@@ -1,3 +1,12 @@

+Tue Feb 17 20:35:21 EET 2009 (edwin)

+------------------------------------

+ * clamd/server-th.c, clamd/session.c, clamd/session.h,

+ unit_tests/check_clamd.c: Reject new commands sent as new-style

+ commands to avoid confusion.  This means that IDSESSION/INSTREAM

+ must be sent as nIDSESSION\n or zIDSESSION\0, ditto for INSTREAM.

+ Adjust testcases accordingly.  Old commands are still accepted when

+ sent without delimiter.

+

 Tue Feb 17 20:06:02 EET 2009 (edwin)

 ------------------------------------

  * clamd/others.c, libclamunrar_iface/unrar_iface.h, shared/misc.c,

@@ -243,7 +243,7 @@ static struct cl_engine *reload_db(struct cl_engine *engine, unsigned int dbopti

  * Old-style non-prefixed commands are one packet, optionally delimited by \n,

  * with trailing \r|\n ignored

  */

-static const char *get_cmd(struct fd_buf *buf, size_t off, size_t *len, char *term)

+static const char *get_cmd(struct fd_buf *buf, size_t off, size_t *len, char *term, int *oldstyle)

 {

     unsigned char *pos;

     if (!buf->off || off >= buf->off) {

@@ -269,6 +269,7 @@ static const char *get_cmd(struct fd_buf *buf, size_t off, size_t *len, char *te

 	    } else {

 		*len = pos - buf->buffer - off;

 	    }

+	    *oldstyle = 0;

 	    return buf->buffer + off + 1;

 	default:

 	    /* one packet = one command */

@@ -283,6 +284,7 @@ static const char *get_cmd(struct fd_buf *buf, size_t off, size_t *len, char *te

 		buf->buffer[buf->off] = '\0';

 	    }

 	    cli_chomp(buf->buffer);

+	    *oldstyle = 1;

 	    return buf->buffer;

     }

 }

@@ -876,6 +878,7 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi

 		const unsigned char *cmd = NULL;

 		size_t cmdlen = 0;

 		char term = '\n';

+		int oldstyle = 0;

 		int rc;

 		/* New data available to read on socket. */

@@ -895,9 +898,16 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi

 		conn.term = buf->term;

 		/* Parse & dispatch commands */

 		while ((conn.mode == MODE_COMMAND) &&

-		       (cmd = get_cmd(buf, pos, &cmdlen, &term)) != NULL) {

+		       (cmd = get_cmd(buf, pos, &cmdlen, &term, &oldstyle)) != NULL) {

 		    const char *argument;

-		    enum commands cmdtype = parse_command(cmd, &argument);

+		    enum commands cmdtype;

+		    if (conn.group && oldstyle) {

+			logg("$Received oldstyle command inside IDSESSION: %s\n", cmd);

+			conn_reply_error(&conn, "Only nCMDS\\n and zCMDS\\0 are accepted inside IDSESSION.");

+			error = 1;

+			break;

+		    }

+		    cmdtype = parse_command(cmd, &argument, oldstyle);

 		    logg("$got command %s (%u, %u), argument: %s\n",

 			 cmd, (unsigned)cmdlen, (unsigned)cmdtype, argument ? argument : "");

 		    if (cmdtype == COMMAND_FILDES) {

@@ -70,25 +70,26 @@ static struct {

     const size_t len;

     enum commands cmdtype;

     int need_arg;

+    int support_old;

