@@ -118,6 +118,7 @@ Thomas Lamy <Thomas.Lamy*in-online.net>

 Marty Lee <marty*maui.co.uk>

 Peter N Lewis <peter*stairways.com.au>

 Roger Lucas <roger*planbit.co.uk>

+Richard Lyons <frob-clamav*webcentral.com.au>

 David S. Madole <david*madole.net>

 Joe Maimon <jmaimon*ttec.com>

 Andrey V. Malyshev <amal*krasn.ru>

@@ -1,3 +1,8 @@

+Tue Dec  7 02:48:08 CET 2004 (tk)

+---------------------------------

+  * clamd: added support for file descriptor passing (patch by Richard Lyons

+	   <frob-clamav*webcentral.com.au>)

+

 Mon Dec  6 22:33:26 GMT 2004 (njh)

 ----------------------------------

   * clamav-milter:	Ensure the date is kept in the quarantine path

@@ -75,12 +75,18 @@

 /* file i/o buffer size */

 #undef FILEBUFF

+/* access rights in msghdr */

+#undef HAVE_ACCRIGHTS_IN_MSGHDR

+

 /* "attrib packed" */

 #undef HAVE_ATTRIB_PACKED

 /* have bzip2 */

 #undef HAVE_BZLIB_H

+/* ancillary data style fd pass */

+#undef HAVE_CONTROL_IN_MSGHDR

+

 /* Define to 1 if you have the <dlfcn.h> header file. */

 #undef HAVE_DLFCN_H

@@ -153,12 +159,18 @@

 /* readdir_r takes 3 arguments */

 #undef HAVE_READDIR_R_3

+/* Define to 1 if you have the `recvmsg' function. */

+#undef HAVE_RECVMSG

+

 /* Define to 1 if you have the <regex.h> header file. */

 #undef HAVE_REGEX_H

 /* have resolv.h */

 #undef HAVE_RESOLV_H

+/* Define to 1 if you have the `sendmsg' function. */

+#undef HAVE_SENDMSG

+

 /* Define to 1 if you have the `setgroups' function. */

 #undef HAVE_SETGROUPS

@@ -216,6 +228,9 @@

 /* Define to 1 if you have the <tcpd.h> header file. */

 #undef HAVE_TCPD_H

+/* Define to 1 if you have the <uio.h> header file. */

+#undef HAVE_UIO_H

+

 /* Define to 1 if you have the <unistd.h> header file. */

 #undef HAVE_UNISTD_H

@@ -225,6 +240,9 @@

 /* zlib installed */

 #undef HAVE_ZLIB_H

+/* Early Linux doesn't set cmsg fields */

+#undef INCOMPLETE_CMSG

+

 /* bzip funtions do not have bz2 prefix */

 #undef NOBZ2PREFIX

@@ -32,12 +32,16 @@

 #include <sys/time.h>

 #include <sys/socket.h>

 #include <sys/ioctl.h>

+

 #if HAVE_SYS_TYPES_H

 #include <sys/types.h>

 #endif

 #if HAVE_SYS_FILIO_H

 #include <sys/filio.h>

 #endif

+#ifdef HAVE_SYS_UIO_H

+#include <sys/uio.h>

+#endif

 /* submitted by breiter@wolfereiter.com: do not use poll(2) on Interix */

 #ifdef C_INTERIX

@@ -58,6 +62,7 @@

 #include "memory.h"

 #include "cfgparser.h"

+#include "session.h"

 void virusaction(const char *virname, const struct cfgstruct *copt)

 {

@@ -220,3 +225,65 @@ int writen(int fd, void *buff, unsigned int count)

     return count;

 }

+

+/* Submitted by Richard Lyons <frob-clamav*webcentral.com.au> */

+

+#if defined(HAVE_RECVMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) && !defined(C_CYGWIN)

+

+int readsock(int sockfd, char *buf, size_t size)

+{

+	int fd;

+	ssize_t n;

+	struct msghdr msg;

+	struct iovec iov[1];

+#ifdef HAVE_CONTROL_IN_MSGHDR

+	struct cmsghdr *cmsg;

+	char tmp[CMSG_SPACE(sizeof(fd))];

+#endif

+

+    iov[0].iov_base = buf;

+    iov[0].iov_len = size;

+    memset(&msg, 0, sizeof(msg));

+    msg.msg_iov = iov;

