... | ... |
@@ -77,6 +77,7 @@ struct device *get_device_entry(struct device *devices, size_t *ndevices, const |
77 | 77 |
|
78 | 78 |
if (!(device->name)) |
79 | 79 |
device->name = strdup(name); |
80 |
+ |
|
80 | 81 |
return devices; |
81 | 82 |
} |
82 | 83 |
|
... | ... |
@@ -103,6 +104,10 @@ struct device *get_devices(void) |
103 | 103 |
if (!(addr->ifa_addr)) |
104 | 104 |
continue; |
105 | 105 |
|
106 |
+ /* |
|
107 |
+ * Even though POSIX (BSD) sockets define AF_LINK, Linux decided to be clever |
|
108 |
+ * and use AF_PACKET instead. |
|
109 |
+ */ |
|
106 | 110 |
#if defined(AF_PACKET) |
107 | 111 |
if (addr->ifa_addr->sa_family != AF_PACKET) |
108 | 112 |
continue; |
... | ... |
@@ -119,6 +124,12 @@ struct device *get_devices(void) |
119 | 119 |
return NULL; |
120 | 120 |
} |
121 | 121 |
|
122 |
+ /* |
|
123 |
+ * Grab the MAC address for all devices that have them. |
|
124 |
+ * Linux doesn't support (struct sockaddr_dl) as POSIX (BSD) sockets require. |
|
125 |
+ * Instead, Linux uses its own ioctl. This code only runs if we're not Linux, |
|
126 |
+ * Windows, or FreeBSD. |
|
127 |
+ */ |
|
122 | 128 |
#if !defined(SIOCGIFHWADDR) |
123 | 129 |
for (device = devices; device < devices + ndevices; device++) { |
124 | 130 |
if (!(strcmp(device->name, addr->ifa_name))) { |
... | ... |
@@ -132,7 +143,6 @@ struct device *get_devices(void) |
132 | 132 |
for (i=0; i<6; i++) |
133 | 133 |
snprintf(device->mac+strlen(device->mac), sizeof(device->mac)-strlen(device->mac)-1, "%02x:", mac[i]); |
134 | 134 |
|
135 |
- cli_warnmsg("MAC for device %s: %s\n", device->name, device->mac); |
|
136 | 135 |
break; |
137 | 136 |
} |
138 | 137 |
} |
... | ... |
@@ -144,17 +154,23 @@ struct device *get_devices(void) |
144 | 144 |
addrs = NULL; |
145 | 145 |
} |
146 | 146 |
|
147 |
+ /* This is the Linux version of getting the MAC addresses */ |
|
147 | 148 |
#if defined(SIOCGIFHWADDR) |
148 | 149 |
for (device = devices; device < devices + (ndevices); device++) { |
149 | 150 |
memset(&ifr, 0x00, sizeof(struct ifreq)); |
151 |
+ |
|
150 | 152 |
strcpy(ifr.ifr_name, device->name); |
153 |
+ |
|
151 | 154 |
sock = socket(AF_INET, SOCK_DGRAM, 0); |
152 | 155 |
if (sock < 0) |
153 | 156 |
goto err; |
157 |
+ |
|
154 | 158 |
if (ioctl(sock, SIOCGIFHWADDR, &ifr)) { |
155 | 159 |
close(sock); |
156 | 160 |
goto err; |
157 | 161 |
} |
162 |
+ |
|
163 |
+ close(sock); |
|
158 | 164 |
mac = ((uint8_t *)(ifr.ifr_ifru.ifru_hwaddr.sa_data)); |
159 | 165 |
|
160 | 166 |
for (i=0; i<6; i++) |
... | ... |
@@ -177,6 +193,7 @@ struct device *get_devices(void) |
177 | 177 |
err: |
178 | 178 |
if (addrs) |
179 | 179 |
freeifaddrs(addrs); |
180 |
+ |
|
180 | 181 |
if (devices) { |
181 | 182 |
for (device = devices; device < devices + ndevices; device++) |
182 | 183 |
if (device->name) |
... | ... |
@@ -195,6 +212,10 @@ struct device *get_devices(void) |
195 | 195 |
