...
|
...
|
@@ -297,555 +297,7 @@ your system (/proc/sys/kernel/threads-max), or decrease the value of
|
297
|
297
|
|
298
|
298
|
3. CHANGE HISTORY
|
299
|
299
|
|
300
|
|
-Changes
|
301
|
|
-0.2: 4/3/03 clamfi_abort() now always calls pthread_mutex_unlock
|
302
|
|
- 5/3/03 Only send a bounce if -b is set
|
303
|
|
- Version now uses -v not -V
|
304
|
|
- --config-file couldn't be set by -c
|
305
|
|
-0.3 7/3/03 Enhanced the Solaris compile time comment
|
306
|
|
- No need to save the return result of LogSyslog
|
307
|
|
- Use LogVerbose
|
308
|
|
-0.4 9/3/03 Initialise dataSocket/cmdSocket correctly
|
309
|
|
- 10/3/03 Say why we don't connect() to clamd
|
310
|
|
- Enhanced '-l' usage message
|
311
|
|
-0.5 18/3/03 Ported to FreeBSD 4.7
|
312
|
|
- Source no longer in support, so remove one .. from
|
313
|
|
- the build instructions
|
314
|
|
- Corrected the use of strerror_r
|
315
|
|
-0.51 20/3/03 Mention StreamSaveToDisk in the installation
|
316
|
|
- Added -s option which allows clamd to run on a
|
317
|
|
- different machine from the milter
|
318
|
|
-0.52 20/3/03 -b flag now only stops the bounce, sends warning
|
319
|
|
- to recipient and postmaster
|
320
|
|
-0.53 24/3/03 %d->%u in syslog call
|
321
|
|
- 27/3/03 tcpSocket is now of type in_port_t
|
322
|
|
- 27/3/03 Use PING/PONG
|
323
|
|
-0.54 23/5/03 Allow a range of IP addresses as outgoing ones
|
324
|
|
- that need not be checked
|
325
|
|
-0.55 24/5/03 Use inet_ntop() instead of inet_ntoa()
|
326
|
|
- Thanks to Krzysztof Olędzki <ole@ans.pl>
|
327
|
|
-0.60 11/7/03 Some TODOs done by Nigel Kukard <nkukard@lbsd.net>
|
328
|
|
- Should stop a couple of remote chances of crashes
|
329
|
|
-0.60a 22/7/03 Tidied up message when sender is unknown
|
330
|
|
-0.60b 17/8/03 Optionally set postmaster address. Usually one uses
|
331
|
|
- /etc/aliases, but not everyone want's to...
|
332
|
|
-0.60c 22/8/03 Another go at Solaris support
|
333
|
|
-0.60d 26/8/03 Removed superfluous buffer and unneeded strerror call
|
334
|
|
- ETIMEDOUT isn't an error, but should give a warning
|
335
|
|
-0.60e 09/9/03 Added -P and -q flags by "Nicholas M. Kirsch" <nick@kirsch.org>
|
336
|
|
-0.60f 17/9/03 Changed fprintf to fputs where possible
|
337
|
|
- Redirect stdin from /dev/null, stdout&stderr to
|
338
|
|
- /dev/console
|
339
|
|
-0.60g 26/9/03 Handle sendmail calling abort after calling cleanup
|
340
|
|
- (Should never happen - but it does)
|
341
|
|
- Added -noxheader patch from dirk.meyer@dinoex.sub.org
|
342
|
|
-0.60h 28/9/03 Support MaxThreads option in config file,
|
343
|
|
- overriden by --max-children.
|
344
|
|
- Patch from "Richard G. Roberto" <rgr@dedlegend.com>
|
345
|
|
-0.60i 30/9/03 clamfi_envfrom() now correctly returns SMFIS_TEMPFAIL,
|
346
|
|
- in a few circumstances it used to return EX_TEMPFAIL
|
347
|
|
- Patch from Matt Sullivan <matt@sullivan.gen.nz>
|
348
|
|
-0.60j 1/10/03 strerror_r doesn't work on Linux, attempting workaround
|
349
|
|
- Added support for hard-coded list of email addresses
|
350
|
|
- who's e-mail is not scanned
|
351
|
|
-0.60k 5/10/03 Only remove old UNIX domain socket if FixStaleSocket
|
352
|
|
- is set
|
353
|
|
-0.60l 11/10/03 port is now unsigned
|
354
|
|
- Removed remote possibility of crash if the target
|
355
|
|
- e-mail address is very long
|
356
|
|
- No longer calls clamdscan to get the version
|
357
|
|
-0.60m 12/10/03 Now does sanity check if using localSocket
|
358
|
|
- Gets version info from clamd
|
359
|
|
- Only reset fd's 0/1/2 if !ForeGround
|
360
|
|
-0.60n 22/10/03 Call pthread_cont_broadcast more often
|
361
|
|
-0.60o 31/10/03 Optionally accept all mails if scanning procedure
|
362
|
|
- fails (Joe Talbott <josepht@cstone.net>)
|
363
|
|
-0.60p 5/11/03 Only call mutex_unlock when max_children is set
|
364
|
|
- Tidy up the call to pthread_cond_timedwait
|
365
|
|
-0.60q 11/11/03 Fixed handling of % characters in e-mail addresses
|
366
|
|
- pointed out by dotslash@snosoft.com
|
367
|
|
-0.65 15/11/03 Upissue of clamav
|
368
|
|
-0.65a 19/11/03 Close cmdSocket earlier
|
369
|
|
- Added setpgrp()
|
370
|
|
-0.65b 22/11/03 Ensure milter is not run as root if requested
|
371
|
|
- Added quarantine support
|
372
|
|
-0.65c 24/11/03 Support AllowSupplementaryGroups
|
373
|
|
- Fix warning about root usage
|
374
|
|
-0.65d 25/11/03 Handle empty hostname or hostaddr
|
375
|
|
- Fix based on a submission by Michael Dankov <misha@btrc.ru>
|
376
|
|
-0.65e 29/11/03 Fix problem of possible confused pointers if large
|
377
|
|
- number of recipients given.