+    msg.msg_iovlen = 1;

+#ifdef HAVE_ACCRIGHTS_IN_MSGHDR

+    msg.msg_accrights = (caddr_t)&fd;

+    msg.msg_accrightslen = sizeof(fd);

+#endif

+#ifdef HAVE_CONTROL_IN_MSGHDR

+    msg.msg_control = tmp;

+    msg.msg_controllen = sizeof(tmp);

+#endif

+    fd = -1;

+    if ((n = recvmsg(sockfd, &msg, 0)) <= 0)

+	return n;

+    errno = EBADF;

+    if (n != 1 || buf[0] != 0)

+	return !strncmp(buf, CMD12, strlen(CMD12)) ? -1 : n;

+#ifdef HAVE_ACCRIGHTS_IN_MSGHDR

+    if (msg.msg_accrightslen != sizeof(fd))

+	return -1;

+#endif

+#ifdef HAVE_CONTROL_IN_MSGHDR

+    cmsg = CMSG_FIRSTHDR(&msg);

+    if (cmsg == NULL)

+	return -1;

+#ifndef INCOMPLETE_CMSG

+    if (cmsg->cmsg_type != SCM_RIGHTS)

+	return -1;

+    if (cmsg->cmsg_len != CMSG_LEN(sizeof(fd)))

+	return -1;

+#endif

+    fd = *(int *)CMSG_DATA(cmsg);

+#endif

+    if (fd < 0)

+	return -1;

+    n = snprintf(buf, size, "FD %d", fd);

+    if (n >= size)

+	return -1;

+    return n;

+}

+

+#else

+#define	readsock	read

+#endif

@@ -31,5 +31,6 @@ int poll_fd(int fd, int timeout_sec);

 int is_fd_connected(int fd);

 void virusaction(const char *virname, const struct cfgstruct *copt);

 int writen(int fd, void *buff, unsigned int count);

+int readsock(int sockfd, char *buf, size_t size);

 #endif

@@ -261,6 +261,37 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_node

     return ret;

 }

+int scanfd(const int fd, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, short contscan)

+{

+	int ret;

+	const char *virname;

+	struct stat statbuf;

+

+

+    if(fstat(fd, &statbuf) == -1)

+	return -1;

+

+    if(!S_ISREG(statbuf.st_mode))

+	return -1;

+

+    ret = cl_scandesc(fd, &virname, scanned, root, limits, options);

+

+    if(ret == CL_VIRUS) {

+	mdprintf(odesc, "fd[%d]: %s FOUND\n", fd, virname);

+	logg("fd[%d]: %s FOUND\n", fd, virname);

+	virusaction(virname, copt);

+    } else if(ret != CL_CLEAN) {

+	mdprintf(odesc, "fd[%d]: %s ERROR\n", fd, cl_strerror(ret));

+	logg("fd[%d]: %s ERROR\n", fd, cl_strerror(ret));

+    } else {

+	mdprintf(odesc, "fd[%d]: OK\n", fd);

+        if(logok)

+	    logg("fd[%d]: OK\n", fd); 

+    }

+

+    return ret;

+}

+

 int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt)

 {

 	int ret, portscan = CL_DEFAULT_MAXPORTSCAN, sockfd, port, acceptd;

@@ -442,7 +473,7 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root

 	logg("stream: %s ERROR\n", cl_strerror(ret));

     } else {

 	mdprintf(odesc, "stream: OK\n");

-        if (logok)

+        if(logok)

 	    logg("stream: OK\n"); 

     }

@@ -27,6 +27,8 @@ int dirscan(const char *dirname, const char **virname, unsigned long int *scanne

 int scan(const char *filename, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, short contscan);

+int scanfd(const int fd, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, short contscan);

+

 int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt);

 #endif

@@ -44,18 +44,6 @@

 #include "output.h"

 #include "memory.h"

-#define CMD1 "SCAN"

-#define CMD2 "RAWSCAN"

-#define CMD3 "QUIT" /* deprecated */

-#define CMD4 "RELOAD"

-#define CMD5 "PING"

-#define CMD6 "CONTSCAN"

-#define CMD7 "VERSION"

-#define CMD8 "STREAM"

-#define CMD9 "SESSION"

-#define CMD10 "END"

-#define CMD11 "SHUTDOWN"

