@@ -1,3 +1,13 @@

+Thu Apr  7 17:38:53 BST 2005 (njh)

+----------------------------------

+  * clamav-milter:	Added installation notes about Solaris 10

+			Internal mode: print virus and error information on

+				stdout. This goes to LogFile when not in debug

+				mode.

+			Included patch by Andy Feldt <feldt at nhn.ou.edu> for

+				AIX 5.2. I do not have access to such a machine

+				so any feedback would be helpful

+

 Thu Apr  7 00:46:14 CEST 2005 (tk)

 ----------------------------------

   * libclamav/scanners.c: support ArchiveBlockMax in scan(g|b)zip()

@@ -1,4 +1,4 @@

-BUILD INSTRUCTIONS

+1. BUILD INSTRUCTIONS

 A makefile was supplied with this which should have built the program. If it

 fails please let us know, and here are some hints for building on different

@@ -72,7 +72,7 @@ Go to sendmail.org, download the lastest sendmail, cd to libmilter and

 Needs -lresolv on Solaris

-INSTALLATION

+2. INSTALLATION

 Install into /usr/local/sbin/clamav-milter.

@@ -89,12 +89,17 @@ If you see no output you MUST upgrade your sendmail.

 See http://www.nmt.edu/~wcolburn/sendmail-8.12.5/libmilter/docs/sample.html

+2.1 LINUX (RedHat, Fedora, YellowDog etc)

+

 Installations for RedHat Linux and it's derivatives such as YellowDog:

 	Ensure that you have the sendmail-devel RPM installed

 	Add to /etc/mail/sendmail.mc before the MAILER statement:

 	INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m')dnl

 	define(`confINPUT_MAIL_FILTERS', `clamav')

+	Note that the INPUT_MAIL_FILTER line must come before the

+		confINPUT_MAIL_FILTERS line

+

 	Check entry in /usr/local/etc/clamd.conf of the form:

 	LocalSocket /var/run/clamav/clamd.sock

@@ -111,9 +116,15 @@ Installations for RedHat Linux and it's derivatives such as YellowDog:

 	Where /var/run/spamass.sock is the location of the spamass-milt

 	socket file (on some systems it is in /var/run/sendmail/spamass.sock).

+2.2 LINUX (Debian)

+

 Installations for Debian Linux:

 	As above for RedHat, except that you need the libmilter-dev package:

 		apt-get install libmilter-dev

+	To use TCPwrappers you need to:

+		apt-get install libwrap0-dev

+

+2.3 FreeBSD

 Installations for FreeBSD5 (may be true for other BSDs)

 	Add to /etc/mail/freebsd.mc:

@@ -139,8 +150,9 @@ Installations for FreeBSD5 (may be true for other BSDs)

 FreeBSD5.3 sendmail comes without libmilter support. You can upgrade by

 	cd /usr/ports/mail/sendmail

 	make install

-This may overwrite your existing sendmail configuration, so ensure that you

-back up first.

+

+This may overwrite your existing sendmail configuration, so ensure

+that you back up first.

 You should have received a script to install into /etc/rc.d as /etc/rc.d/clamav

 with this software. Add to /etc/rc.conf:

@@ -148,6 +160,28 @@ with this software. Add to /etc/rc.conf:

 	clamav_milter_enable="YES"

 	clamav_milter_flags="--max-children=2 --dont-wait --timeout=0 -P local:/var/run/clamav/clamav.sock --pidfile=/var/run/clamav/clamav-milter.pid --quarantine-dir=/var/run/clamav/quarantine"

+2.4 Solaris 10

+

+Solaris 10 should install out of the box. Edit /etc/mail/cf/cf/main.mc adding

+the line:

+	INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m')dnl

+Then:

+	cp /etc/mail/cf/cf/main.cf /etc/mail/main.cf

+	/usr/local/sbin/clamav-milter  local:/var/run/clamav/clmilter.sock

+	mkdir /var/run/clamav

+	chown clamav /var/run/clamav	(if you use User clamav in clamd.conf)

+	chmod 700 /var/run/clamav

+

+You should have received a script to install into /etc/init.d as

+/etc/init.d/clamav-milter. Then:

+	

+	chmod 755 /etc/init.d/clamav-milter

+	ln -s /etc/init.d/clamav-milter /etc/rc2.d/S90clamav-milter

+	/etc/init.d/clamav-milter start

+	/etc/init.d/sendmail restart

+

+2.6 General Instalation Issues

+

 You may find INPUT_MAIL_FILTERS is not needed on your machine, however it

 is recommended by the Sendmail documentation and I recommend going along

 with that.

@@ -210,7 +244,7 @@ able to call sendmail, for example on a Fedora Linux system:

 To test that your clamAV system is now intercepting viruses, visit

 http://www.testvirus.org

-CHANGE HISTORY

+3. CHANGE HISTORY

 Changes

 0.2:	4/3/03	clamfi_abort() now always calls pthread_mutex_unlock

@@ -716,8 +750,14 @@ Changes

 				header set (e.g. mailing lists)

 			Use {mail_addr} if no From field is received

 0.84c	18/3/05:	Better handling of {mail_addr} / <>

+0.84d	6/4/05:		Internal mode: print virus and error information on

+				stdout. This goes to LogFile when not in debug

+				mode.

