@@ -1,4 +1,11 @@

-Fri Oct 24 02:19:54 CEST 2003

+Sun Oct 26 06:26:14 CET 2003 (tk)

+----------------------------------

+  * clamd: report file errors with CONTSCAN (suggested by Daniel Fraga)

+  * libclamav: cvd and general cleanups

+  * freshclam: rewritten to use cvd, cleanups; --debug added

+  * mirrors.txt: only use database.clamav.net

+

+Fri Oct 24 02:19:54 CEST 2003 (tk)

 ----------------------------------

   * clamd: initialize the virus-number variable (Igor Brezac)

   * sigtool: fixed compilation issue on Solaris (bug reported by

@@ -58,14 +65,14 @@ Wed Oct  8 14:49:40 CEST 2003 (tk)

 Wed Oct  8 12:39:26 CEST 2003 (tk)

 ----------------------------------

-  * clamd: (!!!) fixed race condition in database reloading code

+  * clamd: (!!!) fixed a race condition in database reloading code

   * libclamav: finished support for cvd files

 Sun Oct  5 18:30:40 BST 2003 (njh)

 ----------------------------------

   * clamav-milter: Used to always remove old UNIX domain sockets, now

   		only does that if FixStaleSocket is set

-		

+

 Sun Oct  5 14:58:05 BST 2003 (njh)

 ----------------------------------

   * clamav-milter: s/atoi(cpt->strarg)/cpt->numarg for MaxThreads

@@ -272,7 +279,7 @@ Wed Aug 13 16:07:39 CEST 2003

 Wed Aug  6 03:01:51 CEST 2003

 -----------------------------

-  * clamd: new directives: VirusAction, Debug

+  * clamd: new directives: VirusEvent, Debug

   * libclamav: zziplib downgraded to the old version due to Zip handling

 	       problems

@@ -313,11 +320,12 @@ Wed Jul 17 23:33:17 CEST 2003

 	       newline character (Nigel)

 Mon Jul 14 03:43:35 CEST 2003

+-----------------------------

   * clamav-milter: Some TODOs done by Nigel Kukard <nkukard@lbsd.net>

                    Should stop a couple of remote chances of crashes (Nigel)

 Thu Jul 10 17:16:32 CEST 2003

+-----------------------------

   * clamd: fixed PidFile permissions (applied patch from Magnus Ekdahl, the

 	   bug was reported by Tomasz Papszun)

@@ -2,6 +2,53 @@ Note: This README/NEWS file refers to the source tarball. Some things described

 here may not be available in the binary packages.

 --

+

+

+0.65

+----

+

+-) clamd:

+    + fixed a race condition in the database reloading code (random hangs

+      under high load)

+    + fixed PidFile permissions (Magnus Ekdahl, bug reported by Tomasz Papszun)

+    + fixed LogFile permissions (Magnus Ekdahl)

+    + new directive ScanRAR (bacause RAR support is now disabled by default)

+    + new directive VirusEvent

+    + new directive FixStaleSocket (Thomas Lamy and Mark Mielke)

+    + new directive TCPAddr (Bernard Quatermass, fixed by Damien Curtain)

+    + new directive Debug

+

+-) clamav-milter:

+    + 

+    + new --force-scan flag

+    + new -P and -q flags by Nicholas M. Kirsch

+

+-) libclamav:

+    + multiple mbox fixes (thanks to Rene Bellora, Bernd Kuhls, Thomas Lamy, 

+      Tomasz Papszun,

+

+    + memory leak fixes (Thomas Lamy)

+    + support for a new database container format (CVD) with support for

+      digital signatures, 

+    + new scan option CL_DISABLERAR (disables built-in RAR unpacker)

+

+-) freshclam:

+    + fixed --on-error-execute behaviour (David Woakes)

+    + new option --user (-u) USER - run as USER instead of the default user.

+      Patch by Damien Curtain.

