[thirdparty/cups.git] / scheduler / file.c

/*
 * "$Id$"
 *
 *   File functions for the CUPS scheduler.
 *
 *   Copyright 2007-2013 by Apple Inc.
 *   Copyright 1997-2007 by Easy Software Products, all rights reserved.
 *
 *   These coded instructions, statements, and computer programs are the
 *   property of Apple Inc. and are protected by Federal copyright
 *   law.  Distribution and use rights are outlined in the file "LICENSE.txt"
 *   "LICENSE" which should have been included with this file.  If this
 *   file is missing or damaged, see the license at "http://www.cups.org/".
 *
 * Contents:
 *
 *   cupsdCleanFiles()		 - Clean out old files.
 *   cupsdCloseCreatedConfFile() - Close a created configuration file and move
 *				   into place.
 *   cupsdClosePipe()		 - Close a pipe as necessary.
 *   cupsdCreateConfFile()	 - Create a configuration file safely.
 *   cupsdOpenConfFile()	 - Open a configuration file.
 *   cupsdOpenPipe()		 - Create a pipe which is closed on exec.
 *   cupsdRemoveFile()		 - Remove a file securely.
 *   cupsdUnlinkOrRemoveFile()	 - Unlink or securely remove a file depending
 *				   on the configuration.
 *   overwrite_data()		 - Overwrite the data in a file.
 */

/*
 * Include necessary headers...
 */

#include "cupsd.h"
#include <cups/dir.h>
#include <fnmatch.h>
#ifdef HAVE_REMOVEFILE
#  include <removefile.h>
#else
static int	overwrite_data(int fd, const char *buffer, int bufsize,
		               int filesize);
#endif /* HAVE_REMOVEFILE */


/*
 * 'cupsdCleanFiles()' - Clean out old files.
 */

void
cupsdCleanFiles(const char *path,	/* I - Directory to clean */
                const char *pattern)	/* I - Filename pattern or NULL */
{
  cups_dir_t	*dir;			/* Directory */
  cups_dentry_t	*dent;			/* Directory entry */
  char		filename[1024];		/* Filename */
  int		status;			/* Status from unlink/rmdir */


  cupsdLogMessage(CUPSD_LOG_DEBUG,
                  "cupsdCleanFiles(path=\"%s\", pattern=\"%s\")", path,
		  pattern ? pattern : "(null)");

  if ((dir = cupsDirOpen(path)) == NULL)
  {
    cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to open directory \"%s\" - %s",
		    path, strerror(errno));
    return;
  }

  cupsdLogMessage(CUPSD_LOG_INFO, "Cleaning out old files in \"%s\".", path);

  while ((dent = cupsDirRead(dir)) != NULL)
  {
    if (pattern && fnmatch(pattern, dent->filename, 0))
      continue;

    snprintf(filename, sizeof(filename), "%s/%s", path, dent->filename);

    if (S_ISDIR(dent->fileinfo.st_mode))
    {
      cupsdCleanFiles(filename, pattern);

      status = rmdir(filename);
    }
    else
      status = cupsdUnlinkOrRemoveFile(filename);

    if (status)
      cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to remove \"%s\" - %s", filename,
		      strerror(errno));
  }

  cupsDirClose(dir);
}


/*
 * 'cupsdCloseCreatedConfFile()' - Close a created configuration file and move
 *                                 into place.
 */

int					/* O - 0 on success, -1 on error */
cupsdCloseCreatedConfFile(
    cups_file_t *fp,			/* I - File to close */
    const char  *filename)		/* I - Filename */
{
  char	newfile[1024],			/* filename.N */
	oldfile[1024];			/* filename.O */


 /*
  * First close the file...
  */

  if (cupsFileClose(fp))
    return (-1);

