git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@356 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/03/01 06:32:10... | ... |
@@ -76,10 +76,12 @@ void *clamukoth(void *arg) |
76 | 76 |
/* ignore all signals except SIGUSR1 */ |
77 | 77 |
sigfillset(&sigset); |
78 | 78 |
sigdelset(&sigset, SIGUSR1); |
79 |
+ sigdelset(&sigset, SIGSEGV); |
|
79 | 80 |
pthread_sigmask(SIG_SETMASK, &sigset, NULL); |
80 | 81 |
act.sa_handler = clamuko_exit; |
81 | 82 |
sigfillset(&(act.sa_mask)); |
82 | 83 |
sigaction(SIGUSR1, &act, NULL); |
84 |
+ sigaction(SIGSEGV, &act, NULL); |
|
83 | 85 |
|
84 | 86 |
#ifdef C_LINUX |
85 | 87 |
logg("*Clamuko: Started in process %d\n", getpid()); |
86 | 88 |
deleted file mode 100644 |
... | ... |
@@ -1,58 +0,0 @@ |
1 |
-/* Dazuko. Allow file access control for 3rd-party applications. |
|
2 |
- Copyright (C) 2002 H+BEDV Datentechnik GmbH |
|
3 |
- Written by Martin Ritter <mritter@antivir.de> |
|
4 |
- John Ogness <jogness@antivir.de> |
|
5 |
- |
|
6 |
- This program is free software; you can redistribute it and/or |
|
7 |
- modify it under the terms of the GNU General Public License |
|
8 |
- as published by the Free Software Foundation; either version 2 |
|
9 |
- of the License, or (at your option) any later version. |
|
10 |
- |
|
11 |
- This program is distributed in the hope that it will be useful, |
|
12 |
- but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
13 |
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
14 |
- GNU General Public License for more details. |
|
15 |
- |
|
16 |
- You should have received a copy of the GNU General Public License |
|
17 |
- along with this program; if not, write to the Free Software |
|
18 |
- Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
|
19 |
-*/ |
|
20 |
- |
|
21 |
-#ifdef CLAMUKO |
|
22 |
- |
|
23 |
-#ifndef DAZUKO_H |
|
24 |
-#define DAZUKO_H |
|
25 |
- |
|
26 |
-//#define VERSION "1.1.0" |
|
27 |
-#define DEVICE_NAME "dazuko" |
|
28 |
-#define DAZUKO_FILENAME_MAX_LENGTH 4095 |
|
29 |
- |
|
30 |
-/* ioctl values */ |
|
31 |
-#define IOCTL_SET_OPTION 0 |
|
32 |
-#define IOCTL_GET_AN_ACCESS 1 |
|
33 |
-#define IOCTL_RETURN_ACCESS 2 |
|
34 |
- |
|
35 |
-/* event types */ |
|
36 |
-#define ON_OPEN 1 |
|
37 |
-#define ON_CLOSE 2 |
|
38 |
-#define ON_EXEC 4 |
|
39 |
- |
|
40 |
-struct access_t |
|
41 |
-{ |
|
42 |
- int deny; /* set to deny file access */ |
|
43 |
- int event; /* ON_OPEN, etc */ |
|
44 |
- int o_flags; /* access flags */ |
|
45 |
- int o_mode; /* access mode */ |
|
46 |
- int uid; /* user id */ |
|
47 |
- int pid; /* user process id */ |
|
48 |
- char filename[DAZUKO_FILENAME_MAX_LENGTH]; /* accessed file */ |
|
49 |
-}; |
|
50 |
- |
|
51 |
-/* various set option commands */ |
|
52 |
-#define SET_ACCESS_MASK 0 |
|
53 |
-#define ADD_INCLUDE_PATH 1 |
|
54 |
-#define ADD_EXCLUDE_PATH 2 |
|
55 |
-#define REMOVE_ALL_PATHS 4 |
|
56 |
- |
|
57 |
-#endif |
|
58 |
-#endif |
59 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,237 @@ |
0 |
+#if HAVE_CONFIG_H |
|
1 |
+#include "clamav-config.h" |
|
2 |
+#endif |
|
3 |
+ |
|
4 |
+#ifdef CLAMUKO |
|
5 |
+ |
|
6 |
+/* DazukoXP. Allow cross platform file access control for 3rd-party applications. |
|
7 |
+ Written by John Ogness <jogness@antivir.de> |
|
8 |
+ |
|
9 |
+ Copyright (c) 2002, 2003 H+BEDV Datentechnik GmbH |
|
10 |
+ All rights reserved. |
|
11 |
+ |
|
12 |
+ Redistribution and use in source and binary forms, with or without |
|
13 |
+ modification, are permitted provided that the following conditions |
|
14 |
+ are met: |
|
15 |
+ |
|
16 |
+ 1. Redistributions of source code must retain the above copyright notice, |
|
17 |
+ this list of conditions and the following disclaimer. |
|
18 |
+ |
|
19 |
+ 2. Redistributions in binary form must reproduce the above copyright notice, |
|
20 |
+ this list of conditions and the following disclaimer in the documentation |
|
21 |
+ and/or other materials provided with the distribution. |
|
22 |
+ |
|
23 |
+ 3. Neither the name of Dazuko nor the names of its contributors may be used |
|
24 |
+ to endorse or promote products derived from this software without specific |
