sigtool/sigtool.c
e3aaff8e
 /*
8ca8a18e
  *  Copyright (C) 2002 - 2007 Tomasz Kojm <tkojm@clamav.net>
e3aaff8e
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
  *  the Free Software Foundation; either version 2 of the License, or
  *  (at your option) any later version.
  *
  *  This program is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  *  GNU General Public License for more details.
  *
  *  You should have received a copy of the GNU General Public License
  *  along with this program; if not, write to the Free Software
48b7b4a7
  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
  *  MA 02110-1301, USA.
e3aaff8e
  */
 
 
6d6e8271
 #if HAVE_CONFIG_H
 #include "clamav-config.h"
 #endif
 
e3aaff8e
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
8139fd99
 #include <zlib.h>
 #include <time.h>
 #include <locale.h>
ae307914
 #include <sys/types.h>
08d6b1e3
 #include <sys/stat.h>
 #include <fcntl.h>
ae307914
 #include <sys/socket.h>
 #include <sys/un.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
2d70a403
 #include <sys/wait.h>
0a2ad257
 #include <dirent.h>
e3aaff8e
 
f0d0a4c0
 #ifdef HAVE_TERMIOS_H
 #include <termios.h>
 #endif
 
6a31c2b4
 #include "vba.h"
e3aaff8e
 
3d167464
 #include "shared/options.h"
 #include "shared/output.h"
 #include "shared/cfgparser.h"
 #include "shared/misc.h"
bb990ecd
 #include "shared/cdiff.h"
e3aaff8e
 
e48dcea9
 #include "libclamav/clamav.h"
3d167464
 #include "libclamav/cvd.h"
 #include "libclamav/others.h"
 #include "libclamav/str.h"
 #include "libclamav/ole2_extract.h"
 #include "libclamav/htmlnorm.h"
5b68299b
 #include "libclamav/sha256.h"
e3aaff8e
 
fb30f402
 #define MAX_DEL_LOOKAHEAD   50
e3aaff8e
 
3d167464
 static int hexdump(void)
 {
 	char buffer[FILEBUFF], *pt;
 	int bytes;
6a2532ca
 
e3aaff8e
 
3d167464
     while((bytes = read(0, buffer, FILEBUFF)) > 0) {
 	pt = cli_str2hex(buffer, bytes);
 	if(write(1, pt, 2 * bytes) == -1) {
efa239e2
 	    mprintf("!hexdump: Can't write to stdout\n");
3d167464
 	    free(pt);
 	    return -1;
 	}
 	free(pt);
e3aaff8e
     }
 
3d167464
     if(bytes == -1)
 	return -1;
e3aaff8e
 
3d167464
     return 0;
 }
e3aaff8e
 
60892bc1
 static int md5sig(struct optstruct *opt, unsigned int mdb)
3d167464
 {
 	char *md5, *filename;
 	int i;
 	struct stat sb;
a36e6e5c
 
bcf3dc79
 
3d167464
     if(opt->filename) {
 	for(i = 0; (filename = cli_strtok(opt->filename, i, "\t")); i++) {
 	    if(stat(filename, &sb) == -1) {
efa239e2
 		mprintf("!md5sig: Can't access file %s\n", filename);
3d167464
 		perror("md5sig");
 		free(filename);
 		return -1;
 	    } else {
 		if((sb.st_mode & S_IFMT) == S_IFREG) {
 		    if((md5 = cli_md5file(filename))) {
60892bc1
 			if(mdb)
 			    mprintf("%d:%s:%s\n", sb.st_size, md5, filename);
 			else
 			    mprintf("%s:%d:%s\n", md5, sb.st_size, filename);
3d167464
 			free(md5);
 		    } else {
efa239e2
 			mprintf("!md5sig: Can't generate MD5 checksum for %s\n", filename);
3d167464
 			free(filename);
 			return -1;
bcf3dc79
 		    }
 		}
 	    }
 
3d167464
 	    free(filename);
08d6b1e3
 	}
 
3d167464
     } else { /* stream */
 	md5 = cli_md5stream(stdin, NULL);
 	if(!md5) {
efa239e2
 	    mprintf("!md5sig: Can't generate MD5 checksum for input stream\n");
3d167464
 	    return -1;
ae307914
 	}
efa239e2
 	mprintf("%s\n", md5);
3d167464
 	free(md5);
     }
8139fd99
 
3d167464
     return 0;
 }
8139fd99
 
3d167464
 static int htmlnorm(struct optstruct *opt)
 {
 	int fd;
0f387b1b
 
 
3d167464
     if((fd = open(opt_arg(opt, "html-normalise"), O_RDONLY)) == -1) {
efa239e2
 	mprintf("!htmlnorm: Can't open file %s\n", opt_arg(opt, "html-normalise"));
3d167464
 	return -1;
     }
55216b6e
 
3d167464
     html_normalise_fd(fd, ".", NULL);
     close(fd);
55216b6e
 
3d167464
     return 0;
 }
8139fd99
 
ec5e029e
 static int utf16decode(struct optstruct *opt)
 {
 	const char *fname;
 	char *newname, buff[512], *decoded;
4f411f34
 	int fd1, fd2, bytes;
ec5e029e
 
 
     fname = opt_arg(opt, "utf16-decode");
     if((fd1 = open(fname, O_RDONLY)) == -1) {
 	mprintf("!utf16decode: Can't open file %s\n", fname);
 	return -1;
     }
 
     newname = malloc(strlen(fname) + 7);
     sprintf(newname, "%s.ascii", fname);
 
     if((fd2 = open(newname, O_WRONLY|O_CREAT|O_TRUNC, S_IRWXU)) < 0) {
 	mprintf("!utf16decode: Can't create file %s\n", newname);
 	free(newname);
 	close(fd1);
 	return -1;
     }
 
     while((bytes = read(fd1, buff, sizeof(buff))) > 0) {
 	decoded = cli_utf16toascii(buff, bytes);
 	if(decoded) {
 	    if(write(fd2, decoded, strlen(decoded)) == -1) {
 		mprintf("!utf16decode: Can't write to file %s\n", newname);
 		free(decoded);
 		unlink(newname);
 		free(newname);
 		close(fd1);
 		close(fd2);
 		return -1;
 	    }
 	    free(decoded);
 	}
     }
 
     free(newname);
     close(fd1);
     close(fd2);
 
     return 0;
 }
 
3d167464
 static unsigned int countlines(const char *filename)
 {
 	FILE *fd;
 	char buff[1024];
 	unsigned int lines = 0;
8139fd99
 
0a2ad257
 
3d167464
     if((fd = fopen(filename, "r")) == NULL)
 	return 0;
0a2ad257
 
3d167464
     while(fgets(buff, sizeof(buff), fd)) {
 	if(buff[0] == '#') continue;
 	lines++;
     }
9d0b7ebd
 
3d167464
     fclose(fd);
     return lines;
 }
9d0b7ebd
 
5b68299b
 static char *getdsig(const char *host, const char *user, const char *data, unsigned int datalen, unsigned short mode)
3d167464
 {
5b68299b
 	char buff[512], cmd[128], pass[30], *pt;
3d167464
         struct sockaddr_in server;
 	int sockd, bread, len;
f0d0a4c0
 #ifdef HAVE_TERMIOS_H
 	struct termios old, new;
 #endif
9d0b7ebd
 
 
4f411f34
     if((pt = getenv("SIGNDPASS"))) {
 	strncpy(pass, pt, sizeof(pass));
     } else {
 	fflush(stdin);
 	mprintf("Password: ");
 
 #ifdef HAVE_TERMIOS_H
 	if(tcgetattr(0, &old)) {
 	    mprintf("!getdsig: tcgetattr() failed\n");
 	    return NULL;
 	}
 	new = old;
 	new.c_lflag &= ~ECHO;
 	if(tcsetattr(0, TCSAFLUSH, &new)) {
 	    mprintf("!getdsig: tcsetattr() failed\n");
 	    return NULL;
 	}
 #endif
 
 	if(fgets(pass, sizeof(pass), stdin)) {
 	    cli_chomp(pass);
 	} else {
 	    mprintf("!getdsig: Can't get password\n");
 	    return NULL;
 	}
 
 #ifdef HAVE_TERMIOS_H
 	if(tcsetattr(0, TCSAFLUSH, &old)) {
 	    mprintf("!getdsig: tcsetattr() failed\n", host);
 	    memset(pass, 0, strlen(pass));
 	    return NULL;
 	}
 #endif
 	mprintf("\n");
     }
 