+

+-) documentation:

+    + new Spanish documentation on ClamAV + Sendmail integration by

+      Erick Ivaan Lopez Carreon

+

+

+

+

+

+

+

+

+

 0.60

 ----

@@ -81,7 +81,7 @@ dnl there is now a CREATE_PREFIX_TARGET_H in this file as a shorthand for

 dnl PREFIX_CONFIG_H from a target.h file, however w/o the target.h ever created

 dnl (the prefix is a bit different, since we add an extra -target- and -host-)

 dnl 

-dnl @version: $Id: aclocal.m4,v 1.8 2003/10/20 00:55:10 kojm Exp $

+dnl @version: $Id: aclocal.m4,v 1.9 2003/10/26 06:00:55 kojm Exp $

 dnl @author Guido Draheim <guidod@gmx.de>                 STATUS: used often

 AC_DEFUN([AC_CREATE_TARGET_H],

@@ -4041,7 +4041,7 @@ dnl      AC_COMPILE_CHECK_SIZEOF(ptrdiff_t, $headers)

 dnl      AC_COMPILE_CHECK_SIZEOF(off_t, $headers)

 dnl

 dnl @author Kaveh Ghazi <ghazi@caip.rutgers.edu>

-dnl @version $Id: aclocal.m4,v 1.8 2003/10/20 00:55:10 kojm Exp $

+dnl @version $Id: aclocal.m4,v 1.9 2003/10/26 06:00:55 kojm Exp $

 dnl

 AC_DEFUN([AC_COMPILE_CHECK_SIZEOF],

 [changequote(<<, >>)dnl

@@ -58,7 +58,7 @@ int dirscan(const char *dirname, char **virname, unsigned long int *scanned, con

 	struct stat statbuf;

 	struct cfgstruct *cpt;

 	char *fname;

-	int ret = 0;

+	int ret = 0, scanret = 0;

     if((cpt = cfgopt(copt, "MaxDirectoryRecursion"))) {

 	if(cpt->numarg) {

@@ -88,7 +88,7 @@ int dirscan(const char *dirname, char **virname, unsigned long int *scanned, con

 			    }

 			} else

 			    if(S_ISREG(statbuf.st_mode) || (S_ISLNK(statbuf.st_mode) && (checksymlink(fname) == 2) && cfgopt(copt, "FollowFileSymlinks")))

-				if(cl_scanfile(fname, virname, scanned, root, limits, options) == CL_VIRUS) {

+				if((scanret = cl_scanfile(fname, virname, scanned, root, limits, options)) == CL_VIRUS) {

 				    mdprintf(odesc, "%s: %s FOUND\n", fname, *virname);

 				    logg("%s: %s FOUND\n", fname, *virname);

 				    virusaction(fname, *virname, copt);

@@ -98,6 +98,9 @@ int dirscan(const char *dirname, char **virname, unsigned long int *scanned, con

 					return 1;

 				    } else

 					ret = 2;

+				} else if(scanret != CL_CLEAN) {

+				    mdprintf(odesc, "%s: %s\n", fname, cl_strerror(scanret));

+				    logg("*%s: %s\n", fname, cl_strerror(scanret));

 				}

 		    }

@@ -1017,8 +1017,8 @@ Optional Packages:

   --with-user=uid	  name of the clamav user (default=clamav).

   --with-group=gid	  name of the clamav group (default=clamav).

   --with-dbdir=path	  Path to virus database directory.

-  --with-db1=name	  Name of the main database (viruses.db).

-  --with-db2=name	  Name of the new format database (viruses.db2).

+  --with-db1=name	  Name of the main database (main.cvd).

+  --with-db2=name	  Name of the daily database (daily.cvd).

 Some influential environment variables:

   CC          C compiler command

@@ -9025,7 +9025,7 @@ _ACEOF

 else

   cat >>confdefs.h <<\_ACEOF

-#define DB1NAME "viruses.db"

+#define DB1NAME "main.cvd"

 _ACEOF

 fi;

@@ -9040,7 +9040,7 @@ _ACEOF

 else

   cat >>confdefs.h <<\_ACEOF

-#define DB2NAME "viruses.db2"

+#define DB2NAME "daily.cvd"

 _ACEOF

 fi;

@@ -149,15 +149,15 @@ AC_ARG_WITH(dbdir,

 [  --with-dbdir=path	  Path to virus database directory.],

 db_dir="$withval", db_dir="_default_")