 } commands[] = {

-    {CMD1,  sizeof(CMD1)-1,	COMMAND_SCAN,	    1},

-    {CMD3,  sizeof(CMD3)-1,	COMMAND_SHUTDOWN,   0},

-    {CMD4,  sizeof(CMD4)-1,	COMMAND_RELOAD,	    0},

-    {CMD5,  sizeof(CMD5)-1,	COMMAND_PING,	    0},

-    {CMD6,  sizeof(CMD6)-1,	COMMAND_CONTSCAN,   1},

-    {CMD7,  sizeof(CMD7)-1,	COMMAND_VERSION,    0},

-    {CMD8,  sizeof(CMD8)-1,	COMMAND_STREAM,	    0},

-    {CMD10, sizeof(CMD10)-1,	COMMAND_END,	    0},

-    {CMD11, sizeof(CMD11)-1,	COMMAND_SHUTDOWN,   0},

-    {CMD13, sizeof(CMD13)-1,	COMMAND_MULTISCAN,  1},

-    {CMD14, sizeof(CMD14)-1,	COMMAND_FILDES,	    0},

-    {CMD15, sizeof(CMD15)-1,	COMMAND_STATS,	    0},

-    {CMD16, sizeof(CMD16)-1,	COMMAND_IDSESSION,  0},

-    {CMD17, sizeof(CMD17)-1,	COMMAND_INSTREAM,   0}

+    {CMD1,  sizeof(CMD1)-1,	COMMAND_SCAN,	    1,	1},

+    {CMD3,  sizeof(CMD3)-1,	COMMAND_SHUTDOWN,   0,	1},

+    {CMD4,  sizeof(CMD4)-1,	COMMAND_RELOAD,	    0,	1},

+    {CMD5,  sizeof(CMD5)-1,	COMMAND_PING,	    0,	1},

+    {CMD6,  sizeof(CMD6)-1,	COMMAND_CONTSCAN,   1,	1},

+    {CMD7,  sizeof(CMD7)-1,	COMMAND_VERSION,    0,	1},

+    {CMD8,  sizeof(CMD8)-1,	COMMAND_STREAM,	    0,	1},

+    {CMD10, sizeof(CMD10)-1,	COMMAND_END,	    0,	0},

+    {CMD11, sizeof(CMD11)-1,	COMMAND_SHUTDOWN,   0,	1},

+    {CMD13, sizeof(CMD13)-1,	COMMAND_MULTISCAN,  1,	1},

+    {CMD14, sizeof(CMD14)-1,	COMMAND_FILDES,	    0,	1},

+    {CMD15, sizeof(CMD15)-1,	COMMAND_STATS,	    0,	0},

+    {CMD16, sizeof(CMD16)-1,	COMMAND_IDSESSION,  0,	0},

+    {CMD17, sizeof(CMD17)-1,	COMMAND_INSTREAM,   0,	0}

 };

-enum commands parse_command(const char *cmd, const char **argument)

+enum commands parse_command(const char *cmd, const char **argument, int oldstyle)

 {

     size_t i;

     *argument = NULL;

@@ -109,6 +110,10 @@ enum commands parse_command(const char *cmd, const char **argument)

 		}

 		*argument = NULL;

 	    }

+	    if (oldstyle && !commands[i].support_old) {

+		logg("$Command sent as old-style when not supported: %s\n", commands[i].cmd);

+		return COMMAND_UNKNOWN;

+	    }

 	    return commands[i].cmdtype;

 	}

     }

@@ -85,7 +85,7 @@ typedef struct client_conn_tag {

 } client_conn_t;

 int command(client_conn_t *conn, int *virus);

-enum commands parse_command(const char *cmd, const char **argument);

+enum commands parse_command(const char *cmd, const char **argument, int oldstyle);

 int execute_or_dispatch_command(client_conn_t *conn, enum commands command, const char *argument);

 int conn_reply(const client_conn_t *conn, const char *path, const char *msg, const char *status);

@@ -124,35 +124,36 @@ static struct basic_test {

     const char *command;

     const char *extra;

     const char *reply;

+    int support_old;

