@@ -1,3 +1,9 @@

+Tue Jan 20 11:34:38 CET 2004 (tk)

+---------------------------------

+  * clamd: new commands: SESSION, END: SESSION starts a clamd session and

+	   allows to do multiple commands per TCP session. END closes the

+	   session. Requested by Jim Ramsay <i.am*jimramsay.com>.

+

 Fri Jan 16 07:39:55 CET 2004 (tk)

 ---------------------------------

   * freshclam: removed -c for --config-file (conflicted with -c for --checks).

@@ -2,6 +2,52 @@ Note: This README/NEWS file refers to the source tarball. Some things described

 here may not be available in binary packages.

 --

+0.66

+----

+

+

+

+Noteworthy changes in this version:

+

+-) clamd:

+    + fixed a database timestamp handling (and a double reload problem reported

+      by Alex Pleiner and Ole Stanstrup)

+    + UseProcesses (use processes instead of threads, warning: untested code)

+      Also please check James Stevens' nclamd (based on a similar architecture

+      to Apache) if you prefer processes over threads.

+    + new directive ArchiveMaxCompressionRatio

+    + fixed a segmentation fault after database update in on-access scanner

+

+-) clamav-milter: (Nigel Horne)

+    + added support for AllowSupplementaryGroups and ThreadTimeout

+    + added --quarantine-dir (thanks to Michael Dankov)

+    + added --sign option

+

+-) libclamav:

+    + prevent buffer overflow in broken uuencoded files (Nigel)

+    + scan multipart alternatives that have no boundaries (Nigel)

+    + better handling of encapsulated messages (Nigel)

+    + locate uuencoded viruses hidden in text portions of multipart/mixed

+      mime messages (Nigel)

+    + initial support for BinHex (Nigel)

+    + fixed a mail recursion loop (problem reported by Alex Kah and Kristof

+      Petr)

+    + fixed bzip2 memory limit (improper call suggested by the buggy libbz2

+      documentation, problem reported by Tomasz Klim)

+    + fixed on error descriptor leak in CVD unpacker (Thomas Lamy)

+    + fixed memory leak in digital signature verification code (Thomas Lamy)

+    + added maximal compression ratio limit (cl_limits->maxratio)

+

+-) clamscan:

+    + support for multiple arguments on command line (Thomas Lamy)

+    + fixed a buffer overflow in --move (Denis De Messemacker)

+    + removed support for sendfile() under Linux

+    + added --bell

+

+-) freshclam:

+    + support for freshclam.conf

+

 0.65

 ----

 IMPORTANT NOTE: The project has been moved into SourceForge. The only official

@@ -30,6 +30,8 @@ clamd_SOURCES = \

     tcpserver.h \

     localserver.c \

     localserver.h \

+    session.c \

+    session.h \

     server-proc.c \

     server-th.c \

     server.h \

@@ -128,6 +128,8 @@ install_sh = @install_sh@

 @BUILD_CLAMD_TRUE@    tcpserver.h \

 @BUILD_CLAMD_TRUE@    localserver.c \

 @BUILD_CLAMD_TRUE@    localserver.h \

+@BUILD_CLAMD_TRUE@    session.c \

+@BUILD_CLAMD_TRUE@    session.h \

 @BUILD_CLAMD_TRUE@    server-proc.c \

 @BUILD_CLAMD_TRUE@    server-th.c \

 @BUILD_CLAMD_TRUE@    server.h \

@@ -158,10 +160,11 @@ PROGRAMS = $(sbin_PROGRAMS)

 @BUILD_CLAMD_TRUE@am_clamd_OBJECTS = options.$(OBJEXT) cfgfile.$(OBJEXT) \

 @BUILD_CLAMD_TRUE@	clamd.$(OBJEXT) tcpserver.$(OBJEXT) \

-@BUILD_CLAMD_TRUE@	localserver.$(OBJEXT) server-proc.$(OBJEXT) \

-@BUILD_CLAMD_TRUE@	server-th.$(OBJEXT) scanner.$(OBJEXT) \

-@BUILD_CLAMD_TRUE@	others.$(OBJEXT) clamuko.$(OBJEXT) \

-@BUILD_CLAMD_TRUE@	dazukoio.$(OBJEXT) tests.$(OBJEXT)

+@BUILD_CLAMD_TRUE@	localserver.$(OBJEXT) session.$(OBJEXT) \

+@BUILD_CLAMD_TRUE@	server-proc.$(OBJEXT) server-th.$(OBJEXT) \

+@BUILD_CLAMD_TRUE@	scanner.$(OBJEXT) others.$(OBJEXT) \

+@BUILD_CLAMD_TRUE@	clamuko.$(OBJEXT) dazukoio.$(OBJEXT) \

+@BUILD_CLAMD_TRUE@	tests.$(OBJEXT)

 clamd_OBJECTS = $(am_clamd_OBJECTS)