-dnl viruses.db

+dnl main.cvd

 AC_ARG_WITH(db1, 

-[  --with-db1=name	  Name of the main database (viruses.db).],

-AC_DEFINE_UNQUOTED(DB1NAME,"$withval",), AC_DEFINE(DB1NAME, "viruses.db"))

+[  --with-db1=name	  Name of the main database (main.cvd).],

+AC_DEFINE_UNQUOTED(DB1NAME,"$withval",), AC_DEFINE(DB1NAME, "main.cvd"))

-dnl viruses.db2

+dnl daily.cvd

 AC_ARG_WITH(db2, 

-[  --with-db2=name	  Name of the new format database (viruses.db2).],

-AC_DEFINE_UNQUOTED(DB2NAME,"$withval",), AC_DEFINE(DB2NAME, "viruses.db2"))

+[  --with-db2=name	  Name of the daily database (daily.cvd).],

+AC_DEFINE_UNQUOTED(DB2NAME,"$withval",), AC_DEFINE(DB2NAME, "daily.cvd"))

 dnl I had problems with $pkgdatadir, that's why I'm using these funny checks

 if test "$db_dir" = "_default_"

@@ -1,5 +1,5 @@

 #

-#  Copyright (C) 2002 Tomasz Kojm <zolw@konarski.edu.pl>

+#  Copyright (C) 2002, 2003 Tomasz Kojm <zolw@konarski.edu.pl>

 #  Fixes by Arkadiusz Miskiewicz <misiek@pld.org.pl>

 #	    Masaki Ogawa <proc@mac.com>

 #

@@ -17,26 +17,26 @@

 #  along with this program; if not, write to the Free Software

 #  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

-EXTRA_DIST = viruses.db viruses.db2 mirrors.txt

+EXTRA_DIST = main.cvd daily.cvd mirrors.txt

 DBINST = @DBDIR@

 CLAMAVUSER = @CLAMAVUSER@

 CLAMAVGROUP = @CLAMAVGROUP@

 install:

 	$(mkinstalldirs) $(DESTDIR)$(DBINST)

-#	@$(INSTALL_DATA) viruses.db $(DESTDIR)$(DBINST)

-#	@$(INSTALL_DATA) viruses.db2 $(DESTDIR)$(DBINST)

+#	@$(INSTALL_DATA) main.cvd $(DESTDIR)$(DBINST)

+#	@$(INSTALL_DATA) daily.cvd $(DESTDIR)$(DBINST)

 	@$(INSTALL_DATA) mirrors.txt $(DESTDIR)$(DBINST)

 	@if test -n "${CLAMAVUSER}" && test -n "${CLAMAVGROUP}"; then \

 	    chmod 775 $(DESTDIR)$(DBINST); \

 	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST); \

 	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST); \

-	    chmod 664 $(DESTDIR)$(DBINST)/viruses.db; \

-	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/viruses.db; \

-	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/viruses.db; \

-	    chmod 664 $(DESTDIR)$(DBINST)/viruses.db2; \

-	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/viruses.db2; \

-	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/viruses.db2; \

+	    chmod 664 $(DESTDIR)$(DBINST)/main.cvd; \

+	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/main.cvd; \

+	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/main.cvd; \

+	    chmod 664 $(DESTDIR)$(DBINST)/daily.cvd; \

+	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/daily.cvd; \

+	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/daily.cvd; \

 	    chmod 664 $(DESTDIR)$(DBINST)/mirrors.txt; \

 	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/mirrors.txt; \

 	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/mirrors.txt; \

@@ -15,7 +15,7 @@

 @SET_MAKE@

 #

-#  Copyright (C) 2002 Tomasz Kojm <zolw@konarski.edu.pl>

+#  Copyright (C) 2002, 2003 Tomasz Kojm <zolw@konarski.edu.pl>

 #  Fixes by Arkadiusz Miskiewicz <misiek@pld.org.pl>

 #	    Masaki Ogawa <proc@mac.com>

 #

@@ -116,7 +116,7 @@ am__include = @am__include@

 am__quote = @am__quote@

 install_sh = @install_sh@

-EXTRA_DIST = viruses.db viruses.db2 mirrors.txt

+EXTRA_DIST = main.cvd daily.cvd mirrors.txt

 DBINST = @DBDIR@

 subdir = database

 mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

@@ -246,19 +246,19 @@ uninstall-am: uninstall-info-am

 install:

