@@ -1,3 +1,7 @@

+Sat Jan  6 16:57:23 CET 2007 (tk)

+---------------------------------

+  * freshclam: initial version of mirror manager; new option --list-mirrors

+

 Fri Jan  5 14:45:29 GMT 2007 (njh)

 ----------------------------------

   * libclamav/pst.c:	Commit fix from upstream detecting Outlook tasks

@@ -44,7 +44,9 @@ freshclam_SOURCES = \

     execute.c \

     execute.h \

     nonblock.c \

-    nonblock.h

+    nonblock.h \

+    mirman.c \

+    mirman.h

 DEFS = @DEFS@ -DCL_NOTHREADS

 INCLUDES = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav

@@ -74,7 +74,7 @@ am_freshclam_OBJECTS = output.$(OBJEXT) cfgparser.$(OBJEXT) \

 	getopt.$(OBJEXT) memory.$(OBJEXT) misc.$(OBJEXT) \

 	options.$(OBJEXT) cdiff.$(OBJEXT) freshclam.$(OBJEXT) \

 	manager.$(OBJEXT) notify.$(OBJEXT) dns.$(OBJEXT) \

-	execute.$(OBJEXT) nonblock.$(OBJEXT)

+	execute.$(OBJEXT) nonblock.$(OBJEXT) mirman.$(OBJEXT)

 freshclam_OBJECTS = $(am_freshclam_OBJECTS)

 freshclam_LDADD = $(LDADD)

 DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)

@@ -243,7 +243,9 @@ freshclam_SOURCES = \

     execute.c \

     execute.h \

     nonblock.c \

-    nonblock.h

+    nonblock.h \

+    mirman.c \

+    mirman.h

 INCLUDES = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav

 all: all-am

@@ -325,6 +327,7 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getopt.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/manager.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/memory.Po@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mirman.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nonblock.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/notify.Po@am__quote@

@@ -57,6 +57,7 @@

 #include "execute.h"

 #include "manager.h"

+#include "mirman.h"

 static short terminate = 0;

 extern int active_children;

@@ -142,6 +143,7 @@ void help(void)

     mprintf("    --on-update-execute=COMMAND          execute COMMAND after successful update\n");

     mprintf("    --on-error-execute=COMMAND           execute COMMAND if errors occured\n");

     mprintf("    --on-outdated-execute=COMMAND        execute COMMAND when software is outdated\n");

+    mprintf("    --list-mirrors                       print mirrors from mirrors.dat\n");

     mprintf("\n");

 }

@@ -174,7 +176,7 @@ int download(const struct cfgstruct *copt, const struct optstruct *opt)

 		    logg("Giving up on %s...\n", cpt->strarg);

 		    cpt = (struct cfgstruct *) cpt->nextarg;

 		    if(!cpt) {

-			logg("^Update failed. Your network may be down or none of the mirrors listed in freshclam.conf is working.\n");

+			logg("Update failed. Your network may be down or none of the mirrors listed in freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons.\n");

 		    }

 		    try = 0;

 		}

@@ -203,6 +205,7 @@ int main(int argc, char **argv)

 	struct passwd *user;

 #endif

 	struct stat statbuf;

+	struct mirdat mdat;

 	struct optstruct *opt;

 	const char *short_options = "hvdp:Vl:c:u:a:";

 	static struct option long_options[] = {

@@ -228,6 +231,7 @@ int main(int argc, char **argv)

 	    {"on-update-execute", 1, 0, 0},

 	    {"on-error-execute", 1, 0, 0},

 	    {"on-outdated-execute", 1, 0, 0},

+	    {"list-mirrors", 0, 0, 0},

 	    {0, 0, 0, 0}

     	};

@@ -403,6 +407,17 @@ int main(int argc, char **argv)

     } else

 	logg("*Current working dir is %s\n", newdir);

