@@ -1,3 +1,7 @@

+Sat Nov 29 04:35:03 CET 2003 (tk)

+---------------------------------

+  * clamd: UseProcesses: use processes instead of threads (initial version)

+

 Thu Nov 27 00:51:03 CET 2003 (tk)

 ---------------------------------

   * clamd: also update database timestamps after RELOAD and not only SelfCheck

@@ -30,7 +30,8 @@ clamd_SOURCES = \

     tcpserver.h \

     localserver.c \

     localserver.h \

-    server.c \

+    server-proc.c \

+    server-th.c \

     server.h \

     scanner.c \

     scanner.h \

@@ -127,7 +127,8 @@ install_sh = @install_sh@

 @BUILD_CLAMD_TRUE@    tcpserver.h \

 @BUILD_CLAMD_TRUE@    localserver.c \

 @BUILD_CLAMD_TRUE@    localserver.h \

-@BUILD_CLAMD_TRUE@    server.c \

+@BUILD_CLAMD_TRUE@    server-proc.c \

+@BUILD_CLAMD_TRUE@    server-th.c \

 @BUILD_CLAMD_TRUE@    server.h \

 @BUILD_CLAMD_TRUE@    scanner.c \

 @BUILD_CLAMD_TRUE@    scanner.h \

@@ -156,10 +157,10 @@ PROGRAMS = $(sbin_PROGRAMS)

 @BUILD_CLAMD_TRUE@am_clamd_OBJECTS = options.$(OBJEXT) cfgfile.$(OBJEXT) \

 @BUILD_CLAMD_TRUE@	clamd.$(OBJEXT) tcpserver.$(OBJEXT) \

-@BUILD_CLAMD_TRUE@	localserver.$(OBJEXT) server.$(OBJEXT) \

-@BUILD_CLAMD_TRUE@	scanner.$(OBJEXT) others.$(OBJEXT) \

-@BUILD_CLAMD_TRUE@	clamuko.$(OBJEXT) dazukoio.$(OBJEXT) \

-@BUILD_CLAMD_TRUE@	tests.$(OBJEXT)

+@BUILD_CLAMD_TRUE@	localserver.$(OBJEXT) server-proc.$(OBJEXT) \

+@BUILD_CLAMD_TRUE@	server-th.$(OBJEXT) scanner.$(OBJEXT) \

+@BUILD_CLAMD_TRUE@	others.$(OBJEXT) clamuko.$(OBJEXT) \

+@BUILD_CLAMD_TRUE@	dazukoio.$(OBJEXT) tests.$(OBJEXT)

 clamd_OBJECTS = $(am_clamd_OBJECTS)

 @BUILD_CLAMD_TRUE@clamd_DEPENDENCIES = ../clamscan/getopt.o

 @BUILD_CLAMD_FALSE@clamd_DEPENDENCIES =

@@ -173,8 +174,8 @@ am__depfiles_maybe = depfiles

 @AMDEP_TRUE@	./$(DEPDIR)/clamuko.Po ./$(DEPDIR)/dazukoio.Po \

 @AMDEP_TRUE@	./$(DEPDIR)/localserver.Po ./$(DEPDIR)/options.Po \

 @AMDEP_TRUE@	./$(DEPDIR)/others.Po ./$(DEPDIR)/scanner.Po \

-@AMDEP_TRUE@	./$(DEPDIR)/server.Po ./$(DEPDIR)/tcpserver.Po \

-@AMDEP_TRUE@	./$(DEPDIR)/tests.Po

+@AMDEP_TRUE@	./$(DEPDIR)/server-proc.Po ./$(DEPDIR)/server-th.Po \

+@AMDEP_TRUE@	./$(DEPDIR)/tcpserver.Po ./$(DEPDIR)/tests.Po

 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \

 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)

 LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) \

@@ -241,7 +242,8 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/options.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/others.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scanner.Po@am__quote@

-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server.Po@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server-proc.Po@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server-th.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tcpserver.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tests.Po@am__quote@

@@ -58,6 +58,7 @@ struct cfgstruct *parsecfg(const char *cfgfile)