 	$(mkinstalldirs) $(DESTDIR)$(DBINST)

-#	@$(INSTALL_DATA) viruses.db $(DESTDIR)$(DBINST)

-#	@$(INSTALL_DATA) viruses.db2 $(DESTDIR)$(DBINST)

+#	@$(INSTALL_DATA) main.cvd $(DESTDIR)$(DBINST)

+#	@$(INSTALL_DATA) daily.cvd $(DESTDIR)$(DBINST)

 	@$(INSTALL_DATA) mirrors.txt $(DESTDIR)$(DBINST)

 	@if test -n "${CLAMAVUSER}" && test -n "${CLAMAVGROUP}"; then \

 	    chmod 775 $(DESTDIR)$(DBINST); \

 	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST); \

 	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST); \

-	    chmod 664 $(DESTDIR)$(DBINST)/viruses.db; \

-	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/viruses.db; \

-	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/viruses.db; \

-	    chmod 664 $(DESTDIR)$(DBINST)/viruses.db2; \

-	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/viruses.db2; \

-	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/viruses.db2; \

+	    chmod 664 $(DESTDIR)$(DBINST)/main.cvd; \

+	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/main.cvd; \

+	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/main.cvd; \

+	    chmod 664 $(DESTDIR)$(DBINST)/daily.cvd; \

+	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/daily.cvd; \

+	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/daily.cvd; \

 	    chmod 664 $(DESTDIR)$(DBINST)/mirrors.txt; \

 	    chown ${CLAMAVUSER} $(DESTDIR)$(DBINST)/mirrors.txt; \

 	    chgrp ${CLAMAVGROUP} $(DESTDIR)$(DBINST)/mirrors.txt; \

new file mode 100644

new file mode 100644

@@ -1,4 +1,3 @@

-clamav.elektrapro.com

-clamav.ozforces.com

-clamav.essentkabel.com

-clamav.org

+database.clamav.net

+database.clamav.net

+database.clamav.net

deleted file mode 100644

deleted file mode 100644

@@ -1,8 +1,8 @@

 .\" Manual page created by Tomasz Kojm, 14/15 IV 2002

-.TH "FreshClam" "1" "June 6, 2003" "Tomasz Kojm" "Clam AntiVirus"

+.TH "freshclam" "1" "October 25, 2003" "Tomasz Kojm" "Clam AntiVirus"

 .SH "NAME"

 .LP 

-freshclam \- update virus databases

+freshclam \- update ClamAV virus databases

 .SH "SYNOPSIS"

 .LP 

 freshclam [options]

@@ -22,6 +22,9 @@ Print the version number and exit.

 \fB\-v, \-\-verbose\fR

 Be verbose. This option causes freshclam to print many additional informations.

 .TP 

+\fB\-\-debug\fR

+Enable debug messages.

+.TP 

 \fB\-\-quiet\fR

 Be quiet \- output only error messages.

 .TP 

@@ -71,7 +74,7 @@ Execute COMMAND after succesful update.

 \fBfreshclam \-\-datadir .\fR

 .TP 

-(2) Run as daemon and check 2 times on day for new database:

+(2) Run as a daemon and check 2 times per day for a new database:

 \fBfreshclam \-d \-c 2\fR

 .SH "RETURN CODES"

@@ -89,7 +92,7 @@ Execute COMMAND after succesful update.

 .TP 

 53: Can't unlink file.

 .TP 

-54: MD5 checksum of downloaded database isn't ok.

+54: Verification (md5, digital signature) error.

 .TP 

 55: Error reading file.

