git-svn: trunk@2567
Tomasz Kojm authored on 2006/12/20 10:23:50... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Wed Dec 20 02:19:45 CET 2006 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * libclamav: options cleanup; requires additional changes in mbox.c and |
|
4 |
+ clamav-milter |
|
5 |
+ |
|
1 | 6 |
Tue Dec 19 21:44:13 CET 2006 (tk) |
2 | 7 |
--------------------------------- |
3 | 8 |
* libclamav/regex_list.c: strict whitelisting (Edvin) |
... | ... |
@@ -308,10 +308,10 @@ int main(int argc, char **argv) |
308 | 308 |
dbdir = cfgopt(copt, "DatabaseDirectory")->strarg; |
309 | 309 |
logg("#Reading databases from %s\n", dbdir); |
310 | 310 |
|
311 |
- if(!cfgopt(copt, "DetectPhishing")->enabled) { |
|
312 |
- dboptions |= CL_DB_NOPHISHING; |
|
311 |
+ if(cfgopt(copt, "DetectPhishing")->enabled) |
|
312 |
+ dboptions |= CL_DB_PHISHING; |
|
313 |
+ else |
|
313 | 314 |
logg("Not loading phishing signatures.\n"); |
314 |
- } |
|
315 | 315 |
|
316 | 316 |
if(cfgopt(copt, "NodalCoreAcceleration")->enabled) { |
317 | 317 |
#ifdef HAVE_NCORE |
... | ... |
@@ -300,10 +300,10 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_node *root, unsigned in |
300 | 300 |
max_threads = cfgopt(copt, "MaxThreads")->numarg; |
301 | 301 |
|
302 | 302 |
#ifdef CL_EXPERIMENTAL |
303 |
- if(!cfgopt(copt,"PhishingScanURLs")->enabled) |
|
304 |
- dboptions |= CL_DB_NOPHISHING_URLS; |
|
303 |
+ if(cfgopt(copt,"PhishingScanURLs")->enabled) |
|
304 |
+ dboptions |= CL_DB_PHISHING_URLS; |
|
305 | 305 |
if(cfgopt(copt,"PhishingStrictURLCheck")->enabled) |
306 |
- options |= CL_PHISH_NO_DOMAINLIST; |
|
306 |
+ options |= CL_SCAN_PHISHING_DOMAINLIST; |
|
307 | 307 |
#endif |
308 | 308 |
|
309 | 309 |
if(cfgopt(copt, "ScanArchive")->enabled || cfgopt(copt, "ClamukoScanArchive")->enabled) { |
... | ... |
@@ -89,14 +89,14 @@ int scanmanager(const struct optstruct *opt) |
89 | 89 |
if(opt_check(opt, "ncore")) |
90 | 90 |
dboptions |= CL_DB_NCORE; |
91 | 91 |
|
92 |
- if(opt_check(opt, "no-phishing")) |
|
93 |
- dboptions |= CL_DB_NOPHISHING; |
|
92 |
+ if(!opt_check(opt, "no-phishing")) |
|
93 |
+ dboptions |= CL_DB_PHISHING; |
|
94 | 94 |
|
95 | 95 |
#ifdef CL_EXPERIMENTAL |
96 |
- if(opt_check(opt,"no-phishing-scan-urls")) |
|
97 |
- dboptions |= CL_DB_NOPHISHING_URLS; |
|
96 |
+ if(!opt_check(opt,"no-phishing-scan-urls")) |
|
97 |
+ dboptions |= CL_DB_PHISHING_URLS; |
|
98 | 98 |
if(opt_check(opt,"phishing-strict-url-check")) |
99 |
