git-svn: trunk@2091
Nigel Horne authored on 2006/07/17 19:14:14... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Mon Jul 17 11:13:18 BST 2006 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * clamav-milter: Added sanity check for --server when --external isn't |
|
4 |
+ given |
|
5 |
+ |
|
1 | 6 |
Mon Jul 17 11:40:14 CEST 2006 (tk) |
2 | 7 |
---------------------------------- |
3 | 8 |
* freshclam/manager.c: fix NULL pointer dereference in new code, reported |
... | ... |
@@ -23,9 +23,9 @@ |
23 | 23 |
* |
24 | 24 |
* For installation instructions see the file INSTALL that came with this file |
25 | 25 |
*/ |
26 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.258 2006/07/15 08:11:45 njh Exp $"; |
|
26 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.259 2006/07/17 10:12:55 njh Exp $"; |
|
27 | 27 |
|
28 |
-#define CM_VERSION "devel-150706" |
|
28 |
+#define CM_VERSION "devel-170706" |
|
29 | 29 |
|
30 | 30 |
#if HAVE_CONFIG_H |
31 | 31 |
#include "clamav-config.h" |
... | ... |
@@ -167,20 +167,17 @@ typedef unsigned int in_addr_t; |
167 | 167 |
* Having said that, with LogSysLog you can (on Linux) configure the system |
168 | 168 |
* to get messages on the system console, see syslog.conf(5), also you |
169 | 169 |
* can use wall(1) in the VirusEvent entry in clamd.conf |
170 |
- * TODO: build with libclamav.so rather than libclamav.a |
|
171 | 170 |
* TODO: Decide action (bounce, discard, reject etc.) based on the virus |
172 | 171 |
* found. Those with faked addresses, such as SCO.A want discarding, |
173 | 172 |
* others could be bounced properly. |
174 |
- * TODO: Encrypt mails sent to clamd to stop sniffers |
|
173 |
+ * TODO: Encrypt mails sent to clamd to stop sniffers. Sending by UNIX domain |
|
174 |
+ * sockets is better |
|
175 | 175 |
* TODO: Test with IPv6 |
176 |
- * TODO: Files can be scanned with "SCAN" not "STREAM" if clamd is on the same |
|
177 |
- * machine when talking via INET domain socket. |
|
178 | 176 |
* TODO: Load balancing, allow local machine to talk via UNIX domain socket. |
179 | 177 |
* TODO: allow each line in the whitelist file to specify a quarantine email |
180 | 178 |
* address |
181 |
- * FIXME: The recent code (blacklist and black-hole-mode) has introduced a |
|
182 |
- * memory leak. Valgrind claims there isn't a leak, but ps claims there |
|
183 |
- * is. Be warned. It's much worse in blacklist mode. |
|
179 |
+ * FIXME: The blacklist code may be leaky. Valgrind claims there isn't a leak, |
|
180 |
+ * but ps claims there is. Be warned. |
|
184 | 181 |
*/ |
185 | 182 |
|
186 | 183 |
struct header_node_t { |
... | ... |
@@ -570,7 +567,7 @@ int |
570 | 570 |
main(int argc, char **argv) |
571 | 571 |
{ |
572 | 572 |
extern char *optarg; |
573 |
- int i, Bflag = 0; |
|
573 |
+ int i, Bflag = 0, server = 0; |
|
574 | 574 |
char *cfgfile = NULL; |
575 | 575 |
const struct cfgstruct *cpt; |
576 | 576 |
char version[VERSION_LENGTH + 1]; |
... | ... |
@@ -877,12 +874,7 @@ main(int argc, char **argv) |
877 | 877 |
smfilter.xxfi_flags |= SMFIF_CHGHDRS|SMFIF_ADDRCPT|SMFIF_DELRCPT; |
878 | 878 |
break; |
879 | 879 |
case 's': /* server running clamd */ |
880 |
-#ifdef notdef /* don't define - forces --external to be listed first :-( */ |
|
881 |
- if(!external) { |
|
882 |
- fputs("--server can only be used with --external\n", stderr); |
|
883 |
- return EX_USAGE; |
|
884 |
- } |
|
885 |
-#endif |
|
880 |
+ server++; |
|
886 | 881 |
serverHostNames = optarg; |
887 | 882 |
break; |
888 | 883 |
case 'F': /* signature file */ |
... | ... |
@@ -935,7 +927,16 @@ main(int argc, char **argv) |
935 | 935 |
} |
936 | 936 |
} |
937 | 937 |
|
938 |
- /* FIXME: error if --servers and --external is not given */ |
|
938 |
+ /* |
|
939 |
+ * Check sanity of --external and --server arguments |
|
940 |
+ */ |
|
941 |
+ if(server && !external) { |
|
942 |
+ fprintf(stderr, |
|
943 |
+ "%s: --server can only be used with --external\n", |
|
944 |
+ argv[0]); |
|
945 |
+ return EX_USAGE; |
|
946 |
+ } |
|
947 |
+ |
|
939 | 948 |
/* TODO: support freshclam's daemon notify if --external is not given */ |
940 | 949 |
|
941 | 950 |
if(optind == argc) { |
... | ... |
@@ -5650,8 +5651,6 @@ mx(void) |
5650 | 5650 |
} q; |
5651 | 5651 |
const HEADER *hp; |
5652 | 5652 |
int len, i; |
5653 |
- u_short type, pref; |
|
5654 |
- u_long ttl; |
|
5655 | 5653 |
|
5656 | 5654 |
if(gethostname(name, sizeof(name)) < 0) { |
5657 | 5655 |
perror("gethostname"); |
... | ... |
@@ -5687,6 +5686,8 @@ mx(void) |
5687 | 5687 |
|
5688 | 5688 |
while((--i >= 0) && (p < end)) { |
5689 | 5689 |
long addr; |
5690 |
+ u_short type, pref; |
|
5691 |
+ u_long ttl; /* unused */ |
|
5690 | 5692 |
|
5691 | 5693 |
if((len = dn_expand(q.u, end, p, buf, sizeof(buf) - 1)) < 0) |
5692 | 5694 |
break; |
... | ... |
@@ -5728,8 +5729,6 @@ resolve(const char *host) |
5728 | 5728 |
} q; |
5729 | 5729 |
const HEADER *hp; |
5730 | 5730 |
int len, i; |
5731 |
- u_short type; |
|
5732 |
- u_long ttl; |
|
5733 | 5731 |
|
5734 | 5732 |
if((host == NULL) || (*host == '\0')) |
5735 | 5733 |
return; |
... | ... |
@@ -5752,6 +5751,8 @@ resolve(const char *host) |
5752 | 5752 |
i = ntohs(hp->ancount); |
5753 | 5753 |
|
5754 | 5754 |
while((--i >= 0) && (p < end)) { |
5755 |
+ u_short type; |
|
5756 |
+ u_long ttl; |
|
5755 | 5757 |
struct in_addr addr; |
5756 | 5758 |
const char *ip; |
5757 | 5759 |
|
... | ... |
@@ -5760,7 +5761,7 @@ resolve(const char *host) |
5760 | 5760 |
p += len; |
5761 | 5761 |
GETSHORT(type, p); |
5762 | 5762 |
p += INT16SZ; |
5763 |
- GETLONG(ttl, p); |
|
5763 |
+ GETLONG(ttl, p); /* unused */ |
|
5764 | 5764 |
GETSHORT(len, p); |
5765 | 5765 |
if(type != T_A) { |
5766 | 5766 |
p += len; |