 .TP 

@@ -63,6 +63,9 @@ void freshclam(struct optstruct *opt)

     /* initialize some important variables */

+    if(optl(opt, "debug"))

+	cl_debug();

+

     mprintf_disabled = 0;

     if(optc(opt, 'v')) mprintf_verbose = 1;

@@ -108,7 +111,7 @@ void freshclam(struct optstruct *opt)

 	mprintf("Can't change dir to %s\n", newdir);

 	exit(50);

     } else

-	mprintf("Current working dir is %s\n", newdir);

+	mprintf("*Current working dir is %s\n", newdir);

     if(optc(opt, 'd')) {

@@ -151,82 +154,14 @@ void freshclam(struct optstruct *opt)

 }

-/*void free_mirror(mirrors* m)

-{

-    mirrors *n;

-    

-    while(m)

-    {

-        n = m->next;

-        if(m->mirror != NULL)

-            free(m->mirror);

-        free(m);

-        m = n;

-    }

-

-}*/

-

 int download(struct optstruct *opt)

 {

 	int ret = 0;

 	mirrors *m = NULL, *h = NULL;

-	char *last = NULL;

 	char *datadir, *mirror_last;

 	int mirror_used = 0;

     /*

-     * If the previous database update was not from the first host

-     * listed in mirrors.txt it will have been saved to DBDIR/mirror.

-     * In this case use this host one more time (if it is up) for

-     * database updates then revert to the order in DBDIR/mirrors.txt

-     */    

-    last = parse_mirror(opt);

-

-    if(last != NULL)

-    {

-        if((ret = downloadmanager(opt, last)) == 0)

-        {

-            mprintf("Database updated from last used mirror %s.\n", last);

-

-	    if(optl(opt, "datadir"))

-	    {

-		datadir = getargl(opt, "datadir");

-	    }

-	    else

-	    {	

-		datadir = DATADIR;

-	    }

-

-	    if((mirror_last = malloc(sizeof(char) * (strlen(datadir) + strlen(MIRROR) + 1))) == NULL)

-	    {

-		fprintf(stderr, "ERROR: Can't allocate sufficient memory\n");

-		mexit(1);

-	    }

-

-	    strcpy(mirror_last, datadir);

-	    strcat(mirror_last, MIRROR);

-

-	    if(unlink(mirror_last) == -1)

-	    {

-		fprintf(stderr, "ERROR: Can't unlink file %s !\n", mirror_last);

-	    }

-

-            free(last);

-	    free(mirror_last);

-            return ret;

-        }

-

-        /* Only continue if there is an error connecting to the host */

-        if((ret != 52) && (ret != 54))

-        {

-            free(last);

-            return ret;

-        }

-

-    	free(last);

-    }

-        

-    /*

      * There's an error in __nss_hostname_digits_dots () from /lib/libc.so.6

      * which gets triggered here for some reason.....

      * Calling fflush is a temp workaround

@@ -243,36 +178,21 @@ int download(struct optstruct *opt)

             {

                 logg("Database updated from mirror %s.\n", m->mirror);

                 mprintf("Database updated from mirror %s.\n", m->mirror);

-                write_mirror(opt, m->mirror);

-            }

-            else

-            {

-                logg("Database updated from %s.\n", m->mirror);

-                mprintf("Database updated from %s.\n", m->mirror);

             }

             FREE_MIRROR(h);

             return ret;

         }

-        /* If we contacted a mirror then record the fact even if we

-         * don't update any databases this run

-         */

-        if(ret == 1)

-        {

-            if(mirror_used > 0)

-                write_mirror(opt, m->mirror);

-        

-            FREE_MIRROR(h);

-            return ret;

-        }

-           

         /* Only continue if there is an error connecting to the host */

         if((ret != 52) && (ret != 54))

         {

             FREE_MIRROR(h);

             return ret;

         }

+

+	mprintf("Waiting 10 seconds...\n");

+	sleep(10);

         mirror_used++;

         m = m->next;

     }

@@ -281,117 +201,6 @@ int download(struct optstruct *opt)

     return ret;

 }

-void write_mirror(struct optstruct *opt, char * mirror)

-{

-    char *datadir, *mirror_last;

-    FILE *fd;

-    

-    if(optl(opt, "datadir"))

-    {

-        datadir = getargl(opt, "datadir");

-    }

-    else

-    {

-        datadir = DATADIR;

-    }

-

-    if((mirror_last = malloc(sizeof(char) * (strlen(datadir) + strlen(MIRROR) + 1))) == NULL)

-    {

-        fprintf(stderr, "ERROR: Can't allocate sufficient memory\n");