- options |= CL_PHISH_NO_DOMAINLIST; |
|
99 |
+ options |= CL_SCAN_PHISHING_DOMAINLIST; |
|
100 | 100 |
#endif |
101 | 101 |
|
102 | 102 |
if(opt_check(opt, "dev-ac-only")) { |
... | ... |
@@ -69,27 +69,27 @@ extern "C" |
69 | 69 |
|
70 | 70 |
/* db options */ |
71 | 71 |
#define CL_DB_NCORE 0x1 |
72 |
-#define CL_DB_NOPHISHING 0x2 |
|
72 |
+#define CL_DB_PHISHING 0x2 |
|
73 | 73 |
#define CL_DB_ACONLY 0x4 /* WARNING: only for developers */ |
74 |
-#define CL_DB_NOPHISHING_URLS 0x8 |
|
74 |
+#define CL_DB_PHISHING_URLS 0x8 |
|
75 | 75 |
|
76 | 76 |
/* recommended db settings */ |
77 |
-#define CL_DB_STDOPT 0x0 |
|
77 |
+#define CL_DB_STDOPT CL_DB_PHISHING |
|
78 | 78 |
|
79 | 79 |
/* scan options */ |
80 |
-#define CL_SCAN_RAW 0x0 |
|
81 |
-#define CL_SCAN_ARCHIVE 0x1 |
|
82 |
-#define CL_SCAN_MAIL 0x2 |
|
83 |
-#define CL_SCAN_OLE2 0x4 |
|
84 |
-#define CL_SCAN_BLOCKENCRYPTED 0x8 |
|
85 |
-#define CL_SCAN_HTML 0x10 |
|
86 |
-#define CL_SCAN_PE 0x20 |
|
87 |
-#define CL_SCAN_BLOCKBROKEN 0x40 |
|
88 |
-#define CL_SCAN_MAILURL 0x80 |
|
89 |
-#define CL_SCAN_BLOCKMAX 0x100 |
|
90 |
-#define CL_SCAN_ALGO 0x200 |
|
91 |
-#define CL_PHISH_NO_DOMAINLIST 0x800 |
|
92 |
-#define CL_SCAN_ELF 0x1000 |
|
80 |
+#define CL_SCAN_RAW 0x0 |
|
81 |
+#define CL_SCAN_ARCHIVE 0x1 |
|
82 |
+#define CL_SCAN_MAIL 0x2 |
|
83 |
+#define CL_SCAN_OLE2 0x4 |
|
84 |
+#define CL_SCAN_BLOCKENCRYPTED 0x8 |
|
85 |
+#define CL_SCAN_HTML 0x10 |
|
86 |
+#define CL_SCAN_PE 0x20 |
|
87 |
+#define CL_SCAN_BLOCKBROKEN 0x40 |
|
88 |
+#define CL_SCAN_MAILURL 0x80 |
|
89 |
+#define CL_SCAN_BLOCKMAX 0x100 |
|
90 |
+#define CL_SCAN_ALGO 0x200 |
|
91 |
+#define CL_SCAN_PHISHING_DOMAINLIST 0x800 |
|
92 |
+#define CL_SCAN_ELF 0x1000 |
|
93 | 93 |
|
94 | 94 |
/* recommended scan settings */ |
95 | 95 |
#define CL_SCAN_STDOPT (CL_SCAN_ARCHIVE | CL_SCAN_MAIL | CL_SCAN_OLE2 | CL_SCAN_HTML | CL_SCAN_PE | CL_SCAN_ALGO | CL_SCAN_ELF) |
... | ... |
@@ -19,6 +19,9 @@ |
19 | 19 |
* MA 02110-1301, USA. |
20 | 20 |
* |
21 | 21 |
* $Log: phishcheck.c,v $ |
22 |
+ * Revision 1.16 2006/12/20 01:23:50 tkojm |
|
23 |
+ * options cleanup |
|
24 |
+ * |
|
22 | 25 |
* Revision 1.15 2006/12/19 20:30:17 tkojm |
23 | 26 |
* fix some compiler warnings |
24 | 27 |
* |
... | ... |
@@ -939,8 +942,8 @@ int phishingScan(message* m,const char* dir,cli_ctx* ctx,tag_arguments_t* hrefs) |
939 | 939 |
urls.flags = strncmp((char*)hrefs->tag[i],href_text,href_text_len)? (CL_PHISH_ALL_CHECKS&~CHECK_SSL): CL_PHISH_ALL_CHECKS; |
