- Remove wrong patch added on last commit
This commit is contained in:
Renato Botelho
parent
4055e65cd4
commit
d6a49fddec
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=231546
@ -1,372 +0,0 @@
|
||||
Index: clamav-milter/Makefile.in
|
||||
===================================================================
|
||||
--- clamav-milter/Makefile.in (revision 4964)
|
||||
+++ clamav-milter/Makefile.in (working copy)
|
||||
@@ -58,10 +58,11 @@
|
||||
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||
am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
|
||||
$(top_srcdir)/m4/argz.m4 $(top_srcdir)/m4/fdpassing.m4 \
|
||||
- $(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
|
||||
- $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltdl.m4 \
|
||||
- $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
|
||||
- $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
|
||||
+ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
|
||||
+ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
|
||||
+ $(top_srcdir)/m4/ltdl.m4 $(top_srcdir)/m4/ltoptions.m4 \
|
||||
+ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
|
||||
+ $(top_srcdir)/m4/lt~obsolete.m4 \
|
||||
$(top_srcdir)/m4/mmap_private.m4 $(top_srcdir)/m4/resolv.m4 \
|
||||
$(top_srcdir)/configure.in
|
||||
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||
Index: clamav-milter/netcode.c
|
||||
===================================================================
|
||||
--- clamav-milter/netcode.c (revision 4964)
|
||||
+++ clamav-milter/netcode.c (working copy)
|
||||
@@ -129,7 +129,7 @@
|
||||
close(s);
|
||||
return -1;
|
||||
}
|
||||
- if (getsockopt(s, SOL_SOCKET, SO_ERROR, &s_err, &s_len) || s_err) {
|
||||
+ if(getsockopt(s, SOL_SOCKET, SO_ERROR, &s_err, &s_len) || s_err) {
|
||||
logg("*Failed to establish a connection to clamd\n");
|
||||
close(s);
|
||||
return -1;
|
||||
@@ -163,8 +163,6 @@
|
||||
tv.tv_usec = 0;
|
||||
while(1) {
|
||||
fd_set fds;
|
||||
- int s_err;
|
||||
- socklen_t s_len = sizeof(s_err);
|
||||
|
||||
FD_ZERO(&fds);
|
||||
FD_SET(s, &fds);
|
||||
@@ -177,12 +175,10 @@
|
||||
tv.tv_usec = 0;
|
||||
continue;
|
||||
}
|
||||
- logg("!Failed stream to clamd\n");
|
||||
+ logg("!Failed to stream to clamd\n");
|
||||
close(s);
|
||||
return 1;
|
||||
}
|
||||
- len-=s_len;
|
||||
- buf+=s_len;
|
||||
break;
|
||||
}
|
||||
}
|
||||
Index: clamav-milter/whitelist.h
|
||||
===================================================================
|
||||
--- clamav-milter/whitelist.h (revision 4964)
|
||||
+++ clamav-milter/whitelist.h (working copy)
|
||||
@@ -24,4 +24,6 @@
|
||||
int whitelist_init(const char *fname);
|
||||
void whitelist_free(void);
|
||||
int whitelisted(const char *addr, int from);
|
||||
+int smtpauth_init(const char *r);
|
||||
+int smtpauthed(const char *login);
|
||||
#endif
|
||||
Index: clamav-milter/clamfi.c
|
||||
===================================================================
|
||||
--- clamav-milter/clamfi.c (revision 4964)
|
||||
+++ clamav-milter/clamfi.c (working copy)
|
||||
@@ -61,6 +61,7 @@
|
||||
} loginfected;
|
||||
|
||||
#define CLAMFIBUFSZ 1424
|
||||
+static const char *HDR_UNAVAIL = "UNKNOWN";
|
||||
|
||||
struct CLAMFI {
|
||||
char buffer[CLAMFIBUFSZ];
|
||||
@@ -74,6 +75,7 @@
|
