@@ -1,3 +1,12 @@

+Wed Dec 19 22:11:17 CET 2007 (tk)

+---------------------------------

+  * freshclam, libclamav: drop support for .inc directories and instead use

+			  local containers with .cvd-like structure but

+			  uncompressed by default

+  * libclamav/lockdb.[ch]: remove files (no longer needed)

+  * TODO: sigtool, optional compression for .cld in freshclam

+  * .inc dirs are no longer used and should be removed manually

+

 Wed Dec 19 16:22:24 CET 2007 (tk)

 ---------------------------------

   * shared/tar.[ch]: minimalistic tar archiver for sigtool and freshclam

@@ -33,6 +33,8 @@ freshclam_SOURCES = \

     $(top_srcdir)/shared/sha256.c \

     $(top_srcdir)/shared/cdiff.c \

     $(top_srcdir)/shared/cdiff.h \

+    $(top_srcdir)/shared/tar.c \

+    $(top_srcdir)/shared/tar.h \

     freshclam.c \

     manager.c \

     manager.h \

@@ -68,9 +68,10 @@ binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)

 PROGRAMS = $(bin_PROGRAMS)

 am_freshclam_OBJECTS = output.$(OBJEXT) cfgparser.$(OBJEXT) \

 	getopt.$(OBJEXT) misc.$(OBJEXT) options.$(OBJEXT) \

-	sha256.$(OBJEXT) cdiff.$(OBJEXT) freshclam.$(OBJEXT) \

-	manager.$(OBJEXT) notify.$(OBJEXT) dns.$(OBJEXT) \

-	execute.$(OBJEXT) nonblock.$(OBJEXT) mirman.$(OBJEXT)

+	sha256.$(OBJEXT) cdiff.$(OBJEXT) tar.$(OBJEXT) \

+	freshclam.$(OBJEXT) manager.$(OBJEXT) notify.$(OBJEXT) \

+	dns.$(OBJEXT) execute.$(OBJEXT) nonblock.$(OBJEXT) \

+	mirman.$(OBJEXT)

 freshclam_OBJECTS = $(am_freshclam_OBJECTS)

 freshclam_LDADD = $(LDADD)

 DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@

@@ -228,6 +229,8 @@ freshclam_SOURCES = \

     $(top_srcdir)/shared/sha256.c \

     $(top_srcdir)/shared/cdiff.c \

     $(top_srcdir)/shared/cdiff.h \

+    $(top_srcdir)/shared/tar.c \

+    $(top_srcdir)/shared/tar.h \

     freshclam.c \

     manager.c \

     manager.h \

@@ -328,6 +331,7 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/options.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Po@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Po@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tar.Po@am__quote@

 .c.o:

 @am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<

@@ -448,6 +452,20 @@ cdiff.obj: $(top_srcdir)/shared/cdiff.c

 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

 @am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cdiff.obj `if test -f '$(top_srcdir)/shared/cdiff.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/cdiff.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/cdiff.c'; fi`

+tar.o: $(top_srcdir)/shared/tar.c

+@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT tar.o -MD -MP -MF $(DEPDIR)/tar.Tpo -c -o tar.o `test -f '$(top_srcdir)/shared/tar.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/tar.c

+@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/tar.Tpo $(DEPDIR)/tar.Po

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$(top_srcdir)/shared/tar.c' object='tar.o' libtool=no @AMDEPBACKSLASH@

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

+@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o tar.o `test -f '$(top_srcdir)/shared/tar.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/tar.c

+

+tar.obj: $(top_srcdir)/shared/tar.c

+@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT tar.obj -MD -MP -MF $(DEPDIR)/tar.Tpo -c -o tar.obj `if test -f '$(top_srcdir)/shared/tar.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/tar.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/tar.c'; fi`

+@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/tar.Tpo $(DEPDIR)/tar.Po

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$(top_srcdir)/shared/tar.c' object='tar.obj' libtool=no @AMDEPBACKSLASH@

+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

+@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o tar.obj `if test -f '$(top_srcdir)/shared/tar.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/tar.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/tar.c'; fi`

+

 mostlyclean-libtool:

 	-rm -f *.lo

@@ -49,6 +49,7 @@

 #include <time.h>

 #include <fcntl.h>

 #include <sys/stat.h>

+#include <dirent.h>

 #include <errno.h>

 #include "manager.h"