 @BUILD_CLAMD_TRUE@clamd_DEPENDENCIES = ../clamscan/getopt.o

 @BUILD_CLAMD_FALSE@clamd_DEPENDENCIES =

@@ -176,7 +179,8 @@ am__depfiles_maybe = depfiles

 @AMDEP_TRUE@	./$(DEPDIR)/localserver.Po ./$(DEPDIR)/options.Po \

 @AMDEP_TRUE@	./$(DEPDIR)/others.Po ./$(DEPDIR)/scanner.Po \

 @AMDEP_TRUE@	./$(DEPDIR)/server-proc.Po ./$(DEPDIR)/server-th.Po \

-@AMDEP_TRUE@	./$(DEPDIR)/tcpserver.Po ./$(DEPDIR)/tests.Po

+@AMDEP_TRUE@	./$(DEPDIR)/session.Po ./$(DEPDIR)/tcpserver.Po \

+@AMDEP_TRUE@	./$(DEPDIR)/tests.Po

 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \

 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)

 LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) \

@@ -245,6 +249,7 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scanner.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server-proc.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server-th.Po@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/session.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tcpserver.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tests.Po@am__quote@

@@ -207,10 +207,10 @@ void clamd(struct optstruct *opt)

     else

 	ret = localserver(opt, copt, root);

-    cli_dbgmsg("*server ended; result=%d\n", ret);

+    printf("server ended; result=%d\n", ret);

     logg_close();

     freecfg(copt);

-    cli_dbgmsg("*free() copt\n");

+    printf("free() copt\n");

 }

@@ -219,7 +219,7 @@ void help(void)

     printf("\n");

     printf("                           Clam AntiVirus Daemon "VERSION"\n");

-    printf("                 (c) 2002, 2003 Tomasz Kojm <tkojm@clamav.net>\n\n");

+    printf("                 (C) 2002 - 2004 Tomasz Kojm <tkojm@clamav.net>\n\n");

     printf("    --help                   -h             Show this help.\n");

     printf("    --version                -V             Show version number.\n");

@@ -61,7 +61,6 @@ void *clamukoth(void *arg)

 	const struct cfgstruct *pt;

 	short int scan;

 	int sizelimit = 0, options = 0;

-	int maxwait = CL_DEFAULT_MAXWHILEWAIT;

 	struct stat sb;

@@ -43,8 +43,6 @@

 #define CMD6 "CONTSCAN"

 #define CMD7 "VERSION"

 #define CMD8 "STREAM"

-#define CMD9 "STREAM2"

-

 int procscan(const char *name, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, short contscan)

 {

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2002, 2003 Tomasz Kojm <zolw@konarski.edu.pl>

+ *  Copyright (C) 2002 - 2004 Tomasz Kojm <tkojm@clamav.net>

  *

  *  This program is free software; you can redistribute it and/or modify

  *  it under the terms of the GNU General Public License as published by

@@ -33,85 +33,41 @@

 #include "server.h"

 #include "clamuko.h"

 #include "tests.h"

-

-#define THREXIT					    \

-    close(ths[tharg->sid].desc);		    \

-    ths[tharg->sid].active = 0;			    \

-    /* this mutex is rather useless */		    \

-    /* pthread_mutex_unlock(&ths[tharg->sid].mutex);   */ \

-    free(tharg);				    \

-    return NULL

-

-#define CMD1 "SCAN"

-#define CMD2 "RAWSCAN"

-#define CMD3 "QUIT"

-#define CMD4 "RELOAD"

-#define CMD5 "PING"

-#define CMD6 "CONTSCAN"

-#define CMD7 "VERSION"

-#define CMD8 "STREAM"

-#define CMD9 "STREAM2"

+#include "session.h"

 #ifdef CLAMUKO

 pthread_t clamukoid;

 #endif

+

 void *threadscanner(void *arg)

 {

 	struct thrarg *tharg = (struct thrarg *) arg;

-	char buff[32769];

 	sigset_t sigset;

-	int bread, options;

-

+	int ret;

     /* ignore all signals */

     sigfillset(&sigset);

     pthread_sigmask(SIG_SETMASK, &sigset, NULL);

-    if((bread = read(ths[tharg->sid].desc, buff, 1024)) == -1) {

-	logg("!Session(%d): read() failed.\n", tharg->sid);

-	THREXIT;

