git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@554 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/05/11 09:14:14... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Tue May 11 02:07:55 CEST 2004 (tk) |
|
2 |
+---------------------------------- |
|
3 |
+ * libclamav: scanners: revert to old X-* magic strings |
|
4 |
+ * clamd, freshclam: allow facility specification with LogFacility |
|
5 |
+ * clamd: do not scan files in /proc under Linux |
|
6 |
+ |
|
1 | 7 |
Mon May 10 12:25:09 BST 2004 (njh) |
2 | 8 |
---------------------------------- |
3 | 9 |
* libclamav: Don't call cli_filetype() so often since the latest |
... | ... |
@@ -68,6 +68,9 @@ void clamd(struct optstruct *opt) |
68 | 68 |
const char *dbdir, *cfgfile; |
69 | 69 |
int ret, virnum = 0, tcpsock; |
70 | 70 |
char *var; |
71 |
+#ifdef C_LINUX |
|
72 |
+ struct stat sb; |
|
73 |
+#endif |
|
71 | 74 |
|
72 | 75 |
/* initialize some important variables */ |
73 | 76 |
|
... | ... |
@@ -146,12 +149,20 @@ void clamd(struct optstruct *opt) |
146 | 146 |
|
147 | 147 |
|
148 | 148 |
#if defined(USE_SYSLOG) && !defined(C_AIX) |
149 |
- if((cpt = cfgopt(copt, "LogSyslog"))) { |
|
150 |
- openlog("clamd", LOG_PID, LOG_LOCAL6); |
|
149 |
+ if(cfgopt(copt, "LogSyslog")) { |
|
150 |
+ int fac = LOG_LOCAL6; |
|
151 |
+ |
|
152 |
+ if((cpt = cfgopt(copt, "LogFacility"))) { |
|
153 |
+ if((fac = logg_facility(cpt->strarg)) == -1) { |
|
154 |
+ fprintf(stderr, "ERROR: LogFacility: %s: No such facility.\n", cpt->strarg); |
|
155 |
+ exit(1); |
|
156 |
+ } |
|
157 |
+ } |
|
158 |
+ |
|
159 |
+ openlog("clamd", LOG_PID, fac); |
|
151 | 160 |
logg_syslog = 1; |
152 | 161 |
syslog(LOG_INFO, "Daemon started.\n"); |
153 |
- } else |
|
154 |
- logg_syslog = 0; |
|
162 |
+ } |
|
155 | 163 |
#endif |
156 | 164 |
|
157 | 165 |
if(logg_size) |
... | ... |
@@ -161,6 +172,12 @@ void clamd(struct optstruct *opt) |
161 | 161 |
|
162 | 162 |
logg("*Verbose logging activated.\n"); |
163 | 163 |
|
164 |
+#ifdef C_LINUX |
|
165 |
+ if(stat("/proc", &sb) == -1) |
|
166 |
+ procdev = 0; |
|
167 |
+ else |
|
168 |
+ procdev = sb.st_dev; |
|
169 |
+#endif |
|
164 | 170 |
|
165 | 171 |
/* check socket type */ |
166 | 172 |
|
... | ... |
@@ -43,6 +43,10 @@ |
43 | 43 |
#include "shared.h" |
44 | 44 |
#include "output.h" |
45 | 45 |
|
46 |
+#ifdef C_LINUX |
|
47 |
+dev_t procdev; /* /proc device */ |
|
48 |
+#endif |
|
49 |
+ |
|
46 | 50 |
int checksymlink(const char *path) |
47 | 51 |
{ |
48 | 52 |
struct stat statbuf; |
... | ... |
@@ -102,7 +106,19 @@ int dirscan(const char *dirname, const char **virname, unsigned long int *scanne |
102 | 102 |
} |
103 | 103 |
} else { |
104 | 104 |
