@@ -174,6 +174,52 @@ extern int cl_engine_addref(struct cl_engine *engine);

 extern int cl_engine_free(struct cl_engine *engine);

+/* CALLBACKS - WARNING: unstable API - WIP */

+

+

+typedef cl_error_t (*clcb_pre_scan)(int fd, void *context);

+/* PRE-SCAN

+Input:

+fd      = File descriptor which is about to be scanned

+context = Opaque application provided data

+

+Output:

+CL_CLEAN = File is scanned

+CL_BREAK = Whitelisted by callback - file is skipped and marked as clean

+CL_VIRUS = Blacklisted by callback - file is skipped and marked as infected

+*/

+extern void cl_engine_set_clcb_pre_scan(struct cl_engine *engine, clcb_pre_scan callback, void *context);

+

+

+typedef cl_error_t (*clcb_post_scan)(int fd, int result, void *context);

+/* POST-SCAN

+Input:

+fd      = File descriptor which is was scanned

+result  = The scan result for the file

+context = Opaque application provided data

+

+Output:

+CL_CLEAN = Scan result is not overridden

+CL_BREAK = Whitelisted by callback - scan result is set to CL_CLEAN

+CL_VIRUS = Blacklisted by callback - scan result is set to CL_VIRUS

+*/

+extern void cl_engine_set_clcb_post_scan(struct cl_engine *engine, clcb_post_scan callback, void *context);

+

+

+typedef int (*clcb_sigload)(const char *type, const char *name, void *context);

+/* SIGNATURE LOAD

+Input:

+type = The signature type (e.g. "db", "ndb", "mdb", etc.)

+name = The virus name

+context = Opaque application provided data

+

+Output:

+0     = Load the current signature

+Non 0 = Skip the current signature

+*/

+extern void cl_engine_set_clcb_sigload(struct cl_engine *engine, clcb_sigload callback, void *context);

+

+

 struct cl_stat {

     char *dir;

     struct stat *stattab;

@@ -11,6 +11,9 @@ CLAMAV_PUBLIC {

     cl_engine_get_num;

     cl_engine_set_str;

     cl_engine_get_str;

+    cl_engine_set_clcb_pre_scan;

+    cl_engine_set_clcb_post_scan;

+    cl_engine_set_clcb_sigload;

     cl_engine_settings_copy;

     cl_engine_settings_apply;

     cl_engine_settings_free;

@@ -1008,3 +1008,18 @@ int cli_bitset_test(bitset_t *bs, unsigned long bit_offset)

 	}

 	return (bs->bitset[char_offset] & ((unsigned char)1 << bit_offset));

 }

+

+void cl_engine_set_clcb_pre_scan(struct cl_engine *engine, clcb_pre_scan callback, void *context) {

+    engine->cb_pre_scan = callback;

+    engine->cb_pre_scan_ctx = callback ? context : NULL;

+}

+

+void cl_engine_set_clcb_post_scan(struct cl_engine *engine, clcb_post_scan callback, void *context) {

+    engine->cb_post_scan = callback;

+    engine->cb_post_scan_ctx = callback ? context : NULL;

+}

+

+void cl_engine_set_clcb_sigload(struct cl_engine *engine, clcb_sigload callback, void *context) {

+    engine->cb_sigload = callback;

+    engine->cb_sigload_ctx = callback ? context : NULL;

+}

@@ -247,6 +247,14 @@ struct cl_engine {

     /* Used for memory pools */

     mpool_t *mempool;

+    /* Callback(s) */

+    clcb_pre_scan cb_pre_scan;

+    void *cb_pre_scan_ctx;

+    clcb_post_scan cb_post_scan;

+    void *cb_post_scan_ctx;

+    clcb_sigload cb_sigload;

+    void *cb_sigload_ctx;

+

     /* Used for bytecode */

     struct cli_all_bc bcs;

     unsigned *hooks[_BC_LAST_HOOK - _BC_START_HOOKS];