-    }

-

-    buff[bread] = 0;

-    chomp(buff);

-

-    if(!strncmp(buff, CMD1, strlen(CMD1))) { /* SCAN */

-	scan(buff + strlen(CMD1) + 1, NULL, tharg->root, tharg->limits, tharg->options, tharg->copt, ths[tharg->sid].desc, 0);

-

-    } else if(!strncmp(buff, CMD2, strlen(CMD2))) { /* RAWSCAN */

-	options = tharg->options & ~CL_ARCHIVE;

-	scan(buff + strlen(CMD2) + 1, NULL, tharg->root, NULL, options, tharg->copt, ths[tharg->sid].desc, 0);

-

-    } else if(!strncmp(buff, CMD3, strlen(CMD3))) { /* QUIT */

-	if(!progexit) {

-	    /* was: kill(progpid, SIGTERM);

-	     * Now we break out of the loop to clean up resources

-	     * thomas@in-online.net 20031201 */

-	    progexit=1;

-	}

-

-    } else if(!strncmp(buff, CMD4, strlen(CMD4))) { /* RELOAD */

-	mdprintf(ths[tharg->sid].desc, "RELOADING\n");

-	reload = 1;

-

-    } else if(!strncmp(buff, CMD5, strlen(CMD5))) { /* PING */

-	mdprintf(ths[tharg->sid].desc, "PONG\n");

-

-    } else if(!strncmp(buff, CMD6, strlen(CMD6))) { /* CONTSCAN */

-	scan(buff + strlen(CMD6) + 1, NULL, tharg->root, tharg->limits, tharg->options, tharg->copt, ths[tharg->sid].desc, 1);

+    ret = command(ths[tharg->sid].desc, tharg->root, tharg->limits, tharg->options, tharg->copt);

-    } else if(!strncmp(buff, CMD7, strlen(CMD7))) { /* VERSION */

-	mdprintf(ths[tharg->sid].desc, "clamd / ClamAV version "VERSION"\n");

+    switch(ret) {

+	case COMMAND_QUIT:

+	    progexit = 1;

+	    break;

-    } else if(!strncmp(buff, CMD8, strlen(CMD8))) { /* STREAM */

-	scanstream(ths[tharg->sid].desc, NULL, tharg->root, tharg->limits, tharg->options, tharg->copt);

+	case COMMAND_RELOAD:

+	    reload = 1;

+	    break;

     }

-    /* else if(!strncmp(buff, CMD9, strlen(CMD9))) {

-	scanstream2(ths[tharg->sid].desc, NULL, tharg->root, tharg->limits, tharg->options, tharg->copt);

-    }*/

-    THREXIT;

+    close(ths[tharg->sid].desc);

+    ths[tharg->sid].active = 0;

+    /* this mutex is rather useless */

+    /* pthread_mutex_unlock(&ths[tharg->sid].mutex); */

+    free(tharg);

+    return NULL;

 }

 /* this function takes care for threads, exit and various checks */

@@ -186,7 +142,7 @@ void *threadwatcher(void *arg)

 		close(ths[i].desc);

 		logg("Session %d stopped due to timeout.\n", i);

 		ths[i].active = 0;

-//		pthread_mutex_unlock(&ths[i].mutex);

+		/* pthread_mutex_unlock(&ths[i].mutex); */

 	    }

 	/* cancel all threads in case of quit */

@@ -212,7 +168,7 @@ void *threadwatcher(void *arg)

 		    mdprintf(ths[j].desc, "Session(%d): Stopped (exiting)\n", j);

 		    close(ths[j].desc);

 		    logg("Session %d stopped (exiting).\n", j);

-//		    pthread_mutex_unlock(&ths[j].mutex);

+		    /* pthread_mutex_unlock(&ths[j].mutex); */

 		}

 #ifndef C_BSD

 	    logg("*Freeing trie structure.\n");

new file mode 100644

@@ -0,0 +1,129 @@

+/*

+ *  Copyright (C) 2002 - 2004 Tomasz Kojm <tkojm@clamav.net>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License as published by

+ *  the Free Software Foundation; either version 2 of the License, or

+ *  (at your option) any later version.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

+ */

+

+#include <stdio.h>

+#include <stdlib.h>

+#include <string.h>

+#include <unistd.h>

+#include <sys/types.h>

+#include <sys/socket.h>

+#include <pthread.h>

+#include <time.h>

+#include <signal.h>

+

+#include "cfgfile.h"

+#include "others.h"

+#include "defaults.h"

+#include "scanner.h"

+#include "server.h"

+#include "clamuko.h"

+#include "tests.h"

+#include "session.h"