3d167464
 #ifdef PF_INET
     if((sockd = socket(PF_INET, SOCK_STREAM, 0)) < 0) {
 #else
     if((sockd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
 #endif
 	perror("socket()");
efa239e2
 	mprintf("!getdsig: Can't create socket\n");
4f411f34
 	memset(pass, 0, strlen(pass));
3d167464
 	return NULL;
     }
9d0b7ebd
 
3d167464
     server.sin_family = AF_INET;
     server.sin_addr.s_addr = inet_addr(host);
     server.sin_port = htons(33101);
e3aaff8e
 
3d167464
     if(connect(sockd, (struct sockaddr *) &server, sizeof(struct sockaddr_in)) < 0) {
         close(sockd);
 	perror("connect()");
efa239e2
 	mprintf("!getdsig: Can't connect to ClamAV Signing Service at %s\n", host);
4f411f34
 	memset(pass, 0, strlen(pass));
3d167464
 	return NULL;
e3aaff8e
     }
3d167464
     memset(cmd, 0, sizeof(cmd));
f0d0a4c0
 
5b68299b
     if(mode == 1)
 	snprintf(cmd, sizeof(cmd) - datalen, "ClamSignPSS:%s:%s:", user, pass);
     else
 	snprintf(cmd, sizeof(cmd) - datalen, "ClamSign:%s:%s:", user, pass);
 
3d167464
     len = strlen(cmd);
     pt = cmd + len;
5b68299b
     memcpy(pt, data, datalen);
     len += datalen;
e4ae7726
 
3d167464
     if(write(sockd, cmd, len) < 0) {
efa239e2
 	mprintf("!getdsig: Can't write to socket\n");
3d167464
 	close(sockd);
 	memset(cmd, 0, len);
 	memset(pass, 0, strlen(pass));
 	return NULL;
     }
19e2ac07
 
3d167464
     memset(cmd, 0, len);
     memset(pass, 0, strlen(pass));
     memset(buff, 0, sizeof(buff));
e4ae7726
 
827bb6ca
     if((bread = cli_readn(sockd, buff, sizeof(buff))) > 0) {
3d167464
 	if(!strstr(buff, "Signature:")) {
efa239e2
 	    mprintf("!getdsig: Error generating digital signature\n");
 	    mprintf("!getdsig: Answer from remote server: %s\n", buff);
3d167464
 	    close(sockd);
 	    return NULL;
 	} else {
827bb6ca
 	    mprintf("Signature received (length = %u)\n", strlen(buff) - 10);
3d167464
 	}
827bb6ca
     } else {
 	mprintf("!getdsig: Communication error with remote server\n");
 	close(sockd);
 	return NULL;
19e2ac07
     }
e4ae7726
 
3d167464
     close(sockd);
827bb6ca
 
3d167464
     pt = buff;
     pt += 10;
     return strdup(pt);
e4ae7726
 }
 
e3bcc33a
 static int writeinfo(const char *db, const char *header)
0a4afbbd
 {
 	FILE *fh;
 	int i;
 	struct stat sb;
 	char file[32], *md5;
0714ac10
 	char *extlist[] = { "db", "fp", "hdb", "mdb", "ndb", "pdb", "rmd", "zmd", "sdb", "cfg", NULL };
0a4afbbd
 
 
     snprintf(file, sizeof(file), "%s.info", db);
     if(stat(file, &sb) != -1) {
 	if(unlink(file) == -1) {
efa239e2
 	    mprintf("!writeinfo: Can't unlink %s\n", file);
0a4afbbd
 	    return -1;
 	}
     }
 
     if(!(fh = fopen(file, "w"))) {
efa239e2
 	mprintf("!writeinfo: Can't create file %s\n", file);
0a4afbbd
 	return -1;
     }
 
e3bcc33a
     if(fprintf(fh, "%s\n", header) < 0) {
 	mprintf("!writeinfo: Can't write to %s\n", file);
0a4afbbd
 	fclose(fh);
 	return -1;
     }
 
     for(i = 0; extlist[i]; i++) {
 	snprintf(file, sizeof(file), "%s.%s", db, extlist[i]);
 	if(stat(file, &sb) != -1) {
 	    if(!(md5 = cli_md5file(file))) {
efa239e2
 		mprintf("!writeinfo: Can't generate MD5 checksum for %s\n", file);
0a4afbbd
 		fclose(fh);
 		return -1;
 	    }
 	    if(fprintf(fh, "%s.%s:%s\n", db, extlist[i], md5) < 0) {
efa239e2
 		mprintf("!writeinfo: Can't write to info file\n");
0a4afbbd
 		fclose(fh);
 		free(md5);
 		return -1;
 	    }
 	    free(md5);
 	}
     }
 
     fclose(fh);
     return 0;
 }
 
1aa405c3
 static int diffdirs(const char *old, const char *new, const char *patch);
5b68299b
 static int verifydiff(const char *diff, const char *cvd, const char *incdir);
 
 static int script2cdiff(const char *script, const char *builder, struct optstruct *opt)
 {
 	char *cdiff, *pt, buffer[FILEBUFF];
 	unsigned char digest[32];
 	SHA256_CTX ctx;
 	struct stat sb;
 	FILE *scripth, *cdiffh;
 	gzFile *gzh;
 	unsigned int ver, osize;
 	int bytes;
 
 
     if(stat(script, &sb) == -1) {
 	mprintf("!script2diff: Can't stat file %s\n", script);
 	return -1;
     }
     osize = (unsigned int) sb.st_size;
 
     cdiff = strdup(script);
     pt = strstr(cdiff, ".script");
     if(!pt) {
 	mprintf("!script2cdiff: Incorrect file name (no .script extension)\n");
 	free(cdiff);
 	return -1;
     }
     strcpy(pt, ".cdiff");
 
     if(!(pt = strchr(script, '-'))) {
 	mprintf("!script2cdiff: Incorrect file name syntax\n");
 	free(cdiff);
 	return -1;
     }
     sscanf(++pt, "%u.script", &ver);
 
     if(!(cdiffh = fopen(cdiff, "wb"))) {
 	mprintf("!script2cdiff: Can't open %s for writing\n", cdiff);
 	free(cdiff);
 	return -1;
     }
 
     if(fprintf(cdiffh, "ClamAV-Diff:%u:%u:", ver, osize) < 0) {
 	mprintf("!script2cdiff: Can't write to %s\n", cdiff);
 	fclose(cdiffh);
 	free(cdiff);
 	return -1;
     }
     fclose(cdiffh);
 
     if(!(scripth = fopen(script, "rb"))) {
 	mprintf("!script2cdiff: Can't open file %s for reading\n", script);
 	unlink(cdiff);
 	free(cdiff);
 	return -1;
     }
 
     if(!(gzh = gzopen(cdiff, "ab"))) {
 	mprintf("!script2cdiff: Can't open file %s for appending\n", cdiff);
 	unlink(cdiff);
 	free(cdiff);
 	fclose(scripth);
 	return -1;
     }
 
     while((bytes = fread(buffer, 1, sizeof(buffer), scripth)) > 0) {
 	if(!gzwrite(gzh, buffer, bytes)) {
 	    mprintf("!script2cdiff: Can't gzwrite to %s\n", cdiff);
 	    unlink(cdiff);
 	    free(cdiff);
 	    fclose(scripth);
 	    gzclose(gzh);
 	    return -1;
 	}
     }
     fclose(scripth);
     gzclose(gzh);
 
     if(!(cdiffh = fopen(cdiff, "rb"))) {
 	mprintf("!script2cdiff: Can't open %s for reading/writing\n", cdiff);
 	unlink(cdiff);
 	free(cdiff);
 	return -1;
     }
 
     sha256_init(&ctx);
 
     while((bytes = fread(buffer, 1, sizeof(buffer), cdiffh)))
 	sha256_update(&ctx, (unsigned char *) buffer, bytes);
 
     fclose(cdiffh);
     sha256_final(&ctx);
     sha256_digest(&ctx, digest);
 
     if(!(pt = getdsig(opt_arg(opt, "server"), builder, (char *) digest, 32, 1))) {
 	mprintf("!script2cdiff: Can't get digital signature from remote server\n");
 	unlink(cdiff);
 	free(cdiff);
 	return -1;
     }
 
     if(!(cdiffh = fopen(cdiff, "ab"))) {
 	mprintf("!script2cdiff: Can't open %s for appending\n", cdiff);
 	unlink(cdiff);
 	free(cdiff);
 	return -1;
     }
     fprintf(cdiffh, ":%s", pt);
     free(pt);
     fclose(cdiffh);
 
     mprintf("Created %s\n", cdiff);
     free(cdiff);
 
     return 0;
 }
1aa405c3
 
3d167464
 static int build(struct optstruct *opt)
8139fd99
 {
050c6e4d
 	int ret, inc = 1, dn;
3d167464
 	size_t bytes;
d08d2bd0
 	unsigned int sigs = 0, oldsigs = 0, lines = 0, version, real_header, fl;
8139fd99
 	struct stat foo;
1aa405c3
 	char buffer[FILEBUFF], *tarfile, *gzfile, header[513], smbuff[32],
 	     builder[32], *pt, *dbname, olddb[512], patch[32], broken[32];
200e94b5
         struct cl_engine *engine = NULL;
3d167464
 	FILE *tar, *cvd;
8139fd99
 	gzFile *gz;
 	time_t timet;
 	struct tm *brokent;
0a4afbbd
 	struct cl_cvd *oldcvd;
8139fd99
 