@@ -63,12 +64,12 @@

 #include "shared/output.h"

 #include "shared/misc.h"

 #include "shared/cdiff.h"

+#include "shared/tar.h"

 #include "libclamav/clamav.h"

 #include "libclamav/others.h"

 #include "libclamav/str.h"

 #include "libclamav/cvd.h"

-#include "libclamav/lockdb.h"

 #ifndef	O_BINARY

 #define	O_BINARY	0

@@ -676,97 +677,78 @@ static int getfile(const char *srcfile, const char *destfile, const char *hostna

     return 0;

 }

-static int getcvd(const char *dbfile, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int nodb, unsigned int newver, int ctimeout, int rtimeout, struct mirdat *mdat)

+static int getcvd(const char *cvdfile, const char *newfile, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int nodb, unsigned int newver, int ctimeout, int rtimeout, struct mirdat *mdat)

 {

-	char *tempname;

 	struct cl_cvd *cvd;

 	int ret;

-    tempname = cli_gentemp(".");

-

-    logg("*Retrieving http://%s/%s\n", hostname, dbfile);

-    if((ret = getfile(dbfile, tempname, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout, mdat))) {

-        logg("!Can't download %s from %s\n", dbfile, hostname);

-        unlink(tempname);

-        free(tempname);

+    logg("*Retrieving http://%s/%s\n", hostname, cvdfile);

+    if((ret = getfile(cvdfile, newfile, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout, mdat))) {

+        logg("!Can't download %s from %s\n", cvdfile, hostname);

+        unlink(newfile);

         return ret;

     }

-    if((ret = cl_cvdverify(tempname))) {

+    if((ret = cl_cvdverify(newfile))) {

         logg("!Verification: %s\n", cl_strerror(ret));

-        unlink(tempname);

-        free(tempname);

+        unlink(newfile);

         return 54;

     }

-    if(!(cvd = cl_cvdhead(tempname))) {

-	logg("!Can't read CVD header of new %s database.\n", dbfile);

-	unlink(tempname);

-	free(tempname);

+    if(!(cvd = cl_cvdhead(newfile))) {

+	logg("!Can't read CVD header of new %s database.\n", cvdfile);

+	unlink(newfile);

 	return 54;

     }

     if(cvd->version < newver) {

 	logg("^Mirror %s is not synchronized.\n", ip);

     	cl_cvdfree(cvd);

-	unlink(tempname);

-	free(tempname);

+	unlink(newfile);

 	return 59;

     }

-    if(!nodb && unlink(dbfile)) {

-	logg("!Can't unlink %s. Please fix it and try again.\n", dbfile);

-    	cl_cvdfree(cvd);

-	unlink(tempname);

-	free(tempname);

-	return 53;

-    } else {

-    	if(rename(tempname, dbfile) == -1) {

-    	    if(errno == EEXIST) {

-    	        unlink(dbfile);

-    	        if(rename(tempname, dbfile) == -1) {

-                   logg("!All attempts to rename the temporary file failed: %s\n", strerror(errno));

-		   return 57;

-		}

-            }

-        }

-    }

-

+    cl_cvdfree(cvd);

     return 0;

 }

-static int chdir_inc(const char *dbname)

+static int chdir_tmp(const char *dbname, const char *tmpdir)

 {

-	struct stat sb;

-	char path[32], dbfile[32];

+	char cvdfile[32];

-    sprintf(path, "%s.inc", dbname);

-    sprintf(dbfile, "%s.cvd", dbname);

+    if(access(tmpdir, R_OK|W_OK) == -1) {

+	sprintf(cvdfile, "%s.cvd", dbname);

+	if(access(cvdfile, R_OK) == -1) {

+	    sprintf(cvdfile, "%s.cld", dbname);

+	    if(access(cvdfile, R_OK) == -1) {

+		logg("!chdir_tmp: Can't access local %s database\n", dbname);

+		return -1;

+	    }

+	}

-    if(stat(path, &sb) == -1) {

-	if(mkdir(path, 0755) == -1) {

-	    logg("!chdir_inc: Can't create directory %s\n", path);

+	if(mkdir(tmpdir, 0755) == -1) {

+	    logg("!chdir_tmp: Can't create directory %s\n", tmpdir);

 	    return -1;