if(S_ISREG(statbuf.st_mode) || (S_ISLNK(statbuf.st_mode) && (checksymlink(fname) == 2) && cfgopt(copt, "FollowFileSymlinks"))) { |
105 |
- if((scanret = cl_scanfile(fname, virname, scanned, root, limits, options)) == CL_VIRUS) { |
|
105 |
+ |
|
106 |
+#ifdef C_LINUX |
|
107 |
+ if(procdev) { |
|
108 |
+ if(statbuf.st_dev == procdev) |
|
109 |
+ scanret = CL_CLEAN; |
|
110 |
+ else |
|
111 |
+ scanret = cl_scanfile(fname, virname, scanned, root, limits, options); |
|
112 |
+ } |
|
113 |
+#else |
|
114 |
+ scanret = cl_scanfile(fname, virname, scanned, root, limits, options); |
|
115 |
+#endif |
|
116 |
+ if(scanret == CL_VIRUS) { |
|
117 |
+ |
|
106 | 118 |
mdprintf(odesc, "%s: %s FOUND\n", fname, *virname); |
107 | 119 |
logg("%s: %s FOUND\n", fname, *virname); |
108 | 120 |
virusaction(*virname, copt); |
... | ... |
@@ -115,7 +131,7 @@ int dirscan(const char *dirname, const char **virname, unsigned long int *scanne |
115 | 115 |
} else if(scanret != CL_CLEAN) { |
116 | 116 |
mdprintf(odesc, "%s: %s ERROR\n", fname, cl_strerror(scanret)); |
117 | 117 |
logg("%s: %s ERROR\n", fname, cl_strerror(scanret)); |
118 |
- } else if (logok) { |
|
118 |
+ } else if(logok) { |
|
119 | 119 |
logg("%s: OK\n", fname); |
120 | 120 |
} |
121 | 121 |
} |
... | ... |
@@ -166,7 +182,17 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_node |
166 | 166 |
mdprintf(odesc, "%s: Empty file\n", filename); |
167 | 167 |
return 0; |
168 | 168 |
} |
169 |
+#ifdef C_LINUX |
|
170 |
+ if(procdev) { |
|
171 |
+ if(sb.st_dev == procdev) |
|
172 |
+ ret = CL_CLEAN; |
|
173 |
+ else |
|
174 |
+ ret = cl_scanfile(filename, &virname, scanned, root, limits, options); |
|
175 |
+ } |
|
176 |
+#else |
|
169 | 177 |
ret = cl_scanfile(filename, &virname, scanned, root, limits, options); |
178 |
+#endif |
|
179 |
+ |
|
170 | 180 |
if(ret == CL_VIRUS) { |
171 | 181 |
mdprintf(odesc, "%s: %s FOUND\n", filename, virname); |
172 | 182 |
logg("%s: %s FOUND\n", filename, virname); |
... | ... |
@@ -36,6 +36,10 @@ Example |
36 | 36 |
# Use system logger (can work together with LogFile). |
37 | 37 |
#LogSyslog |
38 | 38 |
|
39 |
+# Specify the type of syslog messages - please refer to 'man syslog' |
|
40 |
+# for facility names. Default is LOG_LOCAL6. |
|
41 |
+#LogFacility LOG_MAIL |
|
42 |
+ |
|
39 | 43 |
# Enable verbose logging. |
40 | 44 |
#LogVerbose |
41 | 45 |
|
... | ... |
@@ -17,6 +17,10 @@ |
17 | 17 |
# Use system logger (can work together with UpdateLogFile). |
18 | 18 |
#LogSyslog |
19 | 19 |
|
20 |
+# Specify the type of syslog messages - please refer to 'man syslog' |
|
21 |
+# for facility names. Default is LOG_LOCAL6. |
|
22 |
+#LogFacility LOG_MAIL |
|
23 |
+ |
|