+

+    if(opt_check(opt, "list-mirrors")) {

+	if(mirman_read("mirrors.dat", &mdat) == -1) {

+	    printf("Can't read mirrors.dat\n");

+	    return 55;

+	}

+	mirman_list(&mdat);

+	mirman_free(&mdat);

+	return 0;

+    }

+

 #ifdef	C_WINDOWS

     {

 	    WSADATA wsaData;

@@ -47,6 +47,7 @@

 #include "dns.h"

 #include "execute.h"

 #include "nonblock.h"

+#include "mirman.h"

 #include "shared/options.h"

 #include "shared/cfgparser.h"

@@ -64,9 +65,9 @@

 #endif

-static int wwwconnect(const char *server, const char *proxy, int pport, char *ip, const char *localip, int ctimeout)

+static int wwwconnect(const char *server, const char *proxy, int pport, char *ip, const char *localip, int ctimeout, struct mirdat *mdat)

 {

-	int socketfd = -1, port, i;

+	int socketfd = -1, port, i, ret;

 	struct sockaddr_in name;

 	struct hostent *host;

 	char ipaddr[16];

@@ -187,6 +188,14 @@ static int wwwconnect(const char *server, const char *proxy, int pport, char *ip

 	ia = (unsigned char *) host->h_addr_list[i];

 	sprintf(ipaddr, "%u.%u.%u.%u", ia[0], ia[1], ia[2], ia[3]);

+	if((ret = mirman_check(((struct in_addr *) ia)->s_addr, mdat))) {

+	    if(ret == 1)

+		logg("Ignoring mirror %s (due to previous errors)\n", ipaddr);

+	    else

+		logg("Ignoring mirror %s (too often connections with outdated version)\n", ipaddr);

+	    continue;

+	}

+

 	if(ip)

 	    strcpy(ip, ipaddr);

@@ -204,6 +213,7 @@ static int wwwconnect(const char *server, const char *proxy, int pport, char *ip

 	    logg("Can't connect to port %d of host %s (IP: %s)\n", port, hostpt, ipaddr);

 	    continue;

 	} else {

+	    mdat->currip = ((struct in_addr *) ia)->s_addr;

 	    return socketfd;

 	}

     }

@@ -288,7 +298,7 @@ static char *proxyauth(const char *user, const char *pass)

     return auth;

 }

-static struct cl_cvd *remote_cvdhead(const char *file, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int *ims, int ctimeout, int rtimeout)

+static struct cl_cvd *remote_cvdhead(const char *file, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, unsigned int *ims, int ctimeout, int rtimeout, struct mirdat *mdat)

 {

 	char cmd[512], head[513], buffer[FILEBUFF], ipaddr[16], *ch, *tmp;

 	int bread, cnt, sd;

@@ -352,9 +362,9 @@ static struct cl_cvd *remote_cvdhead(const char *file, const char *hostname, cha

     memset(ipaddr, 0, sizeof(ipaddr));

     if(ip[0]) /* use ip to connect */

-	sd = wwwconnect(ip, proxy, port, ipaddr, localip, ctimeout);

+	sd = wwwconnect(ip, proxy, port, ipaddr, localip, ctimeout, mdat);

     else

-	sd = wwwconnect(hostname, proxy, port, ipaddr, localip, ctimeout);

+	sd = wwwconnect(hostname, proxy, port, ipaddr, localip, ctimeout, mdat);

     if(sd < 0) {

 	return NULL;

@@ -388,11 +398,13 @@ static struct cl_cvd *remote_cvdhead(const char *file, const char *hostname, cha

     if(bread == -1) {

 	logg("!remote_cvdhead: Error while reading CVD header from %s\n", hostname);

+	mirman_update(mdat->currip, mdat, 1);

 	return NULL;

     }

     if((strstr(buffer, "HTTP/1.1 404")) != NULL || (strstr(buffer, "HTTP/1.0 404")) != NULL) { 

 	logg("!CVD file not found on remote server\n");

