... | ... |
@@ -35,15 +35,14 @@ |
35 | 35 |
#include <time.h> |
36 | 36 |
#include <signal.h> |
37 | 37 |
|
38 |
-#include "libclamav/clamav.h" |
|
39 |
-#include "libclamav/others.h" |
|
40 |
-#include "shared/output.h" |
|
41 |
-#include "shared/misc.h" |
|
42 |
-#include "shared/optparser.h" |
|
43 |
-#include "shared/actions.h" |
|
44 |
- |
|
45 |
- |
|
46 |
-#include "clamonacc.h" |
|
38 |
+#include "../libclamav/clamav.h" |
|
39 |
+#include "../libclamav/others.h" |
|
40 |
+#include "../shared/output.h" |
|
41 |
+#include "../shared/misc.h" |
|
42 |
+#include "../shared/optparser.h" |
|
43 |
+#include "../shared/actions.h" |
|
44 |
+ |
|
45 |
+#include "./clamonacc.h" |
|
47 | 46 |
#include "./client/onaccess_client.h" |
48 | 47 |
#include "./fanotif/onaccess_fan.h" |
49 | 48 |
#include "./inotif/onaccess_ddd.h" |
... | ... |
@@ -205,7 +204,7 @@ int onas_start_eloop(struct onas_context **ctx) { |
205 | 205 |
return CL_EARG; |
206 | 206 |
} |
207 | 207 |
|
208 |
-#ifdef C_LINUX |
|
208 |
+#if defined(FANOTIFY) |
|
209 | 209 |
ret = onas_fan_eloop(ctx); |
210 | 210 |
#endif |
211 | 211 |
|
... | ... |
@@ -257,25 +256,3 @@ void* onas_context_cleanup(struct onas_context *ctx) { |
257 | 257 |
free(ctx); |
258 | 258 |
} |
259 | 259 |
|
260 |
-/*int main(int argc, char **argv) |
|
261 |
-{ |
|
262 |
- int ds, dms, ret, infected = 0, err = 0; |
|
263 |
- struct timeval t1, t2; |
|
264 |
- time_t starttime; |
|
265 |
-#ifndef _WIN32 |
|
266 |
- struct sigaction sigact; |
|
267 |
-#endif |
|
268 |
- |
|
269 |
- memset(&sigact, 0, sizeof(struct sigaction)); |
|
270 |
- sigact.sa_handler = SIG_IGN; |
|
271 |
- sigemptyset(&sigact.sa_mask); |
|
272 |
- sigaddset(&sigact.sa_mask, SIGPIPE); |
|
273 |
- sigaction(SIGPIPE, &sigact, NULL); |
|
274 |
- |
|
275 |
- time(&starttime); |
|
276 |
- ctime() does \n, but I need it once more |
|
277 |
- |
|
278 |
- gettimeofday(&t1, NULL); |
|
279 |
- |
|
280 |
- ret = client(opts, &infected, &err); |
|
281 |
-}*/ |
... | ... |
@@ -52,19 +52,18 @@ |
52 | 52 |
#include <sys/uio.h> |
53 | 53 |
#endif |
54 | 54 |
|
55 |
-#include "libclamav/clamav.h" |
|
56 |
-#include "shared/optparser.h" |
|
57 |
-#include "shared/output.h" |
|
58 |
-#include "shared/misc.h" |
|
59 |
-#include "shared/actions.h" |
|
60 |
- |
|
61 |
-#include "libclamav/str.h" |
|
62 |
-#include "libclamav/others.h" |
|
63 |
- |
|
64 |
- |
|
65 |
-#include "onaccess_com.h" |
|
66 |
-#include "onaccess_client.h" |
|
67 |
-#include "onaccess_proto.h" |
|
55 |
+#include "../../libclamav/clamav.h" |
|
56 |
+#include "../../shared/optparser.h" |
|
57 |
+#include "../../shared/output.h" |
|
58 |
+#include "../../shared/misc.h" |
|
59 |
+#include "../../shared/actions.h" |
|
60 |
+ |
|
61 |
+#include "../../libclamav/str.h" |
|
62 |
+#include "../../libclamav/others.h" |
|
63 |
+ |
|
64 |
+#include "./onaccess_com.h" |
|
65 |
+#include "./onaccess_client.h" |
|
66 |
+#include "./onaccess_proto.h" |
|
68 | 67 |
|
69 | 68 |
#include "../clamonacc.h" |
70 | 69 |
|
... | ... |
@@ -38,9 +38,9 @@ |
38 | 38 |
#include <sys/socket.h> |
39 | 39 |
#endif |
40 | 40 |
|
41 |
-#include "shared/output.h" |
|
41 |
+#include "../../shared/output.h" |
|
42 | 42 |
|
43 |
-#include "onaccess_com.h" |
|
43 |
+#include "./onaccess_com.h" |
|
44 | 44 |
|
45 | 45 |
|
46 | 46 |
static int onas_socket_wait(curl_socket_t sockfd, int32_t b_recv, uint64_t timeout_ms); |
... | ... |
@@ -53,14 +53,14 @@ |
53 | 53 |
#include <netdb.h> |
54 | 54 |
#endif |
55 | 55 |
|
56 |
-#include "libclamav/clamav.h" |
|
57 |
-#include "shared/actions.h" |
|
58 |
-#include "shared/output.h" |
|
59 |
-#include "shared/misc.h" |
|
60 |
- |
|
61 |
-#include "onaccess_com.h" |
|
62 |
-#include "onaccess_proto.h" |
|
63 |
-#include "onaccess_client.h" |
|
56 |
+#include "../../libclamav/clamav.h" |
|
57 |
+#include "../../shared/actions.h" |
|
58 |