 	    {"MaxConnectionQueueLength", OPT_NUM},

 	    {"StreamSaveToDisk", OPT_NOARG},

 	    {"StreamMaxLength", OPT_COMPSIZE},

+	    {"UseProcesses", OPT_NOARG},

 	    {"MaxThreads", OPT_NUM},

 	    {"ThreadTimeout", OPT_NUM},

 	    {"MaxDirectoryRecursion", OPT_NUM},

@@ -96,6 +96,10 @@ int localserver(const struct optstruct *opt, const struct cfgstruct *copt, struc

 	exit(1);

     }

-    acceptloop(sockfd, root, copt);

+    if(cfgopt(copt, "UseProcesses"))

+	acceptloop_proc(sockfd, root, copt);

+    else

+	acceptloop_th(sockfd, root, copt);

+

     return 0;

 }

@@ -100,7 +100,7 @@ int dirscan(const char *dirname, char **virname, unsigned long int *scanned, con

 					ret = 2;

 				} else if(scanret != CL_CLEAN) {

 				    mdprintf(odesc, "%s: %s ERROR\n", fname, cl_strerror(scanret));

-				    logg("%s: %s\n ERROR", fname, cl_strerror(scanret));

+				    logg("%s: %s ERROR\n", fname, cl_strerror(scanret));

 				}

 		    }

new file mode 100644

@@ -0,0 +1,339 @@

+/*

+ *  Copyright (C) 2002, 2003 Tomasz Kojm <zolw@konarski.edu.pl>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License as published by

+ *  the Free Software Foundation; either version 2 of the License, or

+ *  (at your option) any later version.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

+ */

+

+#include <stdio.h>

+#include <stdlib.h>

+#include <string.h>

+#include <unistd.h>

+#include <sys/types.h>

+#include <sys/socket.h>

+#include <sys/wait.h>

+#include <pthread.h>

+#include <time.h>

+#include <signal.h>

+

+#include "cfgfile.h"

+#include "others.h"

+#include "defaults.h"

+#include "scanner.h"

+#include "server.h"

+#include "clamuko.h"

+#include "tests.h"

+

+#define CMD1 "SCAN"

+#define CMD2 "RAWSCAN"

+#define CMD3 "QUIT"

+#define CMD4 "RELOAD"

+#define CMD5 "PING"

+#define CMD6 "CONTSCAN"

+#define CMD7 "VERSION"

+#define CMD8 "STREAM"

+#define CMD9 "STREAM2"

+

+

+int procscan(const char *name, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, short contscan)

+{

+	int pid;

+	struct cfgstruct *cpt;

+

+    switch(pid = fork()) {

+	case -1:

+	    logg("!Can't fork()\n");

+	    return -1;

+

+	case 0:

+	    if((cpt = cfgopt(copt, "ThreadTimeout")))

+	        alarm(cpt->numarg);

+	    else

+	        alarm(CL_DEFAULT_SCANTIMEOUT);

+

+	    if(!name)

+		scanstream(odesc, NULL, root, limits, options, copt);

+	    else

+		scan(name, NULL, root, limits, options, copt, odesc, contscan);

+

+	    exit(0);

+

+	default:

+	    return pid;

+    }

+

+    return -1;

+}

+

+int acceptd = -1;

+

+int acceptloop_proc(int socketd, struct cl_node *root, const struct cfgstruct *copt)

+{

+	int i, j, bread, options = 0, maxwait, childs, *session, status,

+	    virnum, need_wait, ret;

+	struct cfgstruct *cpt;

+	struct cl_limits limits;

+	struct sigaction sigact;

+	char buff[1025];

+	const char *dbdir;

+	sigset_t sigset;

+	mode_t old_umask;

+

+    /* save the PID */

+    if((cpt = cfgopt(copt, "PidFile"))) {

+	    FILE *fd;

+	    old_umask = umask(0006);

+	if((fd = fopen(cpt->strarg, "w")) == NULL) {

+	    logg("!Can't save PID in file %s\n", cpt->strarg);

+	} else {

+	    fprintf(fd, "%d", getpid());

+	    fclose(fd);

+	}

+	umask(old_umask);