 /*
  * Then remove "filename.O", rename "filename" to "filename.O", and rename
  * "filename.N" to "filename".
  */

  snprintf(newfile, sizeof(newfile), "%s.N", filename);
  snprintf(oldfile, sizeof(oldfile), "%s.O", filename);

  if ((cupsdUnlinkOrRemoveFile(oldfile) && errno != ENOENT) ||
      (rename(filename, oldfile) && errno != ENOENT) ||
      rename(newfile, filename))
  {
    cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to finalize \"%s\": %s",
                    filename, strerror(errno));
    return (-1);
  }

  return (0);
}


/*
 * 'cupsdClosePipe()' - Close a pipe as necessary.
 */

void
cupsdClosePipe(int *fds)		/* I - Pipe file descriptors (2) */
{
 /*
  * Close file descriptors as needed...
  */

  if (fds[0] >= 0)
  {
    close(fds[0]);
    fds[0] = -1;
  }

  if (fds[1] >= 0)
  {
    close(fds[1]);
    fds[1] = -1;
  }
}


/*
 * 'cupsdCreateConfFile()' - Create a configuration file safely.
 */

cups_file_t *				/* O - File pointer */
cupsdCreateConfFile(
    const char *filename,		/* I - Filename */
    mode_t     mode)			/* I - Permissions */
{
  cups_file_t	*fp;			/* File pointer */
  char		newfile[1024];		/* filename.N */


  snprintf(newfile, sizeof(newfile), "%s.N", filename);
  if ((fp = cupsFileOpen(newfile, "w")) == NULL)
  {
    cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create \"%s\": %s", newfile,
		    strerror(errno));
  }
  else
  {
    if (!getuid() && fchown(cupsFileNumber(fp), getuid(), Group))
      cupsdLogMessage(CUPSD_LOG_WARN, "Unable to change group for \"%s\": %s",
		      newfile, strerror(errno));

    if (fchmod(cupsFileNumber(fp), mode))
      cupsdLogMessage(CUPSD_LOG_WARN,
                      "Unable to change permissions for \"%s\": %s",
		      newfile, strerror(errno));
  }

  return (fp);
}


/*
 * 'cupsdOpenConfFile()' - Open a configuration file.
 *
 * This function looks for "filename.O" if "filename" does not exist and does
 * a rename as needed.
 */

cups_file_t *				/* O - File pointer */
cupsdOpenConfFile(const char *filename)	/* I - Filename */
{
  cups_file_t	*fp;			/* File pointer */


  if ((fp = cupsFileOpen(filename, "r")) == NULL)
  {
    if (errno == ENOENT)
    {
     /*
      * Try opening the backup file...
      */

      char	oldfile[1024];		/* filename.O */

      snprintf(oldfile, sizeof(oldfile), "%s.O", filename);
      fp = cupsFileOpen(oldfile, "r");
    }
    else
      cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to open \"%s\": %s", filename,
		      strerror(errno));
  }

  return (fp);
}


/*
 * 'cupsdOpenPipe()' - Create a pipe which is closed on exec.
 */

int					/* O - 0 on success, -1 on error */
cupsdOpenPipe(int *fds)			/* O - Pipe file descriptors (2) */
{
 /*
  * Create the pipe...
  */

  if (pipe(fds))
  {
    fds[0] = -1;
    fds[1] = -1;

    return (-1);
  }

 /*
  * Set the "close on exec" flag on each end of the pipe...
  */

  if (fcntl(fds[0], F_SETFD, fcntl(fds[0], F_GETFD) | FD_CLOEXEC))
  {
    close(fds[0]);
    close(fds[1]);

    fds[0] = -1;
    fds[1] = -1;

    return (-1);
  }

  if (fcntl(fds[1], F_SETFD, fcntl(fds[1], F_GETFD) | FD_CLOEXEC))
  {
    close(fds[0]);
    close(fds[1]);

    fds[0] = -1;
    fds[1] = -1;

    return (-1);
  }

 /*
  * Return 0 indicating success...
  */

  return (0);
}


/*
 * 'cupsdRemoveFile()' - Remove a file securely.
 */

int					/* O - 0 on success, -1 on error */
cupsdRemoveFile(const char *filename)	/* I - File to remove */
{
#ifdef HAVE_REMOVEFILE
 /*
  * See if the file exists...
  */

  if (access(filename, 0))
    return (0);

  cupsdLogMessage(CUPSD_LOG_DEBUG, "Securely removing \"%s\".", filename);

 /*
  * Remove the file...
  */

  return (removefile(filename, NULL, REMOVEFILE_SECURE_1_PASS));

