The Tor Browser / annotate

config/nsinstall.c@97036ab72558 (annotated)

config/nsinstall.c

Tue, 06 Jan 2015 21:39:09 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Tue, 06 Jan 2015 21:39:09 +0100
branch
TOR_BUG_9701
changeset 8
97036ab72558
permissions
-rw-r--r--

Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.

michael@0 1 /* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
michael@0 2 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 3 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 5 /*
michael@0 6 ** Netscape portable install command.
michael@0 7 **
michael@0 8 ** Brendan Eich, 7/20/95
michael@0 9 */
michael@0 10 #include <stdio.h> /* OSF/1 requires this before grp.h, so put it first */
michael@0 11 #include <assert.h>
michael@0 12 #include <fcntl.h>
michael@0 13 #include <errno.h>
michael@0 14 #include <dirent.h>
michael@0 15 #include <limits.h>
michael@0 16 #include <grp.h>
michael@0 17 #include <pwd.h>
michael@0 18 #include <stdio.h>
michael@0 19 #include <stdlib.h>
michael@0 20 #include <string.h>
michael@0 21 #include <unistd.h>
michael@0 22 #include <utime.h>
michael@0 23 #include <sys/types.h>
michael@0 24 #include <sys/stat.h>
michael@0 25 #include "pathsub.h"
michael@0 26
michael@0 27 #ifdef HAVE_GETOPT_H
michael@0 28 #include <getopt.h>
michael@0 29 #endif
michael@0 30
michael@0 31 #ifdef SUNOS4
michael@0 32 #include "sunos4.h"
michael@0 33 #endif
michael@0 34
michael@0 35 #ifdef NEXTSTEP
michael@0 36 #include <bsd/libc.h>
michael@0 37 #endif
michael@0 38
michael@0 39 #ifdef __QNX__
michael@0 40 #include <unix.h>
michael@0 41 #endif
michael@0 42
michael@0 43 #ifdef NEED_S_ISLNK
michael@0 44 #if !defined(S_ISLNK) && defined(S_IFLNK)
michael@0 45 #define S_ISLNK(a) (((a) & S_IFMT) == S_IFLNK)
michael@0 46 #endif
michael@0 47 #endif
michael@0 48
michael@0 49 #ifndef _DIRECTORY_SEPARATOR
michael@0 50 #define _DIRECTORY_SEPARATOR "/"
michael@0 51 #endif /* _DIRECTORY_SEPARATOR */
michael@0 52
michael@0 53 #ifdef NEED_FCHMOD_PROTO
michael@0 54 extern int fchmod(int fildes, mode_t mode);
michael@0 55 #endif
michael@0 56
michael@0 57 static void
michael@0 58 usage(void)
michael@0 59 {
michael@0 60 fprintf(stderr,
michael@0 61 "usage: %s [-C cwd] [-L linkprefix] [-m mode] [-o owner] [-g group]\n"
michael@0 62 " %*s [-DdltR] file [file ...] directory\n",
michael@0 63 program, (int) strlen(program), "");
michael@0 64 exit(2);
michael@0 65 }
michael@0 66
michael@0 67 static int
michael@0 68 mkdirs(char *path, mode_t mode)
michael@0 69 {
michael@0 70 char *cp;
michael@0 71 struct stat sb;
michael@0 72 int res;
michael@0 73 int l;
michael@0 74
michael@0 75 /* strip trailing "/." */
michael@0 76 l = strlen(path);
michael@0 77 if(l > 1 && path[l - 1] == '.' && path[l - 2] == '/')
michael@0 78 path[l - 2] = 0;
michael@0 79
michael@0 80 while (*path == '/' && path[1] == '/')
michael@0 81 path++;
michael@0 82 for (cp = strrchr(path, '/'); cp && cp != path && *(cp - 1) == '/'; cp--);
michael@0 83 if (cp && cp != path) {
michael@0 84 *cp = '\0';
michael@0 85 if ((lstat(path, &sb) < 0 || !S_ISDIR(sb.st_mode)) &&
michael@0 86 mkdirs(path, mode) < 0) {
michael@0 87 return -1;
michael@0 88 }
michael@0 89 *cp = '/';
michael@0 90 }
