e3aaff8e |
/* |
e871e527 |
* Copyright (C) 2002 - 2005 Tomasz Kojm <tkojm@clamav.net> |
e3aaff8e |
*
* This program is free software; you can redistribute it and/or modify |
bb34cb31 |
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation. |
e3aaff8e |
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software |
48b7b4a7 |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA. |
e3aaff8e |
*/
|
67118e92 |
#ifdef _MSC_VER
#include <winsock.h>
#endif
|
98ac8d19 |
#if HAVE_CONFIG_H
#include "clamav-config.h"
#endif
|
e3aaff8e |
#include <stdio.h>
#include <stdlib.h> |
a9ebff44 |
#include <string.h> |
67118e92 |
#ifdef HAVE_UNISTD_H |
e3aaff8e |
#include <unistd.h>
#include <sys/time.h> |
67118e92 |
#endif |
e3aaff8e |
#include <sys/types.h>
#include <sys/stat.h> |
96b02502 |
#include <fcntl.h> |
e3aaff8e |
#include <time.h> |
a9d3aa14 |
#ifdef C_WINDOWS
#include <direct.h> /* for chdir */
#else |
e3aaff8e |
#include <pwd.h>
#include <grp.h> |
67118e92 |
#endif |
e3aaff8e |
|
afb48b28 |
#if defined(USE_SYSLOG) && !defined(C_AIX) |
e3aaff8e |
#include <syslog.h>
#endif
|
cea858e0 |
#ifdef C_LINUX
#include <sys/resource.h>
#endif
|
bd8603aa |
#include "target.h"
#include "libclamav/clamav.h"
#include "libclamav/others.h" |
3d53538b |
#include "libclamav/matcher-ac.h" |
8cc8f810 |
#include "libclamav/readdb.h" |
bd8603aa |
#include "shared/output.h"
#include "shared/options.h"
#include "shared/cfgparser.h"
#include "shared/misc.h"
#include "server.h" |
e3aaff8e |
#include "tcpserver.h"
#include "localserver.h"
#include "others.h" |
afb48b28 |
#include "shared.h" |
6d6e8271 |
|
a9d3aa14 |
#ifndef C_WINDOWS
#define closesocket(s) close(s)
#endif |
e3aaff8e |
|
58bcf502 |
short debug_mode = 0, logok = 0; |
0ae41a2d |
short foreground = 0;
|
fc83da82 |
static void help(void) |
bd8603aa |
{
printf("\n"); |
add738d2 |
printf(" Clam AntiVirus Daemon %s\n", get_version()); |
61409916 |
printf(" (C) 2002 - 2007 ClamAV Team - http://www.clamav.net/team\n\n"); |
bd8603aa |
printf(" --help -h Show this help.\n");
printf(" --version -V Show version number.\n");
printf(" --debug Enable debug mode.\n");
printf(" --config-file=FILE -c FILE Read configuration from FILE.\n\n");
}
|
85398f3e |
static struct cfgstruct *copt; |
7b8edc5c |
int main(int argc, char **argv) |
e3aaff8e |
{ |
1095156a |
const struct cfgstruct *cpt; |
a9d3aa14 |
#ifndef C_WINDOWS |
ab8d8f52 |
struct passwd *user = NULL; |
a9d3aa14 |
#endif |
e3aaff8e |
time_t currtime; |
a57e3d41 |
struct cl_engine *engine = NULL; |
e3aaff8e |
const char *dbdir, *cfgfile; |
b023c36d |
char *pua_cats = NULL;
int ret, tcpsock = 0, localsock = 0, i; |
bd8603aa |
unsigned int sigs = 0; |
57358cc8 |
int lsockets[2], nlsockets = 0; |
d6449522 |
unsigned int dboptions = 0; |
c695dab4 |
#ifdef C_LINUX
struct stat sb;
#endif |
7b8edc5c |
struct optstruct *opt;
const char *short_options = "hc:V";
static struct option long_options[] = {
{"help", 0, 0, 'h'},
{"config-file", 1, 0, 'c'},
{"version", 0, 0, 'V'},
{"debug", 0, 0, 0},
{0, 0, 0, 0}
};
|
67118e92 |
#ifdef C_WINDOWS
if(!pthread_win32_process_attach_np()) {
mprintf("!Can't start the win32 pthreads layer\n");
return 1;
}
#endif |
7b8edc5c |
|
04fa4e9d |
opt = opt_parse(argc, argv, short_options, long_options, NULL, NULL); |
7b8edc5c |
if(!opt) {
mprintf("!Can't parse the command line\n");
