... | ... |
@@ -1,3 +1,7 @@ |
1 |
+Fri May 7 21:12:35 CEST 2010 (tk) |
|
2 |
+---------------------------------- |
|
3 |
+ * clamdscan: respect ExcludePath in --fdpass mode (bb#1923) |
|
4 |
+ |
|
1 | 5 |
Fri Apr 9 17:01:07 EEST 2010 (edwin) |
2 | 6 |
------------------------------------- |
3 | 7 |
* libclamav/c++/llvm/test: Fix make check failure on x86-32 (bb #1942) |
... | ... |
@@ -44,6 +44,7 @@ |
44 | 44 |
void help(void); |
45 | 45 |
|
46 | 46 |
extern int printinfected; |
47 |
+struct optstruct *clamdopts = NULL; |
|
47 | 48 |
|
48 | 49 |
static void print_server_version(const struct optstruct *opt) |
49 | 50 |
{ |
... | ... |
@@ -69,6 +70,11 @@ int main(int argc, char **argv) |
69 | 69 |
return 2; |
70 | 70 |
} |
71 | 71 |
|
72 |
+ if((clamdopts = optparse(optget(opts, "config-file")->strarg, 0, NULL, 1, OPT_CLAMD, 0, NULL)) == NULL) { |
|
73 |
+ logg("!Can't parse clamd configuration file %s\n", optget(opts, "config-file")->strarg); |
|
74 |
+ return 2; |
|
75 |
+ } |
|
76 |
+ |
|
72 | 77 |
if(optget(opts, "verbose")->enabled) { |
73 | 78 |
mprintf_verbose = 1; |
74 | 79 |
logg_verbose = 1; |
... | ... |
@@ -83,11 +89,13 @@ int main(int argc, char **argv) |
83 | 83 |
if(optget(opts, "version")->enabled) { |
84 | 84 |
print_server_version(opts); |
85 | 85 |
optfree(opts); |
86 |
+ optfree(clamdopts); |
|
86 | 87 |
exit(0); |
87 | 88 |
} |
88 | 89 |
|
89 | 90 |
if(optget(opts, "help")->enabled) { |
90 | 91 |
optfree(opts); |
92 |
+ optfree(clamdopts); |
|
91 | 93 |
help(); |
92 | 94 |
} |
93 | 95 |
|
... | ... |
@@ -101,6 +109,7 @@ int main(int argc, char **argv) |
101 | 101 |
if(logg("--------------------------------------\n")) { |
102 | 102 |
mprintf("!Problem with internal logger.\n"); |
103 | 103 |
optfree(opts); |
104 |
+ optfree(clamdopts); |
|
104 | 105 |
exit(2); |
105 | 106 |
} |
106 | 107 |
} else |
... | ... |
@@ -110,12 +119,14 @@ int main(int argc, char **argv) |
110 | 110 |
if(optget(opts, "reload")->enabled) { |
111 | 111 |
ret = reload_clamd_database(opts); |
112 | 112 |
optfree(opts); |
113 |
+ optfree(clamdopts); |
|
113 | 114 |
logg_close(); |
114 | 115 |
exit(ret); |
115 | 116 |
} |
116 | 117 |
|
117 | 118 |
if(actsetup(opts)) { |
118 | 119 |
optfree(opts); |
120 |
+ optfree(clamdopts); |
|
119 | 121 |
logg_close(); |
120 | 122 |
exit(2); |
121 | 123 |
} |
... | ... |
@@ -134,6 +145,7 @@ int main(int argc, char **argv) |
134 | 134 |
gettimeofday(&t1, NULL); |
135 | 135 |
|
136 | 136 |
ret = client(opts, &infected, &err); |
137 |
+ optfree(clamdopts); |
|
137 | 138 |
|
138 | 139 |
/* TODO: Implement STATUS in clamd */ |
139 | 140 |
if(!optget(opts, "no-summary")->enabled) { |
... | ... |
@@ -73,21 +73,16 @@ unsigned long int maxstream; |
73 | 73 |
static struct sockaddr_un nixsock; |
74 | 74 |
#endif |
75 | 75 |
static struct sockaddr_in tcpsock; |
76 |
- |
|
76 |
+extern struct optstruct *clamdopts; |
|
77 | 77 |
|
78 | 78 |
/* Inits the communication layer |
