@@ -1,3 +1,9 @@

+Fri Feb 20 17:13:10 GMT 2004 (njh)

+----------------------------------

+  * clamav-milter:	If clamd is on the local machine and PidFile is defined

+  		check if clamd is dead when send() fails

+  * libclamav:		Added a new bounce delimeter

+

 Fri Feb 20 16:49:05 CET 2004 (tk)

 ---------------------------------

   * clamscan, freshclam: removed --log-verbose (but it's still accepted by the

@@ -96,7 +96,11 @@ or if clamd is on a different machine

 You should have received a script to put into /etc/init.d with this software.

-run 'chown clamav /usr/local/sbin/clamav-milter; chmod 4700 /usr/local/sbin/clamav-milter

+As with all software it is wise to ensure that clamav-milter has the least

+privlidges it needs to run. So don't run it as root and don't store the sockets

+in a directory that can be written by everyone. For example ensure that /var/run

+is owned and writable only by root and add entries for 'User' and

+'FixStaleSocket' in clamav.conf.

 CHANGE HISTORY

@@ -133,7 +137,7 @@ Changes

 0.60b	17/8/03	Optionally set postmaster address. Usually one uses

 		/etc/aliases, but not everyone want's to...

 0.60c	22/8/03	Another go at Solaris support

-0.60d	26/8/03	Removed superflous buffer and unneeded strerror call

+0.60d	26/8/03	Removed superfluous buffer and unneeded strerror call

 		ETIMEDOUT isn't an error, but should give a warning

 0.60e	09/9/03	Added -P and -q flags by "Nicholas M. Kirsch" <nick@kirsch.org>

 0.60f	17/9/03	Changed fprintf to fputs where possible

@@ -232,6 +236,11 @@ Changes

 0.67d	19/2/04	Reworked TCPwrappers code

 		Thanks to "Hector M. Rulot Segovia" <Hector.Rulot@uv.es>

 		Changed some printf/puts to cli_dbgmsg

+0.67e	20/2/04	Moved the definition of the sendmail pipe

+		The recent changes to the configure script changed

+		the order of includes so some prototypes weren't getting in

+0.67f	20/2/04	Added checkClamd() - if possible attempts to see if clamd has

+		died

 BUG REPORTS

@@ -237,11 +237,16 @@

  *			Changed some printf/puts to cli_dbgmsg

  *	0.67e	20/2/04	Moved the definition of the sendmail pipe

  *			The recent changes to the configure script changed

- *			the order of includes sosome prototypes weren't

+ *			the order of includes so some prototypes weren't

  *			getting in

+ *	0.67f	20/2/04	Added checkClamd() - if possible attempts to see

+ *			if clamd has died

  *

  * Change History:

  * $Log: clamav-milter.c,v $

+ * Revision 1.52  2004/02/20 17:07:24  nigelhorne

+ * Added checkClamd

+ *

  * Revision 1.51  2004/02/20 09:50:42  nigelhorne

  * Removed warnings added by new configuration script

  *

@@ -380,9 +385,9 @@

  * Revision 1.6  2003/09/28 16:37:23  nigelhorne

  * Added -f flag use MaxThreads if --max-children not set

  */

-static	char	const	rcsid[] = "$Id: clamav-milter.c,v 1.51 2004/02/20 09:50:42 nigelhorne Exp $";

+static	char	const	rcsid[] = "$Id: clamav-milter.c,v 1.52 2004/02/20 17:07:24 nigelhorne Exp $";

-#define	CM_VERSION	"0.67e"

+#define	CM_VERSION	"0.67f"

 /*#define	CONFDIR	"/usr/local/etc"*/

@@ -519,6 +524,7 @@ static	header_list_t	header_list_new(void);

 static	void	header_list_free(header_list_t list);

 static	void	header_list_add(header_list_t list, const char *headerf, const char *headerv);

 static	void	header_list_print(header_list_t list, FILE *fp);

+static	void	checkClamd(void);

 static	char	clamav_version[128];

 static	int	fflag = 0;	/* force a scan, whatever */

@@ -595,6 +601,7 @@ static	pthread_cond_t	n_children_cond = PTHREAD_COND_INITIALIZER;

 static	unsigned	int	n_children = 0;

 static	unsigned	int	max_children = 0;

 short	use_syslog = 0;

+static	const	char	*pidFile;

 static	int	logVerbose = 0;

 static	struct	cfgstruct	*copt;

 static	const	char	*localSocket;

@@ -1066,6 +1073,9 @@ main(int argc, char **argv)

 		return EX_SOFTWARE;

 	}

+	if((cpt = cfgopt(copt, "PidFile")) != NULL)

+		pidFile = cpt->strarg;

+

 	if(cfgopt(copt, "LogSyslog")) {

 		openlog("clamav-milter", LOG_CONS|LOG_PID, LOG_MAIL);

 		syslog(LOG_INFO, clamav_version);

@@ -2283,6 +2293,7 @@ clamfi_send(const struct privdata *privdata, size_t len, const char *format, ...

 			if(errno == EINTR)

 				continue;

 			perror("send");

+			checkClamd();

 			if(use_syslog)

 				syslog(LOG_ERR, "write failure to clamd");

@@ -2437,3 +2448,40 @@ header_list_print(header_list_t list, FILE *fp)

 	for(iter = list->first; iter; iter = iter->next)

 		fprintf(fp, "%s\n", iter->header);

 }

+

+/*

+ * If possible, check if clamd has died, and report if it has

+ */

+static void

+checkClamd(void)

+{

+	pid_t pid;

+	int fd, nbytes;

+	char buf[9];

+

+	if(!localSocket)

+		return;

+

+	if(pidFile == NULL)

+		return;

+

+	fd = open(pidFile, O_RDONLY);

+	if(fd < 0) {

+		perror(pidFile);

+		if(use_syslog)

+			syslog(LOG_ERR, "Can't open %s\n", pidFile);

+

+		return;

+	}

+	nbytes = read(fd, buf, sizeof(buf) - 1);

+	close(fd);

+	buf[nbytes] = '\0';

+	pid = atoi(buf);

+	if(kill(pid, 0) < 0) {

+		if(errno == ESRCH) {

+			if(use_syslog)

+				syslog(LOG_ERR, "Clamd seems to have died\n");

+			perror("clamd");

+		}

+	}

+}