@@ -45,5 +45,6 @@ Andreas Piesk <Andreas.Piesk@heise.de>

 Ant La Porte <ant@dvere.net>

 Thomas Quinot <thomas@cuivre.fr.eu.org>

 Gernot Tenchio <g.tenchio@telco-tech.de>

+Laurent Wacrenier <lwa@teaser.fr>

 David Woakes <david@mitredata.co.uk>

 Andoni Zubimendi <andoni@lpsat.net>

@@ -1,12 +1,19 @@

+Mon Oct 27 22:08:53 CET 2003 (tk)

+---------------------------------

+  * freshclam: fixed a segmentation fault (thanks to Graham Murray); only

+	       use a one mirror for a full update; display IP addresses

+  * clamd: use SO_REUSEADDR in tcpserver (Laurent Wacrenier)

+  * configure: set $sysconfdir with respect to --prefix (thanks NERvOus)

+

 Sun Oct 26 06:26:14 CET 2003 (tk)

+---------------------------------

   * clamd: report file errors with CONTSCAN (suggested by Daniel Fraga)

   * libclamav: cvd and general cleanups

   * freshclam: rewritten to use cvd, cleanups; --debug added

   * mirrors.txt: only use database.clamav.net

 Fri Oct 24 02:19:54 CEST 2003 (tk)

+---------------------------------

   * clamd: initialize the virus-number variable (Igor Brezac)

   * sigtool: fixed compilation issue on Solaris (bug reported by

 	     Christopher X. Candreva)

@@ -1,2 +1 @@

-* add compression (zlib based) to freshclam

 * sigtool: must be more intelligent

@@ -37,11 +37,13 @@ int tcpserver(const struct optstruct *opt, const struct cfgstruct *copt, struct

 	struct cfgstruct *cpt;

 	struct cfgstruct *taddr;

 	char *estr;

+	int true = 1;

     memset((char *) &server, 0, sizeof(server));

     server.sin_family = AF_INET;

     server.sin_port = htons(cfgopt(copt, "TCPSocket")->numarg);

+

     if (taddr = cfgopt(copt, "TCPAddr"))

     {

 	server.sin_addr.s_addr = inet_addr( taddr->strarg );

@@ -58,6 +60,10 @@ int tcpserver(const struct optstruct *opt, const struct cfgstruct *copt, struct

 	exit(1);

     }

+    if(setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, (void *) &true, sizeof(true)) == -1) {

+	logg("!setsocktopt(SO_REUSEADDR) error: %s\n", strerror(errno));

+    }

+

     if(bind(sockfd, (struct sockaddr *) &server, sizeof(struct sockaddr_in)) == -1) {

 	estr = strerror(errno);

 	//fprintf(stderr, "ERROR: can't bind(): %s\n", estr);

@@ -9065,8 +9065,14 @@ DBDIR="$db_dir"

 # config file

 cfg_dir=`echo $sysconfdir | grep prefix`

+

 if test -n "$cfg_dir"; then

-    cfg_dir="$ac_default_prefix/etc"

+    if test "$prefix" = "NONE"

+    then

+	cfg_dir="$ac_default_prefix/etc"

+    else

+	cfg_dir="$prefix/etc"

+    fi

 else

     cfg_dir="$sysconfdir"

 fi

@@ -176,8 +176,14 @@ AC_SUBST(DBDIR)

 # config file

 cfg_dir=`echo $sysconfdir | grep prefix`

+

 if test -n "$cfg_dir"; then

-    cfg_dir="$ac_default_prefix/etc"

+    if test "$prefix" = "NONE"

+    then

+	cfg_dir="$ac_default_prefix/etc"

+    else

+	cfg_dir="$prefix/etc"

+    fi

 else

     cfg_dir="$sysconfdir"

 fi

@@ -158,7 +158,6 @@ int download(struct optstruct *opt)

 {

 	int ret = 0;

 	mirrors *m = NULL, *h = NULL;

-	char *datadir, *mirror_last;

 	int mirror_used = 0;

     /*

@@ -46,6 +46,7 @@ int downloadmanager(const struct optstruct *opt, const char *hostname)

 {

 	time_t currtime;

 	int ret, updated = 0, signo = 0;

+	char ipaddr[16];

     time(&currtime);

@@ -57,19 +58,19 @@ int downloadmanager(const struct optstruct *opt, const char *hostname)

     logg("SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES\n");

 #endif

-    if((ret = downloaddb(DB1NAME, "main.cvd", hostname, &signo, opt)) > 50)

+    if((ret = downloaddb(DB1NAME, "main.cvd", hostname, ipaddr, &signo, opt)) > 50)

 	return ret;

     else if(ret == 0)

 	updated = 1;

-    if((ret = downloaddb(DB2NAME, "daily.cvd", hostname, &signo, opt)) > 50)

+    if((ret = downloaddb(DB2NAME, "daily.cvd", ipaddr, NULL, &signo, opt)) > 50)

 	return ret;

     else if(ret == 0)

 	updated = 1;

     if(updated) {

-	mprintf("Database updated (%d signatures) from %s.\n", signo, hostname);

-	logg("Database updated (%d signatures) from %s.\n", signo, hostname);

+	mprintf("Database updated (%d signatures) from %s (%s).\n", signo, hostname, ipaddr);

+	logg("Database updated (%d signatures) from %s (%s).\n", signo, hostname, ipaddr);

