close
Attachments you submit will be routed for moderation. If you have an account, please log in first.

Ticket #89: 01-fopen-use-statok

File 01-fopen-use-statok, 8.3 KB (added by Matthijs Kooijman, 11 years ago)

Make vuurmuur_fopen use stat_ok for its checks. Lets vuurmuur_fopen work even for non-existing files.

Line 
1Index: vuurmuur/libvuurmuur/src/io.c
2===================================================================
3--- vuurmuur.orig/libvuurmuur/src/io.c  2009-04-21 23:47:10.000000000 +0200
4+++ vuurmuur/libvuurmuur/src/io.c       2009-04-21 23:51:21.000000000 +0200
5@@ -22,71 +22,37 @@
6 #include "vuurmuur.h"
7 
8 
9-//
10+/*  vuurmuur_fopen
11+
12+    A wrapper around fopen which can be used to open files. This
13+    function performs additionals checks on the file, appropriate for
14+    files with sensitive info (such as checking the owner, the
15+    permissions, etc.)
16+
17+    This wrapper only works on a regular file, so no dirs, fifos, etc.
18+
19+    The path and mode parameters are identical to the fopen(3) libc function.
20+*/
21 FILE *
22-vuurmuur_fopen(const char *path, const char *mode)
23+vuurmuur_fopen(const int debuglvl, const char *path, const char *mode)
24 {
25     FILE        *fp=NULL;
26-    struct stat stat_buf;
27-    int         statted=0;  // can 'path' be stat-ed? 0: no, 1: yes
28 
29-    // check if we can lstat the file. If not, we assume file doens't exist.
30-    if(lstat(path, &stat_buf) == -1)
31-        statted = 0 ;
32-    else
33-        statted = 1;
34+    // Stat the file
35+    if (!stat_ok(debuglvl, path, STATOK_WANT_FILE, STATOK_VERBOSE, STATOK_ALLOW_NOTFOUND))
36+        // File not OK? Don't open it. stat_ok will have printed an error message already.
37+        return NULL;
38 
39-    // now look at the results
40-    if(statted && S_ISLNK(stat_buf.st_mode) == 1)
41-    {
42-        (void)vrprint.error(-1, "Error", "opening '%s': For security reasons Vuurmuur will not allow following symbolic-links.", path);
43-    }
44-    else if(statted && (stat_buf.st_mode & S_IWGRP || stat_buf.st_mode & S_IWOTH))
45+    // now open the file, this should not fail because if we get here it exists and is readable,
46+    // but we check to be sure.
47+    if(!(fp=fopen(path, mode)))
48     {
49-        (void)vrprint.error(-1, "Error", "opening '%s': For security reasons Vuurmuur will not open files that are writable by 'group' or 'other'. Check the file content & permissions.", path);
50+        (void)vrprint.error(-1, "Error", "opening '%s' failed: %s (in: vuurmuur_fopen).", path, strerror(errno));
51+        return NULL;
52     }
53-    else if(statted && (stat_buf.st_uid != 0 || stat_buf.st_gid != 0))
54-    {
55-        (void)vrprint.error(-1, "Error", "opening '%s': For security reasons Vuurmuur will not open files that are not owned by root.", path);
56-    }
57-    else
58-    {
59-        // check if group and others can read the file. If so, fix the permissions.
60-        if(statted && (stat_buf.st_mode & S_IRGRP || stat_buf.st_mode & S_IROTH))
61-        {
62-            (void)vrprint.info("Info", "'%s' is readable by 'group' and 'other'. This is not recommended. Fixing.", path);
63-            if(chmod(path, 0600) == -1)
64-            {
65-                (void)vrprint.error(-1, "Error", "failed to repair file permissions for file '%s': %s.", path, strerror(errno));
66-                return(NULL);
67-            }
68-        }
69-        // check if group and others can execute the file. If so, fix the permissions.
70-        if(statted && (stat_buf.st_mode & S_IXGRP || stat_buf.st_mode & S_IXOTH))
71-        {
72-            (void)vrprint.info("Info", "'%s' is executable by 'group' and 'other'. This is not recommended. Fixing.", path);
73-            if(chmod(path, 0600) == -1)
74-            {
75-                (void)vrprint.error(-1, "Error", "failed to repair file permissions for file '%s': %s.", path, strerror(errno));
76-                return(NULL);
77-            }
78-        }
79 
80-        // now open the file, this should not fail because if we get here it exists and is readable,
81-        // but we check to be sure.
82-        if(!(fp=fopen(path, mode)))
83-        {
84-            (void)vrprint.error(-1, "Error", "opening '%s' failed: %s (in: vuurmuur_fopen).", path, strerror(errno));
85-        }
86-        else
87-        {
88-            // return our succes
89-            return(fp);
90-        }
91-    }
92-
93-    // if we get here, there was an error
94-    return(NULL);
95+    // return our succes
96+    return(fp);
97 }
98 
99 
100@@ -354,7 +320,7 @@
101     Returns the pointer to the file, or NULL if failed.