-

 pthread_mutex_t ctime_mutex = PTHREAD_MUTEX_INITIALIZER;

 int command(int desc, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int timeout)

@@ -77,7 +65,7 @@ int command(int desc, const struct cl_node *root, const struct cl_limits *limits

 	return -1;

     }

-    while((bread = read(desc, buff, 1024)) == -1 && errno == EINTR);

+    while((bread = readsock(desc, buff, 1024)) == -1 && errno == EINTR);

     if(!bread)

 	return 0;

@@ -188,6 +176,12 @@ int command(int desc, const struct cl_node *root, const struct cl_limits *limits

     } else if(!strncmp(buff, CMD11, strlen(CMD11))) { /* SHUTDOWN */

 	return COMMAND_SHUTDOWN;

+    } else if(!strncmp(buff, CMD12, strlen(CMD12))) { /* FD */

+	    int fd = atoi(buff + strlen(CMD12) + 1);

+

+	scanfd(fd, NULL, root, limits, options, copt, desc, 0);

+	close(fd); /* FIXME: should we close it here? */

+

     } else {

 	mdprintf(desc, "UNKNOWN COMMAND\n");

     }

@@ -23,6 +23,19 @@

 #define COMMAND_RELOAD 2

 #define COMMAND_END 3

+#define CMD1 "SCAN"

+#define CMD2 "RAWSCAN"

+#define CMD3 "QUIT" /* deprecated */

+#define CMD4 "RELOAD"

+#define CMD5 "PING"

+#define CMD6 "CONTSCAN"

+#define CMD7 "VERSION"

+#define CMD8 "STREAM"

+#define CMD9 "SESSION"

+#define CMD10 "END"

+#define CMD11 "SHUTDOWN"

+#define CMD12 "FD"

+

 #include <clamav.h>

 #include "cfgparser.h"

@@ -33,6 +33,10 @@

 #include <utime.h>

 #include <errno.h>

+#ifdef HAVE_SYS_UIO_H

+#include <sys/uio.h>

+#endif

+

 #include "others.h"

 #include "defaults.h"

 #include "shared.h"

@@ -50,27 +54,18 @@

 # define SOCKET_INET	AF_INET

 #endif

+/* #define ENABLE_FD_PASSING	    FIXME: Doesn't work yet */

+

 void move_infected(const char *filename, const struct optstruct *opt);

 int notremoved = 0, notmoved = 0;

-int dsfile(int sockd, const char *filename, const struct optstruct *opt)

+int dsresult(int sockd, const struct optstruct *opt)

 {

 	int infected = 0, waserror = 0;

-	char buff[4096], *scancmd, *pt;

+	char buff[4096], *pt;

 	FILE *fd;

-    scancmd = mcalloc(strlen(filename) + 20, sizeof(char));

-    sprintf(scancmd, "CONTSCAN %s", filename);

-

-    if(write(sockd, scancmd, strlen(scancmd)) <= 0) {

-	mprintf("@Can't write to the socket.\n");

-	free(scancmd);

-	return -1;

-    }

-

-    free(scancmd);

-

     if((fd = fdopen(dup(sockd), "r")) == NULL) {

 	mprintf("@Can't open descriptor for reading.\n");

 	return -1;

@@ -99,6 +94,7 @@ int dsfile(int sockd, const char *filename, const struct optstruct *opt)

 		}

 	    }

 	}

+

 	if(strstr(buff, "ERROR\n")) {

 	    logg("%s", buff);

 	    mprintf("%s", buff);

@@ -108,12 +104,78 @@ int dsfile(int sockd, const char *filename, const struct optstruct *opt)

     fclose(fd);

-    if(!infected && !waserror)

+    return infected ? infected : (waserror ? -1 : 0);

+}

+

+int dsfile(int sockd, const char *filename, const struct optstruct *opt)

+{

+	int ret;

+	char buff[4096], *scancmd, *pt;

+	FILE *fd;

+

+

+    scancmd = mcalloc(strlen(filename) + 20, sizeof(char));

+    sprintf(scancmd, "CONTSCAN %s", filename);

+

+    if(write(sockd, scancmd, strlen(scancmd)) <= 0) {

+	mprintf("@Can't write to the socket.\n");

+	free(scancmd);

+	return -1;

+    }

+

+    free(scancmd);

+

+    ret = dsresult(sockd, opt);

+

+    if(!ret)

 	mprintf("%s: OK\n", filename);