michael@0 91
michael@0 92 res = mkdir(path, mode);
michael@0 93 if ((res != 0) && (errno == EEXIST))
michael@0 94 return 0;
michael@0 95 else
michael@0 96 return res;
michael@0 97 }
michael@0 98
michael@0 99 static uid_t
michael@0 100 touid(char *owner)
michael@0 101 {
michael@0 102 struct passwd *pw;
michael@0 103 uid_t uid;
michael@0 104 char *cp;
michael@0 105
michael@0 106 pw = getpwnam(owner);
michael@0 107 if (pw)
michael@0 108 return pw->pw_uid;
michael@0 109 uid = strtol(owner, &cp, 0);
michael@0 110 if (uid == 0 && cp == owner)
michael@0 111 fail("cannot find uid for %s", owner);
michael@0 112 return uid;
michael@0 113 }
michael@0 114
michael@0 115 static gid_t
michael@0 116 togid(char *group)
michael@0 117 {
michael@0 118 struct group *gr;
michael@0 119 gid_t gid;
michael@0 120 char *cp;
michael@0 121
michael@0 122 gr = getgrnam(group);
michael@0 123 if (gr)
michael@0 124 return gr->gr_gid;
michael@0 125 gid = strtol(group, &cp, 0);
michael@0 126 if (gid == 0 && cp == group)
michael@0 127 fail("cannot find gid for %s", group);
michael@0 128 return gid;
michael@0 129 }
michael@0 130
michael@0 131 static void
michael@0 132 copyfile( char *name, char *toname, mode_t mode, char *group, char *owner,
michael@0 133 int dotimes, uid_t uid, gid_t gid )
michael@0 134 {
michael@0 135 int fromfd, tofd = -1, cc, wc, exists;
michael@0 136 char buf[BUFSIZ], *bp;
michael@0 137 struct stat sb, tosb;
michael@0 138 struct utimbuf utb;
michael@0 139
michael@0 140 exists = (lstat(toname, &tosb) == 0);
michael@0 141
michael@0 142 fromfd = open(name, O_RDONLY);
michael@0 143 if (fromfd < 0 || fstat(fromfd, &sb) < 0)
michael@0 144 fail("cannot access %s", name);
michael@0 145 if (exists) {
michael@0 146 if (S_ISREG(tosb.st_mode)) {
michael@0 147 /* See if we can open it. This is more reliable than 'access'. */
michael@0 148 tofd = open(toname, O_CREAT | O_WRONLY, 0666);
michael@0 149 }
michael@0 150 if (tofd < 0) {
michael@0 151 (void) (S_ISDIR(tosb.st_mode) ? rmdir : unlink)(toname);
michael@0 152 }
michael@0 153 }
michael@0 154 if (tofd < 0) {
michael@0 155 tofd = open(toname, O_CREAT | O_WRONLY, 0666);
michael@0 156 if (tofd < 0)
michael@0 157 fail("cannot create %s", toname);
michael@0 158 }
michael@0 159
michael@0 160 bp = buf;
michael@0 161 while ((cc = read(fromfd, bp, sizeof buf)) > 0)
michael@0 162 {
michael@0 163 while ((wc = write(tofd, bp, (unsigned int)cc)) > 0)
michael@0 164 {
michael@0 165 if ((cc -= wc) == 0)
michael@0 166 break;
michael@0 167 bp += wc;
michael@0 168 }
michael@0 169 if (wc < 0)
michael@0 170 fail("cannot write to %s", toname);
michael@0 171 }
michael@0 172 if (cc < 0)
michael@0 173 fail("cannot read from %s", name);
michael@0 174
michael@0 175 if (ftruncate(tofd, sb.st_size) < 0)
michael@0 176 fail("cannot truncate %s", toname);
michael@0 177 #if !defined(VMS)
michael@0 178 if (dotimes)
michael@0 179 {
michael@0 180 utb.actime = sb.st_atime;
michael@0 181 utb.modtime = sb.st_mtime;
michael@0 182 if (utime(toname, &utb) < 0)
michael@0 183 fail("cannot set times of %s", toname);
michael@0 184 }
michael@0 185 #ifdef HAVE_FCHMOD
michael@0 186 if (fchmod(tofd, mode) < 0)
michael@0 187 #else
michael@0 188 if (chmod(toname, mode) < 0)