return 1;
} |
e3aaff8e |
|
7b8edc5c |
if(opt_check(opt, "help")) { |
e3aaff8e |
help(); |
bd8603aa |
opt_free(opt);
return 0; |
e3aaff8e |
}
|
7b8edc5c |
if(opt_check(opt, "debug")) { |
cea858e0 |
#if defined(C_LINUX)
/* njh@bandsman.co.uk: create a dump if needed */
struct rlimit rlim;
rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
if(setrlimit(RLIMIT_CORE, &rlim) < 0)
perror("setrlimit");
#endif |
c238ac42 |
debug_mode = 1; |
cea858e0 |
} |
c238ac42 |
|
e3aaff8e |
/* parse the config file */ |
7b8edc5c |
if(opt_check(opt, "config-file"))
cfgfile = opt_arg(opt, "config-file"); |
e3aaff8e |
else |
81837459 |
cfgfile = CONFDIR"/clamd.conf"; |
e3aaff8e |
|
81837459 |
if((copt = getcfg(cfgfile, 1)) == NULL) { |
95d401c4 |
fprintf(stderr, "ERROR: Can't open/parse the config file %s\n", cfgfile); |
bd8603aa |
opt_free(opt);
return 1; |
e3aaff8e |
} |
0aa3ba06 |
if(opt_check(opt, "version")) {
print_version(cfgopt(copt, "DatabaseDirectory")->strarg);
opt_free(opt);
freecfg(copt);
return 0;
}
|
bd8603aa |
opt_free(opt); |
e3aaff8e |
|
3ff40d08 |
umask(0);
|
0ae41a2d |
/* drop privileges */ |
67118e92 |
#if (!defined(C_OS2)) && (!defined(C_WINDOWS)) |
0ae41a2d |
if(geteuid() == 0 && (cpt = cfgopt(copt, "User"))->enabled) {
if((user = getpwnam(cpt->strarg)) == NULL) {
fprintf(stderr, "ERROR: Can't get information about user %s.\n", cpt->strarg); |
bd8603aa |
freecfg(copt);
return 1; |
0ae41a2d |
}
if(cfgopt(copt, "AllowSupplementaryGroups")->enabled) {
#ifdef HAVE_INITGROUPS
if(initgroups(cpt->strarg, user->pw_gid)) {
fprintf(stderr, "ERROR: initgroups() failed.\n"); |
bd8603aa |
freecfg(copt);
return 1; |
0ae41a2d |
}
#else |
1bf0d5a8 |
mprintf("!AllowSupplementaryGroups: initgroups() is not available, please disable AllowSupplementaryGroups in %s\n", cfgfile);
freecfg(copt);
return 1; |
0ae41a2d |
#endif
} else {
#ifdef HAVE_SETGROUPS
if(setgroups(1, &user->pw_gid)) {
fprintf(stderr, "ERROR: setgroups() failed.\n"); |
bd8603aa |
freecfg(copt);
return 1; |
0ae41a2d |
}
#endif
}
if(setgid(user->pw_gid)) {
fprintf(stderr, "ERROR: setgid(%d) failed.\n", (int) user->pw_gid); |
bd8603aa |
freecfg(copt);
return 1; |
0ae41a2d |
}
if(setuid(user->pw_uid)) {
fprintf(stderr, "ERROR: setuid(%d) failed.\n", (int) user->pw_uid); |
bd8603aa |
freecfg(copt);
return 1; |
0ae41a2d |
}
}
#endif
|
e3aaff8e |
/* initialize logger */ |
81837459 |
logg_lock = cfgopt(copt, "LogFileUnlock")->enabled;
logg_time = cfgopt(copt, "LogTime")->enabled;
logok = cfgopt(copt, "LogClean")->enabled;
logg_size = cfgopt(copt, "LogFileMaxSize")->numarg; |
234582ae |
logg_verbose = mprintf_verbose = cfgopt(copt, "LogVerbose")->enabled; |
e3aaff8e |
|
81837459 |
if(cfgopt(copt, "Debug")->enabled) /* enable debug messages in libclamav */ |
0249f9d2 |
cl_debug();
|
81837459 |
if((cpt = cfgopt(copt, "LogFile"))->enabled) { |
9e751804 |
char timestr[32]; |
afb48b28 |
logg_file = cpt->strarg; |
75ccac9f |
if(strlen(logg_file) < 2 || (logg_file[0] != '/' && logg_file[0] != '\\' && logg_file[1] != ':')) { |
e3aaff8e |
fprintf(stderr, "ERROR: LogFile requires full path.\n"); |
bd8603aa |
logg_close();
freecfg(copt);
return 1; |
e3aaff8e |
}
time(&currtime); |
9e751804 |
if(logg("#+++ Started at %s", cli_ctime(&currtime, timestr, sizeof(timestr)))) { |
afb48b28 |