+#include "../../shared/output.h" |
|
59 |
+#include "../../shared/misc.h" |
|
60 |
+ |
|
61 |
+#include "./onaccess_com.h" |
|
62 |
+#include "./onaccess_proto.h" |
|
63 |
+#include "./onaccess_client.h" |
|
64 | 64 |
|
65 | 65 |
static const char *scancmd[] = { "CONTSCAN", "MULTISCAN", "INSTREAM", "FILDES", "ALLMATCHSCAN" }; |
66 | 66 |
|
... | ... |
@@ -24,7 +24,7 @@ |
24 | 24 |
|
25 | 25 |
#include <curl/curl.h> |
26 | 26 |
|
27 |
-#include "shared/misc.h" |
|
27 |
+#include "../../shared/misc.h" |
|
28 | 28 |
#include "../clamonacc.h" |
29 | 29 |
|
30 | 30 |
int onas_dsresult(CURL *curl, int scantype, uint64_t maxstream, const char *filename, int fd, int64_t timeout, int *printok, int *errors, cl_error_t *ret_code); |
... | ... |
@@ -37,16 +37,16 @@ |
37 | 37 |
|
38 | 38 |
#include <sys/fanotify.h> |
39 | 39 |
|
40 |
-#include "libclamav/clamav.h" |
|
41 |
-#include "libclamav/scanners.h" |
|
40 |
+#include "../../libclamav/clamav.h" |
|
41 |
+#include "../../libclamav/scanners.h" |
|
42 | 42 |
|
43 |
-#include "shared/optparser.h" |
|
44 |
-#include "shared/output.h" |
|
43 |
+#include "../../shared/optparser.h" |
|
44 |
+#include "../../shared/output.h" |
|
45 | 45 |
|
46 | 46 |
#include "../misc/onaccess_others.h" |
47 |
-#include "clamd/server.h" |
|
47 |
+#include "../../clamd/server.h" |
|
48 | 48 |
|
49 |
-#include "onaccess_fan.h" |
|
49 |
+#include "./onaccess_fan.h" |
|
50 | 50 |
#include "../inotif/onaccess_hash.h" |
51 | 51 |
#include "../inotif/onaccess_ddd.h" |
52 | 52 |
|
... | ... |
@@ -22,7 +22,6 @@ |
22 | 22 |
#include "clamav-config.h" |
23 | 23 |
#endif |
24 | 24 |
|
25 |
-#if defined(FANOTIFY) |
|
26 | 25 |
|
27 | 26 |
#include <stdio.h> |
28 | 27 |
#include <stdlib.h> |
... | ... |
@@ -36,28 +35,30 @@ |
36 | 36 |
#include <errno.h> |
37 | 37 |
#include <stdbool.h> |
38 | 38 |
|
39 |
+#if defined(FANOTIFY) |
|
39 | 40 |
#include <sys/fanotify.h> |
40 | 41 |
#include <sys/inotify.h> |
41 |
- |
|
42 |
+#endif |
|
42 | 43 |
|
43 | 44 |
#include "../fanotif/onaccess_fan.h" |
44 |
-#include "onaccess_hash.h" |
|
45 |
-#include "onaccess_ddd.h" |
|
45 |
+#include "./onaccess_hash.h" |
|
46 |
+#include "./onaccess_ddd.h" |
|
46 | 47 |
#include "../scan/onaccess_scth.h" |
47 | 48 |
#include "../scan/onaccess_scque.h" |
48 | 49 |
#include "../misc/onaccess_others.h" |
49 | 50 |
|
50 |
-#include "libclamav/clamav.h" |
|
51 |
-#include "libclamav/scanners.h" |
|
51 |
+#include "../../libclamav/clamav.h" |
|
52 |
+#include "../../libclamav/scanners.h" |
|
52 | 53 |
|
53 |
-#include "shared/optparser.h" |
|
54 |
-#include "shared/output.h" |
|
54 |
+#include "../../shared/optparser.h" |
|
55 |
+#include "../../shared/output.h" |
|
55 | 56 |
|
56 |
-#include "clamd/server.h" |
|
57 |
-#include "clamd/others.h" |
|
58 |
-#include "clamd/scanner.h" |
|
57 |
+#include "../../clamd/server.h" |
|
58 |
+#include "../../clamd/others.h" |
|
59 |
+#include "../../clamd/scanner.h" |
|
59 | 60 |
|
60 | 61 |
|
62 |
+#if defined(FANOTIFY) |
|
61 | 63 |
|
62 | 64 |
static int onas_ddd_init_ht(uint32_t ht_size); |
63 | 65 |
static int onas_ddd_init_wdlt(uint64_t nwatches); |
... | ... |
@@ -21,11 +21,14 @@ |
21 | 21 |
#ifndef __ONAS_IN_H |
22 | 22 |
#define __ONAS_IN_H |
23 | 23 |
|
24 |
-#include "shared/optparser.h" |
|
25 |
-#include "libclamav/clamav.h" |
|
24 |
+ |
|
25 |
+#if defined(FANOTIFY) |
|
26 |
+ |
|
27 |
+#include "../../shared/optparser.h" |
|
28 |
+#include "../../libclamav/clamav.h" |
|
26 | 29 |
|
27 | 30 |
/* |
28 |
- * Extra options for onas_scan_th(). |
|
31 |
+ * Extra options for onas_scan_th(). |
|
29 | 32 |
*/ |
30 | 33 |
#define ONAS_IN 0x01 |
31 | 34 |
#define ONAS_FAN 0x02 |
... | ... |
@@ -46,5 +49,5 @@ void *onas_ddd_th(void *arg); |
46 | 46 |
int onas_ddd_init(uint64_t nwatches, size_t ht_size); |
47 | 47 |
cl_error_t onas_enable_inotif_ddd(struct onas_context **ctx); |
48 | 48 |
|
49 |