+

+#define CMD1 "SCAN"

+#define CMD2 "RAWSCAN"

+#define CMD3 "QUIT" /* deprecated */

+#define CMD4 "RELOAD"

+#define CMD5 "PING"

+#define CMD6 "CONTSCAN"

+#define CMD7 "VERSION"

+#define CMD8 "STREAM"

+#define CMD9 "SESSION"

+#define CMD10 "END"

+#define CMD11 "SHUTDOWN"

+

+

+int command(int desc, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt)

+{

+	char buff[1025];

+	int bread, opt, ret;

+

+

+    if((bread = read(desc, buff, 1024)) == -1) {

+	logg("!Command parser: read() failed.\n");

+	/* at least try to display this error message */

+	mdprintf(desc, "ERROR: Command parser: read() failed.\n");

+	return -1;

+    }

+

+    buff[bread] = 0;

+    chomp(buff);

+

+    if(!strncmp(buff, CMD1, strlen(CMD1))) { /* SCAN */

+	scan(buff + strlen(CMD1) + 1, NULL, root, limits, options, copt, desc, 0);

+

+    } else if(!strncmp(buff, CMD2, strlen(CMD2))) { /* RAWSCAN */

+	opt = options & ~CL_ARCHIVE;

+	scan(buff + strlen(CMD2) + 1, NULL, root, NULL, opt, copt, desc, 0);

+

+    } else if(!strncmp(buff, CMD3, strlen(CMD3))) { /* QUIT */

+	return COMMAND_QUIT;

+

+    } else if(!strncmp(buff, CMD4, strlen(CMD4))) { /* RELOAD */

+	mdprintf(desc, "RELOADING\n");

+	return COMMAND_RELOAD;

+

+    } else if(!strncmp(buff, CMD5, strlen(CMD5))) { /* PING */

+	mdprintf(desc, "PONG\n");

+

+    } else if(!strncmp(buff, CMD6, strlen(CMD6))) { /* CONTSCAN */

+	scan(buff + strlen(CMD6) + 1, NULL, root, limits, options, copt, desc, 1);

+

+    } else if(!strncmp(buff, CMD7, strlen(CMD7))) { /* VERSION */

+	mdprintf(desc, "clamd / ClamAV version "VERSION"\n");

+

+    } else if(!strncmp(buff, CMD8, strlen(CMD8))) { /* STREAM */

+	scanstream(desc, NULL, root, limits, options, copt);

+

+    } else if(!strncmp(buff, CMD9, strlen(CMD9))) { /* SESSION */

+	do {

+	    ret = command(desc, root, limits, options, copt);

+	} while(!ret);

+

+	switch(ret) {

+	    case COMMAND_QUIT:

+		mdprintf(desc, "SESSION TERMINATED (SHUTDOWN)\n");

+		break;

+

+	    case COMMAND_RELOAD:

+		mdprintf(desc, "SESSION TERMINATED (DATABASE RELOADING)\n");

+		break;

+

+	    case COMMAND_END:

+		mdprintf(desc, "BYE\n");

+		break;

+

+	    default:

+		mdprintf(desc, "SESSION TERMINATED (INTERNAL ERROR)\n");

+		break;

+	}

+

+	return ret;

+

+    } else if(!strncmp(buff, CMD10, strlen(CMD10))) { /* END */

+	return COMMAND_END;

+

+    } else if(!strncmp(buff, CMD11, strlen(CMD11))) { /* SHUTDOWN */

+	return COMMAND_QUIT;

+

+    } else {

+	mdprintf(desc, "UNKNOWN COMMAND\n");

+    }

+

+    return 0; /* no error and no 'special' command executed */

+}

new file mode 100644

@@ -0,0 +1,31 @@

+/*

+ *  Copyright (C) 2002 - 2004 Tomasz Kojm <tkojm@clamav.net>

+ *

+ *  This program is free software; you can redistribute it and/or modify

+ *  it under the terms of the GNU General Public License as published by

+ *  the Free Software Foundation; either version 2 of the License, or

+ *  (at your option) any later version.

+ *

+ *  This program is distributed in the hope that it will be useful,

+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of

+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ *  GNU General Public License for more details.

+ *

+ *  You should have received a copy of the GNU General Public License

+ *  along with this program; if not, write to the Free Software

+ *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

+ */

+

+#ifndef __SESSION_H

+#define __SESSION_H

+

+#define COMMAND_QUIT 1

+#define COMMAND_RELOAD 2

+#define COMMAND_END 3

+

+#include <clamav.h>

+#include "cfgfile.h"

+

+int command(int desc, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt);

+

+#endif