 #ifdef BUILD_CLAMD

 	if(optl(opt, "daemon-notify")) {

@@ -90,11 +91,11 @@ int downloadmanager(const struct optstruct *opt, const char *hostname)

 	return 1;

 }

-int downloaddb(const char *localname, const char *remotename, const char *hostname, int *signo, const struct optstruct *opt)

+int downloaddb(const char *localname, const char *remotename, const char *hostname, char *ip, int *signo, const struct optstruct *opt)

 {

 	struct cl_cvd *current, *remote;

 	int hostfd, nodb = 0, ret;

-	char  *tempname;

+	char  *tempname, ipaddr[16];

 	const char *proxy, *user;

@@ -133,22 +134,24 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna

     if(proxy)

 	mprintf("Connecting via %s\n", proxy);

-    hostfd = wwwconnect(hostname, proxy);

+    hostfd = wwwconnect(hostname, proxy, ipaddr);

     if(hostfd < 0) {

-	mprintf("@Connection with %s failed.\n", hostname);

+	mprintf("@Connection with %s (%s) failed.\n", hostname, ipaddr);

 	return 52;

     } else

-	mprintf("*Connected to %s.\n", hostname);

+	mprintf("*Connected to %s (%s).\n", hostname, ipaddr);

+    if(ip)

+	strcpy(ip, ipaddr);

     if(!(remote = remote_cvdhead(remotename, hostfd, hostname, proxy, user))) {

-	mprintf("@Can't read %s header from %s\n", remotename, hostname);

+	mprintf("@Can't read %s header from %s (%s)\n", remotename, hostname, ipaddr);

 	close(hostfd);

 	return 52;

     }

-    *signo += current->sigs; /* we need to do it just here */

+    *signo += remote->sigs; /* we need to do it just here */

     if(current && (current->version >= remote->version)) {

 	mprintf("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);

@@ -164,16 +167,18 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna

     cl_cvdfree(remote);

-    /* FIXME: We need to reconnect, because we won't be able to donwload

+    /* FIXME: We need to reconnect, because we may not be able to download

      * the database. The problem doesn't exist with my local apache.

      * Some code change is needed in get_md5_checksum().

      */

     /* begin bug work-around */

     close(hostfd);

-    hostfd = wwwconnect(hostname, proxy);

+    hostfd = wwwconnect(ipaddr, proxy, NULL); /* we use ipaddr to connect

+					       * to the same mirror

+					       */

     if(hostfd < 0) {

-	mprintf("@Connection with %s failed.\n", hostname);

+	mprintf("@Connection with %s failed.\n", ipaddr);

 	return 52;

     };

     /* end */

@@ -184,7 +189,7 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna

     tempname = cl_gentemp(".");

     if(get_database(remotename, hostfd, tempname, hostname, proxy, user)) {

-        mprintf("@Can't download %s from %s\n", remotename, hostname);

+        mprintf("@Can't download %s from %s\n", remotename, ipaddr);

         unlink(tempname);

         free(tempname);

         close(hostfd);

@@ -223,16 +228,19 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna

 /* this function returns socket descriptor */

 /* proxy support finshed by njh@bandsman.co.uk */

-int

-wwwconnect(const char *server, const char *proxy)

+int wwwconnect(const char *server, const char *proxy, char *ip)

 {

 	int socketfd, port;

 	struct sockaddr_in name;

 	struct hostent *host;

-	char *portpt, *proxycpy = NULL;

+	char *portpt, *proxycpy = NULL, ipaddr[16];

+	unsigned char *ia;

 	const char *hostpt;

+    if(ip)

+	strcpy(ip, "???");

+

     /* njh@bandsman.co.uk: for BEOS */

 #ifdef PF_INET

     socketfd = socket(PF_INET, SOCK_STREAM, 0);

@@ -275,11 +283,18 @@ wwwconnect(const char *server, const char *proxy)

 	return -1;

     }

+    /* this dirty hack comes from pink - Nosuid TCP/IP ping 1.6 */

+    ia = (unsigned char *) host->h_addr;

+    sprintf(ipaddr, "%u.%u.%u.%u", ia[0], ia[1], ia[2], ia[3]);

+

+    if(ip)

+	strcpy(ip, ipaddr);

+

     name.sin_addr = *((struct in_addr *) host->h_addr);

     name.sin_port = htons(port);

     if(connect(socketfd, (struct sockaddr *) &name, sizeof(struct sockaddr_in)) == -1) {

-	mprintf("@Can't connect to port %d of host %s\n", port, hostpt);

+	mprintf("@Can't connect to port %d of host %s (IP: %s)\n", port, hostpt, ipaddr);

 	close(socketfd);

 	if(proxycpy)

 	    free(proxycpy);

@@ -24,9 +24,9 @@

 int downloadmanager(const struct optstruct *opt, const char *hostname);

-int downloaddb(const char *localname, const char *remotename, const char *hostname, int *signo, const struct optstruct *opt);

+int downloaddb(const char *localname, const char *remotename, const char *hostname, char *ip, int *signo, const struct optstruct *opt);

-int wwwconnect(const char *server, const char *proxy);

+int wwwconnect(const char *server, const char *proxy, char *ip);

 struct cl_cvd *remote_cvdhead(const char *file, int socketfd, const char *hostname, const char *proxy, const char *user);