static int clamav_load_database()
{
int ret = 0; /* return value */
int reload = 0;
/* libclamav initialization */
if (CLAMAV_G(cl_initcalled) == 0){
if((ret = cl_init(CL_INIT_DEFAULT)) != CL_SUCCESS) {
php_error(E_WARNING, "cl_init: failed : error code %i (%s)\n", ret, cl_strerror(ret));
return FAILURE;
} else {
CLAMAV_G(cl_initcalled) = 1;
}
}
/* database reload */
if (CLAMAV_G(dbstat.dir) != NULL && cl_statchkdir(&CLAMAV_G(dbstat)) == 1) {
reload = 1;
cl_statfree(&CLAMAV_G(dbstat));
}
/* load engine */
if (!(CLAMAV_G(dbengine) = cl_engine_new())){
php_error(E_WARNING, "Can’t create new engine\n");
return FAILURE;
}
if (CLAMAV_G(dbpath) == NULL) CLAMAV_G(dbpath) = (char *) cl_retdbdir();
/* database loading */
if ((ret = cl_load(CLAMAV_G(dbpath), CLAMAV_G(dbengine), &CLAMAV_G(sig_num), CL_DB_STDOPT)) != CL_SUCCESS) {
php_error(E_WARNING, "cl_load: failed : error code %i (%s)\n", ret, cl_strerror(ret));
return FAILURE;
}
/* compile signature database */
if ((ret = cl_engine_compile(CLAMAV_G(dbengine))) != CL_SUCCESS) {
php_error(E_WARNING, "cl_engine_compile : error code %i (%s\n", ret, cl_strerror(ret));
return FAILURE;
}
/* allocate cl_stat */
if (!reload) memset(&CLAMAV_G(dbstat), 0, sizeof(struct cl_stat));
/* database stats */
if ((ret = cl_statinidir(CLAMAV_G(dbpath), &CLAMAV_G(dbstat))) != CL_SUCCESS) {
php_error(E_WARNING, "cl_statinidir : error code %i (%s\n", ret, cl_strerror(ret));
return FAILURE;
}
/* set engine parameters */
cl_engine_set_num(CLAMAV_G(dbengine), CL_ENGINE_MAX_FILES, CLAMAV_G(maxfiles));
cl_engine_set_num(CLAMAV_G(dbengine), CL_ENGINE_MAX_FILESIZE, CLAMAV_G(maxfilesize));
cl_engine_set_num(CLAMAV_G(dbengine), CL_ENGINE_MAX_SCANSIZE, CLAMAV_G(maxscansize));
cl_engine_set_num(CLAMAV_G(dbengine), CL_ENGINE_MAX_RECURSION, CLAMAV_G(maxreclevel));
cl_engine_set_num(CLAMAV_G(dbengine), CL_ENGINE_KEEPTMP, CLAMAV_G(keeptmp));
cl_engine_set_str(CLAMAV_G(dbengine), CL_ENGINE_TMPDIR, CLAMAV_G(tmpdir));
return ret;
}
/* Must be called with engine_mutex locked ! */
static int load_db(void) {
unsigned int signo = 0;
size_t used, total;
int ret;
INFN();
cl_engine_set_clcb_sigload(engine, sigload_callback, NULL);
official_sigs = custom_sigs = 0;
if((ret = cl_load(dbdir, engine, &signo, CL_DB_STDOPT & ~CL_DB_PHISHING & ~CL_DB_PHISHING_URLS)) != CL_SUCCESS) {
cl_engine_free(engine);
engine = NULL;
FAIL(ret, "Failed to load database: %s", cl_strerror(ret));
}
if((ret = cl_engine_compile(engine))) {
cl_engine_free(engine);
engine = NULL;
FAIL(ret, "Failed to compile engine: %s", cl_strerror(ret));
}
logg("load_db: loaded %d signatures (%u official, %u custom)\n", signo, official_sigs, custom_sigs);
if (!mpool_getstats(engine, &used, &total))
logg("load_db: memory %.3f MB / %.3f MB\n", used/(1024*1024.0), total/(1024*1024.0));
touch_last_update(signo);
WIN();
}
int CWLoadDB_A(CWHandle cwh, const char *db)
{
int ret;
const char *dbdir = db ? db : cl_retdbdir();
if ((ret = cl_load(dbdir, cwh->engine, &cwh->sigs, cwh->dboptions)) != CL_SUCCESS)
return ret;
return cl_engine_compile(cwh->engine);
}
VirusScan::VirusScan(TrayNotify *tn)
{
numSignatures = 0;
fTypes[0] = ".EXE";
fTypes[1] = ".BAT";
fTypes[2] = ".BIN";
fTypes[3] = ".DLL";
fTypes[4] = ".COM";
fTypes[5] = ".INF";
fTypes[6] = ".INI";
fTypes[7] = ".PDF";
fTypes[8] = ".DOC";
fTypes[9] = ".DOCX";
fTypes[10] = ".PPT";
fTypes[11] = ".PPTX";
fTypes[12] = ".SYS";
fTypes[13] = ".VBS";
/* Init AV engine */
int res = cl_init(0);
cl = cl_engine_new();
if (res != CL_SUCCESS)
{
ErrorLog::logErrorToFile("*CRITICAL*", "Unable to initialize AV engine: ", (char*)cl_strerror(res));
std::cout << cl_strerror(res);
return;
}
res = cl_load(cl_retdbdir(), cl, &numSignatures, CL_DB_STDOPT);
if (res != CL_SUCCESS)
{
ErrorLog::logErrorToFile("*CRITICAL*", "Unable to load AV engine signatures. Check for db folder?: ", (char*)cl_strerror(res));
std::cout << cl_strerror(res);
return;
}
res = cl_engine_compile(cl);
if (res != CL_SUCCESS)
{
ErrorLog::logErrorToFile("*CRITICAL*", "Unable to compile AV engine rules: ", (char*)cl_strerror(res));
std::cout << cl_strerror(res);
return;
}
char msgStr[100];
sprintf(msgStr, "ClamAV engine initialized. %d signatures loaded.", numSignatures);
ErrorLog::logErrorToFile("*INFO*", msgStr);
tn->sendMessage(msgStr, "ClamAV");
tn->setHoverMessage("UsbNinja Daemon\nClamAV Loaded");
}
static void engine_setup(void)
{
unsigned int sigs = 0;
const char *hdb = OBJDIR"/clamav.hdb";
init_testfiles();
if (!inited)
fail_unless(cl_init(CL_INIT_DEFAULT) == 0, "cl_init");
inited = 1;
g_engine = cl_engine_new();
fail_unless(!!g_engine, "engine");
fail_unless_fmt(cl_load(hdb, g_engine, &sigs, CL_DB_STDOPT) == 0, "cl_load %s", hdb);
fail_unless(sigs == 1, "sigs");
fail_unless(cl_engine_compile(g_engine) == 0, "cl_engine_compile");
}
void *clamav_init()
{
unsigned int sigs = 0;
int r;
struct clamav_state *st = xzmalloc(sizeof(struct clamav_state));
if (st == NULL) {
fatal("memory allocation failed", EC_SOFTWARE);
}
st->av_engine = cl_engine_new();
if ( ! st->av_engine ) {
fatal("Failed to initialize AV engine", EC_SOFTWARE);
}
/* load all available databases from default directory */
if ((r = cl_load(cl_retdbdir(), st->av_engine, &sigs, CL_DB_STDOPT))) {
syslog(LOG_ERR, "cl_load: %s", cl_strerror(r));
fatal(cl_strerror(r), EC_SOFTWARE);
}
if (verbose) printf("Loaded %d virus signatures.\n", sigs);
/* build av_engine */
if((r = cl_engine_compile(st->av_engine))) {
syslog(LOG_ERR,
"Database initialization error: %s", cl_strerror(r));
cl_engine_free(st->av_engine);
fatal(cl_strerror(r), EC_SOFTWARE);
}
/* set up archive av_limits */
/* max files */
cl_engine_set_num(st->av_engine, CL_ENGINE_MAX_FILES, 10000);
/* during the scanning of archives, this size (100 MB) will
* never be exceeded
*/
cl_engine_set_num(st->av_engine, CL_ENGINE_MAX_SCANSIZE, 100 * 1048576);
/* compressed files will only be decompressed and scanned up to
* this size (10 MB)
*/
cl_engine_set_num(st->av_engine, CL_ENGINE_MAX_FILESIZE, 10 * 1048576);
/* maximum recursion level for archives */
cl_engine_set_num(st->av_engine, CL_ENGINE_MAX_RECURSION, 16);
return (void *) st;
}
int init_virusdb()
{
int ret;
unsigned int no = 0;
virusdb = malloc(sizeof(struct virus_db));
memset(virusdb, 0, sizeof(struct virus_db));
if (!virusdb)
return 0;
#ifdef HAVE_LIBCLAMAV_095
if((ret = cl_init(CL_INIT_DEFAULT))) {
ci_debug_printf(1, "!Can't initialize libclamav: %s\n", cl_strerror(ret));
return 0;
}
if(!(virusdb->db = cl_engine_new())) {
ci_debug_printf(1, "Clamav DB load: Cannot create new clamav engine\n");
return 0;
}
if ((ret = cl_load(cl_retdbdir(), virusdb->db, &no, CL_DB_STDOPT))) {
ci_debug_printf(1, "Clamav DB load: cl_load failed: %s\n",
cl_strerror(ret));
#elif defined(HAVE_LIBCLAMAV_09X)
if ((ret = cl_load(cl_retdbdir(), &(virusdb->db), &no, CL_DB_STDOPT))) {
ci_debug_printf(1, "Clamav DB load: cl_load failed: %s\n",
cl_strerror(ret));
#else
if ((ret = cl_loaddbdir(cl_retdbdir(), &(virusdb->db), &no))) {
ci_debug_printf(1, "cl_loaddbdir: %s\n", cl_perror(ret));
#endif
return 0;
}
#ifdef HAVE_LIBCLAMAV_095
if ((ret = cl_engine_compile(virusdb->db))) {
#else
if ((ret = cl_build(virusdb->db))) {
#endif
ci_debug_printf(1, "Database initialization error: %s\n",
cl_strerror(ret));
#ifdef HAVE_LIBCLAMAV_095
cl_engine_free(virusdb->db);
#else
cl_free(virusdb->db);
#endif
free(virusdb);
virusdb = NULL;
return 0;
}
ci_thread_mutex_init(&db_mutex);
virusdb->refcount = 1;
old_virusdb = NULL;
return 1;
}
/*
Instead of using struct virus_db and refcount's someone can use the cl_dup function
of clamav library, but it is undocumented so I did not use it.