 	}

-	if(cvd_unpack(dbfile, path) == -1) {

-	    logg("!chdir_inc: Can't unpack %s into %s\n", dbfile, path);

-	    cli_rmdirs(path);

+	if(cvd_unpack(cvdfile, tmpdir) == -1) {

+	    logg("!chdir_tmp: Can't unpack %s into %s\n", cvdfile, tmpdir);

+	    cli_rmdirs(tmpdir);

 	    return -1;

 	}

     }

-    if(chdir(path) == -1) {

-	logg("!chdir_inc: Can't change directory to %s\n", path);

+    if(chdir(tmpdir) == -1) {

+	logg("!chdir_tmp: Can't change directory to %s\n", tmpdir);

 	return -1;

     }

     return 0;

 }

-static int getpatch(const char *dbname, int version, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int ctimeout, int rtimeout, struct mirdat *mdat)

+static int getpatch(const char *dbname, const char *tmpdir, int version, const char *hostname, char *ip, const char *localip, const char *proxy, int port, const char *user, const char *pass, const char *uas, int ctimeout, int rtimeout, struct mirdat *mdat)

 {

 	char *tempname, patch[32], olddir[512];

 	int ret, fd;

@@ -777,7 +759,7 @@ static int getpatch(const char *dbname, int version, const char *hostname, char

 	return 50; /* FIXME */

     }

-    if(chdir_inc(dbname) == -1)

+    if(chdir_tmp(dbname, tmpdir) == -1)

 	return 50;

     tempname = cli_gentemp(".");

@@ -816,64 +798,129 @@ static int getpatch(const char *dbname, int version, const char *hostname, char

     return 0;

 }

-static struct cl_cvd *currentdb(const char *dbname, unsigned int *inc)

+static struct cl_cvd *currentdb(const char *dbname, char *localname)

 {

-	struct stat sb;

-	char path[512];

+	char db[32];

 	struct cl_cvd *cvd = NULL;

-    snprintf(path, sizeof(path), "%s.inc", dbname);

-    if(stat(path, &sb) != -1) {

-	snprintf(path, sizeof(path), "%s.inc/%s.info", dbname, dbname);

-	if(inc)

-	    *inc = 1;

-    } else {

-	snprintf(path, sizeof(path), "%s.cvd", dbname);

-	if(inc)

-	    *inc = 0;

+    snprintf(db, sizeof(db), "%s.cvd", dbname);

+    if(localname)

+	strcpy(localname, db);

+

+    if(access(db, R_OK) == -1) {

+	snprintf(db, sizeof(db), "%s.cld", dbname);

+	if(localname)

+	    strcpy(localname, db);

     }

-    if(!access(path, R_OK))

-	cvd = cl_cvdhead(path);

+    if(!access(db, R_OK))

+	cvd = cl_cvdhead(db);

     return cvd;

 }

+static int buildcld(const char *tmpdir, const char *dbname, const char *newfile)

+{

+	DIR *dir;

+	char cwd[512], info[32], buff[512], *pt;

+	struct dirent *dent;

+	int fd;

+

+

+    getcwd(cwd, sizeof(cwd));

+    if(chdir(tmpdir) == -1) {

+	logg("!buildcld: Can't access directory %s\n", tmpdir);

+	return -1;

+    }

+

+    snprintf(info, sizeof(info), "%s.info", dbname);

+    if((fd = open(info, O_RDONLY|O_BINARY)) == -1) {

+	logg("!buildcld: Can't open %s\n", info);

+	chdir(cwd);

+	return -1;

+    }

+

+    if(read(fd, buff, 512) == -1) {

+	logg("!buildcld: Can't read %s\n", info);

+	chdir(cwd);

+	close(fd);

+	return -1;

+    }

+    close(fd);

+

+    if(!(pt = strchr(buff, '\n'))) {

+	logg("!buildcld: Bad format of %s\n", info);

+	chdir(cwd);

+	return -1;

+    }

+    memset(pt, ' ', 512 + buff - pt);

+

+    if((fd = open(newfile, O_WRONLY|O_CREAT|O_EXCL|O_BINARY, 0644)) == -1) {

+	logg("!buildcld: Can't open %s for writing\n", newfile);

