}
+END
+;
+my $MACHINE=`uname -m`;
+if ( ! ( $MACHINE =~ "arm" )) {
+	print"		<input type='radio' name='BACKUPLOGS' value='iso' /> $Lang::tr{'generate iso'}<br/>"
+}
+print <<END
 	</td>
 </tr>
 <tr><td align='center' colspan='2'>
@@ -186,6 +196,7 @@ print <<END
 END
 ;
 foreach (@backups){
+if ( $_ !~ /ipf$/){next;}
 chomp($_);
 my $Datei = "/var/ipfire/backup/".$_;
 my @Info = stat($Datei);
@@ -195,6 +206,7 @@ print "<tr><td align='center'>$Lang::tr{'backup from'} $_ $Lang::tr{'size'} $Siz
 print "<td width='5'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='delete' /><input type='hidden' name='FILE' value='$_' /><input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-trash.png' /></form></td></tr>";
 }
 foreach (@backupisos){
+if ( $_ !~ /iso$/){next;}
 chomp($_);
 my $Datei = "/var/tmp/backupiso/".$_;
 my @Info = stat($Datei);
@@ -212,7 +224,7 @@ END
 ############################################################################################################################
 ############################################# Backups von Addons erstellen #################################################
 
-&Header::openbox('100%', 'center', 'addons');
+&Header::openbox('100%', 'center', $Lang::tr{'addons'});
 
 my @addonincluds = `ls /var/ipfire/backup/addons/includes/ 2>/dev/null`;
 my @addons = `ls /var/ipfire/backup/addons/backup/ 2>/dev/null`;
@@ -252,7 +264,7 @@ print <<END
 	<td align='right' width='5'>
 		<form method='post' action='$ENV{'SCRIPT_NAME'}'>
 		<input type='hidden' name='ACTION' value='delete' />
-		<input type='hidden' name='FILE' value='addons/backup/$_.ipf' />
+		<input type='hidden' name='FILE' value='$_.ipf' />
 		<input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-trash.png' />
 		</form>
 	</td>
@@ -291,7 +303,7 @@ print <<END
 	<td align='right' width='5'>
 		<form method='post' action='$ENV{'SCRIPT_NAME'}'>
 		<input type='hidden' name='ACTION' value='delete' />
-		<input type='hidden' name='FILE' value='addons//backup/$_.ipf' />
+		<input type='hidden' name='FILE' value='$_.ipf' />
 		<input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-trash.png' />
 		</form>
 	</td>
@@ -319,3 +331,41 @@ END
 &Header::closebox();
 &Header::closebigbox();
 &Header::closepage();
+
+sub sanitise_file() {
+	my $file = shift;
+
+	# Filenames cannot contain any slashes
+	return undef if ($file =~ /\//);
+
+	# File must end with .ipf or .iso
+	return undef unless ($file =~ /\.(ipf|iso)$/);
+
+	# Convert to absolute path
+	if (-e "/var/ipfire/backup/$file") {
+		return "/var/ipfire/backup/$file";
+	} elsif (-e "/var/ipfire/backup/addons/backup/$file") {
+		return "/var/ipfire/backup/addons/backup/$file";
+	} elsif (-e "/var/tmp/backupiso/$file") {
+		return "/var/tmp/backupiso/$file";
+	}
+
+	# File does not seem to exist
+	return undef;
+}
+
+sub deliver_file() {
+	my $file = shift;
+	my @stat = stat($file);
+
+	# Print headers
+	print "Content-Disposition: attachment; filename=" . &File::Basename::basename($file) . "\n";
+	print "Content-Type: application/octet-stream\n";
+	print "Content-Length: $stat[7]\n";
+	print "\n";
+
+	# Deliver content
+	open(FILE, "<$file") or die "Unable to open $file: $!";
+	print <FILE>;
+	close(FILE);
+}