+    }

+

+    logg("*Listening daemon: PID: %d\n", getpid());

+

+    if((cpt = cfgopt(copt, "MaxThreads")))

+	childs = cpt->numarg;

+    else

+	childs = CL_DEFAULT_MAXTHREADS;

+

+    logg("Maximal number of childs: %d\n", childs);

+    session = (int *) mcalloc(childs, sizeof(int));

+

+    if((cpt = cfgopt(copt, "DataDirectory")))

+	dbdir = cpt->strarg;

+    else

+        dbdir = cl_retdbdir();

+

+    if(cfgopt(copt, "ScanArchive")) {

+

+	/* set up limits */

+	memset(&limits, 0, sizeof(struct cl_limits));

+

+	if((cpt = cfgopt(copt, "ArchiveMaxFileSize"))) {

+	    if((limits.maxfilesize = cpt->numarg))

+		logg("Archive: Archived file size limit set to %d bytes.\n", limits.maxfilesize);

+	    else

+		logg("^Archive: File size limit protection disabled.\n");

+	} else {

+	    limits.maxfilesize = 10485760;

+	    logg("^USING HARDCODED LIMIT: Archive: Archived file size limit set to %d bytes.\n", limits.maxfilesize);

+	}

+

+	if((cpt = cfgopt(copt, "ArchiveMaxRecursion"))) {

+	    if((limits.maxreclevel = cpt->numarg))

+		logg("Archive: Recursion level limit set to %d.\n", limits.maxreclevel);

+	    else

+		logg("^Archive: Recursion level limit protection disabled.\n");

+	} else {

+	    limits.maxreclevel = 5;

+	    logg("^USING HARDCODED LIMIT: Archive: Recursion level set to %d.\n", limits.maxreclevel);

+	}

+

+	if((cpt = cfgopt(copt, "ArchiveMaxFiles"))) {

+	    if((limits.maxfiles = cpt->numarg))

+		logg("Archive: Files limit set to %d.\n", limits.maxfiles);

+	    else

+		logg("^Archive: Files limit protection disabled.\n");

+	} else {

+	    limits.maxfiles = 1000;

+	    logg("^USING HARDCODED LIMIT: Archive: Files limit set to %d.\n", limits.maxfiles);

+	}

+

+	if(cfgopt(copt, "ArchiveLimitMemoryUsage")) {

+	    limits.archivememlim = 1;

+	    logg("Archive: Limited memory usage.\n", limits.maxfiles);

+	} else

+	    limits.archivememlim = 0;

+

+	

+	logg("Archive support enabled.\n");

+	options |= CL_ARCHIVE;

+

+	if(cfgopt(copt, "ScanRAR")) {

+	    logg("RAR support enabled.\n");

+	} else {

+	    logg("RAR support disabled.\n");

+	    options |= CL_DISABLERAR;

+	}

+

+    } else {

+	logg("Archive support disabled.\n");

+    }

+

+    if(cfgopt(copt, "ScanMail")) { 

+	logg("Mail support enabled.\n");

+	options |= CL_MAIL;

+    } else {

+	logg("Mail support disabled.\n");

+    }

+

+    /* set up signal handling */

+

+    sigfillset(&sigset);

+    sigdelset(&sigset, SIGINT);

+    sigdelset(&sigset, SIGTERM);

+    sigdelset(&sigset, SIGSEGV);

+    sigdelset(&sigset, SIGHUP);

+    sigprocmask(SIG_SETMASK, &sigset, NULL);

+

+    /* SIGINT, SIGTERM, SIGSEGV */

+    sigact.sa_handler = sighandler;

+    sigemptyset(&sigact.sa_mask);

+    sigaddset(&sigact.sa_mask, SIGINT);

+    sigaddset(&sigact.sa_mask, SIGTERM);

+    sigaddset(&sigact.sa_mask, SIGHUP);

+    sigaction(SIGINT, &sigact, NULL);

+    sigaction(SIGTERM, &sigact, NULL);

+#ifndef CL_DEBUG

+    sigaction(SIGSEGV, &sigact, NULL);

+#endif

+    sigaction(SIGHUP, &sigact, NULL);

