| 98cf4932 |
|
| ad387e52 |
* Revision 1.5 2006/10/10 23:51:49 tkojm
* apply patches for the anti-phish code from Edwin
* |
| d80e404f |
* Revision 1.4 2006/10/07 13:55:01 tkojm
* fix handlers
* |
| 6cecbecd |
* Revision 1.3 2006/10/07 11:00:46 tkojm
* make the experimental anti-phishing code more thread safe
* |
| 03bf7897 |
* Revision 1.2 2006/09/26 18:55:36 njh
* Fixed portability issues
*
* Revision 1.1 2006/09/13 19:40:27 njh
* First draft
* |
| 98cf4932 |
* Revision 1.1 2006/09/12 19:38:39 acab
* Phishing module merge - libclamav
*
* Revision 1.3 2006/08/20 21:18:11 edwin
* Added the script used to generate iana_tld.sh
* Added checks for phish_domaincheck_db
* Added phishing module design document from wiki (as discussed with aCaB).
* Updated .wdb/.pdb format documentation (in regex_list.c)
* Fixed some memory leaks in regex_list.c
* IOW: cleanups before the deadline.
* I consider my module to be ready for evaluation now.
*
* Revision 1.2 2006/08/09 16:26:44 edwin
* Forgot to add these files
*
*/
#if HAVE_CONFIG_H
#include "clamav-config.h"
#endif
#ifdef CL_EXPERIMENTAL
#ifndef CL_DEBUG
#define NDEBUG
#endif
#ifdef CL_THREAD_SAFE
#ifndef _REENTRANT
#define _REENTRANT
#endif
#endif
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <string.h> |
| 03bf7897 |
#ifdef HAVE_STRINGS_H |
| 98cf4932 |
#include <strings.h> |
| 03bf7897 |
#endif |
| 98cf4932 |
#include <ctype.h>
#include <limits.h>
#include "clamav.h"
#include <sys/types.h>
|
| 03bf7897 |
#ifdef HAVE_REGEX_H |
| 98cf4932 |
/*#define USE_PCRE*/
#include <regex.h> |
| 03bf7897 |
#endif |
| 98cf4932 |
#if defined(HAVE_READDIR_R_3) || defined(HAVE_READDIR_R_2)
#include <stddef.h>
#endif
#include "others.h"
#include "defaults.h"
#include "str.h"
#include "filetypes.h"
#include "mbox.h"
#include "phish_domaincheck_db.h"
#include "regex_list.h"
#include "matcher-ac.h"
|
| 6cecbecd |
int domainlist_match(const struct cl_engine* engine,const char* real_url,const char* display_url,int hostOnly,unsigned short* flags) |
| 98cf4932 |
{
const char* info; |
| ad387e52 |
int rc = engine->domainlist_matcher ? regex_list_match(engine->domainlist_matcher,real_url,display_url,hostOnly,&info,0) : 0; |
| 98cf4932 |
if(rc && info && info[0]) {/*match successfull, and has custom flags*/
if(strlen(info)==3 && isxdigit(info[0]) && isxdigit(info[1]) && isxdigit(info[2])) {
unsigned short notwantedflags=0;
sscanf(info,"%hx",¬wantedflags);
*flags &= ~notwantedflags;/* filter unwanted phishcheck flags */
}
else {
cli_warnmsg("Phishcheck:Unknown flag format in domainlist, 3 hex digits expected");
}
}
return rc;
}
|
| 6cecbecd |
int init_domainlist(struct cl_engine* engine) |
| 98cf4932 |
{ |
| 6cecbecd |
if(engine) { |
| d80e404f |
engine->domainlist_matcher = (struct regex_matcher *) cli_malloc(sizeof(struct regex_matcher)); |
| 6cecbecd |
if(!engine->domainlist_matcher)
return CL_EMEM;
return init_regex_list(engine->domainlist_matcher); |
| ad387e52 |
} |
| 6cecbecd |
else
return CL_ENULLARG; |
| 98cf4932 |
}
|
| 6cecbecd |
int is_domainlist_ok(const struct cl_engine* engine) |
| 98cf4932 |
{ |
| 6cecbecd |
return (engine && engine->domainlist_matcher) ? is_regex_ok(engine->domainlist_matcher) : 1; |
| 98cf4932 |
}
|
| 6cecbecd |
void domainlist_cleanup(const struct cl_engine* engine) |
| 98cf4932 |
{ |
| 6cecbecd |
if(engine && engine->domainlist_matcher) {
regex_list_cleanup(engine->domainlist_matcher);
} |
| 98cf4932 |
}
|
| 6cecbecd |
void domainlist_done(struct cl_engine* engine) |
| 98cf4932 |
{ |
| 6cecbecd |
if(engine && engine->domainlist_matcher) {
regex_list_done(engine->domainlist_matcher);
free(engine->domainlist_matcher);
engine->domainlist_matcher = NULL;
} |
| 98cf4932 |
}
#endif |