 
3d167464
     if(!opt_check(opt, "server")) {
efa239e2
 	mprintf("!build: --server is required for --build\n");
3d167464
 	return -1;
8139fd99
     }
 
3d167464
     if(stat("COPYING", &foo) == -1) {
efa239e2
 	mprintf("!build: COPYING file not found in current working directory.\n");
3d167464
 	return -1;
8139fd99
     }
 
3d167464
     if(stat("main.db", &foo) == -1 && stat("daily.db", &foo) == -1 &&
        stat("main.hdb", &foo) == -1 && stat("daily.hdb", &foo) == -1 &&
c09d6c19
        stat("main.mdb", &foo) == -1 && stat("daily.mdb", &foo) == -1 &&
3d167464
        stat("main.ndb", &foo) == -1 && stat("daily.ndb", &foo) == -1 &&
508268f3
        stat("main.pdb", &foo) == -1 && stat("daily.pdb", &foo) == -1 &&
0a4afbbd
        stat("main.sdb", &foo) == -1 && stat("daily.sdb", &foo) == -1 &&
3d167464
        stat("main.zmd", &foo) == -1 && stat("daily.zmd", &foo) == -1 &&
        stat("main.rmd", &foo) == -1 && stat("daily.rmd", &foo) == -1)
     {
efa239e2
 	mprintf("!build: No virus database file  found in current directory\n");
3d167464
 	return -1;
8139fd99
     }
 
4f411f34
     if((ret = cl_load(".", &engine, &sigs, CL_DB_STDOPT))) {
efa239e2
 	mprintf("!build: Can't load database: %s\n", cl_strerror(ret));
3d167464
 	return -1;
     } else {
200e94b5
 	cl_free(engine);
3d167464
     }
8139fd99
 
3d167464
     if(!sigs) {
efa239e2
 	mprintf("!build: There are no signatures in database files\n");
0f387b1b
     } else {
3d167464
 	lines = countlines("main.db") + countlines("daily.db") +
 		countlines("main.hdb") + countlines("daily.hdb") +
c09d6c19
 		countlines("main.mdb") + countlines("daily.mdb") +
3d167464
 		countlines("main.ndb") + countlines("daily.ndb") +
0a4afbbd
 		countlines("main.sdb") + countlines("daily.sdb") +
3d167464
 		countlines("main.zmd") + countlines("daily.zmd") +
 		countlines("main.rmd") + countlines("daily.rmd") +
 		countlines("main.fp") + countlines("daily.fp");
 
 	if(lines != sigs) {
d08d2bd0
 	    mprintf("^build: Signatures in database: %d, loaded by libclamav: %d\n", lines, sigs);
 	    mprintf("^build: Please check the current directory and remove unnecessary databases\n");
 	    mprintf("^build: or install the latest ClamAV version.\n");
0f387b1b
 	}
     }
8139fd99
 
0a4afbbd
     /* try to read cvd header of current database */
1aa405c3
     dbname = opt_arg(opt, "build");
     if(strstr(dbname, "main"))
 	dbname = "main";
     else
 	dbname = "daily";
 
 
c4cbb847
     if(opt->filename) {
 	if(cli_strbcasestr(opt->filename, ".cvd")) {
 	    strncpy(olddb, opt->filename, sizeof(olddb));
 	    inc = 0;
 	} else if(cli_strbcasestr(opt->filename, ".inc")) {
 	    snprintf(olddb, sizeof(olddb), "%s/%s.info", opt->filename, dbname);
 	} else {
 	    mprintf("!build: The optional argument points to neither CVD nor incremental directory\n");
 	    return -1;
 	}
 
     } else {
 	pt = freshdbdir();
 	snprintf(olddb, sizeof(olddb), "%s/%s.inc/%s.info", pt, dbname, dbname);
 	if(stat(olddb, &foo) == -1) {
 	    inc = 0;
 	    snprintf(olddb, sizeof(olddb), "%s/%s.cvd", pt, dbname);
 	}
 	free(pt);
     }
1aa405c3
 
     if(!(oldcvd = cl_cvdhead(olddb))) {
c4cbb847
 	mprintf("^build: CAN'T READ CVD HEADER OF CURRENT DATABASE %s\n", olddb);
0a4afbbd
 	sleep(3);
     }
 
     if(oldcvd) {
 	version = oldcvd->version + 1;
b336436b
 	oldsigs = oldcvd->sigs;
0a4afbbd
 	cl_cvdfree(oldcvd);
     } else {
 	fflush(stdin);
efa239e2
 	mprintf("Version number: ");
0a4afbbd
 	scanf("%u", &version);
     }
 
b336436b
     mprintf("Total sigs: %u\n", sigs);
     if(sigs > oldsigs)
 	mprintf("New sigs: %u\n", sigs - oldsigs);
 
e3bcc33a
     strcpy(header, "ClamAV-VDB:");
 
     /* time */
     time(&timet);
     brokent = localtime(&timet);
     setlocale(LC_TIME, "C");
     strftime(smbuff, sizeof(smbuff), "%d %b %Y %H-%M %z", brokent);
     strcat(header, smbuff);
 
     /* version */
     sprintf(smbuff, ":%d:", version);
     strcat(header, smbuff);
 
     /* number of signatures */
     sprintf(smbuff, "%d:", sigs);
     strcat(header, smbuff);
 
     /* functionality level */
d08d2bd0
     if(!strcmp(dbname, "main")) {
 	fflush(stdin);
 	mprintf("Functionality level: ");
 	scanf("%u", &fl);
     } else {
 	fl = cl_retflevel();
     }
     sprintf(smbuff, "%u:", fl);
e3bcc33a
     strcat(header, smbuff);
 
     real_header = strlen(header);
 
     /* add fake MD5 and dsig (for writeinfo) */
     strcat(header, "X:X:");
 
4f411f34
     if((pt = getenv("SIGNDUSER"))) {
 	strncpy(builder, pt, sizeof(builder));
e3bcc33a
     } else {
4f411f34
 	/* ask for builder name */
 	fflush(stdin);
 	mprintf("Builder name: ");
 	if(fgets(builder, sizeof(builder), stdin)) {
 	    cli_chomp(builder);
 	} else {
 	    mprintf("!build: Can't get builder name\n");
 	    return -1;
 	}
e3bcc33a
     }
 
     /* add builder */
     strcat(header, builder);
 
     /* add current time */
     sprintf(header + strlen(header), ":%d", (int) timet);
 
1aa405c3
     if(writeinfo(dbname, header) == -1) {
efa239e2
 	mprintf("!build: Can't generate info file\n");
0a4afbbd
 	return -1;
     }
 
e3bcc33a
     header[real_header] = 0;
 
