static float wpatch_distance(float *x, float *y, int w, int h, int pd,
int i, int j, float W)
{
int nW = winpatch_length(pd, W);
float px[nW], py[nW];
getpatch(px, x, w, h, pd, i, j, W);
getpatch(py, y, w, h, pd, i, j, W);
return patchdistance(px, py, nW);
}
static int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, const struct optstruct *opts, const char *dnsreply, char *localip, int outdated, struct mirdat *mdat, int logerr)
{
struct cl_cvd *current, *remote;
const struct optstruct *opt;
unsigned int nodb = 0, currver = 0, newver = 0, port = 0, i, j;
int ret, ims = -1;
char *pt, cvdfile[32], localname[32], *tmpdir = NULL, *newfile, newdb[32], cwd[512];
const char *proxy = NULL, *user = NULL, *pass = NULL, *uas = NULL;
unsigned int flevel = cl_retflevel(), remote_flevel = 0, maxattempts;
unsigned int can_whitelist = 0;
int ctimeout, rtimeout;
snprintf(cvdfile, sizeof(cvdfile), "%s.cvd", dbname);
if(!(current = currentdb(dbname, localname))) {
nodb = 1;
} else {
mdat->dbflevel = current->fl;
}
if(!nodb && dnsreply) {
int field = 0;
if(!strcmp(dbname, "main")) {
field = 1;
} else if(!strcmp(dbname, "daily")) {
field = 2;
} else if(!strcmp(dbname, "safebrowsing")) {
field = 6;
} else {
logg("!updatedb: Unknown database name (%s) passed.\n", dbname);
cl_cvdfree(current);
return 70;
}
if(field && (pt = cli_strtok(dnsreply, field, ":"))) {
if(!cli_isnumber(pt)) {
logg("^Broken database version in TXT record.\n");
} else {
newver = atoi(pt);
logg("*%s version from DNS: %d\n", cvdfile, newver);
}
free(pt);
} else {
logg("^Invalid DNS reply. Falling back to HTTP mode.\n");
}
}
if(dnsreply) {
if((pt = cli_strtok(dnsreply, 5, ":"))) {
remote_flevel = atoi(pt);
free(pt);
if(remote_flevel && (remote_flevel - flevel < 4))
can_whitelist = 1;
}
}
/* Initialize proxy settings */
if((opt = optget(opts, "HTTPProxyServer"))->enabled) {
proxy = opt->strarg;
if(strncasecmp(proxy, "http://", 7) == 0)
proxy += 7;
if((opt = optget(opts, "HTTPProxyUsername"))->enabled) {
user = opt->strarg;
if((opt = optget(opts, "HTTPProxyPassword"))->enabled) {
pass = opt->strarg;
} else {
logg("HTTPProxyUsername requires HTTPProxyPassword\n");
if(current)
cl_cvdfree(current);
return 56;
}
}
if((opt = optget(opts, "HTTPProxyPort"))->enabled)
port = opt->numarg;
logg("Connecting via %s\n", proxy);
}
if((opt = optget(opts, "HTTPUserAgent"))->enabled)
uas = opt->strarg;
ctimeout = optget(opts, "ConnectTimeout")->numarg;
rtimeout = optget(opts, "ReceiveTimeout")->numarg;
if(!nodb && !newver) {
remote = remote_cvdhead(cvdfile, localname, hostname, ip, localip, proxy, port, user, pass, uas, &ims, ctimeout, rtimeout, mdat, logerr, can_whitelist);
if(!nodb && !ims) {
logg("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);
*signo += current->sigs;
cl_cvdfree(current);
return 1;
}
if(!remote) {
logg("^Can't read %s header from %s (IP: %s)\n", cvdfile, hostname, ip);
cl_cvdfree(current);
return 58;
}
newver = remote->version;
cl_cvdfree(remote);
}
if(!nodb && (current->version >= newver)) {
logg("%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)\n", localname, current->version, current->sigs, current->fl, current->builder);
if(!outdated && flevel < current->fl) {
/* display warning even for already installed database */
logg("^Current functionality level = %d, recommended = %d\n", flevel, current->fl);
logg("Please check if ClamAV tools are linked against the proper version of libclamav\n");
