/* Precompile some regex that are used to recognize parameters in response
to an EHLO command, if they aren't already compiled. */
- if (regex_PIPELINING == NULL) regex_PIPELINING =
- regex_must_compile(US"\\n250[\\s\\-]PIPELINING(\\s|\\n|$)", FALSE, TRUE);
-
- if (regex_SIZE == NULL) regex_SIZE =
- regex_must_compile(US"\\n250[\\s\\-]SIZE(\\s|\\n|$)", FALSE, TRUE);
-
- if (regex_AUTH == NULL) regex_AUTH =
- regex_must_compile(US"\\n250[\\s\\-]AUTH\\s+([\\-\\w\\s]+)(?:\\n|$)",
- FALSE, TRUE);
-
-#ifdef SUPPORT_TLS
- if (regex_STARTTLS == NULL) regex_STARTTLS =
- regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE);
-#endif
-
-#ifndef DISABLE_PRDR
- if (regex_PRDR == NULL) regex_PRDR =
- regex_must_compile(US"\\n250[\\s\\-]PRDR(\\s|\\n|$)", FALSE, TRUE);
-#endif
-
- /* Set the regex to check for DSN support on remote MTA */
- if (regex_DSN == NULL) regex_DSN =
- regex_must_compile(US"\\n250[\\s\\-]DSN(\\s|\\n|$)", FALSE, TRUE);
+ deliver_init();
/* Now sort the addresses if required, and do the deliveries. The yield of
do_remote_deliveries is FALSE when mua_wrapper is set and all addresses
return final_yield;
}
+
+
+void
+deliver_init(void)
+{
+if (!regex_PIPELINING) regex_PIPELINING =
+ regex_must_compile(US"\\n250[\\s\\-]PIPELINING(\\s|\\n|$)", FALSE, TRUE);
+
+if (!regex_SIZE) regex_SIZE =
+ regex_must_compile(US"\\n250[\\s\\-]SIZE(\\s|\\n|$)", FALSE, TRUE);
+
+if (!regex_AUTH) regex_AUTH =
+ regex_must_compile(US"\\n250[\\s\\-]AUTH\\s+([\\-\\w\\s]+)(?:\\n|$)",
+ FALSE, TRUE);
+
+#ifdef SUPPORT_TLS
+if (!regex_STARTTLS) regex_STARTTLS =
+ regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE);
+#endif
+
+#ifndef DISABLE_PRDR
+if (!regex_PRDR) regex_PRDR =
+ regex_must_compile(US"\\n250[\\s\\-]PRDR(\\s|\\n|$)", FALSE, TRUE);
+#endif
+
+if (!regex_DSN) regex_DSN =
+ regex_must_compile(US"\\n250[\\s\\-]DSN(\\s|\\n|$)", FALSE, TRUE);
+
+if (!regex_IGNOREQUOTA) regex_IGNOREQUOTA =
+ regex_must_compile(US"\\n250[\\s\\-]IGNOREQUOTA(\\s|\\n|$)", FALSE, TRUE);
+}
+
+
/* vi: aw ai sw=2
*/
/* End of deliver.c */
extern void decode_bits(unsigned int *, unsigned int *,
int, int, uschar *, bit_table *, int, uschar *, int);
extern address_item *deliver_make_addr(uschar *, BOOL);
+extern void deliver_init(void);
extern void delivery_log(int, address_item *, int, uschar *);
extern int deliver_message(uschar *, BOOL, BOOL);
extern void deliver_msglog(const char *, ...) PRINTF_FUNCTION(1,2);
int, uschar *, uschar *, uschar *, uschar *, uschar *, uschar *);
#endif
extern dns_address *dns_address_from_rr(dns_answer *, dns_record *);
+extern int dns_basic_lookup(dns_answer *, const uschar *, int);
extern void dns_build_reverse(uschar *, uschar *);
extern void dns_init(BOOL, BOOL, BOOL);
-extern int dns_basic_lookup(dns_answer *, const uschar *, int);
extern BOOL dns_is_secure(const dns_answer *);
extern int dns_lookup(dns_answer *, const uschar *, int, uschar **);
+extern void dns_pattern_init(void);
extern int dns_special_lookup(dns_answer *, const uschar *, int, uschar **);
extern dns_record *dns_next_rr(dns_answer *, dns_scan *, int);
extern uschar *dns_text_type(int);
#ifdef WITH_CONTENT_SCAN
extern int malware(const uschar *, int);
extern int malware_in_file(uschar *);
+extern void malware_init(void);
#endif
extern int match_address_list(uschar *, BOOL, BOOL, uschar **,
unsigned int *, int, int, uschar **);
extern int regex(uschar **);
#endif
extern BOOL regex_match_and_setup(const pcre *, const uschar *, int, int);
-extern const pcre *regex_must_compile(uschar *, BOOL, BOOL);
+extern const pcre *regex_must_compile(const uschar *, BOOL, BOOL);
extern void retry_add_item(address_item *, uschar *, int);