-        mexit(1);

-    }

-

-    strcpy(mirror_last, datadir);

-

-    strcat(mirror_last, MIRROR);

-

-    if((fd = fopen(mirror_last, "w")) == NULL)

-    {

-        /* No mirror was used last time - this is normal */

-        fprintf(stderr, "ERROR: Can't create file %s !\n", mirror_last);

-        free(mirror_last);

-        return;

-    }

-    

-    if(!fputs(mirror, fd))

-    {

-        fprintf(stderr, "ERROR: Can't write to file %s !\n", mirror_last);

-    }

-

-    fclose(fd);

-    free(mirror_last);

-    

-    return;

-}

-

-/*

- * If the previous database update was not from the first host

- * listed in mirrors.txt it will have been saved to DBDIR/mirror.

- * In this case use this host one more time (if it is up) for

- * database updates then revert to the order in DBDIR/mirrors.txt

- */

-char * parse_mirror(struct optstruct *opt)

-{

-    char *datadir = NULL, *mirror_last  = NULL, *last = NULL;

-    FILE *fd;

-    char buf[BUFSIZ];

-    

-    if(optl(opt, "datadir"))

-    {

-        datadir = getargl(opt, "datadir");

-    }

-    else

-    {

-        datadir = DATADIR;

-    }

-

-    if((mirror_last = malloc(sizeof(char) * (strlen(datadir) + strlen(MIRROR) + 1))) == NULL)

-    {

-        fprintf(stderr, "ERROR: Can't allocate sufficient memory\n");

-        mexit(1);

-    }

-

-    strcpy(mirror_last, datadir);

-

-    strcat(mirror_last, MIRROR);

-

-    if((fd = fopen(mirror_last, "r")) == NULL)

-    {

-        /* No mirror was used last time - this is normal */

-        free(mirror_last);

-        return NULL;

-    }

-

-    while(fgets(buf, BUFSIZ, fd))

-    {

-        if(buf[0] == '#')

-            continue;

-

-        if(strlen(buf) > 0)

-        {

-            if((last = malloc(sizeof(char) * (strlen(buf) +1))) == NULL)

-            {

-                fprintf(stderr, "ERROR: Can't allocate sufficient memory\n");

-                free(mirror_last);

-                return NULL;

-            }

-

-            chomp(buf);

-            strcpy(last, buf);

-            break;

-        }    

-    }

-

-    if(fclose(fd) != 0)

-    {

-        fprintf(stderr, "ERROR: Can't close fd !\n");

-    }

-

-    free(mirror_last);

-

-    return last;

-}

-

 mirrors* parse_mirrorcfg(struct optstruct *opt)

 {

     mirrors *head = NULL, *curr = NULL, *prev = NULL;

@@ -504,12 +313,13 @@ void help(void)

     mprintf_stdout = 1;

     mprintf("\n");

-    mprintf("		   Clam AntiVirus: FreshClam  "VERSION"\n");

-    mprintf("		   (c) 2002 Tomasz Kojm <zolw@konarski.edu.pl>\n");

+    mprintf("		   Clam AntiVirus: freshclam  "VERSION"\n");

+    mprintf("		   (c) 2002, 2003 Tomasz Kojm <zolw@konarski.edu.pl>\n");

     mprintf("	  \n");

     mprintf("    --help		    -h		show help\n");

     mprintf("    --version		    -V		print version number and exit\n");

     mprintf("    --verbose		    -v		be verbose\n");

+    mprintf("    --debug		    		enable debug messages\n");

     mprintf("    --quiet				be quiet, output only error messages\n");

     mprintf("    --stdout				write to stdout instead of stderr\n");

     mprintf("					(this help is always written to stdout)\n");

@@ -44,47 +44,67 @@

 int downloadmanager(const struct optstruct *opt, const char *hostname)

 {

-	char *oldmd5 = NULL, *old2md5 = NULL, *newmd5 = NULL, 

-	     *new2md5 = NULL, *downmd5, *tempname;

-	int hostfd, vir;

-	short int updatedb = 0, updatedb2 = 0, nodb = 0, nodb2 = 0;

 	time_t currtime;