+	chdir(cwd);

+	return -1;

+    }

+    if(write(fd, buff, 512) != 512) {

+	logg("!buildcld: Can't write to %s\n", newfile);

+	chdir(cwd);

+	unlink(newfile);

+	close(fd);

+	return -1;

+    }

+    close(fd);

+

+    if((dir = opendir(".")) == NULL) {

+	logg("!buildcld: Can't open directory %s\n", tmpdir);

+	chdir(cwd);

+	unlink(newfile);

+	return -1;

+    }

+

+    while((dent = readdir(dir))) {

+#ifndef C_INTERIX

+	if(dent->d_ino)

+#endif

+	{

+	    if(!strcmp(dent->d_name, ".") || !strcmp(dent->d_name, ".."))

+		continue;

+

+	    if(tar_addfile(newfile, dent->d_name) == -1) {

+		logg("!buildcld: Can't add %s to .cld file\n", dent->d_name);

+		chdir(cwd);

+		unlink(newfile);

+		closedir(dir);

+		return -1;

+	    }

+	}

+    }

+    closedir(dir);

+

+    if(chdir(cwd) == -1) {

+	logg("!buildcld: Can't return to previous directory %s\n", cwd);

+	return -1;

+    }

+

+    return 0;

+}

+

 static int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, const struct cfgstruct *copt, const char *dnsreply, char *localip, int outdated, struct mirdat *mdat)

 {

 	struct cl_cvd *current, *remote;

 	const struct cfgstruct *cpt;

 	unsigned int nodb = 0, currver = 0, newver = 0, port = 0, i, j;

 	int ret, ims = -1;

-	char *pt, dbfile[32], dbinc[32], *bacinc = NULL;

+	char *pt, cvdfile[32], localname[32], *tmpdir = NULL, *newfile, cwd[512];

 	const char *proxy = NULL, *user = NULL, *pass = NULL, *uas = NULL;

-	unsigned int flevel = cl_retflevel(), inc, maxattempts;

-	struct stat sb;

+	unsigned int flevel = cl_retflevel(), maxattempts;

 	int ctimeout, rtimeout;

-    snprintf(dbfile, sizeof(dbfile), "%s.cvd", dbname);

-    snprintf(dbinc, sizeof(dbinc), "%s.inc", dbname);

+    snprintf(cvdfile, sizeof(cvdfile), "%s.cvd", dbname);

-    if(!(current = currentdb(dbname, &inc))) {

+    if(!(current = currentdb(dbname, localname))) {

 	nodb = 1;

-	inc = 0;

-	if(stat(dbinc, &sb) != -1) {

-	    logg("^Removing corrupted incremental directory %s\n", dbinc);

-	    if(cli_rmdirs(dbinc)) {

-		logg("!Can't remove incremental directory\n");

-		return 53;

-	    }

-

-	    if(stat(dbfile, &sb) != -1) {

-		logg("^Removing obsolete %s\n", dbfile);

-		if(unlink(dbfile)) {

-		    logg("!Can't unlink %s\n", dbfile);

-		    return 53;

-		}

-	    }

-	}

+	strcpy(localname, cvdfile);

     } else {

 	mdat->dbflevel = current->fl;

     }

@@ -896,7 +943,7 @@ static int updatedb(const char *dbname, const char *hostname, char *ip, int *sig

 		logg("^Broken database version in TXT record.\n");

 	    } else {

 		newver = atoi(pt);

-		logg("*%s version from DNS: %d\n", dbfile, newver);

+		logg("*%s version from DNS: %d\n", cvdfile, newver);

 	    }

 	    free(pt);

 	} else {

@@ -936,17 +983,17 @@ static int updatedb(const char *dbname, const char *hostname, char *ip, int *sig

     if(!nodb && !newver) {

-	remote = remote_cvdhead(dbfile, hostname, ip, localip, proxy, port, user, pass, uas, &ims, ctimeout, rtimeout, mdat);

+	remote = remote_cvdhead(cvdfile, hostname, ip, localip, proxy, port, user, pass, uas, &ims, ctimeout, rtimeout, mdat);

 	if(!nodb && !ims) {

-	    logg("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", inc ? dbinc : dbfile, current->version, current->sigs, current->fl, current->builder);