940 | 940 |
if (!(urls.flags&CHECK_IMG_URL) && !strncmp((char*)hrefs->tag[i],src_text,src_text_len)) |
941 | 941 |
continue; |
942 |
- if (ctx->options&CL_PHISH_NO_DOMAINLIST) |
|
943 |
- urls.flags &= ~DOMAINLIST_REQUIRED; |
|
942 |
+ if (ctx->options&CL_SCAN_PHISHING_DOMAINLIST) |
|
943 |
+ urls.flags |= DOMAINLIST_REQUIRED; |
|
944 | 944 |
string_init_c(&urls.realLink,(char*)hrefs->value[i]); |
945 | 945 |
/* if(!hrefs->contents[i]->isClosed) { |
946 | 946 |
blobAddData(hrefs->contents[i],empty_string,1); |
... | ... |
@@ -502,7 +502,7 @@ int cli_initengine(struct cl_engine **engine, unsigned int options) |
502 | 502 |
} |
503 | 503 |
|
504 | 504 |
#ifdef CL_EXPERIMENTAL |
505 |
- if(!(options & CL_DB_NOPHISHING_URLS)) |
|
505 |
+ if(options & CL_DB_PHISHING_URLS) |
|
506 | 506 |
if((ret = phishing_init(*engine))) |
507 | 507 |
return ret; |
508 | 508 |
#endif |
... | ... |
@@ -673,7 +673,7 @@ static int cli_loadndb(FILE *fd, struct cl_engine **engine, unsigned int *signo, |
673 | 673 |
struct cli_matcher *root; |
674 | 674 |
int line = 0, sigs = 0, ret = 0; |
675 | 675 |
unsigned short target; |
676 |
- unsigned int nophish = options & CL_DB_NOPHISHING; |
|
676 |
+ unsigned int phish = options & CL_DB_PHISHING; |
|
677 | 677 |
|
678 | 678 |
|
679 | 679 |
if((ret = cli_initengine(engine, options))) { |
... | ... |
@@ -692,7 +692,7 @@ static int cli_loadndb(FILE *fd, struct cl_engine **engine, unsigned int *signo, |
692 | 692 |
if(!strncmp(buffer, "Exploit.JPEG.Comment", 20)) /* temporary */ |
693 | 693 |
continue; |
694 | 694 |
|
695 |
- if(nophish) |
|
695 |
+ if(!phish) |
|
696 | 696 |
if(!strncmp(buffer, "HTML.Phishing", 13) || !strncmp(buffer, "Email.Phishing", 14)) |
697 | 697 |
continue; |
698 | 698 |
|
... | ... |
@@ -1168,12 +1168,12 @@ static int cli_load(const char *filename, struct cl_engine **engine, unsigned in |
1168 | 1168 |
skipped = 1; |
1169 | 1169 |
#ifdef CL_EXPERIMENTAL |
1170 | 1170 |
} else if(cli_strbcasestr(filename, ".wdb")) { |
1171 |
- if(!(options & CL_DB_NOPHISHING_URLS)) |
|
1171 |
+ if(options & CL_DB_PHISHING_URLS) |
|
1172 | 1172 |
ret = cli_loadwdb(fd, engine, options); |
1173 | 1173 |
else |
1174 | 1174 |
skipped = 1; |
1175 | 1175 |
} else if(cli_strbcasestr(filename, ".pdb")) { |
1176 |
- if(!(options & CL_DB_NOPHISHING_URLS)) |
|
1176 |
+ if(options & CL_DB_PHISHING_URLS) |
|
1177 | 1177 |
ret = cli_loadpdb(fd, engine, options); |
1178 | 1178 |
else |
1179 | 1179 |
skipped = 1; |