-	const char *proxy;	/* proxy support njh@bandsman.co.uk */

-	const char *user;

+	int ret, updated = 0, signo = 0;

+

     time(&currtime);

-    logg("Checking for a new database - started at %s", ctime(&currtime));

-    mprintf("Checking for a new database - started at %s", ctime(&currtime));

+    mprintf("ClamAV update process started at %s", ctime(&currtime));

+    logg("ClamAV update process started at %s", ctime(&currtime));

+#ifndef HAVE_GMP

+    mprintf("SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES\n");

+    logg("SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES\n");

+#endif

-    /* first thing we want is a local file md5 checksum */

-    if(fileinfo(DB1NAME, 1) == -1) {

-	/* there is no database, so we just download a new one */

-	nodb = 1; 

-	mprintf(DB1NAME" not found in the data directory.\n");

-    } else {

-	if((oldmd5 = cl_md5file(DB1NAME)) == NULL) {

-	    mprintf("@Can't create md5 checksum of the "DB1NAME" database.\n");

-	    return 51;

-	}

-    }

+    if((ret = downloaddb(DB1NAME, "main.cvd", hostname, &signo, opt)) > 50)

+	return ret;

+    else if(ret == 0)

+	updated = 1;

-    if(fileinfo(DB2NAME, 1) == -1) {

-	nodb2 = 1; 

-	mprintf(DB2NAME" not found in the data directory.\n");

-    } else {

-	if((old2md5 = cl_md5file(DB2NAME)) == NULL) {

-	    mprintf("@Can't create md5 checksum of the "DB2NAME" database.\n");

-	    return 51;

+    if((ret = downloaddb(DB2NAME, "daily.cvd", hostname, &signo, opt)) > 50)

+	return ret;

+    else if(ret == 0)

+	updated = 1;

+

+    if(updated) {

+	mprintf("Database updated (%d signatures) from %s.\n", signo, hostname);

+	logg("Database updated (%d signatures) from %s.\n", signo, hostname);

+

+#ifdef BUILD_CLAMD

+	if(optl(opt, "daemon-notify")) {

+		const char *clamav_conf = getargl(opt, "daemon-notify");

+	    if(!clamav_conf)

+		clamav_conf = DEFAULT_CFG;

+

+	    notify(clamav_conf);

 	}

-    }

+#endif

+

+	if(optl(opt, "on-update-execute"))

+	    system(getargl(opt, "on-update-execute"));

+

+	return 0;

+

+    } else

+	return 1;

+}

+

+int downloaddb(const char *localname, const char *remotename, const char *hostname, int *signo, const struct optstruct *opt)

+{

+	struct cl_cvd *current, *remote;

+	int hostfd, nodb = 0, ret;

+	char  *tempname;

+	const char *proxy, *user;

+

+    if((current = cl_cvdhead(localname)) == NULL)

+	nodb = 1;

-    if(optl(opt, "proxy-user")) {

+    if(optl(opt, "proxy-user"))

 	user = getargl(opt, "proxy-user");

-    } else {

+    else

 	user = NULL;

-    }

     /*

      * njh@bandsman.co.uk: added proxy support. Tested using squid 2.4

@@ -111,7 +131,7 @@ int downloadmanager(const struct optstruct *opt, const char *hostname)

 		proxy = NULL;

     }

     if(proxy)

-	mprintf("*Connecting via %s\n", proxy);

+	mprintf("Connecting via %s\n", proxy);

     hostfd = wwwconnect(hostname, proxy);

@@ -119,22 +139,30 @@ int downloadmanager(const struct optstruct *opt, const char *hostname)

 	mprintf("@Connection with %s failed.\n", hostname);

 	return 52;

     } else

-	mprintf("Connected to %s.\n", hostname);

+	mprintf("*Connected to %s.\n", hostname);

-    if((newmd5 = get_md5_checksum("viruses.md5", hostfd, hostname, proxy, user)) == NULL) {

-	mprintf("@Can't get viruses.md5 sum from %s\n", hostname);

+    if(!(remote = remote_cvdhead(remotename, hostfd, hostname, proxy, user))) {

+	mprintf("@Can't read %s header from %s\n", remotename, hostname);

 	close(hostfd);

 	return 52;