The following implementation we are starting to reload clamav db while threads are
scanning for virus but we are not allow any child to start a new scan until we are
loading DB.
*/
/*#define DB_NO_FULL_LOCK 1*/
#undef DB_NO_FULL_LOCK
int reload_virusdb()
{
struct virus_db *vdb = NULL;
int ret;
unsigned int no = 0;
ci_thread_mutex_lock(&db_mutex);
if (old_virusdb) {
ci_debug_printf(1, "Clamav DB reload pending, cancelling.\n");
ci_thread_mutex_unlock(&db_mutex);
return 0;
}
#ifdef DB_NO_FULL_LOCK
ci_thread_mutex_unlock(&db_mutex);
#endif
vdb = malloc(sizeof(struct virus_db));
if (!vdb)
return 0;
memset(vdb, 0, sizeof(struct virus_db));
ci_debug_printf(9, "db_reload going to load db\n");
#ifdef HAVE_LIBCLAMAV_095
if(!(vdb->db = cl_engine_new())) {
ci_debug_printf(1, "Clamav DB load: Cannot create new clamav engine\n");
return 0;
}
if ((ret = cl_load(cl_retdbdir(), vdb->db, &no, CL_DB_STDOPT))) {
ci_debug_printf(1, "Clamav DB reload: cl_load failed: %s\n",
cl_strerror(ret));
#elif defined(HAVE_LIBCLAMAV_09X)
if ((ret = cl_load(cl_retdbdir(), &(vdb->db), &no, CL_DB_STDOPT))) {
ci_debug_printf(1, "Clamav DB reload: cl_load failed: %s\n",
cl_strerror(ret));
#else
if ((ret = cl_loaddbdir(cl_retdbdir(), &(vdb->db), &no))) {
ci_debug_printf(1, "Clamav DB reload: cl_loaddbdir failed: %s\n",
cl_perror(ret));
#endif
return 0;
}
ci_debug_printf(9, "loaded. Going to build\n");
#ifdef HAVE_LIBCLAMAV_095
if ((ret = cl_engine_compile(vdb->db))) {
#else
if ((ret = cl_build(vdb->db))) {
#endif
ci_debug_printf(1,
"Clamav DB reload: Database initialization error: %s\n",
cl_strerror(ret));
#ifdef HAVE_LIBCLAMAV_095
cl_engine_free(vdb->db);
#else
cl_free(vdb->db);
#endif
free(vdb);
vdb = NULL;
#ifdef DB_NO_FULL_LOCK
/*no lock needed */
#else
ci_thread_mutex_unlock(&db_mutex);
#endif
return 0;
}
ci_debug_printf(9, "Done releasing.....\n");
#ifdef DB_NO_FULL_LOCK
ci_thread_mutex_lock(&db_mutex);
#endif
old_virusdb = virusdb;
old_virusdb->refcount--;
ci_debug_printf(9, "Old VirusDB refcount:%d\n", old_virusdb->refcount);
if (old_virusdb->refcount <= 0) {
#ifdef HAVE_LIBCLAMAV_095
cl_engine_free(old_virusdb->db);
#else
cl_free(old_virusdb->db);
#endif
free(old_virusdb);
old_virusdb = NULL;
}
virusdb = vdb;
virusdb->refcount = 1;
ci_thread_mutex_unlock(&db_mutex);
return 1;
}
CL_ENGINE *get_virusdb()
{
struct virus_db *vdb;
ci_thread_mutex_lock(&db_mutex);
vdb = virusdb;
vdb->refcount++;
ci_thread_mutex_unlock(&db_mutex);
return vdb->db;
}
void release_virusdb(CL_ENGINE * db)
{
ci_thread_mutex_lock(&db_mutex);
if (virusdb && db == virusdb->db)
virusdb->refcount--;
else if (old_virusdb && (db == old_virusdb->db)) {
old_virusdb->refcount--;
ci_debug_printf(9, "Old VirusDB refcount: %d\n",
old_virusdb->refcount);
if (old_virusdb->refcount <= 0) {
#ifdef HAVE_LIBCLAMAV_095
cl_engine_free(old_virusdb->db);
#else
cl_free(old_virusdb->db);
#endif
free(old_virusdb);
old_virusdb = NULL;
}
}
else {
ci_debug_printf(1,
"BUG in srv_clamav service! please contact the author\n");
}
ci_thread_mutex_unlock(&db_mutex);
}
void destroy_virusdb()
{
if (virusdb) {
#ifdef HAVE_LIBCLAMAV_095
cl_engine_free(virusdb->db);
#else
cl_free(virusdb->db);
#endif
free(virusdb);
virusdb = NULL;
}
if (old_virusdb) {
#ifdef HAVE_LIBCLAMAV_095
cl_engine_free(old_virusdb->db);
#else
cl_free(old_virusdb->db);
#endif
free(old_virusdb);
old_virusdb = NULL;
}
}
void set_istag(ci_service_xdata_t * srv_xdata)
{
char istag[SERVICE_ISTAG_SIZE + 1];
char str_version[64];
char *daily_path;
char *s1, *s2;
struct cl_cvd *d1;
int version = 0, cfg_version = 0;
struct stat daily_stat;
/*instead of 128 should be strlen("/daily.inc/daily.info")+1*/
daily_path = malloc(strlen(cl_retdbdir()) + 128);
if (!daily_path) /*???????? */
return;
sprintf(daily_path, "%s/daily.cvd", cl_retdbdir());
if(stat(daily_path,&daily_stat) != 0){
/* if the clamav_lib_path/daily.cvd does not exists
*/
sprintf(daily_path, "%s/daily.cld", cl_retdbdir());
if(stat(daily_path,&daily_stat) != 0){
/*
else try to use the clamav_lib_path/daily.inc/daly.info file instead" */
sprintf(daily_path, "%s/daily.inc/daily.info", cl_retdbdir());
}
}
if ((d1 = cl_cvdhead(daily_path))) {
version = d1->version;
free(d1);
}
free(daily_path);
s1 = (char *) cl_retver();
s2 = str_version;
while (*s1 != '\0' && s2 - str_version < 64) {
if (*s1 != '.') {
*s2 = *s1;
s2++;
}
s1++;
}
*s2 = '\0';
/*cfg_version maybe must set by user when he is changing
the srv_clamav configuration.... */
snprintf(istag, SERVICE_ISTAG_SIZE, "-%.3d-%s-%d%d",
cfg_version, str_version, cl_retflevel(), version);
istag[SERVICE_ISTAG_SIZE] = '\0';
ci_service_set_istag(srv_xdata, istag);
}
int main(int argc, char **argv)
{
static struct cl_engine *engine = NULL;
const struct optstruct *opt;
#ifndef _WIN32
struct passwd *user = NULL;
struct sigaction sa;
struct rlimit rlim;
#endif
time_t currtime;
const char *dbdir, *cfgfile;
char *pua_cats = NULL, *pt;
int ret, tcpsock = 0, localsock = 0, i, min_port, max_port;
unsigned int sigs = 0;
int lsockets[2], nlsockets = 0;
unsigned int dboptions = 0;
#ifdef C_LINUX
STATBUF sb;
#endif
if(check_flevel())
exit(1);
#ifndef _WIN32
memset(&sa, 0, sizeof(sa));
sa.sa_handler = SIG_IGN;
sigaction(SIGHUP, &sa, NULL);
sigaction(SIGUSR2, &sa, NULL);
#endif
if((opts = optparse(NULL, argc, argv, 1, OPT_CLAMD, 0, NULL)) == NULL) {
mprintf("!Can't parse command line options\n");
return 1;
}
if(optget(opts, "help")->enabled) {
help();
optfree(opts);
return 0;
}
if(optget(opts, "debug")->enabled) {
#if defined(C_LINUX)
/* [email protected]: create a dump if needed */
rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
if(setrlimit(RLIMIT_CORE, &rlim) < 0)
perror("setrlimit");
#endif
debug_mode = 1;
}
/* parse the config file */
cfgfile = optget(opts, "config-file")->strarg;
pt = strdup(cfgfile);
if((opts = optparse(cfgfile, 0, NULL, 1, OPT_CLAMD, 0, opts)) == NULL) {
fprintf(stderr, "ERROR: Can't open/parse the config file %s\n", pt);
free(pt);
return 1;
}
free(pt);
if(optget(opts, "version")->enabled) {
print_version(optget(opts, "DatabaseDirectory")->strarg);
optfree(opts);
return 0;
}
/* drop privileges */
#ifndef _WIN32
if(geteuid() == 0 && (opt = optget(opts, "User"))->enabled) {
if((user = getpwnam(opt->strarg)) == NULL) {
fprintf(stderr, "ERROR: Can't get information about user %s.\n", opt->strarg);
optfree(opts);
return 1;
}
if(optget(opts, "AllowSupplementaryGroups")->enabled) {
#ifdef HAVE_INITGROUPS
if(initgroups(opt->strarg, user->pw_gid)) {
fprintf(stderr, "ERROR: initgroups() failed.\n");
optfree(opts);
return 1;
}
#else
mprintf("!AllowSupplementaryGroups: initgroups() is not available, please disable AllowSupplementaryGroups in %s\n", cfgfile);
optfree(opts);
return 1;
#endif
} else {
#ifdef HAVE_SETGROUPS
if(setgroups(1, &user->pw_gid)) {
fprintf(stderr, "ERROR: setgroups() failed.\n");
optfree(opts);
return 1;
}
#endif
}
if(setgid(user->pw_gid)) {
fprintf(stderr, "ERROR: setgid(%d) failed.\n", (int) user->pw_gid);
optfree(opts);
return 1;
}
if(setuid(user->pw_uid)) {
fprintf(stderr, "ERROR: setuid(%d) failed.\n", (int) user->pw_uid);
optfree(opts);
return 1;
}
}
#endif
/* initialize logger */
logg_lock = !optget(opts, "LogFileUnlock")->enabled;
logg_time = optget(opts, "LogTime")->enabled;
logok = optget(opts, "LogClean")->enabled;
logg_size = optget(opts, "LogFileMaxSize")->numarg;
logg_verbose = mprintf_verbose = optget(opts, "LogVerbose")->enabled;
if (logg_size)
logg_rotate = optget(opts, "LogRotate")->enabled;
mprintf_send_timeout = optget(opts, "SendBufTimeout")->numarg;
do { /* logger initialized */
if((opt = optget(opts, "LogFile"))->enabled) {
char timestr[32];
logg_file = opt->strarg;
if(!cli_is_abspath(logg_file)) {
fprintf(stderr, "ERROR: LogFile requires full path.\n");
ret = 1;
break;
}
time(&currtime);
if(logg("#+++ Started at %s", cli_ctime(&currtime, timestr, sizeof(timestr)))) {
