Browse code

Support version verification through DNS

git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@777 77e5149b-7576-45b1-b177-96237e5ba77b

Tomasz Kojm authored on 2004/08/22 09:26:52
Showing 13 changed files
... ...
@@ -1,3 +1,9 @@
1
+Sun Aug 22 02:07:13 CEST 2004 (tk)
2
+----------------------------------
3
+  * freshclam: Support version verification through DNS (DNSDatabaseInfo).
4
+	       Based on idea by Christopher X. Candreva <chris*westnet.com>,
5
+	       see http://www.gossamer-threads.com/lists/clamav/users/11102
6
+
1 7
 Sat Aug 21 14:07:47 CEST 2004 (acab)
2 8
 ------------------------------------
3 9
   * libclamav/pe.c: Added support for FSG 1.3
... ...
@@ -46,7 +46,7 @@ while test $# -gt 0; do
46 46
 	;;
47 47
 
48 48
     --version)
49
-	echo devel-20040817
49
+	echo devel-20040821
50 50
 	exit 0
51 51
 	;;
52 52
 
... ...
@@ -59,7 +59,7 @@ while test $# -gt 0; do
59 59
        	;;
60 60
 
61 61
     --libs)
62
-       	echo -L${exec_prefix}/lib  -lz -lbz2 -lgmp -L/usr/lib -lcurl -lssl -lcrypto -ldl -lssl -lcrypto -ldl -lz -lpthread
62
+       	echo -L${exec_prefix}/lib  -lz -lgmp -L/usr/lib -lcurl -lssl -lcrypto -ldl -lssl -lcrypto -ldl -lz -lpthread
63 63
        	;;
64 64
 
65 65
     *)
... ...
@@ -75,9 +75,6 @@
75 75
 /* "attrib packed" */
76 76
 #undef HAVE_ATTRIB_PACKED
77 77
 
78
-/* have bzip2 */
79
-#undef HAVE_BZLIB_H
80
-
81 78
 /* Define to 1 if you have the <dlfcn.h> header file. */
82 79
 #undef HAVE_DLFCN_H
83 80
 
... ...
@@ -144,6 +141,9 @@
144 144
 /* Define to 1 if you have the <regex.h> header file. */
145 145
 #undef HAVE_REGEX_H
146 146
 
147
+/* have resolv.h */
148
+#undef HAVE_RESOLV_H
149
+
147 150
 /* Define to 1 if you have the `setgroups' function. */
148 151
 #undef HAVE_SETGROUPS
149 152
 
... ...
@@ -207,9 +207,6 @@
207 207
 /* zlib installed */
208 208
 #undef HAVE_ZLIB_H
209 209
 
210
-/* bzip funtions do not have bz2 prefix */
211
-#undef NOBZ2PREFIX
212
-
213 210
 /* "no fd_set" */
214 211
 #undef NO_FD_SET
215 212
 
... ...
@@ -1016,6 +1016,7 @@ Optional Features:
1016 1016
   --enable-fast-install=PKGS  optimize for fast installation default=yes
1017 1017
   --disable-libtool-lock  avoid locking (might break parallel builds)
1018 1018
   --disable-bzip2	  Disable bzip2 support.
1019
+  --disable-dns	  Disable support for database verification with DNS
1019 1020
   --disable-clamuko	  Disable clamuko support (Linux and FreeBSD only)
1020 1021
   --enable-milter	  Build clamav-milter
1021 1022
   --disable-dsig	  Disable digital signature support.
... ...
@@ -5015,7 +5016,7 @@ test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
5015 5015
 case $host in
5016 5016
 *-*-irix6*)
5017 5017
   # Find out which ABI we are using.
5018
-  echo '#line 5018 "configure"' > conftest.$ac_ext
5018
+  echo '#line 5019 "configure"' > conftest.$ac_ext
5019 5019
   if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
5020 5020
   (eval $ac_compile) 2>&5
5021 5021
   ac_status=$?
... ...
@@ -5588,7 +5589,7 @@ chmod -w .
5588 5588
 save_CFLAGS="$CFLAGS"
5589 5589
 CFLAGS="$CFLAGS -o out/conftest2.$ac_objext"
5590 5590
 compiler_c_o=no
5591
-if { (eval echo configure:5591: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>out/conftest.err; } && test -s out/conftest2.$ac_objext; then
5591
+if { (eval echo configure:5592: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>out/conftest.err; } && test -s out/conftest2.$ac_objext; then
5592 5592
   # The compiler can only warn and ignore the option if not recognized
5593 5593
   # So say no if there are warnings
5594 5594
   if test -s out/conftest.err; then
... ...
@@ -7515,7 +7516,7 @@ else
7515 7515
     lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
7516 7516
   lt_status=$lt_dlunknown
7517 7517
   cat > conftest.$ac_ext <<EOF
7518
-#line 7518 "configure"
7518
+#line 7519 "configure"
7519 7519
 #include "confdefs.h"
7520 7520
 