+	mirman_update(mdat->currip, mdat, 1);

 	return NULL;

     }

@@ -400,6 +412,7 @@ static struct cl_cvd *remote_cvdhead(const char *file, const char *hostname, cha

     if((strstr(buffer, "HTTP/1.1 304")) != NULL || (strstr(buffer, "HTTP/1.0 304")) != NULL) { 

 	*ims = 0;

 	logg("OK (IMS)\n");

+	mirman_update(mdat->currip, mdat, 0);

 	return NULL;

     } else {

 	*ims = 1;

@@ -408,6 +421,7 @@ static struct cl_cvd *remote_cvdhead(const char *file, const char *hostname, cha

     if(!strstr(buffer, "HTTP/1.1 200") && !strstr(buffer, "HTTP/1.0 200") &&

        !strstr(buffer, "HTTP/1.1 206") && !strstr(buffer, "HTTP/1.0 206")) {

 	logg("!Unknown response from remote server\n");

+	mirman_update(mdat->currip, mdat, 1);

 	return NULL;

     }

@@ -425,6 +439,7 @@ static struct cl_cvd *remote_cvdhead(const char *file, const char *hostname, cha

     if(sizeof(buffer) - i < 512) {

 	logg("!remote_cvdhead: Malformed CVD header (too short)\n");

+	mirman_update(mdat->currip, mdat, 1);

 	return NULL;

     }

@@ -433,20 +448,24 @@ static struct cl_cvd *remote_cvdhead(const char *file, const char *hostname, cha

     for(j = 0; j < 512; j++) {

 	if(!ch || (ch && !*ch) || (ch && !isprint(ch[j]))) {

 	    logg("!remote_cvdhead: Malformed CVD header (bad chars)\n");

+	    mirman_update(mdat->currip, mdat, 1);

 	    return NULL;

 	}

 	head[j] = ch[j];

     }

-    if(!(cvd = cl_cvdparse(head)))

-	logg("!Malformed CVD header (can't parser)\n");

-    else

+    if(!(cvd = cl_cvdparse(head))) {

+	logg("!Malformed CVD header (can't parse)\n");

+	mirman_update(mdat->currip, mdat, 1);

+    } else {

 	logg("OK\n");

+	mirman_update(mdat->currip, mdat, 0);

+    }

     return cvd;

 }

-static int getfile(const char *srcfile, const char *destfile, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int ctimeout, int rtimeout)

+static int getfile(const char *srcfile, const char *destfile, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int ctimeout, int rtimeout, struct mirdat *mdat)

 {

 	char cmd[512], buffer[FILEBUFF], *ch;

 	int bread, fd, totalsize = 0,  rot = 0, totaldownloaded = 0,

@@ -493,9 +512,9 @@ static int getfile(const char *srcfile, const char *destfile, const char *hostna

     memset(ipaddr, 0, sizeof(ipaddr));

     if(ip[0]) /* use ip to connect */

-	sd = wwwconnect(ip, proxy, port, ipaddr, localip, ctimeout);

+	sd = wwwconnect(ip, proxy, port, ipaddr, localip, ctimeout, mdat);

     else

-	sd = wwwconnect(hostname, proxy, port, ipaddr, localip, ctimeout);

+	sd = wwwconnect(hostname, proxy, port, ipaddr, localip, ctimeout, mdat);

     if(sd < 0) {

 	return 52;

@@ -527,7 +546,8 @@ static int getfile(const char *srcfile, const char *destfile, const char *hostna

 #else

 	if((i >= sizeof(buffer) - 1) || recv(sd, buffer + i, 1, 0) == -1) {

 #endif

-	    logg("!getfile: Error while reading database from %s\n", hostname);

+	    logg("!getfile: Error while reading database from %s (IP: %s)\n", hostname, ipaddr);

+	    mirman_update(mdat->currip, mdat, 1);

 	    return 52;