+

+

+    while(1) {

+

+	for(i = 0; ; i++) { /* find a free session */

+

+	    /* free all finished childs */

+	    for(j = 0; j <= childs; j++)

+		if(session[j] && waitpid(session[j], &status, WNOHANG))

+		    session[j] = 0;

+

+	    if(i == childs)

+		i = 0;

+

+	    if(!session[i])

+		break;

+	}

+

+	if((acceptd = accept(socketd, NULL, NULL)) == -1) {

+	    logg("!accept() failed.\n");

+	    /* exit ? */

+	    continue;

+	}

+

+	if((bread = read(acceptd, buff, 1024)) == -1) {

+	    logg("!read(desc %d) failed.\n", acceptd);

+	} else {

+

+	    buff[bread] = 0;

+	    chomp(buff);

+

+	    if(!strncmp(buff, CMD1, strlen(CMD1))) { /* SCAN */

+		session[i] = procscan(buff + strlen(CMD1) + 1, root, &limits, options, copt, acceptd, 0);

+

+	    } else if(!strncmp(buff, CMD2, strlen(CMD2))) { /* RAWSCAN */

+		options &= ~CL_ARCHIVE;

+		session[i] = procscan(buff + strlen(CMD2) + 1, root, NULL, options, copt, acceptd, 0);

+

+	    } else if(!strncmp(buff, CMD3, strlen(CMD3))) { /* QUIT */

+		kill(0, SIGTERM);

+

+	    } else if(!strncmp(buff, CMD4, strlen(CMD4))) { /* RELOAD */

+		mdprintf(acceptd, "RELOADING\n");

+

+		/* wait until all childs are finished */

+		do {

+		    need_wait = 0;

+

+		    /* free all finished childs */

+		    for(i = 0; i <= childs; i++)

+			if(session[i] && waitpid(session[i], &status, WNOHANG))

+			    session[i] = 0;

+

+		    for(i = 0; i <= childs; i++)

+			if(session[i])

+			    need_wait = 1;

+

+		    if(need_wait)

+			usleep(200000);

+

+		} while(need_wait);

+

+		cl_freetrie(root);

+		root = NULL;

+		logg("Reading databases from %s\n", dbdir);

+		//cl_statfree(&dbstat);

+		//cl_statinidir(dbdir, &dbstat);

+		virnum = 0;

+		if((ret = cl_loaddbdir(dbdir, &root, &virnum))) {

+		    logg("!%s\n", cl_strerror(ret));

+		    exit(1);

+		}

+

+		if(!root) {

+		    logg("!Database initialization problem.\n");

+		    exit(1);

+		} else {

+		    cl_buildtrie(root);

+		    /* check integrity */

+		    if(!testsignature(root)) {

+			logg("!Unable to detect test signature.\n");

+			exit(1);

+		    }

+

+		    logg("Database correctly reloaded (%d viruses)\n", virnum);

+		    mdprintf(acceptd, "RELOADED\n");

+		}

+

+	    } else if(!strncmp(buff, CMD5, strlen(CMD5))) { /* PING */

+		mdprintf(acceptd, "PONG\n");

+

+	    } else if(!strncmp(buff, CMD6, strlen(CMD6))) { /* CONTSCAN */

+		session[i] = procscan(buff + strlen(CMD6) + 1, root, &limits, options, copt, acceptd, 1);

+

+	    } else if(!strncmp(buff, CMD7, strlen(CMD7))) { /* VERSION */

+		mdprintf(acceptd, "clamd / ClamAV version "VERSION"\n");

+

+	    } else if(!strncmp(buff, CMD8, strlen(CMD8))) { /* STREAM */

+		session[i] = procscan(NULL, root, &limits, options, copt, acceptd, 0);

+	    }

+	}

+

+	close(acceptd);

+    }

+}

+

+void sighandler(int sig)

+{

+	time_t currtime;

+

+    switch(sig) {

+	case SIGINT:

+	case SIGTERM:

+	    time(&currtime);

+	    logg("--- Process %d stopped at %s", getpid(), ctime(&currtime));

+	    exit(0);