fprintf(stderr, "ERROR: Can't initialize the internal logger\n");
ret = 1;
break;
}
} else
logg_file = NULL;
if (optget(opts,"DevLiblog")->enabled)
cl_set_clcb_msg(msg_callback);
if((ret = cl_init(CL_INIT_DEFAULT))) {
logg("!Can't initialize libclamav: %s\n", cl_strerror(ret));
ret = 1;
break;
}
if(optget(opts, "Debug")->enabled) /* enable debug messages in libclamav */ {
cl_debug();
logg_verbose = 2;
}
#if defined(USE_SYSLOG) && !defined(C_AIX)
if(optget(opts, "LogSyslog")->enabled) {
int fac = LOG_LOCAL6;
opt = optget(opts, "LogFacility");
if((fac = logg_facility(opt->strarg)) == -1) {
logg("!LogFacility: %s: No such facility.\n", opt->strarg);
ret = 1;
break;
}
openlog("clamd", LOG_PID, fac);
logg_syslog = 1;
}
#endif
#ifdef C_LINUX
procdev = 0;
if(CLAMSTAT("/proc", &sb) != -1 && !sb.st_size)
procdev = sb.st_dev;
#endif
/* check socket type */
if(optget(opts, "TCPSocket")->enabled)
tcpsock = 1;
if(optget(opts, "LocalSocket")->enabled)
localsock = 1;
if(!tcpsock && !localsock) {
logg("!Please define server type (local and/or TCP).\n");
ret = 1;
break;
}
logg("#clamd daemon %s (OS: "TARGET_OS_TYPE", ARCH: "TARGET_ARCH_TYPE", CPU: "TARGET_CPU_TYPE")\n", get_version());
#ifndef _WIN32
if(user)
logg("#Running as user %s (UID %u, GID %u)\n", user->pw_name, user->pw_uid, user->pw_gid);
#endif
#if defined(RLIMIT_DATA) && defined(C_BSD)
if (getrlimit(RLIMIT_DATA, &rlim) == 0) {
/* bb #1941.
* On 32-bit FreeBSD if you set ulimit -d to >2GB then mmap() will fail
* too soon (after ~120 MB).
* Set limit lower than 2G if on 32-bit */
uint64_t lim = rlim.rlim_cur;
if (sizeof(void*) == 4 &&
lim > (1ULL << 31)) {
rlim.rlim_cur = 1ULL << 31;
if (setrlimit(RLIMIT_DATA, &rlim) < 0)
logg("!setrlimit(RLIMIT_DATA) failed: %s\n", strerror(errno));
else
logg("Running on 32-bit system, and RLIMIT_DATA > 2GB, lowering to 2GB!\n");
}
}
#endif
if(logg_size)
logg("#Log file size limited to %u bytes.\n", logg_size);
else
logg("#Log file size limit disabled.\n");
min_port = optget(opts, "StreamMinPort")->numarg;
max_port = optget(opts, "StreamMaxPort")->numarg;
if (min_port < 1024 || min_port > max_port || max_port > 65535) {
logg("!Invalid StreamMinPort/StreamMaxPort: %d, %d\n", min_port, max_port);
ret = 1;
break;
}
if(!(engine = cl_engine_new())) {
logg("!Can't initialize antivirus engine\n");
ret = 1;
break;
}
/* load the database(s) */
dbdir = optget(opts, "DatabaseDirectory")->strarg;
logg("#Reading databases from %s\n", dbdir);
if(optget(opts, "DetectPUA")->enabled) {
dboptions |= CL_DB_PUA;
if((opt = optget(opts, "ExcludePUA"))->enabled) {
dboptions |= CL_DB_PUA_EXCLUDE;
i = 0;
logg("#Excluded PUA categories:");
while(opt) {
if(!(pua_cats = realloc(pua_cats, i + strlen(opt->strarg) + 3))) {
logg("!Can't allocate memory for pua_cats\n");
cl_engine_free(engine);
ret = 1;
break;
}
logg("# %s", opt->strarg);
sprintf(pua_cats + i, ".%s", opt->strarg);
i += strlen(opt->strarg) + 1;
pua_cats[i] = 0;
opt = opt->nextarg;
}
if (ret)
break;
logg("#\n");
pua_cats[i] = '.';
pua_cats[i + 1] = 0;
}
if((opt = optget(opts, "IncludePUA"))->enabled) {
if(pua_cats) {
logg("!ExcludePUA and IncludePUA cannot be used at the same time\n");
free(pua_cats);
ret = 1;
break;
}
dboptions |= CL_DB_PUA_INCLUDE;
i = 0;
logg("#Included PUA categories:");
while(opt) {
if(!(pua_cats = realloc(pua_cats, i + strlen(opt->strarg) + 3))) {
logg("!Can't allocate memory for pua_cats\n");
ret = 1;
break;
}
logg("# %s", opt->strarg);
sprintf(pua_cats + i, ".%s", opt->strarg);
i += strlen(opt->strarg) + 1;
pua_cats[i] = 0;
opt = opt->nextarg;
}
if (ret)
break;
logg("#\n");
pua_cats[i] = '.';
pua_cats[i + 1] = 0;
}
if(pua_cats) {
if((ret = cl_engine_set_str(engine, CL_ENGINE_PUA_CATEGORIES, pua_cats))) {
logg("!cli_engine_set_str(CL_ENGINE_PUA_CATEGORIES) failed: %s\n", cl_strerror(ret));
free(pua_cats);
ret = 1;
break;
}
free(pua_cats);
}
} else {
logg("#Not loading PUA signatures.\n");
}
if(optget(opts, "OfficialDatabaseOnly")->enabled) {
dboptions |= CL_DB_OFFICIAL_ONLY;
logg("#Only loading official signatures.\n");
}
/* set the temporary dir */
if((opt = optget(opts, "TemporaryDirectory"))->enabled) {
if((ret = cl_engine_set_str(engine, CL_ENGINE_TMPDIR, opt->strarg))) {
logg("!cli_engine_set_str(CL_ENGINE_TMPDIR) failed: %s\n", cl_strerror(ret));
ret = 1;
break;
}
}
cl_engine_set_clcb_hash(engine, hash_callback);
detstats_clear();
if(optget(opts, "LeaveTemporaryFiles")->enabled)
cl_engine_set_num(engine, CL_ENGINE_KEEPTMP, 1);
if(optget(opts, "PhishingSignatures")->enabled)
dboptions |= CL_DB_PHISHING;
else
logg("#Not loading phishing signatures.\n");
if(optget(opts,"Bytecode")->enabled) {
dboptions |= CL_DB_BYTECODE;
if((opt = optget(opts,"BytecodeSecurity"))->enabled) {
enum bytecode_security s;
if (!strcmp(opt->strarg, "TrustSigned")) {
s = CL_BYTECODE_TRUST_SIGNED;
logg("#Bytecode: Security mode set to \"TrustSigned\".\n");
} else if (!strcmp(opt->strarg, "Paranoid")) {
s = CL_BYTECODE_TRUST_NOTHING;
logg("#Bytecode: Security mode set to \"Paranoid\".\n");
} else {
logg("!Unable to parse bytecode security setting:%s\n",
opt->strarg);
ret = 1;
break;
}
if ((ret = cl_engine_set_num(engine, CL_ENGINE_BYTECODE_SECURITY, s))) {
logg("^Invalid bytecode security setting %s: %s\n", opt->strarg, cl_strerror(ret));
ret = 1;
break;
}
}
if((opt = optget(opts,"BytecodeUnsigned"))->enabled) {
dboptions |= CL_DB_BYTECODE_UNSIGNED;
logg("#Bytecode: Enabled support for unsigned bytecode.\n");
}
if((opt = optget(opts,"BytecodeMode"))->enabled) {
enum bytecode_mode mode;
if (!strcmp(opt->strarg, "ForceJIT"))
mode = CL_BYTECODE_MODE_JIT;
else if(!strcmp(opt->strarg, "ForceInterpreter"))
mode = CL_BYTECODE_MODE_INTERPRETER;
else if(!strcmp(opt->strarg, "Test"))
mode = CL_BYTECODE_MODE_TEST;
else
mode = CL_BYTECODE_MODE_AUTO;
cl_engine_set_num(engine, CL_ENGINE_BYTECODE_MODE, mode);
}
if((opt = optget(opts,"BytecodeTimeout"))->enabled) {
cl_engine_set_num(engine, CL_ENGINE_BYTECODE_TIMEOUT, opt->numarg);
}
} else
logg("#Bytecode support disabled.\n");
if(optget(opts,"PhishingScanURLs")->enabled)
dboptions |= CL_DB_PHISHING_URLS;
else
logg("#Disabling URL based phishing detection.\n");
if(optget(opts,"DevACOnly")->enabled) {
logg("#Only using the A-C matcher.\n");
cl_engine_set_num(engine, CL_ENGINE_AC_ONLY, 1);
}
if((opt = optget(opts, "DevACDepth"))->enabled) {
cl_engine_set_num(engine, CL_ENGINE_AC_MAXDEPTH, opt->numarg);
logg("#Max A-C depth set to %u\n", (unsigned int) opt->numarg);
}
if((ret = cl_load(dbdir, engine, &sigs, dboptions))) {
logg("!%s\n", cl_strerror(ret));
ret = 1;
break;
}
if (optget(opts, "DisableCertCheck")->enabled)
engine->dconf->pe |= PE_CONF_DISABLECERT;
logg("#Loaded %u signatures.\n", sigs);
if((ret = cl_engine_compile(engine)) != 0) {
logg("!Database initialization error: %s\n", cl_strerror(ret));
ret = 1;
break;
}
if(tcpsock) {
if ((lsockets[nlsockets] = tcpserver(opts)) == -1) {
ret = 1;
break;
}
nlsockets++;
}
#ifndef _WIN32
if(localsock) {
mode_t sock_mode, umsk = umask(0777); /* socket is created with 000 to avoid races */
if ((lsockets[nlsockets] = localserver(opts)) == -1) {
ret = 1;
umask(umsk);
break;
}
umask(umsk); /* restore umask */
if(optget(opts, "LocalSocketGroup")->enabled) {
char *gname = optget(opts, "LocalSocketGroup")->strarg, *end;
gid_t sock_gid = strtol(gname, &end, 10);
if(*end) {
struct group *pgrp = getgrnam(gname);
if(!pgrp) {
logg("!Unknown group %s\n", gname);
ret = 1;
break;
}
sock_gid = pgrp->gr_gid;
}
if(chown(optget(opts, "LocalSocket")->strarg, -1, sock_gid)) {
logg("!Failed to change socket ownership to group %s\n", gname);
ret = 1;
break;
}
}
if(optget(opts, "LocalSocketMode")->enabled) {
char *end;
sock_mode = strtol(optget(opts, "LocalSocketMode")->strarg, &end, 8);
if(*end) {
logg("!Invalid LocalSocketMode %s\n", optget(opts, "LocalSocketMode")->strarg);