3d167464
     if(!(tarfile = cli_gentemp("."))) {
efa239e2
 	mprintf("!build: Can't generate temporary name for tarfile\n");
3d167464
 	return -1;
     }
8139fd99
 
     switch(fork()) {
 	case -1:
efa239e2
 	    mprintf("!build: Can't fork.\n");
3d167464
 	    free(tarfile);
 	    return -1;
8139fd99
 	case 0:
 	    {
3d167464
 		char *args[] = { "tar", "-cvf", NULL, "COPYING", "main.db",
 				 "daily.db", "main.hdb", "daily.hdb",
0a4afbbd
 				 "main.ndb", "daily.ndb", "main.sdb",
 				 "daily.sdb", "main.zmd", "daily.zmd",
 				 "main.rmd", "daily.rmd", "main.fp",
c09d6c19
 				 "daily.fp", "main.mdb", "daily.mdb",
508268f3
 				 "daily.info", "main.info", "main.wdb",
 				 "daily.wdb", "main.pdb", "daily.pdb",
0714ac10
 				 "main.cfg", "daily.cfg",
7dec7955
 				 NULL };
0aaf4b37
 		args[2] = tarfile;
1aa405c3
 		if(!opt_check(opt, "debug")) {
050c6e4d
 		    if((dn = open("/dev/null", O_WRONLY)) == -1) {
 			mprintf("^Cannot open /dev/null\n");
 			close(1);
 			close(2);
 		    } else {
 			dup2(dn, 1);
 			dup2(dn, 2);
 			close(dn);
 		    }
1aa405c3
 		}
8139fd99
 		execv("/bin/tar", args);
efa239e2
 		mprintf("!build: Can't execute tar\n");
8139fd99
 		perror("tar");
3d167464
 		free(tarfile);
 		return -1;
8139fd99
 	    }
 	default:
 	    wait(NULL);
     }
 
     if(stat(tarfile, &foo) == -1) {
efa239e2
 	mprintf("!build: Tar archive was not created\n");
3d167464
 	free(tarfile);
 	return -1;
8139fd99
     }
 
     if((tar = fopen(tarfile, "rb")) == NULL) {
efa239e2
 	mprintf("!build: Can't open file %s\n", tarfile);
3d167464
 	free(tarfile);
 	return -1;
     }
 
     if(!(gzfile = cli_gentemp("."))) {
efa239e2
 	mprintf("!build: Can't generate temporary name for gzfile\n");
3d167464
 	free(tarfile);
 	fclose(tar);
 	return -1;
8139fd99
     }
 
     if((gz = gzopen(gzfile, "wb")) == NULL) {
efa239e2
 	mprintf("!build: Can't open file %s to write.\n", gzfile);
3d167464
 	free(tarfile);
 	fclose(tar);
 	free(gzfile);
 	return -1;
8139fd99
     }
 
3d167464
     while((bytes = fread(buffer, 1, FILEBUFF, tar)) > 0) {
 	if(!gzwrite(gz, buffer, bytes)) {
efa239e2
 	    mprintf("!build: Can't gzwrite to %s\n", gzfile);
3d167464
 	    fclose(tar);
 	    gzclose(gz);
 	    free(tarfile);
 	    free(gzfile);
 	    return -1;
 	}
     }
8139fd99
 
     fclose(tar);
3d167464
     gzclose(gz);
8139fd99
     unlink(tarfile);
     free(tarfile);
 
     /* MD5 */
3d167464
     if(!(pt = cli_md5file(gzfile))) {
efa239e2
 	mprintf("!build: Can't generate MD5 checksum for gzfile\n");
3d167464
 	unlink(gzfile);
 	free(gzfile);
 	return -1;
     }
658f19f8
     strcat(header, pt);
ae307914
     free(pt);
658f19f8
     strcat(header, ":");
8139fd99
 
     /* digital signature */
3d167464
     if(!(tar = fopen(gzfile, "rb"))) {
efa239e2
 	mprintf("!build: Can't open file %s for reading\n", gzfile);
3d167464
 	unlink(gzfile);
 	free(gzfile);
 	return -1;
     }
 
     if(!(pt = cli_md5stream(tar, (unsigned char *) buffer))) {
efa239e2
 	mprintf("!build: Can't generate MD5 checksum for %s\n", gzfile);
3d167464
 	unlink(gzfile);
 	free(gzfile);
 	return -1;
     }
335d1663
     free(pt);
3d167464
     rewind(tar);
 
5b68299b
     if(!(pt = getdsig(opt_arg(opt, "server"), builder, buffer, 16, 0))) {
efa239e2
 	mprintf("!build: Can't get digital signature from remote server\n");
0f387b1b
 	unlink(gzfile);
3d167464
 	free(gzfile);
 	fclose(tar);
 	return -1;
ae307914
     }
658f19f8
     strcat(header, pt);
ae307914
     free(pt);
658f19f8
     strcat(header, ":");
8139fd99
 
3365db23
     /* add builder */
e3bcc33a
     strcat(header, builder);
8139fd99
 
3365db23
     /* add current time */
     sprintf(header + strlen(header), ":%d", (int) timet);
 
8139fd99
     /* fill up with spaces */
3d167464
     while(strlen(header) < sizeof(header) - 1)
658f19f8
 	strcat(header, " ");
8139fd99
 
     /* build the final database */
7b8edc5c
     pt = opt_arg(opt, "build");
3d167464
     if(!(cvd = fopen(pt, "wb"))) {
efa239e2
 	mprintf("!build: Can't create final database %s\n", pt);
0f387b1b
 	unlink(gzfile);
3d167464
 	free(gzfile);
 	fclose(tar);
 	return -1;
8139fd99
     }
 
3d167464
     if(fwrite(header, 1, 512, cvd) != 512) {
efa239e2
 	mprintf("!build: Can't write to %s\n", pt);
3d167464
 	fclose(cvd);
 	fclose(tar);
 	unlink(pt);
 	unlink(gzfile);
 	free(gzfile);
 	return -1;
8139fd99
     }
 
3d167464
     while((bytes = fread(buffer, 1, FILEBUFF, tar)) > 0) {
 	if(fwrite(buffer, 1, bytes, cvd) != bytes) {
 	    fclose(tar);
 	    fclose(cvd);
 	    unlink(pt);
efa239e2
 	    mprintf("!build: Can't write to %s\n", gzfile);
3d167464
 	    unlink(gzfile);
 	    free(gzfile);
 	    return -1;
 	}
     }
8139fd99
 
     fclose(tar);
     fclose(cvd);
3d167464
     if(unlink(gzfile) == -1) {
efa239e2
 	mprintf("^build: Can't unlink %s\n", gzfile);
3d167464
 	return -1;
     }
8139fd99
     free(gzfile);
 
5b68299b
     mprintf("Created %s\n", pt);
3d167464
 
1aa405c3
     /* generate patch */
c4cbb847
     if(opt->filename) {
 	strncpy(olddb, opt->filename, sizeof(olddb));
1aa405c3
     } else {
c4cbb847
 	if(inc) {
 	    pt = freshdbdir();
 	    snprintf(olddb, sizeof(olddb), "%s/%s.inc", pt, dbname);
 	    free(pt);
 	} else {
 	    pt = freshdbdir();
 	    snprintf(olddb, sizeof(olddb), "%s/%s.cvd", pt, dbname);
 	    free(pt);
 	}
     }
1aa405c3
 
c4cbb847
     if(!inc) {
1aa405c3
 	pt = cli_gentemp(NULL);
 	if(mkdir(pt, 0700)) {
 	    mprintf("!build: Can't create temporary directory %s\n", pt);
 	    return -1;
 	}
 	if(cvd_unpack(olddb, pt) == -1) {
 	    mprintf("!build: Can't unpack CVD file %s\n", olddb);
66ba1785
 	    cli_rmdirs(pt);
1aa405c3
 	    free(pt);
 	    return -1;
 	}
 	strncpy(olddb, pt, sizeof(olddb));
     }
 
     pt = cli_gentemp(NULL);
     if(mkdir(pt, 0700)) {
 	mprintf("!build: Can't create temporary directory %s\n", pt);
 	free(pt);
 	if(!inc)
66ba1785
 	    cli_rmdirs(olddb);
1aa405c3
 	return -1;
     }
     if(cvd_unpack(opt_arg(opt, "build"), pt) == -1) {
 	mprintf("!build: Can't unpack CVD file %s\n", opt_arg(opt, "build"));
66ba1785
 	cli_rmdirs(pt);
1aa405c3
 	free(pt);
 	if(!inc)
66ba1785
 	    cli_rmdirs(olddb);
1aa405c3
 	return -1;
     }
 
     if(!strcmp(dbname, "main"))
5b68299b
 	snprintf(patch, sizeof(patch), "main-%u.script", version);
1aa405c3
     else
5b68299b
 	snprintf(patch, sizeof(patch), "daily-%u.script", version);
1aa405c3
 
     ret = diffdirs(olddb, pt, patch);
 
66ba1785
     cli_rmdirs(pt);
1aa405c3
     free(pt);
 
     if(ret == -1) {
 	if(!inc)
66ba1785
 	    cli_rmdirs(olddb);
1aa405c3
 	return -1;
     }
 