- |
|
49 |
+#endif |
|
50 | 50 |
#endif |
... | ... |
@@ -22,7 +22,6 @@ |
22 | 22 |
#include "clamav-config.h" |
23 | 23 |
#endif |
24 | 24 |
|
25 |
-#if defined(FANOTIFY) |
|
26 | 25 |
#include <stdio.h> |
27 | 26 |
#include <unistd.h> |
28 | 27 |
#include <sys/types.h> |
... | ... |
@@ -34,24 +33,30 @@ |
34 | 34 |
#include <errno.h> |
35 | 35 |
#include <stdbool.h> |
36 | 36 |
|
37 |
+ |
|
38 |
+#if defined(FANOTIFY) |
|
37 | 39 |
#include <sys/fanotify.h> |
40 |
+#endif |
|
38 | 41 |
|
39 | 42 |
#include "../fanotif/onaccess_fan.h" |
40 |
-#include "onaccess_hash.h" |
|
41 |
-#include "onaccess_ddd.h" |
|
43 |
+#include "./onaccess_hash.h" |
|
44 |
+#include "./onaccess_ddd.h" |
|
42 | 45 |
|
43 |
-#include "libclamav/clamav.h" |
|
44 |
-#include "libclamav/scanners.h" |
|
45 |
-#include "libclamav/str.h" |
|
46 |
+#include "../../libclamav/clamav.h" |
|
47 |
+#include "../../libclamav/scanners.h" |
|
48 |
+#include "../../libclamav/str.h" |
|
46 | 49 |
|
47 |
-#include "shared/optparser.h" |
|
48 |
-#include "shared/output.h" |
|
50 |
+#include "../../shared/optparser.h" |
|
51 |
+#include "../../shared/output.h" |
|
49 | 52 |
|
50 |
-#include "clamd/server.h" |
|
51 |
-#include "clamd/others.h" |
|
52 |
-#include "clamd/scanner.h" |
|
53 |
+#include "../../clamd/server.h" |
|
54 |
+#include "../../clamd/others.h" |
|
55 |
+#include "../../clamd/scanner.h" |
|
53 | 56 |
#include "../misc/priv_fts.h" |
54 | 57 |
|
58 |
+ |
|
59 |
+#if defined(FANOTIFY) |
|
60 |
+ |
|
55 | 61 |
static struct onas_bucket *onas_bucket_init(); |
56 | 62 |
static void onas_free_bucket(struct onas_bucket *bckt); |
57 | 63 |
static int onas_bucket_insert(struct onas_bucket *bckt, struct onas_element *elem); |
... | ... |
@@ -21,6 +21,9 @@ |
21 | 21 |
#ifndef __ONAS_HASH_H |
22 | 22 |
#define __ONAS_HASH_H |
23 | 23 |
|
24 |
+ |
|
25 |
+#if defined(FANOTIFY) |
|
26 |
+ |
|
24 | 27 |
#define ONAS_FANWATCH 0x1 |
25 | 28 |
#define ONAS_INWATCH 0x2 |
26 | 29 |
#define ONAS_STOPWATCH 0x3 |
... | ... |
@@ -107,3 +110,4 @@ int onas_rm_listnode(struct onas_lnode *head, const char *dirname); |
107 | 107 |
void onas_free_dirlist(struct onas_lnode *head); |
108 | 108 |
|
109 | 109 |
#endif |
110 |
+#endif |
... | ... |
@@ -53,8 +53,6 @@ static char sccsid[] = "@(#)fts.c 8.6 (Berkeley) 8/14/94"; |
53 | 53 |
#include "clamav-config.h" |
54 | 54 |
#endif |
55 | 55 |
|
56 |
-#if defined(FANOTIFY) && defined(C_LINUX) |
|
57 |
- |
|
58 | 56 |
#include <sys/param.h> |
59 | 57 |
#include <sys/stat.h> |
60 | 58 |
#include <fcntl.h> |
... | ... |
@@ -1162,4 +1160,3 @@ bail: |
1162 | 1162 |
__set_errno (oerrno); |
1163 | 1163 |
return (ret); |
1164 | 1164 |
} |
1165 |
-#endif |
... | ... |
@@ -22,8 +22,6 @@ |
22 | 22 |
#include "clamav-config.h" |
23 | 23 |
#endif |
24 | 24 |
|
25 |
-#if defined(FANOTIFY) |
|
26 |
- |
|
27 | 25 |
#include <stdio.h> |
28 | 26 |
#include <stdarg.h> |
29 | 27 |
#include <stdlib.h> |
... | ... |
@@ -32,15 +30,17 @@ |
32 | 32 |
#include <errno.h> |
33 | 33 |
#include <pthread.h> |
34 | 34 |
#include <pwd.h> |
35 |
-#include "libclamav/clamav.h" |
|
36 |
-#include "shared/optparser.h" |
|
37 |
-#include "shared/output.h" |
|
35 |
+#include "../../libclamav/clamav.h" |
|
36 |
+#include "../../shared/optparser.h" |
|
37 |
+#include "../../shared/output.h" |
|
38 | 38 |
|
39 |
-#include "onaccess_others.h" |
|
40 |
-#include "clamd/scanner.h" |
|
39 |
+#include "./onaccess_others.h" |
|
40 |
+#include "../../clamd/scanner.h" |
|
41 | 41 |
#include "../clamonacc.h" |
42 | 42 |
#include "../client/onaccess_client.h" |
43 | 43 |
|
44 |
+#if defined(FANOTIFY) |
|
45 |
+ |
|
44 | 46 |
int onas_fan_checkowner(int pid, const struct optstruct *opts) |
45 | 47 |
{ |
46 | 48 |
struct passwd *pwd; |
... | ... |
@@ -99,6 +99,7 @@ int onas_fan_checkowner(int pid, const struct optstruct *opts) |
99 | 99 |
|
100 | 100 |
return CHK_CLEAN; |
