... | ... |
@@ -116,6 +116,131 @@ int main(int argc, char **argv) { |
116 | 116 |
} |
117 | 117 |
} |
118 | 118 |
|
119 |
+ pt = optget(opts, "AddHeader")->strarg; |
|
120 |
+ if (strcasecmp(pt, "No")) { |
|
121 |
+ char myname[255]; |
|
122 |
+ |
|
123 |
+ if (((opt = optget(opts, "ReportHostname"))->enabled && |
|
124 |
+ strncpy(myname, opt->strarg, sizeof(myname))) || |
|
125 |
+ !gethostname(myname, sizeof(myname))) { |
|
126 |
+ |
|
127 |
+ myname[sizeof(myname)-1] = '\0'; |
|
128 |
+ snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s at %s", |
|
129 |
+ get_version(), myname); |
|
130 |
+ } else { |
|
131 |
+ snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s", |
|
132 |
+ get_version()); |
|
133 |
+ } |
|
134 |
+ xvirushdr[sizeof(xvirushdr)-1] = '\0'; |
|
135 |
+ |
|
136 |
+ descr.xxfi_flags |= SMFIF_ADDHDRS; |
|
137 |
+ |
|
138 |
+ if (strcasecmp(pt, "Add")) { /* Replace or Yes */ |
|
139 |
+ descr.xxfi_flags |= SMFIF_CHGHDRS; |
|
140 |
+ addxvirus = 1; |
|
141 |
+ } else { /* Add */ |
|
142 |
+ addxvirus = 2; |
|
143 |
+ } |
|
144 |
+ } |
|
145 |
+ |
|
146 |
+ if(!(my_socket = optget(opts, "MilterSocket")->strarg)) { |
|
147 |
+ logg("!Please configure the MilterSocket directive\n"); |
|
148 |
+ logg_close(); |
|
149 |
+ optfree(opts); |
|
150 |
+ return 1; |
|
151 |
+ } |
|
152 |
+ |
|
153 |
+ if(smfi_setconn(my_socket) == MI_FAILURE) { |
|
154 |
+ logg("!smfi_setconn failed\n"); |
|
155 |
+ logg_close(); |
|
156 |
+ optfree(opts); |
|
157 |
+ return 1; |
|
158 |
+ } |
|
159 |
+ if(smfi_register(descr) == MI_FAILURE) { |
|
160 |
+ logg("!smfi_register failed\n"); |
|
161 |
+ logg_close(); |
|
162 |
+ optfree(opts); |
|
163 |
+ return 1; |
|
164 |
+ } |
|
165 |
+ opt = optget(opts, "FixStaleSocket"); |
|
166 |
+ umsk = umask(0777); /* socket is created with 000 to avoid races */ |
|
167 |
+ if(smfi_opensocket(opt->enabled) == MI_FAILURE) { |
|
168 |
+ logg("!Failed to create socket %s\n", my_socket); |
|
169 |
+ logg_close(); |
|
170 |
+ optfree(opts); |
|
171 |
+ return 1; |
|
172 |
+ } |
|
173 |
+ umask(umsk); /* restore umask */ |
|
174 |
+ if(strncmp(my_socket, "inet:", 5) && strncmp(my_socket, "inet6:", 6)) { |
|
175 |
+ /* set group ownership and perms on the local socket */ |
|
176 |
+ char *sock_name = my_socket; |
|
177 |
+ mode_t sock_mode; |
|
178 |
+ if(!strncmp(my_socket, "unix:", 5)) |
|
179 |
+ sock_name += 5; |
|
180 |
+ if(!strncmp(my_socket, "local:", 6)) |
|
181 |
+ sock_name += 6; |
|
182 |
+ if(*my_socket == ':') |
|
183 |
+ sock_name ++; |
|
184 |
+ |
|
185 |
+ if(optget(opts, "MilterSocketGroup")->enabled) { |
|
186 |
+ char *gname = optget(opts, "MilterSocketGroup")->strarg, *end; |
|
187 |
+ gid_t sock_gid = strtol(gname, &end, 10); |
|
188 |
+ if(*end) { |
|
189 |
+ struct group *pgrp = getgrnam(gname); |
|
190 |
+ if(!pgrp) { |
|
191 |
+ logg("!Unknown group %s\n", gname); |
|
192 |
+ logg_close(); |
|
193 |
+ optfree(opts); |
|
194 |
+ return 1; |
|
195 |
+ } |
|
196 |
+ sock_gid = pgrp->gr_gid; |
|
197 |
+ } |
|
198 |
+ if(chown(sock_name, -1, sock_gid)) { |
|
199 |
+ logg("!Failed to change socket ownership to group %s\n", gname); |
|
200 |
+ logg_close(); |
|
201 |
+ optfree(opts); |
|
202 |
+ return 1; |
|
203 |
+ } |
|
204 |