5b68299b
     ret = verifydiff(patch, NULL, olddb);
1aa405c3
 
     if(!inc)
66ba1785
 	cli_rmdirs(olddb);
1aa405c3
 
     if(ret == -1) {
 	snprintf(broken, sizeof(broken), "%s.broken", patch);
 	if(rename(patch, broken)) {
 	    unlink(patch);
 	    mprintf("!Generated file is incorrect, removed");
 	} else {
 	    mprintf("!Generated file is incorrect, renamed to %s\n", broken);
 	}
5b68299b
     } else {
 	ret = script2cdiff(patch, builder, opt);
1aa405c3
     }
 
     return ret;
3d167464
 }
 
 static int unpack(struct optstruct *opt)
 {
 	char *name, *dbdir;
1aa405c3
 	struct stat sb;
3d167464
 
 
     if(opt_check(opt, "unpack-current")) {
 	dbdir = freshdbdir();
8ca8a18e
 	name = malloc(strlen(dbdir) + strlen(opt_arg(opt, "unpack-current")) + 32);
1aa405c3
 	sprintf(name, "%s/%s.inc", dbdir, opt_arg(opt, "unpack-current"));
 	if(stat(name, &sb) != -1) {
 
 	    if(dircopy(name, ".") == -1) {
 		mprintf("!unpack: Can't copy incremental directory %s to local directory\n", name);
 		free(name);
 		free(dbdir);
 		return -1;
 	    }
 
 	    return 0;
 
 	} else {
 	    sprintf(name, "%s/%s.cvd", dbdir, opt_arg(opt, "unpack-current"));
 	}
3d167464
 	free(dbdir);
1aa405c3
 
3d167464
     } else
 	name = strdup(opt_arg(opt, "unpack"));
8139fd99
 
3d167464
     if(cvd_unpack(name, ".") == -1) {
efa239e2
 	mprintf("!unpack: Can't unpack CVD file %s\n", name);
3d167464
 	free(name);
 	return -1;
     }
 
     free(name);
2d70a403
     return 0;
8139fd99
 }
 
3d167464
 static int cvdinfo(struct optstruct *opt)
8139fd99
 {
 	struct cl_cvd *cvd;
 	char *pt;
6a2532ca
 	int ret;
8139fd99
 
3d167464
 
7b8edc5c
     pt = opt_arg(opt, "info");
6a2532ca
     if((cvd = cl_cvdhead(pt)) == NULL) {
efa239e2
 	mprintf("!cvdinfo: Can't read/parse CVD header of %s\n", pt);
3d167464
 	return -1;
8139fd99
     }
 
3d167464
     pt = strchr(cvd->time, '-');
     *pt = ':';
efa239e2
     mprintf("Build time: %s\n", cvd->time);
     mprintf("Version: %d\n", cvd->version);
     mprintf("Signatures: %d\n", cvd->sigs);
     mprintf("Functionality level: %d\n", cvd->fl);
     mprintf("Builder: %s\n", cvd->builder);
     mprintf("MD5: %s\n", cvd->md5);
     mprintf("Digital signature: %s\n", cvd->dsig);
8139fd99
 
6a2532ca
 #ifndef HAVE_GMP
efa239e2
     mprintf("^Digital signature support not compiled in.\n");
6a2532ca
 #endif
 
3d167464
     pt = opt_arg(opt, "info");
6a2532ca
     if((ret = cl_cvdverify(pt)))
efa239e2
 	mprintf("!cvdinfo: Verification: %s\n", cl_strerror(ret));
6a2532ca
     else
efa239e2
 	mprintf("Verification OK.\n");
6a2532ca
 
3d167464
     cl_cvdfree(cvd);
     return 0;
8139fd99
 }
 
3d167464
 static int listdb(const char *filename);
ae307914
 
3d167464
 static int listdir(const char *dirname)
 {
 	DIR *dd;
 	struct dirent *dent;
 	char *dbfile;
ae307914
 
 
3d167464
     if((dd = opendir(dirname)) == NULL) {
efa239e2
         mprintf("!listdir: Can't open directory %s\n", dirname);
3d167464
         return -1;
ae307914
     }
 
3d167464
     while((dent = readdir(dd))) {
 #ifndef C_INTERIX
 	if(dent->d_ino)
 #endif
 	{
 	    if(strcmp(dent->d_name, ".") && strcmp(dent->d_name, "..") &&
 	    (cli_strbcasestr(dent->d_name, ".db")  ||
 	     cli_strbcasestr(dent->d_name, ".hdb") ||
c09d6c19
 	     cli_strbcasestr(dent->d_name, ".mdb") ||
3d167464
 	     cli_strbcasestr(dent->d_name, ".ndb") ||
0a4afbbd
 	     cli_strbcasestr(dent->d_name, ".sdb") ||
3d167464
 	     cli_strbcasestr(dent->d_name, ".zmd") ||
 	     cli_strbcasestr(dent->d_name, ".rmd") ||
89f4fd0f
 	     cli_strbcasestr(dent->d_name, ".inc") ||
3d167464
 	     cli_strbcasestr(dent->d_name, ".cvd"))) {
ae307914
 
8ca8a18e
 		dbfile = (char *) malloc(strlen(dent->d_name) + strlen(dirname) + 2);
3d167464
 		if(!dbfile) {
efa239e2
 		    mprintf("!listdir: Can't allocate memory for dbfile\n");
3d167464
 		    closedir(dd);
 		    return -1;
 		}
 		sprintf(dbfile, "%s/%s", dirname, dent->d_name);
ae307914
 
3d167464
 		if(listdb(dbfile) == -1) {
efa239e2
 		    mprintf("!listdb: Error listing database %s\n", dbfile);
3d167464
 		    free(dbfile);
 		    closedir(dd);
 		    return -1;
 		}
 		free(dbfile);
 	    }
2d70a403
 	}
     }
ae307914
 
3d167464
     closedir(dd);
     return 0;
0f387b1b
 }
0a2ad257
 
3d167464
 static int listdb(const char *filename)
0a2ad257
 {
3d167464
 	FILE *fd;
 	char *buffer, *pt, *start, *dir;
 	int line = 0;
0a2ad257
 	const char *tmpdir;
 
 
89f4fd0f
     if(cli_strbcasestr(filename, ".inc")) { /* incremental directory */
 	if(listdir(filename) == -1) {
 	    mprintf("!listdb: Can't list incremental directory %s\n", filename);
 	    return -1;
 	}
 	return 0;
     }
 
0a2ad257
     if((fd = fopen(filename, "rb")) == NULL) {
efa239e2
 	mprintf("!listdb: Can't open file %s\n", filename);
0a2ad257
 	return -1;
     }
 
8ca8a18e
     if(!(buffer = (char *) malloc(FILEBUFF))) {
efa239e2
 	mprintf("!listdb: Can't allocate memory for buffer\n");
bcf3dc79
 	fclose(fd);
0a2ad257
 	return -1;
     }
 
     /* check for CVD file */
     fgets(buffer, 12, fd);
     rewind(fd);
 
     if(!strncmp(buffer, "ClamAV-VDB:", 11)) {
3d167464
 	free(buffer);
 	fclose(fd);
0a2ad257
 
 	tmpdir = getenv("TMPDIR");
 	if(tmpdir == NULL)
 #ifdef P_tmpdir
 	    tmpdir = P_tmpdir;
 #else
 	    tmpdir = "/tmp";
 #endif
 
3d167464
 	if(!(dir = cli_gentemp(tmpdir))) {
efa239e2
 	    mprintf("!listdb: Can't generate temporary name\n");
0a2ad257
 	    return -1;
 	}
 
3d167464
 	if(mkdir(dir, 0700)) {
efa239e2
 	    mprintf("!listdb: Can't create temporary directory %s\n", dir);
0a2ad257
 	    free(dir);
 	    return -1;
 	}
 
3d167464
 	if(cvd_unpack(filename, dir) == -1) {
efa239e2
 	    mprintf("!listdb: Can't unpack CVD file %s\n", filename);
66ba1785
 	    cli_rmdirs(dir);
0a2ad257
 	    free(dir);
 	    return -1;
 	}
 
 	/* list extracted directory */
3d167464
 	if(listdir(dir) == -1) {
89f4fd0f
 	    mprintf("!listdb: Can't list directory %s\n", filename);
66ba1785
 	    cli_rmdirs(dir);
3d167464
 	    free(dir);
 	    return -1;
 	}
0a2ad257
 
