... | ... |
@@ -63,15 +63,10 @@ Example |
63 | 63 |
# Default: current.cvd.clamav.net |
64 | 64 |
#DNSDatabaseInfo current.cvd.clamav.net |
65 | 65 |
|
66 |
-# Uncomment the following line and replace XY with your country |
|
67 |
-# code. See https://www.iana.org/domains/root/db for the full list. |
|
68 |
-# You can use db.XY.ipv6.clamav.net for IPv6 connections. |
|
69 |
-#DatabaseMirror db.XY.clamav.net |
|
70 |
- |
|
71 |
-# database.clamav.net is a round-robin record which points to our most |
|
72 |
-# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is |
|
73 |
-# not working. DO NOT TOUCH the following line unless you know what you |
|
74 |
-# are doing. |
|
66 |
+# database.clamav.net is now the primary domain name to be used world-wide. |
|
67 |
+# Now that CloudFlare is being used as our Content Delivery Network (CDN), |
|
68 |
+# this one domain name works world-wide to direct freshclam to the closest |
|
69 |
+# geographic endpoint. |
|
75 | 70 |
DatabaseMirror database.clamav.net |
76 | 71 |
|
77 | 72 |
# How many attempts to make before giving up. |
... | ... |
@@ -678,7 +678,16 @@ remote_cvdhead (const char *cvdfile, const char *localfile, |
678 | 678 |
&& !strstr (buffer, "HTTP/1.1 206") |
679 | 679 |
&& !strstr (buffer, "HTTP/1.0 206")) |
680 | 680 |
{ |
681 |
- logg ("%cUnknown response from remote server\n", logerr ? '!' : '^'); |
|
681 |
+ char * respcode = NULL; |
|
682 |
+ if ((NULL != (respcode = strstr (buffer, "HTTP/1.0 "))) || |
|
683 |
+ (NULL != (respcode = strstr (buffer, "HTTP/1.1 ")))) { |
|
684 |
+ /* There was some sort of response code...*/ |
|
685 |
+ respcode = cli_strndup(respcode, MIN(FILEBUFF - (size_t)(respcode - buffer), 13)); |
|
686 |
+ logg ("%cremote_cvdhead: Unknown response from %s (IP: %s): %s\n", logerr ? '!' : '^', hostname, ipaddr, respcode); |
|
687 |
+ free (respcode); |
|
688 |
+ } else { |
|
689 |
+ logg ("%cremote_cvdhead: Unknown response from %s (IP: %s)\n", logerr ? '!' : '^', hostname, ipaddr); |
|
690 |
+ } |
|
682 | 691 |
mirman_update (mdat->currip, mdat->af, mdat, 1); |
683 | 692 |
return NULL; |
684 | 693 |
} |
... | ... |
@@ -882,13 +891,27 @@ getfile_mirman (const char *srcfile, const char *destfile, |
882 | 882 |
if (!strstr (buffer, "HTTP/1.1 200") && !strstr (buffer, "HTTP/1.0 200") |
883 | 883 |
&& !strstr (buffer, "HTTP/1.1 206") |
884 | 884 |
&& !strstr (buffer, "HTTP/1.0 206")) |
885 |
- { |
|
886 |
- if (proxy) |
|
887 |
- logg ("%cgetfile: Unknown response from %s\n", |
|
888 |
- logerr ? '!' : '^', hostname); |
|
889 |
- else |
|
890 |
- logg ("%cgetfile: Unknown response from %s (IP: %s)\n", |
|
891 |
- logerr ? '!' : '^', hostname, ipaddr); |
|
885 |
+ { char * respcode = NULL; |
|
886 |
+ if ((NULL != (respcode = strstr (buffer, "HTTP/1.0 "))) || |
|
887 |
+ (NULL != (respcode = strstr (buffer, "HTTP/1.1 ")))) { |
|
888 |
+ /* There was some sort of response code...*/ |
|
889 |
+ respcode = cli_strndup(respcode, MIN(FILEBUFF - (size_t)(respcode - buffer), 13)); |
|
890 |
+ if (proxy) |
|
891 |
+ logg ("%cgetfile: Unknown response from %s: %s\n", |
|
892 |
+ logerr ? '!' : '^', hostname, respcode); |
|
893 |
+ else |
|
894 |