extern BOOL retry_check_address(uschar *, host_item *, uschar *, BOOL,
uschar **, uschar **);
#define DERR_TIMEOUT (1<<9) /* scan timeout has run out */
#define DERR_BAD_CALL (1<<15) /* wrong command */
+
+static const uschar * malware_regex_default = US ".+";
+static const pcre * malware_default_re = NULL;
+
+static const uschar * drweb_re_str = US "infected\\swith\\s*(.+?)$";
+static const pcre * drweb_re = NULL;
+
+static const uschar * fsec_re_str = US "\\S{0,5}INFECTED\\t[^\\t]*\\t([^\\t]+)\\t\\S*$";
+static const pcre * fsec_re = NULL;
+
+static const uschar * kav_re_sus_str = US "suspicion:\\s*(.+?)\\s*$";
+static const uschar * kav_re_inf_str = US "infected:\\s*(.+?)\\s*$";
+static const pcre * kav_re_sus = NULL;
+static const pcre * kav_re_inf = NULL;
+
+static const uschar * ava_re_clean_str = US "(?!\\\\)\\t\\[\\+\\]";
+static const uschar * ava_re_virus_str = US "(?!\\\\)\\t\\[L\\]\\d\\.\\d\\t\\d\\s(.*)";
+static const pcre * ava_re_clean = NULL;
+static const pcre * ava_re_virus = NULL;
+
+
+
+/******************************************************************************/
+
/* Routine to check whether a system is big- or little-endian.
Ripped from http://www.faqs.org/faqs/graphics/fileformats-faq/part4/section-7.html
Needed for proper kavdaemon implementation. Sigh. */
int sep = 0;
uschar *av_scanner_work = av_scanner;
uschar *scanner_name;
-uschar malware_regex_default[] = ".+";
unsigned long mbox_size;
FILE *mbox_file;
const pcre *re;
return FAIL; /* explicitly no matching */
/* special cases (match anything except empty) */
-if ( (strcmpic(malware_re,US"true") == 0) ||
- (Ustrcmp(malware_re,"*") == 0) ||
- (Ustrcmp(malware_re,"1") == 0) )
+if ( strcmpic(malware_re,US"true") == 0
+ || Ustrcmp(malware_re,"*") == 0
+ || Ustrcmp(malware_re,"1") == 0
+ )
+ {
+ if ( !malware_default_re
+ && !(malware_default_re = m_pcre_compile(malware_regex_default, &errstr)))
+ return malware_errlog_defer(errstr);
malware_re = malware_regex_default;
-
-/* Reset sep that is set by previous string_nextinlist() call */
-sep = 0;
+ re = malware_default_re;
+ }
/* compile the regex, see if it works */
-if (!(re = m_pcre_compile(malware_re, &errstr)))
+else if (!(re = m_pcre_compile(malware_re, &errstr)))
return malware_errlog_defer(errstr);
+/* Reset sep that is set by previous string_nextinlist() call */
+sep = 0;
+
/* if av_scanner starts with a dollar, expand it first */
if (*av_scanner == '$')
{
uschar * tmpbuf, *drweb_fbuf;
int drweb_rc, drweb_cmd, drweb_flags = 0x0000, drweb_fd,
drweb_vnum, drweb_slen, drweb_fin = 0x0000;
- const pcre *drweb_re;
/* prepare variables */
drweb_cmd = htonl(DRWEBD_SCAN_CMD);
malware_name = US"unknown";
/* set up match regex */
- drweb_re = m_pcre_compile(US"infected\\swith\\s*(.+?)$", &errstr);
+ if (!drweb_re)
+ drweb_re = m_pcre_compile(drweb_re_str, &errstr);
/* read and concatenate virus names into one string */
for (i = 0; i < drweb_vnum; i++)
int i, j, bread = 0;
uschar * file_name;
uschar av_buffer[1024];
- const pcre * fs_inf;
static uschar *cmdopt[] = { US"CONFIGURE\tARCHIVE\t1\n",
US"CONFIGURE\tTIMEOUT\t0\n",
US"CONFIGURE\tMAXARCH\t5\n",
/* set up match */
/* todo also SUSPICION\t */
- fs_inf = m_pcre_compile(US"\\S{0,5}INFECTED\\t[^\\t]*\\t([^\\t]+)\\t\\S*$", &errstr);
+ if (!fsec_re)
+ fsec_re = m_pcre_compile(fsec_re_str, &errstr);
/* read report, linewise. Apply a timeout as the Fsecure daemon
sometimes wants an answer to "PING" but they won't tell us what */
/* Really search for virus again? */
if (!malware_name)
/* try matcher on the line, grab substring */
- malware_name = m_pcre_exec(fs_inf, p);
+ malware_name = m_pcre_exec(fsec_re, p);
if (Ustrstr(p, "OK\tScan ok."))
