projects / people / pmueller / ipfire-2.x.git / blame
| Commit | Line | Data |
|---|---|---|
| cd1a2927 MT |
1 | /*\r |
| 2 | * This file is part of the IPCop Firewall.\r | |
| 3 | *\r | |
| 4 | * IPCop is free software; you can redistribute it and/or modify\r | |
| 5 | * it under the terms of the GNU General Public License as published by\r | |
| 6 | * the Free Software Foundation; either version 2 of the License, or\r | |
| 7 | * (at your option) any later version.\r | |
| 8 | *\r | |
| 9 | * IPCop is distributed in the hope that it will be useful,\r | |
| 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of\r | |
| 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r | |
| 12 | * GNU General Public License for more details.\r | |
| 13 | *\r | |
| 14 | * You should have received a copy of the GNU General Public License\r | |
| 15 | * along with IPCop; if not, write to the Free Software\r | |
| 16 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\r | |
| 17 | *\r | |
| 18 | * Copyright (C) 2003-06-25 Tim Butterfield <timbutterfield@mindspring.com>\r | |
| 19 | *\r | |
| 20 | * $Id: ipcopbkcfg.c,v 1.2.2.6 2005/11/20 23:20:13 franck78 Exp $\r | |
| 21 | *\r | |
| 22 | */\r | |
| 23 | \r | |
| 24 | #include <stdio.h>\r | |
| 25 | #include <string.h>\r | |
| 26 | #include <stdlib.h>\r | |
| 27 | #include <unistd.h>\r | |
| 28 | #include <sys/types.h>\r | |
| 29 | #include <sys/stat.h>\r | |
| 30 | #include <fcntl.h>\r | |
| 31 | #include <grp.h>\r | |
| 32 | #include <dirent.h>\r | |
| 33 | #include "setuid.h"\r | |
| 34 | \r | |
| 35 | \r | |
| 36 | #define EXCLUDE_HARDWARE "exclude.hardware" // exclude file not used on backup but only optionally on restore\r | |
| 37 | #define TMP_TAR "/tmp/backup.tar"\r | |
| 38 | \r | |
| 39 | char tempincfilename[STRING_SIZE] = ""; /* temp include file name */\r | |
| 40 | char tempexcfilename[STRING_SIZE] = ""; /* temp exclude file name */\r | |
| 41 | char temptarfilename[STRING_SIZE] = "";\r | |
| 42 | \r | |
| 43 | /* add fname contents to outfile */\r | |
| 44 | void add_file(int outfile, const char *fname, int verbose)\r | |
| 45 | {\r | |
| 46 | FILE *freadfile;\r | |
| 47 | char fbuff[STRING_SIZE];\r | |
| 48 | \r | |
| 49 | if (!(freadfile = fopen(fname, "r"))) {\r | |
| 50 | /* skip this file */\r | |
| 51 | return;\r | |
| 52 | }\r | |
| 53 | \r | |
| 54 | while (fgets(fbuff, STRING_SIZE-1, freadfile) != NULL) {\r | |
| 55 | int offset=0;\r | |
| 56 | char *ch;\r | |
| 57 | char chk_space=1;\r | |
| 58 | \r | |
| 59 | /* trim string in place - don't remove spaces in middle */\r | |
| 60 | ch = fbuff;\r | |
| 61 | while (*ch) {\r | |
| 62 | if (*ch == '\r' || *ch == '\n') {\r | |
| 63 | *ch = '\0';\r | |
| 64 | }\r | |
| 65 | \r | |
| 66 | if (offset) {\r | |
| 67 | *(ch-offset) = *ch;\r | |
| 68 | }\r | |
| 69 | \r | |
| 70 | if (*ch == '\t' || *ch == ' ') {\r | |
| 71 | if (chk_space) {\r | |
| 72 | offset++;\r | |
| 73 | }\r | |
| 74 | } else {\r | |
| 75 | chk_space=0;\r | |
| 76 | }\r | |
| 77 | \r | |
| 78 | ch++;\r | |
| 79 | }\r | |
| 80 | \r | |
| 81 | /* remove trailing spaces */\r | |
| 82 | ch = fbuff + strlen(fbuff) - 1;\r | |
| 83 | while (*ch) {\r | |
| 84 | if (*ch == '\t' || *ch == ' ') {\r | |
| 85 | *ch = '\0';\r | |
| 86 | --ch;\r | |