ret = 1;
break;
}
} else
sock_mode = 0777 /* & ~umsk*/; /* conservative default: umask was 0 in clamd < 0.96 */
if(chmod(optget(opts, "LocalSocket")->strarg, sock_mode & 0666)) {
logg("!Cannot set socket permission to %s\n", optget(opts, "LocalSocketMode")->strarg);
ret = 1;
break;
}
nlsockets++;
}
/* fork into background */
if(!optget(opts, "Foreground")->enabled) {
#ifdef C_BSD
/* workaround for OpenBSD bug, see https://wwws.clamav.net/bugzilla/show_bug.cgi?id=885 */
for(ret=0;ret<nlsockets;ret++) {
if (fcntl(lsockets[ret], F_SETFL, fcntl(lsockets[ret], F_GETFL) | O_NONBLOCK) == -1) {
logg("!fcntl for lsockets[] failed\n");
close(lsockets[ret]);
ret = 1;
break;
}
}
#endif
gengine = engine;
atexit(free_engine);
if(daemonize() == -1) {
logg("!daemonize() failed: %s\n", strerror(errno));
ret = 1;
break;
}
gengine = NULL;
#ifdef C_BSD
for(ret=0;ret<nlsockets;ret++) {
if (fcntl(lsockets[ret], F_SETFL, fcntl(lsockets[ret], F_GETFL) & ~O_NONBLOCK) == -1) {
logg("!fcntl for lsockets[] failed\n");
close(lsockets[ret]);
ret = 1;
break;
}
}
#endif
if(!debug_mode)
if(chdir("/") == -1)
logg("^Can't change current working directory to root\n");
} else
foreground = 1;
#endif
ret = recvloop_th(lsockets, nlsockets, engine, dboptions, opts);
} while (0);
logg("*Closing the main socket%s.\n", (nlsockets > 1) ? "s" : "");
for (i = 0; i < nlsockets; i++) {
closesocket(lsockets[i]);
}
#ifndef _WIN32
if(nlsockets && localsock) {
opt = optget(opts, "LocalSocket");
if(unlink(opt->strarg) == -1)
logg("!Can't unlink the socket file %s\n", opt->strarg);
else
logg("Socket file removed.\n");
}
#endif
logg_close();
optfree(opts);
return ret;
}
static struct cl_engine *reload_db(struct cl_engine *engine, unsigned int dboptions, const struct optstruct *opts, int do_check, int *ret)
{
const char *dbdir;
int retval;
unsigned int sigs = 0;
struct cl_settings *settings = NULL;
*ret = 0;
if(do_check) {
if(!dbstat.entries) {
logg("No stats for Database check - forcing reload\n");
return engine;
}
if(cl_statchkdir(&dbstat) == 1) {
logg("SelfCheck: Database modification detected. Forcing reload.\n");
return engine;
} else {
logg("SelfCheck: Database status OK.\n");
return NULL;
}
}
/* release old structure */
if(engine) {
/* copy current settings */
settings = cl_engine_settings_copy(engine);
if(!settings)
logg("^Can't make a copy of the current engine settings\n");
thrmgr_setactiveengine(NULL);
cl_engine_free(engine);
}
dbdir = optget(opts, "DatabaseDirectory")->strarg;
logg("Reading databases from %s\n", dbdir);
if(dbstat.entries)
cl_statfree(&dbstat);
memset(&dbstat, 0, sizeof(struct cl_stat));
if((retval = cl_statinidir(dbdir, &dbstat))) {
logg("!cl_statinidir() failed: %s\n", cl_strerror(retval));
*ret = 1;
if(settings)
cl_engine_settings_free(settings);
return NULL;
}
if(!(engine = cl_engine_new())) {
logg("!Can't initialize antivirus engine\n");
*ret = 1;
if(settings)
cl_engine_settings_free(settings);
return NULL;
}
if(settings) {
retval = cl_engine_settings_apply(engine, settings);
if(retval != CL_SUCCESS) {
logg("^Can't apply previous engine settings: %s\n", cl_strerror(retval));
logg("^Using default engine settings\n");
}
cl_engine_settings_free(settings);
}
if((retval = cl_load(dbdir, engine, &sigs, dboptions))) {
logg("!reload db failed: %s\n", cl_strerror(retval));
cl_engine_free(engine);
*ret = 1;
return NULL;
}
if((retval = cl_engine_compile(engine)) != 0) {
logg("!Database initialization error: can't compile engine: %s\n", cl_strerror(retval));
cl_engine_free(engine);
*ret = 1;
return NULL;
}
logg("Database correctly reloaded (%u signatures)\n", sigs);
thrmgr_setactiveengine(engine);
return engine;
}
int scanmanager(const struct optstruct *opts)
{
int ret = 0, i;
unsigned int options = 0, dboptions = 0, dirlnk = 1, filelnk = 1;
struct cl_engine *engine;
STATBUF sb;
char *file, cwd[1024], *pua_cats = NULL;
const char *filename;
const struct optstruct *opt;
#ifndef _WIN32
struct rlimit rlim;
#endif
dirlnk = optget(opts, "follow-dir-symlinks")->numarg;
if(dirlnk > 2) {
logg("!--follow-dir-symlinks: Invalid argument\n");
return 2;
}
filelnk = optget(opts, "follow-file-symlinks")->numarg;
if(filelnk > 2) {
logg("!--follow-file-symlinks: Invalid argument\n");
return 2;
}
if(optget(opts, "yara-rules")->enabled) {
char *p = optget(opts, "yara-rules")->strarg;
if(strcmp(p, "yes")) {
if(!strcmp(p, "only"))
dboptions |= CL_DB_YARA_ONLY;
else if (!strcmp(p, "no"))
dboptions |= CL_DB_YARA_EXCLUDE;
}
}
if(optget(opts, "phishing-sigs")->enabled)
dboptions |= CL_DB_PHISHING;
if(optget(opts, "official-db-only")->enabled)
dboptions |= CL_DB_OFFICIAL_ONLY;
if(optget(opts,"phishing-scan-urls")->enabled)
dboptions |= CL_DB_PHISHING_URLS;
if(optget(opts,"bytecode")->enabled)
dboptions |= CL_DB_BYTECODE;
if((ret = cl_init(CL_INIT_DEFAULT))) {
logg("!Can't initialize libclamav: %s\n", cl_strerror(ret));
return 2;
}
if(!(engine = cl_engine_new())) {
logg("!Can't initialize antivirus engine\n");
return 2;
}
cl_engine_set_clcb_virus_found(engine, clamscan_virus_found_cb);
if (optget(opts, "disable-cache")->enabled)
cl_engine_set_num(engine, CL_ENGINE_DISABLE_CACHE, 1);
if (optget(opts, "disable-pe-stats")->enabled) {
cl_engine_set_num(engine, CL_ENGINE_DISABLE_PE_STATS, 1);
}
if (optget(opts, "enable-stats")->enabled) {
cl_engine_stats_enable(engine);
}
if (optget(opts, "stats-timeout")->enabled) {
cl_engine_set_num(engine, CL_ENGINE_STATS_TIMEOUT, optget(opts, "StatsTimeout")->numarg);
}
if (optget(opts, "stats-host-id")->enabled) {
char *p = optget(opts, "stats-host-id")->strarg;
if (strcmp(p, "default")) {
if (!strcmp(p, "none")) {
cl_engine_set_clcb_stats_get_hostid(engine, NULL);
} else if (!strcmp(p, "anonymous")) {
strcpy(hostid, STATS_ANON_UUID);
} else {
if (strlen(p) > 36) {
logg("!Invalid HostID\n");
cl_engine_set_clcb_stats_submit(engine, NULL);
cl_engine_free(engine);
return 2;
}
strcpy(hostid, p);
}
cl_engine_set_clcb_stats_get_hostid(engine, get_hostid);
}
}
if(optget(opts, "detect-pua")->enabled) {
dboptions |= CL_DB_PUA;
if((opt = optget(opts, "exclude-pua"))->enabled) {
dboptions |= CL_DB_PUA_EXCLUDE;
i = 0;
while(opt) {
if(!(pua_cats = realloc(pua_cats, i + strlen(opt->strarg) + 3))) {
logg("!Can't allocate memory for pua_cats\n");
cl_engine_free(engine);
return 2;
}
sprintf(pua_cats + i, ".%s", opt->strarg);
i += strlen(opt->strarg) + 1;
pua_cats[i] = 0;
opt = opt->nextarg;
}
pua_cats[i] = '.';
pua_cats[i + 1] = 0;
}
if((opt = optget(opts, "include-pua"))->enabled) {
if(pua_cats) {
logg("!--exclude-pua and --include-pua cannot be used at the same time\n");
cl_engine_free(engine);
free(pua_cats);
return 2;
}
dboptions |= CL_DB_PUA_INCLUDE;
i = 0;
while(opt) {
if(!(pua_cats = realloc(pua_cats, i + strlen(opt->strarg) + 3))) {
logg("!Can't allocate memory for pua_cats\n");
cl_engine_free(engine);
return 2;
}
sprintf(pua_cats + i, ".%s", opt->strarg);
i += strlen(opt->strarg) + 1;
pua_cats[i] = 0;
opt = opt->nextarg;
}
pua_cats[i] = '.';
pua_cats[i + 1] = 0;
}
if(pua_cats) {
if((ret = cl_engine_set_str(engine, CL_ENGINE_PUA_CATEGORIES, pua_cats))) {
logg("!cli_engine_set_str(CL_ENGINE_PUA_CATEGORIES) failed: %s\n", cl_strerror(ret));
free(pua_cats);
cl_engine_free(engine);
return 2;
}
free(pua_cats);
}
}
if(optget(opts, "dev-ac-only")->enabled)
cl_engine_set_num(engine, CL_ENGINE_AC_ONLY, 1);
if(optget(opts, "dev-ac-depth")->enabled)
cl_engine_set_num(engine, CL_ENGINE_AC_MAXDEPTH, optget(opts, "dev-ac-depth")->numarg);
if(optget(opts, "leave-temps")->enabled)
cl_engine_set_num(engine, CL_ENGINE_KEEPTMP, 1);
if(optget(opts, "force-to-disk")->enabled)
cl_engine_set_num(engine, CL_ENGINE_FORCETODISK, 1);
if(optget(opts, "bytecode-unsigned")->enabled)
dboptions |= CL_DB_BYTECODE_UNSIGNED;
if((opt = optget(opts,"bytecode-timeout"))->enabled)
cl_engine_set_num(engine, CL_ENGINE_BYTECODE_TIMEOUT, opt->numarg);
