git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@729 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/08/06 19:13:08... | ... |
@@ -1,3 +1,11 @@ |
1 |
+Fri Aug 6 11:09:22 BST 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * clamav-milter: Quarantined file's names now contain the name of the |
|
4 |
+ virus |
|
5 |
+ Handle crash when --bounce is set, and MAIL FROM isn't |
|
6 |
+ sent in an e-mail containing a virus. |
|
7 |
+ Fix by "Denis Ustimenko" <den@uzsci.net> |
|
8 |
+ |
|
1 | 9 |
Thu Aug 5 19:53:40 CEST 2004 (tk) |
2 | 10 |
---------------------------------- |
3 | 11 |
* libclamav: integrate Mydoom.M log detector from Trog (temporary feature) |
... | ... |
@@ -461,6 +461,9 @@ Changes |
461 | 461 |
variables are now delimeted by dollars, e.g. ${j}$ |
462 | 462 |
Better local IP table by Damian Menscher <menscher@uiuc.edu> and |
463 | 463 |
Andy Fiddaman <clam@fiddaman.net> |
464 |
+0.75g 06/8/04 Handle privdata->from not set when --bounce is set |
|
465 |
+ "Denis Ustimenko" <den@uzsci.net> |
|
466 |
+ Quarantined file's names now contain the name of the virus |
|
464 | 467 |
|
465 | 468 |
BUG REPORTS |
466 | 469 |
|
... | ... |
@@ -26,6 +26,9 @@ |
26 | 26 |
* |
27 | 27 |
* Change History: |
28 | 28 |
* $Log: clamav-milter.c,v $ |
29 |
+ * Revision 1.115 2004/08/06 10:08:31 nigelhorne |
|
30 |
+ * Quarantined files now include the virus in the name |
|
31 |
+ * |
|
29 | 32 |
* Revision 1.114 2004/08/05 07:44:28 nigelhorne |
30 | 33 |
* Better Template Handling |
31 | 34 |
* |
... | ... |
@@ -353,9 +356,9 @@ |
353 | 353 |
* Revision 1.6 2003/09/28 16:37:23 nigelhorne |
354 | 354 |
* Added -f flag use MaxThreads if --max-children not set |
355 | 355 |
*/ |
356 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.114 2004/08/05 07:44:28 nigelhorne Exp $"; |
|
356 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.115 2004/08/06 10:08:31 nigelhorne Exp $"; |
|
357 | 357 |
|
358 |
-#define CM_VERSION "0.75f" |
|
358 |
+#define CM_VERSION "0.75g" |
|
359 | 359 |
|
360 | 360 |
/*#define CONFDIR "/usr/local/etc"*/ |
361 | 361 |
|
... | ... |
@@ -502,6 +505,7 @@ static void header_list_print(header_list_t list, FILE *fp); |
502 | 502 |
static int connect2clamd(struct privdata *privdata); |
503 | 503 |
static void checkClamd(void); |
504 | 504 |
static int sendtemplate(SMFICTX *ctx, const char *filename, FILE *sendmail, const char *virusname); |
505 |
+static int qfile(struct privdata *privdata, const char *virusname); |
|
505 | 506 |
static void setsubject(SMFICTX *ctx, const char *virusname); |
506 | 507 |
static int clamfi_gethostbyname(const char *hostname, struct hostent *hp, char *buf, size_t len); |
507 | 508 |
|
... | ... |
@@ -1612,10 +1616,10 @@ clamfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr) |
1612 | 1612 |
static const char *localAddresses[] = { |
1613 | 1613 |
"^127\\.0\\.0\\.1$", |
1614 | 1614 |
"^192\\.168\\.[0-9]+\\.[0-9]+$", |
1615 |
- "^10\\.[0-9]*\\.[0-9]*\\.[0-9]*$", |
|
1616 |
- "^172\\.1[6-9]\\.[0-9]*\\.[0-9]*$", |
|
1617 |
- "^172\\.2[0-9]\\.[0-9]*\\.[0-9]*$", |
|
1618 |
- "^172\\.3[0-1]\\.[0-9]*\\.[0-9]*$", |
|
1615 |
+ "^10\\.[0-9]+\\.[0-9]+\\.[0-9]+$", |
|
1616 |
+ "^172\\.1[6-9]\\.[0-9]+\\.[0-9]+$", |
|
1617 |
+ "^172\\.2[0-9]\\.[0-9]+\\.[0-9]+$", |
|
1618 |
+ "^172\\.3[0-1]\\.[0-9]+\\.[0-9]+$", |
|
1619 | 1619 |
"^169\\.254\\.[0-9]+\\.[0-9]+$", |
1620 | 1620 |
NULL |
1621 | 1621 |
}; |
... | ... |
@@ -2262,7 +2266,15 @@ clamfi_eom(SMFICTX *ctx) |
2262 | 2262 |
*/ |
2263 | 2263 |
fprintf(sendmail, "From: %s\n", from); |
2264 | 2264 |
if(bflag) { |
2265 |