#else
  int			fd;		/* File descriptor */
  struct stat		info;		/* File information */
  char			buffer[512];	/* Data buffer */
  int			i;		/* Looping var */


 /*
  * See if the file exists...
  */

  if (access(filename, 0))
    return (0);

  cupsdLogMessage(CUPSD_LOG_DEBUG, "Securely removing \"%s\".", filename);

 /*
  * First open the file for writing in exclusive mode.
  */

  if ((fd = open(filename, O_WRONLY | O_EXCL)) < 0)
    return (-1);

 /*
  * Delete the file now - it will still be around as long as the file is
  * open...
  */

  if (unlink(filename))
  {
    close(fd);
    return (-1);
  }

 /*
  * Then get the file size...
  */

  if (fstat(fd, &info))
  {
    close(fd);
    return (-1);
  }

 /*
  * Overwrite the file with random data.
  */

  CUPS_SRAND(time(NULL));

  for (i = 0; i < sizeof(buffer); i ++)
    buffer[i] = CUPS_RAND();
  if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size))
  {
    close(fd);
    return (-1);
  }

 /*
  * Close the file, which will lead to the actual deletion, and return...
  */

  return (close(fd));
#endif /* HAVE_REMOVEFILE */
}


/*
 * 'cupsdUnlinkOrRemoveFile()' - Unlink or securely remove a file depending
 *                               on the configuration.
 */

int					/* O - 0 on success, -1 on error */
cupsdUnlinkOrRemoveFile(
    const char *filename)		/* I - Filename */
{
  if (Classification)
    return (cupsdRemoveFile(filename));
  else
    return (unlink(filename));
}


#ifndef HAVE_REMOVEFILE
/*
 * 'overwrite_data()' - Overwrite the data in a file.
 */

static int				/* O - 0 on success, -1 on error */
overwrite_data(int        fd,		/* I - File descriptor */
               const char *buffer,	/* I - Buffer to write */
	       int        bufsize,	/* I - Size of buffer */
               int        filesize)	/* I - Size of file */
{
  int	bytes;				/* Bytes to write/written */


 /*
  * Start at the beginning of the file...
  */

  if (lseek(fd, 0, SEEK_SET) < 0)
    return (-1);

 /*
  * Fill the file with the provided data...
  */

  while (filesize > 0)
  {
    if (filesize > bufsize)
      bytes = bufsize;
    else
      bytes = filesize;

    if ((bytes = write(fd, buffer, bytes)) < 0)
      return (-1);

