Browse code
Added sanity check for --server when --external isn't given
| ... | ... |
@@ -1,3 +1,8 @@ |
| 1 |
+Mon Jul 17 11:13:18 BST 2006 (njh) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * clamav-milter: Added sanity check for --server when --external isn't |
|
| 4 |
+ given |
|
| 5 |
+ |
|
| 1 | 6 |
Mon Jul 17 11:40:14 CEST 2006 (tk) |
| 2 | 7 |
---------------------------------- |
| 3 | 8 |
* freshclam/manager.c: fix NULL pointer dereference in new code, reported |
| ... | ... |
@@ -23,9 +23,9 @@ |
| 23 | 23 |
* |
| 24 | 24 |
* For installation instructions see the file INSTALL that came with this file |
| 25 | 25 |
*/ |
| 26 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.258 2006/07/15 08:11:45 njh Exp $"; |
|
| 26 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.259 2006/07/17 10:12:55 njh Exp $"; |
|
| 27 | 27 |
|
| 28 |
-#define CM_VERSION "devel-150706" |
|
| 28 |
+#define CM_VERSION "devel-170706" |
|
| 29 | 29 |
|
| 30 | 30 |
#if HAVE_CONFIG_H |
| 31 | 31 |
#include "clamav-config.h" |
| ... | ... |
@@ -167,20 +167,17 @@ typedef unsigned int in_addr_t; |
| 167 | 167 |
* Having said that, with LogSysLog you can (on Linux) configure the system |
| 168 | 168 |
* to get messages on the system console, see syslog.conf(5), also you |
| 169 | 169 |
* can use wall(1) in the VirusEvent entry in clamd.conf |
| 170 |
- * TODO: build with libclamav.so rather than libclamav.a |
|
| 171 | 170 |
* TODO: Decide action (bounce, discard, reject etc.) based on the virus |
| 172 | 171 |
* found. Those with faked addresses, such as SCO.A want discarding, |
| 173 | 172 |
* others could be bounced properly. |
| 174 |
- * TODO: Encrypt mails sent to clamd to stop sniffers |
|
| 173 |
+ * TODO: Encrypt mails sent to clamd to stop sniffers. Sending by UNIX domain |
|
| 174 |
+ * sockets is better |
|
| 175 | 175 |
* TODO: Test with IPv6 |
| 176 |
- * TODO: Files can be scanned with "SCAN" not "STREAM" if clamd is on the same |
|
| 177 |
- * machine when talking via INET domain socket. |
|
| 178 | 176 |
* TODO: Load balancing, allow local machine to talk via UNIX domain socket. |
| 179 | 177 |
* TODO: allow each line in the whitelist file to specify a quarantine email |
| 180 | 178 |
* address |
| 181 |
- * FIXME: The recent code (blacklist and black-hole-mode) has introduced a |
|
| 182 |
- * memory leak. Valgrind claims there isn't a leak, but ps claims there |
|
| 183 |
- * is. Be warned. It's much worse in blacklist mode. |
|
| 179 |
+ * FIXME: The blacklist code may be leaky. Valgrind claims there isn't a leak, |
|
| 180 |
+ * but ps claims there is. Be warned. |
|
| 184 | 181 |
*/ |
| 185 | 182 |
|
| 186 | 183 |
struct header_node_t {
|
| ... | ... |
@@ -570,7 +567,7 @@ int |
| 570 | 570 |
main(int argc, char **argv) |
| 571 | 571 |
{
|
| 572 | 572 |
extern char *optarg; |
| 573 |
- int i, Bflag = 0; |
|
| 573 |
+ int i, Bflag = 0, server = 0; |
|
| 574 | 574 |
char *cfgfile = NULL; |
| 575 | 575 |
