git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@1088 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/11/13 01:51:39... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Fri Nov 12 16:50:52 GMT 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * clamav-milter: When communicating to clamd via localSocket don't |
|
4 |
+ use a second socket for the data |
|
5 |
+ |
|
1 | 6 |
Fri Nov 12 15:31:15 GMT 2004 (trog) |
2 | 7 |
----------------------------------- |
3 | 8 |
* libclamav/vba_extract.c: fix possible infinite loop |
... | ... |
@@ -555,6 +555,9 @@ Changes |
555 | 555 |
X-Original-Subject |
556 | 556 |
0.80p 4/11/04 SESSION: Fix bug causing crash when using LocalSocket mode |
557 | 557 |
0.80q 8/11/04 SESSION: Ensure watchdog only started in TCPSocket mode |
558 |
+0.80r 10/11/04 Define SHUT_* and INET_ADDRSTRLEN if not already defined |
|
559 |
+ SCAN in situ rather than passing the file through a socket if |
|
560 |
+ localSocket and not quarantine_dir |
|
558 | 561 |
|
559 | 562 |
INTERNATIONALISATION |
560 | 563 |
|
... | ... |
@@ -26,6 +26,9 @@ |
26 | 26 |
* |
27 | 27 |
* Change History: |
28 | 28 |
* $Log: clamav-milter.c,v $ |
29 |
+ * Revision 1.152 2004/11/12 16:48:57 nigelhorne |
|
30 |
+ * Use SCAN when in localSocket mode |
|
31 |
+ * |
|
29 | 32 |
* Revision 1.151 2004/11/08 20:40:34 nigelhorne |
30 | 33 |
* Typo |
31 | 34 |
* |
... | ... |
@@ -464,9 +467,9 @@ |
464 | 464 |
* Revision 1.6 2003/09/28 16:37:23 nigelhorne |
465 | 465 |
* Added -f flag use MaxThreads if --max-children not set |
466 | 466 |
*/ |
467 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.151 2004/11/08 20:40:34 nigelhorne Exp $"; |
|
467 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.152 2004/11/12 16:48:57 nigelhorne Exp $"; |
|
468 | 468 |
|
469 |
-#define CM_VERSION "0.80q" |
|
469 |
+#define CM_VERSION "0.80r" |
|
470 | 470 |
|
471 | 471 |
/*#define CONFDIR "/usr/local/etc"*/ |
472 | 472 |
|
... | ... |
@@ -576,6 +579,9 @@ typedef unsigned int in_addr_t; |
576 | 576 |
* others could be bounced properly. |
577 | 577 |
* TODO: Encrypt mails sent to clamd to stop sniffers |
578 | 578 |
* TODO: Test with IPv6 |
579 |
+ * TODO: Files can be scanned with "SCAN" not "STREAM" if clamd is on the same |
|
580 |
+ * machine when talking via INEt domain socket. |
|
581 |
+ * TODO: Load balancing, allow local machine to talk via UNIX domain socket. |
|
579 | 582 |
*/ |
580 | 583 |
|
581 | 584 |
struct header_node_t { |
... | ... |
@@ -759,6 +765,7 @@ static int logClean = 1; /* |
759 | 759 |
static char *signature = N_("-- \nScanned by ClamAv - http://www.clamav.net\n"); |
760 | 760 |
static time_t signatureStamp; |
761 | 761 |
static char *templatefile; /* e-mail to be sent when virus detected */ |
762 |
+static char *tmpdir; |
|
762 | 763 |
|
763 | 764 |
#ifdef CL_DEBUG |
764 | 765 |
static int debug_level = 0; |
... | ... |
@@ -806,6 +813,16 @@ static pthread_cond_t watchdog_cond = PTHREAD_COND_INITIALIZER; |
806 | 806 |
|
807 | 807 |
#endif /*SESSION*/ |
808 | 808 |
|
809 |
+#ifndef SHUT_RD |
|
810 |
+#define SHUT_RD 0 |
|
811 |
+#endif |
|
812 |
+#ifndef SHUT_WR |
|
813 |
+#define SHUT_WR 1 |
|
814 |
+#endif |
|
815 |
+#ifndef INET_ADDRSTRLEN |
|
816 |
