Browse code
options cleanup
- clamav-devel/ChangeLog
- clamav-devel/clamd/clamd.c
- clamav-devel/clamd/server-th.c
- clamav-devel/clamscan/manager.c
- clamav-devel/libclamav/clamav.h
- clamav-devel/libclamav/phishcheck.c
- clamav-devel/libclamav/readdb.c
| ... | ... |
@@ -1,3 +1,8 @@ |
| 1 |
+Wed Dec 20 02:19:45 CET 2006 (tk) |
|
| 2 |
+--------------------------------- |
|
| 3 |
+ * libclamav: options cleanup; requires additional changes in mbox.c and |
|
| 4 |
+ clamav-milter |
|
| 5 |
+ |
|
| 1 | 6 |
Tue Dec 19 21:44:13 CET 2006 (tk) |
| 2 | 7 |
--------------------------------- |
| 3 | 8 |
* libclamav/regex_list.c: strict whitelisting (Edvin) |
| ... | ... |
@@ -308,10 +308,10 @@ int main(int argc, char **argv) |
| 308 | 308 |
dbdir = cfgopt(copt, "DatabaseDirectory")->strarg; |
| 309 | 309 |
logg("#Reading databases from %s\n", dbdir);
|
| 310 | 310 |
|
| 311 |
- if(!cfgopt(copt, "DetectPhishing")->enabled) {
|
|
| 312 |
- dboptions |= CL_DB_NOPHISHING; |
|
| 311 |
+ if(cfgopt(copt, "DetectPhishing")->enabled) |
|
| 312 |
+ dboptions |= CL_DB_PHISHING; |
|
| 313 |
+ else |
|
| 313 | 314 |
logg("Not loading phishing signatures.\n");
|
| 314 |
- } |
|
| 315 | 315 |
|
| 316 | 316 |
if(cfgopt(copt, "NodalCoreAcceleration")->enabled) {
|
| 317 | 317 |
#ifdef HAVE_NCORE |
| ... | ... |
@@ -300,10 +300,10 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_node *root, unsigned in |
| 300 | 300 |
max_threads = cfgopt(copt, "MaxThreads")->numarg; |
| 301 | 301 |
|
| 302 | 302 |
#ifdef CL_EXPERIMENTAL |
| 303 |
- if(!cfgopt(copt,"PhishingScanURLs")->enabled) |
|
| 304 |
- dboptions |= CL_DB_NOPHISHING_URLS; |
|
| 303 |
+ if(cfgopt(copt,"PhishingScanURLs")->enabled) |
|
| 304 |
+ dboptions |= CL_DB_PHISHING_URLS; |
|
| 305 | 305 |
if(cfgopt(copt,"PhishingStrictURLCheck")->enabled) |
| 306 |
- options |= CL_PHISH_NO_DOMAINLIST; |
|
| 306 |
+ options |= CL_SCAN_PHISHING_DOMAINLIST; |
|
| 307 | 307 |
#endif |
| 308 | 308 |
|
| 309 | 309 |
if(cfgopt(copt, "ScanArchive")->enabled || cfgopt(copt, "ClamukoScanArchive")->enabled) {
|
| ... | ... |
@@ -89,14 +89,14 @@ int scanmanager(const struct optstruct *opt) |
| 89 | 89 |
if(opt_check(opt, "ncore")) |
| 90 | 90 |
dboptions |= CL_DB_NCORE; |
| 91 | 91 |
|
| 92 |
- if(opt_check(opt, "no-phishing")) |
|
| 93 |
- dboptions |= CL_DB_NOPHISHING; |
|
| 92 |
+ if(!opt_check(opt, "no-phishing")) |
|
| 93 |
+ dboptions |= CL_DB_PHISHING; |
|
| 94 | 94 |
|
| 95 | 95 |
#ifdef CL_EXPERIMENTAL |
| 96 |
- if(opt_check(opt,"no-phishing-scan-urls")) |
|
| 97 |
- dboptions |= CL_DB_NOPHISHING_URLS; |
|
| 96 |
+ if(!opt_check(opt,"no-phishing-scan-urls")) |
|
| 97 |