79 | 79 |
* Returns 0 if clamd is local, non zero if clamd is remote */ |
80 | 80 |
static int isremote(const struct optstruct *opts) { |
81 | 81 |
int s, ret; |
82 | 82 |
const struct optstruct *opt; |
83 |
- struct optstruct *clamdopts; |
|
84 | 83 |
const char *clamd_conf = optget(opts, "config-file")->strarg; |
85 | 84 |
static struct sockaddr_in testsock; |
86 | 85 |
|
87 |
- if((clamdopts = optparse(clamd_conf, 0, NULL, 1, OPT_CLAMD, 0, NULL)) == NULL) { |
|
88 |
- logg("!Can't parse clamd configuration file %s\n", clamd_conf); |
|
89 |
- return 0; |
|
90 |
- } |
|
91 | 86 |
#ifndef _WIN32 |
92 | 87 |
if((opt = optget(clamdopts, "LocalSocket"))->enabled) { |
93 | 88 |
memset((void *)&nixsock, 0, sizeof(nixsock)); |
... | ... |
@@ -96,24 +91,20 @@ static int isremote(const struct optstruct *opts) { |
96 | 96 |
nixsock.sun_path[sizeof(nixsock.sun_path)-1]='\0'; |
97 | 97 |
mainsa = (struct sockaddr *)&nixsock; |
98 | 98 |
mainsasz = sizeof(nixsock); |
99 |
- optfree(clamdopts); |
|
100 | 99 |
return 0; |
101 | 100 |
} |
102 | 101 |
#endif |
103 |
- if(!(opt = optget(clamdopts, "TCPSocket"))->enabled) { |
|
104 |
- optfree(clamdopts); |
|
102 |
+ if(!(opt = optget(clamdopts, "TCPSocket"))->enabled) |
|
105 | 103 |
return 0; |
106 |
- } |
|
104 |
+ |
|
107 | 105 |
mainsa = (struct sockaddr *)&tcpsock; |
108 | 106 |
mainsasz = sizeof(tcpsock); |
109 | 107 |
|
110 | 108 |
if (cfg_tcpsock(clamdopts, &tcpsock, INADDR_LOOPBACK) == -1) { |
111 | 109 |
logg("!Can't lookup clamd hostname: %s.\n", strerror(errno)); |
112 |
- optfree(clamdopts); |
|
113 | 110 |
mainsa = NULL; |
114 | 111 |
return 0; |
115 | 112 |
} |
116 |
- optfree(clamdopts); |
|
117 | 113 |
memcpy((void *)&testsock, (void *)&tcpsock, sizeof(testsock)); |
118 | 114 |
testsock.sin_port = htons(INADDR_ANY); |
119 | 115 |
if(!(s = socket(testsock.sin_family, SOCK_STREAM, 0))) return 0; |
... | ... |
@@ -226,16 +217,9 @@ int reload_clamd_database(const struct optstruct *opts) |
226 | 226 |
|
227 | 227 |
int client(const struct optstruct *opts, int *infected, int *err) |
228 | 228 |
{ |
229 |
- const char *clamd_conf = optget(opts, "config-file")->strarg; |
|
230 |
- struct optstruct *clamdopts; |
|
231 | 229 |
int remote, scantype, session = 0, errors = 0, scandash = 0, maxrec, flags = 0; |
232 | 230 |
const char *fname; |
233 | 231 |
|
234 |
- if((clamdopts = optparse(clamd_conf, 0, NULL, 1, OPT_CLAMD, 0, NULL)) == NULL) { |
|
235 |
- logg("!Can't parse clamd configuration file %s\n", clamd_conf); |
|
236 |
- return 2; |
|
237 |
- } |
|
238 |
- |
|
239 | 232 |
scandash = (opts->filename && opts->filename[0] && !strcmp(opts->filename[0], "-") && !optget(opts, "file-list")->enabled && !opts->filename[1]); |
240 | 233 |
remote = isremote(opts) | optget(opts, "stream")->enabled; |
241 | 234 |
#ifdef HAVE_FD_PASSING |
... | ... |
@@ -257,7 +241,6 @@ int client(const struct optstruct *opts, int *infected, int *err) |
257 | 257 |
