]>
Commit | Line | Data |
---|---|---|
cd1a2927 MT |
1 | /*\r |
2 | * This file is part of the IPCop Firewall.\r | |
3 | *\r | |
4 | * IPCop is free software; you can redistribute it and/or modify\r | |
5 | * it under the terms of the GNU General Public License as published by\r | |
6 | * the Free Software Foundation; either version 2 of the License, or\r | |
7 | * (at your option) any later version.\r | |
8 | *\r | |
9 | * IPCop is distributed in the hope that it will be useful,\r | |
10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of\r | |
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r | |
12 | * GNU General Public License for more details.\r | |
13 | *\r | |
14 | * You should have received a copy of the GNU General Public License\r | |
15 | * along with IPCop; if not, write to the Free Software\r | |
16 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\r | |
17 | *\r | |
18 | * Copyright (C) 2003-06-25 Tim Butterfield <timbutterfield@mindspring.com>\r | |
19 | *\r | |
20 | * $Id: ipcopbkcfg.c,v 1.2.2.6 2005/11/20 23:20:13 franck78 Exp $\r | |
21 | *\r | |
22 | */\r | |
23 | \r | |
24 | #include <stdio.h>\r | |
25 | #include <string.h>\r | |
26 | #include <stdlib.h>\r | |
27 | #include <unistd.h>\r | |
28 | #include <sys/types.h>\r | |
29 | #include <sys/stat.h>\r | |
30 | #include <fcntl.h>\r | |
31 | #include <grp.h>\r | |
32 | #include <dirent.h>\r | |
33 | #include "setuid.h"\r | |
34 | \r | |
35 | \r | |
36 | #define EXCLUDE_HARDWARE "exclude.hardware" // exclude file not used on backup but only optionally on restore\r | |
37 | #define TMP_TAR "/tmp/backup.tar"\r | |
38 | \r | |
39 | char tempincfilename[STRING_SIZE] = ""; /* temp include file name */\r | |
40 | char tempexcfilename[STRING_SIZE] = ""; /* temp exclude file name */\r | |
41 | char temptarfilename[STRING_SIZE] = "";\r | |
42 | \r | |
43 | /* add fname contents to outfile */\r | |
44 | void add_file(int outfile, const char *fname, int verbose)\r | |
45 | {\r | |
46 | FILE *freadfile;\r | |
47 | char fbuff[STRING_SIZE];\r | |
48 | \r | |
49 | if (!(freadfile = fopen(fname, "r"))) {\r | |
50 | /* skip this file */\r | |
51 | return;\r | |
52 | }\r | |
53 | \r | |
54 | while (fgets(fbuff, STRING_SIZE-1, freadfile) != NULL) {\r | |
55 | int offset=0;\r | |
56 | char *ch;\r | |
57 | char chk_space=1;\r | |
58 | \r | |
59 | /* trim string in place - don't remove spaces in middle */\r | |
60 | ch = fbuff;\r | |
61 | while (*ch) {\r | |
62 | if (*ch == '\r' || *ch == '\n') {\r | |
63 | *ch = '\0';\r | |
64 | }\r | |
65 | \r | |
66 | if (offset) {\r | |
67 | *(ch-offset) = *ch;\r | |
68 | }\r | |
69 | \r | |
70 | if (*ch == '\t' || *ch == ' ') {\r | |
71 | if (chk_space) {\r | |
72 | offset++;\r | |
73 | }\r | |
74 | } else {\r | |
75 | chk_space=0;\r | |
76 | }\r | |
77 | \r | |
78 | ch++;\r | |
79 | }\r | |
80 | \r | |
81 | /* remove trailing spaces */\r | |
82 | ch = fbuff + strlen(fbuff) - 1;\r | |
83 | while (*ch) {\r | |
84 | if (*ch == '\t' || *ch == ' ') {\r | |
85 | *ch = '\0';\r | |
86 | --ch;\r | |
87 | } else {\r | |
88 | break;\r | |
89 | }\r | |