-    return infected ? infected : (waserror ? -1 : 0);

+    return ret;

 }

+#if defined(ENABLE_FD_PASSING) && defined(HAVE_SENDMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) && !defined(C_CYGWIN)

+

+/* Submitted by Richard Lyons <frob-clamav*webcentral.com.au> */

+int dsfd(int sockfd, int fd, const struct optstruct *opt)

+{

+	struct iovec iov[1];

+	struct msghdr msg;

+#ifdef HAVE_CONTROL_IN_MSGHDR

+	struct cmsghdr *cmsg;

+	char tmp[CMSG_SPACE(sizeof(fd))];

+#endif

+

+    iov[0].iov_base = "";

+    iov[0].iov_len = 1;

+    memset(&msg, 0, sizeof(msg));

+    msg.msg_iov = iov;

+    msg.msg_iovlen = 1;

+#ifdef HAVE_CONTROL_IN_MSGHDR

+    msg.msg_control = tmp;

+    msg.msg_controllen = sizeof(tmp);

+    cmsg = CMSG_FIRSTHDR(&msg);

+    cmsg->cmsg_level = SOL_SOCKET;

+    cmsg->cmsg_type = SCM_RIGHTS;

+    cmsg->cmsg_len = CMSG_LEN(sizeof(fd));

+    *(int *)CMSG_DATA(cmsg) = fd;

+#endif

+#ifdef HAVE_ACCRIGHTS_IN_MSGHDR

+    msg.msg_accrights = (caddr_t)&fd;

+    msg.msg_accrightslen = sizeof(fd);

+#endif

+    if (sendmsg(sockfd, &msg, 0) != iov[0].iov_len) {

+	mprintf("@Can't write to the socket.\n");

+	return -1;

+    }

+    return dsresult(sockfd, opt);

+}

+#else

+int dsfd(int sockfd, int fd, const struct optstruct *opt)

+{

+    return -1;

+}

+#endif

+

 int dsstream(int sockd, const struct optstruct *opt)

 {

 	int wsockd, loopw = 60, bread, port, infected = 0;

@@ -122,6 +184,7 @@ int dsstream(int sockd, const struct optstruct *opt)

 	int peer_size;

 	char buff[4096], *pt;

+

     if(write(sockd, "STREAM", 6) <= 0) {

 	mprintf("@Can't write to the socket.\n");

 	return 2;

@@ -195,25 +258,8 @@ int dsstream(int sockd, const struct optstruct *opt)

 	if(strstr(buff, "FOUND\n")) {

 	    infected++;

 	    logg("%s", buff);

-	    if(optl(opt, "move")) {

-		pt = strrchr(buff, ':');

-		*pt = 0;

-		move_infected(buff, opt);

-	    } else if(optl(opt, "remove")) {

-		pt = strrchr(buff, ':');

-		*pt = 0;

-		if(unlink(buff)) {

-		    mprintf("%s: Can't remove.\n", buff);

-		    logg("%s: Can't remove.\n", buff);

-		    notremoved++;

-		} else {

-		    mprintf("%s: Removed.\n", buff);

-		    logg("%s: Removed.\n", buff);

-		}

-	    }

-	}

-	if(strstr(buff, "ERROR\n")) {

+	} else if(strstr(buff, "ERROR\n")) {

 	    logg("%s", buff);

 	    return -1;

 	}

@@ -354,6 +400,18 @@ int client(const struct optstruct *opt, int *infected)

 	close(sockd);

+#if defined(ENABLE_FD_PASSING) && defined(HAVE_SENDMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) && !defined(C_CYGWIN)

+    } else if(!strcmp(opt->filename, "-")) { /* scan data from stdin */

+	if((sockd = dconnect(opt)) < 0)

+	    return 2;

+

+	if((ret = dsfd(sockd, 0, opt)) >= 0)

+	    *infected += ret;

+	else

+	    errors++;

+

+	close(sockd);

+#else

     } else if(!strcmp(opt->filename, "-")) { /* scan data from stdin */

 	if((sockd = dconnect(opt)) < 0)

 	    return 2;

@@ -364,6 +422,7 @@ int client(const struct optstruct *opt, int *infected)

 	    errors++;

 	close(sockd);

+#endif

     } else {

 	int x;