+	    logg("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);

 	    *signo += current->sigs;

 	    cl_cvdfree(current);

 	    return 1;

 	}

 	if(!remote) {

-	    logg("^Can't read %s header from %s (IP: %s)\n", dbfile, hostname, ip);

+	    logg("^Can't read %s header from %s (IP: %s)\n", cvdfile, hostname, ip);

 	    cl_cvdfree(current);

 	    return 58;

 	}

@@ -956,7 +1003,7 @@ static int updatedb(const char *dbname, const char *hostname, char *ip, int *sig

     }

     if(!nodb && (current->version >= newver)) {

-	logg("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", inc ? dbinc : dbfile, current->version, current->sigs, current->fl, current->builder);

+	logg("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);

 	if(!outdated && flevel < current->fl) {

 	    /* display warning even for already installed database */

@@ -997,29 +1044,26 @@ static int updatedb(const char *dbname, const char *hostname, char *ip, int *sig

     if(!cfgopt(copt, "ScriptedUpdates")->enabled)

 	nodb = 1;

+    getcwd(cwd, sizeof(cwd));

+    newfile = cli_gentemp(cwd);

+

     if(nodb) {

-	ret = getcvd(dbfile, hostname, ip, localip, proxy, port, user, pass, uas, nodb, newver, ctimeout, rtimeout, mdat);

+	ret = getcvd(cvdfile, newfile, hostname, ip, localip, proxy, port, user, pass, uas, nodb, newver, ctimeout, rtimeout, mdat);

 	if(ret) {

 	    memset(ip, 0, 16);

+	    free(newfile);

 	    return ret;

 	}

+	snprintf(localname, sizeof(localname), "%s.cvd", dbname);

     } else {

 	ret = 0;

-	if(!access(dbinc, X_OK)) {

-	    if((bacinc = cli_gentemp("."))) {

-		if(dircopy(dbinc, bacinc) == -1) {

-		    free(bacinc);

-		    bacinc = NULL;

-		}

-	    }

-	}

-

+	tmpdir = cli_gentemp(".");

 	maxattempts = cfgopt(copt, "MaxAttempts")->numarg;

 	for(i = currver + 1; i <= newver; i++) {

 	    for(j = 0; j < maxattempts; j++) {

-		ret = getpatch(dbname, i, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout, mdat);

+		ret = getpatch(dbname, tmpdir, i, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout, mdat);

 		if(ret == 52 || ret == 58) {

 		    memset(ip, 0, 16);

 		    continue;

@@ -1032,43 +1076,58 @@ static int updatedb(const char *dbname, const char *hostname, char *ip, int *sig

 	}

 	if(ret) {

-	    logg("^Incremental update failed, trying to download %s\n", dbfile);

-

-	    ret = getcvd(dbfile, hostname, ip, localip, proxy, port, user, pass, uas, 1, newver, ctimeout, rtimeout, mdat);

+	    cli_rmdirs(tmpdir);

+	    free(tmpdir);

+	    logg("^Incremental update failed, trying to download %s\n", cvdfile);

+	    ret = getcvd(cvdfile, newfile, hostname, ip, localip, proxy, port, user, pass, uas, 1, newver, ctimeout, rtimeout, mdat);

 	    if(ret) {

-		if(bacinc) {

-		    logg("*Restoring incremental directory %s from backup\n", dbinc);

-		    cli_rmdirs(dbinc);

-		    rename(bacinc, dbinc);

-		    free(bacinc);

-		}

+		free(newfile);

 		return ret;

-	    } else {

-		logg("*Removing incremental directory %s\n", dbinc);

-		cli_rmdirs(dbinc);

 	    }

-

+	    snprintf(localname, sizeof(localname), "%s.cvd", dbname);

 	} else {

-	    unlink(dbfile);

+	    if(buildcld(tmpdir, dbname, newfile) == -1) {

+		logg("!Can't create local database\n");

+		cli_rmdirs(tmpdir);

+		free(tmpdir);

+		free(newfile);

+		return 70; /* FIXME */

+	    }

+	    snprintf(localname, sizeof(localname), "%s.cld", dbname);

+	    cli_rmdirs(tmpdir);

+	    free(tmpdir);

 	}

+    }

-	if(bacinc) {

-	    logg("*Removing backup directory %s\n", bacinc);

