@@ -1,3 +1,7 @@

+Tue Dec 21 16:00:26 CET 2010 (acab)

+-----------------------------------

+ * clamav-milter: add LogClean option (bb#2129)

+

 Mon Dec 20 16:30:57 EET 2010 (edwin)

 -----------------------------------

  * clamd: bump default MaxConnectionQueueLength to 200

@@ -58,11 +58,13 @@ static char *rejectfmt = NULL;

 int addxvirus = 0; /* 0 - don't add | 1 - replace | 2 - add */

 char xvirushdr[255];

 char *viraction = NULL;

-enum {

-    LOGINF_NONE,

-    LOGINF_BASIC,

-    LOGINF_FULL

-} loginfected;

+

+#define LOGINF_NONE 0

+#define LOGINF_BASIC 1

+#define LOGINF_FULL 2

+#define LOGCLN_BASIC 4

+#define LOGCLN_FULL 8

+int loginfected;

 #define CLAMFIBUFSZ 1424

 static const char *HDR_UNAVAIL = "UNKNOWN";

@@ -218,7 +220,7 @@ sfsistat clamfi_header(SMFICTX *ctx, char *headerf, char *headerv) {

     if(!headerf) return SMFIS_CONTINUE; /* just in case */

-    if(loginfected == LOGINF_FULL || viraction) {

+    if((loginfected & (LOGINF_FULL | LOGCLN_FULL)) || viraction) {

 	if(!cf->msg_subj && !strcasecmp(headerf, "Subject"))

 	    cf->msg_subj = strdup(headerv ? headerv : "");

 	if(!cf->msg_date && !strcasecmp(headerf, "Date"))

@@ -317,10 +319,23 @@ sfsistat clamfi_eom(SMFICTX *ctx) {

     len = strlen(reply);

     if(len>5 && !strcmp(reply + len - 5, ": OK\n")) {

 	if(addxvirus) add_x_header(ctx, "Clean", cf->scanned_count, cf->status_count);

+	if(loginfected & LOGCLN_FULL) {

+	    const char *id = smfi_getsymval(ctx, "{i}");

+	    const char *from = smfi_getsymval(ctx, "{mail_addr}");

+	    const char *to = smfi_getsymval(ctx, "{rcpt_addr}");

+	    const char *msg_subj = makesanehdr(cf->msg_subj);

+	    const char *msg_date = makesanehdr(cf->msg_date);

+	    const char *msg_id = makesanehdr(cf->msg_id);

+	    logg("~Clean message %s from <%s> to <%s> with subject '%s' message-id '%s' date '%s'\n", id, from, to, msg_subj, msg_id, msg_date);

+	} else if(loginfected & LOGCLN_BASIC) {

+	    const char *from = smfi_getsymval(ctx, "{mail_addr}");

+	    const char *to = smfi_getsymval(ctx, "{rcpt_addr}");

+	    logg("~Clean message from <%s> to <%s>\n", from, to);

+	}

 	ret = CleanAction(ctx);

     } else if (len>7 && !strcmp(reply + len - 7, " FOUND\n")) {

 	cf->virusname = NULL;

-	if(loginfected || addxvirus || rejectfmt || viraction) {

+	if((loginfected & (LOGINF_BASIC | LOGINF_FULL)) || addxvirus || rejectfmt || viraction) {

 	    char *vir;

 	    reply[len-7] = '\0';

@@ -344,7 +359,7 @@ sfsistat clamfi_eom(SMFICTX *ctx) {

 		    if(!from) from = HDR_UNAVAIL;

 		    if(!to) to = HDR_UNAVAIL;

-		    if(loginfected == LOGINF_FULL || viraction) {

+		    if((loginfected & LOGINF_FULL) || viraction) {

 			const char *id = smfi_getsymval(ctx, "{i}");

 			const char *msg_subj = makesanehdr(cf->msg_subj);

 			const char *msg_date = makesanehdr(cf->msg_date);

@@ -352,7 +367,7 @@ sfsistat clamfi_eom(SMFICTX *ctx) {

 			if(!id) id = HDR_UNAVAIL;

-			if(loginfected == LOGINF_FULL)