logg("DON'T PANIC! Read http://www.clamav.net/support/faq\n");
}
*signo += current->sigs;
cl_cvdfree(current);
return 1;
}
if(current) {
currver = current->version;
cl_cvdfree(current);
}
/*
if(ipaddr[0]) {
hostfd = wwwconnect(ipaddr, proxy, port, NULL, localip);
} else {
hostfd = wwwconnect(hostname, proxy, port, ipaddr, localip);
if(!ip[0])
strcpy(ip, ipaddr);
}
if(hostfd < 0) {
if(ipaddr[0])
logg("Connection with %s (IP: %s) failed.\n", hostname, ipaddr);
else
logg("Connection with %s failed.\n", hostname);
return 52;
};
*/
if(!optget(opts, "ScriptedUpdates")->enabled)
nodb = 1;
if(!getcwd(cwd, sizeof(cwd))) {
logg("!updatedb: Can't get path of current working directory\n");
return 50; /* FIXME */
}
newfile = cli_gentemp(cwd);
if(nodb) {
ret = getcvd(cvdfile, newfile, hostname, ip, localip, proxy, port, user, pass, uas, newver, ctimeout, rtimeout, mdat, logerr, can_whitelist);
if(ret) {
memset(ip, 0, 16);
free(newfile);
return ret;
}
snprintf(newdb, sizeof(newdb), "%s.cvd", dbname);
} else {
ret = 0;
tmpdir = cli_gentemp(".");
maxattempts = optget(opts, "MaxAttempts")->numarg;
for(i = currver + 1; i <= newver; i++) {
for(j = 0; j < maxattempts; j++) {
int llogerr = logerr;
if(logerr)
llogerr = (j == maxattempts - 1);
ret = getpatch(dbname, tmpdir, i, hostname, ip, localip, proxy, port, user, pass, uas, ctimeout, rtimeout, mdat, llogerr, can_whitelist);
if(ret == 52 || ret == 58) {
memset(ip, 0, 16);
continue;
} else {
break;
}
}
if(ret)
break;
}
if(ret) {
cli_rmdirs(tmpdir);
free(tmpdir);
logg("^Incremental update failed, trying to download %s\n", cvdfile);
mirman_whitelist(mdat, 2);
ret = getcvd(cvdfile, newfile, hostname, ip, localip, proxy, port, user, pass, uas, newver, ctimeout, rtimeout, mdat, logerr, can_whitelist);
if(ret) {
free(newfile);
return ret;
}
snprintf(newdb, sizeof(newdb), "%s.cvd", dbname);
} else {
if(buildcld(tmpdir, dbname, newfile, optget(opts, "CompressLocalDatabase")->enabled) == -1) {
logg("!Can't create local database\n");
cli_rmdirs(tmpdir);
free(tmpdir);
free(newfile);
return 70; /* FIXME */
}
snprintf(newdb, sizeof(newdb), "%s.cld", dbname);
cli_rmdirs(tmpdir);
free(tmpdir);
}
}
if(!(current = cl_cvdhead(newfile))) {
logg("!Can't parse new database %s\n", newfile);
unlink(newfile);
free(newfile);
return 55; /* FIXME */
}
if(!nodb && !access(localname, R_OK) && unlink(localname)) {
logg("!Can't unlink %s. Please fix it and try again.\n", localname);
unlink(newfile);
free(newfile);
return 53;
}
#ifdef C_WINDOWS
if(!access(newdb, R_OK) && unlink(newdb)) {
logg("!Can't unlink %s. Please fix the problem manually and try again.\n", newdb);
unlink(newfile);
free(newfile);
return 53;
}
#endif
if(rename(newfile, newdb) == -1) {
logg("!Can't rename %s to %s: %s\n", newfile, newdb, strerror(errno));
unlink(newfile);
free(newfile);
return 57;
}
free(newfile);
logg("%s updated (version: %d, sigs: %d, f-level: %d, builder: %s)\n", newdb, current->version, current->sigs, current->fl, current->builder);
if(flevel < current->fl) {
logg("Your ClamAV installation is out of date.\n");
logg("Current functionality level = %d, recommended = %d\n", flevel, current->fl);
logg("A firmware upgrade might resolve this issue.\n");
logg("Also read http://sgkb.securecomputing.com/article.asp?article=11282&p=2\n");
}
*signo += current->sigs;
cl_cvdfree(current);
return 0;
}