+	    break; /* not reached */

+

+#ifndef CL_DEBUG

+	case SIGSEGV:

+	    logg("Segmentation fault :-( Bye..\n");

+	    exit(11); /* probably not reached at all */

+	    break; /* not reached */

+#endif

+	case SIGHUP:

+	    sighup = 1;

+	    logg("SIGHUP catched: log file re-opened.\n");

+	    break;

+	case SIGALRM:

+	    if(acceptd > 0)

+		mdprintf(acceptd, "Session (PID %d): Time out ERROR\n", getpid());

+	    logg("Session (PID %d) stopped due to timeout.\n", getpid());

+	    exit(0);

+    }

+}

new file mode 100644

@@ -0,0 +1,648 @@

+/*

+ *  Copyright (C) 2002, 2003 Tomasz Kojm <zolw@konarski.edu.pl>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License as published by

+ *  the Free Software Foundation; either version 2 of the License, or

+ *  (at your option) any later version.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

+ */

+

+#include <stdio.h>

+#include <stdlib.h>

+#include <string.h>

+#include <unistd.h>

+#include <sys/types.h>

+#include <sys/socket.h>

+#include <pthread.h>

+#include <time.h>

+#include <signal.h>

+

+#include "cfgfile.h"

+#include "others.h"

+#include "defaults.h"

+#include "scanner.h"

+#include "server.h"

+#include "clamuko.h"

+#include "tests.h"

+

+#define THREXIT					    \

+    close(ths[tharg->sid].desc);		    \

+    ths[tharg->sid].active = 0;			    \

+    /* this mutex is rather useless */		    \

+    /* pthread_mutex_unlock(&ths[tharg->sid].mutex);   */ \

+    free(tharg);				    \

+    return NULL

+

+#define CMD1 "SCAN"

+#define CMD2 "RAWSCAN"

+#define CMD3 "QUIT"

+#define CMD4 "RELOAD"

+#define CMD5 "PING"

+#define CMD6 "CONTSCAN"

+#define CMD7 "VERSION"

+#define CMD8 "STREAM"

+#define CMD9 "STREAM2"

+

+#ifdef CLAMUKO

+pthread_t clamukoid;

+#endif

+

+void *threadscanner(void *arg)

+{

+	struct thrarg *tharg = (struct thrarg *) arg;

+	char buff[32769];

+	sigset_t sigset;

+	int bread, options, maxwait = CL_DEFAULT_MAXWHILEWAIT;

+

+

+    /* ignore all signals */

+    sigfillset(&sigset);

+    pthread_sigmask(SIG_SETMASK, &sigset, NULL);

+

+    if((bread = read(ths[tharg->sid].desc, buff, 1024)) == -1) {

+	logg("!Session(%d): read() failed.\n", tharg->sid);

+	THREXIT;

+    }

+

+    buff[bread] = 0;

+    chomp(buff);

+

+    if(!strncmp(buff, CMD1, strlen(CMD1))) { /* SCAN */

+	scan(buff + strlen(CMD1) + 1, NULL, tharg->root, tharg->limits, tharg->options, tharg->copt, ths[tharg->sid].desc, 0);

+

+    } else if(!strncmp(buff, CMD2, strlen(CMD2))) { /* RAWSCAN */

+	options = tharg->options & ~CL_ARCHIVE;

+	scan(buff + strlen(CMD2) + 1, NULL, tharg->root, NULL, options, tharg->copt, ths[tharg->sid].desc, 0);

+

+    } else if(!strncmp(buff, CMD3, strlen(CMD3))) { /* QUIT */

+	if(!progexit)

+	    kill(progpid, SIGTERM);

+

+    } else if(!strncmp(buff, CMD4, strlen(CMD4))) { /* RELOAD */

+	mdprintf(ths[tharg->sid].desc, "RELOADING\n");

+	reload = 1;

+

+    } else if(!strncmp(buff, CMD5, strlen(CMD5))) { /* PING */

+	mdprintf(ths[tharg->sid].desc, "PONG\n");