7521 7521
 #if HAVE_DLFCN_H
... ...
@@ -7613,7 +7614,7 @@ else
7613 7613
     lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
7614 7614
   lt_status=$lt_dlunknown
7615 7615
   cat > conftest.$ac_ext <<EOF
7616
-#line 7616 "configure"
7616
+#line 7617 "configure"
7617 7617
 #include "confdefs.h"
7618 7618
 
7619 7619
 #if HAVE_DLFCN_H
... ...
@@ -10313,91 +10314,27 @@ if test "${enable_bzip2+set}" = set; then
10313 10313
   want_bzip2="no"
10314 10314
 fi;
10315 10315
 
10316
-if test "$want_bzip2" = "yes"
10317
-then
10318
-    echo "$as_me:$LINENO: checking for bzReadOpen in -lbz2" >&5
10319
-echo $ECHO_N "checking for bzReadOpen in -lbz2... $ECHO_C" >&6
10320
-if test "${ac_cv_lib_bz2_bzReadOpen+set}" = set; then
10321
-  echo $ECHO_N "(cached) $ECHO_C" >&6
10322
-else
10323
-  ac_check_lib_save_LIBS=$LIBS
10324
-LIBS="-lbz2  $LIBS"
10325
-cat >conftest.$ac_ext <<_ACEOF
10326
-/* confdefs.h.  */
10327
-_ACEOF
10328
-cat confdefs.h >>conftest.$ac_ext
10329
-cat >>conftest.$ac_ext <<_ACEOF
10330
-/* end confdefs.h.  */
10331
-
10332
-/* Override any gcc2 internal prototype to avoid an error.  */
10333
-#ifdef __cplusplus
10334
-extern "C"
10335
-#endif
10336
-/* We use char because int might match the return type of a gcc2
10337
-   builtin and then its argument prototype would still apply.  */
10338
-char bzReadOpen ();
10339
-int
10340
-main ()
10341
-{
10342
-bzReadOpen ();
10343
-  ;
10344
-  return 0;
10345
-}
10346
-_ACEOF
10347
-rm -f conftest.$ac_objext conftest$ac_exeext
10348
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
10349
-  (eval $ac_link) 2>conftest.er1
10350
-  ac_status=$?
10351
-  grep -v '^ *+' conftest.er1 >conftest.err
10352
-  rm -f conftest.er1
10353
-  cat conftest.err >&5
10354
-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
10355
-  (exit $ac_status); } &&
10356
-	 { ac_try='test -z "$ac_c_werror_flag"			 || test ! -s conftest.err'
10357
-  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
10358
-  (eval $ac_try) 2>&5
10359
-  ac_status=$?
10360
-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
10361
-  (exit $ac_status); }; } &&
10362
-	 { ac_try='test -s conftest$ac_exeext'
10363
-  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
10364
-  (eval $ac_try) 2>&5
10365
-  ac_status=$?
10366
-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
10367
-  (exit $ac_status); }; }; then
10368
-  ac_cv_lib_bz2_bzReadOpen=yes
10369
-else
10370
-  echo "$as_me: failed program was:" >&5
10371
-sed 's/^/| /' conftest.$ac_ext >&5
10372
-
10373
-ac_cv_lib_bz2_bzReadOpen=no
10374
-fi
10375
-rm -f conftest.err conftest.$ac_objext \
10376
-      conftest$ac_exeext conftest.$ac_ext
10377
-LIBS=$ac_check_lib_save_LIBS
10378
-fi
10379
-echo "$as_me:$LINENO: result: $ac_cv_lib_bz2_bzReadOpen" >&5
10380
-echo "${ECHO_T}$ac_cv_lib_bz2_bzReadOpen" >&6
10381
-if test $ac_cv_lib_bz2_bzReadOpen = yes; then
10382
-
10383
-cat >>confdefs.h <<\_ACEOF
10384
-#define NOBZ2PREFIX 1
10385
-_ACEOF
10386
-
10387
-fi
10316
+want_dns="yes"
10317
+# Check whether --enable-dns or --disable-dns was given.
10318
+if test "${enable_dns+set}" = set; then
10319
+  enableval="$enable_dns"
10320
+  want_dns="no"
10321
+fi;
10388 10322
 