90 | }\r | |
91 | \r | |
92 | /* validate name and add it */\r | |
93 | chdir ("/"); /* support both absolute and relative path */\r | |
94 | if (*fbuff) {\r | |
95 | if (file_exists_w(fbuff)) {\r | |
96 | strcat(fbuff, "\n");\r | |
97 | write(outfile, fbuff, strlen(fbuff));\r | |
98 | if (verbose)\r | |
99 | fprintf(stdout, " %s", fbuff);\r | |
100 | }\r | |
101 | }\r | |
102 | }\r | |
103 | fclose(freadfile);\r | |
104 | }\r | |
105 | \r | |
106 | \r | |
107 | /* combine files starting with fnamebase into outfile */\r | |
108 | int cmb_files(int outfile, const char *fnamebase, int verbose)\r | |
109 | {\r | |
110 | /* scan the directory and add matching files */\r | |
111 | struct dirent **namelist;\r | |
112 | int namecount;\r | |
113 | char addfilename[STRING_SIZE];\r | |
114 | \r | |
115 | /* scan the directory and get a count of the files */\r | |
116 | if ((namecount=scandir(CONFIG_ROOT"/backup", &namelist, 0, alphasort))<0) {\r | |
117 | fprintf(stderr, "No files found\n");\r | |
118 | exit(1);\r | |
119 | }\r | |
120 | \r | |
121 | /* process the scanned names */\r | |
122 | while (namecount--) {\r | |
123 | /* check names - compare beginning of name, ignoring case, ignore EXCLUDE_HARDWARE */\r | |
124 | if ((strncasecmp(fnamebase, namelist[namecount]->d_name, strlen(fnamebase))==0) &&\r | |
125 | (strncmp(EXCLUDE_HARDWARE,namelist[namecount]->d_name, strlen(EXCLUDE_HARDWARE)))) {\r | |
126 | /* add the contents for this name to output file */\r | |
127 | sprintf(addfilename, CONFIG_ROOT"/backup/%s", namelist[namecount]->d_name);\r | |
128 | if (verbose)\r | |
129 | fprintf(stdout, "%s\n", namelist[namecount]->d_name);\r | |
130 | add_file(outfile, addfilename, verbose);\r | |
131 | free(namelist[namecount]);\r | |
132 | if (verbose)\r | |
133 | fprintf(stdout, "\n");\r | |
134 | }\r | |
135 | }\r | |
136 | free(namelist);\r | |
137 | return 0;\r | |
138 | }\r | |
139 | \r | |
140 | void exithandler(void)\r | |
141 | {\r | |
142 | /* clean up temporary files */\r | |
143 | if (temptarfilename)\r | |
144 | unlink (temptarfilename);\r | |
145 | if (tempincfilename)\r | |
146 | unlink (tempincfilename);\r | |
147 | if (tempexcfilename)\r | |
148 | unlink (tempexcfilename);\r | |
149 | }\r | |
150 | \r | |
151 | int main(int argc, char**argv)\r | |
152 | {\r | |
153 | int verbose=0;\r | |
154 | char command[STRING_SIZE];\r | |
155 | char hostname[STRING_SIZE];\r | |
156 | int includefile, excludefile;\r | |
157 | \r | |
158 | if (!(initsetuid()))\r | |
159 | exit(1);\r | |
160 | \r | |
161 | if (argc==2 && strcmp(argv[1],"--verbose")==0)\r | |
162 | verbose=1; // display to stdout wich (ex|in)clude files are used\r | |
163 | \r | |
164 | gethostname(hostname, STRING_SIZE-1);\r | |
165 | \r | |
166 | if (!file_exists(BACKUP_KEY)) {\r | |
167 | fprintf (stderr, "Couldn't locate encryption key\n");\r | |
168 | exit (ERR_KEY);\r | |
169 | }\r | |
170 | \r | |
171 | /* now exithandler will have something to erase */ \r | |
172 | atexit(exithandler);\r | |
173 | \r | |
174 | /* combine every include and exclude files in backup directory into two temp file\r | |