66ba1785
 	cli_rmdirs(dir);
0a2ad257
 	free(dir);
 
 	return 0;
     }
 
3d167464
     if(cli_strbcasestr(filename, ".db")) { /* old style database */
3365db23
 
 	while(fgets(buffer, FILEBUFF, fd)) {
 	    line++;
 	    pt = strchr(buffer, '=');
 	    if(!pt) {
efa239e2
 		mprintf("!listdb: Malformed pattern line %d (file %s)\n", line, filename);
3365db23
 		fclose(fd);
 		free(buffer);
 		return -1;
 	    }
0a2ad257
 
3365db23
 	    start = buffer;
 	    *pt = 0;
0a2ad257
 
3365db23
 	    if((pt = strstr(start, " (Clam)")))
 		*pt = 0;
 
efa239e2
 	    mprintf("%s\n", start);
0a2ad257
 	}
 
c09d6c19
     } else if(cli_strbcasestr(filename, ".hdb") || cli_strbcasestr(filename, ".mdb")) { /* hash database */
0a2ad257
 
3365db23
 	while(fgets(buffer, FILEBUFF, fd)) {
 	    line++;
 	    cli_chomp(buffer);
 	    start = cli_strtok(buffer, 2, ":");
 
 	    if(!start) {
efa239e2
 		mprintf("!listdb: Malformed pattern line %d (file %s)\n", line, filename);
3365db23
 		fclose(fd);
 		free(buffer);
 		return -1;
 	    }
 
 	    if((pt = strstr(start, " (Clam)")))
 		*pt = 0;
 
efa239e2
 	    mprintf("%s\n", start);
3365db23
 	    free(start);
 	}
0a2ad257
 
0a4afbbd
     } else if(cli_strbcasestr(filename, ".ndb") || cli_strbcasestr(filename, ".sdb") || cli_strbcasestr(filename, ".zmd") || cli_strbcasestr(filename, ".rmd")) {
7ec67e94
 
 	while(fgets(buffer, FILEBUFF, fd)) {
 	    line++;
 	    cli_chomp(buffer);
 	    start = cli_strtok(buffer, 0, ":");
 
 	    if(!start) {
efa239e2
 		mprintf("!listdb: Malformed pattern line %d (file %s)\n", line, filename);
7ec67e94
 		fclose(fd);
 		free(buffer);
 		return -1;
 	    }
 
 	    if((pt = strstr(start, " (Clam)")))
 		*pt = 0;
 
efa239e2
 	    mprintf("%s\n", start);
7ec67e94
 	    free(start);
 	}
0a2ad257
     }
 
     fclose(fd);
     free(buffer);
     return 0;
 }
 
3d167464
 static int listsigs(struct optstruct *opt)
0a2ad257
 {
 	int ret;
 	const char *name;
98ce643b
 	char *dbdir;
0a2ad257
 
3d167464
 
0a2ad257
     mprintf_stdout = 1;
 
7b8edc5c
     if((name = opt_arg(opt, "list-sigs"))) {
0a2ad257
 	ret = listdb(name);
98ce643b
     } else {
 	dbdir = freshdbdir();
 	ret = listdir(dbdir);
 	free(dbdir);
     }
0a2ad257
 
3d167464
     return ret;
 }
 
 static int vbadump(struct optstruct *opt)
 {
 	int fd, hex_output=0;
 	char *dir;
 
 
     if(opt_check(opt, "vba-hex"))
 	hex_output = 1;
  
     if((fd = open(opt_arg(opt, "vba"), O_RDONLY)) == -1) {
 	if((fd = open(opt_arg(opt, "vba-hex"), O_RDONLY)) == -1) {
efa239e2
 	    mprintf("!vbadump: Can't open file %s\n", opt_arg(opt, "vba"));
3d167464
 	    return -1;
 	}
     }
 
     /* generate the temporary directory */
     dir = cli_gentemp(NULL);
     if(mkdir(dir, 0700)) {
efa239e2
 	mprintf("!vbadump: Can't create temporary directory %s\n", dir);
3d167464
 	free(dir);
 	close(fd);
         return -1;
     }
 
     if(cli_ole2_extract(fd, dir, NULL)) {
 	cli_rmdirs(dir);
         free(dir);
 	close(fd);
         return -1;
     }
 
     close(fd);
     sigtool_vba_scandir(dir, hex_output);
66ba1785
     cli_rmdirs(dir);
3d167464
     free(dir);
     return 0;
ee039e40
 }
 
5b68299b
 static int rundiff(struct optstruct *opt)
bb990ecd
 {
 	int fd, ret;
5b68299b
 	unsigned short mode;
 	const char *diff;
 
bb990ecd
 
5b68299b
     diff = opt_arg(opt, "run-cdiff");
     if(strstr(diff, ".cdiff")) {
 	mode = 1;
     } else if(strstr(diff, ".script")) {
 	mode = 0;
     } else {
 	mprintf("!rundiff: Incorrect file name (no .cdiff/.script extension)\n");
 	return -1;
     }
bb990ecd
 
5b68299b
     if((fd = open(diff, O_RDONLY)) == -1) {
 	mprintf("!rundiff: Can't open file %s\n", diff);
bb990ecd
 	return -1;
6edef583
     }
bb990ecd
 
5b68299b
     ret = cdiff_apply(fd, mode);
bb990ecd
     close(fd);
 
     return ret;
 }
 
37eca903
 static int compare(const char *oldpath, const char *newpath, FILE *diff)
 {
 	FILE *old, *new;
fb30f402
 	char obuff[1024], nbuff[1024], tbuff[1024], *pt, *omd5, *nmd5;
 	unsigned int oline = 0, tline, found, i;
 	long opos;
37eca903
 
 
     if(!(new = fopen(newpath, "r"))) {
 	mprintf("!compare: Can't open file %s for reading\n", newpath);
 	return -1;
     }
 
     if((omd5 = cli_md5file(oldpath))) {
 	if(!(nmd5 = cli_md5file(newpath))) {
 	    mprintf("!compare: Can't get MD5 checksum of %s\n", newpath);
 	    free(omd5);
 	    return -1;
 	}
 	if(!strcmp(omd5, nmd5)) {
 	    free(omd5);
 	    free(nmd5);
 	    return 0;
 	}
 	free(omd5);
 	free(nmd5);
     }
 
     fprintf(diff, "OPEN %s\n", newpath);
 
     old = fopen(oldpath, "r");
 
     while(fgets(nbuff, sizeof(nbuff), new)) {
 	cli_chomp(nbuff);
 
 	if(!old) {
 	    fprintf(diff, "ADD %s\n", nbuff);
 	} else {
 	    if(fgets(obuff, sizeof(obuff), old)) {
fb30f402
 		oline++;
37eca903
 		cli_chomp(obuff);
 		if(!strcmp(nbuff, obuff)) {
 		    continue;
 		} else {
fb30f402
 		    tline = 0;
 		    found = 0;
 		    opos = ftell(old);
 		    while(fgets(tbuff, sizeof(tbuff), old)) {
 			tline++;
 			cli_chomp(tbuff);
 
 			if(tline > MAX_DEL_LOOKAHEAD)
 			    break;
 
 			if(!strcmp(tbuff, nbuff)) {
 			    found = 1;
 			    break;
 			}
 		    }
 		    fseek(old, opos, SEEK_SET);
 
 		    if(found) {
 			strncpy(tbuff, obuff, sizeof(tbuff));
 			for(i = 0; i < tline; i++) {
 			    tbuff[16] = 0;
 			    if((pt = strchr(tbuff, ' ')))
 				*pt = 0;
 			    fprintf(diff, "DEL %u %s\n", oline + i, tbuff);
 			    fgets(tbuff, sizeof(tbuff), old);
 			}
 			oline += tline;
 
 		    } else {
 			obuff[16] = 0;
37eca903
 			if((pt = strchr(obuff, ' ')))
 			    *pt = 0;
fb30f402
 			fprintf(diff, "XCHG %u %s %s\n", oline, obuff, nbuff);
37eca903
 		    }
 		}
 	    } else {
 		fclose(old);
 		old = NULL;
 		fprintf(diff, "ADD %s\n", nbuff);
 	    }
 	}
     }
 
fb30f402
     if(old) {
 	while(fgets(obuff, sizeof(obuff), old)) {
 	    oline++;
 	    obuff[16] = 0;
 	    if((pt = strchr(obuff, ' ')))
 		*pt = 0;
 	    fprintf(diff, "DEL %u %s\n", oline, obuff);
 	}
37eca903
 	fclose(old);
fb30f402
     }
 