+			Included patch by Andy Feldt <feldt@nhn.ou.edu> for

+				AIX 5.2. I do not have access to such a machine

+				so any feedback would be helpful

-INTERNATIONALISATION

+4. INTERNATIONALISATION

 The .po file was created with the command

 	xgettext --msgid-bugs-address=bugs@clamav.net --copyright-holder=njh@bandsman.co.uk -L c -d clamav-milter -k_ clamav-milter.c

@@ -725,12 +765,12 @@ The .po file was created with the command

 If you're interested in helping to translate this program please drop the

 author an e-mail.

-BUG REPORTS

+5. BUG REPORTS

 Please send bug reports and/or comments to Nigel Horne <njh@despammed.com> or

 bugs@clamav.net.

-TODO

+6. TODO

 There are several ideas marked as TODO in the source code. If anyone has

 any other suggestions please feel free to contact me.

@@ -24,9 +24,9 @@

  *

  * For installation instructions see the file INSTALL that came with this file

  */

-static	char	const	rcsid[] = "$Id: clamav-milter.c,v 1.190 2005/03/28 08:15:41 nigelhorne Exp $";

+static	char	const	rcsid[] = "$Id: clamav-milter.c,v 1.191 2005/04/07 16:37:16 nigelhorne Exp $";

-#define	CM_VERSION	"0.84c"

+#define	CM_VERSION	"0.84d"

 #if HAVE_CONFIG_H

 #include "clamav-config.h"

@@ -105,6 +105,11 @@ int	deny_severity = LOG_NOTICE;

 #endif

+#ifndef	CL_DEBUG

+static	const	char	*logFile;

+static	int	logTime;

+#endif

+

 #if defined(CL_DEBUG) && defined(C_LINUX)

 #include <sys/resource.h>

 #endif

@@ -145,7 +150,6 @@ typedef	unsigned int	in_addr_t;

  *	to get messages on the system console, see syslog.conf(5), also you

  *	can use wall(1) in the VirusEvent entry in clamd.conf

  * TODO: build with libclamav.so rather than libclamav.a

- * TODO: Support LogTime and Logfile from the conf file

  * TODO: Warn if TCPAddr doesn't allow connection from us

  * TODO: Decide action (bounce, discard, reject etc.) based on the virus

  *	found. Those with faked addresses, such as SCO.A want discarding,

@@ -226,7 +230,7 @@ struct	privdata {

 };

 #ifdef	SESSION

-static	int		createSession(int s);

+static	int		createSession(unsigned int s);

 #else

 static	int		pingServer(int serverNumber);

 #endif

@@ -290,6 +294,9 @@ static	int	bflag = 0;	/*

 				 * send a failure (bounce) message to the

 				 * sender. This probably isn't a good idea

 				 * since most reply addresses will be fake

+				 *

+				 * TODO: Perhaps we can have an option to

+				 * bounce outgoing mail, but not incoming?

 				 */

 static	const	char	*iface;	/*

 				 * Broadcast a message when a virus is found,

@@ -448,6 +455,7 @@ static	void	print_trace(void);

 static	int	verifyIncomingSocketName(const char *sockName);

 static	int	isWhitelisted(const char *emailaddress);

+static	void	logger(const char *mess);

 static void

 help(void)

@@ -1220,7 +1228,7 @@ main(int argc, char **argv)

 		activeServers = numServers;

 		sessions = (struct session *)cli_calloc(max_children, sizeof(struct session));

-		for(i = 0; i < max_children; i++)

+		for(i = 0; i < (int)max_children; i++)

 			if(createSession(i) < 0)

 				return EX_UNAVAILABLE;

 		if(activeServers == 0) {

@@ -1251,6 +1259,8 @@ main(int argc, char **argv)

 			clamav_version = strdup(version);

 		}

 	} else {

+		unsigned int session;

+

 		/*

 		 * We need to know how many connections to establish to clamd

 		 */

@@ -1263,9 +1273,9 @@ main(int argc, char **argv)

 		if(clamav_versions == NULL)

 			return EX_TEMPFAIL;

-		for(i = 0; i < max_children; i++) {

-			clamav_versions[i] = strdup(version);

-			if(clamav_versions[i] == NULL)

+		for(session = 0; session < max_children; session++) {

+			clamav_versions[session] = strdup(version);

+			if(clamav_versions[session] == NULL)

 				return EX_TEMPFAIL;

 		}

 	}

@@ -1305,8 +1315,6 @@ main(int argc, char **argv)

 #ifdef	CL_DEBUG

 		printf(_("When debugging it is recommended that you use Foreground mode in %s\n"), cfgfile);

 		puts(_("\tso that you can see all of the messages"));

-#else

-		const char *logFile;

 #endif

 		switch(fork()) {

@@ -1342,7 +1350,9 @@ main(int argc, char **argv)

 		if((open(logFile, O_WRONLY|O_APPEND) == 1) ||

 		   (open("/dev/null", O_WRONLY) == 1))

 			dup(1);