const struct cfgstruct *cpt; |
| 576 | 576 |
char version[VERSION_LENGTH + 1]; |
| ... | ... |
@@ -877,12 +874,7 @@ main(int argc, char **argv) |
| 877 | 877 |
smfilter.xxfi_flags |= SMFIF_CHGHDRS|SMFIF_ADDRCPT|SMFIF_DELRCPT; |
| 878 | 878 |
break; |
| 879 | 879 |
case 's': /* server running clamd */ |
| 880 |
-#ifdef notdef /* don't define - forces --external to be listed first :-( */ |
|
| 881 |
- if(!external) {
|
|
| 882 |
- fputs("--server can only be used with --external\n", stderr);
|
|
| 883 |
- return EX_USAGE; |
|
| 884 |
- } |
|
| 885 |
-#endif |
|
| 880 |
+ server++; |
|
| 886 | 881 |
serverHostNames = optarg; |
| 887 | 882 |
break; |
| 888 | 883 |
case 'F': /* signature file */ |
| ... | ... |
@@ -935,7 +927,16 @@ main(int argc, char **argv) |
| 935 | 935 |
} |
| 936 | 936 |
} |
| 937 | 937 |
|
| 938 |
- /* FIXME: error if --servers and --external is not given */ |
|
| 938 |
+ /* |
|
| 939 |
+ * Check sanity of --external and --server arguments |
|
| 940 |
+ */ |
|
| 941 |
+ if(server && !external) {
|
|
| 942 |
+ fprintf(stderr, |
|
| 943 |
+ "%s: --server can only be used with --external\n", |
|
| 944 |
+ argv[0]); |
|
| 945 |
+ return EX_USAGE; |
|
| 946 |
+ } |
|
| 947 |
+ |
|
| 939 | 948 |
/* TODO: support freshclam's daemon notify if --external is not given */ |
| 940 | 949 |
|
| 941 | 950 |
if(optind == argc) {
|
| ... | ... |
@@ -5650,8 +5651,6 @@ mx(void) |
| 5650 | 5650 |
} q; |
| 5651 | 5651 |
const HEADER *hp; |
| 5652 | 5652 |
int len, i; |
| 5653 |
- u_short type, pref; |
|
| 5654 |
- u_long ttl; |
|
| 5655 | 5653 |
|
| 5656 | 5654 |
if(gethostname(name, sizeof(name)) < 0) {
|
| 5657 | 5655 |
perror("gethostname");
|
| ... | ... |
@@ -5687,6 +5686,8 @@ mx(void) |
| 5687 | 5687 |
|
| 5688 | 5688 |
while((--i >= 0) && (p < end)) {
|
| 5689 | 5689 |
long addr; |
| 5690 |
+ u_short type, pref; |
|
| 5691 |
+ u_long ttl; /* unused */ |
|
| 5690 | 5692 |
|
| 5691 | 5693 |
if((len = dn_expand(q.u, end, p, buf, sizeof(buf) - 1)) < 0) |
| 5692 | 5694 |
break; |
| ... | ... |
@@ -5728,8 +5729,6 @@ resolve(const char *host) |
| 5728 | 5728 |
} q; |
| 5729 | 5729 |
const HEADER *hp; |
| 5730 | 5730 |
int len, i; |
| 5731 |
- u_short type; |
|
| 5732 |
- u_long ttl; |
|
| 5733 | 5731 |
|
| 5734 | 5732 |
if((host == NULL) || (*host == '\0')) |
| 5735 | 5733 |
return; |
| ... | ... |
@@ -5752,6 +5751,8 @@ resolve(const char *host) |
| 5752 | 5752 |
i = ntohs(hp->ancount); |
| 5753 | 5753 |
|
| 5754 | 5754 |
while((--i >= 0) && (p < end)) {
|
| 5755 |
+ u_short type; |
|
| 5756 |
+ u_long ttl; |
|
| 5755 | 5757 |
struct in_addr addr; |
| 5756 | 5758 |
const char *ip; |
| 5757 | 5759 |
|
| ... | ... |
@@ -5760,7 +5761,7 @@ resolve(const char *host) |
| 5760 | 5760 |
p += len; |
| 5761 | 5761 |
GETSHORT(type, p); |
| 5762 | 5762 |
p += INT16SZ; |
| 5763 |
- GETLONG(ttl, p); |
|
| 5763 |
+ GETLONG(ttl, p); /* unused */ |
|
| 5764 | 5764 |
GETSHORT(len, p); |
| 5765 | 5765 |
if(type != T_A) {
|
| 5766 | 5766 |
p += len; |