git-svn: trunk@1638
Nigel Horne authored on 2005/06/28 06:02:38... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Mon Jun 27 22:01:55 BST 2005 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * clamav-milter: Changed the default child_timeout to 5 minutes |
|
4 |
+ Keep a copy of the trie root in privdata |
|
5 |
+ Removed trylock/unlock code in clamfi_abort |
|
6 |
+ |
|
1 | 7 |
Fri Jun 24 15:48:26 CEST 2005 (tk) |
2 | 8 |
---------------------------------- |
3 | 9 |
* libclamav: improve file type recognizer and add CL_TYPE_RARSFX |
... | ... |
@@ -837,6 +837,9 @@ Changes |
837 | 837 |
before checking against the white-list file |
838 | 838 |
When starting, check that the white-list file can be |
839 | 839 |
opened |
840 |
+0.85h 27/6/05: Changed the default child_timeout to 5 minutes |
|
841 |
+ Keep a copy of the trie root in privdata |
|
842 |
+ Removed trylock/unlock code in clamfi_abort |
|
840 | 843 |
|
841 | 844 |
4. INTERNATIONALISATION |
842 | 845 |
|
... | ... |
@@ -22,9 +22,9 @@ |
22 | 22 |
* |
23 | 23 |
* For installation instructions see the file INSTALL that came with this file |
24 | 24 |
*/ |
25 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.211 2005/06/05 05:57:52 nigelhorne Exp $"; |
|
25 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.212 2005/06/27 21:01:09 nigelhorne Exp $"; |
|
26 | 26 |
|
27 |
-#define CM_VERSION "0.85g" |
|
27 |
+#define CM_VERSION "0.85h" |
|
28 | 28 |
|
29 | 29 |
#if HAVE_CONFIG_H |
30 | 30 |
#include "clamav-config.h" |
... | ... |
@@ -177,6 +177,7 @@ typedef struct header_list_struct *header_list_t; |
177 | 177 |
* 127.0.0.0 is not in this table since that's goverend by --outgoing |
178 | 178 |
* Andy Fiddaman <clam@fiddaman.net> added 69.254.0.0/16 |
179 | 179 |
* (Microsoft default DHCP) |
180 |
+ * TODO: compare this with RFC1918 |
|
180 | 181 |
* |
181 | 182 |
* TODO: read this table in from a file (clamd.conf?) |
182 | 183 |
*/ |
... | ... |
@@ -196,7 +197,7 @@ static const struct cidr_net { |
196 | 196 |
}; |
197 | 197 |
|
198 | 198 |
/* |
199 |
- * Each thread has one of these |
|
199 |
+ * Each libmilter thread has one of these |
|
200 | 200 |
*/ |
201 | 201 |
struct privdata { |
202 | 202 |
char *from; /* Who sent the message */ |
... | ... |
@@ -226,6 +227,7 @@ struct privdata { |
226 | 226 |
*/ |
227 | 227 |
int statusCount; /* number of X-Virus-Status headers */ |
228 | 228 |
int serverNumber; /* Index into serverIPs */ |
229 |
+ struct cl_node *root; /* database of viruses used to scan this one */ |
|
229 | 230 |
}; |
230 | 231 |
|
231 | 232 |
#ifdef SESSION |
... | ... |
@@ -372,7 +374,7 @@ static pthread_mutex_t n_children_mutex = PTHREAD_MUTEX_INITIALIZER; |
372 | 372 |
static pthread_cond_t n_children_cond = PTHREAD_COND_INITIALIZER; |
373 | 373 |
static volatile unsigned int n_children = 0; |
374 | 374 |
static unsigned int max_children = 0; |
375 |
-static int child_timeout = 0; /* number of seconds to wait for |
|
375 |
+static int child_timeout = 300; /* number of seconds to wait for |
|
376 | 376 |
* a child to die. Set to 0 to |
377 | 377 |
* wait forever |
378 | 378 |
*/ |
... | ... |
@@ -1086,10 +1088,12 @@ main(int argc, char **argv) |
1086 | 1086 |
fprintf(stderr, _("%s: --max-children must be given if --external is not given\n"), argv[0]); |
1087 | 1087 |
return EX_CONFIG; |
1088 | 1088 |
} |
1089 |
+#if 0 |
|
1089 | 1090 |
