[people/pmueller/ipfire-2.x.git] / src / misc-progs / setuid.h

/* SmoothWall helper program - header file\r
 *\r
 * This program is distributed under the terms of the GNU General Public\r
 * Licence.  See the file COPYING for details.\r
 * Simple header file for all setuid progs.\r
 * \r
 * $Id: setuid.h,v 1.4.2.4 2005/11/20 23:20:13 franck78 Exp $\r
 * \r
 */\r
\r
#ifndef SETUID_H\r
#define SETUID_H 1\r
\r
#include <stdlib.h>\r
#include <sys/types.h>\r
\r
/* As nothing in setuid.c uses STRING_SIZE specifically there's no real reason\r
 * to redefine it if it already is set */\r
#ifndef STRING_SIZE\r
#define STRING_SIZE 256\r
#endif\r
#define LETTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"\r
#define NUMBERS "0123456789"\r
#define LETTERS_NUMBERS LETTERS NUMBERS\r
#define IP_NUMBERS "./" NUMBERS\r
#define PORT_NUMBERS ":-" NUMBERS\r
#define VALID_FQDN LETTERS_NUMBERS ".-"\r
\r
\r
#define VALID_IP(ip) (strlen(ip) > 6 \\r
                   && strlen(ip) < 16 \\r
                   && strspn(ip, NUMBERS ".") == strlen(ip))\r
\r
#define VALID_IP_AND_MASK(ip) (strlen(ip) > 6 \\r
                            && strlen(ip) < 32 \\r
                            && strspn(ip, IP_NUMBERS) == strlen(ip))\r
\r
#define VALID_PORT(port) (strlen(port) \\r
                       && strlen(port) < 6 \\r
                       && strspn(port, NUMBERS) == strlen(port))\r
\r
#define VALID_PORT_RANGE(port) (strlen(port) \\r
                             && strlen(port) < 12 \\r
                             && strspn(port, PORT_NUMBERS) == strlen(port))\r
\r
#define VALID_SHORT_MASK(ip) (strlen(ip) > 1 \\r
                             && strlen(ip) < 3 \\r
                             && strspn(ip, NUMBERS) == strlen(ip))\r
\r
/* Can't find any info on valid characters/length hopefully these are\r
 * reasonable guesses */\r
#define VALID_DEVICE(dev) (strlen(dev) \\r
                        && strlen(dev) < 16 \\r
                        && strspn(dev, LETTERS_NUMBERS ":.") == strlen(dev))\r
\r
/* Again, can't find any hard and fast rules for protocol names, these\r
 * restrictions are based on the keywords currently listed in\r
 * <http://www.iana.org/assignments/protocol-numbers>\r
 * though currently the ipcop cgis will only pass tcp, udp or gre anyway */\r
#define VALID_PROTOCOL(prot) (strlen(prot) \\r
                          &&  strlen(prot) <16 \\r
                          &&  strspn(prot, LETTERS_NUMBERS "-") == strlen(prot))\r
\r
extern char * trusted_env[4];\r
\r
int system_core(char* command, uid_t uid, gid_t gid, char *error);\r
int safe_system(char* command);\r
int unpriv_system(char* command, uid_t uid, gid_t gid);\r
size_t strlcat(char *dst, const char *src, size_t len);\r
int initsetuid(void);\r
\r
/* check whether a file exists */\r
int file_exists(const char *fname);	    \r
int file_exists_w(const char *fname); //wildcard filename test	    \r
\r
// Backup restore\r
#define MOUNTPOINT "/home/httpd/html/backup"\r
#define BACKUP_KEY CONFIG_ROOT"/backup/backup.key"\r
\r
/* defines for config create/restore return status*/\r
#define ERR_ANY      1   // unspecified error\r
#define ERR_KEY      2   // error creating key file\r
#define ERR_TAR      3   // error creating .tar\r
#define ERR_GZ       4   // error creating .tar.gz\r
#define ERR_ENCRYPT  5   // error creating .dat\r
#define ERR_DECRYPT  6   // error decrypting .dat file\r
#define ERR_UNTARTST 7   // error (test) untarring .tar.gz\r
#define ERR_UNTAR    8   // error (real) untarring .tar.gz\r