101 | 101 |
} |
102 |
+ |
|
102 | 103 |
#endif |
103 | 104 |
|
104 | 105 |
char **onas_get_opt_list(const char *fname, int *num_entries, cl_error_t *err) |
... | ... |
@@ -21,8 +21,8 @@ |
21 | 21 |
#ifndef __CLAMD_ONAS_OTHERS_H |
22 | 22 |
#define __CLAMD_ONAS_OTHERS_H |
23 | 23 |
|
24 |
-#include "shared/optparser.h" |
|
25 |
-#include "libclamav/clamav.h" |
|
24 |
+#include "../../shared/optparser.h" |
|
25 |
+#include "../../libclamav/clamav.h" |
|
26 | 26 |
#include "../clamonacc.h" |
27 | 27 |
|
28 | 28 |
typedef enum { |
... | ... |
@@ -31,7 +31,10 @@ typedef enum { |
31 | 31 |
CHK_SELF |
32 | 32 |
} cli_check_t; |
33 | 33 |
|
34 |
+ |
|
35 |
+#if defined(FANOTIFY) |
|
34 | 36 |
int onas_fan_checkowner(int pid, const struct optstruct *opts); |
37 |
+#endif |
|
35 | 38 |
char **onas_get_opt_list(const char *fname, int *num_entries, cl_error_t *err); |
36 | 39 |
void free_opt_list(char** opt_list, int entries); |
37 | 40 |
|
... | ... |
@@ -22,8 +22,6 @@ |
22 | 22 |
#include "clamav-config.h" |
23 | 23 |
#endif |
24 | 24 |
|
25 |
-#if defined(FANOTIFY) |
|
26 |
- |
|
27 | 25 |
#include <stdio.h> |
28 | 26 |
#include <stdlib.h> |
29 | 27 |
#include <unistd.h> |
... | ... |
@@ -36,15 +34,15 @@ |
36 | 36 |
|
37 | 37 |
#include "../misc/onaccess_others.h" |
38 | 38 |
|
39 |
-#include "libclamav/clamav.h" |
|
39 |
+#include "../../libclamav/clamav.h" |
|
40 | 40 |
|
41 |
-#include "shared/optparser.h" |
|
42 |
-#include "shared/output.h" |
|
41 |
+#include "../../shared/optparser.h" |
|
42 |
+#include "../../shared/output.h" |
|
43 | 43 |
|
44 | 44 |
#include "../c-thread-pool/thpool.h" |
45 | 45 |
|
46 |
-#include "onaccess_scth.h" |
|
47 |
-#include "onaccess_scque.h" |
|
46 |
+#include "./onaccess_scth.h" |
|
47 |
+#include "./onaccess_scque.h" |
|
48 | 48 |
|
49 | 49 |
static void onas_scanque_exit(int sig); |
50 | 50 |
static int onas_consume_event(threadpool thpool); |
... | ... |
@@ -298,4 +296,3 @@ static void onas_scanque_exit(int sig) { |
298 | 298 |
pthread_exit(NULL); |
299 | 299 |
} |
300 | 300 |
|
301 |
-#endif |
... | ... |
@@ -22,7 +22,6 @@ |
22 | 22 |
#include "clamav-config.h" |
23 | 23 |
#endif |
24 | 24 |
|
25 |
-#if defined(FANOTIFY) |
|
26 | 25 |
|
27 | 26 |
#include <stdio.h> |
28 | 27 |
#include <errno.h> |
... | ... |
@@ -31,23 +30,24 @@ |
31 | 31 |
#include <fcntl.h> |
32 | 32 |
#include <signal.h> |
33 | 33 |
#include <pthread.h> |
34 |
+ |
|
35 |
+#if defined(FANOTIFY) |
|
34 | 36 |
#include <sys/fanotify.h> |
37 |
+#endif |
|
35 | 38 |
|
36 |
-#include "shared/optparser.h" |
|
37 |
-#include "shared/output.h" |
|
39 |
+#include "../../shared/optparser.h" |
|
40 |
+#include "../../shared/output.h" |
|
38 | 41 |
|
39 |
-#include "libclamav/others.h" |
|
42 |
+#include "../../libclamav/others.h" |
|
40 | 43 |
#include "../misc/priv_fts.h" |
41 | 44 |
#include "../misc/onaccess_others.h" |
42 | 45 |
#include "../client/onaccess_client.h" |
43 |
-#include "onaccess_scth.h" |
|
44 |
-//#include "onaccess_others.h" |
|
45 |
- |
|
46 |
-#include "libclamav/clamav.h" |
|
46 |
+#include "./onaccess_scth.h" |
|
47 | 47 |
|
48 | 48 |
static pthread_mutex_t onas_scan_lock = PTHREAD_MUTEX_INITIALIZER; |
49 | 49 |
|
50 |
-//static int onas_scan(struct onas_context **ctx, const char *fname, STATBUF sb, int *infected, int *err, cl_error_t *ret_code); |
|
50 |
+ |
|
51 |
+static int onas_scan(struct onas_scan_event *event_data, const char *fname, STATBUF sb, int *infected, int *err, cl_error_t *ret_code); |
|
51 | 52 |
static cl_error_t onas_scan_safe(struct onas_scan_event *event_data, const char *fname, STATBUF sb, int *infected, int *err, cl_error_t *ret_code); |
52 | 53 |
static cl_error_t onas_scth_scanfile(struct onas_scan_event *event_data, const char *fname, STATBUF sb, int *infected, int *err, cl_error_t *ret_code); |
53 | 54 |