||||
unsigned int totsz;
|
||||
unsigned int bufsz;
|
||||
unsigned int all_whitelisted;
|
||||
+ unsigned int gotbody;
|
||||
};
|
||||
|
||||
|
||||
@@ -91,12 +93,15 @@
|
||||
};
|
||||
|
||||
|
||||
-void makesanehdr(char *hdr) {
|
||||
+static const char *makesanehdr(char *hdr) {
|
||||
+ char *ret = hdr;
|
||||
+ if(!hdr) return HDR_UNAVAIL;
|
||||
while(*hdr) {
|
||||
if(*hdr=='\'' || *hdr=='\t' || *hdr=='\r' || *hdr=='\n' || !isprint(*hdr))
|
||||
*hdr = ' ';
|
||||
hdr++;
|
||||
}
|
||||
+ return ret;
|
||||
}
|
||||
|
||||
static void nullify(SMFICTX *ctx, struct CLAMFI *cf, enum CFWHAT closewhat) {
|
||||
@@ -113,9 +118,22 @@
|
||||
|
||||
|
||||
static sfsistat sendchunk(struct CLAMFI *cf, unsigned char *bodyp, size_t len, SMFICTX *ctx) {
|
||||
- if(cf->totsz >= maxfilesize)
|
||||
+ if(cf->totsz >= maxfilesize || len == 0)
|
||||
return SMFIS_CONTINUE;
|
||||
|
||||
+ if(!cf->totsz) {
|
||||
+ sfsistat ret;
|
||||
+ if(nc_connect_rand(&cf->main, &cf->alt, &cf->local)) {
|
||||
+ logg("!Failed to initiate streaming/fdpassing\n");
|
||||
+ nullify(ctx, cf, CF_NONE);
|
||||
+ return FailAction;
|
||||
+ }
|
||||
+ cf->totsz = 1; /* do not infloop */
|
||||
+ if((ret = sendchunk(cf, (unsigned char *)"From clamav-milter\n", 19, ctx)) != SMFIS_CONTINUE)
|
||||
+ return ret;
|
||||
+ cf->totsz -= 1;
|
||||
+ }
|
||||
+
|
||||
if(cf->totsz + len > maxfilesize)
|
||||
len = maxfilesize - cf->totsz;
|
||||
|
||||
@@ -166,35 +184,28 @@
|
||||
if(!(cf = (struct CLAMFI *)smfi_getpriv(ctx)))
|
||||
return SMFIS_CONTINUE; /* whatever */
|
||||
|
||||
- if(loginfected == LOGINF_FULL) {
|
||||
- if(headerf && !strcasecmp(headerf, "Subject") && !cf->msg_subj)
|
||||
- cf->msg_subj = strdup(headerv);
|
||||
- if(headerf && !strcasecmp(headerf, "Date") && !cf->msg_date)
|
||||
- cf->msg_date = strdup(headerv);
|
||||
- if(headerf && !strcasecmp(headerf, "Message-ID") && !cf->msg_id)
|
||||
- cf->msg_id = strdup(headerv);
|
||||
+ if(!cf->totsz && cf->all_whitelisted) {
|
||||
+ logg("*Skipping scan (all destinations whitelisted)\n");
|
||||
+ nullify(ctx, cf, CF_NONE);
|
||||
+ return SMFIS_ACCEPT;
|
||||
}
|
||||
|
||||
- if(!cf->totsz) {
|
||||
- if(cf->all_whitelisted) {
|
||||
- logg("*Skipping scan (all destinations whitelisted)\n");
|
||||
- nullify(ctx, cf, CF_NONE);
|
||||
- return SMFIS_ACCEPT;
|
||||
- }
|
||||
- if(nc_connect_rand(&cf->main, &cf->alt, &cf->local)) {
|
||||
- logg("!Failed to initiate streaming/fdpassing\n");
|
||||
- nullify(ctx, cf, CF_NONE);
|
||||
- return FailAction;
|
||||
- }
|
||||
- if((ret = sendchunk(cf, (unsigned char *)"From clamav-milter\n", 19, ctx)) != SMFIS_CONTINUE)
|
||||
- return ret;
|
||||
+ if(!headerf) return SMFIS_CONTINUE; /* just in case */
|
||||
+
|
||||
+ if(loginfected == LOGINF_FULL) {
|
||||
+ if(!cf->msg_subj && !strcasecmp(headerf, "Subject"))
|
||||
+ cf->msg_subj = strdup(headerv ? headerv : "");
|
||||
+ if(!cf->msg_date && !strcasecmp(headerf, "Date"))
|
||||
+ cf->msg_date = strdup(headerv ? headerv : "");
|
||||
+ if(!cf->msg_id && !strcasecmp(headerf, "Message-ID"))
|
||||
+ cf->msg_id = strdup(headerv ? headerv : "");
|
||||
}
|
||||
|
||||
if((ret = sendchunk(cf, (unsigned char *)headerf, strlen(headerf), ctx)) != SMFIS_CONTINUE)
|
||||
return ret;
|
||||