|
25 |
+ prior written permission. |
|
26 |
+ |
|
27 |
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
|
28 |
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
29 |
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
30 |
+ ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE |
|
31 |
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
32 |
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
33 |
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
34 |
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
35 |
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
36 |
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
37 |
+ POSSIBILITY OF SUCH DAMAGE. |
|
38 |
+*/ |
|
39 |
+ |
|
40 |
+#ifndef DAZUKO_XP_H |
|
41 |
+#define DAZUKO_XP_H |
|
42 |
+ |
|
43 |
+#define VERSION "2.0.0" |
|
44 |
+ |
|
45 |
+#include "dazukoio_xp.h" |
|
46 |
+ |
|
47 |
+/* various requests */ |
|
48 |
+#define SET_ACCESS_MASK 0 |
|
49 |
+#define ADD_INCLUDE_PATH 1 |
|
50 |
+#define ADD_EXCLUDE_PATH 2 |
|
51 |
+#define REGISTER 3 |
|
52 |
+#define REMOVE_ALL_PATHS 4 |
|
53 |
+#define UNREGISTER 5 |
|
54 |
+#define GET_AN_ACCESS 6 |
|
55 |
+#define RETURN_AN_ACCESS 7 |
|
56 |
+ |
|
57 |
+/* slot states */ |
|
58 |
+#define DAZUKO_FREE 0 /* the daemon is not ready */ |
|
59 |
+#define DAZUKO_READY 1 /* a daemon waits for something to do */ |
|
60 |
+#define DAZUKO_WAITING 2 /* a request is waiting to be served */ |
|
61 |
+#define DAZUKO_WORKING 3 /* daemon is currently in action */ |
|
62 |
+#define DAZUKO_DONE 4 /* daemon response is available */ |
|
63 |
+#define DAZUKO_BROKEN 5 /* invalid state (interrupt from ready,waiting) */ |
|
64 |
+ |
|
65 |
+ |
|
66 |
+/********************************************************* |
|
67 |
+ * structures that MUST be implemented by platform-layer * |
|
68 |
+ *********************************************************/ |
|
69 |
+ |
|
70 |
+/* |
|
71 |
+struct xp_file; |
|
72 |
+struct xp_mutex; |
|
73 |
+struct xp_atomic; |
|
74 |
+struct xp_file_struct; |
|
75 |
+struct xp_queue; |
|
76 |
+struct xp_rwlock; |
|
77 |
+*/ |
|
78 |
+ |
|
79 |
+ |
|
80 |
+/****************************************** |
|
81 |
+ * structures available to platform-layer * |
|
82 |
+ ******************************************/ |
|
83 |
+ |
|
84 |
+struct daemon_id |
|
85 |
+{ |
|
86 |
+ int pid; |
|
87 |
+ int unique; |
|
88 |
+}; |
|
89 |
+ |
|
90 |
+struct event_properties |
|
91 |
+{ |
|
92 |
+ int flags; |
|
93 |
+ char set_flags; |
|
94 |
+ int mode; |
|
95 |
+ char set_mode; |
|
96 |
+ int uid; |
|
97 |
+ char set_uid; |
|
98 |
+ int pid; |
|
99 |
+ char set_pid; |
|
100 |
+}; |
|
101 |
+ |
|
102 |
+struct file_properties |
|
103 |
+{ |
|
104 |
+ unsigned long size; |
|
105 |
+ char set_size; |
|
106 |
+ int uid; |
|
107 |
+ char set_uid; |
|
108 |
+ int gid; |
|
109 |
+ char set_gid; |
|
110 |
+ int mode; |
|
111 |
+ char set_mode; |
|
112 |
+ int device_type; |
|
113 |
+ char set_device_type; |
|
114 |
+}; |
|
115 |
+ |
|
116 |
+struct slot |
|
117 |
+{ |
|
118 |
+ /* A representation of a daemon. It holds |
|
119 |
+ * all information about the daemon, the |
|
120 |
+ * file that is scanned, and the state of |
|
121 |
+ * the scanning process. */ |
|
122 |
+ |
|
123 |
+ int id; |
|
124 |
+ struct daemon_id did; /* identifier for our daemon */ |
|
125 |
+ int write_mode; |
|
126 |
+ int state; |
|
127 |
+ int response; |
|
128 |
+ int event; |
|
129 |
+ int filenamelength; /* not including terminator */ |
|
130 |
+ char *filename; |
|
131 |
+ struct event_properties event_p; |
|
132 |
+ struct file_properties file_p; |
|
133 |
+ struct xp_mutex mutex; |
|
134 |
+}; |
|
135 |
+ |
|
136 |
+struct dazuko_file_struct |
|
137 |
+{ |
|
138 |
+ /* A structure designed for simple and |
|
139 |
+ * intelligent memory management when |
|
140 |
+ * doing filename lookups in the kernel. */ |
|
141 |
+ |
|
142 |
+ int should_scan; /* already know we need to scan? */ |
|
143 |
+ char *filename; /* filename */ |
|
144 |
+ int filename_length; /* length of filename */ |
|
145 |