static cl_error_t onas_scth_handle_dir(struct onas_scan_event *event_data, const char *pathname); |
... | ... |
@@ -63,10 +63,11 @@ static void onas_scth_exit(int sig) |
63 | 63 |
} |
64 | 64 |
|
65 | 65 |
/** |
66 |
- * Scan wrapper, used by both inotify and fanotify threads. Owned by scanthread to force multithreaded client archtiecture |
|
67 |
- * which better avoids kernel level deadlocks from fanotify blocking/prevention |
|
66 |
+ * Safe-scan wrapper, originally used by inotify and fanotify threads, now exists for error checking/convenience. |
|
67 |
+ * Owned by scanthread to force multithreaded client archtiecture which better avoids kernel level deadlocks from |
|
68 |
+ * fanotify blocking/prevention |
|
68 | 69 |
*/ |
69 |
-int onas_scan(struct onas_scan_event *event_data, const char *fname, STATBUF sb, int *infected, int *err, cl_error_t *ret_code) |
|
70 |
+static int onas_scan(struct onas_scan_event *event_data, const char *fname, STATBUF sb, int *infected, int *err, cl_error_t *ret_code) |
|
70 | 71 |
{ |
71 | 72 |
int ret = 0; |
72 | 73 |
int i = 0; |
... | ... |
@@ -113,6 +114,8 @@ static cl_error_t onas_scan_safe(struct onas_scan_event *event_data, const char |
113 | 113 |
|
114 | 114 |
int ret = 0; |
115 | 115 |
int fd = 0; |
116 |
+ |
|
117 |
+#if defined(FANOTIFY) |
|
116 | 118 |
uint8_t b_fanotify; |
117 | 119 |
|
118 | 120 |
b_fanotify = event_data->bool_opts & ONAS_SCTH_B_FANOTIFY ? 1 : 0; |
... | ... |
@@ -120,6 +123,7 @@ static cl_error_t onas_scan_safe(struct onas_scan_event *event_data, const char |
120 | 120 |
if (b_fanotify) { |
121 | 121 |
fd = event_data->fmd->fd; |
122 | 122 |
} |
123 |
+#endif |
|
123 | 124 |
|
124 | 125 |
pthread_mutex_lock(&onas_scan_lock); |
125 | 126 |
|
... | ... |
@@ -134,11 +138,15 @@ static cl_error_t onas_scan_safe(struct onas_scan_event *event_data, const char |
134 | 134 |
|
135 | 135 |
static cl_error_t onas_scth_scanfile(struct onas_scan_event *event_data, const char *fname, STATBUF sb, int *infected, int *err, cl_error_t *ret_code) { |
136 | 136 |
|
137 |
+ |
|
138 |
+#if defined(FANOTIFY) |
|
137 | 139 |
struct fanotify_response res; |
138 |
- int ret = 0; |
|
140 |
+ uint8_t b_fanotify; |
|
141 |
+#endif |
|
142 |
+ |
|
143 |
+ int ret = 0; |
|
139 | 144 |
|
140 | 145 |
uint8_t b_scan; |
141 |
- uint8_t b_fanotify; |
|
142 | 146 |
uint8_t b_deny_on_error; |
143 | 147 |
|
144 | 148 |
if (NULL == event_data || NULL == fname || NULL == infected || NULL == err || NULL == ret_code) { |
... | ... |
@@ -147,13 +155,15 @@ static cl_error_t onas_scth_scanfile(struct onas_scan_event *event_data, const c |
147 | 147 |
} |
148 | 148 |
|
149 | 149 |
b_scan = event_data->bool_opts & ONAS_SCTH_B_SCAN ? 1 : 0; |
150 |
- b_fanotify = event_data->bool_opts & ONAS_SCTH_B_FANOTIFY ? 1 : 0; |
|
151 | 150 |
b_deny_on_error = event_data->bool_opts & ONAS_SCTH_B_DENY_ON_E ? 1 : 0; |
152 | 151 |
|
152 |
+#if defined(FANOTIFY) |
|
153 |
+ b_fanotify = event_data->bool_opts & ONAS_SCTH_B_FANOTIFY ? 1 : 0; |
|
153 | 154 |
if (b_fanotify) { |
154 | 155 |
res.fd = event_data->fmd->fd; |
155 | 156 |
res.response = FAN_ALLOW; |
156 | 157 |
} |
158 |
+#endif |
|
157 | 159 |
|
158 | 160 |
if (b_scan) { |
159 | 161 |
ret = onas_scan(event_data, fname, sb, infected, err, ret_code); |
... | ... |
@@ -162,72 +172,71 @@ static cl_error_t onas_scth_scanfile(struct onas_scan_event *event_data, const c |
162 | 162 |
logg("*ClamWorker: scan failed with error code %d\n", *ret_code); |
163 | 163 |
} |
164 | 164 |
|
165 |
+#if defined(FANOTIFY) |
|
165 | 166 |
if (b_fanotify) { |
166 | 167 |
if ((*err && *ret_code && b_deny_on_error) || *infected) { |
167 | 168 |
res.response = FAN_DENY; |
168 | 169 |
} |
169 | 170 |
} |
171 |
+#endif |
|
170 | 172 |
} |
171 | 173 |
|
172 |
- |
|
174 |
+#if defined(FANOTIFY) |
|
173 | 175 |
if (b_fanotify) { |
174 | 176 |
if(event_data->fmd->mask & FAN_ALL_PERM_EVENTS) { |
175 | 177 |