+			if(loginfected & LOGINF_FULL)

 			    logg("~Message %s from <%s> to <%s> with subject '%s' message-id '%s' date '%s' infected by %s\n", id, from, to, msg_subj, msg_id, msg_date, vir);

 			if(viraction) {

@@ -406,7 +421,7 @@ sfsistat clamfi_eom(SMFICTX *ctx) {

 			    free(e_msg_id);

 			}

 		    }

-		    if(loginfected == LOGINF_BASIC)

+		    if(loginfected & LOGINF_BASIC)

 			logg("~Message from <%s> to <%s> infected by %s\n", from, to, vir);

 		}

 	    }

@@ -511,6 +526,17 @@ int init_actions(struct optstruct *opts) {

 	return 1;

     }

+    if((opt = optget(opts, "LogClean"))->enabled) {

+	if(!strcasecmp(opt->strarg, "Basic"))

+	    loginfected |= LOGCLN_BASIC;

+	else if(!strcasecmp(opt->strarg, "Full"))

+	    loginfected |= LOGCLN_FULL;

+	else if(strcasecmp(opt->strarg, "Off")) {

+	    logg("!Invalid setting %s for option LogInfected\n", opt->strarg);

+	    return 1;

+	}

+    }

+

     if((opt = optget(opts, "VirusAction"))->enabled)

 	viraction = strdup(opt->strarg);

@@ -212,15 +212,22 @@ Enable verbose logging.

 Default: no

 .TP 

 \fBLogInfected STRING\fR

-Specify the type of syslog messages \- please refer to 'man syslog' for facility names.

-.br 

-This option allows to tune what is logged when a message is infected. Possible values are Off (the default - nothing is logged), Basic (minimal info logged), Full (verbose info logged)

+This option allows to tune what is logged when a message is infected. Possible values are Off (the default \- nothing is logged), Basic (minimal info logged), Full (verbose info logged)

 .br

 Note: For this to work properly in sendmail, make sure the msg_id, mail_addr, rcpt_addr and i macroes are available in eom. In other words add a line like: Milter.macros.eom={msg_id}, {mail_addr}, {rcpt_addr}, i to your .cf file. Alternatively use the macro: define(`confMILTER_MACROS_EOM', `{msg_id}, {mail_addr}, {rcpt_addr}, i')

 .br

 Postfix should be working fine with the default settings.

 .br

 Default: disabled

+.TP 

+\fBLogClean STRING\fR

+This option allows to tune what is logged when no threat is found in a scanned message.

+.br

+See LogInfected for possible values and caveats.

+.br

+Useful in debugging but drastically increases the log size.

+.br

+Default: disabled

 .SH "NOTES"

 .LP 

 All options expressing a size are limited to max 4GB. Values in excess will be resetted to the maximum.

@@ -265,3 +265,9 @@ Example

 # Default: disabled

 #LogInfected Basic

+# This option allows to tune what is logged when no threat is found in a scanned message.

+# See LogInfected for possible values and caveats.

+# Useful in debugging but drastically increases the log size.

+# Default: disabled

+#LogClean Basic

+

@@ -445,6 +445,8 @@ const struct clam_option __clam_options[] = {

     { "LogInfected", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "This option allows to tune what is logged when a message is infected.\nPossible values are Off (the default - nothing is logged),\nBasic (minimal info logged), Full (verbose info logged)\nNote:\nFor this to work properly in sendmail, make sure the msg_id, mail_addr,\nrcpt_addr and i macroes are available in eom. In other words add a line like:\nMilter.macros.eom={msg_id}, {mail_addr}, {rcpt_addr}, i\nto your .cf file. Alternatively use the macro:\ndefine(`confMILTER_MACROS_EOM', `{msg_id}, {mail_addr}, {rcpt_addr}, i')\nPostfix should be working fine with the default settings.", "Basic" },

+    { "LogClean", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "This option allows to tune what is logged when no threat is found in a scanned message.\nSee LogInfected for possible values and caveats.\nUseful in debugging but drastically increases the log size.", "Basic" },

+

     /* Deprecated milter options */

     { "ArchiveBlockEncrypted", NULL, 0, TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_MILTER | OPT_DEPRECATED, "", "" },