10389
-    if test "${ac_cv_header_bzlib_h+set}" = set; then
10390
-  echo "$as_me:$LINENO: checking for bzlib.h" >&5
10391
-echo $ECHO_N "checking for bzlib.h... $ECHO_C" >&6
10392
-if test "${ac_cv_header_bzlib_h+set}" = set; then
10323
+if test "$want_dns" = "yes"
10324
+then
10325
+    if test "${ac_cv_header_resolv_h+set}" = set; then
10326
+  echo "$as_me:$LINENO: checking for resolv.h" >&5
10327
+echo $ECHO_N "checking for resolv.h... $ECHO_C" >&6
10328
+if test "${ac_cv_header_resolv_h+set}" = set; then
10393 10329
   echo $ECHO_N "(cached) $ECHO_C" >&6
10394 10330
 fi
10395
-echo "$as_me:$LINENO: result: $ac_cv_header_bzlib_h" >&5
10396
-echo "${ECHO_T}$ac_cv_header_bzlib_h" >&6
10331
+echo "$as_me:$LINENO: result: $ac_cv_header_resolv_h" >&5
10332
+echo "${ECHO_T}$ac_cv_header_resolv_h" >&6
10397 10333
 else
10398 10334
   # Is the header compilable?
10399
-echo "$as_me:$LINENO: checking bzlib.h usability" >&5
10400
-echo $ECHO_N "checking bzlib.h usability... $ECHO_C" >&6
10335
+echo "$as_me:$LINENO: checking resolv.h usability" >&5
10336
+echo $ECHO_N "checking resolv.h usability... $ECHO_C" >&6
10401 10337
 cat >conftest.$ac_ext <<_ACEOF
10402 10338
 /* confdefs.h.  */
10403 10339
 _ACEOF
... ...
@@ -10405,7 +10342,7 @@ cat confdefs.h >>conftest.$ac_ext
10405 10405
 cat >>conftest.$ac_ext <<_ACEOF
10406 10406
 /* end confdefs.h.  */
10407 10407
 $ac_includes_default
10408
-#include <bzlib.h>
10408
+#include <resolv.h>
10409 10409
 _ACEOF
10410 10410
 rm -f conftest.$ac_objext
10411 10411
 if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
... ...
@@ -10440,15 +10377,15 @@ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
10440 10440
 echo "${ECHO_T}$ac_header_compiler" >&6
10441 10441
 
10442 10442
 # Is the header present?
10443
-echo "$as_me:$LINENO: checking bzlib.h presence" >&5
10444
-echo $ECHO_N "checking bzlib.h presence... $ECHO_C" >&6
10443
+echo "$as_me:$LINENO: checking resolv.h presence" >&5
10444
+echo $ECHO_N "checking resolv.h presence... $ECHO_C" >&6
10445 10445
 cat >conftest.$ac_ext <<_ACEOF
10446 10446
 /* confdefs.h.  */
10447 10447
 _ACEOF
10448 10448
 cat confdefs.h >>conftest.$ac_ext
10449 10449
 cat >>conftest.$ac_ext <<_ACEOF
10450 10450
 /* end confdefs.h.  */
10451
-#include <bzlib.h>
10451
+#include <resolv.h>
10452 10452
 _ACEOF
10453 10453
 if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
10454 10454
   (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
... ...
@@ -10482,25 +10419,25 @@ echo "${ECHO_T}$ac_header_preproc" >&6
10482 10482
 # So?  What about this header?
10483 10483
 case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
10484 10484
   yes:no: )
10485
-    { echo "$as_me:$LINENO: WARNING: bzlib.h: accepted by the compiler, rejected by the preprocessor!" >&5
10486
-echo "$as_me: WARNING: bzlib.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
10487
-    { echo "$as_me:$LINENO: WARNING: bzlib.h: proceeding with the compiler's result" >&5
10488
-echo "$as_me: WARNING: bzlib.h: proceeding with the compiler's result" >&2;}
10485
+    { echo "$as_me:$LINENO: WARNING: resolv.h: accepted by the compiler, rejected by the preprocessor!" >&5
10486
+echo "$as_me: WARNING: resolv.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
10487
+    { echo "$as_me:$LINENO: WARNING: resolv.h: proceeding with the compiler's result" >&5
10488
+echo "$as_me: WARNING: resolv.h: proceeding with the compiler's result" >&2;}
10489 10489
     ac_header_preproc=yes
10490 10490
     ;;
10491 10491
   no:yes:* )
10492
-    { echo "$as_me:$LINENO: WARNING: bzlib.h: present but cannot be compiled" >&5
10493
-echo "$as_me: WARNING: bzlib.h: present but cannot be compiled" >&2;}
10494
-    { echo "$as_me:$LINENO: WARNING: bzlib.h:     check for missing prerequisite headers?" >&5
10495
-echo "$as_me: WARNING: bzlib.h:     check for missing prerequisite headers?" >&2;}
10496
-    { echo "$as_me:$LINENO: WARNING: bzlib.h: see the Autoconf documentation" >&5
10497
-echo "$as_me: WARNING: bzlib.h: see the Autoconf documentation" >&2;}
10498
-    { echo "$as_me:$LINENO: WARNING: bzlib.h:     section \"Present But Cannot Be Compiled\"" >&5
10499
-echo "$as_me: WARNING: bzlib.h:     section \"Present But Cannot Be Compiled\"" >&2;}
10500
-    { echo "$as_me:$LINENO: WARNING: bzlib.h: proceeding with the preprocessor's result" >&5
10501
-echo "$as_me: WARNING: bzlib.h: proceeding with the preprocessor's result" >&2;}
10502
-    { echo "$as_me:$LINENO: WARNING: bzlib.h: in the future, the compiler will take precedence" >&5
10503
-echo "$as_me: WARNING: bzlib.h: in the future, the compiler will take precedence" >&2;}
10492
+    { echo "$as_me:$LINENO: WARNING: resolv.h: present but cannot be compiled" >&5
10493
+echo "$as_me: WARNING: resolv.h: present but cannot be compiled" >&2;}
10494
+    { echo "$as_me:$LINENO: WARNING: resolv.h:     check for missing prerequisite headers?" >&5
10495
+echo "$as_me: WARNING: resolv.h:     check for missing prerequisite headers?" >&2;}
10496
+    { echo "$as_me:$LINENO: WARNING: resolv.h: see the Autoconf documentation" >&5
10497
+echo "$as_me: WARNING: resolv.h: see the Autoconf documentation" >&2;}
10498
+    { echo "$as_me:$LINENO: WARNING: resolv.h:     section \"Present But Cannot Be Compiled\"" >&5
10499
+echo "$as_me: WARNING: resolv.h:     section \"Present But Cannot Be Compiled\"" >&2;}
10500
+    { echo "$as_me:$LINENO: WARNING: resolv.h: proceeding with the preprocessor's result" >&5
10501
+echo "$as_me: WARNING: resolv.h: proceeding with the preprocessor's result" >&2;}
10502
+    { echo "$as_me:$LINENO: WARNING: resolv.h: in the future, the compiler will take precedence" >&5
10503
+echo "$as_me: WARNING: resolv.h: in the future, the compiler will take precedence" >&2;}
10504 10504
     (
10505 10505
       cat <<\_ASBOX
10506 10506
 ## ------------------------------------------ ##
... ...
@@ -10511,26 +10448,26 @@ _ASBOX
10511 10511
       sed "s/^/$as_me: WARNING:     /" >&2
10512 10512
     ;;
10513 10513
 esac
10514
-echo "$as_me:$LINENO: checking for bzlib.h" >&5
10515
-echo $ECHO_N "checking for bzlib.h... $ECHO_C" >&6
10516
-if test "${ac_cv_header_bzlib_h+set}" = set; then
10514
+echo "$as_me:$LINENO: checking for resolv.h" >&5
10515
+echo $ECHO_N "checking for resolv.h... $ECHO_C" >&6
10516
+if test "${ac_cv_header_resolv_h+set}" = set; then
10517 10517
   echo $ECHO_N "(cached) $ECHO_C" >&6
10518 10518
 else
10519
-  ac_cv_header_bzlib_h=$ac_header_preproc
10519
+  ac_cv_header_resolv_h=$ac_header_preproc
10520 10520
 fi
10521
-echo "$as_me:$LINENO: result: $ac_cv_header_bzlib_h" >&5
10522
-echo "${ECHO_T}$ac_cv_header_bzlib_h" >&6
10521
+echo "$as_me:$LINENO: result: $ac_cv_header_resolv_h" >&5
10522
+echo "${ECHO_T}$ac_cv_header_resolv_h" >&6
10523 10523
 