michael@0 189 #endif
michael@0 190 fail("cannot change mode of %s", toname);
michael@0 191 #endif
michael@0 192 if ((owner || group) && fchown(tofd, uid, gid) < 0)
michael@0 193 fail("cannot change owner of %s", toname);
michael@0 194
michael@0 195 /* Must check for delayed (NFS) write errors on close. */
michael@0 196 if (close(tofd) < 0)
michael@0 197 fail("cannot write to %s", toname);
michael@0 198 close(fromfd);
michael@0 199 #if defined(VMS)
michael@0 200 if (chmod(toname, (mode & (S_IREAD | S_IWRITE))) < 0)
michael@0 201 fail("cannot change mode of %s", toname);
michael@0 202 if (dotimes)
michael@0 203 {
michael@0 204 utb.actime = sb.st_atime;
michael@0 205 utb.modtime = sb.st_mtime;
michael@0 206 if (utime(toname, &utb) < 0)
michael@0 207 fail("cannot set times of %s", toname);
michael@0 208 }
michael@0 209 #endif
michael@0 210 }
michael@0 211
michael@0 212 static void
michael@0 213 copydir( char *from, char *to, mode_t mode, char *group, char *owner,
michael@0 214 int dotimes, uid_t uid, gid_t gid)
michael@0 215 {
michael@0 216 int i;
michael@0 217 DIR *dir;
michael@0 218 struct dirent *ep;
michael@0 219 struct stat sb;
michael@0 220 char *base, *destdir, *direntry, *destentry;
michael@0 221
michael@0 222 base = xbasename(from);
michael@0 223
michael@0 224 /* create destination directory */
michael@0 225 destdir = xmalloc((unsigned int)(strlen(to) + 1 + strlen(base) + 1));
michael@0 226 sprintf(destdir, "%s%s%s", to, _DIRECTORY_SEPARATOR, base);
michael@0 227 if (mkdirs(destdir, mode) != 0) {
michael@0 228 fail("cannot make directory %s\n", destdir);
michael@0 229 free(destdir);
michael@0 230 return;
michael@0 231 }
michael@0 232
michael@0 233 if (!(dir = opendir(from))) {
michael@0 234 fail("cannot open directory %s\n", from);
michael@0 235 free(destdir);
michael@0 236 return;
michael@0 237 }
michael@0 238
michael@0 239 direntry = xmalloc((unsigned int)PATH_MAX);
michael@0 240 destentry = xmalloc((unsigned int)PATH_MAX);
michael@0 241
michael@0 242 while ((ep = readdir(dir)))
michael@0 243 {
michael@0 244 if (strcmp(ep->d_name, ".") == 0 || strcmp(ep->d_name, "..") == 0)
michael@0 245 continue;
michael@0 246
michael@0 247 sprintf(direntry, "%s/%s", from, ep->d_name);
michael@0 248 sprintf(destentry, "%s%s%s", destdir, _DIRECTORY_SEPARATOR, ep->d_name);
michael@0 249
michael@0 250 if (stat(direntry, &sb) == 0 && S_ISDIR(sb.st_mode))
michael@0 251 copydir( direntry, destdir, mode, group, owner, dotimes, uid, gid );
michael@0 252 else
michael@0 253 copyfile( direntry, destentry, mode, group, owner, dotimes, uid, gid );
michael@0 254 }
michael@0 255
michael@0 256 free(destdir);
michael@0 257 free(direntry);
michael@0 258 free(destentry);
michael@0 259 closedir(dir);
michael@0 260 }
michael@0 261
michael@0 262 int
michael@0 263 main(int argc, char **argv)
michael@0 264 {
michael@0 265 int onlydir, dodir, dolink, dorelsymlink, dotimes, opt, len, lplen, tdlen, bnlen, exists, fromfd, tofd, cc, wc;
michael@0 266 mode_t mode = 0755;
michael@0 267 char *linkprefix, *owner, *group, *cp, *cwd, *todir, *toname, *name, *base, *linkname, *bp, buf[BUFSIZ];
michael@0 268 uid_t uid;
michael@0 269 gid_t gid;
michael@0 270 struct stat sb, tosb, fromsb;