 } basic_tests[] = {

-    {"PING", NULL, "PONG"},

-    {"RELOAD", NULL, "RELOADING"},

-    {"VERSION", NULL, VERSION_REPLY},

-    {"SCAN "SCANFILE, NULL, FOUNDREPLY},

-    {"SCAN "CLEANFILE, NULL, CLEANREPLY},

-    {"CONTSCAN "SCANFILE, NULL, FOUNDREPLY},

-    {"CONTSCAN "CLEANFILE, NULL, CLEANREPLY},

-    {"MULTISCAN "SCANFILE, NULL, FOUNDREPLY},

-    {"MULTISCAN "CLEANFILE, NULL, CLEANREPLY},

+    {"PING", NULL, "PONG", 1},

+    {"RELOAD", NULL, "RELOADING", 1},

+    {"VERSION", NULL, VERSION_REPLY, 1},

+    {"SCAN "SCANFILE, NULL, FOUNDREPLY, 1},

+    {"SCAN "CLEANFILE, NULL, CLEANREPLY, 1},

+    {"CONTSCAN "SCANFILE, NULL, FOUNDREPLY, 1},

+    {"CONTSCAN "CLEANFILE, NULL, CLEANREPLY, 1},

+    {"MULTISCAN "SCANFILE, NULL, FOUNDREPLY, 1},

+    {"MULTISCAN "CLEANFILE, NULL, CLEANREPLY, 1},

     /* unknown commnads */

-    {"RANDOM", NULL, UNKNOWN_REPLY},

+    {"RANDOM", NULL, UNKNOWN_REPLY, 1},

     /* commands invalid as first */

-    {"END", NULL, UNKNOWN_REPLY},

+    {"END", NULL, UNKNOWN_REPLY, 1},

     /* commands for nonexistent files */

-    {"SCAN "NONEXISTENT, NULL, NONEXISTENT_REPLY},

-    {"CONTSCAN "NONEXISTENT, NULL, NONEXISTENT_REPLY},

-    {"MULTISCAN "NONEXISTENT, NULL, NONEXISTENT_REPLY},

+    {"SCAN "NONEXISTENT, NULL, NONEXISTENT_REPLY, 1},

+    {"CONTSCAN "NONEXISTENT, NULL, NONEXISTENT_REPLY, 1},

+    {"MULTISCAN "NONEXISTENT, NULL, NONEXISTENT_REPLY, 1},

     /* commands for access denied files */

-    {"SCAN "ACCDENIED, NULL, ACCDENIED_REPLY},

-    {"CONTSCAN "ACCDENIED, NULL, ACCDENIED_REPLY},

-    {"MULTISCAN "ACCDENIED, NULL, ACCDENIED_REPLY},

+    {"SCAN "ACCDENIED, NULL, ACCDENIED_REPLY, 1},

+    {"CONTSCAN "ACCDENIED, NULL, ACCDENIED_REPLY, 1},

+    {"MULTISCAN "ACCDENIED, NULL, ACCDENIED_REPLY, 1},

     /* commands with invalid/missing arguments */

-    {"SCAN", NULL, UNKNOWN_REPLY},

-    {"CONTSCAN", NULL, UNKNOWN_REPLY},

-    {"MULTISCAN", NULL, UNKNOWN_REPLY},

+    {"SCAN", NULL, UNKNOWN_REPLY, 1},

+    {"CONTSCAN", NULL, UNKNOWN_REPLY, 1},

+    {"MULTISCAN", NULL, UNKNOWN_REPLY, 1},

     /* commands with invalid data */

-    {"INSTREAM", "\xff\xff\xff\xff", "INSTREAM size limit exceeded. ERROR"}, /* too big chunksize */

-    {"FILDES", "X", "No file descriptor received. ERROR"}, /* FILDES w/o ancillary data */

+    {"INSTREAM", "\xff\xff\xff\xff", "INSTREAM size limit exceeded. ERROR", 0}, /* too big chunksize */

+    {"FILDES", "X", "No file descriptor received. ERROR", 1}, /* FILDES w/o ancillary data */

 };

 static void *recvpartial(int sd, size_t *len, int partial)

@@ -231,9 +232,13 @@ START_TEST (test_compat_commands)

     struct basic_test *test = &basic_tests[_i];

     char nsend[BUFSIZ], nreply[BUFSIZ];

-    snprintf(nreply, sizeof(nreply), "%s\n", test->reply);

+    if (!test->support_old) {

+	snprintf(nreply, sizeof(nreply), "UNKNOWN COMMAND\n");

+    } else {

+	snprintf(nreply, sizeof(nreply), "%s\n", test->reply);

+    }

+    /* one command = one packet, no delimiter */

     if (!test->extra) {

-	/* one command = one packet, no delimiter */

 	conn_setup();

 	test_command(test->command, strlen(test->command), test->extra, nreply, strlen(nreply));

 	conn_teardown();