10524 10524
 fi
10525
-if test $ac_cv_header_bzlib_h = yes; then
10526
-  LIBCLAMAV_LIBS="$LIBCLAMAV_LIBS -lbz2";
10525
+if test $ac_cv_header_resolv_h = yes; then
10526
+  FRESHCLAM_LIBS="$FRESHCLAM_LIBS -lresolv";
10527 10527
 cat >>confdefs.h <<\_ACEOF
10528
-#define HAVE_BZLIB_H 1
10528
+#define HAVE_RESOLV_H 1
10529 10529
 _ACEOF
10530 10530
 
10531 10531
 else
10532
-  { echo "$as_me:$LINENO: WARNING: ****** bzip2 support disabled" >&5
10533
-echo "$as_me: WARNING: ****** bzip2 support disabled" >&2;}
10532
+  { echo "$as_me:$LINENO: WARNING: ****** DNS support disabled" >&5
10533
+echo "$as_me: WARNING: ****** DNS support disabled" >&2;}
10534 10534
 fi
10535 10535
 
10536 10536
 
... ...
@@ -79,10 +79,14 @@ AC_ARG_ENABLE(bzip2,
79 79
 [  --disable-bzip2	  Disable bzip2 support.],
80 80
 want_bzip2="no",)
81 81
 
82
-if test "$want_bzip2" = "yes"
82
+want_dns="yes"
83
+AC_ARG_ENABLE(dns,
84
+[  --disable-dns	  Disable support for database verification with DNS],
85
+want_dns="no",)
86
+
87
+if test "$want_dns" = "yes"
83 88
 then
84
-    AC_CHECK_LIB(bz2, bzReadOpen, AC_DEFINE(NOBZ2PREFIX,1,bzip funtions do not have bz2 prefix),)
85
-    AC_CHECK_HEADER(bzlib.h,[LIBCLAMAV_LIBS="$LIBCLAMAV_LIBS -lbz2"; AC_DEFINE(HAVE_BZLIB_H,1,have bzip2)], AC_MSG_WARN([****** bzip2 support disabled]))
89
+    AC_CHECK_HEADER(resolv.h,[FRESHCLAM_LIBS="$FRESHCLAM_LIBS -lresolv"; AC_DEFINE(HAVE_RESOLV_H,1,have resolv.h)], AC_MSG_WARN([****** DNS support disabled]))
86 90
 fi
87 91
 