175 | * at the exception of exclude.hardware only used optionally on restore */\r | |
176 | /* create/open temp output file */\r | |
177 | // Todo: use -X exclude.files and for include.files, build the list on command line\r | |
178 | // to avoid unneccesary files manipulations\r | |
179 | strcpy (tempincfilename, "/tmp/backup-inclusion.XXXXXX");\r | |
180 | strcpy (tempexcfilename, "/tmp/backup-exclusion.XXXXXX");\r | |
181 | if ( (!(includefile = mkstemp (tempincfilename)) > 0) ||\r | |
182 | (!(excludefile = mkstemp (tempexcfilename)) > 0) ){\r | |
183 | fprintf(stderr, "Couldn't create temporary file.\n");\r | |
184 | exit(1);\r | |
185 | }\r | |
186 | cmb_files(includefile, "include.", verbose);\r | |
187 | close(includefile);\r | |
188 | cmb_files(excludefile, "exclude.", verbose);\r | |
189 | close(excludefile);\r | |
190 | \r | |
191 | /* Create temporary tarfile */\r | |
192 | strcpy (temptarfilename, TMP_TAR);\r | |
193 | \r | |
194 | /* Start tarring files to temp archive\r | |
195 | W (verify) and z (compress) tar options can't be used together, so separate tar from gzip */\r | |
196 | snprintf (command, STRING_SIZE-1, "/bin/tar -T %s -X %s -C / -cWf %s > /dev/null 2> /dev/null",\r | |
197 | tempincfilename, tempexcfilename, temptarfilename);\r | |
198 | if (safe_system (command)) {\r | |
199 | fprintf (stderr, "Couldn't create %s file\n", temptarfilename);\r | |
200 | exit (ERR_TAR);\r | |
201 | }\r | |
202 | unlink (tempincfilename);\r | |
203 | strcpy (tempincfilename,"");\r | |
204 | unlink (tempexcfilename);\r | |
205 | strcpy (tempincfilename,"");\r | |
206 | \r | |
207 | /* Compress archive */\r | |
208 | snprintf (command, STRING_SIZE-1, "/bin/gzip -c < %s > "MOUNTPOINT"/%s.tar.gz", temptarfilename, hostname);\r | |
209 | if (safe_system (command)) {\r | |
210 | fprintf (stderr, "Couldn't create "MOUNTPOINT"%s.tar.gz file\n", hostname);\r | |
211 | exit (ERR_GZ);\r | |
212 | }\r | |
213 | unlink (temptarfilename);\r | |
214 | strcpy (temptarfilename,"");\r | |
215 | \r | |
216 | /* Display to stdout include files names */\r | |
217 | snprintf (command, STRING_SIZE-1, "/bin/tar -ztf "MOUNTPOINT"/%s.tar.gz", hostname);\r | |
218 | if (safe_system (command)) {\r | |
219 | fprintf (stderr, "Couldn't read %s.tar.gz file\n", hostname);\r | |
220 | exit (ERR_TAR);\r | |
221 | }\r | |
222 | \r | |
223 | /* Encrypt archive */\r | |
224 | snprintf (command, STRING_SIZE-1,\r | |
225 | "/usr/bin/openssl des3 -e -salt -in "MOUNTPOINT"/%s.tar.gz "\r | |
226 | "-out "MOUNTPOINT"/%s.dat -kfile " BACKUP_KEY, hostname, hostname);\r | |
227 | if (safe_system (command)) {\r | |
228 | fprintf (stderr, "Couldn't encrypt archive\n");\r | |
229 | exit (ERR_ENCRYPT);\r | |
230 | }\r | |
231 | snprintf (command, STRING_SIZE-1, MOUNTPOINT"/%s.tar.gz", hostname);\r | |
232 | unlink (command);\r | |
233 | \r | |
234 | /* Make sure web can overwrite */\r | |
235 | snprintf (command, STRING_SIZE-1, MOUNTPOINT"/%s.dat", hostname);\r | |
236 | chown (command, 99, 99);\r | |
237 | \r | |
238 | exit(0);\r | |
239 | }\r |