ret = write(event_data->fan_fd, &res, sizeof(res)); |
176 | 178 |
if(ret == -1) { |
177 | 179 |
logg("!ClamWorker: internal error (can't write to fanotify)\n"); |
178 |
- if (errno == ENOENT) { |
|
179 |
- logg("*ClamWorker: permission event has already been written ... recovering ...\n"); |
|
180 |
- } else { |
|
181 |
- ret = CL_EWRITE; |
|
180 |
+ if (errno == ENOENT) { |
|
181 |
+ logg("*ClamWorker: permission event has already been written ... recovering ...\n"); |
|
182 |
+ } else { |
|
183 |
+ ret = CL_EWRITE; |
|
184 |
+ } |
|
182 | 185 |
} |
183 | 186 |
} |
184 | 187 |
} |
185 |
- } |
|
186 | 188 |
|
187 |
- if (b_fanotify) { |
|
189 |
+ if (b_fanotify) { |
|
188 | 190 |
|
189 | 191 |
#ifdef ONAS_DEBUG |
190 |
- logg("*ClamWorker: closing fd, %d)\n", event_data->fmd->fd); |
|
192 |
+ logg("*ClamWorker: closing fd, %d)\n", event_data->fmd->fd); |
|
191 | 193 |
#endif |
192 |
- if (-1 == close(event_data->fmd->fd) ) { |
|
194 |
+ if (-1 == close(event_data->fmd->fd) ) { |
|
193 | 195 |
|
194 |
- logg("!ClamWorker: internal error (can't close fanotify meta fd, %d)\n", event_data->fmd->fd); |
|
195 |
- if (errno == EBADF) { |
|
196 |
- logg("*ClamWorker: fd already closed ... recovering ...\n"); |
|
197 |
- } else { |
|
198 |
- ret = CL_EUNLINK; |
|
196 |
+ logg("!ClamWorker: internal error (can't close fanotify meta fd, %d)\n", event_data->fmd->fd); |
|
197 |
+ if (errno == EBADF) { |
|
198 |
+ logg("*ClamWorker: fd already closed ... recovering ...\n"); |
|
199 |
+ } else { |
|
200 |
+ ret = CL_EUNLINK; |
|
201 |
+ } |
|
199 | 202 |
} |
200 | 203 |
} |
201 |
- } |
|
202 |
- |
|
204 |
+#endif |
|
203 | 205 |
return ret; |
204 | 206 |
} |
205 | 207 |
|
206 | 208 |
static cl_error_t onas_scth_handle_dir(struct onas_scan_event *event_data, const char *pathname) { |
207 |
- FTS *ftsp = NULL; |
|
209 |
+ FTS *ftsp = NULL; |
|
208 | 210 |
int32_t ftspopts = FTS_NOCHDIR | FTS_PHYSICAL | FTS_XDEV; |
209 | 211 |
FTSENT *curr = NULL; |
210 | 212 |
|
211 | 213 |
int32_t infected = 0; |
212 | 214 |
int32_t err = 0; |
213 |
- cl_error_t ret_code = CL_SUCCESS; |
|
215 |
+ cl_error_t ret_code = CL_SUCCESS; |
|
214 | 216 |
cl_error_t ret = CL_SUCCESS; |
215 | 217 |
|
216 | 218 |
int32_t fres = 0; |
217 |
- STATBUF sb; |
|
219 |
+ STATBUF sb; |
|
218 | 220 |
|
219 |
- char *const pathargv[] = {(char *)pathname, NULL}; |
|
221 |
+ char *const pathargv[] = {(char *)pathname, NULL}; |
|
220 | 222 |
|
221 | 223 |
if (!(ftsp = _priv_fts_open(pathargv, ftspopts, NULL))) { |
222 | 224 |
ret = CL_EOPEN; |
223 |
- goto out; |
|
225 |
+ goto out; |
|
224 | 226 |
} |
225 | 227 |
|
226 |
- |
|
227 |
- logg("*ClamWorker: should never be here again!!!!!!!!!!!!\n"); |
|
228 |
- |
|
229 |
- while ((curr = _priv_fts_read(ftsp))) { |
|
230 |
- if (curr->fts_info != FTS_D) { |
|
228 |
+ while ((curr = _priv_fts_read(ftsp))) { |
|
229 |
+ if (curr->fts_info != FTS_D) { |
|
231 | 230 |
|
232 | 231 |
fres = CLAMSTAT(curr->fts_path, &sb); |
233 | 232 |
|
... | ... |
@@ -235,21 +244,21 @@ static cl_error_t onas_scth_handle_dir(struct onas_scan_event *event_data, const |
235 | 235 |
if (fres != 0 || sb.st_size > event_data->sizelimit) { |
236 | 236 |
/* okay to skip w/o allow/deny since dir comes from inotify |
237 | 237 |
* events and (probably) won't block w/ protection enabled */ |
238 |
- event_data->bool_opts &= ((uint16_t) ~ONAS_SCTH_B_SCAN); |
|
239 |
- logg("*ClamWorker: size limit surpassed while doing extra scanning ... skipping object ...\n"); |
|
238 |
+ event_data->bool_opts &= ((uint16_t) ~ONAS_SCTH_B_SCAN); |
|
239 |
+ logg("*ClamWorker: size limit surpassed while doing extra scanning ... skipping object ...\n"); |
|
240 | 240 |
} |
241 | 241 |
} |
242 | 242 |
|
243 |
- ret = onas_scth_scanfile(event_data, curr->fts_path, sb, &infected, &err, &ret_code); |
|
244 |
- } |
|
245 |
- } |
|
243 |