+ } |
|
205 |
+ |
|
206 |
+ if ((opt = optget(opts, "User"))->enabled) { |
|
207 |
+ struct passwd *user; |
|
208 |
+ if ((user = getpwnam(opt->strarg)) == NULL) { |
|
209 |
+ logg("ERROR: Can't get information about user %s.\n", |
|
210 |
+ opt->strarg); |
|
211 |
+ logg_close(); |
|
212 |
+ optfree(opts); |
|
213 |
+ return 1; |
|
214 |
+ } |
|
215 |
+ |
|
216 |
+ if(chown(sock_name, user->pw_uid, -1)) { |
|
217 |
+ logg("!Failed to change socket ownership to user %s\n", user->pw_name); |
|
218 |
+ optfree(opts); |
|
219 |
+ logg_close(); |
|
220 |
+ return 1; |
|
221 |
+ } |
|
222 |
+ } |
|
223 |
+ |
|
224 |
+ if(optget(opts, "MilterSocketMode")->enabled) { |
|
225 |
+ char *end; |
|
226 |
+ sock_mode = strtol(optget(opts, "MilterSocketMode")->strarg, &end, 8); |
|
227 |
+ if(*end) { |
|
228 |
+ logg("!Invalid MilterSocketMode %s\n", optget(opts, "MilterSocketMode")->strarg); |
|
229 |
+ logg_close(); |
|
230 |
+ optfree(opts); |
|
231 |
+ return 1; |
|
232 |
+ } |
|
233 |
+ } else |
|
234 |
+ sock_mode = 0777 & ~umsk; |
|
235 |
+ |
|
236 |
+ if(chmod(sock_name, sock_mode & 0666)) { |
|
237 |
+ logg("!Cannot set milter socket permission to %s\n", optget(opts, "MilterSocketMode")->strarg); |
|
238 |
+ logg_close(); |
|
239 |
+ optfree(opts); |
|
240 |
+ return 1; |
|
241 |
+ } |
|
242 |
+ } |
|
243 |
+ |
|
119 | 244 |
if(geteuid() == 0 && (opt = optget(opts, "User"))->enabled) { |
120 | 245 |
struct passwd *user = NULL; |
121 | 246 |
if((user = getpwnam(opt->strarg)) == NULL) { |
... | ... |
@@ -225,38 +350,8 @@ int main(int argc, char **argv) { |
225 | 225 |
return 1; |
226 | 226 |
} |
227 | 227 |
|
228 |
- pt = optget(opts, "AddHeader")->strarg; |
|
229 |
- if(strcasecmp(pt, "No")) { |
|
230 |
- char myname[255]; |
|
231 |
- |
|
232 |
- if(((opt = optget(opts, "ReportHostname"))->enabled && strncpy(myname, opt->strarg, sizeof(myname))) || !gethostname(myname, sizeof(myname))) { |
|
233 |
- myname[sizeof(myname)-1] = '\0'; |
|
234 |
- snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s at %s", get_version(), myname); |
|
235 |
- } else |
|
236 |
- snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s", get_version()); |
|
237 |
- xvirushdr[sizeof(xvirushdr)-1] = '\0'; |
|
238 |
- |
|
239 |
- descr.xxfi_flags |= SMFIF_ADDHDRS; |
|
240 |
- |
|
241 |
- if(strcasecmp(pt, "Add")) { /* Replace or Yes */ |
|
242 |
- descr.xxfi_flags |= SMFIF_CHGHDRS; |
|
243 |
- addxvirus = 1; |
|
244 |
- } else { /* Add */ |
|
245 |
- addxvirus = 2; |
|
246 |
- } |
|
247 |
- } |
|
248 |
- |
|
249 | 228 |
multircpt = optget(opts, "SupportMultipleRecipients")->enabled; |
250 | 229 |
|
251 |
- if(!(my_socket = optget(opts, "MilterSocket")->strarg)) { |
|
252 |
- logg("!Please configure the MilterSocket directive\n"); |
|
253 |
- localnets_free(); |
|
254 |
- whitelist_free(); |
|
255 |
- logg_close(); |
|
256 |
- optfree(opts); |
|
257 |
- return 1; |
|
258 |
- } |
|
259 |
- |
|
260 | 230 |
if(!optget(opts, "Foreground")->enabled) { |
261 | 231 |
if(daemonize() == -1) { |
262 | 232 |
logg("!daemonize() failed\n"); |
... | ... |
@@ -271,92 +366,6 @@ int main(int argc, char **argv) { |
271 | 271 |
logg("^Can't change current working directory to root\n"); |
272 | 272 |
} |
273 | 273 |
|
274 |