#define ERR_DAT      9   // missing .dat file\r
\r
#endif\r
Commit	Line	Data
cd1a2927 MT	1	/* SmoothWall helper program - header file\r
	2	*\r
	3	* This program is distributed under the terms of the GNU General Public\r
	4	* Licence. See the file COPYING for details.\r
	5	* Simple header file for all setuid progs.\r
	6	* \r
	7	* $Id: setuid.h,v 1.4.2.4 2005/11/20 23:20:13 franck78 Exp $\r
	8	* \r
	9	*/\r
	10	\r
	11	#ifndef SETUID_H\r
	12	#define SETUID_H 1\r
	13	\r
	14	#include <stdlib.h>\r
	15	#include <sys/types.h>\r
	16	\r
	17	/* As nothing in setuid.c uses STRING_SIZE specifically there's no real reason\r
	18	* to redefine it if it already is set */\r
	19	#ifndef STRING_SIZE\r
	20	#define STRING_SIZE 256\r
	21	#endif\r
	22	#define LETTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"\r
	23	#define NUMBERS "0123456789"\r
	24	#define LETTERS_NUMBERS LETTERS NUMBERS\r
	25	#define IP_NUMBERS "./" NUMBERS\r
	26	#define PORT_NUMBERS ":-" NUMBERS\r
	27	#define VALID_FQDN LETTERS_NUMBERS ".-"\r
	28	\r
	29	\r
	30	#define VALID_IP(ip) (strlen(ip) > 6 \\r
	31	&& strlen(ip) < 16 \\r
	32	&& strspn(ip, NUMBERS ".") == strlen(ip))\r
	33	\r
	34	#define VALID_IP_AND_MASK(ip) (strlen(ip) > 6 \\r
	35	&& strlen(ip) < 32 \\r
	36	&& strspn(ip, IP_NUMBERS) == strlen(ip))\r
	37	\r
	38	#define VALID_PORT(port) (strlen(port) \\r
	39	&& strlen(port) < 6 \\r
	40	&& strspn(port, NUMBERS) == strlen(port))\r
	41	\r
	42	#define VALID_PORT_RANGE(port) (strlen(port) \\r
	43	&& strlen(port) < 12 \\r
	44	&& strspn(port, PORT_NUMBERS) == strlen(port))\r
	45	\r
	46	#define VALID_SHORT_MASK(ip) (strlen(ip) > 1 \\r
	47	&& strlen(ip) < 3 \\r
	48	&& strspn(ip, NUMBERS) == strlen(ip))\r
	49	\r
	50	/* Can't find any info on valid characters/length hopefully these are\r
	51	* reasonable guesses */\r
	52	#define VALID_DEVICE(dev) (strlen(dev) \\r
	53	&& strlen(dev) < 16 \\r
	54	&& strspn(dev, LETTERS_NUMBERS ":.") == strlen(dev))\r
	55	\r
	56	/* Again, can't find any hard and fast rules for protocol names, these\r
	57	* restrictions are based on the keywords currently listed in\r
	58	* <http://www.iana.org/assignments/protocol-numbers>\r
	59	* though currently the ipcop cgis will only pass tcp, udp or gre anyway */\r
	60	#define VALID_PROTOCOL(prot) (strlen(prot) \\r
	61	&& strlen(prot) <16 \\r
	62	&& strspn(prot, LETTERS_NUMBERS "-") == strlen(prot))\r
	63	\r
	64	extern char * trusted_env[4];\r
65	\r
66	int system_core(char* command, uid_t uid, gid_t gid, char *error);\r
67	int safe_system(char* command);\r
68	int unpriv_system(char* command, uid_t uid, gid_t gid);\r
69	size_t strlcat(char dst, const char src, size_t len);\r
70	int initsetuid(void);\r
71	\r
72	/* check whether a file exists */\r
73	int file_exists(const char *fname); \r
74	int file_exists_w(const char *fname); //wildcard filename test \r
75	\r
76	// Backup restore\r
77	#define MOUNTPOINT "/home/httpd/html/backup"\r
78	#define BACKUP_KEY CONFIG_ROOT"/backup/backup.key"\r
79	\r
80	/* defines for config create/restore return status*/\r
81	#define ERR_ANY 1 // unspecified error\r
82	#define ERR_KEY 2 // error creating key file\r
83	#define ERR_TAR 3 // error creating .tar\r
84	#define ERR_GZ 4 // error creating .tar.gz\r
85	#define ERR_ENCRYPT 5 // error creating .dat\r
86	#define ERR_DECRYPT 6 // error decrypting .dat file\r
87	#define ERR_UNTARTST 7 // error (test) untarring .tar.gz\r
88	#define ERR_UNTAR 8 // error (real) untarring .tar.gz\r
89	#define ERR_DAT 9 // missing .dat file\r
90	\r
91	#endif\r