[people/pmueller/ipfire-2.x.git] / src / misc-progs / ipfirerscfg.c

/*\r
 * This file is part of the IPCop Firewall.\r
 *\r
 * IPCop is free software; you can redistribute it and/or modify\r
 * it under the terms of the GNU General Public License as published by\r
 * the Free Software Foundation; either version 2 of the License, or\r
 * (at your option) any later version.\r
 *\r
 * IPCop is distributed in the hope that it will be useful,\r
 * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\r
 * GNU General Public License for more details.\r
 *\r
 * You should have received a copy of the GNU General Public License\r
 * along with IPCop; if not, write to the Free Software\r
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA\r
 *\r
 * Copyright (C) 2003-06-25 Tim Butterfield <timbutterfield@mindspring.com>\r
 *\r
 * $Id: ipcoprscfg.c,v 1.2.2.6 2005/11/21 00:11:39 franck78 Exp $\r
 *\r
 */\r
\r
#include <stdio.h>\r
#include <string.h>\r
#include <stdlib.h>\r
#include <unistd.h>\r
#include <sys/types.h>\r
#include <sys/stat.h>\r
#include <fcntl.h>\r
#include <grp.h>\r
#include <dirent.h>\r
#include "setuid.h"\r
\r
#define TMP_FILEZ 	"/tmp/TMPFILE.tar.gz"\r
#define TMP_FILE 	"/tmp/TMPFILE.tar"\r
\r
/* check existence of a data file */\r
int data_exists(const char *hostname) {\r
    char fname[STRING_SIZE];\r
    snprintf (fname, STRING_SIZE-1, MOUNTPOINT"/%s.dat", hostname);\r
    return file_exists(fname);\r
}\r
\r
\r
int main(int argc, char**argv) {\r
	int rshardware=0;\r
	char command[STRING_SIZE];\r
	char hostname[STRING_SIZE];\r
\r
	if (argc==2 && strcmp(argv[1],"--hardware")==0)\r
	    rshardware=1; // restore hardware settings\r
\r
	gethostname(hostname, STRING_SIZE-1);\r
\r
	/* Init setuid */\r
	if (!initsetuid())\r
	    exit(1);\r
\r
	/* if  a key file exists, an encrypted .dat is required */\r
	if (!file_exists(BACKUP_KEY)) {\r
    	    fprintf (stderr, "Missing encryption key\n");\r
	    exit (ERR_DECRYPT);\r
	}\r
	\r
	\r
	if (!data_exists(hostname)) {\r
	    fprintf (stderr, "Missing encrypted archive "MOUNTPOINT"/%s.dat archive\n", hostname);\r
	    exit (ERR_DAT);\r
	}\r
\r
	/* decrypt .dat file to tmp file */\r
	snprintf (command, STRING_SIZE-1, "/usr/bin/openssl des3 -d -salt -in "MOUNTPOINT"/%s.dat -out "TMP_FILEZ" -kfile "BACKUP_KEY" > /dev/null 2> /dev/null", hostname);\r
	if (safe_system (command)) {\r
	    fprintf (stderr, "Couldn't decrypt "MOUNTPOINT"/%s.dat archive\n", hostname);\r
	    exit (ERR_DECRYPT);\r
	}\r
\r
	/* create temporary directory for testing untar */\r
	char tmp_dir[STRING_SIZE];\r
\r
	strcpy (tmp_dir,"cfg_XXXXXXX");\r
	if (mkdtemp (tmp_dir)==NULL) {\r
	    unlink (TMP_FILEZ);\r
	    exit (ERR_ANY);\r
	}\r
\r
	/* Start (test) untarring files from compressed archive */\r
	snprintf (command, STRING_SIZE-1, "/bin/tar -C %s -xzvf "TMP_FILEZ" > /dev/null 2> /dev/null",tmp_dir);\r
	if (safe_system (command)) {\r
	    fprintf (stderr, "Archive have errors!\n");\r
	    unlink (TMP_FILEZ);\r
	    exit (ERR_UNTARTST);\r
	}\r
\r
	/* remove temporary directory */\r
	snprintf (command, STRING_SIZE-1, "/bin/rm -rf %s > /dev/null 2> /dev/null",tmp_dir);\r
	safe_system (command);\r
	\r
	/* Start (real) untarring files from compressed archive */\r
	char extraX[STRING_SIZE] = "";\r
	int retcode = 0;\r
	if (rshardware==0) { /* extra eXclusion from restore  */\r
	    strcpy (extraX, "-X "CONFIG_ROOT"/backup/exclude.hardware ");\r
	}\r
	snprintf (command, STRING_SIZE-1, "/bin/tar -C / -xzvf "TMP_FILEZ" -X "CONFIG_ROOT"/backup/exclude.system %s > /dev/null 2> /dev/null", extraX);\r
	if (safe_system (command)) {\r
	    fprintf (stderr, "Error restoring archive\n");\r
	    retcode = ERR_UNTAR;\r
	}\r
\r
	/* remove temporary archive copy */\r
	unlink (TMP_FILEZ);\r
\r
	exit(retcode);\r
}\r
Commit	Line	Data
cd1a2927 MT	1	/*\r
	2	* This file is part of the IPCop Firewall.\r
	3	*\r
	4	* IPCop is free software; you can redistribute it and/or modify\r
