git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@317 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/02/21 02:09:31... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Fri Feb 20 17:13:10 GMT 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * clamav-milter: If clamd is on the local machine and PidFile is defined |
|
4 |
+ check if clamd is dead when send() fails |
|
5 |
+ * libclamav: Added a new bounce delimeter |
|
6 |
+ |
|
1 | 7 |
Fri Feb 20 16:49:05 CET 2004 (tk) |
2 | 8 |
--------------------------------- |
3 | 9 |
* clamscan, freshclam: removed --log-verbose (but it's still accepted by the |
... | ... |
@@ -96,7 +96,11 @@ or if clamd is on a different machine |
96 | 96 |
|
97 | 97 |
You should have received a script to put into /etc/init.d with this software. |
98 | 98 |
|
99 |
-run 'chown clamav /usr/local/sbin/clamav-milter; chmod 4700 /usr/local/sbin/clamav-milter |
|
99 |
+As with all software it is wise to ensure that clamav-milter has the least |
|
100 |
+privlidges it needs to run. So don't run it as root and don't store the sockets |
|
101 |
+in a directory that can be written by everyone. For example ensure that /var/run |
|
102 |
+is owned and writable only by root and add entries for 'User' and |
|
103 |
+'FixStaleSocket' in clamav.conf. |
|
100 | 104 |
|
101 | 105 |
CHANGE HISTORY |
102 | 106 |
|
... | ... |
@@ -133,7 +137,7 @@ Changes |
133 | 133 |
0.60b 17/8/03 Optionally set postmaster address. Usually one uses |
134 | 134 |
/etc/aliases, but not everyone want's to... |
135 | 135 |
0.60c 22/8/03 Another go at Solaris support |
136 |
-0.60d 26/8/03 Removed superflous buffer and unneeded strerror call |
|
136 |
+0.60d 26/8/03 Removed superfluous buffer and unneeded strerror call |
|
137 | 137 |
ETIMEDOUT isn't an error, but should give a warning |
138 | 138 |
0.60e 09/9/03 Added -P and -q flags by "Nicholas M. Kirsch" <nick@kirsch.org> |
139 | 139 |
0.60f 17/9/03 Changed fprintf to fputs where possible |
... | ... |
@@ -232,6 +236,11 @@ Changes |
232 | 232 |
0.67d 19/2/04 Reworked TCPwrappers code |
233 | 233 |
Thanks to "Hector M. Rulot Segovia" <Hector.Rulot@uv.es> |
234 | 234 |
Changed some printf/puts to cli_dbgmsg |
235 |
+0.67e 20/2/04 Moved the definition of the sendmail pipe |
|
236 |
+ The recent changes to the configure script changed |
|
237 |
+ the order of includes so some prototypes weren't getting in |
|
238 |
+0.67f 20/2/04 Added checkClamd() - if possible attempts to see if clamd has |
|
239 |
+ died |
|
235 | 240 |
|
236 | 241 |
BUG REPORTS |
237 | 242 |
|
... | ... |
@@ -237,11 +237,16 @@ |
237 | 237 |
* Changed some printf/puts to cli_dbgmsg |
238 | 238 |
* 0.67e 20/2/04 Moved the definition of the sendmail pipe |
239 | 239 |
* The recent changes to the configure script changed |
240 |
- * the order of includes sosome prototypes weren't |
|
240 |
+ * the order of includes so some prototypes weren't |
|
241 | 241 |
* getting in |
242 |
+ * 0.67f 20/2/04 Added checkClamd() - if possible attempts to see |
|
243 |
+ * if clamd has died |
|
242 | 244 |
* |
243 | 245 |
* Change History: |
244 | 246 |
* $Log: clamav-milter.c,v $ |
247 |
+ * Revision 1.52 2004/02/20 17:07:24 nigelhorne |
|
248 |
+ * Added checkClamd |
|
249 |
+ * |
|
245 | 250 |
* Revision 1.51 2004/02/20 09:50:42 nigelhorne |
246 | 251 |
* Removed warnings added by new configuration script |
247 | 252 |
* |
... | ... |
@@ -380,9 +385,9 @@ |