 	}

@@ -543,14 +563,16 @@ static int getfile(const char *srcfile, const char *destfile, const char *hostna

     /* check whether the resource actually existed or not */

     if((strstr(buffer, "HTTP/1.1 404")) != NULL || (strstr(buffer, "HTTP/1.0 404")) != NULL) { 

-	logg("!getfile: %s not found on remote server\n", srcfile);

+	logg("!getfile: %s not found on remote server (IP: %s)\n", srcfile, ipaddr);

+	mirman_update(mdat->currip, mdat, 1);

 	close(sd);

 	return 58;

     }

     if(!strstr(buffer, "HTTP/1.1 200") && !strstr(buffer, "HTTP/1.0 200") &&

        !strstr(buffer, "HTTP/1.1 206") && !strstr(buffer, "HTTP/1.0 206")) {

-	logg("!getfile: Unknown response from remote server\n");

+	logg("!getfile: Unknown response from remote server (IP: %s)\n", ipaddr);

+	mirman_update(mdat->currip, mdat, 1);

 	return 58;

     }

@@ -611,10 +633,11 @@ static int getfile(const char *srcfile, const char *destfile, const char *hostna

     else

         logg("Downloading %s [*]\n", srcfile);

+    mirman_update(mdat->currip, mdat, 0);

     return 0;

 }

-static int getcvd(const char *dbfile, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int nodb, int newver, int ctimeout, int rtimeout)

+static int getcvd(const char *dbfile, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int nodb, unsigned int newver, int ctimeout, int rtimeout, struct mirdat *mdat)

 {

 	char *tempname;

 	struct cl_cvd *cvd;

@@ -624,8 +647,8 @@ static int getcvd(const char *dbfile, const char *hostname, char *ip, const char

     tempname = cli_gentemp(".");

     logg("*Retrieving http://%s/%s\n", hostname, dbfile);

-    if((ret = getfile(dbfile, tempname, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout))) {

-        logg("!Can't download %s from %s (IP: %s)\n", dbfile, hostname, ip);

+    if((ret = getfile(dbfile, tempname, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout, mdat))) {

+        logg("!Can't download %s from %s\n", dbfile, hostname);

         unlink(tempname);

         free(tempname);

         return ret;

@@ -704,7 +727,7 @@ static int chdir_inc(const char *dbname)

     return 0;

 }

-static int getpatch(const char *dbname, int version, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int ctimeout, int rtimeout)

+static int getpatch(const char *dbname, int version, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int ctimeout, int rtimeout, struct mirdat *mdat)

 {

 	char *tempname, patch[32], olddir[512];

 	int ret, fd;

@@ -722,8 +745,8 @@ static int getpatch(const char *dbname, int version, const char *hostname, char

     snprintf(patch, sizeof(patch), "%s-%d.cdiff", dbname, version);

     logg("*Retrieving http://%s/%s\n", hostname, patch);

-    if((ret = getfile(patch, tempname, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout))) {

-        logg("!getpatch: Can't download %s from %s (IP: %s)\n", patch, hostname, ip);

+    if((ret = getfile(patch, tempname, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout, mdat))) {

+        logg("!getpatch: Can't download %s from %s\n", patch, hostname);

         unlink(tempname);

         free(tempname);

 	chdir(olddir);

@@ -775,7 +798,7 @@ static struct cl_cvd *currentdb(const char *dbname, unsigned int *inc)

     return cvd;

 }

-int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, const struct cfgstruct *copt, const char *dnsreply, char *localip, int outdated)

+static int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, const struct cfgstruct *copt, const char *dnsreply, char *localip, int outdated, struct mirdat *mdat)

 {

 	struct cl_cvd *current, *remote;

 	struct cfgstruct *cpt;

@@ -809,6 +832,8 @@ int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, con

 		}

 	    }

 	}

+    } else {

+	mdat->dbflevel = current->fl;