fprintf(stderr, "ERROR: Problem with internal logger. Please check the permissions on the %s file.\n", logg_file); |
bd8603aa |
logg_close();
freecfg(copt);
return 1; |
e3aaff8e |
}
} else |
afb48b28 |
logg_file = NULL; |
e3aaff8e |
|
afb48b28 |
#if defined(USE_SYSLOG) && !defined(C_AIX) |
81837459 |
if(cfgopt(copt, "LogSyslog")->enabled) { |
c695dab4 |
int fac = LOG_LOCAL6;
|
81837459 |
cpt = cfgopt(copt, "LogFacility");
if((fac = logg_facility(cpt->strarg)) == -1) { |
bd8603aa |
logg("!LogFacility: %s: No such facility.\n", cpt->strarg);
logg_close();
freecfg(copt);
return 1; |
c695dab4 |
}
openlog("clamd", LOG_PID, fac); |
afb48b28 |
logg_syslog = 1; |
c695dab4 |
} |
e3aaff8e |
#endif
|
c695dab4 |
#ifdef C_LINUX |
53c7b870 |
procdev = 0;
if(stat("/proc", &sb) != -1 && !sb.st_size) |
c695dab4 |
procdev = sb.st_dev;
#endif |
e3aaff8e |
/* check socket type */
|
57358cc8 |
if(cfgopt(copt, "TCPSocket")->enabled) |
e3aaff8e |
tcpsock = 1; |
57358cc8 |
if(cfgopt(copt, "LocalSocket")->enabled)
localsock = 1;
if(!tcpsock && !localsock) { |
bd8603aa |
logg("!Please define server type (local and/or TCP).\n");
logg_close();
freecfg(copt);
return 1; |
e3aaff8e |
}
|
ee039e40 |
/* set the temporary dir */ |
81837459 |
if((cpt = cfgopt(copt, "TemporaryDirectory"))->enabled) |
590135f9 |
cl_settempdir(cpt->strarg, 0);
|
81837459 |
if(cfgopt(copt, "LeaveTemporaryFiles")->enabled) |
590135f9 |
cl_settempdir(NULL, 1); |
e3aaff8e |
|
add738d2 |
logg("#clamd daemon %s (OS: "TARGET_OS_TYPE", ARCH: "TARGET_ARCH_TYPE", CPU: "TARGET_CPU_TYPE")\n", get_version()); |
50b26397 |
|
a9d3aa14 |
#ifndef C_WINDOWS |
ab8d8f52 |
if(user) |
e979398c |
logg("#Running as user %s (UID %u, GID %u)\n", user->pw_name, user->pw_uid, user->pw_gid); |
a9d3aa14 |
#endif |
ab8d8f52 |
|
50b26397 |
if(logg_size) |
e979398c |
logg("#Log file size limited to %d bytes.\n", logg_size); |
50b26397 |
else |
e979398c |
logg("#Log file size limit disabled.\n"); |
50b26397 |
|
ee039e40 |
/* load the database(s) */ |
81837459 |
dbdir = cfgopt(copt, "DatabaseDirectory")->strarg; |
e979398c |
logg("#Reading databases from %s\n", dbdir); |
e3aaff8e |
|
b023c36d |
if(cfgopt(copt, "DetectPUA")->enabled) { |
70edb085 |
dboptions |= CL_DB_PUA; |
b023c36d |
if((cpt = cfgopt(copt, "ExcludePUA"))->enabled) {
dboptions |= CL_DB_PUA_EXCLUDE;
i = 0;
logg("#Excluded PUA categories:");
while(cpt) {
if(!(pua_cats = realloc(pua_cats, i + strlen(cpt->strarg) + 3))) {
logg("!Can't allocate memory for pua_cats\n");
logg_close();
freecfg(copt);
return 1;
}
logg("# %s", cpt->strarg);
sprintf(pua_cats + i, ".%s", cpt->strarg);
i += strlen(cpt->strarg) + 1;
pua_cats[i] = 0;
cpt = cpt->nextarg;
}
logg("#\n");
pua_cats[i] = '.';
pua_cats[i + 1] = 0;
}
if((cpt = cfgopt(copt, "IncludePUA"))->enabled) {
if(pua_cats) {
logg("!ExcludePUA and IncludePUA cannot be used at the same time\n");
logg_close();
freecfg(copt);
free(pua_cats);
return 1;
}
dboptions |= CL_DB_PUA_INCLUDE;
i = 0;
logg("#Included PUA categories:");
while(cpt) {
if(!(pua_cats = realloc(pua_cats, i + strlen(cpt->strarg) + 3))) {
logg("!Can't allocate memory for pua_cats\n");
logg_close();
freecfg(copt);
return 1;
}
logg("# %s", cpt->strarg);
sprintf(pua_cats + i, ".%s", cpt->strarg);
i += strlen(cpt->strarg) + 1;
pua_cats[i] = 0;
cpt = cpt->nextarg;
}
logg("#\n");
pua_cats[i] = '.';
pua_cats[i + 1] = 0;
