| 98cf4932 | |
| ad387e52 | #ifdef HAVE_REGEX_H #include <regex.h> #endif |
| 98cf4932 |
#define CL_PHISH_BASE 100
enum phish_status {CL_PHISH_NODECISION=0,CL_PHISH_CLEAN=CL_PHISH_BASE, CL_PHISH_CLEANUP_OK,CL_PHISH_HOST_OK, CL_PHISH_DOMAIN_OK,
CL_PHISH_HOST_NOT_LISTED,
CL_PHISH_REDIR_OK, CL_PHISH_HOST_REDIR_OK, CL_PHISH_DOMAIN_REDIR_OK,
CL_PHISH_HOST_REVERSE_OK,CL_PHISH_DOMAIN_REVERSE_OK,
CL_PHISH_WHITELISTED,CL_PHISH_HOST_WHITELISTED,
CL_PHISH_CLEAN_CID,
CL_PHISH_TEXTURL, CL_PHISH_MAILTO_OK,
CL_PHISH_CLOAKED_UIU, CL_PHISH_NUMERIC_IP,CL_PHISH_HEX_URL,CL_PHISH_CLOAKED_NULL,CL_PHISH_SSL_SPOOF, CL_PHISH_NOMATCH};
#define HOST_SUFFICIENT 1
#define DOMAIN_SUFFICIENT (HOST_SUFFICIENT | 2)
#define DO_REVERSE_LOOKUP 4
#define CHECK_REDIR 8
#define CHECK_SSL 16
#define CHECK_CLOAKING 32
#define CLEANUP_URL 64
#define CHECK_DOMAIN_REVERSE 128
#define CHECK_IMG_URL 256
#define DOMAINLIST_REQUIRED 512
/* img checking disabled by default */
|
| 327bc00a | #define LINKTYPE_IMAGE 1 |
| 98cf4932 | |
| eea49695 | #define CL_PHISH_ALL_CHECKS (CLEANUP_URL|DOMAIN_SUFFICIENT|CHECK_SSL|CHECK_CLOAKING|CHECK_IMG_URL) |
| 98cf4932 |
struct string {
int refcount;
struct string* ref;
char* data;
};
|
| ad387e52 |
struct phishcheck {
regex_t preg;
regex_t preg_tld;
regex_t preg_cctld;
regex_t preg_numeric; |
| 32edc870 | regex_t preg_hexurl; |
| ad387e52 | char* url_regex; int is_disabled; }; |
| 98cf4932 |
struct url_check {
struct string realLink;
struct string displayLink;
unsigned short flags; |
| 32edc870 | unsigned short always_check_flags; |
| 327bc00a | unsigned short link_type; |
| 98cf4932 | }; |
| f29e0028 | #ifdef _MESSAGE_H |
| 98cf4932 | int phishingScan(message* m,const char* dir,cli_ctx* ctx,tag_arguments_t* hrefs); |
| f29e0028 | #endif |
| 6cecbecd | |
| ad387e52 | void phish_disable(struct cl_engine* engine,const char* reason); |
| 6cecbecd | /* Global, non-thread-safe functions, call only once! */ |
| ad387e52 | int phishing_init(struct cl_engine* engine); |
| 6cecbecd | void phishing_done(struct cl_engine* engine); /* end of non-thread-safe functions */ |
| 98cf4932 |
static inline int isPhishing(enum phish_status rc)
{
switch(rc) {
case CL_PHISH_CLEAN:
case CL_PHISH_CLEANUP_OK:
case CL_PHISH_WHITELISTED:
case CL_PHISH_HOST_WHITELISTED:
case CL_PHISH_HOST_OK:
case CL_PHISH_DOMAIN_OK:
case CL_PHISH_REDIR_OK:
case CL_PHISH_HOST_REDIR_OK:
case CL_PHISH_DOMAIN_REDIR_OK:
case CL_PHISH_HOST_REVERSE_OK:
case CL_PHISH_DOMAIN_REVERSE_OK:
case CL_PHISH_MAILTO_OK:
case CL_PHISH_TEXTURL:
case CL_PHISH_HOST_NOT_LISTED:
case CL_PHISH_CLEAN_CID:
return 0;
case CL_PHISH_HEX_URL:
case CL_PHISH_CLOAKED_NULL:
case CL_PHISH_SSL_SPOOF:
case CL_PHISH_CLOAKED_UIU:
case CL_PHISH_NUMERIC_IP:
case CL_PHISH_NOMATCH:
return 1;
default:
return 1;
}
}
#endif
#endif |