+#define INET_ADDRSTRLEN 16 |
|
817 |
+#endif |
|
818 |
+ |
|
809 | 819 |
static const char *postmaster = "postmaster"; |
810 | 820 |
static const char *from = "MAILER-DAEMON"; |
811 | 821 |
static int quitting; |
... | ... |
@@ -1499,6 +1516,29 @@ main(int argc, char **argv) |
1499 | 1499 |
} |
1500 | 1500 |
#endif |
1501 | 1501 |
|
1502 |
+ if((quarantine_dir == NULL) && localSocket) { |
|
1503 |
+ /* set the temporary dir */ |
|
1504 |
+ if((cpt = cfgopt(copt, "TemporaryDirectory"))) |
|
1505 |
+ tmpdir = cpt->strarg; |
|
1506 |
+ else if((tmpdir = getenv("TMPDIR")) == (char *)NULL) |
|
1507 |
+ if((tmpdir = getenv("TMP")) == (char *)NULL) |
|
1508 |
+ if((tmpdir = getenv("TEMP")) == (char *)NULL) |
|
1509 |
+#ifdef P_tmpdir |
|
1510 |
+ tmpdir = P_tmpdir; |
|
1511 |
+#else |
|
1512 |
+ tmpdir = "/tmp"; |
|
1513 |
+#endif |
|
1514 |
+ |
|
1515 |
+ tmpdir = cli_gentemp(tmpdir); |
|
1516 |
+ |
|
1517 |
+ if(mkdir(tmpdir, 0700)) { |
|
1518 |
+ perror(tmpdir); |
|
1519 |
+ return EX_CANTCREAT; |
|
1520 |
+ } |
|
1521 |
+ cl_settempdir(tmpdir, (cfgopt(copt, "LeaveTemporaryFiles") != NULL)); |
|
1522 |
+ } else |
|
1523 |
+ tmpdir = NULL; |
|
1524 |
+ |
|
1502 | 1525 |
if(!cfgopt(copt, "Foreground")) { |
1503 | 1526 |
#ifdef CL_DEBUG |
1504 | 1527 |
printf(_("When debugging it is recommended that you use Foreground mode in %s\n"), cfgfile); |
... | ... |
@@ -2474,7 +2514,7 @@ clamfi_eom(SMFICTX *ctx) |
2474 | 2474 |
close(privdata->dataSocket); |
2475 | 2475 |
privdata->dataSocket = -1; |
2476 | 2476 |
|
2477 |
- if(quarantine_dir != NULL) { |
|
2477 |
+ if(quarantine_dir || tmpdir) { |
|
2478 | 2478 |
char cmdbuf[1024]; |
2479 | 2479 |
/* |
2480 | 2480 |
* Create socket to talk to clamd. |
... | ... |
@@ -2489,6 +2529,7 @@ clamfi_eom(SMFICTX *ctx) |
2489 | 2489 |
strncpy(server.sun_path, localSocket, sizeof(server.sun_path)); |
2490 | 2490 |
|
2491 | 2491 |
snprintf(cmdbuf, sizeof(cmdbuf) - 1, "SCAN %s", privdata->filename); |
2492 |
+ cli_dbgmsg("clamfi_eom: SCAN %s\n", privdata->filename); |
|
2492 | 2493 |
|
2493 | 2494 |
nbytes = (int)strlen(cmdbuf); |
2494 | 2495 |
|
... | ... |
@@ -2848,7 +2889,7 @@ clamfi_eom(SMFICTX *ctx) |
2848 | 2848 |
fprintf(sendmail, "\t%s\n", *to); |
2849 | 2849 |
fprintf(sendmail, _("contained %s and has not been delivered.\n"), virusname); |
2850 | 2850 |
|
2851 |
- if(privdata->filename != NULL) |
|
2851 |
+ if(quarantine_dir != NULL) |
|
2852 | 2852 |
if(qfile(privdata, virusname) == 0) |
2853 | 2853 |
fprintf(sendmail, _("\nThe message in question has been quarantined as %s\n"), privdata->filename); |
2854 | 2854 |
|
... | ... |
@@ -2879,7 +2920,7 @@ clamfi_eom(SMFICTX *ctx) |
2879 | 2879 |
} |
2880 | 2880 |
|
2881 | 2881 |
if(privdata->filename) { |
2882 |
- assert(quarantine_dir != NULL); |
|
2882 |
+ assert(quarantine_dir || tmpdir); |
|
2883 | 2883 |
|
2884 | 2884 |
if(use_syslog) |
2885 | 2885 |
syslog(LOG_NOTICE, _("Quarantined infected mail as %s"), privdata->filename); |
... | ... |
@@ -3159,14 +3200,14 @@ clamfi_send(struct privdata *privdata, size_t len, const char *format, ...) |
3159 | 3159 |
#endif |
3160 | 3160 |
|
3161 | 3161 |
while(len > 0) { |
3162 |
- const int nbytes = (quarantine_dir) ? |
|
3162 |