+ logg ("%cgetfile: Unknown response from %s (IP: %s): %s\n", |
|
895 |
+ logerr ? '!' : '^', hostname, ipaddr, respcode); |
|
896 |
+ free (respcode); |
|
897 |
+ } |
|
898 |
+ else { |
|
899 |
+ if (proxy) |
|
900 |
+ logg ("%cgetfile: Unknown response from %s\n", |
|
901 |
+ logerr ? '!' : '^', hostname); |
|
902 |
+ else |
|
903 |
+ logg ("%cgetfile: Unknown response from %s (IP: %s)\n", |
|
904 |
+ logerr ? '!' : '^', hostname, ipaddr); |
|
905 |
+ } |
|
892 | 906 |
if (mdat) |
893 | 907 |
mirman_update (mdat->currip, mdat->af, mdat, 1); |
894 | 908 |
return FCE_FAILEDGET; |
... | ... |
@@ -1116,10 +1139,17 @@ getcvd (const char *cvdfile, const char *newfile, const char *hostname, |
1116 | 1116 |
if (cvd->version < newver) |
1117 | 1117 |
{ |
1118 | 1118 |
logg ("^Mirror %s is not synchronized.\n", ip); |
1119 |
- mirman_update (mdat->currip, mdat->af, mdat, 2); |
|
1120 |
- cl_cvdfree (cvd); |
|
1121 | 1119 |
unlink (newfile); |
1122 |
- return FCE_MIRRORNOTSYNC; |
|
1120 |
+ if (cvd->version < newver - 1) |
|
1121 |
+ { |
|
1122 |
+ logg ("^Mirror is more than 1 version out of date. Recording mirror failure.\n"); |
|
1123 |
+ mirman_update (mdat->currip, mdat->af, mdat, FCE_MIRRORNOTSYNC); |
|
1124 |
+ cl_cvdfree (cvd); |
|
1125 |
+ return FCE_MIRRORNOTSYNC; |
|
1126 |
+ } |
|
1127 |
+ |
|
1128 |
+ cl_cvdfree (cvd); |
|
1129 |
+ return FC_UPTODATE; |
|
1123 | 1130 |
} |
1124 | 1131 |
|
1125 | 1132 |
cl_cvdfree (cvd); |
... | ... |
@@ -50,8 +50,8 @@ |
50 | 50 |
#endif |
51 | 51 |
#endif |
52 | 52 |
|
53 |
-#define IGNORE_LONG 3 * 86400 |
|
54 |
-#define IGNORE_SHORT 6 * 3600 |
|
53 |
+#define IGNORE_SHORT (3600) /* 1 hour */ |
|
54 |
+#define IGNORE_LONG (6 * IGNORE_SHORT) /* 6 hours */ |
|
55 | 55 |
|
56 | 56 |
void |
57 | 57 |
mirman_free (struct mirdat *mdat) |
... | ... |
@@ -315,8 +315,28 @@ mirman_list (const struct mirdat *mdat) |
315 | 315 |
printf ("Successes: %u\n", mdat->mirtab[i].succ); |
316 | 316 |
printf ("Failures: %u\n", mdat->mirtab[i].fail); |
317 | 317 |
tm = mdat->mirtab[i].atime; |
318 |
- printf ("Last access: %s", ctime ((const time_t *) &tm)); |
|
319 |
- printf ("Ignore: %s\n", mdat->mirtab[i].ignore ? "Yes" : "No"); |
|
318 |
+ printf("Last access: %s", ctime((const time_t *) &tm)); |
|
319 |
+ if (mdat->mirtab[i].ignore) { |
|
320 |
+ time_t ignore_expires = tm + ((mdat->mirtab[i].ignore == 1) ? IGNORE_LONG |
|
321 |
+ : IGNORE_SHORT); |
|
322 |
+ double difference = difftime(ignore_expires, time(NULL)); |
|
323 |
+ if (difference > 0) { |
|
324 |
+ uint32_t remaining = difference; |
|
325 |
+ uint32_t seconds, minutes, hours; |
|
326 |
+ seconds = remaining % 60; |
|
327 |
+ remaining = remaining / 60; |
|
328 |
+ minutes = remaining % 60; |
|
329 |
+ remaining = remaining / 60; |
|
330 |
+ hours = remaining % 60; |
|
331 |
+ |
|
332 |
+ printf("Ignore: Yes, %d hours %d minutes %d seconds remaining.\n", |
|
333 |
+ hours, minutes, seconds); |
|
334 |
+ } else { |
|
335 |
+ printf("Ignore: No\n"); |
|
336 |
+ } |
|
337 |
+ } else { |
|
338 |
+ printf("Ignore: No\n"); |
|
339 |
+ } |
|
320 | 340 |
if (i != mdat->num - 1) |
321 | 341 |
printf ("-------------------------------------\n"); |
322 | 342 |
} |