	5	* it under the terms of the GNU General Public License as published by\r
	6	* the Free Software Foundation; either version 2 of the License, or\r
	7	* (at your option) any later version.\r
	8	*\r
	9	* IPCop is distributed in the hope that it will be useful,\r
	10	* but WITHOUT ANY WARRANTY; without even the implied warranty of\r
	11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
	12	* GNU General Public License for more details.\r
	13	*\r
	14	* You should have received a copy of the GNU General Public License\r
	15	* along with IPCop; if not, write to the Free Software\r
	16	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\r
	17	*\r
	18	* Copyright (C) 2003-06-25 Tim Butterfield <timbutterfield@mindspring.com>\r
	19	*\r
	20	* $Id: ipcoprscfg.c,v 1.2.2.6 2005/11/21 00:11:39 franck78 Exp $\r
	21	*\r
	22	*/\r
	23	\r
	24	#include <stdio.h>\r
	25	#include <string.h>\r
	26	#include <stdlib.h>\r
	27	#include <unistd.h>\r
	28	#include <sys/types.h>\r
	29	#include <sys/stat.h>\r
	30	#include <fcntl.h>\r
	31	#include <grp.h>\r
	32	#include <dirent.h>\r
	33	#include "setuid.h"\r
	34	\r
	35	#define TMP_FILEZ "/tmp/TMPFILE.tar.gz"\r
	36	#define TMP_FILE "/tmp/TMPFILE.tar"\r
	37	\r
	38	/* check existence of a data file */\r
	39	int data_exists(const char *hostname) {\r
	40	char fname[STRING_SIZE];\r
	41	snprintf (fname, STRING_SIZE-1, MOUNTPOINT"/%s.dat", hostname);\r
	42	return file_exists(fname);\r
	43	}\r
	44	\r
	45	\r
	46	int main(int argc, char**argv) {\r
	47	int rshardware=0;\r
	48	char command[STRING_SIZE];\r
	49	char hostname[STRING_SIZE];\r
	50	\r
	51	if (argc==2 && strcmp(argv[1],"--hardware")==0)\r
	52	rshardware=1; // restore hardware settings\r
	53	\r
	54	gethostname(hostname, STRING_SIZE-1);\r
	55	\r
	56	/* Init setuid */\r
	57	if (!initsetuid())\r
	58	exit(1);\r
	59	\r
	60	/* if a key file exists, an encrypted .dat is required */\r
	61	if (!file_exists(BACKUP_KEY)) {\r
	62	fprintf (stderr, "Missing encryption key\n");\r
	63	exit (ERR_DECRYPT);\r
	64	}\r
65	\r
66	\r
67	if (!data_exists(hostname)) {\r
68	fprintf (stderr, "Missing encrypted archive "MOUNTPOINT"/%s.dat archive\n", hostname);\r
69	exit (ERR_DAT);\r
70	}\r
71	\r
72	/* decrypt .dat file to tmp file */\r
73	snprintf (command, STRING_SIZE-1, "/usr/bin/openssl des3 -d -salt -in "MOUNTPOINT"/%s.dat -out "TMP_FILEZ" -kfile "BACKUP_KEY" > /dev/null 2> /dev/null", hostname);\r
74	if (safe_system (command)) {\r
75	fprintf (stderr, "Couldn't decrypt "MOUNTPOINT"/%s.dat archive\n", hostname);\r
76	exit (ERR_DECRYPT);\r
77	}\r
78	\r
79	/* create temporary directory for testing untar */\r
80	char tmp_dir[STRING_SIZE];\r
81	\r
82	strcpy (tmp_dir,"cfg_XXXXXXX");\r
83	if (mkdtemp (tmp_dir)==NULL) {\r
84	unlink (TMP_FILEZ);\r
85	exit (ERR_ANY);\r
86	}\r
87	\r
88	/* Start (test) untarring files from compressed archive */\r
89	snprintf (command, STRING_SIZE-1, "/bin/tar -C %s -xzvf "TMP_FILEZ" > /dev/null 2> /dev/null",tmp_dir);\r
90	if (safe_system (command)) {\r
91	fprintf (stderr, "Archive have errors!\n");\r
92	unlink (TMP_FILEZ);\r
93	exit (ERR_UNTARTST);\r
94	}\r
95	\r
96	/* remove temporary directory */\r
97	snprintf (command, STRING_SIZE-1, "/bin/rm -rf %s > /dev/null 2> /dev/null",tmp_dir);\r
98	safe_system (command);\r
99	\r
100	/* Start (real) untarring files from compressed archive */\r
101	char extraX[STRING_SIZE] = "";\r
102	int retcode = 0;\r
103	if (rshardware==0) { /* extra eXclusion from restore */\r
104	strcpy (extraX, "-X "CONFIG_ROOT"/backup/exclude.hardware ");\r
105	}\r
106	snprintf (command, STRING_SIZE-1, "/bin/tar -C / -xzvf "TMP_FILEZ" -X "CONFIG_ROOT"/backup/exclude.system %s > /dev/null 2> /dev/null", extraX);\r
107	if (safe_system (command)) {\r
108	fprintf (stderr, "Error restoring archive\n");\r
109	retcode = ERR_UNTAR;\r
110	}\r
111	\r
112	/* remove temporary archive copy */\r
113	unlink (TMP_FILEZ);\r
114	\r
115	exit(retcode);\r
116	}\r