20 | 24 |
# By default when freshclam is started by root it drops privileges and |
21 | 25 |
# switches to the "clamav" user. You can change this behaviour here. |
22 | 26 |
#DatabaseOwner clamav |
... | ... |
@@ -197,10 +197,19 @@ int freshclam(struct optstruct *opt) |
197 | 197 |
logg_file = NULL; |
198 | 198 |
|
199 | 199 |
#if defined(USE_SYSLOG) && !defined(C_AIX) |
200 |
- if((cpt = cfgopt(copt, "LogSyslog"))) { |
|
201 |
- openlog("freshclam", LOG_PID, LOG_LOCAL6); |
|
200 |
+ if(cfgopt(copt, "LogSyslog")) { |
|
201 |
+ int fac = LOG_LOCAL6; |
|
202 |
+ |
|
203 |
+ if((cpt = cfgopt(copt, "LogFacility"))) { |
|
204 |
+ if((fac = logg_facility(cpt->strarg)) == -1) { |
|
205 |
+ mprintf("!LogFacility: %s: No such facility.\n", cpt->strarg); |
|
206 |
+ exit(1); |
|
207 |
+ } |
|
208 |
+ } |
|
209 |
+ |
|
210 |
+ openlog("freshclam", LOG_PID, fac); |
|
202 | 211 |
logg_syslog = 1; |
203 |
- syslog(LOG_INFO, "Freshclam started.\n"); |
|
212 |
+ syslog(LOG_INFO, "Daemon started.\n"); |
|
204 | 213 |
} |
205 | 214 |
#endif |
206 | 215 |
|
... | ... |
@@ -81,22 +81,26 @@ static const struct cli_magic_s cli_magic[] = { |
81 | 81 |
|
82 | 82 |
/* Mail */ |
83 | 83 |
|
84 |
- {0, "From ", 5, "MBox", CL_MAILFILE}, |
|
85 |
- {0, "Received", 8, "Raw mail", CL_MAILFILE}, |
|
84 |
+ {0, "From ", 5, "MBox", CL_MAILFILE}, |
|
85 |
+ {0, "Received", 8, "Raw mail", CL_MAILFILE}, |
|
86 | 86 |
{0, "Return-Path: ", 13, "Maildir", CL_MAILFILE}, |
87 | 87 |
{0, "Return-path: ", 13, "Maildir", CL_MAILFILE}, |
88 | 88 |
{0, "Delivered-To: ", 14, "Mail", CL_MAILFILE}, |
89 |
- {0, "X-", 2, "Mail", CL_MAILFILE}, |
|
90 |
- {0, ">From ", 6, "Mail", CL_MAILFILE}, |
|
91 |
- {0, "Date: ", 6, "Mail", CL_MAILFILE}, |
|
89 |
+ {0, "X-UIDL: ", 8, "Mail", CL_MAILFILE}, |
|
90 |
+ {0, "X-Apparently-To: ", 17, "Mail", CL_MAILFILE}, |
|
91 |
+ {0, "X-Envelope-From: ", 17, "Mail", CL_MAILFILE}, |
|
92 |
+ {0, "X-Symantec-", 11, "Symantec", CL_MAILFILE}, |
|
93 |
+ {0, "X-EVS", 5, "EVS mail", CL_MAILFILE}, |
|
94 |
+ {0, ">From ", 6, "Mail", CL_MAILFILE}, |
|
95 |
+ {0, "Date: ", 6, "Mail", CL_MAILFILE}, |
|
92 | 96 |
{0, "Message-Id: ", 12, "Mail", CL_MAILFILE}, |
93 | 97 |
{0, "Message-ID: ", 12, "Mail", CL_MAILFILE}, |
94 | 98 |
{0, "Envelope-to: ", 13, "Mail", CL_MAILFILE}, |
95 | 99 |
{0, "Delivery-date: ", 15, "Mail", CL_MAILFILE}, |
96 |
- {0, "To: ", 4, "Mail", CL_MAILFILE}, |
|
97 |
- {0, "Subject: ", 9, "Mail", CL_MAILFILE}, |
|
98 |
- {0, "For: ", 5, "Eserv mail", CL_MAILFILE}, |
|
99 |
- {0, "From: ", 6, "Exim mail", CL_MAILFILE}, |
|
100 |
+ {0, "To: ", 4, "Mail", CL_MAILFILE}, |
|
101 |
+ {0, "Subject: ", 9, "Mail", CL_MAILFILE}, |
|
102 |