|
378
|
|
- Fix by Michael Dankov <misha@btrc.ru>.
|
379
|
|
-0.65f 29/11/03 Added --quarantine-dir
|
380
|
|
- Thanks to Michael Dankov <misha@btrc.ru>.
|
381
|
|
-0.65g 2/12/03 Use setsid if setpgrp is not present.
|
382
|
|
- Thanks to Eugene Crosser <crosser@rol.ru>
|
383
|
|
-0.65h 4/12/03 Added call to umask to ensure that the local socket
|
384
|
|
- is not publically writeable. If it is sendmail
|
385
|
|
- will (correctly!) refuse to start this program
|
386
|
|
- Thanks for Nicklaus Wicker <n.wicker@cnk-networks.de>
|
387
|
|
- Don't sent From as the first line since that means
|
388
|
|
- clamd will think it is an mbox and not handle
|
389
|
|
- unescaped From at the start of lines properly
|
390
|
|
- Thanks to Michael Dankov <misha@btrc.ru>
|
391
|
|
-0.65i 9/12/03 Use the location of sendmail discovered by configure
|
392
|
|
-0.65j 10/12/03 Timeout on waiting for data from clamd
|
393
|
|
-0.65k 12/12/03 A couple of calls to clamfi_cleanup were missing
|
394
|
|
- before return cl_error
|
395
|
|
-0.66 13/12/03 Upissue
|
396
|
|
-0.66a 22/12/03 Added --sign
|
397
|
|
-0.66b 27/12/03 --sign moved to privdata
|
398
|
|
-0.66c 31/12/03 Included the sendmail queue ID in the log, from an
|
399
|
|
- idea by Andy Fiddaman <af@jeamland.org>
|
400
|
|
-0.66d 10/1/04 Added OpenBSD instructions
|
401
|
|
- Added --signature-file option
|
402
|
|
-0.66e 12/1/04 FixStaleSocket: no longer complain if asked to remove
|
403
|
|
- an old socket when there was none to remove
|
404
|
|
-0.66f 24/1/04 -s: Allow clamd server name as well as IPaddress
|
405
|
|
-0.66g 25/1/04 Corrected usage message
|
406
|
|
- Started to honour --debug
|
407
|
|
- Dump core on LINUX if CL_DEBUG set
|
408
|
|
- Support multiple servers separated by colons
|
409
|
|
-0.66h 26/1/04 Corrected endian problem (ntohs instead of htons)
|
410
|
|
-0.66i 28/1/04 Fixed compilation error with --enable-debug
|
411
|
|
-0.66j 29/1/03 Added --noreject flag, based on a patch by
|
412
|
|
- "Vijay Sarvepalli" <vssarvep@office.uncg.edu>
|
413
|
|
-0.66k 2/2/04 When --postmaster-only is given, include the system
|
414
|
|
- ID of the message in the warning e-mail, since that
|
415
|
|
- will help the administrator when sifting through the
|
416
|
|
- mail logs. Based on an idea by Jim Allen,
|
417
|
|
- <Jim.Allen@Heartsine.co.uk>
|
418
|
|
-0.66l 7/2/04 Updated URL reference
|
419
|
|
- Added new config.h mechanism
|
420
|
|
-0.66m 9/2/04 Added Hflag from "Leonid Zeitlin" <lz@europe.com>
|
421
|
|
-0.66n 13/2/04 Added TCPwrappers support
|
422
|
|
- Removed duplication in version string
|
423
|
|
- Handle machines that don't have in_port_t
|
424
|
|
-0.67 16/2/04 Upissued to 0.67
|
425
|
|
-0.67a 16/2/04 Added clamfi_free
|
426
|
|
-0.67b 17/2/04 Removed compilation warning - now compiles on FreeBSD5.2
|
427
|
|
- Don't allow --force to overwride TCPwrappers
|
428
|
|
-0.67c 18/2/04 Added dont-log-clean flag
|
429
|
|
-0.67d 19/2/04 Reworked TCPwrappers code
|
430
|
|
- Thanks to "Hector M. Rulot Segovia" <Hector.Rulot@uv.es>
|
431
|
|
- Changed some printf/puts to cli_dbgmsg
|
432
|
|
-0.67e 20/2/04 Moved the definition of the sendmail pipe
|
433
|
|
- The recent changes to the configure script changed
|
434
|
|
- the order of includes so some prototypes weren't getting in
|
435
|
|
-0.67f 20/2/04 Added checkClamd() - if possible attempts to see if clamd has
|
436
|
|
- died
|
437
|
|
-0.67g 21/2/04 Don't run if the quarantine-dir is publically accessable
|
438
|
|
-0.67h 22/2/04 Change the log level TCPwrapper denying
|
439
|
|
- Handle ERROR message from clamd
|
440
|
|
- Moved smfi_setconn to avoid race condictions when an e-mail is
