@@ -1,3 +1,7 @@

+Thu Nov 13 19:06:47 CET 2008 (tk)

+---------------------------------

+ * libclamav, clamd, clamscan: use cl_engine_set() to control AC settings

+

 Thu Nov 13 16:54:24 CET 2008 (acab)

 -----------------------------------

  * clamav-milter: prevent races

@@ -105,6 +105,7 @@ int main(int argc, char **argv)

 	unsigned int sigs = 0;

 	int lsockets[2], nlsockets = 0;

 	unsigned int dboptions = 0;

+	uint32_t val32;

 #ifdef C_LINUX

 	struct stat sb;

 #endif

@@ -406,11 +407,13 @@ int main(int argc, char **argv)

     if(cfgopt(copt,"DevACOnly")->enabled) {

 	logg("#Only using the A-C matcher.\n");

-	dboptions |= CL_DB_ACONLY;

+        val32 = 1;

+	cl_engine_set(engine, CL_ENGINE_AC_ONLY, &val32);

     }

     if((cpt = cfgopt(copt, "DevACDepth"))->enabled) {

-	cli_ac_setdepth(AC_DEFAULT_MIN_DEPTH, cpt->numarg);

+	val32 = cpt->numarg;

+        cl_engine_set(engine, CL_ENGINE_AC_MAXDEPTH, &val32);

 	logg("#Max A-C depth set to %u\n", cpt->numarg);

     }

@@ -371,12 +371,6 @@ int scanmanager(const struct optstruct *opt)

 	options |= CL_SCAN_HEURISTIC_PRECEDENCE;

     }

-    if(opt_check(opt, "dev-ac-only"))

-	dboptions |= CL_DB_ACONLY;

-

-    if(opt_check(opt, "dev-ac-depth"))

-	cli_ac_setdepth(AC_DEFAULT_MIN_DEPTH, atoi(opt_arg(opt, "dev-ac-depth")));

-

     if((ret = cl_init(CL_INIT_DEFAULT))) {

 	logg("!Can't initialize libclamav: %s\n", cl_strerror(ret));

 	return 50;

@@ -444,6 +438,16 @@ int scanmanager(const struct optstruct *opt)

 	}

     }

+    if(opt_check(opt, "dev-ac-only")) {

+	val32 = 1;

+	cl_engine_set(engine, CL_ENGINE_AC_ONLY, &val32);

+    }

+

+    if(opt_check(opt, "dev-ac-depth")) {

+	val32 = atoi(opt_arg(opt, "dev-ac-depth"));

+	cl_engine_set(engine, CL_ENGINE_AC_MAXDEPTH, &val32);

+    }

+

     if(opt_check(opt, "database")) {

 	if((ret = cl_load(opt_arg(opt, "database"), engine, &info.sigs, dboptions))) {

 	    logg("!%s\n", cl_strerror(ret));

@@ -67,7 +67,6 @@ extern "C"

 /* db options */

 #define CL_DB_PHISHING	    0x2

-#define CL_DB_ACONLY	    0x4 /* WARNING: only for developers */

 #define CL_DB_PHISHING_URLS 0x8

 #define CL_DB_PUA	    0x10

 #define CL_DB_CVDNOTMP	    0x20

@@ -120,7 +119,10 @@ enum cl_engine_field {

     CL_ENGINE_MIN_SSN_COUNT,	    /* uint32_t */

     CL_ENGINE_PUA_CATEGORIES,	    /* (char *) */

     CL_ENGINE_DB_VERSION,	    /* uint32_t */

-    CL_ENGINE_DB_TIME		    /* uint32_t */

+    CL_ENGINE_DB_TIME,		    /* uint32_t */

+    CL_ENGINE_AC_ONLY,		    /* uint32_t */

+    CL_ENGINE_AC_MINDEPTH,	    /* uint32_t */

+    CL_ENGINE_AC_MAXDEPTH	    /* uint32_t */

 };

 extern int cl_engine_set(struct cl_engine *engine, enum cl_engine_field field, const void *val);

@@ -28,7 +28,6 @@ CLAMAV_PUBLIC {

 };

 CLAMAV_PRIVATE {

   global:

-    cli_ac_setdepth;

     cli_strtok;

     cli_untgz;

     cli_regcomp;

@@ -43,9 +43,6 @@

 #include "mpool.h"

-uint8_t cli_ac_mindepth = AC_DEFAULT_MIN_DEPTH;

-uint8_t cli_ac_maxdepth = AC_DEFAULT_MAX_DEPTH;

-

 int cli_ac_addpatt(struct cli_matcher *root, struct cli_ac_patt *pattern)

 {

 	struct cli_ac_node *pt, *next;

@@ -1465,9 +1462,3 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex

     return CL_SUCCESS;

 }

-

-void cli_ac_setdepth(uint8_t mindepth, uint8_t maxdepth)