+ ret = onas_scth_scanfile(event_data, curr->fts_path, sb, &infected, &err, &ret_code); |
|
244 |
+ } |
|
245 |
+ } |
|
246 | 246 |
|
247 | 247 |
out: |
248 |
- if(ftsp) { |
|
249 |
- _priv_fts_close(ftsp); |
|
250 |
- } |
|
248 |
+ if(ftsp) { |
|
249 |
+ _priv_fts_close(ftsp); |
|
250 |
+ } |
|
251 | 251 |
|
252 |
- return ret; |
|
252 |
+ return ret; |
|
253 | 253 |
} |
254 | 254 |
|
255 | 255 |
static cl_error_t onas_scth_handle_file(struct onas_scan_event *event_data, const char *pathname) { |
... | ... |
@@ -262,8 +271,8 @@ static cl_error_t onas_scth_handle_file(struct onas_scan_event *event_data, cons |
262 | 262 |
cl_error_t ret = 0; |
263 | 263 |
|
264 | 264 |
if (NULL == pathname || NULL == event_data) { |
265 |
- return CL_ENULLARG; |
|
266 |
- } |
|
265 |
+ return CL_ENULLARG; |
|
266 |
+ } |
|
267 | 267 |
|
268 | 268 |
fres = CLAMSTAT(pathname, &sb); |
269 | 269 |
if (event_data->sizelimit) { |
... | ... |
@@ -271,24 +280,24 @@ static cl_error_t onas_scth_handle_file(struct onas_scan_event *event_data, cons |
271 | 271 |
/* don't skip so we avoid lockups, but don't scan either; |
272 | 272 |
* while it should be obvious, this will unconditionally set |
273 | 273 |
* the bit in the map to 0 regardless of original orientation */ |
274 |
- event_data->bool_opts &= ((uint16_t) ~ONAS_SCTH_B_SCAN); |
|
274 |
+ event_data->bool_opts &= ((uint16_t) ~ONAS_SCTH_B_SCAN); |
|
275 | 275 |
} |
276 | 276 |
} |
277 | 277 |
|
278 | 278 |
ret = onas_scth_scanfile(event_data, pathname, sb, &infected, &err, &ret_code); |
279 | 279 |
|
280 | 280 |
#ifdef ONAS_DEBUG |
281 |
- /* very noisy, debug only */ |
|
282 |
- if (event_data->bool_opts & ONAS_SCTH_B_INOTIFY) { |
|
283 |
- logg("*ClamWorker: Inotify Scan Results ...\n\tret = %d ...\n\tinfected = %d ...\n\terr = %d ...\n\tret_code = %d\n", |
|
284 |
- ret, infected, err, ret_code); |
|
285 |
- } else { |
|
286 |
- logg("*ClamWorker: Fanotify Scan Results ...\n\tret = %d ...\n\tinfected = %d ...\n\terr = %d ...\n\tret_code = %d\n\tfd = %d\n", |
|
287 |
- ret, infected, err, ret_code, event_data->fmd->fd); |
|
288 |
- } |
|
281 |
+ /* very noisy, debug only */ |
|
282 |
+ if (event_data->bool_opts & ONAS_SCTH_B_INOTIFY) { |
|
283 |
+ logg("*ClamWorker: Inotify Scan Results ...\n\tret = %d ...\n\tinfected = %d ...\n\terr = %d ...\n\tret_code = %d\n", |
|
284 |
+ ret, infected, err, ret_code); |
|
285 |
+ } else { |
|
286 |
+ logg("*ClamWorker: Fanotify Scan Results ...\n\tret = %d ...\n\tinfected = %d ...\n\terr = %d ...\n\tret_code = %d\n\tfd = %d\n", |
|
287 |
+ ret, infected, err, ret_code, event_data->fmd->fd); |
|
288 |
+ } |
|
289 | 289 |
#endif |
290 | 290 |
|
291 |
- return ret; |
|
291 |
+ return ret; |
|
292 | 292 |
} |
293 | 293 |
|
294 | 294 |
void *onas_scan_worker(void *arg) { |
... | ... |
@@ -302,11 +311,11 @@ void *onas_scan_worker(void *arg) { |
302 | 302 |
|
303 | 303 |
if (NULL == event_data || NULL == event_data->pathname) { |
304 | 304 |
logg("ClamWorker: invalid worker arguments for scanning thread\n"); |
305 |
- if (event_data) { |
|
306 |
- logg("ClamWorker: pathname is null\n"); |
|
307 |
- } |
|
308 |
- goto done; |
|
309 |
- } |
|
305 |
+ if (event_data) { |
|
306 |
+ logg("ClamWorker: pathname is null\n"); |
|
307 |
+ } |
|
308 |
+ goto done; |
|
309 |
+ } |
|
310 | 310 |
|
311 | 311 |
/* load in boolean info from event struct; makes for easier reading--you're welcome */ |
312 | 312 |
b_dir = event_data->bool_opts & ONAS_SCTH_B_DIR ? 1 : 0; |
... | ... |
@@ -314,7 +323,7 @@ void *onas_scan_worker(void *arg) { |
314 | 314 |
b_inotify = event_data->bool_opts & ONAS_SCTH_B_INOTIFY ? 1 : 0; |
315 | 315 |
b_fanotify = event_data->bool_opts & ONAS_SCTH_B_FANOTIFY ? 1 : 0; |
316 | 316 |
|
317 |
- |
|
317 |
+#if defined(FANOTIFY) |
|
318 | 318 |
if (b_inotify) { |
319 | 319 |
logg("*ClamWorker: handling inotify event ...\n"); |
320 | 320 |
|
... | ... |