    filesize -= bytes;
  }

 /*
  * Force the changes to disk...
  */

  return (fsync(fd));
}
#endif /* HAVE_REMOVEFILE */


/*
 * End of "$Id$".
 */
Commit	Line	Data
321d8d57 MS	1	/*
	2	* "$Id$"
	3	*
	4	* File functions for the CUPS scheduler.
	5	*
cb7f98ee	6	* Copyright 2007-2013 by Apple Inc.
321d8d57 MS	7	* Copyright 1997-2007 by Easy Software Products, all rights reserved.
	8	*
	9	* These coded instructions, statements, and computer programs are the
	10	* property of Apple Inc. and are protected by Federal copyright
	11	* law. Distribution and use rights are outlined in the file "LICENSE.txt"
	12	* "LICENSE" which should have been included with this file. If this
	13	* file is missing or damaged, see the license at "http://www.cups.org/".
	14	*
	15	* Contents:
	16	*
cb7f98ee	17	* cupsdCleanFiles() - Clean out old files.
321d8d57	18	* cupsdCloseCreatedConfFile() - Close a created configuration file and move
cb7f98ee MS	19	* into place.
	20	* cupsdClosePipe() - Close a pipe as necessary.
	21	* cupsdCreateConfFile() - Create a configuration file safely.
	22	* cupsdOpenConfFile() - Open a configuration file.
	23	* cupsdOpenPipe() - Create a pipe which is closed on exec.
	24	* cupsdRemoveFile() - Remove a file securely.
	25	* cupsdUnlinkOrRemoveFile() - Unlink or securely remove a file depending
	26	* on the configuration.
	27	* overwrite_data() - Overwrite the data in a file.
321d8d57 MS	28	*/
	29
	30	/*
	31	* Include necessary headers...
	32	*/
	33
	34	#include "cupsd.h"
	35	#include <cups/dir.h>
	36	#include <fnmatch.h>
	37	#ifdef HAVE_REMOVEFILE
	38	# include <removefile.h>
	39	#else
	40	static int overwrite_data(int fd, const char *buffer, int bufsize,
	41	int filesize);
	42	#endif /* HAVE_REMOVEFILE */
	43
	44
	45	/*
	46	* 'cupsdCleanFiles()' - Clean out old files.
	47	*/
cb7f98ee	48
321d8d57 MS	49	void
	50	cupsdCleanFiles(const char path, / I - Directory to clean */
	51	const char pattern) / I - Filename pattern or NULL */
	52	{
	53	cups_dir_t dir; / Directory */
	54	cups_dentry_t dent; / Directory entry */
	55	char filename[1024]; /* Filename */
	56	int status; /* Status from unlink/rmdir */
	57
	58
	59	cupsdLogMessage(CUPSD_LOG_DEBUG,
	60	"cupsdCleanFiles(path=\"%s\", pattern=\"%s\")", path,
	61	pattern ? pattern : "(null)");
	62
	63	if ((dir = cupsDirOpen(path)) == NULL)
	64	{
	65	cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to open directory \"%s\" - %s",
	66	path, strerror(errno));
	67	return;
	68	}
	69
cb7f98ee	70	cupsdLogMessage(CUPSD_LOG_INFO, "Cleaning out old files in \"%s\".", path);
321d8d57 MS	71
	72	while ((dent = cupsDirRead(dir)) != NULL)
	73	{
	74	if (pattern && fnmatch(pattern, dent->filename, 0))
	75	continue;
	76
	77	snprintf(filename, sizeof(filename), "%s/%s", path, dent->filename);
	78
	79	if (S_ISDIR(dent->fileinfo.st_mode))
	80	{
	81	cupsdCleanFiles(filename, pattern);
	82
	83	status = rmdir(filename);
	84	}
	85	else
cb7f98ee	86	status = cupsdUnlinkOrRemoveFile(filename);
321d8d57 MS	87
	88	if (status)
	89	cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to remove \"%s\" - %s", filename,
	90	strerror(errno));
321d8d57 MS	91	}
	92
	93	cupsDirClose(dir);
	94	}
	95
	96
	97	/*
	98	* 'cupsdCloseCreatedConfFile()' - Close a created configuration file and move
	99	* into place.
	100	*/
	101
	102	int /* O - 0 on success, -1 on error */
	103	cupsdCloseCreatedConfFile(
	104	cups_file_t fp, / I - File to close */
	105	const char filename) / I - Filename */
	106	{
	107	char newfile[1024], /* filename.N */
	108	oldfile[1024]; /* filename.O */
	109
	110
	111	/*