- fprintf(sendmail, "To: %s\n", privdata->from); |
|
2265 |
+ /* |
|
2266 |
+ * Handle privdata->from not set, |
|
2267 |
+ * "Denis Ustimenko" <den@uzsci.net> |
|
2268 |
+ */ |
|
2269 |
+ fprintf(sendmail, "To: %s\n", |
|
2270 |
+ (privdata->from) ? |
|
2271 |
+ privdata->from : |
|
2272 |
+ smfi_getsymval(ctx, "{mail_addr}")); |
|
2273 |
+ |
|
2266 | 2274 |
fprintf(sendmail, "Cc: %s\n", postmaster); |
2267 | 2275 |
} else |
2268 | 2276 |
fprintf(sendmail, "To: %s\n", postmaster); |
... | ... |
@@ -2303,7 +2315,8 @@ clamfi_eom(SMFICTX *ctx) |
2303 | 2303 |
fprintf(sendmail, "contained %s and has not been delivered.\n", virusname); |
2304 | 2304 |
|
2305 | 2305 |
if(privdata->filename != NULL) |
2306 |
- fprintf(sendmail, "\nThe message in question has been quarantined as %s\n", privdata->filename); |
|
2306 |
+ if(qfile(privdata, virusname) == 0) |
|
2307 |
+ fprintf(sendmail, "\nThe message in question has been quarantined as %s\n", privdata->filename); |
|
2307 | 2308 |
|
2308 | 2309 |
if(hflag) { |
2309 | 2310 |
fprintf(sendmail, "\nThe message was received by %s from %s via %s\n\n", |
... | ... |
@@ -3120,12 +3133,11 @@ sendtemplate(SMFICTX *ctx, const char *filename, FILE *sendmail, const char *vir |
3120 | 3120 |
|
3121 | 3121 |
val = smfi_getsymval(ctx, ptr); |
3122 | 3122 |
if(val == NULL) { |
3123 |
- if(use_syslog) { |
|
3124 |
- fputs(ptr, sendmail); |
|
3123 |
+ fputs(ptr, sendmail); |
|
3124 |
+ if(use_syslog) |
|
3125 | 3125 |
syslog(LOG_ERR, |
3126 | 3126 |
"%s: Unknown sendmail variable \"%s\"\n", |
3127 | 3127 |
filename, ptr); |
3128 |
- } |
|
3129 | 3128 |
} else |
3130 | 3129 |
fputs(val, sendmail); |
3131 | 3130 |
ptr = end; |
... | ... |
@@ -3138,6 +3150,41 @@ sendtemplate(SMFICTX *ctx, const char *filename, FILE *sendmail, const char *vir |
3138 | 3138 |
} |
3139 | 3139 |
|
3140 | 3140 |
/* |
3141 |
+ * Keep the infected file in quarantine, return success (0) or failure |
|
3142 |
+ * |
|
3143 |
+ * FIXME: handle '/' etc. in virus name, see blobSetFilename |
|
3144 |
+ */ |
|
3145 |
+static int |
|
3146 |
+qfile(struct privdata *privdata, const char *virusname) |
|
3147 |
+{ |
|
3148 |
+ char *newname; |
|
3149 |
+ |
|
3150 |
+ assert(privdata != NULL); |
|
3151 |
+ |
|
3152 |
+ if((privdata->filename == NULL) || (virusname == NULL)) |
|
3153 |
+ return -1; |
|
3154 |
+ |
|
3155 |
+ newname = cli_malloc(strlen(privdata->filename) + strlen(virusname) + 2); |
|
3156 |
+ |
|
3157 |
+ if(newname == NULL) |
|
3158 |
+ return -1; |
|
3159 |
+ |
|
3160 |
+ sprintf(newname, "%s.%s", privdata->filename, virusname); |
|
3161 |
+ if(link(privdata->filename, newname) < 0) { |
|
3162 |
+ perror(newname); |
|
3163 |
+ if(use_syslog) |
|
3164 |
+ syslog(LOG_WARNING, "Can't rename %s to %s", |
|
3165 |
+ privdata->filename, newname); |
|
3166 |
+ free(newname); |
|
3167 |
+ return -1; |
|
3168 |
+ } |
|
3169 |
+ free(privdata->filename); |
|
3170 |
+ privdata->filename = newname; |
|
3171 |
+ |
|
3172 |
+ return 0; |
|
3173 |
+} |
|
3174 |
+ |
|
3175 |
+/* |
|
3141 | 3176 |
* Store the name of the virus in the subject of the e-mail |
3142 | 3177 |
*/ |
3143 | 3178 |
static void |
... | ... |
@@ -3146,7 +3193,7 @@ setsubject(SMFICTX *ctx, const char *virusname) |
3146 | 3146 |
char subject[128]; |
3147 | 3147 |
|
3148 | 3148 |
/* |
3149 |
- * FIXME: doesn't work if there's no subject |
|
3149 |
+ * FIXME: doesn't work if there's no subject in the email |
|
3150 | 3150 |
*/ |
3151 | 3151 |
snprintf(subject, sizeof(subject) - 1, "[Virus] %s", virusname); |
3152 | 3152 |
smfi_chgheader(ctx, "Subject", 1, subject); |