|
441
|
|
- received just as the milter is starting but isn't ready to
|
442
|
|
- handle it causing the milter to go to an error state
|
443
|
|
- Hardend umask
|
444
|
|
-0.67i 27/2/04 Dropping priv message now same as clamd
|
445
|
|
- Only use TCPwrappers when using TCP/IP to establish
|
446
|
|
- communications with the milter
|
447
|
|
-0.67j 27/2/04 Call checkClamd() before attempting to connect, it's
|
448
|
|
- a way of warning the user if they've started the
|
449
|
|
- milter before clamd
|
450
|
|
- checkClamd() now stashes pid in syslog
|
451
|
|
- Ensure installation instructions tally with man page
|
452
|
|
- and put sockets into subdirectory for security
|
453
|
|
- clamfi_close debug, change assert to debug message
|
454
|
|
- Better way to force TCPwrappers only with TCP/IP
|
455
|
|
-0.67k 7/3/04 Ensure cli_dbgmsg's end with \n
|
456
|
|
- Fixed some warning messages with icc
|
457
|
|
- Use cli_[cm]alloc
|
458
|
|
- Included extra information if --headers is given (based on an
|
459
|
|
- idea from "Leonid Zeitlin" <lz@europe.com>
|
460
|
|
-0.67l 10/3/04 Use new HAVE_STRERROR_R rather than TARGET_OS_SOLARIS to
|
461
|
|
- determine if strerror_r exists
|
462
|
|
-0.70 17/3/04 Up-issued to 0.70
|
463
|
|
-0.70a 20/3/04 strerror_r is a bit confused on Fedora Linux. The
|
464
|
|
- man page says it returns an int, but the prototype
|
465
|
|
- in string.h says it returns a char *
|
466
|
|
- Say how many bytes can't be written to clamd - it may give a
|
467
|
|
- clue what's wrong
|
468
|
|
-0.70b 26/3/04 Display errno information on write failure to clamd
|
469
|
|
- Ensure errno is passed to strerror
|
470
|
|
- Print fd in clamfi_send debug
|
471
|
|
-0.70c 27/3/04 Timestamp clamfi_send messages
|
472
|
|
- Call cli_warnmsg if ERROR received
|
473
|
|
- Minor code tidy
|
474
|
|
- Delay connection to clamd to handle clamd's appetite for timing
|
475
|
|
- out when the remote end (the end talking to
|
476
|
|
- sendmail) is slow
|
477
|
|
- Prefer cli_dbgmsg/cli_warnmsg over printf
|
478
|
|
-0.70d 29/3/04 Print the sendmail ID with the virus note in syslog
|
479
|
|
- config file location has changed
|
480
|
|
-0.70e 1/4/04 Fix a remote possibility of a file descriptor leak
|
481
|
|
- in PingServer() if clamd has died
|
482
|
|
- Fix by Andrey J. Melnikoff (TEMHOTA) <temnota@kmv.ru>
|
483
|
|
- Corrected some debug messages reported by
|
484
|
|
- Sergey Y. Afonin <asy@kraft-s.ru>
|
485
|
|
-0.70f 1/4/04 Added auto-submitted header to messages generated here
|
486
|
|
- Suggested by "Andrey J. Melnikoff (TEMHOTA)"
|
487
|
|
- <temnota@kmv.ru>
|
488
|
|
- Add advice that --quarantine-dir may improve
|
489
|
|
- performance when LocalSocket is used
|
490
|
|
- ThreadTimeout seems to have been changed to ReadTimeout
|
491
|
|
-0.70g 3/4/04 Error if ReadTimeout is -ve
|
492
|
|
- Honour StreamMaxLength
|
493
|
|
-0.70h 8/4/04 Cleanup StreamMaxLength code
|
494
|
|
-0.70i 9/4/04 Handle clamd giving up on StreamMaxLength before clamav-milter
|
495
|
|
-0.70j 15/4/04 Handle systems without inet_ntop
|
496
|
|
-0.70k 17/4/04 Put the virus message in the 550 rejection
|
497
|
|
-0.70l 19/4/04 Started coding e-mail template support
|
498
|
|
-0.70m 19/4/04 Started code to parse header to find the real infected machine
|
499
|
|
- Added the --from flag
|
500
|
|
- Return SMFIS_TEMPFAIL when out of memory idea by
|
501
|
|
- Joe Maimon <jmaimon@ttec.com>
|
502
|
|
- Some still to be done
|
503
|
|
- Based on an idea by Christian Pelissier
|
504
|
|
- <Christian.Pelissier@onera.fr>. Store different
|
505
|
|
- day's quarantines in different directories to
|
506
|
|
- make them easier to manage
