git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@368 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/03/03 18:18:05... | ... |
@@ -1,3 +1,13 @@ |
1 |
+Wed Mar 3 09:22:09 GMT 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * clamav-milter: Check clamd is running before starting (if clamd is |
|
4 |
+ on the same machine) |
|
5 |
+ If clamav-milter fails to find clamd running, state the |
|
6 |
+ expected pid |
|
7 |
+ Some debug messages changed |
|
8 |
+ Improved checking for TCP/IP to ensure TCPwrappers is |
|
9 |
+ not used when using UNIX domain sockets |
|
10 |
+ |
|
1 | 11 |
Tue Mar 2 13:12:57 GMT 2004 (trog) |
2 | 12 |
----------------------------------- |
3 | 13 |
* libclamav/vba_extract.c: #include others.h |
... | ... |
@@ -269,11 +269,14 @@ Changes |
269 | 269 |
0.67i 27/2/04 Dropping priv message now same as clamd |
270 | 270 |
Only use TCPwrappers when using TCP/IP to establish |
271 | 271 |
communications with the milter |
272 |
-0.67j 27/2/04 Call checkClamd() before attempting to connect, it's a way of |
|
273 |
- warning the user if they've started the milter before clamd |
|
272 |
+0.67j 27/2/04 Call checkClamd() before attempting to connect, it's |
|
273 |
+ a way of warning the user if they've started the |
|
274 |
+ milter before clamd |
|
274 | 275 |
checkClamd() now stashes pid in syslog |
275 |
- Ensure installation instructions tally with man page and put |
|
276 |
- sockets into subdirectory for security |
|
276 |
+ Ensure installation instructions tally with man page |
|
277 |
+ and put sockets into subdirectory for security |
|
278 |
+ clamfi_close debug, change assert to debug message |
|
279 |
+ Better way to force TCPwrappers only with TCP/IP |
|
277 | 280 |
|
278 | 281 |
BUG REPORTS |
279 | 282 |
|
... | ... |
@@ -38,6 +38,11 @@ |
38 | 38 |
* mkdir /var/run/clamav |
39 | 39 |
* chown clamav /var/run/clamav (if you use User clamav in clamav.conf) |
40 | 40 |
* chmod 700 /var/run/clamav |
41 |
+ * |
|
42 |
+ * The above example shows clamav-milter, clamd and sendmail all on the |
|
43 |
+ * same machine, however using TCP they may reside on different machines, |
|
44 |
+ * indeed clamav-milter is capable of talking to multiple clamds for redundancy |
|
45 |
+ * and load balancing. |
|
41 | 46 |
* 5) You may find INPUT_MAIL_FILTERS is not needed on your machine, however it |
42 | 47 |
* is recommended by the Sendmail documentation and I suggest going along |
43 | 48 |
* with that. |
... | ... |
@@ -47,6 +52,14 @@ |
47 | 47 |
* CLAMAV_FLAGS="--max-children=2 local:/var/run/clamav/clmilter.sock" |
48 | 48 |
* or if clamd is on a different machine |
49 | 49 |
* CLAMAV_FLAGS="--max-children=2 --server=192.168.1.9 local:/var/run/clamav/clmilter.sock" |
50 |
+ * |
|
51 |
+ * If you want clamav-milter to listen on TCP for communication with sendmail, |
|
52 |
+ * for example if they are on different machines use inet:<port>. |
|
53 |
+ * On machine A (running sendmail) you would have in sendmail.mc: |
|
54 |
+ * INPUT_MAIL_FILTER(`clamav', `S=inet:3311@machineb, F=, T=S:4m;R:4m')dnl |
|
55 |
+ * On machine B (running clamav-milter) you would start up clamav-milter thus: |
|
56 |
+ * clamav-milter inet:3311 |
|
57 |
+ * |
|
50 | 58 |
* 8) You should have received a script to put into /etc/init.d with this |
51 | 59 |
* software. |