37eca903
     fprintf(diff, "CLOSE\n");
     return 0;
 }
 
5b68299b
 static int verifydiff(const char *diff, const char *cvd, const char *incdir)
6edef583
 {
1aa405c3
 	char *tempdir, cwd[512], buff[1024], info[32], *md5, *pt;
 	const char *cpt;
6edef583
 	FILE *fh;
 	int ret = 0, fd;
5b68299b
 	unsigned short mode;
 
6edef583
 
5b68299b
     if(strstr(diff, ".cdiff")) {
 	mode = 1;
     } else if(strstr(diff, ".script")) {
 	mode = 0;
     } else {
 	mprintf("!verifydiff: Incorrect file name (no .cdiff/.script extension)\n");
 	return -1;
     }
6edef583
 
     tempdir = cli_gentemp(NULL);
     if(!tempdir) {
5b68299b
 	mprintf("!verifydiff: Can't generate temporary name for tempdir\n");
6edef583
 	return -1;
     }
 
     if(mkdir(tempdir, 0700) == -1) {
5b68299b
 	mprintf("!verifydiff: Can't create directory %s\n", tempdir);
6edef583
 	free(tempdir);
 	return -1;
     }
 
1aa405c3
     if(cvd) {
 	if(cvd_unpack(cvd, tempdir) == -1) {
5b68299b
 	    mprintf("!verifydiff: Can't unpack CVD file %s\n", cvd);
66ba1785
 	    cli_rmdirs(tempdir);
1aa405c3
 	    free(tempdir);
 	    return -1;
 	}
     } else {
 	if(dircopy(incdir, tempdir) == -1) {
5b68299b
 	    mprintf("!verifydiff: Can't copy dir %s to %s\n", incdir, tempdir);
66ba1785
 	    cli_rmdirs(tempdir);
1aa405c3
 	    free(tempdir);
 	    return -1;
 	}
6edef583
     }
 
     if((fd = open(diff, O_RDONLY)) == -1) {
5b68299b
 	mprintf("!verifydiff: Can't open diff file %s\n", diff);
66ba1785
 	cli_rmdirs(tempdir);
6edef583
 	free(tempdir);
 	return -1;
     }
 
     getcwd(cwd, sizeof(cwd));
 
     if(chdir(tempdir) == -1) {
5b68299b
 	mprintf("!verifydiff: Can't chdir to %s\n", tempdir);
66ba1785
 	cli_rmdirs(tempdir);
6edef583
 	free(tempdir);
 	close(fd);
 	return -1;
     }
 
5b68299b
     if(cdiff_apply(fd, mode) == -1) {
 	mprintf("!verifydiff: Can't apply %s\n", diff);
6edef583
 	chdir(cwd);
66ba1785
 	cli_rmdirs(tempdir);
6edef583
 	free(tempdir);
 	close(fd);
 	return -1;
     }
     close(fd);
 
1aa405c3
     cvd ? (cpt = cvd) : (cpt = incdir);
 
     if(strstr(cpt, "main.cvd"))
6edef583
 	strcpy(info, "main.info");
     else
 	strcpy(info, "daily.info");
 
     if(!(fh = fopen(info, "r"))) {
5b68299b
 	mprintf("!verifydiff: Can't open %s\n", info);
6edef583
 	chdir(cwd);
66ba1785
 	cli_rmdirs(tempdir);
6edef583
 	free(tempdir);
 	return -1;
     }
 
     fgets(buff, sizeof(buff), fh);
 
     if(strncmp(buff, "ClamAV-VDB", 10)) {
5b68299b
 	mprintf("!verifydiff: Incorrect info file %s\n", info);
6edef583
 	chdir(cwd);
66ba1785
 	cli_rmdirs(tempdir);
6edef583
 	free(tempdir);
 	return -1;
     }
 
     while(fgets(buff, sizeof(buff), fh)) {
 	cli_chomp(buff);
 	if(!(pt = strchr(buff, ':'))) {
5b68299b
 	    mprintf("!verifydiff: Incorrect format of %s\n", info);
6edef583
 	    ret = -1;
 	    break;
 	}
 	*pt++ = 0;
 	if(!(md5 = cli_md5file(buff))) {
5b68299b
 	    mprintf("!verifydiff: Can't generate MD5 for %s\n", buff);
6edef583
 	    ret = -1;
 	    break;
 	}
 	if(strcmp(pt, md5)) {
5b68299b
 	    mprintf("!verifydiff: %s has incorrect checksum\n", buff);
6edef583
 	    ret = -1;
 	    break;
 	}
     }
 
     fclose(fh);
     chdir(cwd);
66ba1785
     cli_rmdirs(tempdir);
6edef583
     free(tempdir);
 
1aa405c3
     if(!ret) {
 	if(cvd)
 	    mprintf("Verification: %s correctly applies to %s\n", diff, cvd);
 	else
b336436b
 	    mprintf("Verification: %s correctly applies to the previous version\n", diff);
1aa405c3
     }
6edef583
 
     return ret;
 }
 
1aa405c3
 static int diffdirs(const char *old, const char *new, const char *patch)
37eca903
 {
 	FILE *diff;
 	DIR *dd;
 	struct dirent *dent;
1aa405c3
 	char cwd[512], opath[1024];
 
 
     getcwd(cwd, sizeof(cwd));
 
     if(!(diff = fopen(patch, "w"))) {
         mprintf("!diffdirs: Can't open %s for writing\n", patch);
 	return -1;
     }
 
     if(chdir(new) == -1) {
 	mprintf("!diffdirs: Can't chdir to %s\n", new);
 	fclose(diff);
 	return -1;
     }
 
     if((dd = opendir(new)) == NULL) {
         mprintf("!diffdirs: Can't open directory %s\n", new);
 	fclose(diff);
 	return -1;
     }
 
     while((dent = readdir(dd))) {
 #ifndef C_INTERIX
 	if(dent->d_ino)
 #endif
 	{
 	    if(!strcmp(dent->d_name, ".") || !strcmp(dent->d_name, ".."))
 		continue;
 
 	    snprintf(opath, sizeof(opath), "%s/%s", old, dent->d_name);
 	    if(compare(opath, dent->d_name, diff) == -1) {
 		fclose(diff);
 		unlink(patch);
 		closedir(dd);
 		return -1;
 	    }
 	}
     }
 
     closedir(dd);
 
     fclose(diff);
5b68299b
     mprintf("Generated diff file %s\n", patch);
1aa405c3
     chdir(cwd);
 
     return 0;
 }
 
 static int makediff(struct optstruct *opt)
 {
 	char *odir, *ndir, name[32], broken[32];
37eca903
 	struct cl_cvd *cvd;
 	unsigned int oldver, newver;
1aa405c3
 	int ret;
37eca903
 
 
     if(!opt->filename) {
 	mprintf("!makediff: --diff requires two arguments\n");
 	return -1;
     }
 
     if(!(cvd = cl_cvdhead(opt->filename))) {
 	mprintf("!makediff: Can't read CVD header from %s\n", opt->filename);
 	return -1;
     }
     newver = cvd->version;
     free(cvd);
 
     if(!(cvd = cl_cvdhead(opt_arg(opt, "diff")))) {
 	mprintf("!makediff: Can't read CVD header from %s\n", opt_arg(opt, "diff"));
 	return -1;
     }
     oldver = cvd->version;
     free(cvd);
 
     if(oldver + 1 != newver) {
 	mprintf("!makediff: The old CVD must be %u\n", newver - 1);
 	return -1;
     }
 
     odir = cli_gentemp(NULL);
     if(!odir) {
 	mprintf("!makediff: Can't generate temporary name for odir\n");
 	return -1;
     }
 
     if(mkdir(odir, 0700) == -1) {
 	mprintf("!makediff: Can't create directory %s\n", odir);
 	free(odir);
 	return -1;
     }
 
     if(cvd_unpack(opt_arg(opt, "diff"), odir) == -1) {
 	mprintf("!makediff: Can't unpack CVD file %s\n", opt_arg(opt, "diff"));
66ba1785
 	cli_rmdirs(odir);
37eca903
 	free(odir);
 	return -1;
     }
 
     ndir = cli_gentemp(NULL);
     if(!ndir) {
 	mprintf("!makediff: Can't generate temporary name for ndir\n");
66ba1785
 	cli_rmdirs(odir);
37eca903
 	free(odir);
 	return -1;
     }
 
     if(mkdir(ndir, 0700) == -1) {
 	mprintf("!makediff: Can't create directory %s\n", ndir);
 	free(ndir);
66ba1785
 	cli_rmdirs(odir);
37eca903
 	free(odir);
 	return -1;
     }
 
     if(cvd_unpack(opt->filename, ndir) == -1) {
 	mprintf("!makediff: Can't unpack CVD file %s\n", opt->filename);
66ba1785
 	cli_rmdirs(odir);
 	cli_rmdirs(ndir);
37eca903
 	free(odir);
 	free(ndir);
 	return -1;
     }
 
     if(strstr(opt->filename, "main"))
5b68299b
 	snprintf(name, sizeof(name), "main-%u.script", newver);
37eca903
     else
5b68299b
 	snprintf(name, sizeof(name), "daily-%u.script", newver);
37eca903
 
