-/* $Cambridge: exim/src/src/malware.c,v 1.7 2005/02/17 11:58:26 ph10 Exp $ */
+/* $Cambridge: exim/src/src/malware.c,v 1.8 2005/05/24 08:15:02 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
return DEFER;
};
- /* "drweb" scanner type ----------------------------------------------- */
- /* v0.1 - added support for tcp sockets */
- /* v0.0 - initial release -- support for unix sockets */
- if (strcmpic(scanner_name,US"drweb") == 0) {
- uschar *drweb_options;
- uschar drweb_options_buffer[1024];
- uschar drweb_options_default[] = "/usr/local/drweb/run/drwebd.sock";
- struct sockaddr_un server;
- int sock, result, ovector[30];
- unsigned int port, fsize;
- uschar tmpbuf[1024], *drweb_fbuf;
- uschar scanrequest[1024];
- uschar drweb_match_string[128];
- int drweb_rc, drweb_cmd, drweb_flags = 0x0000, drweb_fd,
- drweb_vnum, drweb_slen, drweb_fin = 0x0000;
- unsigned long bread;
- uschar hostname[256];
- struct hostent *he;
- struct in_addr in;
- pcre *drweb_re;
-
- if ((drweb_options = string_nextinlist(&av_scanner_work, &sep,
- drweb_options_buffer, sizeof(drweb_options_buffer))) == NULL) {
- /* no options supplied, use default options */
- drweb_options = drweb_options_default;
- };
-
- if (*drweb_options != '/') {
-
- /* extract host and port part */
- if( sscanf(CS drweb_options, "%s %u", hostname, &port) != 2 ) {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: invalid socket '%s'", drweb_options);
- return DEFER;
- }
-
- /* Lookup the host */
- if((he = gethostbyname(CS hostname)) == 0) {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: failed to lookup host '%s'", hostname);
- return DEFER;
- }
-
- in = *(struct in_addr *) he->h_addr_list[0];
-
- /* Open the drwebd TCP socket */
- if ( (sock = ip_socket(SOCK_STREAM, AF_INET)) < 0) {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: unable to acquire socket (%s)",
- strerror(errno));
- return DEFER;
- }
-
- if (ip_connect(sock, AF_INET, (uschar*)inet_ntoa(in), port, 5) < 0) {
- close(sock);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: connection to %s, port %u failed (%s)",
- inet_ntoa(in), port, strerror(errno));
- return DEFER;
- }
-
- /* prepare variables */
- drweb_cmd = htonl(DRWEBD_SCAN_CMD);
- drweb_flags = htonl(DRWEBD_RETURN_VIRUSES | DRWEBD_IS_MAIL);
- snprintf(CS scanrequest, 1024,CS"%s/scan/%s/%s.eml",
- spool_directory, message_id, message_id);
-
- /* calc file size */
- drweb_fd = open(CS scanrequest, O_RDONLY);
- if (drweb_fd == -1) {
- close(sock);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: can't open spool file %s: %s",
- scanrequest, strerror(errno));
- return DEFER;
- }
- fsize = lseek(drweb_fd, 0, SEEK_END);
- if (fsize == -1) {
- close(sock);
- close(drweb_fd);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: can't seek spool file %s: %s",
- scanrequest, strerror(errno));
- return DEFER;
- }
- drweb_slen = htonl(fsize);
- lseek(drweb_fd, 0, SEEK_SET);
-
- /* send scan request */
- if ((send(sock, &drweb_cmd, sizeof(drweb_cmd), 0) < 0) ||
- (send(sock, &drweb_flags, sizeof(drweb_flags), 0) < 0) ||
- (send(sock, &drweb_fin, sizeof(drweb_fin), 0) < 0) ||
- (send(sock, &drweb_slen, sizeof(drweb_slen), 0) < 0)) {
- close(sock);