88 92
 want_clamuko="yes"
... ...
@@ -28,6 +28,9 @@
28 28
 # switches to the "clamav" user. You can change this behaviour here.
29 29
 #DatabaseOwner clamav
30 30
 
31
+# Use DNS to verify virus database version.
32
+#DNSDatabaseInfo current.cvd.clamav.net
33
+
31 34
 # The main database mirror is database.clamav.net (this is a round-robin
32 35
 # DNS that points to many mirrors on the world) and in most cases you
33 36
 # SHOULD NOT change it.
... ...
@@ -35,7 +35,9 @@ freshclam_SOURCES = \
35 35
     manager.h \
36 36
     defaults.h \
37 37
     notify.c \
38
-    notify.h
38
+    notify.h \
39
+    dns.c \
40
+    dns.h
39 41
 
40 42
 
41 43
 DEFS = @DEFS@ -DCL_NOTHREADS
... ...
@@ -73,13 +73,14 @@ binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
73 73
 PROGRAMS = $(bin_PROGRAMS)
74 74
 am_freshclam_OBJECTS = output.$(OBJEXT) cfgparser.$(OBJEXT) \
75 75
 	getopt.$(OBJEXT) memory.$(OBJEXT) freshclam.$(OBJEXT) \
76
-	options.$(OBJEXT) manager.$(OBJEXT) notify.$(OBJEXT)
76
+	options.$(OBJEXT) manager.$(OBJEXT) notify.$(OBJEXT) \
77
+	dns.$(OBJEXT)
77 78
 freshclam_OBJECTS = $(am_freshclam_OBJECTS)
78 79
 freshclam_LDADD = $(LDADD)
79 80
 DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)
80 81
 depcomp = $(SHELL) $(top_srcdir)/depcomp
81 82
 am__depfiles_maybe = depfiles
82
-@AMDEP_TRUE@DEP_FILES = ./$(DEPDIR)/cfgparser.Po \
83
+@AMDEP_TRUE@DEP_FILES = ./$(DEPDIR)/cfgparser.Po ./$(DEPDIR)/dns.Po \
83 84
 @AMDEP_TRUE@	./$(DEPDIR)/freshclam.Po ./$(DEPDIR)/getopt.Po \
84 85
 @AMDEP_TRUE@	./$(DEPDIR)/manager.Po ./$(DEPDIR)/memory.Po \
85 86
 @AMDEP_TRUE@	./$(DEPDIR)/notify.Po ./$(DEPDIR)/options.Po \
... ...
@@ -221,7 +222,9 @@ freshclam_SOURCES = \
221 221
     manager.h \
222 222
     defaults.h \
223 223
     notify.c \
224
-    notify.h
224
+    notify.h \
225
+    dns.c \
226
+    dns.h
225 227
 
226 228
 INCLUDES = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav
227 229
 all: all-am
... ...
@@ -296,6 +299,7 @@ distclean-compile:
296 296
 	-rm -f *.tab.c
297 297
 