     }

     if(!nodb && dnsreply) {

@@ -869,7 +894,7 @@ int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, con

     if(!nodb && !newver) {

-	remote = remote_cvdhead(dbfile, hostname, ip, localip, proxy, port, user, pass, uas, &ims, ctimeout, rtimeout);

+	remote = remote_cvdhead(dbfile, hostname, ip, localip, proxy, port, user, pass, uas, &ims, ctimeout, rtimeout, mdat);

 	if(!nodb && !ims) {

 	    logg("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", inc ? dbinc : dbfile, current->version, current->sigs, current->fl, current->builder);

@@ -928,7 +953,7 @@ int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, con

     */

     if(nodb) {

-	ret = getcvd(dbfile, hostname, ip, localip, proxy, port, user, pass, uas, nodb, newver, ctimeout, rtimeout);

+	ret = getcvd(dbfile, hostname, ip, localip, proxy, port, user, pass, uas, nodb, newver, ctimeout, rtimeout, mdat);

 	if(ret)

 	    return ret;

@@ -940,7 +965,7 @@ int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, con

 	     * !!! FIXME !!!: Redesign this code to make more than one attempt

 	     *		      to download a single cdiff.

 	     */

-	    ret = getpatch(dbname, i, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout);

+	    ret = getpatch(dbname, i, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout, mdat);

 	    if(ret) {

 		logg("^Removing incremental directory %s\n", dbinc);

 		rmdirs(dbinc);

@@ -951,7 +976,7 @@ int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, con

 	if(ret) {

 	    logg("^Incremental update failed, downloading complete database\n");

-	    ret = getcvd(dbfile, hostname, ip, localip, proxy, port, user, pass, uas, 1, newver, ctimeout, rtimeout);

+	    ret = getcvd(dbfile, hostname, ip, localip, proxy, port, user, pass, uas, 1, newver, ctimeout, rtimeout, mdat);

 	    if(ret)

 		return ret;

 	} else {

@@ -986,6 +1011,7 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

 	char ipaddr[16], *dnsreply = NULL, *pt, *localip = NULL, *newver = NULL;

 	const char *arg = NULL;

 	struct cfgstruct *cpt;

+	struct mirdat mdat;

 #ifdef HAVE_RESOLV_H

 	const char *dnsdbinfo;

 #endif

@@ -1069,28 +1095,32 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

 	localip = cpt->strarg;

     }

+    mirman_read("mirrors.dat", &mdat);

+

     memset(ipaddr, 0, sizeof(ipaddr));

-    if((ret = updatedb("main", hostname, ipaddr, &signo, copt, dnsreply, localip, outdated)) > 50) {

+    if((ret = updatedb("main", hostname, ipaddr, &signo, copt, dnsreply, localip, outdated, &mdat)) > 50) {

 	if(dnsreply)

 	    free(dnsreply);

 	if(newver)

 	    free(newver);

+	mirman_write("mirrors.dat", &mdat);

 	return ret;

     } else if(ret == 0)

 	updated = 1;

     /* if ipaddr[0] != 0 it will use it to connect to the web host */

-    if((ret = updatedb("daily", hostname, ipaddr, &signo, copt, dnsreply, localip, outdated)) > 50) {

+    if((ret = updatedb("daily", hostname, ipaddr, &signo, copt, dnsreply, localip, outdated, &mdat)) > 50) {

 	if(dnsreply)

 	    free(dnsreply);

 	if(newver)

 	    free(newver);

+	mirman_write("mirrors.dat", &mdat);

 	return ret;

     } else if(ret == 0)

@@ -1099,6 +1129,8 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

     if(dnsreply)

 	free(dnsreply);

+    mirman_write("mirrors.dat", &mdat);

+

     if(updated) {

 	if(cfgopt(copt, "HTTPProxyServer")->enabled) {

 	    logg("Database updated (%d signatures) from %s\n", signo, hostname);

new file mode 100644

@@ -0,0 +1,208 @@

+/*

+ *  Copyright (C) 2007 Tomasz Kojm <tkojm@clamav.net>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License version 2 as

+ *  published by the Free Software Foundation.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

+ *  MA 02110-1301, USA.