goto fsec_found;
if (kav_reportlen > 0)
{
/* set up match regex, depends on retcode */
- kav_re = m_pcre_compile( kav_rc == 3
- ? US"suspicion:\\s*(.+?)\\s*$"
- : US"infected:\\s*(.+?)\\s*$",
- &errstr );
+ if (kav_rc == 3)
+ {
+ if (!kav_re_sus) kav_re_sus = m_pcre_compile(kav_re_sus_str, &errstr);
+ kav_re = kav_re_sus;
+ }
+ else
+ {
+ if (!kav_re_inf) kav_re_inf = m_pcre_compile(kav_re_inf_str, &errstr);
+ kav_re = kav_re_inf;
+ }
/* read report, linewise */
while (kav_reportlen > 0)
int ovector[1*3];
uschar buf[1024];
uschar * scanrequest;
- const pcre * avast_clean_re, * avast_virus_re;
enum {AVA_HELO, AVA_OPT, AVA_RSP, AVA_DONE} avast_stage;
int nread;
[L] - infected
[E] - some error occured
Such marker follows the first non-escaped TAB. */
- if ( !(avast_clean_re =
- m_pcre_compile(US"(?!\\\\)\\t\\[\\+\\]", &errstr))
- || !(avast_virus_re =
- m_pcre_compile(US"(?!\\\\)\\t\\[L\\]\\d\\.\\d\\t\\d\\s(.*)",
- &errstr))
+ if ( ( !ava_re_clean
+ && !(ava_re_clean = m_pcre_compile(ava_re_clean_str, &errstr)))
+ || ( !ava_re_virus
+ && !(ava_re_virus = m_pcre_compile(ava_re_virus_str, &errstr)))
)
return malware_errlog_defer(errstr);
if (Ustrncmp(buf, "210", 3) == 0)
break; /* ignore the "210 SCAN DATA" message */
- if (pcre_exec(avast_clean_re, NULL, CS buf, slen,
+ if (pcre_exec(ava_re_clean, NULL, CS buf, slen,
0, 0, ovector, nelements(ovector)) > 0)
break;
- if ((malware_name = m_pcre_exec(avast_virus_re, buf)))
+ if ((malware_name = m_pcre_exec(ava_re_virus, buf)))
{ /* remove backslash in front of [whitespace|backslash] */
uschar * p, * p0;
for (p = malware_name; *p; ++p)
return ret;
}
+
+void
+malware_init(void)
+{
+if (!malware_default_re)
+ malware_default_re = regex_must_compile(malware_regex_default, FALSE, TRUE);
+if (!drweb_re)
+ drweb_re = regex_must_compile(drweb_re_str, FALSE, TRUE);
+if (!fsec_re)
+ fsec_re = regex_must_compile(fsec_re_str, FALSE, TRUE);
+if (!kav_re_sus)
+ kav_re_sus = regex_must_compile(kav_re_sus_str, FALSE, TRUE);
+if (!kav_re_inf)
+ kav_re_inf = regex_must_compile(kav_re_inf_str, FALSE, TRUE);
+if (!ava_re_clean)
+ ava_re_clean = regex_must_compile(ava_re_clean_str, FALSE, TRUE);
+if (!ava_re_virus)
+ ava_re_virus = regex_must_compile(ava_re_virus_str, FALSE, TRUE);
+}
+
#endif /*WITH_CONTENT_SCAN*/
/*
* vi: aw ai sw=2