298 298
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cfgparser.Po@am__quote@
299
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dns.Po@am__quote@
299 300
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/freshclam.Po@am__quote@
300 301
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getopt.Po@am__quote@
301 302
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/manager.Po@am__quote@
302 303
new file mode 100644
... ...
@@ -0,0 +1,112 @@
0
+/*
1
+ *  Copyright (C) 2004 Tomasz Kojm <tkojm@clamav.net>
2
+ *
3
+ *  This program is free software; you can redistribute it and/or modify
4
+ *  it under the terms of the GNU General Public License as published by
5
+ *  the Free Software Foundation; either version 2 of the License, or
6
+ *  (at your option) any later version.
7
+ *
8
+ *  This program is distributed in the hope that it will be useful,
9
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
10
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
11
+ *  GNU General Public License for more details.
12
+ *
13
+ *  You should have received a copy of the GNU General Public License
14
+ *  along with this program; if not, write to the Free Software
15
+ *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
16
+ */
17
+
18
+#if HAVE_CONFIG_H
19
+#include "clamav-config.h"
20
+#endif
21
+
22
+#ifdef HAVE_RESOLV_H
23
+
24
+#include <string.h>
25
+#include <netinet/in.h>
26
+#include <arpa/nameser.h>
27
+#include <resolv.h>
28
+#include <sys/types.h>
29
+
30
+#include "memory.h"
31
+#include "output.h"
32
+
33
+#ifndef PACKETSZ
34
+#define PACKETSZ 512
35
+#endif
36
+
37
+char *txtquery(const char *domain, unsigned int *ttl)
38
+{
39
+	unsigned char answer[PACKETSZ], host[128], *pt, *txt;
40
+	int len, exp, cttl, size, txtlen, type;
41
+
42
+
43
+    if(res_init() < 0) {
44
+	mprintf("@res_init failed\n");
45
+	return NULL;
46
+    }
47
+
48
+    memset(answer, 0, PACKETSZ);
49
+    if((len = res_query(domain, C_IN, T_TXT, answer, PACKETSZ)) < 0) {
50
+	mprintf("@Can't query %s\n", domain);
51
+	return NULL;
52
+    }
53
+
54
+    pt = answer + sizeof(HEADER);
55
+
56
+    if((exp = dn_expand(answer, answer + len, pt, host, sizeof(host))) < 0) {
57
+	mprintf("@dn_expand failed\n");
58
+	return NULL;
59
+    }
60
+
61
+    pt += exp;
62
+
63
+    GETSHORT(type, pt);
64
+    if(type != T_TXT) {
65
+	mprintf("@Broken DNS reply.\n");
66
+	return NULL;
67
+    }
68
+
69
+    pt += INT16SZ; /* class */
70
+
71
+    if((exp = dn_expand(answer, answer + len, pt, host, sizeof(host))) < 0) {
72
+	mprintf("@second dn_expand failed\n");
73
+	return NULL;
74
+    }
75
+
76
+    pt += exp;
77
+    GETSHORT(type, pt);
78
+    if(type != T_TXT) {
79
+	mprintf("@Not a TXT record\n");
80
+	return NULL;
81
+    }
82
+
83
+    pt += INT16SZ; /* class */
84
+    GETLONG(cttl, pt);
85
+    *ttl = cttl;
86
+    GETSHORT(size, pt);
87
+    txtlen = *pt;
88
+
89
+    if(txtlen >= size || !txtlen) {
90
+	mprintf("@Broken TXT record (txtlen = %d, size = %d)\n", txtlen, size);
91
+	return NULL;
92
+    }
93
+
94
+    if(!(txt = mmalloc(txtlen + 1)))
95
+	return NULL;
96
+
97
+    pt++;
98
+    strncpy(txt, pt, txtlen);
99
+    txt[txtlen] = 0;
100
+
101
+    return txt;
102
+}
103
+
104
+#else
105
+
106
+char *txtquery(const char *domain, unsigned int *ttl)
107
+{
108
+    return NULL;
109
+}
110
+
111
+#endif
0 112
new file mode 100644
... ...
@@ -0,0 +1,24 @@
0
+/*
1
+ *  Copyright (C) 2004 Tomasz Kojm <tkojm@clamav.net>
2
+ *
3
+ *  This program is free software; you can redistribute it and/or modify
4
+ *  it under the terms of the GNU General Public License as published by
5
+ *  the Free Software Foundation; either version 2 of the License, or
6
+ *  (at your option) any later version.
7
+ *
8
+ *  This program is distributed in the hope that it will be useful,
9
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
10
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
11
+ *  GNU General Public License for more details.
12
+ *
13
+ *  You should have received a copy of the GNU General Public License
14
+ *  along with this program; if not, write to the Free Software
15
+ *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
16
+ */
17
+
18
+#ifndef __DNS_H
19
+#define __DNS_H
20
+
21
+char *txtquery(const char *domain, unsigned int *ttl);
22
+
23
+#endif
... ...
@@ -261,11 +261,18 @@ int freshclam(struct optstruct *opt)
261 261
 	    checks = CL_DEFAULT_CHECKS;
262 262
 	}
263 263
 
264
-	if(checks <= 0 || checks > 50) {
265
-	    mprintf("@Number of checks must be between 1 and 50.\n");
264
+	if(checks <= 0) {
265
+	    mprintf("@Number of checks must be a positive integer.\n");
266 266
 	    exit(41);
267 267
 	}
268 268
 
269
+	if(!cfgopt(copt, "DNSDatabaseInfo")) {
270
+	    if(checks > 50) {
271
+		mprintf("@Number of checks must be between 1 and 50.\n");
272
+		exit(41);
273
+	    }
274
+	}
275
+
269 276
 	bigsleep = 24 * 3600 / checks;
270 277
 	daemonize();
271 278
 	if (optc(opt, 'p')) {
... ...
@@ -46,6 +46,9 @@
46 46
 #include "memory.h"
47 47
 #include "output.h"
48 48
 #include "../libclamav/others.h"
49
+#include "../libclamav/str.h" /* cli_strtok */
50
+#include "dns.h"
51
+
49 52
 
50 53
 int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, const char *hostname)
51 54
 {
... ...
@@ -113,65 +116,121 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c
113 113
 	return 1;
114 114
 }
115 115
 