+ struct file_properties file_p; /* properties of file */ |
|
146 |
+ struct xp_file_struct *extra_data; /* extra platform-dependant data */ |
|
147 |
+}; |
|
148 |
+ |
|
149 |
+ |
|
150 |
+/******************************************************** |
|
151 |
+ * functions that MUST be implemented by platform-layer * |
|
152 |
+ ********************************************************/ |
|
153 |
+ |
|
154 |
+/* mutex */ |
|
155 |
+int xp_init_mutex(struct xp_mutex *mutex); |
|
156 |
+int xp_down(struct xp_mutex *mutex); |
|
157 |
+int xp_up(struct xp_mutex *mutex); |
|
158 |
+int xp_destroy_mutex(struct xp_mutex *mutex); |
|
159 |
+ |
|
160 |
+/* read-write lock */ |
|
161 |
+int xp_init_rwlock(struct xp_rwlock *rwlock); |
|
162 |
+int xp_write_lock(struct xp_rwlock *rwlock); |
|
163 |
+int xp_write_unlock(struct xp_rwlock *rwlock); |
|
164 |
+int xp_read_lock(struct xp_rwlock *rlock); |
|
165 |
+int xp_read_unlock(struct xp_rwlock *rlock); |
|
166 |
+int xp_destroy_rwlock(struct xp_rwlock *rwlock); |
|
167 |
+ |
|
168 |
+/* wait-notify queue */ |
|
169 |
+int xp_init_queue(struct xp_queue *queue); |
|
170 |
+int xp_wait_until_condition(struct xp_queue *queue, int (*cfunction)(void *), void *cparam, int allow_interrupt); |
|
171 |
+int xp_notify(struct xp_queue *queue); |
|
172 |
+int xp_destroy_queue(struct xp_queue *queue); |
|
173 |
+ |
|
174 |
+/* memory */ |
|
175 |
+void* xp_malloc(size_t size); |
|
176 |
+int xp_free(void *ptr); |
|
177 |
+int xp_copyin(const void *user_src, void *kernel_dest, size_t size); |
|
178 |
+int xp_copyout(const void *kernel_src, void *user_dest, size_t size); |
|
179 |
+int xp_verify_user_writable(const void *user_ptr, size_t size); |
|
180 |
+int xp_verify_user_readable(const void *user_ptr, size_t size); |
|
181 |
+ |
|
182 |
+/* path attribute */ |
|
183 |
+int xp_is_absolute_path(const char *path); |
|
184 |
+ |
|
185 |
+/* atomic */ |
|
186 |
+int xp_atomic_set(struct xp_atomic *atomic, int value); |
|
187 |
+int xp_atomic_inc(struct xp_atomic *atomic); |
|
188 |
+int xp_atomic_dec(struct xp_atomic *atomic); |
|
189 |
+int xp_atomic_read(struct xp_atomic *atomic); |
|
190 |
+ |
|
191 |
+/* file descriptor */ |
|
192 |
+int xp_copy_file(struct xp_file *dest, struct xp_file *src); |
|
193 |
+int xp_compare_file(struct xp_file *file1, struct xp_file *file2); |
|
194 |
+ |
|
195 |
+/* system hook */ |
|
196 |
+int xp_sys_hook(void); |
|
197 |
+int xp_sys_unhook(void); |
|
198 |
+ |
|
199 |
+/* file structure */ |
|
200 |
+int xp_file_struct_check(struct dazuko_file_struct *dfs); |
|
201 |
+int xp_file_struct_check_cleanup(struct dazuko_file_struct *dfs); |
|
202 |
+ |
|
203 |
+/* output */ |
|
204 |
+int xp_print(const char *fmt, ...); |
|
205 |
+ |
|
206 |
+/* debug */ |
|
207 |
+#ifdef DEBUG |
|
208 |
+#define DPRINT(fmt) xp_print fmt |
|
209 |
+#else |
|
210 |
+#define DPRINT(fmt) |
|
211 |
+#endif |
|
212 |
+ |
|
213 |
+ |
|
214 |
+/***************************************** |
|
215 |
+ * functions available to platform-layer * |
|
216 |
+ *****************************************/ |
|
217 |
+ |
|
218 |
+int dazuko_is_our_daemon(int pid); |
|
219 |
+int dazuko_get_value(const char *key, const char *string, char **value); |
|
220 |
+int dazuko_register_daemon(struct daemon_id *did, const char *reg_name, int string_length, int write_mode); |
|
221 |
+int dazuko_unregister_daemon(struct daemon_id *did); |
|
222 |
+int dazuko_handle_user_request(struct dazuko_request *user_request, int pid); |
|
223 |
+int dazuko_handle_user_request_compat12(void *ptr, int cmd, int pid); |
|
224 |
+int get_ready_slot_condition(void *param); |
|
225 |
+int dazuko_get_filename_length(char *filename); |
|
226 |
+int dazuko_state_error(struct slot *s, int current_state); |
|
227 |
+void dazuko_bzero(void *p, int len); |
|
228 |
+int dazuko_sys_check(unsigned long event, int daemon_is_allowed, int pid); |
|
229 |
+int dazuko_sys_pre(unsigned long event, struct dazuko_file_struct *kfs, struct event_properties *event_p); |
|
230 |
+int dazuko_sys_post(unsigned long event, struct dazuko_file_struct *kfs, struct xp_file *file, struct event_properties *event_p); |