|
507
|
|
-0.70n 20/4/04 Allow for "i" macro not defined in sendmail.cf
|
508
|
|
- clamfi_connect: print better message if hostaddr is null
|
509
|
|
-0.70o 20/4/04 Added X-Virus-Status
|
510
|
|
- Always add X-Virus-Scanned
|
511
|
|
- If hostaddr is NULL assume it's a local connection. This
|
512
|
|
- is probably a safe assumption but it should be verified
|
513
|
|
-0.70p 20/4/04 If /dev/console fails to open, open /dev/null instead on fds 1
|
514
|
|
- and 2
|
515
|
|
- TCP_WRAPPERS code now uses inet_ntop()
|
516
|
|
- Simplify virus string
|
517
|
|
- Sort out tabs in the hard coded e-mail message
|
518
|
|
-0.70q 22/4/04 No need to parse the received line if --headers is given
|
519
|
|
- If -outgoing is given put generated emails in the deferred
|
520
|
|
- queue to avoid the milter being called twice at the
|
521
|
|
- same time (one on the incoming one on the outgoing)
|
522
|
|
- header_list_print, ensure From lines are escaped, may not be
|
523
|
|
- needed but it is better to be on the safe side
|
524
|
|
- When loadbalancing, fail to start only if no servers can be
|
525
|
|
- reached (used to fail if any one server could not be
|
526
|
|
- reached)
|
527
|
|
- Not all servers were load balanced
|
528
|
|
-0.70r 23/4/04 Ensure only From lines are escaped
|
529
|
|
- Also defer generated emails if --force-scan is given
|
530
|
|
- Better subject for quarantine e-mails
|
531
|
|
-0.70s 25/4/04 Added --pidfile support
|
532
|
|
-0.70t 28/4/04 Better quarantine message error report when failing to create
|
533
|
|
- the temporary file
|
534
|
|
- Send 554 after DATA received, not 550
|
535
|
|
- Don't send rejection notices to rejection notices, we just end
|
536
|
|
- up playing ping-pong (patch by "Andrey J.Melnikoff
|
537
|
|
- (TEMHOTA)" <temnota@kmv.ru>
|
538
|
|
- If CL_DEBUG is defined, don't redirect stdout/stderr
|
539
|
|
- Don't attempt to return an old signature if no filename has
|
540
|
|
- been given. There has never been one to return
|
541
|
|
-0.70u 29/4/04 When changing from realloc to cli_realloc I forgot to keep the
|
542
|
|
- assignment of signature
|
543
|
|
-0.70v 6/5/04 clamfi_close now always checks privdata is NULL, not only when
|
544
|
|
- debugging
|
545
|
|
- Allow transfers of exactly streamMaxLength
|
546
|
|
- Warn if a clean file can't be removed from the quarantine
|
547
|
|
- When streamMaxLength is exceeded add a header where possible,
|
548
|
|
- unless --noxheader is given
|
549
|
|
-0.70x 7/5/04 Only report that we've dropped privilege if the setuid
|
550
|
|
- succeeded, fix by Jens Elkner
|
551
|
|
- <elkner@linofee.org>
|
552
|
|
- If logVerbose is set state both starting and started messages
|
553
|
|
- (based on an idea by "Sergey Y. Afonin"
|
554
|
|
- <asy@kraft-s.ru>
|
555
|
|
- Also added X-Infected-Received-From: header by Sergey
|
556
|
|
- Fix from Damian Menscher <menscher@uiuc.edu> ensures that when
|
557
|
|
- a child dies we continue when max children is hit
|
558
|
|
- Report an error if inet_ntop fails in tcp_wrappers
|
559
|
|
-0.71 16/5/04 Up issue
|
560
|
|
-0.71a 21/5/04 --from wasn't always a recognised option
|
561
|
|
- Write failure to quarantine file now logs the name of the file
|
562
|
|
- Commented out TKs advice about using quarantine when using
|
563
|
|
- localSocket, sys admins were confused by it
|
564
|
|
-0.71b 24/5/04 Add which host did the virus scanning
|
565
|
|
-0.71c 25/5/04 X-Virus-Status: Not Scanned - StreamMaxLength exceeded was not
|
566
|
|
- always being added
|
567
|
|
- Now says host running clamd rather than host running
|
568
|
|
- clamav-milter, useful for checking load balancing etc.