116
+static int isnumb(const char *str)
117
+{
118
+	int i;
119
+
120
+    for(i = 0; i < strlen(str); i++)
121
+	if(!isdigit(str[i]))
122
+	    return 0;
123
+
124
+    return 1;
125
+}
126
+
116 127
 int downloaddb(const char *localname, const char *remotename, const char *hostname, char *ip, int *signo, const struct cfgstruct *copt)
117 128
 {
118 129
 	struct cl_cvd *current, *remote;
119 130
 	struct cfgstruct *cpt;
120
-	int hostfd, nodb = 0, dbver = 0, ret, port = 0;
121
-	char  *tempname, ipaddr[16];
131
+	int hostfd, nodb = 0, dbver = -1, ret, port = 0, ttl;
132
+	char  *tempname, ipaddr[16], *dnsreply, *pt;
122 133
 	const char *proxy = NULL, *user = NULL, *pass = NULL;
123 134
 	int flevel = cl_retflevel();
124 135
 
136
+
125 137
     if((current = cl_cvdhead(localname)) == NULL)
126 138
 	nodb = 1;
127 139
 
128
-    if((cpt = cfgopt(copt, "HTTPProxyUsername"))) {
129
-	user = cpt->strarg;
130
-
131
-	if((cpt = cfgopt(copt, "HTTPProxyPassword"))) {
132
-	    pass = cpt->strarg;
133
-	} else {
134
-	    mprintf("HTTPProxyUsername requires HTTPProxyPassword\n");
135
-	    return 56;
140
+    if(!nodb && (cpt = cfgopt(copt, "DNSDatabaseInfo"))) {
141
+	if((dnsreply = txtquery(cpt->strarg, &ttl))) {
142
+		int field = 0;
143
+
144
+	    mprintf("*TTL: %d\n", ttl);
145
+
146
+	    if(!strcmp(remotename, "main.cvd")) {
147
+		field = 1;
148
+	    } else if(!strcmp(remotename, "daily.cvd")) {
149
+		field = 2;
150
+	    } else {
151
+		mprintf("WARNING: Unknown database name (%s) passed.\n", remotename);
152
+		logg("WARNING: Unknown database name (%s) passed.\n", remotename);
153
+	    }
154
+
155
+	    if(field && (pt = cli_strtok(dnsreply, field, ":"))) {
156
+		if(!isnumb(pt)) {
157
+		    mprintf("WARNING: Broken database version in TXT record.\n");
158
+		    logg("WARNING: Broken database version in TXT record.\n");
159
+		} else {
160
+		    dbver = atoi(pt);
161
+		    mprintf("*%s version from DNS: %d\n", remotename, dbver);
162
+		}
163
+		free(pt);
164
+	    } else {
165
+		mprintf("WARNING: Broken DNS reply.\n");
166
+		logg("WARNING: Broken DNS reply.\n");
167
+	    }
168
+
169
+	    free(dnsreply);
136 170
 	}
137 171
     }
138 172
 
139
-    /*
140
-     * njh@bandsman.co.uk: added proxy support. Tested using squid 2.4
141
-     */
173
+    /* Initialize proxy settings */
142 174
     if((cpt = cfgopt(copt, "HTTPProxyServer"))) {
143 175
 	proxy = cpt->strarg;
144 176
 	if(strncasecmp(proxy, "http://", 7) == 0)
145 177
 	    proxy += 7;
178
+
179
+	if((cpt = cfgopt(copt, "HTTPProxyUsername"))) {
180
+	    user = cpt->strarg;
181
+	    if((cpt = cfgopt(copt, "HTTPProxyPassword"))) {
182
+		pass = cpt->strarg;
183
+	    } else {
184
+		mprintf("HTTPProxyUsername requires HTTPProxyPassword\n");
185
+		if(current)
186
+		    cl_cvdfree(current);
187
+		return 56;
188
+	    }
189
+	}
190
+
191
+	if((cpt = cfgopt(copt, "HTTPProxyPort")))
192
+	    port = cpt->numarg;
193
+
146 194
 	mprintf("Connecting via %s\n", proxy);
147 195
     }
148 196
 
149
-    if((cpt = cfgopt(copt, "HTTPProxyPort")))
150
-	port = cpt->numarg;
197
+    memset(ipaddr, 0, sizeof(ipaddr));
151 198
 
152
-    if(ip[0])
153
-	hostfd = wwwconnect(ip, proxy, port, ipaddr); /* we use ip to connect */
154
-    else
155
-	hostfd = wwwconnect(hostname, proxy, port, ipaddr);
199
+    if(!nodb && dbver == -1) {
200
+	if(ip[0]) /* use ip to connect */
201
+	    hostfd = wwwconnect(ip, proxy, port, ipaddr);
202
+	else
203
+	    hostfd = wwwconnect(hostname, proxy, port, ipaddr);
204
+
205
+	if(hostfd < 0) {
206
+	    mprintf("@Connection with %s failed.\n", hostname);
207
+	    if(current)
208
+		cl_cvdfree(current);
209
+	    return 52;
210
+	} else {
211
+	    mprintf("*Connected to %s (%s).\n", hostname, ipaddr);
212
+	}
156 213
 