+ dboptions |= CL_DB_PHISHING_URLS; |
|
| 98 | 98 |
if(opt_check(opt,"phishing-strict-url-check")) |
| 99 |
- options |= CL_PHISH_NO_DOMAINLIST; |
|
| 99 |
+ options |= CL_SCAN_PHISHING_DOMAINLIST; |
|
| 100 | 100 |
#endif |
| 101 | 101 |
|
| 102 | 102 |
if(opt_check(opt, "dev-ac-only")) {
|
| ... | ... |
@@ -69,27 +69,27 @@ extern "C" |
| 69 | 69 |
|
| 70 | 70 |
/* db options */ |
| 71 | 71 |
#define CL_DB_NCORE 0x1 |
| 72 |
-#define CL_DB_NOPHISHING 0x2 |
|
| 72 |
+#define CL_DB_PHISHING 0x2 |
|
| 73 | 73 |
#define CL_DB_ACONLY 0x4 /* WARNING: only for developers */ |
| 74 |
-#define CL_DB_NOPHISHING_URLS 0x8 |
|
| 74 |
+#define CL_DB_PHISHING_URLS 0x8 |
|
| 75 | 75 |
|
| 76 | 76 |
/* recommended db settings */ |
| 77 |
-#define CL_DB_STDOPT 0x0 |
|
| 77 |
+#define CL_DB_STDOPT CL_DB_PHISHING |
|
| 78 | 78 |
|
| 79 | 79 |
/* scan options */ |
| 80 |
-#define CL_SCAN_RAW 0x0 |
|
| 81 |
-#define CL_SCAN_ARCHIVE 0x1 |
|
| 82 |
-#define CL_SCAN_MAIL 0x2 |
|
| 83 |
-#define CL_SCAN_OLE2 0x4 |
|
| 84 |
-#define CL_SCAN_BLOCKENCRYPTED 0x8 |
|
| 85 |
-#define CL_SCAN_HTML 0x10 |
|
| 86 |
-#define CL_SCAN_PE 0x20 |
|
| 87 |
-#define CL_SCAN_BLOCKBROKEN 0x40 |
|
| 88 |
-#define CL_SCAN_MAILURL 0x80 |
|
| 89 |
-#define CL_SCAN_BLOCKMAX 0x100 |
|
| 90 |
-#define CL_SCAN_ALGO 0x200 |
|
| 91 |
-#define CL_PHISH_NO_DOMAINLIST 0x800 |
|
| 92 |
-#define CL_SCAN_ELF 0x1000 |
|
| 80 |
+#define CL_SCAN_RAW 0x0 |
|
| 81 |
+#define CL_SCAN_ARCHIVE 0x1 |
|
| 82 |
+#define CL_SCAN_MAIL 0x2 |
|
| 83 |
+#define CL_SCAN_OLE2 0x4 |
|
| 84 |
+#define CL_SCAN_BLOCKENCRYPTED 0x8 |
|
| 85 |
+#define CL_SCAN_HTML 0x10 |
|
| 86 |
+#define CL_SCAN_PE 0x20 |
|
| 87 |
+#define CL_SCAN_BLOCKBROKEN 0x40 |
|
| 88 |
+#define CL_SCAN_MAILURL 0x80 |
|
| 89 |
+#define CL_SCAN_BLOCKMAX 0x100 |
|
| 90 |
+#define CL_SCAN_ALGO 0x200 |
|
| 91 |
+#define CL_SCAN_PHISHING_DOMAINLIST 0x800 |
|
| 92 |
+#define CL_SCAN_ELF 0x1000 |
|
| 93 | 93 |
|
| 94 | 94 |
/* recommended scan settings */ |
| 95 | 95 |
#define CL_SCAN_STDOPT (CL_SCAN_ARCHIVE | CL_SCAN_MAIL | CL_SCAN_OLE2 | CL_SCAN_HTML | CL_SCAN_PE | CL_SCAN_ALGO | CL_SCAN_ELF) |
| ... | ... |
@@ -19,6 +19,9 @@ |
| 19 | 19 |
* MA 02110-1301, USA. |
| 20 | 20 |
* |
| 21 | 21 |
* $Log: phishcheck.c,v $ |
| 22 |
+ * Revision 1.16 2006/12/20 01:23:50 tkojm |
|
| 23 |
+ * options cleanup |
|
| 24 |
+ * |
|
| 22 | 25 |
* Revision 1.15 2006/12/19 20:30:17 tkojm |
| 23 | 26 |
* fix some compiler warnings |
| 24 | 27 |
* |
| ... | ... |
@@ -939,8 +942,8 @@ int phishingScan(message* m,const char* dir,cli_ctx* ctx,tag_arguments_t* hrefs) |
| 939 | 939 |