|
569
|
|
-0.72 3/6/04 Up-issued
|
570
|
|
-0.72a 8/6/04 --from didn't take an option (fix to 0.71a)
|
571
|
|
-0.73 14/6/04 Up-issued
|
572
|
|
-0.73a 14/6/04 Added support for Windows SFU 3.5
|
573
|
|
-0.73b 15/6/04 Use fully qualified host name for X-Virus-Scanned header when
|
574
|
|
- localSocket is set
|
575
|
|
- In template files support {sendmail-variable} and support \%v
|
576
|
|
- to send the %v string
|
577
|
|
- Tidyup handling if the quarantine directory can't be created
|
578
|
|
-0.73c 21/6/04 Call trylock in clamfi_abort before unlock to prevent attempt
|
579
|
|
- to unlock not locked mutex since we have no control
|
580
|
|
- over when clamfi_abort() is called
|
581
|
|
- Remove warning message on FreeBSD5.2
|
582
|
|
-0.73d 28/6/04 Don't error when creating the quarantine directory if it
|
583
|
|
- already exists
|
584
|
|
-0.74 29/6/04 Up-issued
|
585
|
|
-0.74a 29/6/04 Allow the child timeout to be configurable
|
586
|
|
-0.74b 8/7/04 Validate the arguments to inet_ntop
|
587
|
|
-0.74c 14/7/04 Added --dont-wait
|
588
|
|
- Added --advisory
|
589
|
|
-0.74d 18/7/04 Added sanity check in clamfi_connect
|
590
|
|
-0.74e 21/7/04 Fixed thread unsafe code causing problems with multi-CPU
|
591
|
|
- machines running Solaris
|
592
|
|
-0.74f 22/7/04 Use gethostbyname_r() if available
|
593
|
|
-0.75 22/7/04 Up-issue
|
594
|
|
-0.75a 25/7/04 Fixed warning message when building on FreeBSD4.9
|
595
|
|
- Closed (small) memory leak
|
596
|
|
- Fix crash when the 1st remote service goes down
|
597
|
|
- Only use gethostbyname_r on LINUX for now
|
598
|
|
- Load balancing - improved a bit - but still some way to go
|
599
|
|
-0.75b 26/7/04 Template file: %v now prints the virus name without the trailer
|
600
|
|
-0.75c 29/7/04 Better load balancing if max_children = 0
|
601
|
|
- Use HAVE_GETHOSTBYNAME_R_6
|
602
|
|
-0.75d 29/7/04 Don't say "waiting for some to exit" if --dont-wait
|
603
|
|
-0.75e 30/7/04 Handle new clamd message when StreamMaxLength is exceeded
|
604
|
|
-0.75f 02/8/04 Use HAVE_GETHOSTBYNAME_R_5 and HAVE_GETHOSTBYNAME_R_3
|
605
|
|
- Try to ensure that the fully qualified domain name is used idea
|
606
|
|
- by christian laubscher <christian.laubscher@tiscalinet.ch>
|
607
|
|
- Template files can now contain more than one variable
|
608
|
|
- Template files sendmail variables handling changed to allow
|
609
|
|
- access to variables not in braces. All sendmail
|
610
|
|
- variables are now delimeted by dollars, e.g. ${j}$
|
611
|
|
- Better local IP table by Damian Menscher <menscher@uiuc.edu> and
|
612
|
|
- Andy Fiddaman <clam@fiddaman.net>
|
613
|
|
-0.75g 06/8/04 Handle privdata->from not set when --bounce is set
|
614
|
|
- "Denis Ustimenko" <den@uzsci.net>
|
615
|
|
- Quarantined file's names now contain the name of the virus
|
616
|
|
-0.75h 07/8/04 Some tweaking of the load balancing code
|
617
|
|
-0.75i 11/8/04 Added David Champion <dgc@uchicago.edu> isLocalAddr routine
|
618
|
|
-0.75j 11/8/04 Fix --from=EMAIL option which often didn't work
|
619
|
|
- reported by "Sergey Y. Afonin" <asy@kraft-s.ru>
|
620
|
|
-0.75k 13/8/04 Single thread through tcp_wrappers, reported by
|
621
|
|
- David Champion <dgc@uchicago.edu>
|
622
|
|
-0.75l 24/8/04 Give hint about what do to if the running as root warning
|
623
|
|
- appears
|
624
|
|
- Optimise the sending of the To and From headers to clamd
|
625
|
|
- Give better SMTP status message when asking for retransmit
|
626
|
|
- when --dont-wait is set
|
627
|
|
- Quarantine files now handle operating system filename
|
628
|
|
- restrictions
|
629
|
|
-0.75m 26/8/04 Generate correct message if there is no response from any
|
630
|
|
- clamd server
|
631
|
|
- Handle %h (headers) in the template file
|
632
|
|
- Fix bug in optimisation when more than one To line is
|
633
|
|
- received
|
634
|
|
-0.75n 8/9/04 Better quarantine filename handling on MACOS/X
|
635
|
|
- Added i18n support
|
636
|
|
- Better error message if the quarantine directory is publically
|
637
|
|
- accessable
|
638
|
|
-0.75o 12/9/04 Use .../share/clamav/clamav-milter/locale for the locale
|
639
|
|
- information
|
640
|
|
- Added first draft of SESSION code. Do NOT use in a production
|
641
|
|
- environment.