     }

-    /* ok, we have md5 sum from Internet */

+    *signo += current->sigs; /* we need to do it just here */

-    if(oldmd5 && !strncmp(oldmd5, newmd5, 32)) {

-	mprintf(DB1NAME" is up to date.\n");

-	logg(DB1NAME" is up to date.\n");

-    } else

-	updatedb = 1;

+    if(current && (current->version >= remote->version)) {

+	mprintf("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);

+	logg("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);

+	close(hostfd);

+	cl_cvdfree(current);

+	cl_cvdfree(remote);

+	return 1;

+    }

+

+    if(current)

+	cl_cvdfree(current);

+

+    cl_cvdfree(remote);

     /* FIXME: We need to reconnect, because we won't be able to donwload

      * the database. The problem doesn't exist with my local apache.

@@ -150,160 +178,46 @@ int downloadmanager(const struct optstruct *opt, const char *hostname)

     };

     /* end */

-    if((new2md5 = get_md5_checksum("viruses2.md5", hostfd, hostname, proxy, user)) == NULL) {

-	mprintf("@Can't get viruses2.md5 sum from %s\n", hostname);

-	close(hostfd);

-	return 52;

-    }

-

-    /* ok, we have md5 sum from Internet */

-

-    if(old2md5 && !strncmp(old2md5, new2md5, 32)) {

-	mprintf(DB2NAME" is up to date.\n");

-	logg(DB2NAME" is up to date.\n");

-    } else

-	updatedb2 = 1;

-

-    if(!updatedb && !updatedb2) {

-	close(hostfd);

-	return 1;

+    /* temporary file is created in clamav's directory thus we don't need

+     * to create it immediately because race condition is not possible here

+     */

+    tempname = cl_gentemp(".");

+

+    if(get_database(remotename, hostfd, tempname, hostname, proxy, user)) {

+        mprintf("@Can't download %s from %s\n", remotename, hostname);

+        unlink(tempname);

+        free(tempname);

+        close(hostfd);

+        return 52;

     }

-    if(updatedb) {

-

-	/* temporary file is created in clamav's directory thus we don't need

-	 * to create it immediately, because race conditions are impossible

-	 */

-	tempname = cl_gentemp(".");

-

-	/* download the database */

-	/* FIXME: We need to reconnect, because we won't be able to donwload

-	 * the database. The problem doesn't exist with my local apache.

-	 * Some code change is needed in get_md5_checksum().

-	 */

-

-	/* begin bug work-around */

-	close(hostfd);

-	hostfd = wwwconnect(hostname, proxy);

-

-	if(hostfd < 0) {

-	    mprintf("@Connection with %s failed.\n", hostname);

-	    free(tempname);

-	    return 52;

-	};

-	/* end */

-

-	if(get_database(DB1NAME, hostfd, tempname, hostname, proxy, user)) {

-	    mprintf("@Can't download "DB1NAME" from %s\n", hostname);

-	    unlink(tempname);

-	    free(tempname);

-	    close(hostfd);

-	    return 52;

-	}

-

-	close(hostfd);

-

-	/* ok, we have new database */

-	if((downmd5 = cl_md5file(tempname)) == NULL) {

-	    unlink(tempname);

-	    free(tempname);

-	    mprintf("@Can't create md5 checksum of the virus database.\n");

-	    return 51;

-	}

-

-	if(!strcmp(newmd5, downmd5)) {

-	    if(!nodb && unlink(DB1NAME)) {

-		mprintf("@Can't unlink "DB1NAME" file. Fix the problem and try again.\n");

-		unlink(tempname);

-		free(tempname);

-		return 53;

-	    } else

-		rename(tempname, DB1NAME);

-	} else {

-	    mprintf("@The checksum of "DB1NAME" database isn't ok. Please check it yourself or try again.\n");

-	    unlink(tempname);

-	    free(tempname);

-	    return 54;

-	}

+    close(hostfd);

-	unlink(tempname);

-	free(tempname);

-	free(downmd5);

+    if((ret = cl_cvdverify(tempname))) {

+        mprintf("@Verification: %s\n", cl_strerror(ret));