-{

-    cli_ac_mindepth = mindepth;

-    cli_ac_maxdepth = maxdepth;

-}

@@ -30,7 +30,6 @@

 #define AC_DEFAULT_MAX_DEPTH 3

 #define AC_DEFAULT_TRACKLEN 8

 #define AC_CH_MAXDIST 32

-extern uint8_t cli_ac_mindepth, cli_ac_maxdepth;

 #define AC_SCAN_VIR 1

 #define AC_SCAN_FT  2

@@ -90,6 +89,5 @@ int cli_ac_buildtrie(struct cli_matcher *root);

 int cli_ac_init(struct cli_matcher *root, uint8_t mindepth, uint8_t maxdepth);

 void cli_ac_free(struct cli_matcher *root);

 int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hexsig, uint32_t sigid, uint16_t parts, uint16_t partno, uint16_t rtype, uint16_t type, uint32_t mindist, uint32_t maxdist, const char *offset, const uint32_t *lsigid, unsigned int options);

-void cli_ac_setdepth(uint8_t mindepth, uint8_t maxdepth);

 #endif

@@ -81,6 +81,7 @@ static pthread_mutex_t cli_ctime_mutex = PTHREAD_MUTEX_INITIALIZER;

 #include "cltypes.h"

 #include "regex/regex.h"

 #include "ltdl.h"

+#include "matcher-ac.h"

 #ifndef	O_BINARY

 #define	O_BINARY	0

@@ -257,6 +258,9 @@ struct cl_engine *cl_engine_new(void)

     new->min_ssn_count = 3;

     new->refcount = 1;

+    new->ac_only = 0;

+    new->ac_mindepth = AC_DEFAULT_MIN_DEPTH;

+    new->ac_maxdepth = AC_DEFAULT_MAX_DEPTH;

 #ifdef USE_MPOOL

     if(!(new->mempool = mp_create())) {

@@ -323,7 +327,16 @@ int cl_engine_set(struct cl_engine *engine, enum cl_engine_field field, const vo

 	case CL_ENGINE_DB_VERSION:

 	case CL_ENGINE_DB_TIME:

 	    cli_warnmsg("cl_engine_set: The field is read only\n");

-	    return CL_SUCCESS;

+	    break;

+	case CL_ENGINE_AC_ONLY:

+	    engine->ac_only = *((const uint32_t *) val);

+	    break;

+	case CL_ENGINE_AC_MINDEPTH:

+	    engine->ac_mindepth = *((const uint32_t *) val);

+	    break;

+	case CL_ENGINE_AC_MAXDEPTH:

+	    engine->ac_maxdepth = *((const uint32_t *) val);

+	    break;

 	default:

 	    cli_errmsg("cl_engine_set: Incorrect field number\n");

 	    return CL_ENULLARG; /* FIXME */

@@ -366,6 +379,15 @@ int cl_engine_get(const struct cl_engine *engine, enum cl_engine_field field, vo

 	case CL_ENGINE_DB_TIME:

 	    *((uint32_t *) val) = engine->dbversion[1];

 	    break;

+	case CL_ENGINE_AC_ONLY:

+	    *((uint32_t *) val) = engine->ac_only;

+	    break;

+	case CL_ENGINE_AC_MINDEPTH:

+	    *((uint32_t *) val) = engine->ac_mindepth;

+	    break;

+	case CL_ENGINE_AC_MAXDEPTH:

+	    *((uint32_t *) val) = engine->ac_maxdepth;

+	    break;

 	default:

 	    cli_errmsg("cl_engine_get: Incorrect field number\n");

 	    return CL_ENULLARG; /* FIXME */

@@ -97,6 +97,9 @@ struct cl_engine {

     uint32_t sdb;

     uint32_t dboptions;

     uint32_t dbversion[2];

+    uint32_t ac_only;

+    uint32_t ac_mindepth;

+    uint32_t ac_maxdepth;

     /* Limits */

     uint64_t maxscansize;  /* during the scanning of archives this size

@@ -314,11 +314,11 @@ static int cli_initroots(struct cl_engine *engine, unsigned int options)

 		return CL_EMEM;

 	    }

-	    if(cli_mtargets[i].ac_only || (options & CL_DB_ACONLY))

+	    if(cli_mtargets[i].ac_only || engine->ac_only)

 		root->ac_only = 1;

 	    cli_dbgmsg("Initialising AC pattern matcher of root[%d]\n", i);

-	    if((ret = cli_ac_init(root, cli_ac_mindepth, cli_ac_maxdepth))) {

+	    if((ret = cli_ac_init(root, engine->ac_mindepth, engine->ac_maxdepth))) {

 		/* no need to free previously allocated memory here */

 		cli_errmsg("cli_initroots: Can't initialise AC pattern matcher\n");

 		return ret;