@@ -549,6 +549,11 @@ static int cli_loaddb(FILE *fs, struct cl_engine *engine, unsigned int *signo, u

 	if(engine->ignored && cli_chkign(engine->ignored, start, buffer_cpy))

 	    continue;

+	if(engine->cb_sigload && engine->cb_sigload("db", start, engine->cb_sigload_ctx)) {

+	    cli_dbgmsg("cli_loaddb: skipping %s due to callback\n", start);

+	    continue;

+	}

+

 	if(*pt == '=') continue;

 	if((ret = cli_parse_add(root, start, pt, 0, 0, "*", 0, NULL, options))) {

@@ -623,6 +628,11 @@ static int cli_loadidb(FILE *fs, struct cl_engine *engine, unsigned int *signo,

 	if(engine->ignored && cli_chkign(engine->ignored, tokens[0], buffer_cpy))

 	    continue;

+	if(engine->cb_sigload && engine->cb_sigload("idb", tokens[0], engine->cb_sigload_ctx)) {

+	    cli_dbgmsg("cli_loadidb: skipping %s due to callback\n", tokens[0]);

+	    continue;

+	}

+

 	hash = (uint8_t *)tokens[3];

 	if(cli_hexnibbles((char *)hash, 124)) {

 	    cli_errmsg("cli_loadidb: Malformed hash at line %u (bad chars)\n", line);

@@ -892,6 +902,11 @@ static int cli_loadndb(FILE *fs, struct cl_engine *engine, unsigned int *signo,

 	if(engine->ignored && cli_chkign(engine->ignored, virname, buffer_cpy))

 	    continue;

+	if(engine->cb_sigload && engine->cb_sigload("ndb", virname, engine->cb_sigload_ctx)) {

+	    cli_dbgmsg("cli_loadndb: skipping %s due to callback\n", virname);

+	    continue;

+	}

+

 	if(tokens_count > 4) { /* min version */

 	    pt = tokens[4];

@@ -1195,6 +1210,11 @@ static int load_oneldb(char *buffer, int chkpua, int chkign, struct cl_engine *e

     if (chkign && cli_chkign(engine->ignored, virname, buffer_cpy))

 	return CL_SUCCESS;

+    if(engine->cb_sigload && engine->cb_sigload("ldb", virname, engine->cb_sigload_ctx)) {

+	cli_dbgmsg("cli_loadldb: skipping %s due to callback\n", virname);

+	return CL_SUCCESS;

+    }

+

     subsigs = cli_ac_chklsig(logic, logic + strlen(logic), NULL, NULL, NULL, 1);

     if(subsigs == -1) {

 	return CL_EMALFDB;

@@ -1894,6 +1914,11 @@ static int cli_loadmd5(FILE *fs, struct cl_engine *engine, unsigned int *signo,

 	if(engine->ignored && cli_chkign(engine->ignored, pt, buffer_cpy))

 	    continue;

+	if(engine->cb_sigload && engine->cb_sigload("md5", pt, engine->cb_sigload_ctx)) {

+	    cli_dbgmsg("cli_loadmd5: skipping %s due to callback\n", pt);

+	    continue;

+	}

+

 	new = (struct cli_bm_patt *) mpool_calloc(engine->mempool, 1, sizeof(struct cli_bm_patt));

 	if(!new) {

 	    ret = CL_EMEM;

@@ -2045,6 +2070,13 @@ static int cli_loadmd(FILE *fs, struct cl_engine *engine, unsigned int *signo, i

 	    continue;

 	}

+	if(engine->cb_sigload && engine->cb_sigload("md", new->virname, engine->cb_sigload_ctx)) {

+	    cli_dbgmsg("cli_loadmd: skipping %s due to callback\n", new->virname);

+	    mpool_free(engine->mempool, new->virname);

+	    mpool_free(engine->mempool, new);