michael@0 271 struct utimbuf utb;
michael@0 272
michael@0 273 program = argv[0];
michael@0 274 cwd = linkname = linkprefix = owner = group = 0;
michael@0 275 onlydir = dodir = dolink = dorelsymlink = dotimes = lplen = 0;
michael@0 276
michael@0 277 while ((opt = getopt(argc, argv, "C:DdlL:Rm:o:g:t")) != EOF) {
michael@0 278 switch (opt) {
michael@0 279 case 'C':
michael@0 280 cwd = optarg;
michael@0 281 break;
michael@0 282 case 'D':
michael@0 283 onlydir = 1;
michael@0 284 break;
michael@0 285 case 'd':
michael@0 286 dodir = 1;
michael@0 287 break;
michael@0 288 case 'L':
michael@0 289 linkprefix = optarg;
michael@0 290 lplen = strlen(linkprefix);
michael@0 291 dolink = 1;
michael@0 292 break;
michael@0 293 case 'R':
michael@0 294 dolink = dorelsymlink = 1;
michael@0 295 break;
michael@0 296 case 'm':
michael@0 297 mode = strtoul(optarg, &cp, 8);
michael@0 298 if (mode == 0 && cp == optarg)
michael@0 299 usage();
michael@0 300 break;
michael@0 301 case 'o':
michael@0 302 owner = optarg;
michael@0 303 break;
michael@0 304 case 'g':
michael@0 305 group = optarg;
michael@0 306 break;
michael@0 307 case 't':
michael@0 308 dotimes = 1;
michael@0 309 break;
michael@0 310 default:
michael@0 311 usage();
michael@0 312 }
michael@0 313 }
michael@0 314
michael@0 315 argc -= optind;
michael@0 316 argv += optind;
michael@0 317 if (argc < 2 - onlydir)
michael@0 318 usage();
michael@0 319
michael@0 320 todir = argv[argc-1];
michael@0 321 if ((stat(todir, &sb) < 0 || !S_ISDIR(sb.st_mode)) &&
michael@0 322 mkdirs(todir, 0777) < 0) {
michael@0 323 fail("cannot make directory %s", todir);
michael@0 324 }
michael@0 325 if (onlydir)
michael@0 326 return 0;
michael@0 327
michael@0 328 if (!cwd) {
michael@0 329 #ifndef NEEDS_GETCWD
michael@0 330 #ifndef GETCWD_CANT_MALLOC
michael@0 331 cwd = getcwd(0, PATH_MAX);
michael@0 332 #else
michael@0 333 cwd = malloc(PATH_MAX + 1);
michael@0 334 cwd = getcwd(cwd, PATH_MAX);
michael@0 335 #endif
michael@0 336 #else
michael@0 337 cwd = malloc(PATH_MAX + 1);
michael@0 338 cwd = getwd(cwd);
michael@0 339 #endif
michael@0 340 }
michael@0 341
michael@0 342 xchdir(todir);
michael@0 343 #ifndef NEEDS_GETCWD
michael@0 344 #ifndef GETCWD_CANT_MALLOC
michael@0 345 todir = getcwd(0, PATH_MAX);
michael@0 346 #else
michael@0 347 todir = malloc(PATH_MAX + 1);
michael@0 348 todir = getcwd(todir, PATH_MAX);
michael@0 349 #endif
michael@0 350 #else
michael@0 351 todir = malloc(PATH_MAX + 1);
michael@0 352 todir = getwd(todir);
michael@0 353 #endif
michael@0 354 tdlen = strlen(todir);
michael@0 355 xchdir(cwd);
michael@0 356 tdlen = strlen(todir);
michael@0 357
michael@0 358 uid = owner ? touid(owner) : (uid_t)(-1);
michael@0 359 gid = group ? togid(group) : (gid_t)(-1);
michael@0 360
michael@0 361 while (--argc > 0) {
michael@0 362 name = *argv++;
michael@0 363 len = strlen(name);
michael@0 364 base = xbasename(name);
michael@0 365 bnlen = strlen(base);
michael@0 366 toname = xmalloc((unsigned int)(tdlen + 1 + bnlen + 1));
michael@0 367 sprintf(toname, "%s%s%s", todir, _DIRECTORY_SEPARATOR, base);
michael@0 368 exists = (lstat(toname, &tosb) == 0);
michael@0 369
michael@0 370 if (dodir) {
michael@0 371 /* -d means create a directory, always */