- close(drweb_fd);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: unable to send commands to socket (%s)", drweb_options);
- return DEFER;
- }
-
- drweb_fbuf = (uschar *) malloc (fsize);
- if (!drweb_fbuf) {
- close(sock);
- close(drweb_fd);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: unable to allocate memory %u for file (%s)",
- fsize, scanrequest);
- return DEFER;
- }
-
- result = read (drweb_fd, drweb_fbuf, fsize);
- if (result == -1) {
- close(sock);
- close(drweb_fd);
- free(drweb_fbuf);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: can't read spool file %s: %s",
- scanrequest, strerror(errno));
- return DEFER;
- }
- close(drweb_fd);
-
- /* send file body to socket */
- if (send(sock, drweb_fbuf, fsize, 0) < 0) {
- close(sock);
- free(drweb_fbuf);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: unable to send file body to socket (%s)", drweb_options);
- return DEFER;
- }
- close(drweb_fd);
- }
- else {
- /* open the drwebd UNIX socket */
- sock = socket(AF_UNIX, SOCK_STREAM, 0);
- if (sock < 0) {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: can't open UNIX socket");
- return DEFER;
- }
- server.sun_family = AF_UNIX;
- Ustrcpy(server.sun_path, drweb_options);
- if (connect(sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) {
- close(sock);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: unable to connect to socket (%s). errno=%d", drweb_options, errno);
- return DEFER;
- }
-
- /* prepare variables */
- drweb_cmd = htonl(DRWEBD_SCAN_CMD);
- drweb_flags = htonl(DRWEBD_RETURN_VIRUSES | DRWEBD_IS_MAIL);
- snprintf(CS scanrequest, 1024,CS"%s/scan/%s/%s.eml", spool_directory, message_id, message_id);
- drweb_slen = htonl(Ustrlen(scanrequest));
-
- /* send scan request */
- if ((send(sock, &drweb_cmd, sizeof(drweb_cmd), 0) < 0) ||
- (send(sock, &drweb_flags, sizeof(drweb_flags), 0) < 0) ||
- (send(sock, &drweb_slen, sizeof(drweb_slen), 0) < 0) ||
- (send(sock, scanrequest, Ustrlen(scanrequest), 0) < 0) ||
- (send(sock, &drweb_fin, sizeof(drweb_fin), 0) < 0)) {
- close(sock);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: unable to send commands to socket (%s)", drweb_options);
- return DEFER;
- }
- }
-
- /* wait for result */
- if ((bread = recv(sock, &drweb_rc, sizeof(drweb_rc), 0) != sizeof(drweb_rc))) {
- close(sock);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: unable to read return code");
- return DEFER;
- }
- drweb_rc = ntohl(drweb_rc);
-
- if ((bread = recv(sock, &drweb_vnum, sizeof(drweb_vnum), 0) != sizeof(drweb_vnum))) {
- close(sock);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: unable to read the number of viruses");
- return DEFER;
- }
- drweb_vnum = ntohl(drweb_vnum);
-
- /* "virus(es) found" if virus number is > 0 */
- if (drweb_vnum)
- {
- int i;
- uschar pre_malware_nb[256];
-
- malware_name = malware_name_buffer;
-
- /* setup default virus name */
- Ustrcpy(malware_name_buffer,"unknown");
-
- /* read and concatenate virus names into one string */
- for (i=0;i<drweb_vnum;i++)
- {
- /* read the size of report */
- if ((bread = recv(sock, &drweb_slen, sizeof(drweb_slen), 0) != sizeof(drweb_slen))) {
- close(sock);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: cannot read report size");