+	    continue;

+	}

+

 	new->encrypted = strcmp(tokens[1], "*") ? atoi(tokens[1]) : 2;

 	if(strcmp(tokens[2], "*") && cli_regcomp(&new->name, tokens[2], REG_EXTENDED | REG_NOSUB)) {

@@ -2178,6 +2210,13 @@ static int cli_loadcdb(FILE *fs, struct cl_engine *engine, unsigned int *signo,

 	    continue;

 	}

+	if(engine->cb_sigload && engine->cb_sigload("cdb", new->virname, engine->cb_sigload_ctx)) {

+	    cli_dbgmsg("cli_loadcdb: skipping %s due to callback\n", new->virname);

+	    mpool_free(engine->mempool, new->virname);

+	    mpool_free(engine->mempool, new);

+	    continue;

+	}

+

 	if(!strcmp(tokens[1], "*")) {

 	    new->ctype = CL_TYPE_ANY;

 	} else if((new->ctype = cli_ftcode(tokens[1])) == CL_TYPE_ERROR) {

@@ -1894,9 +1894,25 @@ static void emax_reached(cli_ctx *ctx) {

 #define LINESTR(x) #x

 #define LINESTR2(x) LINESTR(x)

 #define __AT__  " at line "LINESTR2(__LINE__)

-#define ret_from_magicscan(retcode) do {					\

-    cli_dbgmsg("cli_magic_scandesc: returning %d %s\n", retcode, __AT__);	\

-    return retcode;							\

+#define ret_from_magicscan(retcode) do {							\

+    cli_dbgmsg("cli_magic_scandesc: returning %d %s\n", retcode, __AT__);			\

+    if(ctx->engine->cb_post_scan) {								\

+	switch(ctx->engine->cb_post_scan(desc, retcode, ctx->engine->cb_post_scan_ctx)) {	\

+	case CL_BREAK:										\

+	    cli_dbgmsg("cli_magic_scandesc: file whitelisted by callback\n");			\

+	    return CL_CLEAN;									\

+	case CL_VIRUS:										\

+	    cli_dbgmsg("cli_magic_scandesc: file blacklisted by callback\n");			\

+	    if(ctx->virname)									\

+		*ctx->virname = "Detected.By.Callback";						\

+	    return CL_VIRUS;									\

+	case CL_CLEAN:										\

+	    break;										\

+	default:										\

+	    cli_warnmsg("cli_magic_scandesc: ignoring bad return code from callback\n");	\

+	}											\

+    }												\

+    return retcode;										\

     } while(0)

 int cli_magic_scandesc(int desc, cli_ctx *ctx)

@@ -1953,6 +1969,27 @@ int cli_magic_scandesc(int desc, cli_ctx *ctx)

 	ret_from_magicscan(CL_EMEM);

     }

+    if(ctx->engine->cb_pre_scan) {

+	switch(ctx->engine->cb_pre_scan(desc, ctx->engine->cb_pre_scan_ctx)) {

+	case CL_BREAK:

+	    cli_dbgmsg("cli_magic_scandesc: file whitelisted by callback\n");

+	    funmap(*ctx->fmap);

+	    ctx->fmap--;

+	    ret_from_magicscan(CL_CLEAN);

+	case CL_VIRUS:

+	    cli_dbgmsg("cli_magic_scandesc: file blacklisted by callback\n");

+	    if(ctx->virname)

+		*ctx->virname = "Detected.By.Callback";

+	    funmap(*ctx->fmap);

+	    ctx->fmap--;

+	    ret_from_magicscan(CL_VIRUS);

+	case CL_CLEAN:

+	    break;

+	default:

+	    cli_warnmsg("cli_magic_scandesc: ignoring bad return code from callback\n");

+	}

+    }

+

     if(cache_check(hash, ctx) == CL_CLEAN) {

 	funmap(*ctx->fmap);

 	ctx->fmap--;