	112	* First close the file...
	113	*/
	114
	115	if (cupsFileClose(fp))
	116	return (-1);
	117
	118	/*
	119	* Then remove "filename.O", rename "filename" to "filename.O", and rename
	120	* "filename.N" to "filename".
	121	*/
	122
	123	snprintf(newfile, sizeof(newfile), "%s.N", filename);
	124	snprintf(oldfile, sizeof(oldfile), "%s.O", filename);
	125
cb7f98ee	126	if ((cupsdUnlinkOrRemoveFile(oldfile) && errno != ENOENT) \|\|
321d8d57 MS	127	(rename(filename, oldfile) && errno != ENOENT) \|\|
	128	rename(newfile, filename))
	129	{
	130	cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to finalize \"%s\": %s",
	131	filename, strerror(errno));
	132	return (-1);
	133	}
	134
	135	return (0);
	136	}
	137
	138
	139	/*
	140	* 'cupsdClosePipe()' - Close a pipe as necessary.
	141	*/
	142
	143	void
	144	cupsdClosePipe(int fds) / I - Pipe file descriptors (2) */
	145	{
	146	/*
	147	* Close file descriptors as needed...
	148	*/
	149
	150	if (fds[0] >= 0)
	151	{
	152	close(fds[0]);
	153	fds[0] = -1;
	154	}
	155
	156	if (fds[1] >= 0)
	157	{
	158	close(fds[1]);
	159	fds[1] = -1;
	160	}
	161	}
	162
	163
	164	/*
	165	* 'cupsdCreateConfFile()' - Create a configuration file safely.
	166	*/
	167
	168	cups_file_t * /* O - File pointer */
	169	cupsdCreateConfFile(
	170	const char filename, / I - Filename */
	171	mode_t mode) /* I - Permissions */
	172	{
	173	cups_file_t fp; / File pointer */
	174	char newfile[1024]; /* filename.N */
	175
	176
	177	snprintf(newfile, sizeof(newfile), "%s.N", filename);
	178	if ((fp = cupsFileOpen(newfile, "w")) == NULL)
	179	{
	180	cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create \"%s\": %s", newfile,
	181	strerror(errno));
	182	}
	183	else
	184	{
	185	if (!getuid() && fchown(cupsFileNumber(fp), getuid(), Group))
	186	cupsdLogMessage(CUPSD_LOG_WARN, "Unable to change group for \"%s\": %s",
	187	newfile, strerror(errno));
	188
	189	if (fchmod(cupsFileNumber(fp), mode))
	190	cupsdLogMessage(CUPSD_LOG_WARN,
191	"Unable to change permissions for \"%s\": %s",
192	newfile, strerror(errno));
193	}
194
195	return (fp);
196	}
197
198
199	/*
200	* 'cupsdOpenConfFile()' - Open a configuration file.
201	*
202	* This function looks for "filename.O" if "filename" does not exist and does
203	* a rename as needed.
204	*/
205
206	cups_file_t * /* O - File pointer */
207	cupsdOpenConfFile(const char filename) / I - Filename */
208	{
209	cups_file_t fp; / File pointer */
210
211
212	if ((fp = cupsFileOpen(filename, "r")) == NULL)
213	{
214	if (errno == ENOENT)
215	{
216	/*
217	* Try opening the backup file...
218	*/
219
220	char oldfile[1024]; /* filename.O */
221
222	snprintf(oldfile, sizeof(oldfile), "%s.O", filename);
223	fp = cupsFileOpen(oldfile, "r");
224	}
225	else
226	cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to open \"%s\": %s", filename,
227	strerror(errno));
228	}
229
230	return (fp);
231	}
232
233
234	/*
235	* 'cupsdOpenPipe()' - Create a pipe which is closed on exec.
236	*/
237
238	int /* O - 0 on success, -1 on error */
239	cupsdOpenPipe(int fds) / O - Pipe file descriptors (2) */
240	{
241	/*
242	* Create the pipe...
243	*/
244
245	if (pipe(fds))
246	{
247	fds[0] = -1;
248	fds[1] = -1;
249
250	return (-1);
251	}
252
253	/*
254	* Set the "close on exec" flag on each end of the pipe...
255	*/
256
257	if (fcntl(fds[0], F_SETFD, fcntl(fds[0], F_GETFD) \| FD_CLOEXEC))
258	{
259	close(fds[0]);
260	close(fds[1]);
261
262	fds[0] = -1;
263	fds[1] = -1;
264
265	return (-1);
266	}
267
268	if (fcntl(fds[1], F_SETFD, fcntl(fds[1], F_GETFD) \| FD_CLOEXEC))
269	{
270	close(fds[0]);
271	close(fds[1]);