if (optget(opts, "nocerts")->enabled)
cl_engine_set_num(engine, CL_ENGINE_DISABLE_PE_CERTS, 1);
if (optget(opts, "dumpcerts")->enabled)
cl_engine_set_num(engine, CL_ENGINE_PE_DUMPCERTS, 1);
if((opt = optget(opts,"bytecode-mode"))->enabled) {
enum bytecode_mode mode;
if (!strcmp(opt->strarg, "ForceJIT"))
mode = CL_BYTECODE_MODE_JIT;
else if(!strcmp(opt->strarg, "ForceInterpreter"))
mode = CL_BYTECODE_MODE_INTERPRETER;
else if(!strcmp(opt->strarg, "Test"))
mode = CL_BYTECODE_MODE_TEST;
else
mode = CL_BYTECODE_MODE_AUTO;
cl_engine_set_num(engine, CL_ENGINE_BYTECODE_MODE, mode);
}
if((opt = optget(opts, "statistics"))->enabled) {
while(opt) {
if (!strcasecmp(opt->strarg, "bytecode")) {
dboptions |= CL_DB_BYTECODE_STATS;
}
else if (!strcasecmp(opt->strarg, "pcre")) {
dboptions |= CL_DB_PCRE_STATS;
}
opt = opt->nextarg;
}
}
if((opt = optget(opts, "tempdir"))->enabled) {
if((ret = cl_engine_set_str(engine, CL_ENGINE_TMPDIR, opt->strarg))) {
logg("!cli_engine_set_str(CL_ENGINE_TMPDIR) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "database"))->active) {
while(opt) {
if((ret = cl_load(opt->strarg, engine, &info.sigs, dboptions))) {
logg("!%s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
opt = opt->nextarg;
}
} else {
char *dbdir = freshdbdir();
if((ret = cl_load(dbdir, engine, &info.sigs, dboptions))) {
logg("!%s\n", cl_strerror(ret));
free(dbdir);
cl_engine_free(engine);
return 2;
}
free(dbdir);
}
/* pcre engine limits - required for cl_engine_compile */
if ((opt = optget(opts, "pcre-match-limit"))->active) {
if ((ret = cl_engine_set_num(engine, CL_ENGINE_PCRE_MATCH_LIMIT, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_PCRE_MATCH_LIMIT) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if ((opt = optget(opts, "pcre-recmatch-limit"))->active) {
if ((ret = cl_engine_set_num(engine, CL_ENGINE_PCRE_RECMATCH_LIMIT, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_PCRE_RECMATCH_LIMIT) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((ret = cl_engine_compile(engine)) != 0) {
logg("!Database initialization error: %s\n", cl_strerror(ret));;
cl_engine_free(engine);
return 2;
}
if(optget(opts, "archive-verbose")->enabled) {
cl_engine_set_clcb_meta(engine, meta);
cl_engine_set_clcb_pre_cache(engine, pre);
cl_engine_set_clcb_post_scan(engine, post);
}
/* set limits */
if((opt = optget(opts, "max-scansize"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_SCANSIZE, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_SCANSIZE) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "max-filesize"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_FILESIZE, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_FILESIZE) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
#ifndef _WIN32
if(getrlimit(RLIMIT_FSIZE, &rlim) == 0) {
if(rlim.rlim_cur < (rlim_t) cl_engine_get_num(engine, CL_ENGINE_MAX_FILESIZE, NULL))
logg("^System limit for file size is lower than engine->maxfilesize\n");
if(rlim.rlim_cur < (rlim_t) cl_engine_get_num(engine, CL_ENGINE_MAX_SCANSIZE, NULL))
logg("^System limit for file size is lower than engine->maxscansize\n");
} else {
logg("^Cannot obtain resource limits for file size\n");
}
#endif
if((opt = optget(opts, "max-files"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_FILES, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_FILES) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "max-recursion"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_RECURSION, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_RECURSION) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
/* Engine max sizes */
if((opt = optget(opts, "max-embeddedpe"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_EMBEDDEDPE, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_EMBEDDEDPE) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "max-htmlnormalize"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_HTMLNORMALIZE, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_HTMLNORMALIZE) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "max-htmlnotags"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_HTMLNOTAGS, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_HTMLNOTAGS) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "max-scriptnormalize"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_SCRIPTNORMALIZE, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_SCRIPTNORMALIZE) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "max-ziptypercg"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_ZIPTYPERCG, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_ZIPTYPERCG) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "max-partitions"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_PARTITIONS, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_PARTITIONS) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "max-iconspe"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_ICONSPE, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_ICONSPE) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "max-rechwp3"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MAX_RECHWP3, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MAX_RECHWP3) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if ((opt = optget(opts, "timelimit"))->active) {
if ((ret = cl_engine_set_num(engine, CL_ENGINE_TIME_LIMIT, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_TIME_LIMIT) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if ((opt = optget(opts, "pcre-max-filesize"))->active) {
if ((ret = cl_engine_set_num(engine, CL_ENGINE_PCRE_MAX_FILESIZE, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_PCRE_MAX_FILESIZE) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
/* set scan options */
if(optget(opts, "allmatch")->enabled) {
options |= CL_SCAN_ALLMATCHES;
}
if(optget(opts,"phishing-ssl")->enabled)
options |= CL_SCAN_PHISHING_BLOCKSSL;
if(optget(opts,"phishing-cloak")->enabled)
options |= CL_SCAN_PHISHING_BLOCKCLOAK;
if(optget(opts,"partition-intersection")->enabled)
options |= CL_SCAN_PARTITION_INTXN;
if(optget(opts,"heuristic-scan-precedence")->enabled)
options |= CL_SCAN_HEURISTIC_PRECEDENCE;
if(optget(opts, "scan-archive")->enabled)
options |= CL_SCAN_ARCHIVE;
if(optget(opts, "detect-broken")->enabled)
options |= CL_SCAN_BLOCKBROKEN;
if(optget(opts, "block-encrypted")->enabled)
options |= CL_SCAN_BLOCKENCRYPTED;
if(optget(opts, "block-macros")->enabled)
options |= CL_SCAN_BLOCKMACROS;
if(optget(opts, "scan-pe")->enabled)
options |= CL_SCAN_PE;
if(optget(opts, "scan-elf")->enabled)
options |= CL_SCAN_ELF;
if(optget(opts, "scan-ole2")->enabled)
options |= CL_SCAN_OLE2;
if(optget(opts, "scan-pdf")->enabled)
options |= CL_SCAN_PDF;
if(optget(opts, "scan-swf")->enabled)
options |= CL_SCAN_SWF;
if(optget(opts, "scan-html")->enabled && optget(opts, "normalize")->enabled)
options |= CL_SCAN_HTML;
if(optget(opts, "scan-mail")->enabled)
options |= CL_SCAN_MAIL;
if(optget(opts, "scan-xmldocs")->enabled)
options |= CL_SCAN_XMLDOCS;
if(optget(opts, "scan-hwp3")->enabled)
options |= CL_SCAN_HWP3;
if(optget(opts, "algorithmic-detection")->enabled)
options |= CL_SCAN_ALGORITHMIC;
if(optget(opts, "block-max")->enabled) {
options |= CL_SCAN_BLOCKMAX;
}
#ifdef HAVE__INTERNAL__SHA_COLLECT
if(optget(opts, "dev-collect-hashes")->enabled)
options |= CL_SCAN_INTERNAL_COLLECT_SHA;
#endif
if(optget(opts, "dev-performance")->enabled)
options |= CL_SCAN_PERFORMANCE_INFO;
if(optget(opts, "detect-structured")->enabled) {
options |= CL_SCAN_STRUCTURED;
if((opt = optget(opts, "structured-ssn-format"))->enabled) {
switch(opt->numarg) {
case 0:
options |= CL_SCAN_STRUCTURED_SSN_NORMAL;
break;
case 1:
options |= CL_SCAN_STRUCTURED_SSN_STRIPPED;
break;
case 2:
options |= (CL_SCAN_STRUCTURED_SSN_NORMAL | CL_SCAN_STRUCTURED_SSN_STRIPPED);