|
642
|
|
-0.75p 13/9/04 Updated SESSION code.
|
643
|
|
-0.75q 13/9/04 Use pthread_cond_broadcast() instead of pthread_cond_signal()
|
644
|
|
-0.75r 17/9/04 --help didn't include information about --max-children
|
645
|
|
- Fix problem in the template file handling where sendmail
|
646
|
|
- variables did't work after clamav variables.
|
647
|
|
-0.75s 20/9/04 StreamSaveToDisk is longer used
|
648
|
|
- Update references to clamav.conf, should now be clamd.conf
|
649
|
|
-0.80 20/9/04 Up-issued
|
650
|
|
-0.80a 25/9/04 Some Linux's need locale.h as well as libintl.h
|
651
|
|
- Honour LogFacility
|
652
|
|
- When sanitising the quarantine's filename, don't sanitise
|
653
|
|
- the directory name as well
|
654
|
|
-0.80b 27/9/04 Added quit() routine to tidy when shutting down
|
655
|
|
- honour HAVE_IN_ADDR_T
|
656
|
|
- Added --broadcast option
|
657
|
|
-0.80c 27/9/04 Added iface option to --broadcast
|
658
|
|
-0.80d 28/9/04 Notify clamavmon when a clamd is down, and when clamav-milter
|
659
|
|
- stops/starts
|
660
|
|
- Error gracefully if the iface option is set to --broadcast on
|
661
|
|
- an operating system that doesn't support it
|
662
|
|
-0.80e 30/9/04 If you say --from with no arguments, the from address is now
|
663
|
|
- set to the orginator's address
|
664
|
|
-0.80f 2/10/04 Fix crash if %h is used in a template and --headers is not set
|
665
|
|
-0.80g 4/10/04 Enhanced the SMTP reply
|
666
|
|
-0.80h 4/10/04 Fix mails containing viruses being kept twice in quarantine;
|
667
|
|
- once as 'msg.xxxxxx' and once as 'msg.xxxxxx.virusname'
|
668
|
|
-0.80i 5/10/04 ScanMail is no longer needed
|
669
|
|
- Improved tracing of the infected machine
|
670
|
|
-0.80j 8/10/04 SESSION: reset the session if the PORT command fails
|
671
|
|
- Correct --broadcast code if BINDTODEVICE isn't supported
|
672
|
|
-0.80k 24/10/04 Validate the length of the server hostnames
|
673
|
|
- Die if the name of the sockets are the same. By dying earlier
|
674
|
|
- we can generate a more useful message than libmilter's
|
675
|
|
- bind failure message
|
676
|
|
- SESSION code now on by default
|
677
|
|
- Use cli_strtokbuf() instead of cli_strtok() whereever possible
|
678
|
|
-0.80l 27/10/04 Remove X-VIRUS-STATUS on incoming messages since there's no
|
679
|
|
- way to verify it's statement about being clean
|
680
|
|
- Plug remote possibility of file descriptor leak
|
681
|
|
- Return EX_OSERR if fork fails, not EX_TEMPFAIL
|
682
|
|
- If clamav-milter points to more than one server, ensure that
|
683
|
|
- the version information for that server is added to
|
684
|
|
- the header
|
685
|
|
- Update version information in the watchdog. There may therefore
|
686
|
|
- be a delay between the server updating and this being
|
687
|
|
- reflected in the headers
|
688
|
|
-0.80m 29/10/04 Mark a session as down if the STREAM command timesout, or
|
689
|
|
- we can't connect to the returned PORT
|
690
|
|
- Fix problem with deleting X-VIRUS-STATUS not setting correct
|
691
|
|
- libmilter settings
|
692
|
|
-0.80n 30/10/04 Fix possible crash when one or more servers can't be contacted
|
693
|
|
-0.80o 3/11/04 SESSION: Warn if no clamd servers can be contacted when starting
|
694
|
|
- When changing a subject, keep the original subject in
|
695
|
|
- X-Original-Subject
|
696
|
|
-0.80p 4/11/04 SESSION: Fix bug causing crash when using LocalSocket mode
|
697
|
|
-0.80q 8/11/04 SESSION: Ensure watchdog only started in TCPSocket mode
|
698
|
|
-0.80r 10/11/04 Define SHUT_* and INET_ADDRSTRLEN if not already defined
|
699
|
|
- SCAN in situ rather than passing the file through a socket if
|
700
|
|
- localSocket and not quarantine_dir
|
701
|
|
-0.80s 13/11/04 Use SCAN when UNIX socket (localSocket) is used or when the
|
702
|
|
- load balancing algorithm favours localhost
|
703
|
|
-0.80t 20/11/04 Use the improved cli_gentemp(NULL)
|
704
|
|
- Added more samples to ignoredEmailAddresses list, from
|
705
|
|
- "Sergey Y. Afonin" <asy@kraft-s.ru>
|
706
|
|
- Added validation for the reply from clamd
|
707
|
|
- Include the sendmail ID in the quarantine file name, for easier
|
708
|
|
- cross matching with the sendmail log file
|
709
|
|
-0.80u 1/12/04 SESSION: Don't hang when streammaxlength is reached - reset the
|
710
|
|
- link
|
711
|
|
- Not all previous X-Virus-Status headers were removed
|
712
|
|
- Added the --internal flag
|
713
|
|
- TODO: freshclam notification and version headers
|
714
|
|
-0.80v 2/12/04: --internal now notices when freshclam has been run
|
715
|
|
- The default value for --timeout has been changed from 60
|
716
|
|
- seconds to 0 (wait forever)
|
717
|
|
-0.80w 3/12/04: --internal now honours scanning modes and archive limits
|
718
|
|
-0.80x 4/12/04: findServer() could return values out of range
|
719
|
|
-0.80y 5/12/04: --internal: fixed memory leak when a new database is loaded
|
720
|
|
- Fixed array overrun on startup that caused problems on some
|
721
|
|
- platforms
|
722
|
|
-0.80z 6/12/04: Quarantine files were not being renamed to contain the virus
|
723
|
|
- name if --quiet is given
|
724
|
|
- Fix compilation error if is SESSION not defined.