-	    cli_rmdirs(bacinc);

-	    free(bacinc);

-	}

+    if(!nodb && !access(cvdfile, R_OK) && unlink(cvdfile)) {

+	logg("!Can't unlink %s. Please fix it and try again.\n", cvdfile);

+	unlink(newfile);

+	free(newfile);

+	return 53;

     }

-    if(!(current = currentdb(dbname, NULL))) {

-	/* should never be reached */

-	logg("!Can't parse new database\n");

-	return 55; /* FIXME */

+    if(!nodb && strcmp(cvdfile, localname) && !access(localname, R_OK) && unlink(localname)) {

+	logg("!Can't unlink %s. Please fix it and try again.\n", localname);

+	unlink(newfile);

+	free(newfile);

+	return 53;

     }

-    if(nodb && inc)

-	cli_rmdirs(dbinc);

+    if(rename(newfile, localname) == -1) {

+	logg("!Can't rename %s to %s\n", newfile, localname);

+	unlink(newfile);

+	free(newfile);

+	return 57;

+    }

+    free(newfile);

-    logg("%s updated (version: %d, sigs: %d, f-level: %d, builder: %s)\n", inc ? dbinc : dbfile, current->version, current->sigs, current->fl, current->builder);

+    if(!(current = cl_cvdhead(localname))) {

+	logg("!Can't parse new database %s\n", localname);

+	unlink(localname);

+	return 55; /* FIXME */

+    }

+

+    logg("%s updated (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);

     if(flevel < current->fl) {

 	logg("^Your ClamAV installation is OUTDATED!\n");

@@ -1085,7 +1144,7 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

 {

 	time_t currtime;

 	int ret, updated = 0, outdated = 0, signo = 0;

-	unsigned int ttl, try = 0;

+	unsigned int ttl;

 	char ipaddr[16], *dnsreply = NULL, *pt, *localip = NULL, *newver = NULL;

 	const char *arg = NULL;

 	const struct cfgstruct *cpt;

@@ -1173,19 +1232,6 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

 	localip = cpt->strarg;

     }

-    while(cli_writelockdb(dbdir, 0) == CL_ELOCKDB) {

-	logg("*Waiting to lock database directory: %s\n", dbdir);

-	sleep(5);

-	if(++try > 12) {

-	    logg("!Can't lock database directory: %s\n", dbdir);

-	    if(dnsreply)

-		free(dnsreply);

-	    if(newver)

-		free(newver);

-	    return 61; 

-	}

-    }

-

     if(cfgopt(copt, "HTTPProxyServer")->enabled)

 	mirman_read("mirrors.dat", &mdat, 0);

     else

@@ -1201,7 +1247,6 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

 	    free(newver);

 	mirman_write("mirrors.dat", &mdat);

-	cli_unlockdb(dbdir);

 	return ret;

     } else if(ret == 0)

@@ -1216,7 +1261,6 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

 	    free(newver);

 	mirman_write("mirrors.dat", &mdat);

-	cli_unlockdb(dbdir);

 	return ret;

     } else if(ret == 0)

@@ -1226,7 +1270,6 @@ int downloadmanager(const struct cfgstruct *copt, const struct optstruct *opt, c

 	free(dnsreply);

     mirman_write("mirrors.dat", &mdat);

-    cli_unlockdb(dbdir);

     if(updated) {

 	if(cfgopt(copt, "HTTPProxyServer")->enabled) {

@@ -175,8 +175,6 @@ libclamav_la_SOURCES = \

 	hashtab.h \

 	dconf.c \

 	dconf.h \

-	lockdb.c \

-	lockdb.h \

 	lzma_iface.c \

 	lzma_iface.h

@@ -87,7 +87,7 @@ am_libclamav_la_OBJECTS = matcher-ac.lo matcher-bm.lo matcher.lo \

 	pdf.lo spin.lo yc.lo elf.lo sis.lo uuencode.lo pst.lo \

 	phishcheck.lo phish_domaincheck_db.lo phish_whitelist.lo \

 	regex_list.lo mspack.lo cab.lo entconv.lo hashtab.lo dconf.lo \

-	lockdb.lo lzma_iface.lo

+	lzma_iface.lo

 libclamav_la_OBJECTS = $(am_libclamav_la_OBJECTS)

 libclamav_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \

 	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \

@@ -396,8 +396,6 @@ libclamav_la_SOURCES = \

 	hashtab.h \

 	dconf.c \

 	dconf.h \

-	lockdb.c \

-	lockdb.h \

 	lzma_iface.c \

 	lzma_iface.h

@@ -491,7 +489,6 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/inflate64.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/is_tar.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/line.Plo@am__quote@

