Browse code
clamd: log request ip address for instream scans #bb2592 On behalf of acab
Tomasz Kojm authored on 2011/05/06 08:15:57Showing 4 changed files
| ... | ... |
@@ -1,3 +1,7 @@ |
| 1 |
+Thu May 5 01:07:57 CEST 2011 (acab) |
|
| 2 |
+------------------------------------ |
|
| 3 |
+ * clamd: log request ip address for instream scans #bb2592 |
|
| 4 |
+ |
|
| 1 | 5 |
Wed May 4 14:07:12 EEST 2011 (edwin) |
| 2 | 6 |
------------------------------------- |
| 3 | 7 |
* libclamav/c++/llvm/lib/Target/X86/X86InstrInfo.td: bb #2763 |
| ... | ... |
@@ -304,23 +304,31 @@ int scan_pathchk(const char *path, struct cli_ftw_cbdata *data) |
| 304 | 304 |
return 0; |
| 305 | 305 |
} |
| 306 | 306 |
|
| 307 |
-int scanfd(const int fd, const client_conn_t *conn, unsigned long int *scanned, |
|
| 307 |
+int scanfd(const client_conn_t *conn, unsigned long int *scanned, |
|
| 308 | 308 |
const struct cl_engine *engine, |
| 309 | 309 |
unsigned int options, const struct optstruct *opts, int odesc, int stream) |
| 310 | 310 |
{
|
| 311 |
- int ret; |
|
| 311 |
+ int ret, fd = conn->scanfd; |
|
| 312 | 312 |
const char *virname; |
| 313 | 313 |
struct stat statbuf; |
| 314 | 314 |
struct cb_context context; |
| 315 |
- char fdstr[32]; |
|
| 315 |
+ char fdstr[32], *reply_fdstr; |
|
| 316 | 316 |
|
| 317 |
- if (stream) |
|
| 318 |
- strncpy(fdstr, "stream", sizeof(fdstr)); |
|
| 319 |
- else |
|
| 317 |
+ if (stream) {
|
|
| 318 |
+ struct sockaddr_in sa; |
|
| 319 |
+ socklen_t salen = sizeof(sa); |
|
| 320 |
+ if(getpeername(conn->sd, (struct sockaddr *)&sa, &salen) || salen > sizeof(sa) || sa.sin_family != AF_INET) |
|
| 321 |
+ strncpy(fdstr, "instream(local)", sizeof(fdstr)); |
|
| 322 |
+ else |
|
| 323 |
+ snprintf(fdstr, sizeof(fdstr), "instream(%s@%u)", inet_ntoa(sa.sin_addr), ntohs(sa.sin_port)); |
|
| 324 |
+ reply_fdstr = "stream"; |
|
| 325 |
+ } else {
|
|
| 320 | 326 |
snprintf(fdstr, sizeof(fdstr), "fd[%d]", fd); |
| 327 |
+ reply_fdstr = fdstr; |
|
| 328 |
+ } |
|
| 321 | 329 |
if(fstat(fd, &statbuf) == -1 || !S_ISREG(statbuf.st_mode)) {
|
| 322 | 330 |
logg("%s: Not a regular file. ERROR\n", fdstr);
|
| 323 |
- if (conn_reply(conn, fdstr, "Not a regular file", "ERROR") == -1) |
|
| 331 |
+ if (conn_reply(conn, reply_fdstr, "Not a regular file", "ERROR") == -1) |
|
| 324 | 332 |
return CL_ETIMEOUT; |
| 325 | 333 |
return -1; |
| 326 | 334 |
} |
| ... | ... |
@@ -337,7 +345,7 @@ int scanfd(const int fd, const client_conn_t *conn, unsigned long int *scanned, |
| 337 | 337 |
} |
| 338 | 338 |
|
| 339 | 339 |
if(ret == CL_VIRUS) {
|
| 340 |
- if (conn_reply_virus(conn, fdstr, virname) == -1) |
|
| 340 |
+ if (conn_reply_virus(conn, reply_fdstr, virname) == -1) |
|
| 341 | 341 |
ret = CL_ETIMEOUT; |
| 342 | 342 |
if(context.virsize) |
| 343 | 343 |