102 */
103 FILE *
104-rules_file_open(const char *path, const char *mode, int caller)
105+rules_file_open(const int debuglvl, const char *path, const char *mode, int caller)
106 {
107     FILE    *lock_fp = NULL,
108             *fp = NULL;
109@@ -445,7 +411,7 @@
110         free(lock_path);
111     }
112 
113-    fp = vuurmuur_fopen(path, mode);
114+    fp = vuurmuur_fopen(debuglvl, path, mode);
115     return(fp);
116 }
117 
118Index: vuurmuur/libvuurmuur/plugins/textdir/textdir_ask.c
119===================================================================
120--- vuurmuur.orig/libvuurmuur/plugins/textdir/textdir_ask.c     2009-04-21 23:44:48.000000000 +0200
121+++ vuurmuur/libvuurmuur/plugins/textdir/textdir_ask.c  2009-04-21 23:48:20.000000000 +0200
122@@ -96,7 +96,7 @@
123     /* now open and read the file, but only if it is not already open */
124     if(ptr->file == NULL)
125     {
126-        if(!(ptr->file = vuurmuur_fopen(file_location, "r")))
127+        if(!(ptr->file = vuurmuur_fopen(debuglvl, file_location, "r")))
128         {
129             (void)vrprint.error(-1, "Error", "Unable to open file '%s'.", file_location);
130 
131Index: vuurmuur/libvuurmuur/plugins/textdir/textdir_tell.c
132===================================================================
133--- vuurmuur.orig/libvuurmuur/plugins/textdir/textdir_tell.c    2009-04-21 23:44:48.000000000 +0200
134+++ vuurmuur/libvuurmuur/plugins/textdir/textdir_tell.c 2009-04-21 23:48:20.000000000 +0200
135@@ -85,7 +85,7 @@
136     /*
137         first open the file for reading
138     */
139-    if(!(fp = vuurmuur_fopen(file_location, "r")))
140+    if(!(fp = vuurmuur_fopen(debuglvl, file_location, "r")))
141     {
142         (void)vrprint.error(-1, "Error", "unable to open file '%s' for reading: %s.", file_location, strerror(errno));
143 
144@@ -321,7 +321,7 @@
145     /*
146         now open the file for writing
147     */
148-    if(!(fp = vuurmuur_fopen(file_location, "w+")))
149+    if(!(fp = vuurmuur_fopen(debuglvl, file_location, "w+")))
150     {
151         (void)vrprint.error(-1, "Error", "unable to open file '%s' for writing: %s (in: %s).", file_location, strerror(errno), __FUNC__);
152         
153Index: vuurmuur/libvuurmuur/src/config.c
154===================================================================
155--- vuurmuur.orig/libvuurmuur/src/config.c      2009-04-21 23:47:10.000000000 +0200
156+++ vuurmuur/libvuurmuur/src/config.c   2009-04-21 23:48:20.000000000 +0200
157@@ -1558,7 +1558,7 @@
158     if(!question || !file_location || size == 0)
159         return(-1);
160 
161-    if(!(fp = vuurmuur_fopen(file_location,"r")))
162+    if(!(fp = vuurmuur_fopen(debuglvl, file_location,"r")))
163     {
164         (void)vrprint.error(-1, "Error", "unable to open configfile '%s': %s (in: ask_configfile).", file_location, strerror(errno));
165         return(-1);
166Index: vuurmuur/libvuurmuur/src/rules.c
167===================================================================
168--- vuurmuur.orig/libvuurmuur/src/rules.c       2009-04-21 23:44:48.000000000 +0200
169+++ vuurmuur/libvuurmuur/src/rules.c    2009-04-21 23:48:20.000000000 +0200
170@@ -1371,7 +1371,7 @@
171     }
172 
173     /* open the rulesfile */
174-    if(!(fp = rules_file_open(rulesfile_location, "w+", 0)))
175+    if(!(fp = rules_file_open(debuglvl, rulesfile_location, "w+", 0)))
176     {
177         (void)vrprint.error(-1, "Error", "opening rulesfile '%s' failed: %s (in: %s).",
178                 rulesfile_location, strerror(errno), __FUNC__);
179Index: vuurmuur/libvuurmuur/src/vuurmuur.h
180===================================================================
181--- vuurmuur.orig/libvuurmuur/src/vuurmuur.h    2009-04-21 23:47:10.000000000 +0200
182+++ vuurmuur/libvuurmuur/src/vuurmuur.h 2009-04-21 23:48:20.000000000 +0200
183@@ -1404,13 +1404,13 @@
184 /*
185     io.c
186 */
187-FILE *vuurmuur_fopen(const char *path, const char *mode);
188+FILE *vuurmuur_fopen(const int, const char *path, const char *mode);
189 DIR *vuurmuur_opendir(const int, const char *);
190 int stat_ok(const int, const char *, char, char, char);
191 int check_pidfile(char *pidfile_location);
192 int create_pidfile(char *pidfile_location, int shm_id);
193 int remove_pidfile(char *pidfile_location);
194-FILE * rules_file_open(const char *path, const char *mode, int caller);
195+FILE * rules_file_open(const int, const char *path, const char *mode, int caller);
196 int rules_file_close(FILE *file, const char *path);
197 int pipe_command(const int, struct vuurmuur_config *, char *, char);
198 int libvuurmuur_exec_command(const int, struct vuurmuur_config *, char *, char **, char *);