|
725
|
|
- Quarantine files could lose the date from the path
|
726
|
|
-0.80aa 7/12/04: Daily quarantine directories were not always being created
|
727
|
|
-0.80bb 12/12/04: On Linux store the -ve process group in the pid file to
|
728
|
|
- ensure that all threads are sent signals
|
729
|
|
- Support the temporary and quarantine directories being on
|
730
|
|
- different filesystems
|
731
|
|
-0.80cc 13/12/04: Fix crash on FreeBSD if DNS has been incorrectly set up
|
732
|
|
- Mutex the version strings
|
733
|
|
-0.80dd 19/12/04: Tidy up non SESSION code
|
734
|
|
-0.80ee 19/12/04: Error didn't appear in SESSIONS mode if LocalSocket set
|
735
|
|
- and neither max-children nor MaxThreads is set.
|
736
|
|
-0.80ff 21/12/04: Fault tolerance - sometimes attempted to get a STREAM
|
737
|
|
- from a server that is down
|
738
|
|
-0.80gg 12/1/05: Fixed DNS resolution error messages which could print
|
739
|
|
- the incorrect hostname that is not being resolved
|
740
|
|
-0.81 19/1/05: Up issued
|
741
|
|
-0.81a 22/1/05: If forwarding to a quarantine user fails log as LOG_ERR
|
742
|
|
- not LOG_DEBUG
|
743
|
|
- Try to sanity check that the input socket name is the
|
744
|
|
- same as the same given to sendmail
|
745
|
|
- Redirect stdout and stderr to LogFile, if that is set
|
746
|
|
- --quarantine didn't redirect to the given email address
|
747
|
|
- if --internal was used (reported by N Fung
|
748
|
|
- <nsfung@yahoo.com>)
|
749
|
|
-0.81b 25/1/05: Disabled SESSION by default (causes problems with clamd
|
750
|
|
- on BSD systems when running freshclam)
|
751
|
|
- Changed --internal to --external. Internal mode is now
|
752
|
|
- the default
|
753
|
|
-0.81c 27/1/05: Don't scan emails intended for the --quarantine address,
|
754
|
|
- that stops scanning of emails generated with
|
755
|
|
- viruses if --outgoing has been set
|
756
|
|
- Downgraded scanmail not defined if --external isn't
|
757
|
|
- given from error to warning
|
758
|
|
- Added -i flag when calling sendmail, suggested by
|
759
|
|
- Michal Jaegermann <michal@harddata.com>
|
760
|
|
-0.81d 28/1/05: Some error messages still talked about --internal
|
761
|
|
- Scanmail not set warning is now only given if
|
762
|
|
- DisableDefaultScanOptions is set
|
763
|
|
-0.81e 30/1/05: Don't check compatibility with sendmail.cf if sendmail
|
764
|
|
- is running on a different machine
|
765
|
|
- PACKADDR is now uses unsinged to remove warning on
|
766
|
|
- Sun's C compiler, patch by
|
767
|
|
- "Dugal James P." <jpd@louisiana.edu>
|
768
|
|
- SESSION is back on by default, to test clamd fix
|
769
|
|
-0.81f 31/1/05: Delete X-Virus-Status in clamfi_eom not in
|
770
|
|
- clamfi_header, patch by Jef Poskanzer
|
771
|
|
- <jef@acme.com>
|
772
|
|
- X-Virus-Status now says that virus that it's infected
|
773
|
|
- with, suggestion by "Hank Beatty"
|
774
|
|
- <hbeatty@starband.net>
|
775
|
|
-0.81g 2/2/05: Call watchdog if neither --external nor SESSION
|
776
|
|
-0.82 6/2/05: On Solaris, ensure when quarantining a file that the
|
777
|
|
- old location is removed
|
778
|
|
- Up issue
|
779
|
|
-0.82a 7/2/05: Added --detect-forged-email-address
|
780
|
|
- NUL terminate the string read from clamd
|
781
|
|
-0.82b 8/2/05: Don't use clamd's SESSION command
|
782
|
|
-0.82c 8/2/05: Tidy some code and debug statements
|
783
|
|
-0.82d 11/2/05: Added --whitelist-file=file
|
784
|
|
- Added --sendmail-cf=file
|
785
|
|
- Debug around mkdir/rmdir of tmpdir
|
786
|
|
- SESSION mode: not all sessions were closed when quitting
|
787