+

+    } else if(!strncmp(buff, CMD6, strlen(CMD6))) { /* CONTSCAN */

+	scan(buff + strlen(CMD6) + 1, NULL, tharg->root, tharg->limits, tharg->options, tharg->copt, ths[tharg->sid].desc, 1);

+

+    } else if(!strncmp(buff, CMD7, strlen(CMD7))) { /* VERSION */

+	mdprintf(ths[tharg->sid].desc, "clamd / ClamAV version "VERSION"\n");

+

+    } else if(!strncmp(buff, CMD8, strlen(CMD8))) { /* STREAM */

+	scanstream(ths[tharg->sid].desc, NULL, tharg->root, tharg->limits, tharg->options, tharg->copt);

+    }

+    /* else if(!strncmp(buff, CMD9, strlen(CMD9))) {

+	scanstream2(ths[tharg->sid].desc, NULL, tharg->root, tharg->limits, tharg->options, tharg->copt);

+    }*/

+

+    THREXIT;

+}

+

+/* this function takes care for threads, exit and various checks */

+

+void *threadwatcher(void *arg)

+{

+	struct thrwarg *thwarg = (struct thrwarg *) arg;

+	struct cfgstruct *cpt;

+	sigset_t sigset;

+	int i, j, ret, maxwait, virnum;

+	unsigned long int timer = 0;

+	unsigned int timeout, threads, selfchk;

+	short int need_wait = 0, do_loop = 0, db_problem = 0;

+	const char *dbdir;

+	struct cl_stat dbstat;

+

+

+    /* ignore all signals (except for SIGSEGV) */

+    sigfillset(&sigset);

+    sigdelset(&sigset, SIGSEGV);

+    pthread_sigmask(SIG_SETMASK, &sigset, NULL);

+

+#ifdef C_LINUX

+    logg("*ThreadWatcher: Started in process %d\n", getpid());

+#endif

+

+    if((cpt = cfgopt(thwarg->copt, "MaxThreads")))

+	threads = cpt->numarg;

+    else

+	threads = CL_DEFAULT_MAXTHREADS;

+

+    if((cpt = cfgopt(thwarg->copt, "SelfCheck")))

+	selfchk = cpt->numarg;

+    else

+	selfchk = CL_DEFAULT_SELFCHECK;

+

+    if(!selfchk) {

+	logg("^Self checking disabled.\n");

+    } else

+	logg("Self checking every %d seconds.\n", selfchk);

+

+    if((cpt = cfgopt(thwarg->copt, "ThreadTimeout")))

+	timeout = cpt->numarg;

+    else

+	timeout = CL_DEFAULT_SCANTIMEOUT;

+

+    if(!timeout) {

+	logg("^Timeout disabled.\n");

+    } else

+	logg("Timeout set to %d seconds.\n", timeout);

+

+    if((cpt = cfgopt(thwarg->copt, "DataDirectory")))

+	dbdir = cpt->strarg;

+    else

+	dbdir = cl_retdbdir();

+

+    memset(&dbstat, 0, sizeof(struct cl_stat));

+    cl_statinidir(dbdir, &dbstat);

+

+    for(i = 0; ; i++) {

+

+        if(i == threads)

+	    i = 0;

+

+	/* check time */

+        if(ths[i].active) /* races are harmless here (timeout is re-set) */

+	    if(time(NULL) - ths[i].start > timeout) {

+		pthread_cancel(ths[i].id);

+		mdprintf(ths[i].desc, "Session(%d): Time out ERROR\n", i);

+		close(ths[i].desc);

+		logg("Session %d stopped due to timeout.\n", i);

+		ths[i].active = 0;

+//		pthread_mutex_unlock(&ths[i].mutex);

+	    }

+

+	/* cancel all threads in case of quit */

+	if(progexit == 1) {

+#ifdef CLAMUKO

+	    /* stop clamuko */

+	    if(clamuko_running) {

+		logg("Stopping Clamuko... (id %d)\n", clamukoid);

+		pthread_kill(clamukoid, SIGUSR1);

+		/* we must wait for Dazuko unregistration */

+		maxwait = CL_DEFAULT_MAXWHILEWAIT * 5;

+		while(clamuko_running && maxwait--)

+		    usleep(200000);