break;
default:
logg("!Invalid argument for --structured-ssn-format\n");
return 2;
}
} else {
options |= CL_SCAN_STRUCTURED_SSN_NORMAL;
}
if((opt = optget(opts, "structured-ssn-count"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MIN_SSN_COUNT, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MIN_SSN_COUNT) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
if((opt = optget(opts, "structured-cc-count"))->active) {
if((ret = cl_engine_set_num(engine, CL_ENGINE_MIN_CC_COUNT, opt->numarg))) {
logg("!cli_engine_set_num(CL_ENGINE_MIN_CC_COUNT) failed: %s\n", cl_strerror(ret));
cl_engine_free(engine);
return 2;
}
}
} else {
options &= ~CL_SCAN_STRUCTURED;
}
#ifdef C_LINUX
procdev = (dev_t) 0;
if(CLAMSTAT("/proc", &sb) != -1 && !sb.st_size)
procdev = sb.st_dev;
#endif
#if HAVE_JSON
if (optget(opts, "gen-json")->enabled)
options |= CL_SCAN_FILE_PROPERTIES;
#endif
/* check filetype */
if(!opts->filename && !optget(opts, "file-list")->enabled) {
/* we need full path for some reasons (eg. archive handling) */
if(!getcwd(cwd, sizeof(cwd))) {
logg("!Can't get absolute pathname of current working directory\n");
ret = 2;
} else {
CLAMSTAT(cwd, &sb);
scandirs(cwd, engine, opts, options, 1, sb.st_dev);
}
} else if(opts->filename && !optget(opts, "file-list")->enabled && !strcmp(opts->filename[0], "-")) { /* read data from stdin */
ret = scanstdin(engine, opts, options);
} else {
if(opts->filename && optget(opts, "file-list")->enabled)
logg("^Only scanning files from --file-list (files passed at cmdline are ignored)\n");
while((filename = filelist(opts, &ret)) && (file = strdup(filename))) {
if(LSTAT(file, &sb) == -1) {
perror(file);
logg("^%s: Can't access file\n", file);
ret = 2;
} else {
for(i = strlen(file) - 1; i > 0; i--) {
if(file[i] == *PATHSEP)
file[i] = 0;
else
break;
}
if(S_ISLNK(sb.st_mode)) {
if(dirlnk == 0 && filelnk == 0) {
if(!printinfected)
logg("%s: Symbolic link\n", file);
} else if(CLAMSTAT(file, &sb) != -1) {
if(S_ISREG(sb.st_mode) && filelnk) {
scanfile(file, engine, opts, options);
} else if(S_ISDIR(sb.st_mode) && dirlnk) {
scandirs(file, engine, opts, options, 1, sb.st_dev);
} else {
if(!printinfected)
logg("%s: Symbolic link\n", file);
}
}
} else if(S_ISREG(sb.st_mode)) {
scanfile(file, engine, opts, options);
} else if(S_ISDIR(sb.st_mode)) {
scandirs(file, engine, opts, options, 1, sb.st_dev);
} else {
logg("^%s: Not supported file type\n", file);
ret = 2;
}
}
free(file);
}
}
if((opt = optget(opts, "statistics"))->enabled) {
while(opt) {
if (!strcasecmp(opt->strarg, "bytecode")) {
cli_sigperf_print();
cli_sigperf_events_destroy();
}
#if HAVE_PCRE
else if (!strcasecmp(opt->strarg, "pcre")) {
cli_pcre_perf_print();
cli_pcre_perf_events_destroy();
}
#endif
opt = opt->nextarg;
}
}
/* free the engine */
cl_engine_free(engine);
/* overwrite return code - infection takes priority */
if(info.ifiles)
ret = 1;
else if(info.errors)
ret = 2;
return ret;
}
int main(int argc, char **argv)
{
int fd, ret;
unsigned long int size = 0;
unsigned int sigs = 0;
long double mb;
const char *virname;
struct cl_engine *engine;
if(argc != 2) {
printf("Usage: %s file\n", argv[0]);
return 2;
}
if((fd = open(argv[1], O_RDONLY)) == -1) {
printf("Can't open file %s\n", argv[1]);
return 2;
}
if((ret = cl_init(CL_INIT_DEFAULT)) != CL_SUCCESS) {
printf("Can't initialize libclamav: %s\n", cl_strerror(ret));
return 2;
}
if(!(engine = cl_engine_new())) {
printf("Can't create new engine\n");
return 2;
}
/* load all available databases from default directory */
if((ret = cl_load(cl_retdbdir(), engine, &sigs, CL_DB_STDOPT)) != CL_SUCCESS) {
printf("cl_load: %s\n", cl_strerror(ret));
close(fd);
cl_engine_free(engine);
return 2;
}
printf("Loaded %u signatures.\n", sigs);
/* build engine */
if((ret = cl_engine_compile(engine)) != CL_SUCCESS) {
printf("Database initialization error: %s\n", cl_strerror(ret));;
cl_engine_free(engine);
close(fd);
return 2;
}
/* scan file descriptor */
if((ret = cl_scandesc(fd, &virname, &size, engine, CL_SCAN_STDOPT)) == CL_VIRUS) {
printf("Virus detected: %s\n", virname);
} else {
if(ret == CL_CLEAN) {
printf("No virus detected.\n");
} else {
printf("Error: %s\n", cl_strerror(ret));
cl_engine_free(engine);
close(fd);
return 2;
}
}
close(fd);
/* free memory */
cl_engine_free(engine);
/* calculate size of scanned data */
mb = size * (CL_COUNT_PRECISION / 1024) / 1024.0;
printf("Data scanned: %2.2Lf MB\n", mb);
return ret == CL_VIRUS ? 1 : 0;
}
int cli_cvdload(FILE *fs, struct cl_engine **engine, unsigned int *signo, short warn, unsigned int options)
{
char *dir;
struct cl_cvd cvd;
int ret;
time_t s_time;
int cfd;
cli_dbgmsg("in cli_cvdload()\n");
/* verify */
if((ret = cli_cvdverify(fs, &cvd)))
return ret;
if(cvd.stime && warn) {
time(&s_time);
if((int) s_time - cvd.stime > 604800) {
cli_warnmsg("**************************************************\n");
cli_warnmsg("*** The virus database is older than 7 days! ***\n");
cli_warnmsg("*** Please update it as soon as possible. ***\n");
cli_warnmsg("**************************************************\n");
}
}
if(cvd.fl > cl_retflevel()) {
cli_warnmsg("***********************************************************\n");
cli_warnmsg("*** This version of the ClamAV engine is outdated. ***\n");
cli_warnmsg("*** DON'T PANIC! Read http://www.clamav.net/support/faq ***\n");
cli_warnmsg("***********************************************************\n");
}
dir = cli_gentemp(NULL);
if(mkdir(dir, 0700)) {
cli_errmsg("cli_cvdload(): Can't create temporary directory %s\n", dir);
free(dir);
return CL_ETMPDIR;
}
cfd = fileno(fs);
/* use only operations on file descriptors, and not on the FILE* from here on
* if we seek the FILE*, the underlying descriptor may not seek as expected
* (for example on OpenBSD, cygwin, etc.).
* So seek the descriptor directly.
*/
if(lseek(cfd, 512, SEEK_SET) == -1) {
cli_errmsg("cli_cvdload(): lseek(fs, 512, SEEK_SET) failed\n");
return CL_EIO;
}
if(cli_untgz(cfd, dir)) {
cli_errmsg("cli_cvdload(): Can't unpack CVD file.\n");
free(dir);
return CL_ECVDEXTR;
}
/* load extracted directory */
ret = cl_load(dir, engine, signo, options);
cli_rmdirs(dir);
free(dir);
return ret;
}
// executive entrypoint
int main(int argc, char** argv) {
// init libclamav
if (cl_init(CL_INIT_DEFAULT) != CL_SUCCESS) {
printf("could not init clamAV.\n");
return 1;
}
// load virus db and compile the av engine
struct cl_engine* engine = cl_engine_new();
const char* db_dir = cl_retdbdir();
unsigned int signature_count = 0;
printf("loading from database at %s\n", db_dir);
if (cl_load(db_dir, engine, &signature_count, CL_DB_STDOPT) != CL_SUCCESS ||
cl_engine_compile(engine) != CL_SUCCESS) {
printf("failed to load db/compile AV engine.\n");
return 1;
}
printf("%d virus signatures loaded.\n", signature_count);
// create a socket to listen on
int s = socket(AF_INET, SOCK_STREAM, 0);
if (s == -1) {
printf("could not create socket. reason: %s\n", strerror(errno));
return 1;
}
// setup socket options such that the port can be reused quickly after
// program termination
struct sockaddr_in local_sockaddr;
local_sockaddr.sin_family = AF_INET;
local_sockaddr.sin_addr.s_addr = htonl(INADDR_ANY);
local_sockaddr.sin_port = htons(PROXY_PORT);
int one = 1;
if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) == -1) {
printf("could not set socket options. reason: %s\n", strerror(errno));
return 1;
}
// bind socket to the sockaddr_in structure
if (bind(s, (struct sockaddr*) &local_sockaddr,
sizeof(local_sockaddr)) == -1) {
printf("could not bind to socket. reason: %s\n", strerror(errno));
return 1;
}
// set socket to listening mode
if (listen(s, QUEUE_SIZE) == -1) {
printf("could not listen on socket. reason: %s\n", strerror(errno));
}
while (1) {
// wait for a TCP connection. the accept() function will block until the
// TCP handshake is complete.