|
|
-0.83 13/2/05: Up issue
|
788
|
|
-0.83a 23/2/05: Issue a warning if sendmail can't be executed
|
789
|
|
- Remove pidfile, suggested by Stephen Gran <steve@lobefin.net>
|
790
|
|
-0.83b 1/3/05: When not using --external, if a database update is
|
791
|
|
- found, stop accepting inputs to quiten the
|
792
|
|
- system for the database reload, rather than
|
793
|
|
- wait for it to happen by itself
|
794
|
|
-0.84 3/3/05: Up-issue
|
795
|
|
-0.84a 5/3/05: Note that when the connection to sendmail is via TCP/IP
|
796
|
|
- rather than a UNIX domain socket, that --local
|
797
|
|
- must be given
|
798
|
|
-0.84b 9/3/05: Got rid of that GOTO
|
799
|
|
- --detect-forged-local-address no longer gives false
|
800
|
|
- positives on emails which have the Sender
|
801
|
|
- header set (e.g. mailing lists)
|
802
|
|
- Use {mail_addr} if no From field is received
|
803
|
|
-0.84c 18/3/05: Better handling of {mail_addr} / <>
|
804
|
|
-0.84d 6/4/05: Internal mode: print virus and error information on
|
805
|
|
- stdout. This goes to LogFile when not in debug
|
806
|
|
- mode.
|
807
|
|
- Included patch by Andy Feldt <feldt@nhn.ou.edu> for
|
808
|
|
- AIX 5.2. I do not have access to such a machine
|
809
|
|
- so any feedback would be helpful
|
810
|
|
-0.84e 18/4/05: Fixed a multi-threading problem relating to updating
|
811
|
|
- the database when in internal mode
|
812
|
|
- Use HAVE_CTIME_R_[23]
|
813
|
|
-0.84f 4/5/05: Better handling of open failures for LogFile
|
814
|
|
- Always send 451 when reloading a database, even if
|
815
|
|
- dont-wait isn't set
|
816
|
|
-0.84g 9/5/05: Print an error in the log if a segfault is received
|
817
|
|
-0.85 11/5/05: Up-issue
|
818
|
|
-0.85a 12/5/05: Open /dev/console before dropping privilege, reported
|
819
|
|
- by David Crow <crow@orangeblood.org>
|
820
|
|
-0.85b 19/5/05: Warn if TCPAddr doesn't allow connection from us
|
821
|
|
- Warn if notification email fails
|
822
|
|
- Enable some sendmail debug if LogVerbose is set
|
823
|
|
- Added sanity checks that the socket can be created
|
824
|
|
-0.85c 24/5/05: Use the program name from argv[0], based on an
|
825
|
|
- idea by Joe Maimon <jmaimon@ttec.com>
|
826
|
|
- When dying use LOG_CRIT rather than LOG_ERR
|
827
|
|
-0.85d 25/5/05: When not in external mode, TEMPFAIL when loading a new
|
828
|
|
- database, even when --dont-wait isn't given
|
829
|
|
-0.85e 27/5/05: When loading a new database when not in external mode,
|
830
|
|
- keep scanning with the old one rather than
|
831
|
|
- hold up incoming mails while waiting for
|
832
|
|
- clamav-milter to become idle then reloading the
|
833
|
|
- database
|
834
|
|
-0.85f 1/6/05: Support the new configuration functions
|
835
|
|
-0.85g 4/6/05: When checking if an email address is in the white-list,
|
836
|
|
- check if it is the quarantine email address
|
837
|
|
- before checking against the white-list file
|
838
|
|
- When starting, check that the white-list file can be
|
839
|
|
- opened
|
840
|
|
-0.85h 27/6/05: Changed the default child_timeout to 5 minutes
|
841
|
|
- Keep a copy of the trie root in privdata
|
842
|
|
- Removed trylock/unlock code in clamfi_abort
|
843
|
|
-0.85i 30/6/05: Honour Logclean
|
844
|
|
- Only syslog once when storing email in quarantine,
|
845
|
|
- reported by Panagiotis Christias, christias
|
846
|
|
- at gmail.com
|
847
|
|
- Log database reloads to the LogFile
|
848
|
|
-0.85j 23/7/05: FORTIFY the code
|
|
300
|
+See ../ChangeLog
|
849
|
301
|
|
850
|
302
|
4. INTERNATIONALISATION
|
851
|
303
|
|