}
if(pua_cats) {
/* FIXME with the new API */
if((ret = cli_initengine(&engine, dboptions))) {
logg("!cli_initengine() failed: %s\n", cl_strerror(ret));
logg_close();
freecfg(copt);
free(pua_cats);
return 1;
}
engine->pua_cats = pua_cats;
}
} else { |
e979398c |
logg("#Not loading PUA signatures.\n"); |
b023c36d |
} |
70edb085 |
|
af7d0dde |
if(cfgopt(copt, "PhishingSignatures")->enabled) |
9f8098c0 |
dboptions |= CL_DB_PHISHING;
else |
e979398c |
logg("#Not loading phishing signatures.\n"); |
d6449522 |
|
19b3e182 |
if(cfgopt(copt,"PhishingScanURLs")->enabled)
dboptions |= CL_DB_PHISHING_URLS;
else |
e979398c |
logg("#Disabling URL based phishing detection.\n"); |
19b3e182 |
|
3d53538b |
if(cfgopt(copt,"DevACOnly")->enabled) { |
e979398c |
logg("#Only using the A-C matcher.\n"); |
3d53538b |
dboptions |= CL_DB_ACONLY;
}
if((cpt = cfgopt(copt, "DevACDepth"))->enabled) {
cli_ac_setdepth(AC_DEFAULT_MIN_DEPTH, cpt->numarg); |
e979398c |
logg("#Max A-C depth set to %u\n", cpt->numarg); |
3d53538b |
}
|
a57e3d41 |
if((ret = cl_load(dbdir, &engine, &sigs, dboptions))) { |
049a18b9 |
logg("!%s\n", cl_strerror(ret)); |
bd8603aa |
logg_close();
freecfg(copt);
return 1; |
e3aaff8e |
}
|
a57e3d41 |
if(!engine) { |
e3aaff8e |
logg("!Database initialization error.\n"); |
bd8603aa |
logg_close();
freecfg(copt);
return 1; |
e3aaff8e |
}
|
e979398c |
logg("#Loaded %u signatures.\n", sigs); |
a57e3d41 |
if((ret = cl_build(engine)) != 0) { |
2d70a403 |
logg("!Database initialization error: %s\n", cl_strerror(ret));; |
bd8603aa |
logg_close();
freecfg(copt);
return 1; |
2d70a403 |
} |
e3aaff8e |
|
bd8603aa |
if(tcpsock) { |
67118e92 |
#ifdef C_WINDOWS
WSADATA wsaData;
if(WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR) {
logg("!Error at WSAStartup(): %d\n", WSAGetLastError());
logg_close();
freecfg(copt);
return 1;
}
#endif |
bd8603aa |
lsockets[nlsockets] = tcpserver(copt);
if(lsockets[nlsockets] == -1) {
logg_close();
freecfg(copt);
return 1;
}
nlsockets++;
} |
57358cc8 |
|
bd8603aa |
if(localsock) {
lsockets[nlsockets] = localserver(copt);
if(lsockets[nlsockets] == -1) {
logg_close();
freecfg(copt);
if(tcpsock) |
a9d3aa14 |
closesocket(lsockets[0]); |
bd8603aa |
return 1;
}
nlsockets++;
} |
57358cc8 |
|
e979398c |
/* fork into background */
if(!cfgopt(copt, "Foreground")->enabled) { |
9a223418 |
#ifdef C_BSD
/* workaround for OpenBSD bug, see https://wwws.clamav.net/bugzilla/show_bug.cgi?id=885 */
for(ret=0;ret<nlsockets;ret++) {
fcntl(lsockets[ret], F_SETFL, fcntl(lsockets[ret], F_GETFL) | O_NONBLOCK);
}
#endif |
e979398c |
if(daemonize() == -1) {
logg("!daemonize() failed\n");
logg_close();
freecfg(copt);
return 1;
} |
9a223418 |
#ifdef C_BSD
for(ret=0;ret<nlsockets;ret++) {
fcntl(lsockets[ret], F_SETFL, fcntl(lsockets[ret], F_GETFL) & ~O_NONBLOCK);
}
#endif |
e979398c |
if(!debug_mode)
if(chdir("/") == -1)
logg("^Can't change current working directory to root\n");
} else
foreground = 1;
|
a57e3d41 |
ret = acceptloop_th(lsockets, nlsockets, engine, dboptions, copt); |
e3aaff8e |
|
67118e92 |
#ifdef C_WINDOWS
if(tcpsock)
WSACleanup();
if(!pthread_win32_process_detach_np()) {
logg("!Can't stop the win32 pthreads layer\n");
logg_close();
freecfg(copt);
return 1;
}
#endif
|
9e431a95 |
logg_close();
freecfg(copt); |
e3aaff8e |
|
bd8603aa |
return ret; |
e3aaff8e |
} |