struct sockaddr_in remote_sockaddr;
socklen_t address_len = sizeof(remote_sockaddr);
int client; // client socket
client = accept(s, (struct sockaddr*) &remote_sockaddr, &address_len);
if (client == -1) continue;
// setup thread parameters
pthread_t tid;
thread_params_t* params = (thread_params_t*)
malloc(sizeof(thread_params_t));
if (params == NULL) {
printf("error allocating memory.\n");
return 1;
}
params->socket_id = client;
params->cl_engine = engine;
// create the thread and pass the parameters over
if (pthread_create(&tid, NULL, proxy_thread, params) != 0) {
printf("error creating thread.\n");
return 1;
}
}
// free up scan engine (do this once you no longer need to scan files)
cl_engine_free(engine);
return 0;
}
int main(int argc, char** argv)
{
int err; // error code returned from api calls
float *cpu_xyz; //calculate the results on the CPU
float *gpu_xyz; //calculate the results on the GPU
unsigned int correct; // number of correct results returned
char* kernel_source; //kernel source code
cl_platform_id platform_id; // compute platform id
cl_device_id device_id; // compute device id
cl_context context; // compute context
cl_command_queue commands; // compute command queue
cl_program program; // compute program
cl_kernel kernel; // compute kernel code
//stuff were going to query
cl_int preferred_workgroup_size;
cl_int max_workgroup_size;
cl_mem cl_output; // device memory used for the output array
int i, j, k;
if(!cl_load("main.cl", &kernel_source))
{
printf("Your file didn't load.");
return 1;
}
int theta, phi, r;
for(i=0; i<V_THETA_MAX; i++)
{
theta = i*V_THETA_INC;
for(j=0; j<V_PHI_MAX; j++)
{
phi = j*V_PHI_INC;
for(k=0; k<V_R_MAX; k++)
{
r = k*V_R_INC;
}
}
}
//get the platform information. This corresponds to vendor implementations of opencl
cl_uint platforms;
err = clGetPlatformIDs(1, &platform_id, &platforms);
if(err != CL_SUCCESS)
{
printf("Error: Failed to query platform ids!\n");
return EXIT_FAILURE;
}
// Connect to a compute device. A GPU in this case.
//
cl_uint num_devices;
err = clGetDeviceIDs(platform_id, CL_DEVICE_TYPE_GPU, 1, &device_id, &num_devices);
if (err != CL_SUCCESS)
{
printf("Error: Failed to create a device group!\n");
return EXIT_FAILURE;
}
// Create a compute context. A handle to the combination of platform and device.
//
context = clCreateContext(0, 1, &device_id, NULL, NULL, &err);
if (!context)
{
printf("Error: Failed to create a compute context!\n");
return EXIT_FAILURE;
}
// Create a command queue. We will use this to send work to the CPU.
//
commands = clCreateCommandQueue(context, device_id, 0, &err);
if (!commands)
{
printf("Error: Failed to create a command commands!\n");
return EXIT_FAILURE;
}
// create a program, given the loaded source code.
//
program = clCreateProgramWithSource(context, 1, (const char **) &kernel_source, NULL, &err);
if (!program)
{
printf("Error: Failed to create compute program!\n");
return EXIT_FAILURE;
}
// Compile the program executable
//
err = clBuildProgram(program, 0, NULL, NULL, NULL, NULL);
if (err != CL_SUCCESS)
{
size_t len;
char buffer[2048];
printf("Error: Failed to build program executable!\n");
clGetProgramBuildInfo(program, device_id, CL_PROGRAM_BUILD_LOG, sizeof(buffer), buffer, &len);
printf("%s\n", buffer);
exit(1);
}
// create (select) a kernel function from the compiled program
//
kernel = clCreateKernel(program, "square", &err);
if (!kernel || err != CL_SUCCESS)
{
printf("Error: Failed to create compute kernel!\n");
exit(1);
}
// Get the preferred workgroup size multiple
//
err = clGetKernelWorkGroupInfo(kernel, device_id, CL_KERNEL_PREFERRED_WORK_GROUP_SIZE_MULTIPLE, sizeof(preferred_workgroup_size), &preferred_workgroup_size, NULL);
if (err != CL_SUCCESS)
{
printf("Error: Failed to retrieve kernel work group info! %d\n", err);
exit(1);
}
// Get the preferred workgroup size
//
err = clGetKernelWorkGroupInfo(kernel, device_id, CL_DEVICE_MAX_WORK_GROUP_SIZE, sizeof(max_workgroup_size), &max_workgroup_size, NULL);
if (err != CL_SUCCESS)
{
printf("Error: Failed to retrieve kernel work group info! %d\n", err);
exit(1);
}
// Create the output array in device memory for our calculation
//
output = clCreateBuffer(context, CL_MEM_WRITE_ONLY, sizeof(float) * count, NULL, NULL);
if (!input || !output)
{
printf("Error: Failed to allocate device memory!\n");
exit(1);
}
// Write our data set into the input array in device memory
//
err = clEnqueueWriteBuffer(commands, input, CL_TRUE, 0, sizeof(float) * count, data, 0, NULL, NULL);
if (err != CL_SUCCESS)
{
printf("Error: Failed to write to source array!\n");
exit(1);
}
// Set the arguments to our compute kernel
//
err = 0;
err = clSetKernelArg(kernel, 0, sizeof(cl_mem), &input);
err |= clSetKernelArg(kernel, 1, sizeof(cl_mem), &output);
err |= clSetKernelArg(kernel, 2, sizeof(unsigned int), &count);
if (err != CL_SUCCESS)
{
printf("Error: Failed to set kernel arguments! %d\n", err);
exit(1);
}
// Execute the kernel over the entire range of our 1d input data set
// using the maximum number of work group items for this device
//
// global = count;
global = local;
err = clEnqueueNDRangeKernel(commands, kernel, 1, NULL, &global, &local, 0, NULL, NULL);
if (err)
{
printf("Error: Failed to execute kernel!\n");
return EXIT_FAILURE;
}
// Wait for the command commands to get serviced before reading back results
//
clFinish(commands);
// Read back the results from the device to verify the output
//
err = clEnqueueReadBuffer( commands, output, CL_TRUE, 0, sizeof(float) * count, results, 0, NULL, NULL );
if (err != CL_SUCCESS)
{
printf("Error: Failed to read output array! %d\n", err);
exit(1);
}
// Validate our results
//
correct = 0;
for(i = 0; i < count; i++)
{
if((results[i]) == data[i] * data[i])
correct++;
}
// Print a brief summary detailing the results
//
printf("Computed '%d/%d' correct values!\n", correct, count);
// Shutdown and cleanup
//
clReleaseMemObject(input);
clReleaseMemObject(output);
clReleaseProgram(program);
clReleaseKernel(kernel);
clReleaseCommandQueue(commands);
clReleaseContext(context);
return 0;
}
int main(int argc, char **argv)
{
const struct optstruct *opt;
#ifndef C_WINDOWS
struct passwd *user = NULL;
#endif
time_t currtime;
const char *dbdir, *cfgfile;
char *pua_cats = NULL, *pt;
int ret, tcpsock = 0, localsock = 0, i, min_port, max_port;
unsigned int sigs = 0;
int lsockets[2], nlsockets = 0;
unsigned int dboptions = 0;
#ifdef C_LINUX
struct stat sb;
#endif
#ifdef C_WINDOWS
if(!pthread_win32_process_attach_np()) {
mprintf("!Can't start the win32 pthreads layer\n");
return 1;
}
#endif
if((opts = optparse(NULL, argc, argv, 1, OPT_CLAMD, 0, NULL)) == NULL) {
mprintf("!Can't parse command line options\n");
return 1;
}
if(optget(opts, "help")->enabled) {
help();
optfree(opts);
return 0;
}
if(optget(opts, "debug")->enabled) {
#if defined(C_LINUX)
/* [email protected]: create a dump if needed */
struct rlimit rlim;
rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
if(setrlimit(RLIMIT_CORE, &rlim) < 0)
perror("setrlimit");
#endif
debug_mode = 1;
}
/* parse the config file */
cfgfile = optget(opts, "config-file")->strarg;
pt = strdup(cfgfile);
if((opts = optparse(cfgfile, 0, NULL, 1, OPT_CLAMD, 0, opts)) == NULL) {
fprintf(stderr, "ERROR: Can't open/parse the config file %s\n", pt);
free(pt);
return 1;
}
free(pt);
if(optget(opts, "version")->enabled) {
print_version(optget(opts, "DatabaseDirectory")->strarg);
optfree(opts);
return 0;
}
umask(0);
/* drop privileges */
#if (!defined(C_OS2)) && (!defined(C_WINDOWS))
if(geteuid() == 0 && (opt = optget(opts, "User"))->enabled) {
if((user = getpwnam(opt->strarg)) == NULL) {
fprintf(stderr, "ERROR: Can't get information about user %s.\n", opt->strarg);