- if(smfi_setconn(my_socket) == MI_FAILURE) { |
|
275 |
- logg("!smfi_setconn failed\n"); |
|
276 |
- localnets_free(); |
|
277 |
- whitelist_free(); |
|
278 |
- logg_close(); |
|
279 |
- optfree(opts); |
|
280 |
- return 1; |
|
281 |
- } |
|
282 |
- if(smfi_register(descr) == MI_FAILURE) { |
|
283 |
- logg("!smfi_register failed\n"); |
|
284 |
- localnets_free(); |
|
285 |
- whitelist_free(); |
|
286 |
- logg_close(); |
|
287 |
- optfree(opts); |
|
288 |
- return 1; |
|
289 |
- } |
|
290 |
- opt = optget(opts, "FixStaleSocket"); |
|
291 |
- umsk = umask(0777); /* socket is created with 000 to avoid races */ |
|
292 |
- if(smfi_opensocket(opt->enabled) == MI_FAILURE) { |
|
293 |
- logg("!Failed to create socket %s\n", my_socket); |
|
294 |
- localnets_free(); |
|
295 |
- whitelist_free(); |
|
296 |
- logg_close(); |
|
297 |
- optfree(opts); |
|
298 |
- return 1; |
|
299 |
- } |
|
300 |
- umask(umsk); /* restore umask */ |
|
301 |
- if(strncmp(my_socket, "inet:", 5) && strncmp(my_socket, "inet6:", 6)) { |
|
302 |
- /* set group ownership and perms on the local socket */ |
|
303 |
- char *sock_name = my_socket; |
|
304 |
- mode_t sock_mode; |
|
305 |
- if(!strncmp(my_socket, "unix:", 5)) |
|
306 |
- sock_name += 5; |
|
307 |
- if(!strncmp(my_socket, "local:", 6)) |
|
308 |
- sock_name += 6; |
|
309 |
- if(*my_socket == ':') |
|
310 |
- sock_name ++; |
|
311 |
- |
|
312 |
- if(optget(opts, "MilterSocketGroup")->enabled) { |
|
313 |
- char *gname = optget(opts, "MilterSocketGroup")->strarg, *end; |
|
314 |
- gid_t sock_gid = strtol(gname, &end, 10); |
|
315 |
- if(*end) { |
|
316 |
- struct group *pgrp = getgrnam(gname); |
|
317 |
- if(!pgrp) { |
|
318 |
- logg("!Unknown group %s\n", gname); |
|
319 |
- localnets_free(); |
|
320 |
- whitelist_free(); |
|
321 |
- logg_close(); |
|
322 |
- optfree(opts); |
|
323 |
- return 1; |
|
324 |
- } |
|
325 |
- sock_gid = pgrp->gr_gid; |
|
326 |
- } |
|
327 |
- if(chown(sock_name, -1, sock_gid)) { |
|
328 |
- logg("!Failed to change socket ownership to group %s\n", gname); |
|
329 |
- localnets_free(); |
|
330 |
- whitelist_free(); |
|
331 |
- logg_close(); |
|
332 |
- optfree(opts); |
|
333 |
- return 1; |
|
334 |
- } |
|
335 |
- } |
|
336 |
- if(optget(opts, "MilterSocketMode")->enabled) { |
|
337 |
- char *end; |
|
338 |
- sock_mode = strtol(optget(opts, "MilterSocketMode")->strarg, &end, 8); |
|
339 |
- if(*end) { |
|
340 |
- logg("!Invalid MilterSocketMode %s\n", optget(opts, "MilterSocketMode")->strarg); |
|
341 |
- localnets_free(); |
|
342 |
- whitelist_free(); |
|
343 |
- logg_close(); |
|
344 |
- optfree(opts); |
|
345 |
- return 1; |
|
346 |
- } |
|
347 |
- } else |
|
348 |
- sock_mode = 0777 & ~umsk; |
|
349 |
- |
|
350 |
- if(chmod(sock_name, sock_mode & 0666)) { |
|
351 |
- logg("!Cannot set milter socket permission to %s\n", optget(opts, "MilterSocketMode")->strarg); |
|
352 |
- localnets_free(); |
|
353 |
- whitelist_free(); |
|
354 |
- logg_close(); |
|
355 |
- optfree(opts); |
|
356 |
- return 1; |
|
357 |
- } |
|
358 |
- } |
|
359 |
- |
|
360 | 274 |
maxfilesize = optget(opts, "MaxFileSize")->numarg; |
361 | 275 |
if(!maxfilesize) { |
362 | 276 |
logg("^Invalid MaxFileSize, using default (%d)\n", CLI_DEFAULT_MAXFILESIZE); |