michael@0 372 if (exists && !S_ISDIR(tosb.st_mode)) {
michael@0 373 (void) unlink(toname);
michael@0 374 exists = 0;
michael@0 375 }
michael@0 376 if (!exists && mkdir(toname, mode) < 0)
michael@0 377 fail("cannot make directory %s", toname);
michael@0 378 if ((owner || group) && chown(toname, uid, gid) < 0)
michael@0 379 fail("cannot change owner of %s", toname);
michael@0 380 } else if (dolink) {
michael@0 381 if (access(name, R_OK) != 0) {
michael@0 382 fail("cannot access %s", name);
michael@0 383 }
michael@0 384 if (*name == '/') {
michael@0 385 /* source is absolute pathname, link to it directly */
michael@0 386 linkname = 0;
michael@0 387 } else {
michael@0 388 if (linkprefix) {
michael@0 389 /* -L prefixes names with a $cwd arg. */
michael@0 390 len += lplen + 1;
michael@0 391 linkname = xmalloc((unsigned int)(len + 1));
michael@0 392 sprintf(linkname, "%s/%s", linkprefix, name);
michael@0 393 } else if (dorelsymlink) {
michael@0 394 /* Symlink the relative path from todir to source name. */
michael@0 395 linkname = xmalloc(PATH_MAX);
michael@0 396
michael@0 397 if (*todir == '/') {
michael@0 398 /* todir is absolute: skip over common prefix. */
michael@0 399 lplen = relatepaths(todir, cwd, linkname);
michael@0 400 strcpy(linkname + lplen, name);
michael@0 401 } else {
michael@0 402 /* todir is named by a relative path: reverse it. */
michael@0 403 reversepath(todir, name, len, linkname);
michael@0 404 xchdir(cwd);
michael@0 405 }
michael@0 406
michael@0 407 len = strlen(linkname);
michael@0 408 }
michael@0 409 name = linkname;
michael@0 410 }
michael@0 411
michael@0 412 /* Check for a pre-existing symlink with identical content. */
michael@0 413 if ((exists && (!S_ISLNK(tosb.st_mode) ||
michael@0 414 readlink(toname, buf, sizeof buf) != len ||
michael@0 415 strncmp(buf, name, (unsigned int)len) != 0)) ||
michael@0 416 ((stat(name, &fromsb) == 0) &&
michael@0 417 (fromsb.st_mtime > tosb.st_mtime))) {
michael@0 418 (void) (S_ISDIR(tosb.st_mode) ? rmdir : unlink)(toname);
michael@0 419 exists = 0;
michael@0 420 }
michael@0 421 if (!exists && symlink(name, toname) < 0)
michael@0 422 fail("cannot make symbolic link %s", toname);
michael@0 423 #ifdef HAVE_LCHOWN
michael@0 424 if ((owner || group) && lchown(toname, uid, gid) < 0)
michael@0 425 fail("cannot change owner of %s", toname);
michael@0 426 #endif
michael@0 427
michael@0 428 if (linkname) {
michael@0 429 free(linkname);
michael@0 430 linkname = 0;
michael@0 431 }
michael@0 432 } else {
michael@0 433 /* Copy from name to toname, which might be the same file. */
michael@0 434 if( stat(name, &sb) == 0 && S_IFDIR & sb.st_mode )
michael@0 435 {
michael@0 436 /* then is directory: must explicitly create destination dir */
michael@0 437 /* and manually copy files over */
michael@0 438 copydir( name, todir, mode, group, owner, dotimes, uid, gid );
michael@0 439 }
michael@0 440 else
michael@0 441 {
michael@0 442 copyfile(name, toname, mode, group, owner, dotimes, uid, gid);
michael@0 443 }
michael@0 444 }
michael@0 445
michael@0 446 free(toname);
michael@0 447 }
michael@0 448
michael@0 449 free(cwd);
michael@0 450 free(todir);
michael@0 451 return 0;
michael@0 452 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial