git-svn: trunk@400
Tomasz Kojm authored on 2004/03/15 05:45:58... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Sun Mar 14 21:48:25 CET 2004 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * etc/clamav.conf: ScanOLE2 enabled by default |
|
4 |
+ * doc: manuals updated |
|
5 |
+ * fixed gcc warnings |
|
6 |
+ |
|
1 | 7 |
Sat Mar 13 23:14:44 CET 2004 (tk) |
2 | 8 |
--------------------------------- |
3 | 9 |
* doc: clamdoc.pdf - updated (for 0.70) and slightly reorganized |
... | ... |
@@ -2,6 +2,73 @@ Note: This README/NEWS file refers to the source tarball. Some things described |
2 | 2 |
here may not be available in binary packages. |
3 | 3 |
-- |
4 | 4 |
|
5 |
+ |
|
6 |
+0.70 |
|
7 |
+---- |
|
8 |
+ |
|
9 |
+The two major changes in this version are new thread manager in clamd |
|
10 |
+and support for decoding MS Office VBA macros. Both of them have been |
|
11 |
+implemented by Trog. Besides, there are many improvements and bugfixes |
|
12 |
+(all listed in ChangeLog), a short summary: |
|
13 |
+ |
|
14 |
+-) clamd |
|
15 |
+ + new thread manager (with better SMP support) |
|
16 |
+ + on-access scanning now also available on FreeBSD (with Dazuko 2.0) |
|
17 |
+ + new directive: ArchiveDetectEncrypted |
|
18 |
+ + handle SIGHUP (re-open logfile), SIGUSR2 (reload database) |
|
19 |
+ |
|
20 |
+-) clamav-milter: |
|
21 |
+ + TCPWrappers support |
|
22 |
+ |
|
23 |
+-) libclamav: |
|
24 |
+ + support for MS Office documents (OLE2) and VBA macros decompression |
|
25 |
+ + support for encrypted archive detection |
|
26 |
+ + new flags: CL_OLE2, CL_ENCRYPTED (see clamdoc.pdf, Section 6.1) |
|
27 |
+ + improved support for mail files (especially bounces) |
|
28 |
+ + improved RAR support |
|
29 |
+ |
|
30 |
+-) clamscan: |
|
31 |
+ + new option: --detect-encrypted |
|
32 |
+ |
|
33 |
+-) freshclam |
|
34 |
+ + new option: --pid, -p (write pid file if run as daemon) |
|
35 |
+ + handle SIGHUP (re-open logfile), SIGTERM (terminate with log message), |
|
36 |
+ SIGALRM and SIGUSR1 (wake up and check mirror) |
|
37 |
+ + fixed bug with -u and -c handling |
|
38 |
+ |
|
39 |
+-) documentation: |
|
40 |
+ + new Polish documentation on ClamAV and Samba integration |
|
41 |
+ + official documentation updated |
|
42 |
+ |
|
43 |
+ |
|
44 |
+Special thanks to Dirk Mueller <mueller*kde.org> for the code review and |
|
45 |
+many bugfixes and cleanups. |
|
46 |
+ |
|
47 |
+ |
|
48 |
+We are happy to announce new programs that support ClamAV (all of them |
|
49 |
+have been reviewed by our team): |
|
50 |
+ + j-chkmail - a powerful filter for sendmail |
|
51 |
+ + qscanq - Virus Scanning for Qmail |
|
52 |
+ + clamavr - Ruby binding for ClamAV |
|
53 |
+ + DansGuardian Anti-Virus Plugin |
|
54 |
+ + ClamAssassin - a filter for procmail |
|
55 |
+ + Gadoyanvirus - a filter for Qmail |
|
56 |
+ + OpenProtect - a complete e-mail protection solution |
|
57 |
+ + POP3 Virus Scanner Daemon |
|
58 |
+ + mailman-clamav - a virus filter for Mailman |
|
59 |
+ + wbmclamav - a webmin module to manage ClamAV |
|
60 |
+ + Scan Log Analyzer |
|
61 |
+ + mailgraph - a RRDtool frontend for Postfix Statistics |
|
62 |
+ + INSERT - a security toolkit on a credit card size CD |
|
63 |
+ + Local Area Security - a Live CD Linux distribution |
|
64 |
+ |
|
65 |
+ |
|
66 |
+-- |
|
67 |
+The ClamAV team (http://www.clamav.net/team.html) |
|
68 |
+March 14, 2004 |
|
69 |
+ |
|
70 |
+ |
|
71 |
+ |
|
5 | 72 |
0.67 |
6 | 73 |
---- |
7 | 74 |
This release fixes a memory management problem (platform dependent; can lead |
... | ... |
@@ -6,9 +6,47 @@ here may not be available in binary packages. |
6 | 6 |
0.70 |
7 | 7 |
---- |
8 | 8 |
|
9 |
+The two major changes in this version are new thread manager in clamd |
|
10 |
+and support for decoding MS Office VBA macros. Both of them have been |
|
11 |
+implemented by Trog. Besides, there are many improvements and bugfixes |
|
12 |
+(all listed in ChangeLog), a short summary: |
|
13 |
+ |
|
14 |
+-) clamd |
|
15 |
+ + new thread manager (with better SMP support) |
|
16 |
+ + on-access scanning now also available on FreeBSD (with Dazuko 2.0) |
|
17 |
+ + new directive: ArchiveDetectEncrypted |
|
18 |
+ + handle SIGHUP (re-open logfile), SIGUSR2 (reload database) |
|
19 |
+ |
|
20 |
+-) clamav-milter: |
|
21 |
+ + TCPWrappers support |
|
22 |
+ |
|
23 |
+-) libclamav: |
|
24 |
+ + support for MS Office documents (OLE2) and VBA macros decompression |
|
25 |
+ + support for encrypted archive detection |
|
26 |
+ + new flags: CL_OLE2, CL_ENCRYPTED (see clamdoc.pdf, Section 6.1) |
|
27 |
+ + improved support for mail files (especially bounces) |
|
28 |
+ + improved RAR support |
|
29 |
+ |
|
30 |
+-) clamscan: |
|
31 |
+ + new option: --detect-encrypted |
|
32 |
+ |
|
33 |
+-) freshclam |
|
34 |
+ + new option: --pid, -p (write pid file if run as daemon) |
|
35 |
+ + handle SIGHUP (re-open logfile), SIGTERM (terminate with log message), |
|
36 |
+ SIGALRM and SIGUSR1 (wake up and check mirror) |
|
37 |
+ + fixed bug with -u and -c handling |
|
38 |
+ |
|
39 |
+-) documentation: |
|
40 |
+ + new Polish documentation on ClamAV and Samba integration |
|
41 |
+ + official documentation updated |
|
42 |
+ |
|
43 |
+ |
|
44 |
+Special thanks to Dirk Mueller <mueller*kde.org> for the code review and |
|
45 |
+many bugfixes and cleanups. |
|
46 |
+ |
|
9 | 47 |
|
10 | 48 |
We are happy to announce new programs that support ClamAV (all of them |
11 |
-have been reviewed by us): |
|
49 |
+have been reviewed by our team): |
|
12 | 50 |
+ j-chkmail - a powerful filter for sendmail |
13 | 51 |
+ qscanq - Virus Scanning for Qmail |
14 | 52 |
+ clamavr - Ruby binding for ClamAV |
... | ... |
@@ -25,6 +63,9 @@ have been reviewed by us): |
25 | 25 |
+ Local Area Security - a Live CD Linux distribution |
26 | 26 |
|
27 | 27 |
|
28 |
+-- |
|
29 |
+The ClamAV team (http://www.clamav.net/team.html) |
|
30 |
+March 14, 2004 |
|
28 | 31 |
|
29 | 32 |
|
30 | 33 |
|
... | ... |
@@ -57,7 +57,7 @@ int checksymlink(const char *path) |
57 | 57 |
} |
58 | 58 |
|
59 | 59 |
/* :set nowrap, if you don't like this style ;)) */ |
60 |
-int dirscan(const char *dirname, char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan) |
|
60 |
+int dirscan(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan) |
|
61 | 61 |
{ |
62 | 62 |
DIR *dd; |
63 | 63 |
struct dirent *dent; |
... | ... |
@@ -132,7 +132,7 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_node |
132 | 132 |
{ |
133 | 133 |
struct stat sb; |
134 | 134 |
int ret = 0, reclev = 0; |
135 |
- char *virname; |
|
135 |
+ const char *virname; |
|
136 | 136 |
|
137 | 137 |
|
138 | 138 |
/* check permissions */ |
... | ... |
@@ -189,7 +189,8 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root |
189 | 189 |
int ret, portscan = CL_DEFAULT_MAXPORTSCAN, sockfd, port, acceptd, tmpd, bread, retval; |
190 | 190 |
long int size = 0, maxsize = 0; |
191 | 191 |
short bound = 0; |
192 |
- char *virname, buff[32768]; |
|
192 |
+ const char *virname; |
|
193 |
+ char buff[32768]; |
|
193 | 194 |
struct sockaddr_in server; |
194 | 195 |
struct cfgstruct *cpt; |
195 | 196 |
FILE *tmp = NULL; |
... | ... |
@@ -22,7 +22,7 @@ |
22 | 22 |
#include <clamav.h> |
23 | 23 |
#include "cfgfile.h" |
24 | 24 |
|
25 |
-int dirscan(const char *dirname, char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan); |
|
25 |
+int dirscan(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan); |
|
26 | 26 |
|
27 | 27 |
int scan(const char *filename, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, short contscan); |
28 | 28 |
|
... | ... |
@@ -118,7 +118,7 @@ void sighandler_th(int sig) |
118 | 118 |
|
119 | 119 |
static struct cl_node *reload_db(struct cl_node *root, const struct cfgstruct *copt, int do_check) |
120 | 120 |
{ |
121 |
- char *dbdir; |
|
121 |
+ const char *dbdir; |
|
122 | 122 |
int virnum=0, retval; |
123 | 123 |
struct cfgstruct *cpt; |
124 | 124 |
static struct cl_stat *dbstat=NULL; |
... | ... |
@@ -763,7 +763,7 @@ int scandirs(const char *dirname, struct cl_node *root, const struct passwd *use |
763 | 763 |
int checkfile(const char *filename, const struct cl_node *root, const struct cl_limits *limits, int options) |
764 | 764 |
{ |
765 | 765 |
int fd, ret; |
766 |
- char *virname; |
|
766 |
+ const char *virname; |
|
767 | 767 |
|
768 | 768 |
if((fd = open(filename, O_RDONLY)) == -1) { |
769 | 769 |
mprintf("@Can't open file %s\n", filename); |
... | ... |
@@ -794,7 +794,7 @@ int checkfile(const char *filename, const struct cl_node *root, const struct cl_ |
794 | 794 |
int checkstdin(const struct cl_node *root, const struct cl_limits *limits) |
795 | 795 |
{ |
796 | 796 |
int ret; |
797 |
- char *virname; |
|
797 |
+ const char *virname; |
|
798 | 798 |
|
799 | 799 |
|
800 | 800 |
claminfo.files++; |
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
.\" Manual page created by Tomasz Kojm, 20021001. |
2 |
-.TH "clamav.conf" "5" "November 11, 2003" "Tomasz Kojm" "Clam AntiVirus" |
|
2 |
+.TH "clamav.conf" "5" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus" |
|
3 | 3 |
.SH "NAME" |
4 | 4 |
.LP |
5 | 5 |
\fBclamav.conf\fR \- a configuration file for Clam AntiVirus Daemon |
... | ... |
@@ -44,17 +44,27 @@ Log time with each message. |
44 | 44 |
.br |
45 | 45 |
Default: disabled. |
46 | 46 |
.TP |
47 |
+\fBLogClean\fR |
|
48 |
+Log clean files. |
|
49 |
+.br |
|
50 |
+Default: disabled. |
|
51 |
+.TP |
|
47 | 52 |
\fBLogSyslog\fR |
48 | 53 |
Use system logger (can work together with LogFile). |
49 | 54 |
.br |
50 | 55 |
Default: disabled. |
51 | 56 |
.TP |
57 |
+\fBLogVerbose\fR |
|
58 |
+Enable verbose logging. |
|
59 |
+.br |
|
60 |
+Default: disabled. |
|
61 |
+.TP |
|
52 | 62 |
\fBPidFile STRING\fR |
53 | 63 |
Save a process identifier of a listening daemon (main thread) to a specified file. |
54 | 64 |
.br |
55 | 65 |
Default: disabled. |
56 | 66 |
.TP |
57 |
-\fBDataDirectory STRING\fR |
|
67 |
+\fBDatabaseDirectory STRING\fR |
|
58 | 68 |
Path to a directory containing database files. |
59 | 69 |
.br |
60 | 70 |
Default: hardcoded directory. |
... | ... |
@@ -149,6 +159,11 @@ Close the connection when this limit is exceeded. |
149 | 149 |
.br |
150 | 150 |
Default: disabled. |
151 | 151 |
.TP |
152 |
+\fBScanOLE2\fR |
|
153 |
+Enables scanning of Microsoft Office document macros. |
|
154 |
+.br |
|
155 |
+Default: enabled. |
|
156 |
+.TP |
|
152 | 157 |
\fBScanMail\fR |
153 | 158 |
Enable scanning of Mbox, Maildir and raw mail files. |
154 | 159 |
.br |
... | ... |
@@ -179,11 +194,21 @@ Number of files to be scanned within archive. Value of 0 disables the limit. |
179 | 179 |
.br |
180 | 180 |
Default: 1000 |
181 | 181 |
.TP |
182 |
+\fBArchiveMaxCompressionRatio NUMBER\fR |
|
183 |
+Analyze compression ratio and mark potential archive bombs as viruses (0 disables the limit). |
|
184 |
+.br |
|
185 |
+Default: 200 |
|
186 |
+.TP |
|
182 | 187 |
\fBArchiveLimitMemoryUsage\fR |
183 | 188 |
Use slower decompression algorithm which uses less memory. This option affects bzip2 decompressor only. |
184 | 189 |
.br |
185 | 190 |
Default: disabled |
186 | 191 |
.TP |
192 |
+\fBArchiveDetectEncrypted\fR |
|
193 |
+Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). |
|
194 |
+.br |
|
195 |
+Default: disabled |
|
196 |
+.TP |
|
187 | 197 |
\fBClamukoScanOnLine\fR |
188 | 198 |
Enable Clamuko \- on\-access scanner for Linux. Dazuko must be already running. |
189 | 199 |
.br |
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
.\" Manual page created by Tomasz Kojm, 14/15 IV 2002 |
2 |
-.TH "clamscan" "1" "February 20, 2004" "Tomasz Kojm" "Clam AntiVirus" |
|
2 |
+.TH "clamscan" "1" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus" |
|
3 | 3 |
.SH "NAME" |
4 | 4 |
.LP |
5 | 5 |
clamscan \- scan files and directories against viruses |
... | ... |
@@ -69,9 +69,15 @@ Move infected files into DIRECTORY. Directory must be writeable for the 'clamav' |
69 | 69 |
.TP |
70 | 70 |
EXTRACTION OPTIONS: |
71 | 71 |
.TP |
72 |
+\fB\-\-no\-ole2\fR |
|
73 |
+Disable support for Microsoft Office document files. |
|
74 |
+.TP |
|
72 | 75 |
\fB\-\-no\-archive\fR |
73 | 76 |
Disable archive support built in libclamav. |
74 | 77 |
.TP |
78 |
+\fB\-\-detect\-encrypted\fR |
|
79 |
+Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). |
|
80 |
+.TP |
|
75 | 81 |
\fB\-\-max\-files=#n\fR |
76 | 82 |
Extract first #n files from each archive. This option protects your system against DoS attacks (default: 500) |
77 | 83 |
.TP |
... | ... |
@@ -1,5 +1,5 @@ |
1 | 1 |
.\" Manual page created by Tomasz Kojm, 20020415 |
2 |
-.TH "freshclam" "1" "February 20, 2004" "Tomasz Kojm" "Clam AntiVirus" |
|
2 |
+.TH "freshclam" "1" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus" |
|
3 | 3 |
.SH "NAME" |
4 | 4 |
.LP |
5 | 5 |
freshclam \- update virus databases |
... | ... |
@@ -11,7 +11,7 @@ freshclam [options] |
11 | 11 |
freshclam updates the virus database. It's a part of the Clam AntiVirus package. It requires an Internet connection. |
12 | 12 |
.SH "OPTIONS" |
13 | 13 |
.LP |
14 |
-Freshclam reads its configuration from freshclam.conf. The settings will be overwritten with command line options. |
|
14 |
+Freshclam reads its configuration from freshclam.conf. The settings can be overwritten with command line options. |
|
15 | 15 |
.TP |
16 | 16 |
\fB\-h, \-\-help\fR |
17 | 17 |
Output help information and exit. |
... | ... |
@@ -40,6 +40,9 @@ Run as USER. By default (when started by root) freshclam drops privileges and wo |
40 | 40 |
\fB\-d, \-\-daemon\fR |
41 | 41 |
Run in a daemon mode. This option requires \-\-checks. |
42 | 42 |
.TP |
43 |
+\fB\-p FILE, \-\-pid=FILE\fR |
|
44 |
+Save daemon's pid in FILE. |
|
45 |
+.TP |
|
43 | 46 |
\fB\-c #n, \-\-checks=#n\fR |
44 | 47 |
Check #n times day for new database. #n must be between 1 and 50. |
45 | 48 |
.TP |
... | ... |
@@ -136,7 +136,7 @@ MaxDirectoryRecursion 15 |
136 | 136 |
## |
137 | 137 |
|
138 | 138 |
# This option enables scanning of Microsoft Office document macros. |
139 |
-#ScanOLE2 |
|
139 |
+ScanOLE2 |
|
140 | 140 |
|
141 | 141 |
## |
142 | 142 |
## Mail support |
... | ... |
@@ -186,7 +186,7 @@ ArchiveMaxCompressionRatio 200 |
186 | 186 |
# affects bzip2 decompressor only. |
187 | 187 |
#ArchiveLimitMemoryUsage |
188 | 188 |
|
189 |
-# Mark encrypted archives as viruses (currently only works with Zip archives) |
|
189 |
+# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). |
|
190 | 190 |
#ArchiveDetectEncrypted |
191 | 191 |
|
192 | 192 |
|
... | ... |
@@ -35,9 +35,14 @@ |
35 | 35 |
#include <pwd.h> |
36 | 36 |
#include <grp.h> |
37 | 37 |
|
38 |
+#if defined(CLAMD_USE_SYSLOG) && !defined(C_AIX) |
|
39 |
+#include <syslog.h> |
|
40 |
+#endif |
|
41 |
+ |
|
38 | 42 |
#include "options.h" |
39 | 43 |
#include "shared.h" |
40 | 44 |
#include "others.h" |
45 |
+#include "clamd/others.h" |
|
41 | 46 |
#include "manager.h" |
42 | 47 |
#include "defaults.h" |
43 | 48 |
#include "freshclam.h" |
... | ... |
@@ -167,9 +172,13 @@ int freshclam(struct optstruct *opt) |
167 | 167 |
mexit(0); |
168 | 168 |
} |
169 | 169 |
|
170 |
- |
|
171 | 170 |
/* initialize logger */ |
172 | 171 |
|
172 |
+ if(cfgopt(copt, "LogVerbose")) |
|
173 |
+ logverbose = 1; |
|
174 |
+ else |
|
175 |
+ logverbose = 0; |
|
176 |
+ |
|
173 | 177 |
if(optc(opt, 'l')) { |
174 | 178 |
logfile = getargc(opt, 'l'); |
175 | 179 |
if(logg("--------------------------------------\n")) { |
... | ... |
@@ -185,6 +194,15 @@ int freshclam(struct optstruct *opt) |
185 | 185 |
} else |
186 | 186 |
logfile = NULL; |
187 | 187 |
|
188 |
+#if defined(CLAMD_USE_SYSLOG) && !defined(C_AIX) |
|
189 |
+ if((cpt = cfgopt(copt, "LogSyslog"))) { |
|
190 |
+ openlog("freshclam", LOG_PID, LOG_LOCAL6); |
|
191 |
+ use_syslog = 1; |
|
192 |
+ syslog(LOG_INFO, "Freshclam started.\n"); |
|
193 |
+ } else |
|
194 |
+ use_syslog = 0; |
|
195 |
+#endif |
|
196 |
+ |
|
188 | 197 |
/* change the current working directory */ |
189 | 198 |
if(optl(opt, "datadir")) { |
190 | 199 |
newdir = getargl(opt, "datadir"); |
... | ... |
@@ -375,7 +393,7 @@ void help(void) |
375 | 375 |
mprintf(" --config-file=FILE read configuration from FILE.\n"); |
376 | 376 |
mprintf(" --log=FILE -l FILE log into FILE\n"); |
377 | 377 |
mprintf(" --daemon -d run in daemon mode\n"); |
378 |
- mprintf(" --pid -p FILE save daemon's pid in FILE\n"); |
|
378 |
+ mprintf(" --pid=FILE -p FILE save daemon's pid in FILE\n"); |
|
379 | 379 |
mprintf(" --user=USER -u USER run as USER\n"); |
380 | 380 |
mprintf(" --checks=#n -c #n number of checks per day, 1 <= n <= 50\n"); |
381 | 381 |
mprintf(" --datadir=DIRECTORY download new databases into DIRECTORY\n"); |