if((ret = sendchunk(cf, (unsigned char *)": ", 2, ctx)) != SMFIS_CONTINUE)
|
||||
return ret;
|
||||
- if((ret = sendchunk(cf, (unsigned char *)headerv, strlen(headerv), ctx)) != SMFIS_CONTINUE)
|
||||
+ if(headerv && (ret = sendchunk(cf, (unsigned char *)headerv, strlen(headerv), ctx)) != SMFIS_CONTINUE)
|
||||
return ret;
|
||||
return sendchunk(cf, (unsigned char *)"\r\n", 2, ctx);
|
||||
}
|
||||
@@ -205,6 +216,14 @@
|
||||
|
||||
if(!(cf = (struct CLAMFI *)smfi_getpriv(ctx)))
|
||||
return SMFIS_CONTINUE; /* whatever */
|
||||
+
|
||||
+ if(!cf->gotbody) {
|
||||
+ sfsistat ret = sendchunk(cf, (unsigned char *)"\r\n", 2, ctx);
|
||||
+ if(ret != SMFIS_CONTINUE)
|
||||
+ return ret;
|
||||
+ cf->gotbody = 1;
|
||||
+ }
|
||||
+
|
||||
return sendchunk(cf, bodyp, len, ctx);
|
||||
}
|
||||
|
||||
@@ -225,6 +244,14 @@
|
||||
if(!(cf = (struct CLAMFI *)smfi_getpriv(ctx)))
|
||||
return SMFIS_CONTINUE; /* whatever */
|
||||
|
||||
+ if(!cf->totsz) {
|
||||
+ /* got no headers and no body */
|
||||
+ logg("*Not scanning an empty message\n");
|
||||
+ ret = CleanAction(ctx);
|
||||
+ nullify(ctx, cf, CF_NONE);
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
if(cf->local) {
|
||||
if(nc_send(cf->main, "nFILDES\n", 8)) {
|
||||
logg("!FD scan request failed\n");
|
||||
@@ -286,18 +313,19 @@
|
||||
}
|
||||
|
||||
if(loginfected) {
|
||||
- const char *from = smfi_getsymval(ctx, "{mail_addr}"), *to = smfi_getsymval(ctx, "{rcpt_addr}");
|
||||
-
|
||||
- if(!from) from = "UNKNOWN";
|
||||
- if(!to) to = "UNKNOWN";
|
||||
-
|
||||
+ const char *from = smfi_getsymval(ctx, "{mail_addr}");
|
||||
+ const char *to = smfi_getsymval(ctx, "{rcpt_addr}");
|
||||
+
|
||||
+ if(!from) from = HDR_UNAVAIL;
|
||||
+ if(!to) to = HDR_UNAVAIL;
|
||||
if(loginfected == LOGINF_FULL) {
|
||||
const char *id = smfi_getsymval(ctx, "{i}");
|
||||
+ const char *msg_subj = makesanehdr(cf->msg_subj);
|
||||
+ const char *msg_date = makesanehdr(cf->msg_date);
|
||||
+ const char *msg_id = makesanehdr(cf->msg_id);
|
||||
|
||||
- makesanehdr(cf->msg_subj);
|
||||
- makesanehdr(cf->msg_date);
|
||||
- makesanehdr(cf->msg_id);
|
||||
- logg("~Message %s from <%s> to <%s> with subject '%s' message-id '%s' date '%s' infected by %s\n", id ? id : "UNKNOWN", from, to, cf->msg_subj, cf->msg_id, cf->msg_date, vir);
|
||||
+ if(!id) id = HDR_UNAVAIL;
|
||||
+ logg("~Message %s from <%s> to <%s> with subject '%s' message-id '%s' date '%s' infected by %s\n", id, from, to, msg_subj, msg_id, msg_date, vir);
|
||||
} else logg("~Message from <%s> to <%s> infected by %s\n", from, to, vir);
|
||||
}
|
||||
}
|
||||
@@ -504,12 +532,18 @@
|
||||
|
||||
sfsistat clamfi_envfrom(SMFICTX *ctx, char **argv) {
|
||||
struct CLAMFI *cf;
|
||||
+ const char *login = smfi_getsymval(ctx, "{auth_authen}");
|
||||
|
||||
+ if(login && smtpauthed(login)) {
|
||||
+ logg("*Skipping scan for authenticated user %s\n", login);
|
||||
+ return SMFIS_ACCEPT;
|
||||
+ }
|
||||
+
|
||||
if(whitelisted(argv[0], 1)) {
|
||||
logg("*Skipping scan for %s (whitelisted from)\n", argv[0]);
|
||||
return SMFIS_ACCEPT;
|
||||
}
|
||||
-
|
||||
+
|
||||
if(!(cf = (struct CLAMFI *)malloc(sizeof(*cf)))) {
|
||||
logg("!Failed to allocate CLAMFI struct\n");
|
||||
return FailAction;
|
||||
@@ -518,6 +552,7 @@
|
||||