-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lockdb.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lzma_iface.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/matcher-ac.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/matcher-bm.Plo@am__quote@

@@ -184,7 +184,7 @@ static int cli_tgzload(int fd, struct cl_engine **engine, unsigned int *signo, u

 	z_off_t off;

-    cli_dbgmsg("in cli_untgz()\n");

+    cli_dbgmsg("in cli_tgzload()\n");

     if((fdd = dup(fd)) == -1) {

 	cli_errmsg("cli_tgzload: Can't duplicate descriptor %d\n", fd);

@@ -391,7 +391,7 @@ void cl_cvdfree(struct cl_cvd *cvd)

     free(cvd);

 }

-static int cli_cvdverify(FILE *fs, struct cl_cvd *cvdpt)

+static int cli_cvdverify(FILE *fs, struct cl_cvd *cvdpt, unsigned int cld)

 {

 	struct cl_cvd *cvd;

 	char *md5, head[513];

@@ -413,6 +413,11 @@ static int cli_cvdverify(FILE *fs, struct cl_cvd *cvdpt)

     if(cvdpt)

 	memcpy(cvdpt, cvd, sizeof(struct cl_cvd));

+    if(cld) {

+	cl_cvdfree(cvd);

+	return CL_SUCCESS;

+    }

+

     md5 = cli_md5stream(fs, NULL);

     cli_dbgmsg("MD5(.tar.gz) = %s\n", md5);

@@ -434,7 +439,7 @@ static int cli_cvdverify(FILE *fs, struct cl_cvd *cvdpt)

     free(md5);

     cl_cvdfree(cvd);

-    return 0;

+    return CL_SUCCESS;

 }

 int cl_cvdverify(const char *file)

@@ -448,13 +453,13 @@ int cl_cvdverify(const char *file)

 	return CL_EOPEN;

     }

-    ret = cli_cvdverify(fs, NULL);

+    ret = cli_cvdverify(fs, NULL, 0);

     fclose(fs);

     return ret;

 }

-int cli_cvdload(FILE *fs, struct cl_engine **engine, unsigned int *signo, short warn, unsigned int options)

+int cli_cvdload(FILE *fs, struct cl_engine **engine, unsigned int *signo, short warn, unsigned int options, unsigned int cld)

 {

         char *dir;

 	struct cl_cvd cvd;

@@ -466,7 +471,7 @@ int cli_cvdload(FILE *fs, struct cl_engine **engine, unsigned int *signo, short

     /* verify */

-    if((ret = cli_cvdverify(fs, &cvd)))

+    if((ret = cli_cvdverify(fs, &cvd, cld)))

 	return ret;

     if(cvd.stime && warn) {

@@ -22,7 +22,7 @@

 #include <stdio.h>

 #include "clamav.h"

-int cli_cvdload(FILE *fs, struct cl_engine **engine, unsigned int *signo, short warn, unsigned int options);

+int cli_cvdload(FILE *fs, struct cl_engine **engine, unsigned int *signo, short warn, unsigned int options, unsigned int cld);

 int cli_untgz(int fd, const char *destdir);

 #endif

deleted file mode 100644

@@ -1,335 +0,0 @@

-/*

- *  Copyright (C) 2006 Mark Pizzolato <clamav-devel@subscriptions.pizzolato.net>

- *

- *  This program is free software; you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License as published by

- *  the Free Software Foundation; either version 2 of the License, or

- *  (at your option) any later version.

- *

- *  This program is distributed in the hope that it will be useful,

- *  but WITHOUT ANY WARRANTY; without even the implied warranty of

- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

- *  GNU General Public License for more details.

- *

- *  You should have received a copy of the GNU General Public License

- *  along with this program; if not, write to the Free Software

- *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,

- *  MA 02110-1301, USA.

- */

-

-/*

- * This is a problem, which from a purist point of view, best wants an 

- * RW locking mechanism.