urls.flags = strncmp((char*)hrefs->tag[i],href_text,href_text_len)? (CL_PHISH_ALL_CHECKS&~CHECK_SSL): CL_PHISH_ALL_CHECKS; |
| 940 | 940 |
if (!(urls.flags&CHECK_IMG_URL) && !strncmp((char*)hrefs->tag[i],src_text,src_text_len)) |
| 941 | 941 |
continue; |
| 942 |
- if (ctx->options&CL_PHISH_NO_DOMAINLIST) |
|
| 943 |
- urls.flags &= ~DOMAINLIST_REQUIRED; |
|
| 942 |
+ if (ctx->options&CL_SCAN_PHISHING_DOMAINLIST) |
|
| 943 |
+ urls.flags |= DOMAINLIST_REQUIRED; |
|
| 944 | 944 |
string_init_c(&urls.realLink,(char*)hrefs->value[i]); |
| 945 | 945 |
/* if(!hrefs->contents[i]->isClosed) {
|
| 946 | 946 |
blobAddData(hrefs->contents[i],empty_string,1); |
| ... | ... |
@@ -502,7 +502,7 @@ int cli_initengine(struct cl_engine **engine, unsigned int options) |
| 502 | 502 |
} |
| 503 | 503 |
|
| 504 | 504 |
#ifdef CL_EXPERIMENTAL |
| 505 |
- if(!(options & CL_DB_NOPHISHING_URLS)) |
|
| 505 |
+ if(options & CL_DB_PHISHING_URLS) |
|
| 506 | 506 |
if((ret = phishing_init(*engine))) |
| 507 | 507 |
return ret; |
| 508 | 508 |
#endif |
| ... | ... |
@@ -673,7 +673,7 @@ static int cli_loadndb(FILE *fd, struct cl_engine **engine, unsigned int *signo, |
| 673 | 673 |
struct cli_matcher *root; |
| 674 | 674 |
int line = 0, sigs = 0, ret = 0; |
| 675 | 675 |
unsigned short target; |
| 676 |
- unsigned int nophish = options & CL_DB_NOPHISHING; |
|
| 676 |
+ unsigned int phish = options & CL_DB_PHISHING; |
|
| 677 | 677 |
|
| 678 | 678 |
|
| 679 | 679 |
if((ret = cli_initengine(engine, options))) {
|
| ... | ... |
@@ -692,7 +692,7 @@ static int cli_loadndb(FILE *fd, struct cl_engine **engine, unsigned int *signo, |
| 692 | 692 |
if(!strncmp(buffer, "Exploit.JPEG.Comment", 20)) /* temporary */ |
| 693 | 693 |
continue; |
| 694 | 694 |
|
| 695 |
- if(nophish) |
|
| 695 |
+ if(!phish) |
|
| 696 | 696 |
if(!strncmp(buffer, "HTML.Phishing", 13) || !strncmp(buffer, "Email.Phishing", 14)) |
| 697 | 697 |
continue; |
| 698 | 698 |
|
| ... | ... |
@@ -1168,12 +1168,12 @@ static int cli_load(const char *filename, struct cl_engine **engine, unsigned in |
| 1168 | 1168 |
skipped = 1; |
| 1169 | 1169 |
#ifdef CL_EXPERIMENTAL |
| 1170 | 1170 |
} else if(cli_strbcasestr(filename, ".wdb")) {
|
| 1171 |
- if(!(options & CL_DB_NOPHISHING_URLS)) |
|
| 1171 |
+ if(options & CL_DB_PHISHING_URLS) |
|
| 1172 | 1172 |
ret = cli_loadwdb(fd, engine, options); |
| 1173 | 1173 |
else |
| 1174 | 1174 |
skipped = 1; |
| 1175 | 1175 |
} else if(cli_strbcasestr(filename, ".pdb")) {
|
| 1176 |
- if(!(options & CL_DB_NOPHISHING_URLS)) |
|
| 1176 |
+ if(options & CL_DB_PHISHING_URLS) |
|
| 1177 | 1177 |
ret = cli_loadpdb(fd, engine, options); |
| 1178 | 1178 |
else |
| 1179 | 1179 |
skipped = 1; |