if (optget(clamdopts, "FollowFileSymlinks")->enabled) |
258 | 258 |
flags |= CLI_FTW_FOLLOW_FILE_SYMLINK; |
259 | 259 |
flags |= CLI_FTW_TRIM_SLASHES; |
260 |
- optfree(clamdopts); |
|
261 | 260 |
|
262 | 261 |
if(!mainsa) { |
263 | 262 |
logg("!Clamd is not configured properly.\n"); |
... | ... |
@@ -46,6 +46,7 @@ |
46 | 46 |
#include "libclamav/others.h" |
47 | 47 |
#include "shared/actions.h" |
48 | 48 |
#include "shared/output.h" |
49 |
+#include "shared/misc.h" |
|
49 | 50 |
|
50 | 51 |
#include "proto.h" |
51 | 52 |
#include "client.h" |
... | ... |
@@ -54,6 +55,7 @@ extern struct sockaddr *mainsa; |
54 | 54 |
extern int mainsasz; |
55 | 55 |
extern unsigned long int maxstream; |
56 | 56 |
int printinfected; |
57 |
+extern struct optstruct *clamdopts; |
|
57 | 58 |
|
58 | 59 |
static const char *scancmd[] = { "CONTSCAN", "MULTISCAN" }; |
59 | 60 |
|
... | ... |
@@ -244,6 +246,23 @@ static int send_fdpass(int sockd, const char *filename) { |
244 | 244 |
} |
245 | 245 |
#endif |
246 | 246 |
|
247 |
+/* 0: scan, 1: skip */ |
|
248 |
+static int chkpath(const char *path) |
|
249 |
+{ |
|
250 |
+ const struct optstruct *opt; |
|
251 |
+ |
|
252 |
+ if((opt = optget(clamdopts, "ExcludePath"))->enabled) { |
|
253 |
+ while(opt) { |
|
254 |
+ if(match_regex(path, opt->strarg) == 1) { |
|
255 |
+ logg("~%s: Excluded\n", path); |
|
256 |
+ return 1; |
|
257 |
+ } |
|
258 |
+ opt = opt->nextarg; |
|
259 |
+ } |
|
260 |
+ } |
|
261 |
+ return 0; |
|
262 |
+} |
|
263 |
+ |
|
247 | 264 |
/* Sends a proper scan request to clamd and parses its replies |
248 | 265 |
* This is used only in non IDSESSION mode |
249 | 266 |
* Returns the number of infected files or -1 on error */ |
... | ... |
@@ -253,6 +272,8 @@ int dsresult(int sockd, int scantype, const char *filename, int *printok, int *e |
253 | 253 |
struct RCVLN rcv; |
254 | 254 |
struct stat sb; |
255 | 255 |
|
256 |
+ if(chkpath(filename)) |
|
257 |
+ return 0; |
|
256 | 258 |
recvlninit(&rcv, sockd); |
257 | 259 |
|
258 | 260 |
switch(scantype) { |
... | ... |
@@ -501,6 +522,8 @@ static int parallel_callback(struct stat *sb, char *filename, const char *path, |
501 | 501 |
struct SCANID *cid; |
502 | 502 |
int res; |
503 | 503 |
|
504 |
+ if(chkpath(filename)) |
|
505 |
+ return 0; |
|
504 | 506 |
c->files++; |
505 | 507 |
switch(reason) { |
506 | 508 |
case error_stat: |
... | ... |
@@ -286,7 +286,6 @@ int daemonize(void) |
286 | 286 |
#endif |
287 | 287 |
} |
288 | 288 |
|
289 |
-#ifndef CL_NOLIBCLAMAV |
|
290 | 289 |
int match_regex(const char *filename, const char *pattern) |
291 | 290 |
{ |
292 | 291 |
regex_t reg; |
... | ... |
@@ -310,7 +309,6 @@ int match_regex(const char *filename, const char *pattern) |
310 | 310 |
cli_regfree(®); |
311 | 311 |
return match; |
312 | 312 |
} |
313 |
-#endif |
|
314 | 313 |
|
315 | 314 |
int cfg_tcpsock(const struct optstruct *opts, struct sockaddr_in *tcpsock, in_addr_t defaultbind) |
316 | 315 |
{ |