|
231 |
+int dazuko_init(void); |
|
232 |
+int dazuko_exit(void); |
|
233 |
+ |
|
234 |
+#endif |
|
235 |
+ |
|
236 |
+#endif |
2 | 239 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,395 @@ |
0 |
+#if HAVE_CONFIG_H |
|
1 |
+#include "clamav-config.h" |
|
2 |
+#endif |
|
3 |
+ |
|
4 |
+#ifdef CLAMUKO |
|
5 |
+ |
|
6 |
+/* Dazuko Interface. Interace with Dazuko 1.2.x for file access control. |
|
7 |
+ Written by John Ogness <jogness@antivir.de> |
|
8 |
+ |
|
9 |
+ Copyright (c) 2003 H+BEDV Datentechnik GmbH |
|
10 |
+ All rights reserved. |
|
11 |
+ |
|
12 |
+ Redistribution and use in source and binary forms, with or without |
|
13 |
+ modification, are permitted provided that the following conditions |
|
14 |
+ are met: |
|
15 |
+ |
|
16 |
+ 1. Redistributions of source code must retain the above copyright notice, |
|
17 |
+ this list of conditions and the following disclaimer. |
|
18 |
+ |
|
19 |
+ 2. Redistributions in binary form must reproduce the above copyright notice, |
|
20 |
+ this list of conditions and the following disclaimer in the documentation |
|
21 |
+ and/or other materials provided with the distribution. |
|
22 |
+ |
|
23 |
+ 3. Neither the name of Dazuko nor the names of its contributors may be used |
|
24 |
+ to endorse or promote products derived from this software without specific |
|
25 |
+ prior written permission. |
|
26 |
+ |
|
27 |
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
|
28 |
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
29 |
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
30 |
+ ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE |
|
31 |
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
32 |
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
33 |
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
34 |
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
35 |
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
36 |
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
37 |
+ POSSIBILITY OF SUCH DAMAGE. |
|
38 |
+*/ |
|
39 |
+ |
|
40 |
+#include <stdio.h> |
|
41 |
+#include <stdlib.h> |
|
42 |
+#include <sys/types.h> |
|
43 |
+#include <sys/stat.h> |
|
44 |
+#include <fcntl.h> |
|
45 |
+#include <string.h> |
|
46 |
+#include <unistd.h> |
|
47 |
+#include <sys/ioctl.h> |
|
48 |
+#include "dazukoio_compat12.h" |
|
49 |
+ |
|
50 |
+int dazukoRegister_TS_compat12_wrapper(struct dazuko_id **dazuko_id, const char *groupName) |
|
51 |
+{ |
|
52 |
+ int ret; |
|
53 |
+ struct dazuko_id *temp_id; |
|
54 |
+ |
|
55 |
+ if (dazuko_id == NULL) |
|
56 |
+ return -1; |
|
57 |
+ |
|
58 |
+ temp_id = (struct dazuko_id *)malloc(sizeof(*temp_id)); |
|
59 |
+ if (temp_id == NULL) |
|
60 |
+ return -1; |
|
61 |
+ |
|
62 |
+ memset(temp_id, 0, sizeof(*temp_id)); |
|
63 |
+ |
|
64 |
+ temp_id->device = -1; |
|
65 |
+ temp_id->dev_major = -1; |
|
66 |
+ |
|
67 |
+ ret = dazukoRegister_TS_compat12(temp_id, groupName); |
|
68 |
+ |
|
69 |
+ if (ret == 0) |
|
70 |
+ *dazuko_id = temp_id; |
|
71 |
+ else |
|
72 |
+ free(temp_id); |
|
73 |
+ |
|
74 |
+ return ret; |
|
75 |
+} |
|
76 |
+ |
|
77 |
+int dazukoRegister_TS_compat12(struct dazuko_id *dazuko, const char *groupName) |
|
78 |
+{ |
|
79 |
+ struct option_compat12 *opt; |
|
80 |
+ char buffer[10]; |
|
81 |
+ int err = 0; |
|
82 |
+ |
|
83 |
+ if (dazuko == NULL) |
|
84 |
+ return -1; |
|
85 |
+ |
|
86 |
+ if (groupName == NULL) |
|
87 |
+ groupName = "_GENERIC"; |
|
88 |
+ |
|
89 |
+ if (dazuko->device < 0) |
|
90 |
+ { |
|
91 |
+ |
|
92 |
+ dazuko->device = open("/dev/dazuko", 0); |
|
93 |
+ if (dazuko->device < 0) |
|
94 |
+ return -1; |
|
95 |
+ |
|
96 |
+ memset(buffer, 0, sizeof(buffer)); |
|
97 |
+ if (read(dazuko->device, buffer, sizeof(buffer)-1) < 1) |
|
98 |
+ { |
|
99 |
+ close(dazuko->device); |
|
100 |
+ dazuko->device = -1; |
|
101 |
+ return -1; |
|
102 |
+ } |
|
103 |
+ dazuko->dev_major = atoi(buffer); |
|
104 |
+ } |
|
105 |
+ |
|
106 |
+ opt = (struct option_compat12 *)malloc(sizeof(struct option_compat12)); |
|
107 |
+ if (opt == NULL) |
|
108 |
+ { |
|
109 |
+ close(dazuko->device); |