+ */

+

+#if HAVE_CONFIG_H

+#include "clamav-config.h"

+#endif

+

+#include <stdio.h>

+#include <string.h>

+#include <stdlib.h>

+#ifdef HAVE_UNISTD_H

+#include <unistd.h>

+#endif

+#include <sys/types.h>

+#include <sys/stat.h>

+#include <fcntl.h>

+#include <time.h>

+

+#include "mirman.h"

+

+#include "libclamav/cltypes.h"

+#include "libclamav/clamav.h"

+

+#include "shared/output.h"

+

+#ifndef O_BINARY

+#define O_BINARY    0

+#endif

+

+#define IGNTIME 3 * 86400

+

+void mirman_free(struct mirdat *mdat)

+{

+    if(mdat && mdat->num) {

+	free(mdat->mirtab);

+	mdat->num = 0;

+    }

+}

+

+int mirman_read(const char *file, struct mirdat *mdat)

+{

+	struct mirdat_ip mip;

+	int fd, bread;

+

+

+    memset(mdat, 0, sizeof(struct mirdat));

+

+    if((fd = open(file, O_RDONLY|O_BINARY)) == -1)

+	return -1;

+

+    while((bread = read(fd, &mip, sizeof(mip))) == sizeof(mip)) {

+	mdat->mirtab = (struct mirdat_ip *) realloc(mdat->mirtab, (mdat->num + 1) * sizeof(mip));

+	if(!mdat->mirtab) {

+	    logg("!Can't allocate memory for mdat->mirtab\n");

+	    mirman_free(mdat);

+	    close(fd);

+	    return -1;

+	}

+	memcpy(&mdat->mirtab[mdat->num], &mip, sizeof(mip));

+	mdat->num++;

+    }

+

+    close(fd);

+

+    if(bread) {

+	logg("^Removing broken %s file.\n");

+	unlink(file);

+	mirman_free(mdat);

+	return -1;

+    }

+

+    return 0;

+}

+

+int mirman_check(uint32_t ip, struct mirdat *mdat)

+{

+	unsigned int i, flevel = cl_retflevel();

+

+

+    for(i = 0; i < mdat->num; i++) {

+	if(mdat->mirtab[i].ip == ip) {

+

+	    if(mdat->dbflevel && (mdat->dbflevel > flevel) && (mdat->dbflevel - flevel > 3))

+		if(time(NULL) - mdat->mirtab[i].atime < 4 * 3600)

+		    return 2;

+

+	    if(mdat->mirtab[i].ignore) {

+		if(time(NULL) - mdat->mirtab[i].atime > IGNTIME) {

+		    mdat->mirtab[i].ignore = 0;

+		    return 0;

+		} else {

+		    return 1;

+		}

+	    }

+	}

+    }

+

+    return 0;

+}

+

+int mirman_update(uint32_t ip, struct mirdat *mdat, uint8_t broken)

+{

+	unsigned int i, found = 0;

+

+

+    for(i = 0; i < mdat->num; i++) {

+	if(mdat->mirtab[i].ip == ip) {

+	    found = 1;

+	    break;

+	}

+    }

+

+    if(found) {

+	mdat->mirtab[i].atime = (uint32_t) time(NULL);

+	if(broken)

+	    mdat->mirtab[i].fail++;

+	else

+	    mdat->mirtab[i].succ++;

+

+	/*

+	 * If the total number of failures is less than 3 then never

+	 * enable the ignore flag, in other case use the real status.