#endif /* HAVE_GETIFADDRS */ |
196 | 196 |
|
197 | 197 |
#if !HAVE_SYSCTLBYNAME && !defined(_WIN32) |
198 |
+/* |
|
199 |
+ * Since we're getting potentially sensitive data (MAC addresses for all devices on the system), |
|
200 |
+ * hash all the MAC addresses to provide basic anonymity and security. |
|
201 |
+ */ |
|
198 | 202 |
char *internal_get_host_id(void) |
199 | 203 |
{ |
200 | 204 |
size_t i; |
... | ... |
@@ -389,10 +389,10 @@ size_t clamav_stats_get_size(void *cbdata) |
389 | 389 |
#if defined(_WIN32) |
390 | 390 |
char *clamav_stats_get_hostid(void *cbdata) |
391 | 391 |
{ |
392 |
- HW_PROFILE_INFO HwProfInfo; |
|
392 |
+ HW_PROFILE_INFO HwProfInfo; |
|
393 | 393 |
|
394 |
- if (!GetCurrentHwProfile(&HwProfInfo)) |
|
395 |
- return strdup(STATS_ANON_UUID); |
|
394 |
+ if (!GetCurrentHwProfile(&HwProfInfo)) |
|
395 |
+ return strdup(STATS_ANON_UUID); |
|
396 | 396 |
|
397 | 397 |
return strdup(HwProfInfo.szHwProfileGuid); |
398 | 398 |
} |
... | ... |
@@ -407,7 +407,10 @@ char *clamav_stats_get_hostid(void *cbdata) |
407 | 407 |
char *buf; |
408 | 408 |
|
409 | 409 |
#if HAVE_SYSCTLBYNAME |
410 |
- /* FreeBSD-landia */ |
|
410 |
+ /* |
|
411 |
+ * FreeBSD provides a handy-dandy sysctl for grabbing the system's HostID. In a jail that |
|
412 |
+ * hasn't run the hostid rc.d script, the hostid defaults to all zeros. |
|
413 |
+ */ |
|
411 | 414 |
for (i=0; sysctls[i] != NULL; i++) { |
412 | 415 |
if (sysctlbyname(sysctls[i], NULL, &bufsz, NULL, 0)) |
413 | 416 |
continue; |
... | ... |
@@ -54,8 +54,6 @@ int connect_host(const char *host, const char *port) |
54 | 54 |
|
55 | 55 |
freeaddrinfo(servinfo); |
56 | 56 |
|
57 |
- cli_warnmsg("Connected to %s\n", host); |
|
58 |
- |
|
59 | 57 |
return sockfd; |
60 | 58 |
} |
61 | 59 |
|
... | ... |
@@ -137,23 +135,22 @@ void submit_post(const char *host, const char *port, const char *url, const char |
137 | 137 |
return; |
138 | 138 |
} |
139 | 139 |
|
140 |
- cli_warnmsg("---- Sending ----\n"); |
|
141 |
- cli_warnmsg("%s\n", buf); |
|
142 |
- cli_warnmsg("---- End sent data ----\n"); |
|
143 |
- |
|
144 | 140 |
send(sockfd, buf, strlen(buf), 0); |
145 | 141 |
|
146 | 142 |
while (1) { |
143 |
+ /* |
|
144 |
+ * Check to make sure the stats submitted okay (so that we don't kill the HTTP request |
|
145 |
+ * while it's being processed). |
|
146 |
+ * |
|
147 |
+ * TODO: Add a time limit based on a call to select() to prevent lock-ups or major |
|
148 |
+ * slow downs. |
|
149 |
+ */ |
|
147 | 150 |
memset(buf, 0x00, bufsz); |
148 | 151 |
if (recv(sockfd, buf, bufsz, 0) <= 0) |
149 | 152 |
break; |
150 | 153 |
|
151 | 154 |
if (strstr(buf, "STATOK")) |
152 | 155 |
break; |
153 |
- |
|
154 |
- cli_warnmsg("---- Received ----\n"); |
|
155 |
- cli_warnmsg("%s\n", buf); |
|
156 |
- cli_warnmsg("---- End data received ----\n"); |
|
157 | 156 |
} |
158 | 157 |
|
159 | 158 |
close(sockfd); |