+

+		if(!maxwait && clamuko_running)

+		    logg("!Critical error: Can't stop Clamuko.\n");

+	    }

+#endif

+

+	    for(j = 0; j < threads; j++)

+		if(ths[j].active) {

+		    pthread_cancel(ths[j].id);

+		    mdprintf(ths[j].desc, "Session(%d): Stopped (exiting)\n", j);

+		    close(ths[j].desc);

+		    logg("Session %d stopped (exiting).\n", j);

+//		    pthread_mutex_unlock(&ths[j].mutex);

+		}

+#ifndef C_BSD

+	    logg("*Freeing trie structure.\n");

+	    cl_freetrie(*thwarg->root);

+#endif

+	    logg("*Shutting down the main socket.\n");

+	    shutdown(thwarg->socketd, 2);

+	    logg("*Closing the main socket.\n");

+	    close(thwarg->socketd);

+	    if((cpt = cfgopt(thwarg->copt, "LocalSocket"))) {

+		if(unlink(cpt->strarg) == -1)

+		    logg("!Can't unlink the socket file %s\n", cpt->strarg);

+		else

+		    logg("Socket file removed.\n");

+	    }

+

+	    if((cpt = cfgopt(thwarg->copt, "PidFile"))) {

+		if(unlink(cpt->strarg) == -1)

+		    logg("!Can't unlink the pid file %s\n", cpt->strarg);

+		else

+		    logg("Pid file removed.\n");

+	    }

+

+	    progexit = 2;

+	    logg("*Exit level %d, ThreadWatcher termination.\n", progexit);

+	    return NULL;

+	}

+

+

+	/* do self checks */

+	if(selfchk && (db_problem || !(timer % selfchk))) {

+	    /* check the integrity of the database */

+	    if(!reload) {

+

+		if(cl_statchkdir(&dbstat) == 1) {

+		    logg("SelfCheck: Database modification detected. Forcing reload.\n");

+		    reload = 1;

+		    cl_statfree(&dbstat);

+		    cl_statinidir(dbdir, &dbstat);

+		} else

+		    logg("SelfCheck: Database status OK.\n");

+

+		if(!testsignature(*thwarg->root)) {

+		    if(db_problem) {

+			logg("!SelfCheck: Unable to repair internal structure. Exiting.\n");

+			kill(progpid, SIGTERM);

+			continue;

+		    }

+		    /* oops */

+		    logg("!SelfCheck: Unable to detect test signature, forcing database reload.\n");

+		    db_problem = 1;

+		    reload = 1;

+		} else {

+		    logg("*SelfCheck: Integrity OK\n");

+		    db_problem = 0;

+		}

+	    }

+	}

+

+	timer++;

+

+	/* reload the database */

+	if(reload) {

+

+	    /* make sure the main thread doesn't start new threads */

+	    do {

+		usleep(200000);

+	    } while(!main_accept && !main_reload);

+

+	    /* wait until all working threads are finished */

+	    do {

+		need_wait = 0;

+		for(j = 0; j < threads; j++)

+		    if(ths[j].active) {

+			if(time(NULL) - ths[j].start > timeout) {

+			    do_loop = 1;

+			    break;

+			} else need_wait = 1;

+		    }

+

+#ifdef CLAMUKO

+		if(clamuko_scanning && !clamuko_reload)

+		    need_wait = 1;

+#endif

+

+		if(need_wait)

+		    usleep(200000);

+

+		if(progexit == 1)

+		    break;

+

+	    } while(need_wait);

+

+	    if(progexit == 1) {

+		reload = 0;

+		continue;

+	    }

+

+	    if(do_loop) {

+		/* some threads must be stopped in the next iteration,

+		 * reload is still == 1

+		 */

+		logg("Database reload: some threads must be stopped in the next iteration.\n");

+		do_loop = 0;

+		continue;

+	    }

+

+	    /* relase old structure */

+	    cl_freetrie(*thwarg->root);

+	    *thwarg->root = NULL;

+

+	    /* reload */

+

+	    logg("Reading databases from %s\n", dbdir);

+

+	    cl_statfree(&dbstat);