- return DEFER;
- };
- drweb_slen = ntohl(drweb_slen);
-
- /* read report body */
- if ((bread = recv(sock, tmpbuf, drweb_slen, 0)) != drweb_slen) {
- close(sock);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: cannot read report string");
- return DEFER;
- };
- tmpbuf[drweb_slen] = '\0';
-
- /* set up match regex, depends on retcode */
- Ustrcpy(drweb_match_string, "infected\\swith\\s*(.+?)$");
-
- drweb_re = pcre_compile( CS drweb_match_string,
- PCRE_COPT,
- (const char **)&rerror,
- &roffset,
- NULL );
-
- /* try matcher on the line, grab substring */
- result = pcre_exec(drweb_re, NULL, CS tmpbuf, Ustrlen(tmpbuf), 0, 0, ovector, 30);
- if (result >= 2) {
- pcre_copy_substring(CS tmpbuf, ovector, result, 1, CS pre_malware_nb, 255);
- }
- /* the first name we just copy to malware_name */
- if (i==0)
- Ustrcpy(CS malware_name_buffer, CS pre_malware_nb);
- else {
- /* concatenate each new virus name to previous */
- int slen = Ustrlen(malware_name_buffer);
- if (slen < (slen+Ustrlen(pre_malware_nb))) {
- Ustrcat(malware_name_buffer, "/");
- Ustrcat(malware_name_buffer, pre_malware_nb);
- }
- }
- }
- }
- else {
- char *drweb_s = NULL;
-
- if (drweb_rc & DERR_READ_ERR) drweb_s = "read error";
- if (drweb_rc & DERR_NOMEMORY) drweb_s = "no memory";
- if (drweb_rc & DERR_TIMEOUT) drweb_s = "timeout";
- if (drweb_rc & DERR_BAD_CALL) drweb_s = "wrong command";
- /* retcodes DERR_SYMLINK, DERR_NO_REGFILE, DERR_SKIPPED.
- * DERR_TOO_BIG, DERR_TOO_COMPRESSED, DERR_SPAM,
- * DERR_CRC_ERROR, DERR_READSOCKET, DERR_WRITE_ERR
- * and others are ignored */
- if (drweb_s) {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: drweb: drweb daemon retcode 0x%x (%s)", drweb_rc, drweb_s);
- close(sock);
- return DEFER;
- }
- /* no virus found */
- malware_name = NULL;
- };
- close(sock);
- }
- /* ----------------------------------------------------------------------- */
+ /* "drweb" scanner type ----------------------------------------------- */
+ /* v0.1 - added support for tcp sockets */
+ /* v0.0 - initial release -- support for unix sockets */
+ if (strcmpic(scanner_name,US"drweb") == 0) {
+ uschar *drweb_options;
+ uschar drweb_options_buffer[1024];
+ uschar drweb_options_default[] = "/usr/local/drweb/run/drwebd.sock";
+ struct sockaddr_un server;
+ int sock, result, ovector[30];
+ unsigned int port, fsize;
+ uschar tmpbuf[1024], *drweb_fbuf;
+ uschar scanrequest[1024];
+ uschar drweb_match_string[128];
+ int drweb_rc, drweb_cmd, drweb_flags = 0x0000, drweb_fd,
+ drweb_vnum, drweb_slen, drweb_fin = 0x0000;
+ unsigned long bread;
+ uschar hostname[256];
+ struct hostent *he;
+ struct in_addr in;
+ pcre *drweb_re;
+
+ if ((drweb_options = string_nextinlist(&av_scanner_work, &sep,
+ drweb_options_buffer, sizeof(drweb_options_buffer))) == NULL) {
+ /* no options supplied, use default options */
+ drweb_options = drweb_options_default;
+ };
+
+ if (*drweb_options != '/') {
+
+ /* extract host and port part */
+ if( sscanf(CS drweb_options, "%s %u", hostname, &port) != 2 ) {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: invalid socket '%s'", drweb_options);
+ return DEFER;
+ }
+
+ /* Lookup the host */
+ if((he = gethostbyname(CS hostname)) == 0) {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: failed to lookup host '%s'", hostname);
+ return DEFER;
+ }
+
+ in = *(struct in_addr *) he->h_addr_list[0];
+
+ /* Open the drwebd TCP socket */
+ if ( (sock = ip_socket(SOCK_STREAM, AF_INET)) < 0) {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: unable to acquire socket (%s)",
+ strerror(errno));
+ return DEFER;
+ }
+
+ if (ip_connect(sock, AF_INET, (uschar*)inet_ntoa(in), port, 5) < 0) {
+ close(sock);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: connection to %s, port %u failed (%s)",
+ inet_ntoa(in), port, strerror(errno));
+ return DEFER;
+ }
+
+ /* prepare variables */
+ drweb_cmd = htonl(DRWEBD_SCAN_CMD);
+ drweb_flags = htonl(DRWEBD_RETURN_VIRUSES | DRWEBD_IS_MAIL);
+ snprintf(CS scanrequest, 1024,CS"%s/scan/%s/%s.eml",
+ spool_directory, message_id, message_id);
+
+ /* calc file size */
+ drweb_fd = open(CS scanrequest, O_RDONLY);
+ if (drweb_fd == -1) {
+ close(sock);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: can't open spool file %s: %s",
+ scanrequest, strerror(errno));
+ return DEFER;
+ }
+ fsize = lseek(drweb_fd, 0, SEEK_END);
+ if (fsize == -1) {
+ close(sock);
+ close(drweb_fd);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: can't seek spool file %s: %s",
+ scanrequest, strerror(errno));
+ return DEFER;
+ }
+ drweb_slen = htonl(fsize);
+ lseek(drweb_fd, 0, SEEK_SET);
+
+ /* send scan request */
+ if ((send(sock, &drweb_cmd, sizeof(drweb_cmd), 0) < 0) ||
+ (send(sock, &drweb_flags, sizeof(drweb_flags), 0) < 0) ||
+ (send(sock, &drweb_fin, sizeof(drweb_fin), 0) < 0) ||
+ (send(sock, &drweb_slen, sizeof(drweb_slen), 0) < 0)) {
+ close(sock);
+ close(drweb_fd);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: unable to send commands to socket (%s)", drweb_options);
+ return DEFER;
+ }
+
+ drweb_fbuf = (uschar *) malloc (fsize);
+ if (!drweb_fbuf) {
+ close(sock);
+ close(drweb_fd);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: unable to allocate memory %u for file (%s)",
+ fsize, scanrequest);
+ return DEFER;
+ }
+
+ result = read (drweb_fd, drweb_fbuf, fsize);
+ if (result == -1) {
+ close(sock);
+ close(drweb_fd);
+ free(drweb_fbuf);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: can't read spool file %s: %s",
+ scanrequest, strerror(errno));
+ return DEFER;
+ }
+ close(drweb_fd);
+
+ /* send file body to socket */
+ if (send(sock, drweb_fbuf, fsize, 0) < 0) {
+ close(sock);
+ free(drweb_fbuf);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: unable to send file body to socket (%s)", drweb_options);
+ return DEFER;
+ }
+ close(drweb_fd);
+ }
+ else {
+ /* open the drwebd UNIX socket */
+ sock = socket(AF_UNIX, SOCK_STREAM, 0);
+ if (sock < 0) {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: can't open UNIX socket");
+ return DEFER;
+ }
+ server.sun_family = AF_UNIX;
+ Ustrcpy(server.sun_path, drweb_options);
+ if (connect(sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) {
+ close(sock);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: unable to connect to socket (%s). errno=%d", drweb_options, errno);
+ return DEFER;
+ }
+
+ /* prepare variables */
+ drweb_cmd = htonl(DRWEBD_SCAN_CMD);
+ drweb_flags = htonl(DRWEBD_RETURN_VIRUSES | DRWEBD_IS_MAIL);
+ snprintf(CS scanrequest, 1024,CS"%s/scan/%s/%s.eml", spool_directory, message_id, message_id);
+ drweb_slen = htonl(Ustrlen(scanrequest));
+
+ /* send scan request */
+ if ((send(sock, &drweb_cmd, sizeof(drweb_cmd), 0) < 0) ||
+ (send(sock, &drweb_flags, sizeof(drweb_flags), 0) < 0) ||
+ (send(sock, &drweb_slen, sizeof(drweb_slen), 0) < 0) ||
+ (send(sock, scanrequest, Ustrlen(scanrequest), 0) < 0) ||
+ (send(sock, &drweb_fin, sizeof(drweb_fin), 0) < 0)) {
+ close(sock);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: unable to send commands to socket (%s)", drweb_options);
+ return DEFER;
+ }
+ }
+
+ /* wait for result */
+ if ((bread = recv(sock, &drweb_rc, sizeof(drweb_rc), 0) != sizeof(drweb_rc))) {
+ close(sock);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: unable to read return code");
+ return DEFER;
+ }
+ drweb_rc = ntohl(drweb_rc);
+
+ if ((bread = recv(sock, &drweb_vnum, sizeof(drweb_vnum), 0) != sizeof(drweb_vnum))) {
+ close(sock);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: unable to read the number of viruses");
+ return DEFER;
+ }
+ drweb_vnum = ntohl(drweb_vnum);
+
+ /* "virus(es) found" if virus number is > 0 */
+ if (drweb_vnum)
+ {
+ int i;
+ uschar pre_malware_nb[256];
+
+ malware_name = malware_name_buffer;
+
+ /* setup default virus name */
+ Ustrcpy(malware_name_buffer,"unknown");
+
+ /* read and concatenate virus names into one string */
+ for (i=0;i<drweb_vnum;i++)
+ {
+ /* read the size of report */
+ if ((bread = recv(sock, &drweb_slen, sizeof(drweb_slen), 0) != sizeof(drweb_slen))) {
+ close(sock);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: cannot read report size");
+ return DEFER;
+ };
+ drweb_slen = ntohl(drweb_slen);
+
+ /* read report body */
+ if ((bread = recv(sock, tmpbuf, drweb_slen, 0)) != drweb_slen) {
+ close(sock);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: cannot read report string");
+ return DEFER;
+ };
+ tmpbuf[drweb_slen] = '\0';
+
+ /* set up match regex, depends on retcode */
+ Ustrcpy(drweb_match_string, "infected\\swith\\s*(.+?)$");
+
+ drweb_re = pcre_compile( CS drweb_match_string,
+ PCRE_COPT,
+ (const char **)&rerror,
+ &roffset,
+ NULL );
+
+ /* try matcher on the line, grab substring */
+ result = pcre_exec(drweb_re, NULL, CS tmpbuf, Ustrlen(tmpbuf), 0, 0, ovector, 30);
+ if (result >= 2) {
+ pcre_copy_substring(CS tmpbuf, ovector, result, 1, CS pre_malware_nb, 255);
+ }
+ /* the first name we just copy to malware_name */
+ if (i==0)
+ Ustrcpy(CS malware_name_buffer, CS pre_malware_nb);
+ else {
+ /* concatenate each new virus name to previous */
+ int slen = Ustrlen(malware_name_buffer);
+ if (slen < (slen+Ustrlen(pre_malware_nb))) {
+ Ustrcat(malware_name_buffer, "/");
+ Ustrcat(malware_name_buffer, pre_malware_nb);
+ }
+ }
+ }
+ }
+ else {
+ char *drweb_s = NULL;
+
+ if (drweb_rc & DERR_READ_ERR) drweb_s = "read error";
+ if (drweb_rc & DERR_NOMEMORY) drweb_s = "no memory";
+ if (drweb_rc & DERR_TIMEOUT) drweb_s = "timeout";
+ if (drweb_rc & DERR_BAD_CALL) drweb_s = "wrong command";
+ /* retcodes DERR_SYMLINK, DERR_NO_REGFILE, DERR_SKIPPED.