+ {0, "For: ", 5, "Eserv mail", CL_MAILFILE}, |
|
103 |
+ {0, "From: ", 6, "Exim mail", CL_MAILFILE}, |
|
100 | 104 |
{0, "v:\015\012Received: ", 14, "VPOP3 Mail (DOS)", CL_MAILFILE}, |
101 | 105 |
{0, "v:\012Received: ", 13, "VPOP3 Mail (UNIX)", CL_MAILFILE}, |
102 | 106 |
{0, "Hi. This is the qmail-send", 26, "Qmail bounce", CL_MAILFILE}, |
... | ... |
@@ -58,6 +58,7 @@ struct cfgstruct *parsecfg(const char *cfgfile) |
58 | 58 |
{"LogClean", OPT_NOARG}, |
59 | 59 |
{"LogVerbose", OPT_NOARG}, /* clamd + freshclam */ |
60 | 60 |
{"LogSyslog", OPT_NOARG}, |
61 |
+ {"LogFacility", OPT_STR}, |
|
61 | 62 |
{"PidFile", OPT_STR}, |
62 | 63 |
{"TemporaryDirectory", OPT_STR}, |
63 | 64 |
{"MaxFileSize", OPT_COMPSIZE}, |
... | ... |
@@ -186,6 +186,8 @@ int logg(const char *str, ...) |
186 | 186 |
/* due to a problem with superfluous control characters (which |
187 | 187 |
* vsnprintf() handles correctly) in (v)syslog we have to remove |
188 | 188 |
* them in a final string |
189 |
+ * |
|
190 |
+ * FIXME: substitute %% instead of _ |
|
189 | 191 |
*/ |
190 | 192 |
vsnprintf(vbuff, 1024, str, args); |
191 | 193 |
vbuff[1024] = 0; |
... | ... |
@@ -282,3 +284,46 @@ void mprintf(const char *str, ...) |
282 | 282 |
fflush(stdout); |
283 | 283 |
|
284 | 284 |
} |
285 |
+ |
|
286 |
+struct facstruct { |
|
287 |
+ const char *name; |
|
288 |
+ int code; |
|
289 |
+}; |
|
290 |
+ |
|
291 |
+#if defined(USE_SYSLOG) && !defined(C_AIX) |
|
292 |
+static const struct facstruct facilitymap[] = { |
|
293 |
+ { "LOG_AUTH", LOG_AUTH }, |
|
294 |
+ { "LOG_AUTHPRIV", LOG_AUTHPRIV }, |
|
295 |
+ { "LOG_CRON", LOG_CRON }, |
|
296 |
+ { "LOG_DAEMON", LOG_DAEMON }, |
|
297 |
+ { "LOG_FTP", LOG_FTP }, |
|
298 |
+ { "LOG_KERN", LOG_KERN }, |
|
299 |
+ { "LOG_LPR", LOG_LPR }, |
|
300 |
+ { "LOG_MAIL", LOG_MAIL }, |
|
301 |
+ { "LOG_NEWS", LOG_NEWS }, |
|
302 |
+ { "LOG_AUTH", LOG_AUTH }, |
|
303 |
+ { "LOG_SYSLOG", LOG_SYSLOG }, |
|
304 |
+ { "LOG_USER", LOG_USER }, |
|
305 |
+ { "LOG_UUCP", LOG_UUCP }, |
|
306 |
+ { "LOG_LOCAL0", LOG_LOCAL0 }, |
|
307 |
+ { "LOG_LOCAL1", LOG_LOCAL1 }, |
|
308 |
+ { "LOG_LOCAL2", LOG_LOCAL2 }, |
|
309 |
+ { "LOG_LOCAL3", LOG_LOCAL3 }, |
|
310 |
+ { "LOG_LOCAL4", LOG_LOCAL4 }, |
|
311 |
+ { "LOG_LOCAL5", LOG_LOCAL5 }, |
|
312 |
+ { "LOG_LOCAL6", LOG_LOCAL6 }, |
|
313 |
+ { "LOG_LOCAL7", LOG_LOCAL7 }, |
|
314 |
+ { NULL, -1 } |
|
315 |
+}; |
|
316 |
+ |
|
317 |
+int logg_facility(const char *name) |
|
318 |
+{ |
|
319 |
+ int i; |
|
320 |
+ |
|
321 |
+ for(i = 0; facilitymap[i].name; i++) |
|
322 |
+ if(!strcmp(facilitymap[i].name, name)) |
|
323 |
+ return facilitymap[i].code; |
|
324 |
+ |
|
325 |
+ return -1; |
|
326 |
+} |
|
327 |
+#endif |