@@ -1,3 +1,7 @@

+Tue May 11 22:44:06 CEST 2010 (tk)

+----------------------------------

+ * freshclam: add new option TestDatabases

+

 Tue May 11 21:33:49 EEST 2010 (edwin)

 -------------------------------------

  * libclamav/filtering.c: fix handling of alternates and negated alternates (bb #2004)

@@ -96,6 +96,11 @@ With this option you can control scripted updates. It's highly recommended to ke

 .br .

 Default: enabled

 .TP 

+\fBTestDatabases BOOL\fR

+With this option enabled, freshclam will attempt to load new databases into memory to make sure they are properly handled by libclamav before replacing the old ones.

+.br .

+Default: enabled

+.TP 

 \fBCompressLocalDatabase BOOL\fR

 By default freshclam will keep the local databases (.cld) uncompressed to make their handling faster. With this option you can enable the compression; the change will take effect with the next database update.

 .br 

@@ -142,6 +142,12 @@ DatabaseMirror database.clamav.net

 # Default: 30

 #ReceiveTimeout 60

+# With this option enabled, freshclam will attempt to load new

+# databases into memory to make sure they are properly handled

+# by libclamav before replacing the old ones.

+# Default: yes

+#TestDatabases yes

+

 # When enabled freshclam will submit statistics to the ClamAV Project about

 # the latest virus detections in your environment. The ClamAV maintainers

 # will then use this data to determine what types of malware are the most

@@ -1467,14 +1467,15 @@ static int updatedb(const char *dbname, const char *hostname, char *ip, int *sig

 {

 	struct cl_cvd *current, *remote;

 	const struct optstruct *opt;

-	unsigned int nodb = 0, currver = 0, newver = 0, port = 0, i, j;

+	unsigned int nodb = 0, currver = 0, newver = 0, port = 0, i, j, newsigs = 0;

 	int ret, ims = -1;

-	char *pt, cvdfile[32], localname[32], *tmpdir = NULL, *newfile, newdb[32], cwd[512];

+	char *pt, cvdfile[32], localname[32], *tmpdir = NULL, *newfile, *newfile2, newdb[32], cwd[512];

 	char extradbinfo[64], *extradnsreply = NULL;

 	const char *proxy = NULL, *user = NULL, *pass = NULL, *uas = NULL;

 	unsigned int flevel = cl_retflevel(), remote_flevel = 0, maxattempts;

 	unsigned int can_whitelist = 0;

 	int ctimeout, rtimeout;

+	struct cl_engine *engine;

     snprintf(cvdfile, sizeof(cvdfile), "%s.cvd", dbname);

@@ -1722,6 +1723,45 @@ static int updatedb(const char *dbname, const char *hostname, char *ip, int *sig

 	return 55; /* FIXME */

     }

+    if(optget(opts, "TestDatabases")->enabled && strlen(newfile) > 4) {

+	if(!(engine = cl_engine_new())) {

+	    unlink(newfile);

+	    free(newfile);

+	    return 55;

+	}

+	newfile2 = strdup(newfile);

+	if(!newfile2) {

+	    unlink(newfile);

+	    free(newfile);

+	    cl_engine_free(engine);

+	    return 55;

+	}

+	newfile2[strlen(newfile2) - 4] = '.';

+	newfile2[strlen(newfile2) - 3] = 'c';

+	newfile2[strlen(newfile2) - 2] = strstr(newdb, ".cld") ? 'l' : 'v';

+	newfile2[strlen(newfile2) - 1] = 'd';

+	if(rename(newfile, newfile2) == -1) {

+	    logg("!Can't rename %s to %s: %s\n", newfile, newfile2, strerror(errno));

+	    unlink(newfile);

+	    free(newfile);

+	    free(newfile2);

+	    cl_engine_free(engine);

+	    return 57;

+	}

+	free(newfile);

+	newfile = newfile2;

+	if((ret = cl_load(newfile, engine, &newsigs, CL_DB_PHISHING | CL_DB_PHISHING_URLS | CL_DB_BYTECODE | CL_DB_PUA)) != CL_SUCCESS) {

+	    logg("!Failed to load new database: %s\n", cl_strerror(ret));

+	    unlink(newfile);

+	    free(newfile);

+	    cl_engine_free(engine);

+	    return 55;

+	} else {

+	    logg("*Properly loaded %u signatures from new %s\n", newsigs, newdb);

+	}

+	cl_engine_free(engine);

+    }

+

 #ifdef _WIN32

     if(!access(newdb, R_OK) && unlink(newdb)) {

 	logg("!Can't unlink %s. Please fix the problem manually and try again.\n", newdb);

@@ -350,6 +350,8 @@ const struct clam_option __clam_options[] = {

     { "ScriptedUpdates", NULL, 0, TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_FRESHCLAM, "With this option you can control scripted updates. It's highly recommended to keep them enabled.", "yes" },

+    { "TestDatabases", NULL, 0, TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_FRESHCLAM, "With this option enabled, freshclam will attempt to load new\ndatabases into memory to make sure they are properly handled\nby libclamav before replacing the old ones.", "yes" },

+

     { "CompressLocalDatabase", NULL, 0, TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_FRESHCLAM, "By default freshclam will keep the local databases (.cld) uncompressed to\nmake their handling faster. With this option you can enable the compression.\nThe change will take effect with the next database update.", "" },

     { "ExtraDatabase", NULL, 0, TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "Download additional database. This option can be used multiple times.", "dbname1\ndbname2" },