157
-    if(hostfd < 0) {
158
-	mprintf("@Connection with %s failed.\n", hostname);
159
-	return 52;
160
-    } else
161
-	mprintf("*Connected to %s (%s).\n", hostname, ipaddr);
214
+	if(!ip[0])
215
+	    strcpy(ip, ipaddr);
162 216
 
163
-    if(!ip[0])
164
-	strcpy(ip, ipaddr);
217
+	if(!(remote = remote_cvdhead(remotename, hostfd, hostname, proxy, user, pass))) {
218
+	    mprintf("@Can't read %s header from %s (%s)\n", remotename, hostname, ipaddr);
219
+	    close(hostfd);
220
+	    if(current)
221
+		cl_cvdfree(current);
222
+	    return 58;
223
+	}
165 224
 
166
-    if(!(remote = remote_cvdhead(remotename, hostfd, hostname, proxy, user, pass))) {
167
-	mprintf("@Can't read %s header from %s (%s)\n", remotename, hostname, ipaddr);
225
+	dbver = remote->version;
226
+	cl_cvdfree(remote);
168 227
 	close(hostfd);
169
-	return 58;
170 228
     }
171 229
 
172
-    *signo += remote->sigs; /* we need to do it just here */
173
-
174
-    if(current && (current->version >= remote->version)) {
230
+    if(!nodb && (current->version >= dbver)) {
175 231
 	mprintf("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);
176 232
 	logg("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);
177 233
 
... ...
@@ -183,37 +242,29 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna
183 183
 	    logg("WARNING: Current functionality level = %d, required = %d\n", flevel, current->fl);
184 184
 	}
185 185
 
186
-	close(hostfd);
187 186
 	cl_cvdfree(current);
188
-	cl_cvdfree(remote);
189 187
 	return 1;
190 188
     }
191 189
 
192
-    dbver = remote->version;
193
-    
194 190
     if(current)
195 191
 	cl_cvdfree(current);
196 192
 
197
-    cl_cvdfree(remote);
198
-
199
-    /* FIXME: We need to reconnect, because we may not be able to download
200
-     * the database. The problem doesn't exist with my local apache.
201
-     * Some code change is needed in get_md5_checksum().
202
-     */
203
-    /* begin bug work-around */
204
-    close(hostfd);
205
-    hostfd = wwwconnect(ipaddr, proxy, port, NULL); /* we use ipaddr to connect
206
-					       * to the same mirror
207
-					       */
193
+    if(ipaddr[0])
194
+	/* use ipaddr in order to connect to the same mirror */
195
+	hostfd = wwwconnect(ipaddr, proxy, port, NULL);
196
+    else
197
+	hostfd = wwwconnect(hostname, proxy, port, NULL);
208 198
 
209 199
     if(hostfd < 0) {
210
-	mprintf("@Connection with %s failed.\n", ipaddr);
200
+	if(ipaddr[0])
201
+	    mprintf("@Connection with %s failed.\n", ipaddr);
202
+	else
203
+	    mprintf("@Connection with %s failed.\n", hostname);
211 204
 	return 52;
212 205
     };
213
-    /* end */
214 206
 
215
-    /* temporary file is created in clamav's directory thus we don't need
216
-     * to create it immediately because race condition is not possible here
207
+    /* the temporary file is created in a directory owned by clamav so a race
208
+     * condition is not possible
217 209
      */
218 210
     tempname = cli_gentemp(".");
219 211
 
... ...
@@ -235,7 +286,7 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna
235 235
     }
236 236
 
237 237
     if((current = cl_cvdhead(tempname)) == NULL) {
238
-	mprintf("@Can't read CVD header of new %s database.\n", localname); /* we lie :) */
238
+	mprintf("@Can't read CVD header of new %s database.\n", localname);
239 239
 	unlink(tempname);
240 240
 	free(tempname);
241 241
 	return 54;
... ...
@@ -269,6 +320,7 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna
269 269
 	logg("WARNING: Current functionality level = %d, required = %d\n", flevel, current->fl);
270 270
     }
271 271
 
272
+    *signo += current->sigs;
272 273
     cl_cvdfree(current);
273 274
     free(tempname);
274 275
     return 0;
... ...
@@ -109,6 +109,7 @@ struct cfgstruct *parsecfg(const char *cfgfile, int messages)
109 109
 	    {"DatabaseOwner", OPT_STR}, /* freshclam */
110 110
 	    {"Checks", OPT_NUM}, /* freshclam */
111 111
 	    {"UpdateLogFile", OPT_STR}, /* freshclam */
112
+	    {"DNSDatabaseInfo", OPT_STR}, /* freshclam */
112 113
 	    {"DatabaseMirror", OPT_STR}, /* freshclam */
113 114
 	    {"MaxAttempts", OPT_NUM}, /* freshclam */
114 115
 	    {"HTTPProxyServer", OPT_STR}, /* freshclam */