@@ -8547,7 +8547,8 @@ fi

-for ac_header in stdint.h unistd.h sys/int_types.h dlfcn.h inttypes.h sys/inttypes.h memory.h ndir.h stdlib.h strings.h string.h sys/mman.h sys/param.h sys/stat.h sys/types.h malloc.h poll.h regex.h limits.h sys/filio.h

+

+for ac_header in stdint.h unistd.h sys/int_types.h dlfcn.h inttypes.h sys/inttypes.h memory.h ndir.h stdlib.h strings.h string.h sys/mman.h sys/param.h sys/stat.h sys/types.h malloc.h poll.h regex.h limits.h sys/filio.h uio.h

 do

 as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`

 if eval "test \"\${$as_ac_Header+set}\" = set"; then

@@ -11537,6 +11538,15 @@ _ACEOF

 	fi

 	CLAMSCAN_LIBS="$CLAMSCAN_LIBS -lpthread"

     fi

+    case `uname -r` in

+    1.*|2.0.*)

+

+cat >>confdefs.h <<\_ACEOF

+#define INCOMPLETE_CMSG 1

+_ACEOF

+

+       ;;

+    esac

     ;;

 cygwin*)

@@ -12354,6 +12364,244 @@ fi

 fi

+

+for ac_func in recvmsg sendmsg

+do

+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`

+echo "$as_me:$LINENO: checking for $ac_func" >&5

+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6

+if eval "test \"\${$as_ac_var+set}\" = set"; then

+  echo $ECHO_N "(cached) $ECHO_C" >&6

+else

+  cat >conftest.$ac_ext <<_ACEOF

+/* confdefs.h.  */

+_ACEOF

+cat confdefs.h >>conftest.$ac_ext

+cat >>conftest.$ac_ext <<_ACEOF

+/* end confdefs.h.  */

+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.

+   For example, HP-UX 11i <limits.h> declares gettimeofday.  */

+#define $ac_func innocuous_$ac_func

+

+/* System header to define __stub macros and hopefully few prototypes,

+    which can conflict with char $ac_func (); below.

+    Prefer <limits.h> to <assert.h> if __STDC__ is defined, since

+    <limits.h> exists even on freestanding compilers.  */

+

+#ifdef __STDC__

+# include <limits.h>

+#else

+# include <assert.h>

+#endif

+

+#undef $ac_func

+

+/* Override any gcc2 internal prototype to avoid an error.  */

+#ifdef __cplusplus

+extern "C"

+{

+#endif

+/* We use char because int might match the return type of a gcc2

+   builtin and then its argument prototype would still apply.  */

+char $ac_func ();

+/* The GNU C library defines this for functions which it implements

+    to always fail with ENOSYS.  Some functions are actually named

+    something starting with __ and the normal name is an alias.  */

+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)

+choke me

+#else

+char (*f) () = $ac_func;

+#endif

+#ifdef __cplusplus

+}

+#endif

+

+int

+main ()

+{

+return f != $ac_func;

+  ;

+  return 0;

+}

+_ACEOF

+rm -f conftest.$ac_objext conftest$ac_exeext

+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5

+  (eval $ac_link) 2>conftest.er1

+  ac_status=$?

+  grep -v '^ *+' conftest.er1 >conftest.err

+  rm -f conftest.er1

+  cat conftest.err >&5

+  echo "$as_me:$LINENO: \$? = $ac_status" >&5

+  (exit $ac_status); } &&

+	 { ac_try='test -z "$ac_c_werror_flag"			 || test ! -s conftest.err'

+  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5

+  (eval $ac_try) 2>&5

+  ac_status=$?

+  echo "$as_me:$LINENO: \$? = $ac_status" >&5

+  (exit $ac_status); }; } &&

+	 { ac_try='test -s conftest$ac_exeext'

+  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5

+  (eval $ac_try) 2>&5

+  ac_status=$?