+	    cl_statinidir(dbdir, &dbstat);

+	    virnum = 0;

+	    if((ret = cl_loaddbdir(dbdir, &*thwarg->root, &virnum))) {

+		logg("!%s\n", cl_strerror(ret));

+		kill(progpid, SIGTERM);

+		/* we stay in reload == 1, so all threads are waiting */

+		continue;

+	    }

+

+	    if(! *thwarg->root) {

+		logg("!Database initialization problem.\n");

+		kill(progpid, SIGTERM);

+	    } else {

+		cl_buildtrie(*thwarg->root);

+		/* check integrity */

+		if(!testsignature(*thwarg->root)) {

+		    logg("!Unable to detect test signature.\n");

+		    kill(progpid, SIGTERM);

+		}

+

+		logg("Database correctly reloaded (%d viruses)\n", virnum);

+	    }

+

+	    reload = 0;

+	}

+

+	sleep(1);

+    }

+

+    return NULL;

+}

+

+int threads;

+pthread_t watcherid;

+

+int acceptloop_th(int socketd, struct cl_node *root, const struct cfgstruct *copt)

+{

+	int acceptd, i, options = 0, maxwait;

+	struct cfgstruct *cpt;

+	struct thrarg *tharg;

+	struct thrwarg thwarg;

+	struct cl_limits limits;

+	pthread_attr_t thattr;

+	struct sigaction sigact;

+	sigset_t sigset;

+	mode_t old_umask;

+

+#if defined(C_BIGSTACK) || defined(C_BSD)

+	size_t stacksize;

+#endif

+

+

+    /* save the PID */

+    if((cpt = cfgopt(copt, "PidFile"))) {

+	    FILE *fd;

+	    old_umask = umask(0006);

+	if((fd = fopen(cpt->strarg, "w")) == NULL) {

+	    logg("!Can't save PID in file %s\n", cpt->strarg);

+	} else {

+	    fprintf(fd, "%d", getpid());

+	    fclose(fd);

+	}

+	umask(old_umask);

+    }

+

+    logg("*Listening daemon: PID: %d\n", getpid());

+

+    if((cpt = cfgopt(copt, "MaxThreads")))

+	threads = cpt->numarg;

+    else

+	threads = CL_DEFAULT_MAXTHREADS;

+

+    logg("Maximal number of threads: %d\n", threads);

+

+    ths = (struct thrsession *) mcalloc(threads, sizeof(struct thrsession));

+ 

+    for(i = 0; i < threads; i++)

+	pthread_mutex_init(&ths[i].mutex, NULL);

+

+

+    if(cfgopt(copt, "ScanArchive") || cfgopt(copt, "ClamukoScanArchive")) {

+

+	/* set up limits */

+	memset(&limits, 0, sizeof(struct cl_limits));

+

+	if((cpt = cfgopt(copt, "ArchiveMaxFileSize"))) {

+	    if((limits.maxfilesize = cpt->numarg))

+		logg("Archive: Archived file size limit set to %d bytes.\n", limits.maxfilesize);

+	    else

+		logg("^Archive: File size limit protection disabled.\n");

+	} else {

+	    limits.maxfilesize = 10485760;

+	    logg("^USING HARDCODED LIMIT: Archive: Archived file size limit set to %d bytes.\n", limits.maxfilesize);

+	}

+

+	if((cpt = cfgopt(copt, "ArchiveMaxRecursion"))) {

+	    if((limits.maxreclevel = cpt->numarg))

+		logg("Archive: Recursion level limit set to %d.\n", limits.maxreclevel);

+	    else

+		logg("^Archive: Recursion level limit protection disabled.\n");

+	} else {

+	    limits.maxreclevel = 5;

+	    logg("^USING HARDCODED LIMIT: Archive: Recursion level set to %d.\n", limits.maxreclevel);

+	}

+

+	if((cpt = cfgopt(copt, "ArchiveMaxFiles"))) {

+	    if((limits.maxfiles = cpt->numarg))

+		logg("Archive: Files limit set to %d.\n", limits.maxfiles);

+	    else

+		logg("^Archive: Files limit protection disabled.\n");

+	} else {