+ * DERR_TOO_BIG, DERR_TOO_COMPRESSED, DERR_SPAM,
+ * DERR_CRC_ERROR, DERR_READSOCKET, DERR_WRITE_ERR
+ * and others are ignored */
+ if (drweb_s) {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: drweb: drweb daemon retcode 0x%x (%s)", drweb_rc, drweb_s);
+ close(sock);
+ return DEFER;
+ }
+ /* no virus found */
+ malware_name = NULL;
+ };
+ close(sock);
+ }
+ /* ----------------------------------------------------------------------- */
else if (strcmpic(scanner_name,US"aveserver") == 0) {
uschar *kav_options;
uschar kav_options_buffer[1024];
return DEFER;
}
- snprintf(CS scanrequest, 1024,CS"%s/scan/%s/%s.eml",
- spool_directory, message_id, message_id);
-
- /* calc file size */
- clam_fd = open(CS scanrequest, O_RDONLY);
- if (clam_fd == -1) {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: clamd: can't open spool file %s: %s",
- scanrequest, strerror(errno));
- return DEFER;
- }
- fsize = lseek(clam_fd, 0, SEEK_END);
- if (fsize == -1) {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: clamd: can't seek spool file %s: %s",
- scanrequest, strerror(errno));
- return DEFER;
- }
- lseek(clam_fd, 0, SEEK_SET);
-
- clamav_fbuf = (uschar *) malloc (fsize);
- if (!clamav_fbuf) {
- close(sockData);
- close(clam_fd);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: clamd: unable to allocate memory %u for file (%s)",
- fsize, scanrequest);
- return DEFER;
- }
-
- result = read (clam_fd, clamav_fbuf, fsize);
- if (result == -1) {
- close(sockData);
- close(clam_fd);
- free(clamav_fbuf);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: clamd: can't read spool file %s: %s",
- scanrequest, strerror(errno));
- return DEFER;
- }
- close(clam_fd);
-
- /* send file body to socket */
- if (send(sockData, clamav_fbuf, fsize, 0) < 0) {
- close(sockData);
- free(clamav_fbuf);
- log_write(0, LOG_MAIN|LOG_PANIC,
- "malware acl condition: clamd: unable to send file body to socket (%s:%u)", hostname, port);
- return DEFER;
- }
- free(clamav_fbuf);
+ snprintf(CS scanrequest, 1024,CS"%s/scan/%s/%s.eml",
+ spool_directory, message_id, message_id);
+
+ /* calc file size */
+ clam_fd = open(CS scanrequest, O_RDONLY);
+ if (clam_fd == -1) {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: clamd: can't open spool file %s: %s",
+ scanrequest, strerror(errno));
+ return DEFER;
+ }
+ fsize = lseek(clam_fd, 0, SEEK_END);
+ if (fsize == -1) {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: clamd: can't seek spool file %s: %s",
+ scanrequest, strerror(errno));
+ return DEFER;
+ }
+ lseek(clam_fd, 0, SEEK_SET);
+
+ clamav_fbuf = (uschar *) malloc (fsize);
+ if (!clamav_fbuf) {
+ close(sockData);
+ close(clam_fd);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: clamd: unable to allocate memory %u for file (%s)",
+ fsize, scanrequest);
+ return DEFER;
+ }
+
+ result = read (clam_fd, clamav_fbuf, fsize);
+ if (result == -1) {
+ close(sockData);
+ close(clam_fd);
+ free(clamav_fbuf);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: clamd: can't read spool file %s: %s",
+ scanrequest, strerror(errno));
+ return DEFER;
+ }
+ close(clam_fd);
+