+ const int nbytes = (quarantine_dir || tmpdir) ? |
|
3163 | 3163 |
write(privdata->dataSocket, ptr, len) : |
3164 | 3164 |
send(privdata->dataSocket, ptr, len, 0); |
3165 | 3165 |
|
3166 | 3166 |
assert(privdata->dataSocket >= 0); |
3167 | 3167 |
|
3168 | 3168 |
if(nbytes == -1) { |
3169 |
- if(quarantine_dir) { |
|
3169 |
+ if(quarantine_dir || tmpdir) { |
|
3170 | 3170 |
perror(privdata->filename); |
3171 | 3171 |
if(use_syslog) { |
3172 | 3172 |
#ifdef HAVE_STRERROR_R |
... | ... |
@@ -3401,7 +3442,7 @@ connect2clamd(struct privdata *privdata) |
3401 | 3401 |
cli_dbgmsg("connect2clamd\n"); |
3402 | 3402 |
#endif |
3403 | 3403 |
|
3404 |
- if(quarantine_dir) { |
|
3404 |
+ if(quarantine_dir || tmpdir) { |
|
3405 | 3405 |
/* |
3406 | 3406 |
* quarantine_dir is specified |
3407 | 3407 |
* store message in a temporary file |
... | ... |
@@ -3410,6 +3451,7 @@ connect2clamd(struct privdata *privdata) |
3410 | 3410 |
time_t t; |
3411 | 3411 |
int MM, YY, DD; |
3412 | 3412 |
const struct tm *tm; |
3413 |
+ const char *dir = (tmpdir) ? tmpdir : quarantine_dir; |
|
3413 | 3414 |
|
3414 | 3415 |
/* |
3415 | 3416 |
* Based on an idea by Christian Pelissier |
... | ... |
@@ -3422,9 +3464,9 @@ connect2clamd(struct privdata *privdata) |
3422 | 3422 |
YY = tm->tm_year - 100; |
3423 | 3423 |
DD = tm->tm_mday; |
3424 | 3424 |
|
3425 |
- privdata->filename = (char *)cli_malloc(strlen(quarantine_dir) + 19); |
|
3425 |
+ privdata->filename = (char *)cli_malloc(strlen(dir) + 19); |
|
3426 | 3426 |
|
3427 |
- sprintf(privdata->filename, "%s/%02d%02d%02d", quarantine_dir, |
|
3427 |
+ sprintf(privdata->filename, "%s/%02d%02d%02d", dir, |
|
3428 | 3428 |
YY, MM, DD); |
3429 | 3429 |
|
3430 | 3430 |
if((mkdir(privdata->filename, 0700) < 0) && (errno != EEXIST)) { |
... | ... |
@@ -3437,7 +3479,7 @@ connect2clamd(struct privdata *privdata) |
3437 | 3437 |
do { |
3438 | 3438 |
sprintf(privdata->filename, |
3439 | 3439 |
"%s/%02d%02d%02d/msg.XXXXXX", |
3440 |
- quarantine_dir, YY, MM, DD); |
|
3440 |
+ dir, YY, MM, DD); |
|
3441 | 3441 |
#if defined(C_LINUX) || defined(C_BSD) || defined(HAVE_MKSTEMP) || defined(C_SOLARIS) |
3442 | 3442 |
privdata->dataSocket = mkstemp(privdata->filename); |
3443 | 3443 |
#else |
... | ... |
@@ -3523,6 +3565,8 @@ connect2clamd(struct privdata *privdata) |
3523 | 3523 |
} |
3524 | 3524 |
|
3525 | 3525 |
#ifdef SESSION |
3526 |
+ cli_dbgmsg("connect2clamd(%d): STREAM\n", freeServer); |
|
3527 |
+ |
|
3526 | 3528 |
if(send(cmdSockets[freeServer], "STREAM\n", 7, 0) < 7) { |
3527 | 3529 |
perror("send"); |
3528 | 3530 |
pthread_mutex_lock(&sstatus_mutex); |
... | ... |
@@ -4230,6 +4274,8 @@ logg_facility(const char *name) |
4230 | 4230 |
static void |
4231 | 4231 |
quit(void) |
4232 | 4232 |
{ |
4233 |
+ extern short cli_leavetemps_flag; |
|
4234 |
+ |
|
4233 | 4235 |
#ifdef SESSION |
4234 | 4236 |
int i; |
4235 | 4237 |
|
... | ... |
@@ -4267,6 +4313,10 @@ quit(void) |
4267 | 4267 |
if(use_syslog) |
4268 | 4268 |
syslog(LOG_INFO, _("Stopping %s"), clamav_version); |
4269 | 4269 |
#endif |
4270 |
+ |
|
4271 |
+ if(tmpdir && !cli_leavetemps_flag) |
|
4272 |
+ rmdir(tmpdir); |
|
4273 |
+ |
|
4270 | 4274 |
broadcast(_("Stopping clamav-milter")); |
4271 | 4275 |
} |
4272 | 4276 |
|