+  echo "$as_me:$LINENO: \$? = $ac_status" >&5

+  (exit $ac_status); }; }; then

+  eval "$as_ac_var=yes"

+else

+  echo "$as_me: failed program was:" >&5

+sed 's/^/| /' conftest.$ac_ext >&5

+

+eval "$as_ac_var=no"

+fi

+rm -f conftest.err conftest.$ac_objext \

+      conftest$ac_exeext conftest.$ac_ext

+fi

+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5

+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6

+if test `eval echo '${'$as_ac_var'}'` = yes; then

+  cat >>confdefs.h <<_ACEOF

+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1

+_ACEOF

+

+fi

+done

+

+echo "$as_me:$LINENO: checking for msg_accrights field in struct msghdr" >&5

+echo $ECHO_N "checking for msg_accrights field in struct msghdr... $ECHO_C" >&6

+if test "${ac_cv_have_accrights_in_msghdr+set}" = set; then

+  echo $ECHO_N "(cached) $ECHO_C" >&6

+else

+

+    if test "$cross_compiling" = yes; then

+  { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling

+See \`config.log' for more details." >&5

+echo "$as_me: error: cannot run test program while cross compiling

+See \`config.log' for more details." >&2;}

+   { (exit 1); exit 1; }; }

+else

+  cat >conftest.$ac_ext <<_ACEOF

+/* confdefs.h.  */

+_ACEOF

+cat confdefs.h >>conftest.$ac_ext

+cat >>conftest.$ac_ext <<_ACEOF

+/* end confdefs.h.  */

+

+#include <sys/types.h>

+#include <sys/socket.h>

+#include <sys/uio.h>

+int main() {

+#ifdef msg_accrights

+exit(1);

+#endif

+struct msghdr m;

+m.msg_accrights = 0;

+exit(0);

+}

+

+_ACEOF

+rm -f conftest$ac_exeext

+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5

+  (eval $ac_link) 2>&5

+  ac_status=$?

+  echo "$as_me:$LINENO: \$? = $ac_status" >&5

+  (exit $ac_status); } && { ac_try='./conftest$ac_exeext'

+  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5

+  (eval $ac_try) 2>&5

+  ac_status=$?

+  echo "$as_me:$LINENO: \$? = $ac_status" >&5

+  (exit $ac_status); }; }; then

+   ac_cv_have_accrights_in_msghdr="yes"

+else

+  echo "$as_me: program exited with status $ac_status" >&5

+echo "$as_me: failed program was:" >&5

+sed 's/^/| /' conftest.$ac_ext >&5

+

+( exit $ac_status )

+ ac_cv_have_accrights_in_msghdr="no"

+

+fi

+rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext

+fi

+

+fi

+echo "$as_me:$LINENO: result: $ac_cv_have_accrights_in_msghdr" >&5

+echo "${ECHO_T}$ac_cv_have_accrights_in_msghdr" >&6

+if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then

+

+cat >>confdefs.h <<\_ACEOF

+#define HAVE_ACCRIGHTS_IN_MSGHDR 1

+_ACEOF

+

+fi

+

+echo "$as_me:$LINENO: checking for msg_control field in struct msghdr" >&5

+echo $ECHO_N "checking for msg_control field in struct msghdr... $ECHO_C" >&6

+if test "${ac_cv_have_control_in_msghdr+set}" = set; then

+  echo $ECHO_N "(cached) $ECHO_C" >&6

+else

+

+    if test "$cross_compiling" = yes; then

+  { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling

+See \`config.log' for more details." >&5

+echo "$as_me: error: cannot run test program while cross compiling

+See \`config.log' for more details." >&2;}

+   { (exit 1); exit 1; }; }

+else

+  cat >conftest.$ac_ext <<_ACEOF

+/* confdefs.h.  */

+_ACEOF

+cat confdefs.h >>conftest.$ac_ext

+cat >>conftest.$ac_ext <<_ACEOF

+/* end confdefs.h.  */

+

+#include <sys/types.h>

+#include <sys/socket.h>

+#include <sys/uio.h>

+int main() {

+#ifdef msg_control

+exit(1);

+#endif

+struct msghdr m;

+m.msg_control = 0;

+exit(0);

+}

+

+_ACEOF

+rm -f conftest$ac_exeext

+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5

+  (eval $ac_link) 2>&5

+  ac_status=$?

+  echo "$as_me:$LINENO: \$? = $ac_status" >&5

+  (exit $ac_status); } && { ac_try='./conftest$ac_exeext'

+  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5

+  (eval $ac_try) 2>&5

+  ac_status=$?