| 87 | } else {\r | |
| 88 | break;\r | |
| 89 | }\r | |
| 90 | }\r | |
| 91 | \r | |
| 92 | /* validate name and add it */\r | |
| 93 | chdir ("/"); /* support both absolute and relative path */\r | |
| 94 | if (*fbuff) {\r | |
| 95 | if (file_exists_w(fbuff)) {\r | |
| 96 | strcat(fbuff, "\n");\r | |
| 97 | write(outfile, fbuff, strlen(fbuff));\r | |
| 98 | if (verbose)\r | |
| 99 | fprintf(stdout, " %s", fbuff);\r | |
| 100 | }\r | |
| 101 | }\r | |
| 102 | }\r | |
| 103 | fclose(freadfile);\r | |
| 104 | }\r | |
| 105 | \r | |
| 106 | \r | |
| 107 | /* combine files starting with fnamebase into outfile */\r | |
| 108 | int cmb_files(int outfile, const char *fnamebase, int verbose)\r | |
| 109 | {\r | |
| 110 | /* scan the directory and add matching files */\r | |
| 111 | struct dirent **namelist;\r | |
| 112 | int namecount;\r | |
| 113 | char addfilename[STRING_SIZE];\r | |
| 114 | \r | |
| 115 | /* scan the directory and get a count of the files */\r | |
| 116 | if ((namecount=scandir(CONFIG_ROOT"/backup", &namelist, 0, alphasort))<0) {\r | |
| 117 | fprintf(stderr, "No files found\n");\r | |
| 118 | exit(1);\r | |
| 119 | }\r | |
| 120 | \r | |
| 121 | /* process the scanned names */\r | |
| 122 | while (namecount--) {\r | |
| 123 | /* check names - compare beginning of name, ignoring case, ignore EXCLUDE_HARDWARE */\r | |
| 124 | if ((strncasecmp(fnamebase, namelist[namecount]->d_name, strlen(fnamebase))==0) &&\r | |
| 125 | (strncmp(EXCLUDE_HARDWARE,namelist[namecount]->d_name, strlen(EXCLUDE_HARDWARE)))) {\r | |
| 126 | /* add the contents for this name to output file */\r | |
| 127 | sprintf(addfilename, CONFIG_ROOT"/backup/%s", namelist[namecount]->d_name);\r | |
| 128 | if (verbose)\r | |
| 129 | fprintf(stdout, "%s\n", namelist[namecount]->d_name);\r | |
| 130 | add_file(outfile, addfilename, verbose);\r | |
| 131 | free(namelist[namecount]);\r | |
| 132 | if (verbose)\r | |
| 133 | fprintf(stdout, "\n");\r | |
| 134 | }\r | |
| 135 | }\r | |
| 136 | free(namelist);\r | |
| 137 | return 0;\r | |
| 138 | }\r | |
| 139 | \r | |
| 140 | void exithandler(void)\r | |
| 141 | {\r | |
| 142 | /* clean up temporary files */\r | |
| 143 | if (temptarfilename)\r | |
| 144 | unlink (temptarfilename);\r | |
| 145 | if (tempincfilename)\r | |
| 146 | unlink (tempincfilename);\r | |
| 147 | if (tempexcfilename)\r | |
| 148 | unlink (tempexcfilename);\r | |
| 149 | }\r | |
| 150 | \r | |
| 151 | int main(int argc, char**argv)\r | |
| 152 | {\r | |
| 153 | int verbose=0;\r | |
| 154 | char command[STRING_SIZE];\r | |
| 155 | char hostname[STRING_SIZE];\r | |
| 156 | int includefile, excludefile;\r | |
| 157 | \r | |
| 158 | if (!(initsetuid()))\r | |
| 159 | exit(1);\r | |
| 160 | \r | |
| 161 | if (argc==2 && strcmp(argv[1],"--verbose")==0)\r | |
| 162 | verbose=1; // display to stdout wich (ex|in)clude files are used\r | |
| 163 | \r | |
| 164 | gethostname(hostname, STRING_SIZE-1);\r | |
| 165 | \r | |
| 166 | if (!file_exists(BACKUP_KEY)) {\r | |
| 167 | fprintf (stderr, "Couldn't locate encryption key\n");\r | |
| 168 | exit (ERR_KEY);\r | |
| 169 | }\r | |
| 170 | \r | |
| 171 | /* now exithandler will have something to erase */ \r | |
| 172 | atexit(exithandler);\r | |
| 173 | \r | |