|
110 |
+ dazuko->device = -1; |
|
111 |
+ dazuko->dev_major = -1; |
|
112 |
+ return -1; |
|
113 |
+ } |
|
114 |
+ |
|
115 |
+ memset(opt, 0, sizeof(struct option_compat12)); |
|
116 |
+ |
|
117 |
+ opt->command = REGISTER; |
|
118 |
+ strncpy(opt->buffer, groupName, sizeof(opt->buffer) - 1); |
|
119 |
+ opt->buffer_length = strlen(opt->buffer) + 1; |
|
120 |
+ |
|
121 |
+ if (ioctl(dazuko->device, _IOW(dazuko->dev_major, IOCTL_SET_OPTION, void *), opt) != 0) |
|
122 |
+ { |
|
123 |
+ /* if this fails, it could be a really old version */ |
|
124 |
+ |
|
125 |
+ /* |
|
126 |
+ close(dazuko->device); |
|
127 |
+ dazuko->device = -1; |
|
128 |
+ dazuko->dev_major = -1; |
|
129 |
+ err = -1; |
|
130 |
+ */ |
|
131 |
+ } |
|
132 |
+ |
|
133 |
+ free(opt); |
|
134 |
+ |
|
135 |
+ return err; |
|
136 |
+} |
|
137 |
+ |
|
138 |
+int dazukoSetAccessMask_TS_compat12(struct dazuko_id *dazuko, unsigned long accessMask) |
|
139 |
+{ |
|
140 |
+ struct option_compat12 *opt; |
|
141 |
+ int err = 0; |
|
142 |
+ |
|
143 |
+ if (dazuko == NULL) |
|
144 |
+ return -1; |
|
145 |
+ |
|
146 |
+ if (dazuko->device < 0 || dazuko->dev_major < 0) |
|
147 |
+ return -1; |
|
148 |
+ |
|
149 |
+ opt = (struct option_compat12 *)malloc(sizeof(struct option_compat12)); |
|
150 |
+ if (opt == NULL) |
|
151 |
+ return -1; |
|
152 |
+ |
|
153 |
+ memset(opt, 0, sizeof(struct option_compat12)); |
|
154 |
+ |
|
155 |
+ opt->command = SET_ACCESS_MASK; |
|
156 |
+ opt->buffer[0] = (char)accessMask; |
|
157 |
+ opt->buffer_length = 1; |
|
158 |
+ |
|
159 |
+ if (ioctl(dazuko->device, _IOW(dazuko->dev_major, IOCTL_SET_OPTION, void *), opt) != 0) |
|
160 |
+ err = -1; |
|
161 |
+ |
|
162 |
+ free(opt); |
|
163 |
+ |
|
164 |
+ return err; |
|
165 |
+} |
|
166 |
+ |
|
167 |
+int dazuko_set_path_compat12(struct dazuko_id *dazuko, const char *path, int command) |
|
168 |
+{ |
|
169 |
+ struct option_compat12 *opt; |
|
170 |
+ int err = 0; |
|
171 |
+ |
|
172 |
+ if (dazuko == NULL) |
|
173 |
+ return -1; |
|
174 |
+ |
|
175 |
+ if (path == NULL) |
|
176 |
+ return -1; |
|
177 |
+ |
|
178 |
+ if (dazuko->device < 0 || dazuko->dev_major < 0) |
|
179 |
+ return -1; |
|
180 |
+ |
|
181 |
+ opt = (struct option_compat12 *)malloc(sizeof(struct option_compat12)); |
|
182 |
+ if (opt == NULL) |
|
183 |
+ return -1; |
|
184 |
+ |
|
185 |
+ memset(opt, 0, sizeof(struct option_compat12)); |
|
186 |
+ |
|
187 |
+ opt->command = command; |
|
188 |
+ strncpy(opt->buffer, path, sizeof(opt->buffer) - 1); |
|
189 |
+ opt->buffer_length = strlen(opt->buffer) + 1; |
|
190 |
+ |
|
191 |
+ if (ioctl(dazuko->device, _IOW(dazuko->dev_major, IOCTL_SET_OPTION, void *), opt) != 0) |
|
192 |
+ err = -1; |
|
193 |
+ |
|
194 |
+ free(opt); |
|
195 |
+ |
|
196 |
+ return err; |
|
197 |
+} |
|
198 |
+ |
|
199 |
+int dazukoAddIncludePath_TS_compat12(struct dazuko_id *dazuko, const char *path) |
|
200 |
+{ |
|
201 |
+ return dazuko_set_path_compat12(dazuko, path, ADD_INCLUDE_PATH); |
|
202 |
+} |
|
203 |
+ |
|
204 |
+int dazukoAddExcludePath_TS_compat12(struct dazuko_id *dazuko, const char *path) |
|
205 |
+{ |
|
206 |
+ return dazuko_set_path_compat12(dazuko, path, ADD_EXCLUDE_PATH); |
|
207 |
+} |
|
208 |
+ |
|
209 |
+int dazukoRemoveAllPaths_TS_compat12(struct dazuko_id *dazuko) |
|
210 |
+{ |
|
211 |
+ struct option_compat12 *opt; |
|
212 |
+ int err = 0; |
|
213 |
+ |
|
214 |
+ if (dazuko == NULL) |
|
215 |
+ return -1; |
|
216 |
+ |
|
217 |
+ if (dazuko->device < 0 || dazuko->dev_major < 0) |
|
218 |
+ return -1; |
|
219 |
+ |
|
220 |
+ opt = (struct option_compat12 *)malloc(sizeof(struct option_compat12)); |
|
221 |
+ if (opt == NULL) |
|
222 |
+ return -1; |
|
223 |
+ |
|
224 |
+ memset(opt, 0, sizeof(struct option_compat12)); |
|
225 |
+ |
|
226 |
+ opt->command = REMOVE_ALL_PATHS; |
|
227 |
+ opt->buffer_length = 0; |
|
228 |
+ |
|
229 |
+ if (ioctl(dazuko->device, _IOW(dazuko->dev_major, IOCTL_SET_OPTION, void *), opt) != 0) |
|
230 |
+ err = -1; |
|
231 |
+ |
|
232 |
+ free(opt); |
|
233 |
+ |
|
234 |
+ return err; |
|
235 |
+ |
|
236 |
+} |
|
237 |
+ |
|
238 |