+ /* send file body to socket */
+ if (send(sockData, clamav_fbuf, fsize, 0) < 0) {
+ close(sockData);
+ free(clamav_fbuf);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "malware acl condition: clamd: unable to send file body to socket (%s:%u)", hostname, port);
+ return DEFER;
+ }
+ free(clamav_fbuf);
close(sockData);
}
}
/* Check the result. ClamAV Returns
infected: -> "<filename>: <virusname> FOUND"
not-infected: -> "<filename>: OK"
- error: -> "<filename>: <errcode> ERROR */
+ error: -> "<filename>: <errcode> ERROR */
if (!(*av_buffer)) {
log_write(0, LOG_MAIN|LOG_PANIC,
mksd_options_buffer,
sizeof(mksd_options_buffer))) != NULL) {
mksd_maxproc = (int) strtol(CS mksd_options, &mksd_options_end, 10);
- if ((*mksd_options == '\0') || (*mksd_options_end != '\0') ||
- (mksd_maxproc < 1) || (mksd_maxproc > 32)) {
+ if ((*mksd_options == '\0') || (*mksd_options_end != '\0') ||
+ (mksd_maxproc < 1) || (mksd_maxproc > 32)) {
log_write(0, LOG_MAIN|LOG_PANIC,
"malware acl condition: mksd: invalid option '%s'", mksd_options);
return DEFER;
if (((p = strchr (line+4, ' ')) != NULL) && ((p-line) > 4)) {
(*p) = '\0';
Ustrcpy (malware_name_buffer, line+4);
- malware_name = malware_name_buffer;
+ malware_name = malware_name_buffer;
return OK;
}
}
-/* $Cambridge: exim/src/src/srs.c,v 1.4 2005/02/17 11:58:26 ph10 Exp $ */
+/* $Cambridge: exim/src/src/srs.c,v 1.5 2005/05/24 08:15:02 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
/* SRS - Sender rewriting scheme support
- ©2004 Miles Wilton <miles@mirtol.com>
+ (C)2004 Miles Wilton <miles@mirtol.com>
+
+ SRS Support Version: 1.0a
+
License: GPL */
#include "exim.h"
int eximsrs_init()
{
- int co;
uschar *list = srs_config;
- char secret_buf[SRS_MAX_SECRET_LENGTH];
- char *secret;
- char sbuf[4];
- char *sbufp;
- int hashlen, maxage;
+ uschar secret_buf[SRS_MAX_SECRET_LENGTH];
+ uschar *secret;
+ uschar sbuf[4];
+ uschar *sbufp;
-
- if(!srs)
+ // Check if this instance of Exim has not initialized SRS
+ if(srs == NULL)
{
- /* Check config */
- if(!srs_config)
+ int co = 0;
+ int hashlen, maxage;
+ BOOL usetimestamp, usehash;
+
+ /* Copy config vars */
+ hashlen = srs_hashlength;
+ maxage = srs_maxage;
+ usetimestamp = srs_usetimestamp;
+ usehash = srs_usehash;
+
+ /* Pass srs_config var (overrides new config vars) */
+ co = 0;
+ if(srs_config != NULL)
{
- log_write(0, LOG_MAIN | LOG_PANIC,
- "SRS Configuration Error");
- return DEFER;
+ secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH);
+
+ if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
+ maxage = atoi(sbuf);
+
+ if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
+ hashlen = atoi(sbuf);
+
+ if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
+ usetimestamp = atoi(sbuf);
+
+ if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
+ usehash = atoi(sbuf);
}
- /* Get config */
+ if(srs_hashmin == -1)
+ srs_hashmin = hashlen;
+
+ /* First secret specified in secrets? */
co = 0;
- if((secret = string_nextinlist(&list, &co, secret_buf,
- SRS_MAX_SECRET_LENGTH)) == NULL)
+ list = srs_secrets;
+ if(secret == NULL)
{
- log_write(0, LOG_MAIN | LOG_PANIC,