+	 */

+	if(mdat->mirtab[i].fail < 3)

+	    mdat->mirtab[i].ignore = 0;

+	else

+	    mdat->mirtab[i].ignore = broken;

+

+    } else {

+	mdat->mirtab = (struct mirdat_ip *) realloc(mdat->mirtab, (mdat->num + 1) * sizeof(struct mirdat_ip));

+	if(!mdat->mirtab) {

+	    logg("!Can't allocate memory for new element in mdat->mirtab\n");

+	    return -1;

+	}

+	mdat->mirtab[mdat->num].ip = ip;

+	mdat->mirtab[mdat->num].atime = (uint32_t) time(NULL);

+	mdat->mirtab[mdat->num].succ = 0;

+	mdat->mirtab[mdat->num].fail = 0;

+	mdat->mirtab[mdat->num].ignore = 0;

+	memset(&mdat->mirtab[mdat->num].res, 0xff, sizeof(mdat->mirtab[mdat->num].res));

+	if(broken)

+	    mdat->mirtab[mdat->num].fail++;

+	else

+	    mdat->mirtab[mdat->num].succ++;

+	mdat->num++;

+    }

+

+    return 0;

+}

+

+void mirman_list(const struct mirdat *mdat)

+{

+	unsigned int i;

+	unsigned char *ip;

+

+    for(i = 0; i < mdat->num; i++) {

+	printf("Mirror #%u\n", i + 1);

+	ip = (unsigned char *) &mdat->mirtab[i].ip;

+	printf("IP: %u.%u.%u.%u\n", ip[0], ip[1], ip[2], ip[3]);

+	printf("Successes: %u\n", mdat->mirtab[i].succ);

+	printf("Failures: %u\n", mdat->mirtab[i].fail);

+	printf("Last access: %s", ctime((time_t *) &mdat->mirtab[i].atime));

+	printf("Ignore: %s\n", mdat->mirtab[i].ignore ? "Yes" : "No");

+	if(i != mdat->num - 1)

+	    printf("-------------------------------------\n");

+    }

+}

+

+int mirman_write(const char *file, struct mirdat *mdat)

+{

+	int fd;

+

+

+    if(!mdat->num)

+	return 0;

+

+    if((fd = open(file, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0600)) == -1) {

+	logg("!Can't open %s for writing\n", file);

+	mirman_free(mdat);

+	return -1;

+    }

+

+    if(write(fd, mdat->mirtab, mdat->num * sizeof(struct mirdat_ip)) == -1) {

+	logg("!Can't write to %s\n", file);

+	mirman_free(mdat);

+	close(fd);

+	return -1;

+    }

+

+    mirman_free(mdat);

+    close(fd);

+    return 0;

+}

new file mode 100644

@@ -0,0 +1,47 @@

+/*

+ *  Copyright (C) 2007 Tomasz Kojm <tkojm@clamav.net>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License version 2 as

+ *  published by the Free Software Foundation.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

+ *  MA 02110-1301, USA.

+ */

+

+#ifndef __MIRMAN_H

+#define __MIRMAN_H

+

+#include "libclamav/cltypes.h"

+

+struct mirdat_ip {

+    uint32_t ip;	    /* IP address */

+    uint32_t atime;	    /* last access time */

+    uint32_t succ;	    /* number of successful downloads from this ip */

+    uint32_t fail;	    /* number of failures */

+    uint8_t ignore;	    /* ignore flag */

+    char res[32];	    /* reserved */

+};

+

+struct mirdat {

+    unsigned int num;

+    uint32_t currip;

+    uint32_t dbflevel;

+    struct mirdat_ip *mirtab;

+};

+

+int mirman_read(const char *file, struct mirdat *mdat);

+int mirman_check(uint32_t ip, struct mirdat *mdat);

+int mirman_update(uint32_t ip, struct mirdat *mdat, uint8_t broken);

+void mirman_list(const struct mirdat *mdat);

+int mirman_write(const char *file, struct mirdat *mdat);

+void mirman_free(struct mirdat *mdat);

+

+#endif