-#endif

+		if(cfgopt(copt, "LogTime"))

+			logTime++;

+#endif	/*!CL_DEBUG*/

 #ifdef HAVE_SETPGRP

 #ifdef SETPGRP_VOID

@@ -1514,7 +1524,7 @@ main(int argc, char **argv)

  * The caller must take care of locking the sessions array

  */

 static int

-createSession(int s)

+createSession(unsigned int s)

 {

 	int ret = 0, fd;

 	struct sockaddr_in server;

@@ -1690,7 +1700,7 @@ pingServer(int serverNumber)

 static int

 findServer(void)

 {

-	int i, j;

+	unsigned int i, j;

 	struct session *session;

 	/*

@@ -2386,7 +2396,6 @@ clamfi_eoh(SMFICTX *ctx)

 			 * no need to check any further

 			 */

 			return SMFIS_CONTINUE;

-

 	/*

 	 * Didn't find a recipient who is not on the white list, so all

 	 * must be on the white list, so just accept the e-mail

@@ -2508,9 +2517,11 @@ clamfi_eom(SMFICTX *ctx)

 				break;

 			case CL_VIRUS:

 				snprintf(mess, sizeof(mess), "%s: %s FOUND", privdata->filename, virname);

+				logger(mess);

 				break;

 			default:

 				snprintf(mess, sizeof(mess), "%s: %s ERROR", privdata->filename, cl_strerror(rc));

+				logger(mess);

 				break;

 		}

@@ -3509,7 +3520,17 @@ connect2clamd(struct privdata *privdata)

 		/*

 		 * TODO: investigate mkdtemp on LINUX and possibly others

 		 */

+#ifdef	C_AIX

+		/*

+		 * Patch by Andy Feldt <feldt@nhn.ou.edu>, AIX 5.2 sets errno

+		 * to ENOENT often and sometimes sets errno to 0 (after a

+		 * database reload) for the mkdir call

+		 */

+		if((mkdir(dir, 0700) < 0) && (errno != EEXIST) && (errno > 0) &&

+		    (errno != ENOENT)) {

+#else

 		if((mkdir(dir, 0700) < 0) && (errno != EEXIST)) {

+#endif

 			perror(dir);

 			if(use_syslog)

 				syslog(LOG_ERR, _("mkdir %s failed"), dir);

@@ -3609,7 +3630,7 @@ connect2clamd(struct privdata *privdata)

 		}

 #ifdef	SESSION

-		if(serverIPs[freeServer] == inet_addr("127.0.0.1")) {

+		if(serverIPs[freeServer] == (int)inet_addr("127.0.0.1")) {

 			privdata->filename = cli_gentemp(NULL);

 			if(privdata->filename) {

 				cli_dbgmsg("connect2clamd(%d): creating %s\n", freeServer, privdata->filename);

@@ -3989,7 +4010,12 @@ qfile(struct privdata *privdata, const char *sendmailId, const char *virusname)

 	DD = tm->tm_mday;

 	sprintf(newname, "%s/%02d%02d%02d", quarantine_dir, YY, MM, DD);

+#ifdef	C_AIX

+	if((mkdir(newname, 0700) < 0) && (errno != EEXIST) && (errno > 0) &&

+	    (errno != ENOENT)) {

+#else

 	if((mkdir(newname, 0700) < 0) && (errno != EEXIST)) {

+#endif

 		perror(newname);

 		if(use_syslog)

 			syslog(LOG_ERR, _("mkdir %s failed"), newname);

@@ -4276,7 +4302,7 @@ watchdog(void *a)

 	assert((!external) || (sessions != NULL));

 	while(!quitting) {

-		int i;

+		unsigned int i;

 		struct timespec ts;

 		struct timeval tp;

 		struct session *session;

@@ -4670,7 +4696,7 @@ quit(void)

 		struct session *session = sessions;

 		pthread_mutex_lock(&sstatus_mutex);

-		for(; i < ((localSocket != NULL) ? 1 : max_children); i++) {

+		for(; i < ((localSocket != NULL) ? 1 : (int)max_children); i++) {

 			/*

 			 * Check all free sessions are still usable

 			 * This could take some time with many free

@@ -4987,3 +5013,33 @@ isWhitelisted(const char *emailaddress)

 	return 0;

 }

+

+static void

+logger(const char *mess)

+{

+#ifdef	CL_DEBUG

+	puts(mess);

+#else

+	FILE *fout = fopen(logFile, "a");

+

+	if(fout == NULL)

+		return;

+

+	if(logTime) {

+		time_t currtime = time((time_t)0);

+		char buf[27];

+

+		/*

+		 * FIXME: This should be HAS_CTIME_R2 and HAS_CTIME_R3

+		 */

+#ifdef	C_SOLARIS

+		ctime_r(&currtime, buf, sizeof(buf));

+#else

+		ctime_r(&currtime, buf);

+#endif

+		fprintf(fout, "%.*s -> %s\n", strlen(buf) - 1, buf, mess);

+	} else

+		fprintf(fout, "%s\n", mess);

+	fclose(fout);

+#endif

+}