+int dazukoGetAccess_TS_compat12_wrapper(struct dazuko_id *dazuko, struct dazuko_access **acc) |
|
239 |
+{ |
|
240 |
+ struct access_compat12 acc_compat12; |
|
241 |
+ struct dazuko_access *temp_acc; |
|
242 |
+ int ret; |
|
243 |
+ |
|
244 |
+ if (acc == NULL) |
|
245 |
+ return -1; |
|
246 |
+ |
|
247 |
+ *acc = NULL; |
|
248 |
+ |
|
249 |
+ temp_acc = (struct dazuko_access *)malloc(sizeof(*temp_acc)); |
|
250 |
+ if (temp_acc == NULL) |
|
251 |
+ return -1; |
|
252 |
+ |
|
253 |
+ memset(temp_acc, 0, sizeof(*temp_acc)); |
|
254 |
+ |
|
255 |
+ ret = dazukoGetAccess_TS_compat12(dazuko, &acc_compat12); |
|
256 |
+ |
|
257 |
+ if (ret == 0) |
|
258 |
+ { |
|
259 |
+ temp_acc->deny = acc_compat12.deny; |
|
260 |
+ temp_acc->event = acc_compat12.event; |
|
261 |
+ temp_acc->set_event = 1; |
|
262 |
+ temp_acc->flags = acc_compat12.o_flags; |
|
263 |
+ temp_acc->set_flags = 1; |
|
264 |
+ temp_acc->mode = acc_compat12.o_mode; |
|
265 |
+ temp_acc->set_mode = 1; |
|
266 |
+ temp_acc->uid = acc_compat12.uid; |
|
267 |
+ temp_acc->set_uid = 1; |
|
268 |
+ temp_acc->pid = acc_compat12.pid; |
|
269 |
+ temp_acc->set_pid = 1; |
|
270 |
+ temp_acc->filename = strdup(acc_compat12.filename); |
|
271 |
+ temp_acc->set_filename = 1; |
|
272 |
+ |
|
273 |
+ *acc = temp_acc; |
|
274 |
+ } |
|
275 |
+ else |
|
276 |
+ { |
|
277 |
+ free(temp_acc); |
|
278 |
+ } |
|
279 |
+ |
|
280 |
+ return ret; |
|
281 |
+} |
|
282 |
+ |
|
283 |
+int dazukoGetAccess_TS_compat12(struct dazuko_id *dazuko, struct access_compat12 *acc) |
|
284 |
+{ |
|
285 |
+ if (dazuko == NULL) |
|
286 |
+ return -1; |
|
287 |
+ |
|
288 |
+ if (acc == NULL) |
|
289 |
+ return -1; |
|
290 |
+ |
|
291 |
+ if (dazuko->device < 0 || dazuko->dev_major < 0) |
|
292 |
+ return -1; |
|
293 |
+ |
|
294 |
+ memset(acc, 0, sizeof(struct access_compat12)); |
|
295 |
+ |
|
296 |
+ if (ioctl(dazuko->device, _IOR(dazuko->dev_major, IOCTL_GET_AN_ACCESS, struct access_compat12 *), acc) != 0) |
|
297 |
+ return -1; |
|
298 |
+ |
|
299 |
+ return 0; |
|
300 |
+} |
|
301 |
+ |
|
302 |
+int dazukoReturnAccess_TS_compat12_wrapper(struct dazuko_id *dazuko, struct dazuko_access **acc, int return_access, int free_access) |
|
303 |
+{ |
|
304 |
+ struct access_compat12 acc_compat12; |
|
305 |
+ int ret = 0; |
|
306 |
+ |
|
307 |
+ if (acc == NULL) |
|
308 |
+ return -1; |
|
309 |
+ |
|
310 |
+ if (*acc == NULL) |
|
311 |
+ return -1; |
|
312 |
+ |
|
313 |
+ if (return_access) |
|
314 |
+ { |
|
315 |
+ memset(&acc_compat12, 0, sizeof(acc_compat12)); |
|
316 |
+ |
|
317 |
+ acc_compat12.deny = (*acc)->deny; |
|
318 |
+ acc_compat12.event = (*acc)->event; |
|
319 |
+ acc_compat12.o_flags = (*acc)->flags; |
|
320 |
+ acc_compat12.o_mode = (*acc)->mode; |
|
321 |
+ acc_compat12.uid = (*acc)->uid; |
|
322 |
+ acc_compat12.pid = (*acc)->pid; |
|
323 |
+ if ((*acc)->filename != NULL) |
|
324 |
+ { |
|
325 |
+ strncpy(acc_compat12.filename, (*acc)->filename, sizeof(acc_compat12.filename) - 1); |
|
326 |
+ acc_compat12.filename[sizeof(acc_compat12.filename) - 1] = 0; |
|
327 |
+ } |
|
328 |
+ |
|
329 |
+ ret = dazukoReturnAccess_TS_compat12(dazuko, &acc_compat12); |
|
330 |
+ } |
|
331 |
+ |
|
332 |
+ if (free_access && ret == 0) |
|
333 |
+ { |
|
334 |
+ if ((*acc)->filename != NULL) |
|
335 |
+ free((*acc)->filename); |
|
336 |
+ free(*acc); |
|
337 |
+ *acc = NULL; |
|
338 |
+ } |
|
339 |
+ |
|
340 |
+ return ret; |
|
341 |
+} |
|
342 |
+ |
|
343 |
+int dazukoReturnAccess_TS_compat12(struct dazuko_id *dazuko, struct access_compat12 *acc) |
|
344 |
+{ |
|
345 |
+ if (dazuko == NULL) |
|
346 |
+ return -1; |
|
347 |
+ |
|
348 |
+ if (acc == NULL) |
|
349 |
+ return -1; |
|
350 |
+ |
|
351 |
+ if (dazuko->device < 0 || dazuko->dev_major < 0) |
|
352 |
+ return -1; |
|
353 |
+ |
|
354 |
+ if (ioctl(dazuko->device, _IOW(dazuko->dev_major, IOCTL_RETURN_ACCESS, struct access_compat12 *), acc) != 0) |
|
355 |
+ return -1; |
|
356 |
+ |
|
357 |
+ return 0; |
|
358 |
+} |
|
359 |
+ |
|
360 |
+int dazukoUnregister_TS_compat12_wrapper(struct dazuko_id **dazuko_id) |
|
361 |
+{ |
|
362 |
+ int ret; |
|
363 |
+ |
|
364 |
+ if (dazuko_id == NULL) |
|