if(child_timeout) { |
1090 | 1091 |
fprintf(stderr, _("%s: --timeout must not be given if --external is not given\n"), argv[0]); |
1091 | 1092 |
return EX_CONFIG; |
1092 | 1093 |
} |
1094 |
+#endif |
|
1093 | 1095 |
if(loadDatabase() != 0) |
1094 | 1096 |
return EX_CONFIG; |
1095 | 1097 |
numServers = 1; |
... | ... |
@@ -2577,21 +2581,20 @@ clamfi_eom(SMFICTX *ctx) |
2577 | 2577 |
if(!external) { |
2578 | 2578 |
const char *virname; |
2579 | 2579 |
unsigned long int scanned = 0L; |
2580 |
- struct cl_node *scanning_root; |
|
2581 | 2580 |
|
2582 | 2581 |
/* |
2583 | 2582 |
* TODO: consider using cl_scandesc and not using a temporary |
2584 | 2583 |
* file from the mail being read in |
2585 | 2584 |
*/ |
2586 | 2585 |
pthread_mutex_lock(&root_mutex); |
2587 |
- scanning_root = cl_dup(root); |
|
2586 |
+ privdata->root = cl_dup(root); |
|
2588 | 2587 |
pthread_mutex_unlock(&root_mutex); |
2589 |
- if(scanning_root == NULL) { |
|
2590 |
- cli_errmsg("scanning_root == NULL\n"); |
|
2588 |
+ if(privdata->root == NULL) { |
|
2589 |
+ cli_errmsg("privdata->root == NULL\n"); |
|
2591 | 2590 |
clamfi_cleanup(ctx); |
2592 | 2591 |
return cl_error; |
2593 | 2592 |
} |
2594 |
- switch(cl_scanfile(privdata->filename, &virname, &scanned, scanning_root, &limits, options)) { |
|
2593 |
+ switch(cl_scanfile(privdata->filename, &virname, &scanned, privdata->root, &limits, options)) { |
|
2595 | 2594 |
case CL_CLEAN: |
2596 | 2595 |
strcpy(mess, "OK"); |
2597 | 2596 |
break; |
... | ... |
@@ -2604,7 +2607,8 @@ clamfi_eom(SMFICTX *ctx) |
2604 | 2604 |
logger(mess); |
2605 | 2605 |
break; |
2606 | 2606 |
} |
2607 |
- cl_free(scanning_root); |
|
2607 |
+ cl_free(privdata->root); |
|
2608 |
+ privdata->root = NULL; |
|
2608 | 2609 |
|
2609 | 2610 |
#ifdef SESSION |
2610 | 2611 |
session = NULL; |
... | ... |
@@ -3115,15 +3119,6 @@ clamfi_abort(SMFICTX *ctx) |
3115 | 3115 |
#endif |
3116 | 3116 |
|
3117 | 3117 |
cli_dbgmsg("clamfi_abort\n"); |
3118 |
- /* |
|
3119 |
- * Unlock incase we're called during a cond_timedwait in envfrom |
|
3120 |
- * |
|
3121 |
- * TODO: There *must* be a tidier a safer way of doing this! |
|
3122 |
- */ |
|
3123 |
- if((max_children > 0) && (n_children >= max_children)) { |
|
3124 |
- (void)pthread_mutex_trylock(&n_children_mutex); |
|
3125 |
- (void)pthread_mutex_unlock(&n_children_mutex); |
|
3126 |
- } |
|
3127 | 3118 |
|
3128 | 3119 |
clamfi_cleanup(ctx); |
3129 | 3120 |
|
... | ... |
@@ -3276,7 +3271,9 @@ clamfi_free(struct privdata *privdata) |
3276 | 3276 |
privdata->cmdSocket = -1; |
3277 | 3277 |
} |
3278 | 3278 |
#endif |
3279 |
- } |
|
3279 |
+ } else if(privdata->root) |
|
3280 |
+ cl_free(privdata->root); |
|
3281 |
+ |
|
3280 | 3282 |
if(privdata->headers) |
3281 | 3283 |
header_list_free(privdata->headers); |
3282 | 3284 |
|
... | ... |
@@ -208,7 +208,7 @@ sendmail. |
208 | 208 |
.TP |
209 | 209 |
\fB\-\-timeout=n \-T n\fR |
210 | 210 |
Used in conjunction with max\-children. If clamav\-milter waits for more than |
211 |
-\fIn\fR seconds (default 0) it proceeds with scanning. Setting \fIn\fR to zero |
|
211 |
+\fIn\fR seconds (default 300) it proceeds with scanning. Setting \fIn\fR to zero |
|
212 | 212 |
will turn off the timeout and clamav\-milter will wait indefinitely for the |
213 | 213 |
scanning to quit. In practice the timeout set by sendmail will then take over. |
214 | 214 |
.TP |