optfree(opts);
return 1;
}
if(optget(opts, "AllowSupplementaryGroups")->enabled) {
#ifdef HAVE_INITGROUPS
if(initgroups(opt->strarg, user->pw_gid)) {
fprintf(stderr, "ERROR: initgroups() failed.\n");
optfree(opts);
return 1;
}
#else
mprintf("!AllowSupplementaryGroups: initgroups() is not available, please disable AllowSupplementaryGroups in %s\n", cfgfile);
optfree(opts);
return 1;
#endif
} else {
#ifdef HAVE_SETGROUPS
if(setgroups(1, &user->pw_gid)) {
fprintf(stderr, "ERROR: setgroups() failed.\n");
optfree(opts);
return 1;
}
#endif
}
if(setgid(user->pw_gid)) {
fprintf(stderr, "ERROR: setgid(%d) failed.\n", (int) user->pw_gid);
optfree(opts);
return 1;
}
if(setuid(user->pw_uid)) {
fprintf(stderr, "ERROR: setuid(%d) failed.\n", (int) user->pw_uid);
optfree(opts);
return 1;
}
}
#endif
/* initialize logger */
logg_lock = !optget(opts, "LogFileUnlock")->enabled;
logg_time = optget(opts, "LogTime")->enabled;
logok = optget(opts, "LogClean")->enabled;
logg_size = optget(opts, "LogFileMaxSize")->numarg;
logg_verbose = mprintf_verbose = optget(opts, "LogVerbose")->enabled;
mprintf_send_timeout = optget(opts, "SendBufTimeout")->numarg;
do { /* logger initialized */
if((opt = optget(opts, "LogFile"))->enabled) {
char timestr[32];
logg_file = opt->strarg;
if(strlen(logg_file) < 2 || (logg_file[0] != '/' && logg_file[0] != '\\' && logg_file[1] != ':')) {
fprintf(stderr, "ERROR: LogFile requires full path.\n");
ret = 1;
break;
}
time(&currtime);
if(logg("#+++ Started at %s", cli_ctime(&currtime, timestr, sizeof(timestr)))) {
fprintf(stderr, "ERROR: Can't initialize the internal logger\n");
ret = 1;
break;
}
} else
logg_file = NULL;
if((ret = cl_init(CL_INIT_DEFAULT))) {
logg("!Can't initialize libclamav: %s\n", cl_strerror(ret));
ret = 1;
break;
}
if(optget(opts, "Debug")->enabled) /* enable debug messages in libclamav */ {
cl_debug();
logg_verbose = 2;
}
#if defined(USE_SYSLOG) && !defined(C_AIX)
if(optget(opts, "LogSyslog")->enabled) {
int fac = LOG_LOCAL6;
opt = optget(opts, "LogFacility");
if((fac = logg_facility(opt->strarg)) == -1) {
logg("!LogFacility: %s: No such facility.\n", opt->strarg);
ret = 1;
break;
}
openlog("clamd", LOG_PID, fac);
logg_syslog = 1;
}
#endif
#ifdef C_LINUX
procdev = 0;
if(stat("/proc", &sb) != -1 && !sb.st_size)
procdev = sb.st_dev;
#endif
/* check socket type */
if(optget(opts, "TCPSocket")->enabled)
tcpsock = 1;
if(optget(opts, "LocalSocket")->enabled)
localsock = 1;
if(!tcpsock && !localsock) {
logg("!Please define server type (local and/or TCP).\n");
ret = 1;
break;
}
logg("#clamd daemon %s (OS: "TARGET_OS_TYPE", ARCH: "TARGET_ARCH_TYPE", CPU: "TARGET_CPU_TYPE")\n", get_version());
#ifndef C_WINDOWS
if(user)
logg("#Running as user %s (UID %u, GID %u)\n", user->pw_name, user->pw_uid, user->pw_gid);
#endif
if(logg_size)
logg("#Log file size limited to %d bytes.\n", logg_size);
else
logg("#Log file size limit disabled.\n");
min_port = optget(opts, "StreamMinPort")->numarg;
max_port = optget(opts, "StreamMaxPort")->numarg;
if (min_port < 1024 || min_port > max_port || max_port > 65535) {
logg("!Invalid StreamMinPort/StreamMaxPort: %d, %d\n", min_port, max_port);
ret = 1;
break;
}
if(!(engine = cl_engine_new())) {
logg("!Can't initialize antivirus engine\n");
ret = 1;
break;
}
/* load the database(s) */
dbdir = optget(opts, "DatabaseDirectory")->strarg;
logg("#Reading databases from %s\n", dbdir);
if(optget(opts, "DetectPUA")->enabled) {
dboptions |= CL_DB_PUA;
if((opt = optget(opts, "ExcludePUA"))->enabled) {
dboptions |= CL_DB_PUA_EXCLUDE;
i = 0;
logg("#Excluded PUA categories:");
while(opt) {
if(!(pua_cats = realloc(pua_cats, i + strlen(opt->strarg) + 3))) {
logg("!Can't allocate memory for pua_cats\n");
cl_engine_free(engine);
ret = 1;
break;
}
logg("# %s", opt->strarg);
sprintf(pua_cats + i, ".%s", opt->strarg);
i += strlen(opt->strarg) + 1;
pua_cats[i] = 0;
opt = opt->nextarg;
}
if (ret)
break;
logg("#\n");
pua_cats[i] = '.';
pua_cats[i + 1] = 0;
}
if((opt = optget(opts, "IncludePUA"))->enabled) {
if(pua_cats) {
logg("!ExcludePUA and IncludePUA cannot be used at the same time\n");
free(pua_cats);
ret = 1;
break;
}
dboptions |= CL_DB_PUA_INCLUDE;
i = 0;
logg("#Included PUA categories:");
while(opt) {
if(!(pua_cats = realloc(pua_cats, i + strlen(opt->strarg) + 3))) {
logg("!Can't allocate memory for pua_cats\n");
ret = 1;
break;
}
logg("# %s", opt->strarg);
sprintf(pua_cats + i, ".%s", opt->strarg);
i += strlen(opt->strarg) + 1;
pua_cats[i] = 0;
opt = opt->nextarg;
}
if (ret)
break;
logg("#\n");
pua_cats[i] = '.';
pua_cats[i + 1] = 0;
}
if(pua_cats) {
if((ret = cl_engine_set_str(engine, CL_ENGINE_PUA_CATEGORIES, pua_cats))) {
logg("!cli_engine_set_str(CL_ENGINE_PUA_CATEGORIES) failed: %s\n", cl_strerror(ret));
free(pua_cats);
ret = 1;
break;
}
free(pua_cats);
}
} else {
logg("#Not loading PUA signatures.\n");
}
/* set the temporary dir */
if((opt = optget(opts, "TemporaryDirectory"))->enabled) {
if((ret = cl_engine_set_str(engine, CL_ENGINE_TMPDIR, opt->strarg))) {
logg("!cli_engine_set_str(CL_ENGINE_TMPDIR) failed: %s\n", cl_strerror(ret));
ret = 1;
break;
}
}
if(optget(opts, "LeaveTemporaryFiles")->enabled)
cl_engine_set_num(engine, CL_ENGINE_KEEPTMP, 1);
if(optget(opts, "PhishingSignatures")->enabled)
dboptions |= CL_DB_PHISHING;
else
logg("#Not loading phishing signatures.\n");
if(optget(opts,"PhishingScanURLs")->enabled)
dboptions |= CL_DB_PHISHING_URLS;
else
logg("#Disabling URL based phishing detection.\n");
if(optget(opts,"DevACOnly")->enabled) {
logg("#Only using the A-C matcher.\n");
cl_engine_set_num(engine, CL_ENGINE_AC_ONLY, 1);
}
if((opt = optget(opts, "DevACDepth"))->enabled) {
cl_engine_set_num(engine, CL_ENGINE_AC_MAXDEPTH, opt->numarg);
logg("#Max A-C depth set to %u\n", (unsigned int) opt->numarg);
}
if((ret = cl_load(dbdir, engine, &sigs, dboptions))) {
logg("!%s\n", cl_strerror(ret));
ret = 1;
break;
}
logg("#Loaded %u signatures.\n", sigs);
if((ret = cl_engine_compile(engine)) != 0) {
logg("!Database initialization error: %s\n", cl_strerror(ret));
ret = 1;
break;
}
if(tcpsock) {
#ifdef C_WINDOWS
WSADATA wsaData;
if(WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR) {
logg("!Error at WSAStartup(): %d\n", WSAGetLastError());
ret = 1;
break;
}
#endif
if ((lsockets[nlsockets] = tcpserver(opts)) == -1) {
ret = 1;
break;
}
nlsockets++;
}
if(localsock) {
if ((lsockets[nlsockets] = localserver(opts)) == -1) {
ret = 1;
break;
}
nlsockets++;
}
/* fork into background */
if(!optget(opts, "Foreground")->enabled) {
#ifdef C_BSD
/* workaround for OpenBSD bug, see https://wwws.clamav.net/bugzilla/show_bug.cgi?id=885 */
for(ret=0;ret<nlsockets;ret++) {
fcntl(lsockets[ret], F_SETFL, fcntl(lsockets[ret], F_GETFL) | O_NONBLOCK);
}
#endif
if(daemonize() == -1) {
logg("!daemonize() failed\n");
ret = 1;
break;
}
#ifdef C_BSD
for(ret=0;ret<nlsockets;ret++) {
fcntl(lsockets[ret], F_SETFL, fcntl(lsockets[ret], F_GETFL) & ~O_NONBLOCK);
}
#endif
if(!debug_mode)
if(chdir("/") == -1)
logg("^Can't change current working directory to root\n");
} else
foreground = 1;
ret = recvloop_th(lsockets, nlsockets, engine, dboptions, opts);
} while (0);
logg("*Closing the main socket%s.\n", (nlsockets > 1) ? "s" : "");
for (i = 0; i < nlsockets; i++) {
closesocket(lsockets[i]);
}
#ifndef C_OS2
if(nlsockets && localsock) {
opt = optget(opts, "LocalSocket");
if(unlink(opt->strarg) == -1)
logg("!Can't unlink the socket file %s\n", opt->strarg);
else
logg("Socket file removed.\n");
}
#endif
#ifdef C_WINDOWS
if(tcpsock)
WSACleanup();
if(!pthread_win32_process_detach_np()) {
logg("!Can't stop the win32 pthreads layer\n");
logg_close();
optfree(opts);
return 1;
}
#endif
logg_close();
optfree(opts);
return ret;
}