365 |
+ return -1; |
|
366 |
+ |
|
367 |
+ ret = dazukoUnregister_TS_compat12(*dazuko_id); |
|
368 |
+ |
|
369 |
+ if (ret == 0) |
|
370 |
+ { |
|
371 |
+ free(*dazuko_id); |
|
372 |
+ *dazuko_id = NULL; |
|
373 |
+ } |
|
374 |
+ |
|
375 |
+ return ret; |
|
376 |
+} |
|
377 |
+ |
|
378 |
+int dazukoUnregister_TS_compat12(struct dazuko_id *dazuko) |
|
379 |
+{ |
|
380 |
+ int error = -1; |
|
381 |
+ |
|
382 |
+ if (dazuko == NULL) |
|
383 |
+ return -1; |
|
384 |
+ |
|
385 |
+ if (dazuko->device >= 0) |
|
386 |
+ error = close(dazuko->device); |
|
387 |
+ |
|
388 |
+ dazuko->device = -1; |
|
389 |
+ dazuko->dev_major = -1; |
|
390 |
+ |
|
391 |
+ return error; |
|
392 |
+} |
|
393 |
+ |
|
394 |
+#endif |
0 | 395 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,63 @@ |
0 |
+#if HAVE_CONFIG_H |
|
1 |
+#include "clamav-config.h" |
|
2 |
+#endif |
|
3 |
+ |
|
4 |
+#ifdef CLAMUKO |
|
5 |
+ |
|
6 |
+/* Dazuko Interface. Interace with Dazuko 1.2.x for file access control. |
|
7 |
+ Written by John Ogness <jogness@antivir.de> |
|
8 |
+ |
|
9 |
+ Copyright (c) 2003 H+BEDV Datentechnik GmbH |
|
10 |
+ All rights reserved. |
|
11 |
+ |
|
12 |
+ Redistribution and use in source and binary forms, with or without |
|
13 |
+ modification, are permitted provided that the following conditions |
|
14 |
+ are met: |
|
15 |
+ |
|
16 |
+ 1. Redistributions of source code must retain the above copyright notice, |
|
17 |
+ this list of conditions and the following disclaimer. |
|
18 |
+ |
|
19 |
+ 2. Redistributions in binary form must reproduce the above copyright notice, |
|
20 |
+ this list of conditions and the following disclaimer in the documentation |
|
21 |
+ and/or other materials provided with the distribution. |
|
22 |
+ |
|
23 |
+ 3. Neither the name of Dazuko nor the names of its contributors may be used |
|
24 |
+ to endorse or promote products derived from this software without specific |
|
25 |
+ prior written permission. |
|
26 |
+ |
|
27 |
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
|
28 |
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
29 |
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
30 |
+ ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE |
|
31 |
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
32 |
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
33 |
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
34 |
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
35 |
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
36 |
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
37 |
+ POSSIBILITY OF SUCH DAMAGE. |
|
38 |
+*/ |
|
39 |
+ |
|
40 |
+#ifndef DAZUKOIO_COMPAT12_H |
|
41 |
+#define DAZUKOIO_COMPAT12_H |
|
42 |
+ |
|
43 |
+#include "dazukoio_xp.h" |
|
44 |
+#include "dazukoio.h" |
|
45 |
+ |
|
46 |
+int dazukoRegister_TS_compat12_wrapper(struct dazuko_id **dazuko_id, const char *groupName); |
|
47 |
+int dazukoRegister_TS_compat12(struct dazuko_id *dazuko, const char *groupName); |
|
48 |
+int dazukoSetAccessMask_TS_compat12(struct dazuko_id *dazuko, unsigned long accessMask); |
|
49 |
+int dazuko_set_path_compat12(struct dazuko_id *dazuko, const char *path, int command); |
|
50 |
+int dazukoAddIncludePath_TS_compat12(struct dazuko_id *dazuko, const char *path); |
|
51 |
+int dazukoAddExcludePath_TS_compat12(struct dazuko_id *dazuko, const char *path); |
|
52 |
+int dazukoRemoveAllPaths_TS_compat12(struct dazuko_id *dazuko); |
|
53 |
+int dazukoGetAccess_TS_compat12_wrapper(struct dazuko_id *dazuko, struct dazuko_access **acc); |
|
54 |
+int dazukoGetAccess_TS_compat12(struct dazuko_id *dazuko, struct access_compat12 *acc); |
|
55 |
+int dazukoReturnAccess_TS_compat12_wrapper(struct dazuko_id *dazuko, struct dazuko_access **acc, int return_access, int free_access); |
|
56 |
+int dazukoReturnAccess_TS_compat12(struct dazuko_id *dazuko, struct access_compat12 *acc); |
|
57 |
+int dazukoUnregister_TS_compat12_wrapper(struct dazuko_id **dazuko_id); |
|
58 |
+int dazukoUnregister_TS_compat12(struct dazuko_id *dazuko); |
|
59 |
+ |
|
60 |
+#endif |
|
61 |
+ |
|
62 |
+#endif |