52 | 60 |
* 9) run 'chown clamav /usr/local/sbin/clamav-milter; chmod 4700 /usr/local/sbin/clamav-milter |
... | ... |
@@ -261,10 +274,14 @@ |
261 | 261 |
* checkClamd() now stashes pid in syslog |
262 | 262 |
* Ensure installation instructions tally with man page |
263 | 263 |
* and put sockets into subdirectory for security |
264 |
+ * clamfi_close debug, change assert to debug message |
|
265 |
+ * Better way to force TCPwrappers only with TCP/IP |
|
264 | 266 |
* |
265 |
- * |
|
266 | 267 |
* Change History: |
267 | 268 |
* $Log: clamav-milter.c,v $ |
269 |
+ * Revision 1.58 2004/03/03 09:14:55 nigelhorne |
|
270 |
+ * Change way check for TCPwrappers on TCP/IP |
|
271 |
+ * |
|
268 | 272 |
* Revision 1.57 2004/02/27 15:27:11 nigelhorne |
269 | 273 |
* call checkClamd on start |
270 | 274 |
* |
... | ... |
@@ -421,7 +438,7 @@ |
421 | 421 |
* Revision 1.6 2003/09/28 16:37:23 nigelhorne |
422 | 422 |
* Added -f flag use MaxThreads if --max-children not set |
423 | 423 |
*/ |
424 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.57 2004/02/27 15:27:11 nigelhorne Exp $"; |
|
424 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.58 2004/03/03 09:14:55 nigelhorne Exp $"; |
|
425 | 425 |
|
426 | 426 |
#define CM_VERSION "0.67j" |
427 | 427 |
|
... | ... |
@@ -1419,8 +1436,7 @@ clamfi_connect(SMFICTX *ctx, char *hostname, _SOCK_ADDR *hostaddr) |
1419 | 1419 |
/* |
1420 | 1420 |
* Support /etc/hosts.allow and /etc/hosts.deny |
1421 | 1421 |
*/ |
1422 |
- if((strncasecmp(port, "unix:", 5) != 0) && |
|
1423 |
- (strncasecmp(port, "local:", 6) != 0)) { |
|
1422 |
+ if(strncasecmp(port, "inet:", 5) == 0) { |
|
1424 | 1423 |
const char *hostmail; |
1425 | 1424 |
const struct hostent *hp = NULL; |
1426 | 1425 |
|
... | ... |
@@ -1655,7 +1671,7 @@ clamfi_envfrom(SMFICTX *ctx, char **argv) |
1655 | 1655 |
|
1656 | 1656 |
server.sin_addr.s_addr = serverIPs[freeServer]; |
1657 | 1657 |
|
1658 |
- if((privdata->cmdSocket = socket(AF_INET, SOCK_STREAM, 0)) < 0) { |
|
1658 |
+ if((privdata->cmdSocket = socket(AF_INET, SOCK_STREAM, 0)) < 0) { |
|
1659 | 1659 |
perror("socket"); |
1660 | 1660 |
clamfi_free(privdata); |
1661 | 1661 |
return cl_error; |
... | ... |
@@ -1753,7 +1769,7 @@ clamfi_envfrom(SMFICTX *ctx, char **argv) |
1753 | 1753 |
privdata->from = strdup(argv[0]); |
1754 | 1754 |
privdata->to = NULL; |
1755 | 1755 |
|
1756 |
- if (hflag) |
|
1756 |
+ if (hflag) |
|
1757 | 1757 |
privdata->headers = header_list_new(); |
1758 | 1758 |
else |
1759 | 1759 |
privdata->headers = NULL; |
... | ... |
@@ -2218,7 +2234,12 @@ clamfi_close(SMFICTX *ctx) |
2218 | 2218 |
struct privdata *privdata = (struct privdata *)smfi_getpriv(ctx); |
2219 | 2219 |
|
2220 | 2220 |
cli_dbgmsg("clamfi_close"); |
2221 |
- assert(privdata == NULL); |
|
2221 |
+ if(privdata != NULL) { |
|
2222 |
+ if(use_syslog) |
|
2223 |
+ syslog(LOG_DEBUG, "clamfi_close, privdata != NULL"); |
|
2224 |
+ else |
|
2225 |
+ puts("clamfi_close, privdata != NULL"); |
|
2226 |
+ } |
|
2222 | 2227 |
#endif |
2223 | 2228 |
|
2224 | 2229 |
if(logVerbose) |
... | ... |
@@ -2461,7 +2482,7 @@ updateSigFile(void) |
2461 | 2461 |
} |
2462 | 2462 |
|
2463 | 2463 |
static header_list_t |
2464 |
-header_list_new(void) |
|
2464 |
+header_list_new(void) |
|
2465 | 2465 |
{ |
2466 | 2466 |
header_list_t ret; |
2467 | 2467 |
|