cf->bufsz = 0;
|
||||
cf->main = cf->alt = -1;
|
||||
cf->all_whitelisted = 1;
|
||||
+ cf->gotbody = 0;
|
||||
cf->msg_subj = cf->msg_date = cf->msg_id = NULL;
|
||||
smfi_setpriv(ctx, (void *)cf);
|
||||
|
||||
Index: clamav-milter/whitelist.c
|
||||
===================================================================
|
||||
--- clamav-milter/whitelist.c (revision 4964)
|
||||
+++ clamav-milter/whitelist.c (working copy)
|
||||
@@ -25,8 +25,8 @@
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <sys/types.h>
|
||||
-#include <regex.h>
|
||||
|
||||
+#include "libclamav/regex/regex.h"
|
||||
#include "shared/output.h"
|
||||
#include "whitelist.h"
|
||||
|
||||
@@ -38,17 +38,20 @@
|
||||
struct WHLST *wfrom = NULL;
|
||||
struct WHLST *wto = NULL;
|
||||
|
||||
+int skipauth = 0;
|
||||
+regex_t authreg;
|
||||
+
|
||||
void whitelist_free(void) {
|
||||
struct WHLST *w;
|
||||
while(wfrom) {
|
||||
w = wfrom->next;
|
||||
- regfree(&wfrom->preg);
|
||||
+ cli_regfree(&wfrom->preg);
|
||||
free(wfrom);
|
||||
wfrom = w;
|
||||
}
|
||||
while(wto) {
|
||||
w = wto->next;
|
||||
- regfree(&wto->preg);
|
||||
+ cli_regfree(&wto->preg);
|
||||
free(wto);
|
||||
wto = w;
|
||||
}
|
||||
@@ -85,14 +88,14 @@
|
||||
}
|
||||
if(!len) continue;
|
||||
if (!(w = (struct WHLST *)malloc(sizeof(*w)))) {
|
||||
- logg("!Out of memory loading whitelist\n");
|
||||
+ logg("!Out of memory loading whitelist file\n");
|
||||
whitelist_free();
|
||||
return 1;
|
||||
}
|
||||
w->next = (*addto);
|
||||
(*addto) = w;
|
||||
- if (regcomp(&w->preg, ptr, REG_ICASE|REG_NOSUB)) {
|
||||
- logg("!Failed to compile regex '%s'\n", ptr);
|
||||
+ if (cli_regcomp(&w->preg, ptr, REG_ICASE|REG_NOSUB)) {
|
||||
+ logg("!Failed to compile regex '%s' in whitelist file\n", ptr);
|
||||
whitelist_free();
|
||||
return 1;
|
||||
}
|
||||
@@ -108,7 +111,7 @@
|
||||
else w = wto;
|
||||
|
||||
while(w) {
|
||||
- if(!regexec(&w->preg, addr, 0, NULL, 0))
|
||||
+ if(!cli_regexec(&w->preg, addr, 0, NULL, 0))
|
||||
return 1;
|
||||
w = w->next;
|
||||
}
|
||||
@@ -116,6 +119,23 @@
|
||||
}
|
||||
|
||||
|
||||
+int smtpauth_init(const char *r) {
|
||||
+ if (cli_regcomp(&authreg, r, REG_ICASE|REG_NOSUB|REG_EXTENDED)) {
|
||||
+ logg("!Failed to compile regex '%s' for SkipAuthSenders\n", r);
|
||||
+ return 1;
|
||||
+ }
|
||||
+ skipauth = 1;
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+int smtpauthed(const char *login) {
|
||||
+ if(skipauth && !cli_regexec(&authreg, login, 0, NULL, 0))
|
||||
+ return 1;
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
/*
|
||||
* Local Variables:
|
||||
* mode: c
|
||||
Index: clamav-milter/clamav-milter.c
|
||||
===================================================================
|
||||
--- clamav-milter/clamav-milter.c (revision 4964)
|
||||
+++ clamav-milter/clamav-milter.c (working copy)
|
||||
@@ -211,6 +211,14 @@
|
||||
return 1;
|
||||
}
|
||||
|
||||
+ if((opt = optget(opts, "SkipAuthenticated"))->enabled && smtpauth_init(opt->strarg)) {
|
||||
+ localnets_free();
|
||||
+ whitelist_free();
|
||||
+ logg_close();
|
||||
+ optfree(opts);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
if(optget(opts, "AddHeader")->enabled) {
|
||||
char myname[255];
|
||||
|
||||
Loading…
Reference in New Issue
Block a user