380 | 380 |
* Revision 1.6 2003/09/28 16:37:23 nigelhorne |
381 | 381 |
* Added -f flag use MaxThreads if --max-children not set |
382 | 382 |
*/ |
383 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.51 2004/02/20 09:50:42 nigelhorne Exp $"; |
|
383 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.52 2004/02/20 17:07:24 nigelhorne Exp $"; |
|
384 | 384 |
|
385 |
-#define CM_VERSION "0.67e" |
|
385 |
+#define CM_VERSION "0.67f" |
|
386 | 386 |
|
387 | 387 |
/*#define CONFDIR "/usr/local/etc"*/ |
388 | 388 |
|
... | ... |
@@ -519,6 +524,7 @@ static header_list_t header_list_new(void); |
519 | 519 |
static void header_list_free(header_list_t list); |
520 | 520 |
static void header_list_add(header_list_t list, const char *headerf, const char *headerv); |
521 | 521 |
static void header_list_print(header_list_t list, FILE *fp); |
522 |
+static void checkClamd(void); |
|
522 | 523 |
|
523 | 524 |
static char clamav_version[128]; |
524 | 525 |
static int fflag = 0; /* force a scan, whatever */ |
... | ... |
@@ -595,6 +601,7 @@ static pthread_cond_t n_children_cond = PTHREAD_COND_INITIALIZER; |
595 | 595 |
static unsigned int n_children = 0; |
596 | 596 |
static unsigned int max_children = 0; |
597 | 597 |
short use_syslog = 0; |
598 |
+static const char *pidFile; |
|
598 | 599 |
static int logVerbose = 0; |
599 | 600 |
static struct cfgstruct *copt; |
600 | 601 |
static const char *localSocket; |
... | ... |
@@ -1066,6 +1073,9 @@ main(int argc, char **argv) |
1066 | 1066 |
return EX_SOFTWARE; |
1067 | 1067 |
} |
1068 | 1068 |
|
1069 |
+ if((cpt = cfgopt(copt, "PidFile")) != NULL) |
|
1070 |
+ pidFile = cpt->strarg; |
|
1071 |
+ |
|
1069 | 1072 |
if(cfgopt(copt, "LogSyslog")) { |
1070 | 1073 |
openlog("clamav-milter", LOG_CONS|LOG_PID, LOG_MAIL); |
1071 | 1074 |
syslog(LOG_INFO, clamav_version); |
... | ... |
@@ -2283,6 +2293,7 @@ clamfi_send(const struct privdata *privdata, size_t len, const char *format, ... |
2283 | 2283 |
if(errno == EINTR) |
2284 | 2284 |
continue; |
2285 | 2285 |
perror("send"); |
2286 |
+ checkClamd(); |
|
2286 | 2287 |
if(use_syslog) |
2287 | 2288 |
syslog(LOG_ERR, "write failure to clamd"); |
2288 | 2289 |
|
... | ... |
@@ -2437,3 +2448,40 @@ header_list_print(header_list_t list, FILE *fp) |
2437 | 2437 |
for(iter = list->first; iter; iter = iter->next) |
2438 | 2438 |
fprintf(fp, "%s\n", iter->header); |
2439 | 2439 |
} |
2440 |
+ |
|
2441 |
+/* |
|
2442 |
+ * If possible, check if clamd has died, and report if it has |
|
2443 |
+ */ |
|
2444 |
+static void |
|
2445 |
+checkClamd(void) |
|
2446 |
+{ |
|
2447 |
+ pid_t pid; |
|
2448 |
+ int fd, nbytes; |
|
2449 |
+ char buf[9]; |
|
2450 |
+ |
|
2451 |
+ if(!localSocket) |
|
2452 |
+ return; |
|
2453 |
+ |
|
2454 |
+ if(pidFile == NULL) |
|
2455 |
+ return; |
|
2456 |
+ |
|
2457 |
+ fd = open(pidFile, O_RDONLY); |
|
2458 |
+ if(fd < 0) { |
|
2459 |
+ perror(pidFile); |
|
2460 |
+ if(use_syslog) |
|
2461 |
+ syslog(LOG_ERR, "Can't open %s\n", pidFile); |
|
2462 |
+ |
|
2463 |
+ return; |
|
2464 |
+ } |
|
2465 |
+ nbytes = read(fd, buf, sizeof(buf) - 1); |
|
2466 |
+ close(fd); |
|
2467 |
+ buf[nbytes] = '\0'; |
|
2468 |
+ pid = atoi(buf); |
|
2469 |
+ if(kill(pid, 0) < 0) { |
|
2470 |
+ if(errno == ESRCH) { |
|
2471 |
+ if(use_syslog) |
|
2472 |
+ syslog(LOG_ERR, "Clamd seems to have died\n"); |
|
2473 |
+ perror("clamd"); |
|
2474 |
+ } |
|
2475 |
+ } |
|
2476 |
+} |