+  echo "$as_me:$LINENO: \$? = $ac_status" >&5

+  (exit $ac_status); }; }; then

+   ac_cv_have_control_in_msghdr="yes"

+else

+  echo "$as_me: program exited with status $ac_status" >&5

+echo "$as_me: failed program was:" >&5

+sed 's/^/| /' conftest.$ac_ext >&5

+

+( exit $ac_status )

+ ac_cv_have_control_in_msghdr="no"

+

+fi

+rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext

+fi

+

+fi

+echo "$as_me:$LINENO: result: $ac_cv_have_control_in_msghdr" >&5

+echo "${ECHO_T}$ac_cv_have_control_in_msghdr" >&6

+if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then

+

+cat >>confdefs.h <<\_ACEOF

+#define HAVE_CONTROL_IN_MSGHDR 1

+_ACEOF

+

+fi

+

+

 # Check whether --with-tcpwrappers or --without-tcpwrappers was given.

 if test "${with_tcpwrappers+set}" = set; then

   withval="$with_tcpwrappers"

@@ -38,7 +38,7 @@ AC_DEFINE(SCANBUFF, 131072, [scan buffer size])

 AC_DEFINE(FILEBUFF, 8192,   [file i/o buffer size])

 AC_HEADER_STDC

-AC_CHECK_HEADERS(stdint.h unistd.h sys/int_types.h dlfcn.h inttypes.h sys/inttypes.h memory.h ndir.h stdlib.h strings.h string.h sys/mman.h sys/param.h sys/stat.h sys/types.h malloc.h poll.h regex.h limits.h sys/filio.h)

+AC_CHECK_HEADERS(stdint.h unistd.h sys/int_types.h dlfcn.h inttypes.h sys/inttypes.h memory.h ndir.h stdlib.h strings.h string.h sys/mman.h sys/param.h sys/stat.h sys/types.h malloc.h poll.h regex.h limits.h sys/filio.h uio.h)

 AC_CHECK_HEADER(syslog.h,AC_DEFINE(USE_SYSLOG,1,[use syslog]),)

 AC_TYPE_OFF_T

@@ -314,6 +314,11 @@ linux*)

 	fi

 	CLAMSCAN_LIBS="$CLAMSCAN_LIBS -lpthread"

     fi

+    case `uname -r` in

+    1.*|2.0.*)

+       AC_DEFINE(INCOMPLETE_CMSG,1,[Early Linux doesn't set cmsg fields])

+       ;;

+    esac

     ;;

 cygwin*)

     AC_DEFINE(C_CYGWIN,1,[os is cygwin])

@@ -518,6 +523,57 @@ then

     AC_PATH_PROG(SENDMAIL, sendmail, /usr/lib/sendmail, $PATH:/usr/lib:/usr/sbin:/etc:/usr/local/lib:/usr/local/sbin:/usr/bin:/usr/local/bin)

 fi

+dnl Check if we can do fd passing

+dnl Submitted by Richard Lyons <frob-clamav@webcentral.com.au>

+AC_CHECK_FUNCS(recvmsg sendmsg)

+AC_CACHE_CHECK([for msg_accrights field in struct msghdr],

+	ac_cv_have_accrights_in_msghdr, [

+    AC_TRY_RUN(

+	[

+#include <sys/types.h>

+#include <sys/socket.h>

+#include <sys/uio.h>

+int main() {

+#ifdef msg_accrights

+exit(1);

+#endif

+struct msghdr m;

+m.msg_accrights = 0;

+exit(0);

+}

+	],

+	[ ac_cv_have_accrights_in_msghdr="yes" ],

+	[ ac_cv_have_accrights_in_msghdr="no" ]

+    )

+])

+if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then

+    AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR,1,[access rights in msghdr])

+fi

+

+AC_CACHE_CHECK([for msg_control field in struct msghdr],

+	ac_cv_have_control_in_msghdr, [

+    AC_TRY_RUN(

+	[

+#include <sys/types.h>

+#include <sys/socket.h>

+#include <sys/uio.h>

+int main() {

+#ifdef msg_control

+exit(1);

+#endif

+struct msghdr m;

+m.msg_control = 0;

+exit(0);

+}

+	],

+	[ ac_cv_have_control_in_msghdr="yes" ],

+	[ ac_cv_have_control_in_msghdr="no" ]

+    )

+])

+if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then

+    AC_DEFINE(HAVE_CONTROL_IN_MSGHDR,1,[ancillary data style fd pass])

+fi

+

 dnl tcpwrappers support

 dnl rules from http://ma.ph-freiburg.de/tng/tng-technical/2002-01/msg00094.html

 AC_ARG_WITH(tcpwrappers,