git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@324 77e5149b-7576-45b1-b177-96237e5ba77b
Nigel Horne authored on 2004/02/23 07:55:31... | ... |
@@ -1,3 +1,13 @@ |
1 |
+Sun Feb 22 22:59:39 GMT 2004 (njh) |
|
2 |
+---------------------------------- |
|
3 |
+ * clamav-milter: Change the log level TCPwrapper denying |
|
4 |
+ Handle ERROR message from clamd |
|
5 |
+ Moved smfi_setconn to avoid race condictions when |
|
6 |
+ an e-mail is received just as the milter is starting |
|
7 |
+ but isn't ready to handle it causing the milter to |
|
8 |
+ go to an error state |
|
9 |
+ Hardend umask |
|
10 |
+ |
|
1 | 11 |
Sun Feb 22 17:34:08 GMT 2004 (njh) |
2 | 12 |
---------------------------------- |
3 | 13 |
* clamav-milter/docs: Documented the need to ensure that the directory |
... | ... |
@@ -246,6 +246,12 @@ Changes |
246 | 246 |
0.67f 20/2/04 Added checkClamd() - if possible attempts to see if clamd has |
247 | 247 |
died |
248 | 248 |
0.67g 21/2/04 Don't run if the quarantine-dir is publically accessable |
249 |
+0.67h 22/2/04 Change the log level TCPwrapper denying |
|
250 |
+ Handle ERROR message from clamd |
|
251 |
+ Moved smfi_setconn to avoid race condictions when an e-mail is |
|
252 |
+ received just as the milter is starting but isn't ready to |
|
253 |
+ handle it causing the milter to go to an error state |
|
254 |
+ Hardend umask |
|
249 | 255 |
|
250 | 256 |
BUG REPORTS |
251 | 257 |
|
... | ... |
@@ -245,9 +245,19 @@ |
245 | 245 |
* 0.67f 20/2/04 Added checkClamd() - if possible attempts to see |
246 | 246 |
* if clamd has died |
247 | 247 |
* 0.67g 21/2/04 Don't run if the quarantine-dir is publically accessable |
248 |
+ * 0.67h 22/2/04 Change the log level TCPwrapper denying |
|
249 |
+ * Handle ERROR message from clamd |
|
250 |
+ * Moved smfi_setconn to avoid race condictions when |
|
251 |
+ * an e-mail is received just as the milter is starting |
|
252 |
+ * but isn't ready to handle it causing the milter to |
|
253 |
+ * go to an error state |
|
254 |
+ * Hardend umask |
|
248 | 255 |
* |
249 | 256 |
* Change History: |
250 | 257 |
* $Log: clamav-milter.c,v $ |
258 |
+ * Revision 1.55 2004/02/22 22:53:50 nigelhorne |
|
259 |
+ * Handle ERROR message from clamd |
|
260 |
+ * |
|
251 | 261 |
* Revision 1.54 2004/02/22 17:27:40 nigelhorne |
252 | 262 |
* Updated installation instructions now that privileges are dropped |
253 | 263 |
* |
... | ... |
@@ -395,9 +405,9 @@ |
395 | 395 |
* Revision 1.6 2003/09/28 16:37:23 nigelhorne |
396 | 396 |
* Added -f flag use MaxThreads if --max-children not set |
397 | 397 |
*/ |
398 |
-static char const rcsid[] = "$Id: clamav-milter.c,v 1.54 2004/02/22 17:27:40 nigelhorne Exp $"; |
|
398 |
+static char const rcsid[] = "$Id: clamav-milter.c,v 1.55 2004/02/22 22:53:50 nigelhorne Exp $"; |
|
399 | 399 |
|
400 |
-#define CM_VERSION "0.67g" |
|
400 |
+#define CM_VERSION "0.67h" |
|
401 | 401 |
|
402 | 402 |
/*#define CONFDIR "/usr/local/etc"*/ |
403 | 403 |
|
... | ... |
@@ -449,7 +459,7 @@ static char const rcsid[] = "$Id: clamav-milter.c,v 1.54 2004/02/22 17:27:40 nig |
449 | 449 |
#include <tcpd.h> |
450 | 450 |
|
451 | 451 |
int allow_severity = LOG_DEBUG; |
452 |
-int deny_severity = LOG_ERR; |
|
452 |
+int deny_severity = LOG_NOTICE; |
|
453 | 453 |
|
454 | 454 |
#endif |
455 | 455 |
|
... | ... |
@@ -991,7 +1001,7 @@ main(int argc, char **argv) |
991 | 991 |
cfgfile); |
992 | 992 |
return EX_CONFIG; |
993 | 993 |
} |
994 |
- umask(022); |
|
994 |
+ umask(077); |
|
995 | 995 |
|
996 | 996 |
serverIPs = (long *)cli_malloc(sizeof(long)); |
997 | 997 |
serverIPs[0] = inet_addr("127.0.0.1"); |
... | ... |
@@ -1096,12 +1106,6 @@ main(int argc, char **argv) |
1096 | 1096 |
#endif |
1097 | 1097 |
} |
1098 | 1098 |
|
1099 |
- if(smfi_setconn(port) == MI_FAILURE) { |
|
1100 |
- fprintf(stderr, "%s: smfi_setconn failed\n", |
|
1101 |
- argv[0]); |
|
1102 |
- return EX_SOFTWARE; |
|
1103 |
- } |
|
1104 |
- |
|
1105 | 1099 |
if((cpt = cfgopt(copt, "PidFile")) != NULL) |
1106 | 1100 |
pidFile = cpt->strarg; |
1107 | 1101 |
|
... | ... |
@@ -1142,6 +1146,12 @@ main(int argc, char **argv) |
1142 | 1142 |
} |
1143 | 1143 |
} |
1144 | 1144 |
|
1145 |
+ if(smfi_setconn(port) == MI_FAILURE) { |
|
1146 |
+ fprintf(stderr, "%s: smfi_setconn failed\n", |
|
1147 |
+ argv[0]); |
|
1148 |
+ return EX_SOFTWARE; |
|
1149 |
+ } |
|
1150 |
+ |
|
1145 | 1151 |
if(smfi_register(smfilter) == MI_FAILURE) { |
1146 | 1152 |
cli_errmsg("smfi_register failure\n"); |
1147 | 1153 |
return EX_UNAVAILABLE; |
... | ... |
@@ -1960,6 +1970,13 @@ clamfi_eom(SMFICTX *ctx) |
1960 | 1960 |
close(privdata->cmdSocket); |
1961 | 1961 |
privdata->cmdSocket = -1; |
1962 | 1962 |
|
1963 |
+ if(strstr(mess, "ERROR") != NULL) { |
|
1964 |
+ if(use_syslog) |
|
1965 |
+ syslog(LOG_ERR, "%s: %s\n", smfi_getsymval(ctx, "i"), mess); |
|
1966 |
+ clamfi_cleanup(ctx); |
|
1967 |
+ return cl_error; |
|
1968 |
+ } |
|
1969 |
+ |
|
1963 | 1970 |
if(strstr(mess, "FOUND") == NULL) { |
1964 | 1971 |
if(!nflag) |
1965 | 1972 |
smfi_addheader(ctx, "X-Virus-Scanned", clamav_version); |