2 | 65 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,100 @@ |
0 |
+/* DazukoXP Interface. Interace with Dazuko for file access control. |
|
1 |
+ Written by John Ogness <jogness@antivir.de> |
|
2 |
+ |
|
3 |
+ Copyright (c) 2002, 2003 H+BEDV Datentechnik GmbH |
|
4 |
+ All rights reserved. |
|
5 |
+ |
|
6 |
+ Redistribution and use in source and binary forms, with or without |
|
7 |
+ modification, are permitted provided that the following conditions |
|
8 |
+ are met: |
|
9 |
+ |
|
10 |
+ 1. Redistributions of source code must retain the above copyright notice, |
|
11 |
+ this list of conditions and the following disclaimer. |
|
12 |
+ |
|
13 |
+ 2. Redistributions in binary form must reproduce the above copyright notice, |
|
14 |
+ this list of conditions and the following disclaimer in the documentation |
|
15 |
+ and/or other materials provided with the distribution. |
|
16 |
+ |
|
17 |
+ 3. Neither the name of Dazuko nor the names of its contributors may be used |
|
18 |
+ to endorse or promote products derived from this software without specific |
|
19 |
+ prior written permission. |
|
20 |
+ |
|
21 |
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
|
22 |
+ AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
23 |
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
24 |
+ ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE |
|
25 |
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
26 |
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
27 |
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
28 |
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
29 |
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
30 |
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
31 |
+ POSSIBILITY OF SUCH DAMAGE. |
|
32 |
+*/ |
|
33 |
+ |
|
34 |
+#ifndef DAZUKOIO_XP_H |
|
35 |
+#define DAZUKOIO_XP_H |
|
36 |
+ |
|
37 |
+/* various requests */ |
|
38 |
+#define SET_ACCESS_MASK 0 |
|
39 |
+#define ADD_INCLUDE_PATH 1 |
|
40 |
+#define ADD_EXCLUDE_PATH 2 |
|
41 |
+#define REGISTER 3 |
|
42 |
+#define REMOVE_ALL_PATHS 4 |
|
43 |
+#define UNREGISTER 5 |
|
44 |
+#define GET_AN_ACCESS 6 |
|
45 |
+#define RETURN_AN_ACCESS 7 |
|
46 |
+ |
|
47 |
+/* this is just a large number to "guarentee" |
|
48 |
+ to contain the full filename */ |
|
49 |
+#define DAZUKO_FILENAME_MAX_LENGTH 6144 |
|
50 |
+ |
|
51 |
+/* this is the hard-limit file length restriction from |
|
52 |
+ the 1.x series */ |
|
53 |
+#define DAZUKO_FILENAME_MAX_LENGTH_COMPAT12 4095 |
|
54 |
+ |
|
55 |
+struct dazuko_request |
|
56 |
+{ |
|
57 |
+ char type[2]; |
|
58 |
+ int buffer_size; |
|
59 |
+ char *buffer; |
|
60 |
+ int reply_buffer_size; |
|
61 |
+ char *reply_buffer; |
|
62 |
+ int reply_buffer_size_used; |
|
63 |
+}; |
|
64 |
+ |
|
65 |
+struct dazuko_id |
|
66 |
+{ |
|
67 |
+ int device; |
|
68 |
+ int dev_major; |
|
69 |
+ int id; |
|
70 |
+ int write_mode; |
|
71 |
+}; |
|
72 |
+ |
|
73 |
+/* compat12 ioctls */ |
|
74 |
+ |
|
75 |
+#define IOCTL_SET_OPTION 0 |
|
76 |
+#define IOCTL_GET_AN_ACCESS 1 |
|
77 |
+#define IOCTL_RETURN_ACCESS 2 |
|
78 |
+ |
|
79 |
+/* compat12 structures */ |
|
80 |
+ |
|
81 |
+struct access_compat12 |
|
82 |
+{ |
|
83 |
+ int deny; /* set to deny file access */ |
|
84 |
+ int event; /* ON_OPEN, etc */ |
|
85 |
+ int o_flags; /* access flags */ |
|
86 |
+ int o_mode; /* access mode */ |
|
87 |
+ int uid; /* user id */ |
|
88 |
+ int pid; /* user process id */ |
|
89 |
+ char filename[DAZUKO_FILENAME_MAX_LENGTH_COMPAT12]; /* accessed file */ |
|
90 |
+}; |
|
91 |
+ |
|
92 |
+struct option_compat12 |
|
93 |
+{ |
|
94 |
+ int command; |
|
95 |
+ int buffer_length; |
|
96 |
+ char buffer[DAZUKO_FILENAME_MAX_LENGTH_COMPAT12]; |
|
97 |
+}; |
|
98 |
+ |
|
99 |
+#endif |
... | ... |
@@ -89,7 +89,7 @@ Execute COMMAND after succesful update. |
89 | 89 |
Please check the full documentation for credits. |
90 | 90 |
.SH "AUTHOR" |
91 | 91 |
.LP |
92 |
-Tomasz Kojm <tk@clamav.net> |
|
92 |
+Tomasz Kojm <tkojm@clamav.net> |
|
93 | 93 |
.SH "SEE ALSO" |
94 | 94 |
.LP |
95 | 95 |
clamd(8), clamdscan(1), clamscan(1), sigtool(1), clamav.conf(5) |