1aa405c3
     ret = diffdirs(odir, ndir, name);
37eca903
 
66ba1785
     cli_rmdirs(odir);
     cli_rmdirs(ndir);
37eca903
     free(odir);
     free(ndir);
6edef583
 
1aa405c3
     if(ret == -1)
 	return -1;
6edef583
 
5b68299b
     if(verifydiff(name, opt_arg(opt, "diff"), NULL) == -1) {
6edef583
 	snprintf(broken, sizeof(broken), "%s.broken", name);
 	if(rename(name, broken)) {
 	    unlink(name);
 	    mprintf("!Generated file is incorrect, removed");
 	} else {
 	    mprintf("!Generated file is incorrect, renamed to %s\n", broken);
 	}
 	return -1;
     }
 
37eca903
     return 0;
 }
 
ee039e40
 void help(void)
 {
     mprintf("\n");
4d89cb07
     mprintf("             Clam AntiVirus: Signature Tool (sigtool)  "VERSION"\n");
61409916
     mprintf("    (C) 2002 - 2007 ClamAV Team - http://www.clamav.net/team\n\n");
ee039e40
 
     mprintf("    --help                 -h              show help\n");
     mprintf("    --version              -V              print version number and exit\n");
     mprintf("    --quiet                                be quiet, output only error messages\n");
     mprintf("    --debug                                enable debug messages\n");
     mprintf("    --stdout                               write to stdout instead of stderr\n");
     mprintf("    --hex-dump                             convert data from stdin to a hex\n");
     mprintf("                                           string and print it on stdout\n");
bcf3dc79
     mprintf("    --md5 [FILES]                          generate MD5 checksum from stdin\n");
     mprintf("                                           or MD5 sigs for FILES\n");
60892bc1
     mprintf("    --mdb [FILES]                          generate .mdb sigs\n");
08d6b1e3
     mprintf("    --html-normalise=FILE                  create normalised parts of HTML file\n");
ec5e029e
     mprintf("    --utf16-decode=FILE                    decode UTF16 encoded files\n");
ee039e40
     mprintf("    --info=FILE            -i FILE         print database information\n");
c4cbb847
     mprintf("    --build=NAME [cvd/inc] -b NAME         build a CVD file\n");
ee039e40
     mprintf("    --server=ADDR                          ClamAV Signing Service address\n");
     mprintf("    --unpack=FILE          -u FILE         Unpack a CVD file\n");
1aa405c3
     mprintf("    --unpack-current=SHORTNAME             Unpack local CVD/INCDIR in cwd\n");
ee039e40
     mprintf("    --list-sigs[=FILE]     -l[FILE]        List signature names\n");
9d0b7ebd
     mprintf("    --vba=FILE                             Extract VBA/Word6 macro code\n");
     mprintf("    --vba-hex=FILE                         Extract Word6 macro code with hex values\n");
37eca903
     mprintf("    --diff=OLD NEW         -d OLD NEW      Create diff for OLD and NEW CVDs\n");
bb990ecd
     mprintf("    --run-cdiff=FILE       -r FILE         Execute update script FILE in cwd\n");
1aa405c3
     mprintf("    --verify-cdiff=DIFF CVD/INCDIR         Verify DIFF against CVD\n");
ee039e40
     mprintf("\n");
 
3d167464
     return;
 }
 
 int main(int argc, char **argv)
 {
 	int ret = 1;
         struct optstruct *opt;
f25fa788
 	struct stat sb;
37eca903
 	const char *short_options = "hvVb:i:u:l::r:d:";
3d167464
 	static struct option long_options[] = {
 	    {"help", 0, 0, 'h'},
 	    {"quiet", 0, 0, 0},
 	    {"debug", 0, 0, 0},
 	    {"verbose", 0, 0, 'v'},
 	    {"stdout", 0, 0, 0},
 	    {"version", 0, 0, 'V'},
 	    {"tempdir", 1, 0, 0},
 	    {"hex-dump", 0, 0, 0},
 	    {"md5", 0, 0, 0},
60892bc1
 	    {"mdb", 0, 0, 0},
3d167464
 	    {"html-normalise", 1, 0, 0},
ec5e029e
 	    {"utf16-decode", 1, 0, 0},
3d167464
 	    {"build", 1, 0, 'b'},
 	    {"server", 1, 0, 0},
 	    {"unpack", 1, 0, 'u'},
 	    {"unpack-current", 1, 0, 0},
 	    {"info", 1, 0, 'i'},
 	    {"list-sigs", 2, 0, 'l'},
 	    {"vba", 1, 0 ,0},
 	    {"vba-hex", 1, 0, 0},
37eca903
 	    {"diff", 1, 0, 'd'},
bb990ecd
 	    {"run-cdiff", 1, 0, 'r'},
6edef583
 	    {"verify-cdiff", 1, 0, 0},
3d167464
 	    {0, 0, 0, 0}
     	};
 
     opt = opt_parse(argc, argv, short_options, long_options, NULL);
     if(!opt) {
 	mprintf("!Can't parse the command line\n");
 	return 1;
     }
 
     if(opt_check(opt, "quiet"))
 	mprintf_quiet = 1;
 
     if(opt_check(opt, "stdout"))
 	mprintf_stdout = 1;
 
     if(opt_check(opt, "debug"))
 	cl_debug();
 
     if(opt_check(opt, "version")) {
 	print_version();
 	opt_free(opt);
 	return 0;
     }
 
     if(opt_check(opt, "help")) {
 	opt_free(opt);
     	help();
6edef583
 	return 0;
3d167464
     }
 
     if(opt_check(opt, "hex-dump"))
 	ret = hexdump();
     else if(opt_check(opt, "md5"))
60892bc1
 	ret = md5sig(opt, 0);
     else if(opt_check(opt, "mdb"))
 	ret = md5sig(opt, 1);
3d167464
     else if(opt_check(opt, "html-normalise"))
 	ret = htmlnorm(opt);
ec5e029e
     else if(opt_check(opt, "utf16-decode"))
 	ret = utf16decode(opt);
3d167464
     else if(opt_check(opt, "build"))
 	ret = build(opt);
     else if(opt_check(opt, "unpack"))
 	ret = unpack(opt);
     else if(opt_check(opt, "unpack-current"))
 	ret = unpack(opt);
     else if(opt_check(opt, "info"))
 	ret = cvdinfo(opt);
     else if(opt_check(opt, "list-sigs"))
 	ret = listsigs(opt);
     else if(opt_check(opt, "vba") || opt_check(opt, "vba-hex"))
 	ret = vbadump(opt);
37eca903
     else if(opt_check(opt, "diff"))
 	ret = makediff(opt);
bb990ecd
     else if(opt_check(opt, "run-cdiff"))
5b68299b
 	ret = rundiff(opt);
6edef583
     else if(opt_check(opt, "verify-cdiff")) {
 	if(!opt->filename) {
1aa405c3
 	    mprintf("!--verify-cdiff requires two arguments\n");
6edef583
 	    ret = -1;
 	} else {
f25fa788
 	    if(stat(opt->filename, &sb) == -1) {
 		mprintf("--verify-cdiff: Can't get status of %s\n", opt->filename);
 		ret = -1;
 	    } else {
 		if(S_ISDIR(sb.st_mode))
5b68299b
 		    ret = verifydiff(opt_arg(opt, "verify-cdiff"), NULL, opt->filename);
f25fa788
 		else
5b68299b
 		    ret = verifydiff(opt_arg(opt, "verify-cdiff"), opt->filename, NULL);
f25fa788
 	    }
6edef583
 	}
     } else
3d167464
 	help();
 
     opt_free(opt);
     return ret ? 1 : 0;
0a2ad257
 }