| 174 | /* combine every include and exclude files in backup directory into two temp file\r | |
| 175 | * at the exception of exclude.hardware only used optionally on restore */\r | |
| 176 | /* create/open temp output file */\r | |
| 177 | // Todo: use -X exclude.files and for include.files, build the list on command line\r | |
| 178 | // to avoid unneccesary files manipulations\r | |
| 179 | strcpy (tempincfilename, "/tmp/backup-inclusion.XXXXXX");\r | |
| 180 | strcpy (tempexcfilename, "/tmp/backup-exclusion.XXXXXX");\r | |
| 181 | if ( (!(includefile = mkstemp (tempincfilename)) > 0) ||\r | |
| 182 | (!(excludefile = mkstemp (tempexcfilename)) > 0) ){\r | |
| 183 | fprintf(stderr, "Couldn't create temporary file.\n");\r | |
| 184 | exit(1);\r | |
| 185 | }\r | |
| 186 | cmb_files(includefile, "include.", verbose);\r | |
| 187 | close(includefile);\r | |
| 188 | cmb_files(excludefile, "exclude.", verbose);\r | |
| 189 | close(excludefile);\r | |
| 190 | \r | |
| 191 | /* Create temporary tarfile */\r | |
| 192 | strcpy (temptarfilename, TMP_TAR);\r | |
| 193 | \r | |
| 194 | /* Start tarring files to temp archive\r | |
| 195 | W (verify) and z (compress) tar options can't be used together, so separate tar from gzip */\r | |
| 196 | snprintf (command, STRING_SIZE-1, "/bin/tar -T %s -X %s -C / -cWf %s > /dev/null 2> /dev/null",\r | |
| 197 | tempincfilename, tempexcfilename, temptarfilename);\r | |
| 198 | if (safe_system (command)) {\r | |
| 199 | fprintf (stderr, "Couldn't create %s file\n", temptarfilename);\r | |
| 200 | exit (ERR_TAR);\r | |
| 201 | }\r | |
| 202 | unlink (tempincfilename);\r | |
| 203 | strcpy (tempincfilename,"");\r | |
| 204 | unlink (tempexcfilename);\r | |
| 205 | strcpy (tempincfilename,"");\r | |
| 206 | \r | |
| 207 | /* Compress archive */\r | |
| 208 | snprintf (command, STRING_SIZE-1, "/bin/gzip -c < %s > "MOUNTPOINT"/%s.tar.gz", temptarfilename, hostname);\r | |
| 209 | if (safe_system (command)) {\r | |
| 210 | fprintf (stderr, "Couldn't create "MOUNTPOINT"%s.tar.gz file\n", hostname);\r | |
| 211 | exit (ERR_GZ);\r | |
| 212 | }\r | |
| 213 | unlink (temptarfilename);\r | |
| 214 | strcpy (temptarfilename,"");\r | |
| 215 | \r | |
| 216 | /* Display to stdout include files names */\r | |
| 217 | snprintf (command, STRING_SIZE-1, "/bin/tar -ztf "MOUNTPOINT"/%s.tar.gz", hostname);\r | |
| 218 | if (safe_system (command)) {\r | |
| 219 | fprintf (stderr, "Couldn't read %s.tar.gz file\n", hostname);\r | |
| 220 | exit (ERR_TAR);\r | |
| 221 | }\r | |
| 222 | \r | |
| 223 | /* Encrypt archive */\r | |
| 224 | snprintf (command, STRING_SIZE-1,\r | |
| 225 | "/usr/bin/openssl des3 -e -salt -in "MOUNTPOINT"/%s.tar.gz "\r | |
| 226 | "-out "MOUNTPOINT"/%s.dat -kfile " BACKUP_KEY, hostname, hostname);\r | |
| 227 | if (safe_system (command)) {\r | |
| 228 | fprintf (stderr, "Couldn't encrypt archive\n");\r | |
| 229 | exit (ERR_ENCRYPT);\r | |
| 230 | }\r | |
| 231 | snprintf (command, STRING_SIZE-1, MOUNTPOINT"/%s.tar.gz", hostname);\r | |
| 232 | unlink (command);\r | |
| 233 | \r | |
| 234 | /* Make sure web can overwrite */\r | |
| 235 | snprintf (command, STRING_SIZE-1, MOUNTPOINT"/%s.dat", hostname);\r | |
| 236 | chown (command, 99, 99);\r | |
| 237 | \r | |
| 238 | exit(0);\r | |
| 239 | }\r |