git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@872 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/09/16 04:46:42... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Wed Sep 15 21:44:01 CEST 2004 (tk) |
|
2 |
+---------------------------------- |
|
3 |
+ * freshclam: add support for version verification and additional protection |
|
4 |
+ against invalid DNS replies |
|
5 |
+ * libclamav/others.c: add cl_retver() |
|
6 |
+ |
|
1 | 7 |
Wed Sep 15 19:09:56 BST 2004 (njh) |
2 | 8 |
---------------------------------- |
3 | 9 |
* libclamav: Handle e-mails where the attachment misleads the type of |
... | ... |
@@ -158,6 +158,23 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna |
158 | 158 |
logg("WARNING: Unknown database name (%s) passed.\n", remotename); |
159 | 159 |
} |
160 | 160 |
|
161 |
+ if(field && (pt = cli_strtok(dnsreply, 3, ":"))) { |
|
162 |
+ int rt; |
|
163 |
+ time_t ct; |
|
164 |
+ |
|
165 |
+ rt = atoi(pt); |
|
166 |
+ free(pt); |
|
167 |
+ time(&ct); |
|
168 |
+ if((int) ct - rt > 10800) { |
|
169 |
+ mprintf("WARNING: DNS record is older than 3 hours.\n"); |
|
170 |
+ logg("WARNING: DNS record is older than 3 hours.\n"); |
|
171 |
+ field = 0; |
|
172 |
+ } |
|
173 |
+ |
|
174 |
+ } else { |
|
175 |
+ field = 0; |
|
176 |
+ } |
|
177 |
+ |
|
161 | 178 |
if(field && (pt = cli_strtok(dnsreply, field, ":"))) { |
162 | 179 |
if(!isnumb(pt)) { |
163 | 180 |
mprintf("WARNING: Broken database version in TXT record.\n"); |
... | ... |
@@ -168,8 +185,21 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna |
168 | 168 |
} |
169 | 169 |
free(pt); |
170 | 170 |
} else { |
171 |
- mprintf("WARNING: Broken DNS reply.\n"); |
|
172 |
- logg("WARNING: Broken DNS reply.\n"); |
|
171 |
+ mprintf("WARNING: Invalid DNS reply.\n"); |
|
172 |
+ logg("WARNING: Invalid DNS reply.\n"); |
|
173 |
+ } |
|
174 |
+ |
|
175 |
+ if((pt = cli_strtok(dnsreply, 0, ":"))) { |
|
176 |
+ mprintf("*Software version from DNS: %s\n", pt); |
|
177 |
+ if(!strstr(pt, "devel")) { |
|
178 |
+ if(strcmp(cl_retver(), pt)) { |
|
179 |
+ mprintf("WARNING: Your ClamAV installation is OUTDATED - please update immediately !\n"); |
|
180 |
+ mprintf("WARNING: Local version: %s, Recommended version: %s\n", cl_retver(), pt); |
|
181 |
+ logg("WARNING: Your ClamAV installation is OUTDATED - please update immediately !\n"); |
|
182 |
+ logg("WARNING: Local version: %s, Recommended version: %s\n", cl_retver(), pt); |
|
183 |
+ } |
|
184 |
+ } |
|
185 |
+ free(pt); |
|
173 | 186 |
} |
174 | 187 |
|
175 | 188 |
free(dnsreply); |
... | ... |
@@ -171,11 +171,14 @@ extern int cl_scandesc(int desc, const char **virname, unsigned long int *scanne |
171 | 171 |
|
172 | 172 |
extern int cl_scanfile(const char *filename, const char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, unsigned int options); |
173 | 173 |
|
174 |
+/* software versions */ |
|
175 |
+extern int cl_retflevel(void); |
|
176 |
+const char *cl_retver(void); |
|
177 |
+ |
|
174 | 178 |
/* database */ |
175 | 179 |
extern int cl_loaddb(const char *filename, struct cl_node **root, unsigned int *signo); |
176 | 180 |
extern int cl_loaddbdir(const char *dirname, struct cl_node **root, unsigned int *signo); |
177 | 181 |
extern const char *cl_retdbdir(void); |
178 |
-extern int cl_retflevel(void); |
|
179 | 182 |
|
180 | 183 |
/* CVD */ |
181 | 184 |
extern struct cl_cvd *cl_cvdhead(const char *file); |