272
273	fds[0] = -1;
274	fds[1] = -1;
275
276	return (-1);
277	}
278
279	/*
280	* Return 0 indicating success...
281	*/
282
283	return (0);
284	}
285
286
287	/*
cb7f98ee	288	* 'cupsdRemoveFile()' - Remove a file securely.
321d8d57 MS	289	*/
	290
	291	int /* O - 0 on success, -1 on error */
	292	cupsdRemoveFile(const char filename) / I - File to remove */
	293	{
	294	#ifdef HAVE_REMOVEFILE
cb7f98ee MS	295	/*
	296	* See if the file exists...
	297	*/
	298
	299	if (access(filename, 0))
	300	return (0);
	301
	302	cupsdLogMessage(CUPSD_LOG_DEBUG, "Securely removing \"%s\".", filename);
	303
	304	/*
	305	* Remove the file...
	306	*/
	307
	308	return (removefile(filename, NULL, REMOVEFILE_SECURE_1_PASS));
321d8d57 MS	309
	310	#else
	311	int fd; /* File descriptor */
	312	struct stat info; /* File information */
	313	char buffer[512]; /* Data buffer */
	314	int i; /* Looping var */
	315
	316
cb7f98ee MS	317	/*
	318	* See if the file exists...
	319	*/
	320
	321	if (access(filename, 0))
	322	return (0);
	323
	324	cupsdLogMessage(CUPSD_LOG_DEBUG, "Securely removing \"%s\".", filename);
	325
321d8d57 MS	326	/*
	327	* First open the file for writing in exclusive mode.
	328	*/
	329
	330	if ((fd = open(filename, O_WRONLY \| O_EXCL)) < 0)
	331	return (-1);
	332
	333	/*
	334	* Delete the file now - it will still be around as long as the file is
	335	* open...
	336	*/
	337
	338	if (unlink(filename))
	339	{
	340	close(fd);
	341	return (-1);
	342	}
	343
	344	/*
	345	* Then get the file size...
	346	*/
	347
	348	if (fstat(fd, &info))
	349	{
	350	close(fd);
	351	return (-1);
	352	}
	353
	354	/*
cb7f98ee	355	* Overwrite the file with random data.
321d8d57 MS	356	*/
321d8d57 MS	357
321d8d57 MS	358	CUPS_SRAND(time(NULL));
	359
	360	for (i = 0; i < sizeof(buffer); i ++)
	361	buffer[i] = CUPS_RAND();
	362	if (overwrite_data(fd, buffer, sizeof(buffer), (int)info.st_size))
	363	{
	364	close(fd);
	365	return (-1);
	366	}
	367
321d8d57	368	/*
cb7f98ee	369	* Close the file, which will lead to the actual deletion, and return...
321d8d57 MS	370	*/
321d8d57 MS	371
cb7f98ee	372	return (close(fd));
321d8d57 MS	373	#endif /* HAVE_REMOVEFILE */
	374	}
	375
	376
cb7f98ee MS	377	/*
	378	* 'cupsdUnlinkOrRemoveFile()' - Unlink or securely remove a file depending
	379	* on the configuration.
	380	*/
	381
	382	int /* O - 0 on success, -1 on error */
	383	cupsdUnlinkOrRemoveFile(
	384	const char filename) / I - Filename */
	385	{
	386	if (Classification)
	387	return (cupsdRemoveFile(filename));
	388	else
	389	return (unlink(filename));
	390	}
	391
	392
321d8d57 MS	393	#ifndef HAVE_REMOVEFILE
	394	/*
	395	* 'overwrite_data()' - Overwrite the data in a file.
	396	*/
	397
	398	static int /* O - 0 on success, -1 on error */
	399	overwrite_data(int fd, /* I - File descriptor */
	400	const char buffer, / I - Buffer to write */
	401	int bufsize, /* I - Size of buffer */
	402	int filesize) /* I - Size of file */
	403	{
	404	int bytes; /* Bytes to write/written */
	405
	406
	407	/*
	408	* Start at the beginning of the file...
	409	*/
	410
	411	if (lseek(fd, 0, SEEK_SET) < 0)
	412	return (-1);
	413
	414	/*
	415	* Fill the file with the provided data...
	416	*/
	417
	418	while (filesize > 0)
	419	{
	420	if (filesize > bufsize)
	421	bytes = bufsize;
	422	else
	423	bytes = filesize;
	424
	425	if ((bytes = write(fd, buffer, bytes)) < 0)
	426	return (-1);
	427
	428	filesize -= bytes;
	429	}
	430
	431	/*
	432	* Force the changes to disk...
	433	*/
	434
	435	return (fsync(fd));
	436	}
	437	#endif /* HAVE_REMOVEFILE */
	438
	439
	440	/*
	441	* End of "$Id$".
	442	*/