- "SRS Configuration Error: No secret specified");
- return DEFER;
+ if((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)) == NULL)
+ {
+ log_write(0, LOG_MAIN | LOG_PANIC,
+ "SRS Configuration Error: No secret specified");
+ return DEFER;
+ }
}
- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) == NULL)
- maxage = 31;
- else
- maxage = atoi(sbuf);
+ /* Check config */
if(maxage < 0 || maxage > 365)
{
log_write(0, LOG_MAIN | LOG_PANIC,
"SRS Configuration Error: Invalid maximum timestamp age");
return DEFER;
}
-
- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) == NULL)
- hashlen = 6;
- else
- hashlen = atoi(sbuf);
- if(hashlen < 1 || hashlen > 20)
+ if(hashlen < 1 || hashlen > 20 || srs_hashmin < 1 || srs_hashmin > 20)
{
log_write(0, LOG_MAIN | LOG_PANIC,
"SRS Configuration Error: Invalid hash length");
return DEFER;
}
-
- if((srs = srs_open(secret, strnlen(secret, SRS_MAX_SECRET_LENGTH),
- maxage, hashlen, hashlen)) == NULL)
+ if((srs = srs_open(secret, Ustrlen(secret), maxage, hashlen, srs_hashmin)) == NULL)
{
log_write(0, LOG_MAIN | LOG_PANIC,
"Failed to allocate SRS memory");
return DEFER;
}
+ srs_set_option(srs, SRS_OPTION_USETIMESTAMP, usetimestamp);
+ srs_set_option(srs, SRS_OPTION_USEHASH, usehash);
- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
- srs_set_option(srs, SRS_OPTION_USETIMESTAMP, atoi(sbuf));
-
- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
- srs_set_option(srs, SRS_OPTION_USEHASH, atoi(sbuf));
+ /* Extra secrets? */
+ while((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)) != NULL)
+ srs_add_secret(srs, secret, strnlen(secret, SRS_MAX_SECRET_LENGTH));
DEBUG(D_any)
debug_printf("SRS initialized\n");
int eximsrs_done()
{
- if(srs)
+ if(srs != NULL)
srs_close(srs);
srs = NULL;
int eximsrs_db_set(BOOL reverse, uschar *srs_db)
{
if(reverse)
- srs_db_reverse = string_copy(srs_db);
+ srs_db_reverse = (srs_db == NULL ? NULL : string_copy(srs_db));
else
- srs_db_forward = string_copy(srs_db);
+ srs_db_forward = (srs_db == NULL ? NULL : string_copy(srs_db));
- if(srs_set_db_functions(srs, eximsrs_db_insert, eximsrs_db_lookup) * SRS_RESULT_FAIL)
+ if(srs_set_db_functions(srs, (srs_db_forward ? eximsrs_db_insert : NULL),
+ (srs_db_reverse ? eximsrs_db_lookup : NULL)) & SRS_RESULT_FAIL)
return DEFER;
return OK;
srs_result eximsrs_db_insert(srs_t *srs, char *data, uint data_len, char *result, uint result_len)
{
uschar *res;
- char buf[64];
+ uschar buf[64];
+
+ if(srs_db_forward == NULL)
+ return SRS_RESULT_DBERROR;
srs_db_address = string_copyn(data, data_len);
if(srs_generate_unique_id(srs, srs_db_address, buf, 64) & SRS_RESULT_FAIL)
- return DEFER;
+ return SRS_RESULT_DBERROR;
srs_db_key = string_copyn(buf, 16);
if(result_len < 17)
return SRS_RESULT_DBERROR;
- strncpy(result, srs_db_key, result_len);
+ Ustrncpy(result, srs_db_key, result_len);
return SRS_RESULT_OK;
}
{
uschar *res;
+ if(srs_db_reverse == NULL)
+ return SRS_RESULT_DBERROR;
+
srs_db_key = string_copyn(data, data_len);
if((res = expand_string(srs_db_reverse)) == NULL)
return SRS_RESULT_DBERROR;
git://git.exim.org / exim.git / commitdiff