@@ -324,23 +333,24 @@ void *onas_scan_worker(void *arg) { |
324 | 324 |
} else if (b_file) { |
325 | 325 |
logg("*ClamWorker: performing (extra) scanning on file '%s'\n", event_data->pathname); |
326 | 326 |
onas_scth_handle_file(event_data, event_data->pathname); |
327 |
- } |
|
327 |
+ } |
|
328 | 328 |
|
329 | 329 |
} else if (b_fanotify) { |
330 | 330 |
|
331 | 331 |
logg("*ClamWorker: performing scanning on file '%s'\n", event_data->pathname); |
332 | 332 |
onas_scth_handle_file(event_data, event_data->pathname); |
333 | 333 |
} else { |
334 |
- /* something went very wrong, so check if we have an open fd, |
|
335 |
- * try to close it to resolve any potential lingering permissions event, |
|
336 |
- * then move to cleanup */ |
|
337 |
- if (event_data->fmd) { |
|
338 |
- if (event_data->fmd->fd) { |
|
339 |
- close(event_data->fmd->fd); |
|
340 |
- goto done; |
|
341 |
- } |
|
342 |
- } |
|
343 |
- } |
|
334 |
+ /* something went very wrong, so check if we have an open fd, |
|
335 |
+ * try to close it to resolve any potential lingering permissions event, |
|
336 |
+ * then move to cleanup */ |
|
337 |
+ if (event_data->fmd) { |
|
338 |
+ if (event_data->fmd->fd) { |
|
339 |
+ close(event_data->fmd->fd); |
|
340 |
+ goto done; |
|
341 |
+ } |
|
342 |
+ } |
|
343 |
+ } |
|
344 |
+#endif |
|
344 | 345 |
done: |
345 | 346 |
/* our job to cleanup event data: worker queue just kicks us off in a thread pool, drops the event object |
346 | 347 |
* from the queue and forgets about us */ |
... | ... |
@@ -348,18 +358,20 @@ done: |
348 | 348 |
if (NULL != event_data) { |
349 | 349 |
if (NULL != event_data->pathname) { |
350 | 350 |
free(event_data->pathname); |
351 |
- event_data->pathname = NULL; |
|
352 |
- } |
|
351 |
+ event_data->pathname = NULL; |
|
352 |
+ } |
|
353 | 353 |
|
354 |
- if (NULL != event_data->fmd) { |
|
355 |
- free(event_data->fmd); |
|
356 |
- event_data->fmd = NULL; |
|
357 |
- } |
|
354 |
+#if defined(FANOTIFY) |
|
355 |
+ if (NULL != event_data->fmd) { |
|
356 |
+ free(event_data->fmd); |
|
357 |
+ event_data->fmd = NULL; |
|
358 |
+ } |
|
359 |
+#endif |
|
358 | 360 |
free(event_data); |
359 | 361 |
event_data = NULL; |
360 |
- } |
|
362 |
+ } |
|
361 | 363 |
|
362 |
- return NULL; |
|
364 |
+ return NULL; |
|
363 | 365 |
} |
364 | 366 |
|
365 | 367 |
/* Simple utility function for external interfaces to add relevant context information to scan_event struct; |
... | ... |
@@ -396,4 +408,3 @@ cl_error_t onas_map_context_info_to_event_data(struct onas_context *ctx, struct |
396 | 396 |
|
397 | 397 |
return CL_SUCCESS; |
398 | 398 |
} |
399 |
-#endif |
... | ... |
@@ -22,9 +22,11 @@ |
22 | 22 |
#define __ONAS_SCTH_H |
23 | 23 |
|
24 | 24 |
|
25 |
+#if defined(FANOTIFY) |
|
25 | 26 |
#include <sys/fanotify.h> |
26 |
-#include "shared/optparser.h" |
|
27 |
-#include "libclamav/clamav.h" |
|
27 |
+#endif |
|
28 |
+#include "../../shared/optparser.h" |
|
29 |
+#include "../../libclamav/clamav.h" |
|
28 | 30 |
|
29 | 31 |
#define ONAS_SCTH_B_DIR 0x01 |
30 | 32 |
#define ONAS_SCTH_B_FILE 0x02 |
... | ... |
@@ -48,9 +50,11 @@ |
48 | 48 |
struct onas_scan_event { |
49 | 49 |
const char *tcpaddr; |
50 | 50 |
int64_t portnum; |
51 |
- char *pathname; |
|
51 |
+ char *pathname; |
|
52 | 52 |
int fan_fd; |
53 |
+#if defined(FANOTIFY) |
|
53 | 54 |
struct fanotify_event_metadata *fmd; |
55 |
+#endif |
|
54 | 56 |
uint8_t retry_attempts; |
55 | 57 |
uint64_t sizelimit; |
56 | 58 |
int32_t scantype; |
... | ... |
@@ -70,7 +74,6 @@ void *onas_scan_th(void *arg); |
70 | 70 |
|
71 | 71 |
void *onas_scan_worker(void *arg); |
72 | 72 |
|
73 |
-int onas_scan(struct onas_scan_event *event_data, const char *fname, STATBUF sb, int *infected, int *err, cl_error_t *ret_code); |
|
74 | 73 |
cl_error_t onas_map_context_info_to_event_data(struct onas_context *ctx, struct onas_scan_event **event_data); |
75 | 74 |
|
76 | 75 |
#endif |