-int is_safe_path(const char *file)
-{
- char *p;
- const char *f;
- char x;
- struct stat s;
- char l[MAXBUFSIZE];
-
- if(*file != '/')
- {
- syslog(LOG_ERR, _("`%s' is not an absolute path"), file);
- return 0;
- }
-
- p = strrchr(file, '/');
-
- if(p == file) /* It's in the root */
- p++;
-
- x = *p;
- *p = '\0';
-
- f = file;
-check1:
- if(lstat(f, &s) < 0)
- {
- syslog(LOG_ERR, _("Couldn't stat `%s': %m"),
- f);
- return 0;
- }
-
- if(s.st_uid != geteuid())
- {
- syslog(LOG_ERR, _("`%s' is owned by UID %d instead of %d"),
- f, s.st_uid, geteuid());
- return 0;
- }
-
- if(S_ISLNK(s.st_mode))
- {
- syslog(LOG_WARNING, _("Warning: `%s' is a symlink"),
- f);
-
- if(readlink(f, l, MAXBUFSIZE) < 0)
- {
- syslog(LOG_ERR, _("Unable to read symbolic link `%s': %m"), f);
- return 0;
- }
-
- f = l;
- goto check1;
- }
-
- *p = x;
- f = file;
-
-check2:
- if(lstat(f, &s) < 0 && errno != ENOENT)
- {
- syslog(LOG_ERR, _("Couldn't stat `%s': %m"),
- f);
- return 0;
- }
-
- if(errno == ENOENT)
- return 1;
-
- if(s.st_uid != geteuid())
- {
- syslog(LOG_ERR, _("`%s' is owned by UID %d instead of %d"),
- f, s.st_uid, geteuid());
- return 0;
- }
-
- if(S_ISLNK(s.st_mode))
- {
- syslog(LOG_WARNING, _("Warning: `%s' is a symlink"),
- f);
-
- if(readlink(f, l, MAXBUFSIZE) < 0)
- {
- syslog(LOG_ERR, _("Unable to read symbolic link `%s': %m"), f);
- return 0;
- }
-
- f = l;
- goto check2;
- }
-
- if(s.st_mode & 0007)
- {
- /* Accessible by others */
- syslog(LOG_ERR, _("`%s' has unsecure permissions"),
- f);
- return 0;
- }
-
- return 1;
+bool modify_config_file(struct meshlink_handle *mesh, const char *name, const char *key, const char *value, int trim) {
+ assert(mesh && name && key);
+
+ char filename[PATH_MAX];
+ char tmpname[PATH_MAX];
+ bool error = false;
+
+ if(snprintf(filename, sizeof(filename), "%s" SLASH "hosts" SLASH "%s", mesh->confbase, name) >= PATH_MAX) {
+ logger(mesh, MESHLINK_ERROR, "Filename too long: %s" SLASH "hosts" SLASH "%s", mesh->confbase, name);
+ return false;
+ }
+
+ if(snprintf(tmpname, sizeof(tmpname), "%s.tmp", filename) >= PATH_MAX) {
+ logger(mesh, MESHLINK_ERROR, "Filename too long: %s.tmp", filename);
+ return false;
+ }
+
+ FILE *fr = fopen(filename, "r");
+
+ if(!fr) {
+ logger(mesh, MESHLINK_ERROR, "Cannot open config file %s: %s", filename, strerror(errno));
+ return false;
+ }
+
+ FILE *fw = fopen(tmpname, "w");
+
+ if(!fw) {
+ logger(mesh, MESHLINK_ERROR, "Cannot open temporary file %s: %s", tmpname, strerror(errno));
+ fclose(fr);
+ return false;
+ }
+
+ char buf[4096];
+ char *sep;
+ int found = 0;
+
+ if(value) {
+ fprintf(fw, "%s = %s\n", key, value);
+ found++;
+ }
+
+ while(readline(fr, buf, sizeof(buf))) {
+ if(!*buf || *buf == '#') {
+ goto copy;
+ }
+
+ sep = strchr(buf, ' ');
+
+ if(!sep) {
+ goto copy;
+ }
+
+ *sep = 0;
+
+ if(strcmp(buf, key)) {
+ *sep = ' ';
+ goto copy;
+ }
+
+ // We found the key and the value. We already added it at the top, so ignore this one.
+ if(value && sep[1] == '=' && sep[2] == ' ' && !strcmp(sep + 3, value)) {
+ continue;
+ }
+
+ // We found the key but with a different value, delete it if wanted.
+ found++;
+
+ if((!value || trim) && found > trim) {
+ continue;
+ }
+
+ *sep = ' ';
+
+copy:
+ fprintf(fw, "%s\n", buf);
+ }
+
+ if(ferror(fr)) {
+ error = true;
+ }
+
+ fclose(fr);
+
+ if(ferror(fw)) {
+ error = true;
+ }
+
+ if(fclose(fw)) {
+ error = true;
+ }
+
+ // If any error occured during reading or writing, exit.
+ if(error) {
+ unlink(tmpname);
+ return false;
+ }
+
+ // Try to atomically replace the old config file with the new one.
+#ifdef HAVE_MINGW
+ char bakname[PATH_MAX];
+ snprintf(bakname, sizeof(bakname), "%s.bak", filename);
+
+ if(rename(filename, bakname) || rename(tmpname, filename)) {
+ rename(bakname, filename);
+#else
+
+ if(rename(tmpname, filename)) {
+#endif
+ return false;
+ } else {
+#ifdef HAVE_MINGW
+ unlink(bakname);
+#endif
+ return true;
+ }