detstats_add(virname, "NOFNAME", context.virsize, context.virhash); |
| ... | ... |
@@ -345,13 +353,13 @@ int scanfd(const int fd, const client_conn_t *conn, unsigned long int *scanned, |
| 345 | 345 |
logg("%s: %s(%s:%llu) FOUND\n", fdstr, virname, context.virhash, context.virsize);
|
| 346 | 346 |
else |
| 347 | 347 |
logg("%s: %s FOUND\n", fdstr, virname);
|
| 348 |
- virusaction(fdstr, virname, opts); |
|
| 348 |
+ virusaction(reply_fdstr, virname, opts); |
|
| 349 | 349 |
} else if(ret != CL_CLEAN) {
|
| 350 |
- if (conn_reply(conn, fdstr, cl_strerror(ret), "ERROR") == -1) |
|
| 350 |
+ if (conn_reply(conn, reply_fdstr, cl_strerror(ret), "ERROR") == -1) |
|
| 351 | 351 |
ret = CL_ETIMEOUT; |
| 352 | 352 |
logg("%s: %s ERROR\n", fdstr, cl_strerror(ret));
|
| 353 | 353 |
} else {
|
| 354 |
- if (conn_reply_single(conn, fdstr, "OK") == CL_ETIMEOUT) |
|
| 354 |
+ if (conn_reply_single(conn, reply_fdstr, "OK") == CL_ETIMEOUT) |
|
| 355 | 355 |
ret = CL_ETIMEOUT; |
| 356 | 356 |
if(logok) |
| 357 | 357 |
logg("%s: OK\n", fdstr);
|
| ... | ... |
@@ -57,7 +57,7 @@ struct cb_context {
|
| 57 | 57 |
char virhash[33]; |
| 58 | 58 |
}; |
| 59 | 59 |
|
| 60 |
-int scanfd(const int fd, const client_conn_t *conn, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct optstruct *opts, int odesc, int stream); |
|
| 60 |
+int scanfd(const client_conn_t *conn, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct optstruct *opts, int odesc, int stream); |
|
| 61 | 61 |
int scanstream(int odesc, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct optstruct *opts, char term); |
| 62 | 62 |
int scan_callback(struct stat *sb, char *filename, const char *msg, enum cli_ftw_reason reason, struct cli_ftw_cbdata *data); |
| 63 | 63 |
int scan_pathchk(const char *path, struct cli_ftw_cbdata *data); |
| ... | ... |
@@ -289,7 +289,7 @@ int command(client_conn_t *conn, int *virus) |
| 289 | 289 |
if (conn->scanfd == -1) |
| 290 | 290 |
conn_reply_error(conn, "FILDES: didn't receive file descriptor."); |
| 291 | 291 |
else {
|
| 292 |
- ret = scanfd(conn->scanfd, conn, NULL, engine, options, opts, desc, 0); |
|
| 292 |
+ ret = scanfd(conn, NULL, engine, options, opts, desc, 0); |
|
| 293 | 293 |
if (ret == CL_VIRUS) {
|
| 294 | 294 |
*virus = 1; |
| 295 | 295 |
} else if (ret == CL_EMEM) {
|
| ... | ... |
@@ -327,7 +327,7 @@ int command(client_conn_t *conn, int *virus) |
| 327 | 327 |
return 0; |
| 328 | 328 |
case COMMAND_INSTREAMSCAN: |
| 329 | 329 |
thrmgr_setactivetask(NULL, "INSTREAM"); |
| 330 |
- ret = scanfd(conn->scanfd, conn, NULL, engine, options, opts, desc, 1); |
|
| 330 |
+ ret = scanfd(conn, NULL, engine, options, opts, desc, 1); |
|
| 331 | 331 |
if (ret == CL_VIRUS) {
|
| 332 | 332 |
*virus = 1; |
| 333 | 333 |
} else if (ret == CL_EMEM) {
|