- * On Posix platforms, we leverage advisory locks provided by fcntl().

- * Windows doesn't have a native interprocess RW exclusion mechanism, 

- * one could be constructed from the services available, but it is somewhat

- * complicated.  Meanwhile, we observe that in ClamAV, it is extremely rare 

- * that there will ever be an occasion when multiple processes will be 

- * reading the ClamAV database from a given directory at the same, and in 

- * none of those possible cases would it matter if they serialized their 

- * accesses.  So, a simple mutual exclusion mechanism will suffice for both 

- * the reader and writer locks on Windows.

- */

-#ifdef	_MSC_VER

-#include <windows.h>

-#endif

-

-#if HAVE_CONFIG_H

-#include "clamav-config.h"

-#endif

-

-#include <stdio.h>

-#include <stdarg.h>

-#include <stdlib.h>

-#include <string.h>

-#include <ctype.h>

-#ifdef HAVE_UNISTD_H

-#include <unistd.h>

-#endif

-#ifdef	HAVE_SYS_STAT_H

-#include <sys/stat.h>

-#endif

-#include <fcntl.h>

-#include <errno.h>

-

-#include "clamav.h"

-#include "others.h"

-#include "lockdb.h"

-

-#ifdef CL_THREAD_SAFE

-#include <pthread.h>

-pthread_mutex_t lock_mutex = PTHREAD_MUTEX_INITIALIZER;

-#else

-#define pthread_mutex_lock(arg)

-#define pthread_mutex_unlock(arg)

-#endif

-

-#ifdef C_WINDOWS /* FIXME */

-#define DONT_LOCK_DBDIRS

-#endif

-

-struct dblock {

-	struct dblock *lock_link;

-	char lock_file[NAME_MAX];

-#ifndef C_WINDOWS

-	int lock_fd;

-#else

-	HANDLE lock_fd;

-#endif

-	int lock_type;

-};

-

-static struct dblock *dblocks = NULL;

-

-static void cli_lockname(char *lock_file, size_t lock_file_size, const char *dbdirpath);

-static int cli_lockdb(const char *dbdirpath, int wait, int writelock);

-

-#ifdef DONT_LOCK_DBDIRS

-

-int cli_readlockdb(const char *dbdirpath, int wait)

-{

-    return CL_SUCCESS;

-}

-

-int cli_writelockdb(const char *dbdirpath, int wait)

-{

-    return CL_SUCCESS;

-}

-

-int cli_unlockdb(const char *dbdirpath)

-{

-    return CL_SUCCESS;

-}

-

-int cli_freelocks(void)

-{

-	return CL_SUCCESS;

-}

-

-#else /* !DONT_LOCK_DBDIRS */

-

-int cli_readlockdb(const char *dbdirpath, int wait)

-{

-    return cli_lockdb(dbdirpath, wait, 0);

-}

-

-int cli_writelockdb(const char *dbdirpath, int wait)

-{

-    return cli_lockdb(dbdirpath, wait, 1);

-}

-

-int cli_freelocks(void)

-{

-	struct dblock * lock, *nextlock, *usedlocks = NULL;

-

-	pthread_mutex_lock(&lock_mutex);

-	for(lock = dblocks; lock; lock = nextlock) {

-		/* there might be some locks in use, eg: during a db reload, a failure can lead 

-		 * to cl_free being called */

-		nextlock = lock->lock_link;

-		if(lock->lock_type != -1 && lock->lock_fd != -1) {

-			lock->lock_link = usedlocks;

-			usedlocks = lock;

-		}

-		else {

-			free(lock);

-		}

-	}

-	dblocks = usedlocks;

-	pthread_mutex_unlock(&lock_mutex);

-	return CL_SUCCESS;

-}

-

-

-int cli_unlockdb(const char *dbdirpath)

-{

-	char lock_file[NAME_MAX];

-	struct dblock *lock;

-#ifndef C_WINDOWS

-	struct flock fl;

-#endif

-

-    cli_lockname(lock_file, sizeof(lock_file), dbdirpath);

-    pthread_mutex_lock(&lock_mutex);

-    for(lock=dblocks; lock; lock=lock->lock_link)

-	if(!strcmp(lock_file, lock->lock_file))