summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2018-01-01 13:14:41 +0000
committerJeremy Harris <jgh146exb@wizmail.org>2018-01-01 17:10:23 +0000
commitc11d665dab975691024f9231ad93c65bef7e5df4 (patch)
treeac2a5701c6511c08266c4fb122e71a481a73bfc2 /src
parentadf73d3717be93cdbbb38c7e2e4bb0531d1cca27 (diff)
Feature macros, show-supported and build-time selection for malware interfaces
Diffstat (limited to 'src')
-rw-r--r--src/OS/Makefile-Base5
-rw-r--r--src/src/EDITME17
-rw-r--r--src/src/config.h.defaults13
-rw-r--r--src/src/exim.c10
-rw-r--r--src/src/functions.h1
-rw-r--r--src/src/macro_predef.c5
-rw-r--r--src/src/macro_predef.h3
-rw-r--r--src/src/malware.c261
8 files changed, 236 insertions, 79 deletions
diff --git a/src/OS/Makefile-Base b/src/OS/Makefile-Base
index 6aab029ad..230ab1bce 100644
--- a/src/OS/Makefile-Base
+++ b/src/OS/Makefile-Base
@@ -135,7 +135,7 @@ OBJ_MACRO = macro_predef.o \
macro-manualroute.o macro-queryprogram.o macro-redirect.o \
macro-auth-spa.o macro-cram_md5.o macro-cyrus_sasl.o macro-dovecot.o macro-gsasl_exim.o \
macro-heimdal_gssapi.o macro-plaintext.o macro-spa.o macro-tls.o\
- macro-dkim.o
+ macro-dkim.o macro-malware.o
$(OBJ_MACRO): $(MACRO_HSRC)
@@ -226,6 +226,9 @@ macro-tls.o: auths/tls.c
macro-dkim.o: dkim.c
@echo "$(CC) -DMACRO_PREDEF dkim.c"
$(FE)$(CC) -c $(CFLAGS) -DMACRO_PREDEF $(INCLUDE) -o $@ dkim.c
+macro-malware.o: malware.c
+ @echo "$(CC) -DMACRO_PREDEF malware.c"
+ $(FE)$(CC) -c $(CFLAGS) -DMACRO_PREDEF $(INCLUDE) -o $@ malware.c
macro_predef: $(OBJ_MACRO)
@echo "$(LNCC) -o $@"
diff --git a/src/src/EDITME b/src/src/EDITME
index 35585d6bb..39c1cdbcc 100644
--- a/src/src/EDITME
+++ b/src/src/EDITME
@@ -398,6 +398,23 @@ EXIM_MONITOR=eximon.bin
# WITH_CONTENT_SCAN=yes
+# If you have content scanning you may wish to only include some of the scanner
+# interfaces. Uncomment any of these lines to remove that code.
+
+# DISABLE_MAL_FFROTD=yes
+# DISABLE_MAL_FFROT6D=yes
+# DISABLE_MAL_DRWEB=yes
+# DISABLE_MAL_AVE=yes
+# DISABLE_MAL_FSECURE=yes
+# DISABLE_MAL_KAV=yes
+# DISABLE_MAL_SOPHIE=yes
+# DISABLE_MAL_CLAM=yes
+# DISABLE_MAL_MKS=yes
+# DISABLE_MAL_AVAST=yes
+# DISABLE_MAL_SOCK=yes
+# DISABLE_MAL_CMDLINE=yes
+
+
#------------------------------------------------------------------------------
# If you're using ClamAV and are backporting fixes to an old version, instead
# of staying current (which is the more usual approach) then you may need to
diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults
index 4750523dc..08dc446f6 100644
--- a/src/src/config.h.defaults
+++ b/src/src/config.h.defaults
@@ -3,6 +3,7 @@
*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2017 */
+/* Copyright (c) The Exim Maintainers 2018 */
/* See the file NOTICE for conditions of use and distribution. */
/* The default settings for Exim configuration variables. A #define without
@@ -173,6 +174,18 @@ Do not put spaces between # and the 'define'.
#define WHITELIST_D_MACROS
#define WITH_CONTENT_SCAN
+#define DISABLE_MAL_FFROTD
+#define DISABLE_MAL_FFROT6D
+#define DISABLE_MAL_DRWEB
+#define DISABLE_MAL_AVE
+#define DISABLE_MAL_FSECURE
+#define DISABLE_MAL_KAV
+#define DISABLE_MAL_SOPHIE
+#define DISABLE_MAL_CLAM
+#define DISABLE_MAL_MKS
+#define DISABLE_MAL_AVAST
+#define DISABLE_MAL_SOCK
+#define DISABLE_MAL_CMDLINE
#define WITH_OLD_CLAMAV_STREAM
/* EXPERIMENTAL features */
diff --git a/src/src/exim.c b/src/src/exim.c
index 8bd145635..2189bc051 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -801,11 +801,11 @@ fprintf(f, "Support for:");
fprintf(f, " TCPwrappers");
#endif
#ifdef SUPPORT_TLS
- #ifdef USE_GNUTLS
+# ifdef USE_GNUTLS
fprintf(f, " GnuTLS");
- #else
+# else
fprintf(f, " OpenSSL");
- #endif
+# endif
#endif
#ifdef SUPPORT_TRANSLATE_IP_ADDRESS
fprintf(f, " translate_ip_address");
@@ -934,6 +934,10 @@ auth_show_supported(f);
route_show_supported(f);
transport_show_supported(f);
+#ifdef WITH_CONTENT_SCAN
+malware_show_supported(f);
+#endif
+
if (fixed_never_users[0] > 0)
{
int i;
diff --git a/src/src/functions.h b/src/src/functions.h
index b9a0cbc7c..1e8698b78 100644
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -263,6 +263,7 @@ extern void mainlog_close(void);
extern int malware(const uschar *, int);
extern int malware_in_file(uschar *);
extern void malware_init(void);
+extern void malware_show_supported(FILE *);
#endif
extern int match_address_list(const uschar *, BOOL, BOOL, const uschar **,
unsigned int *, int, int, const uschar **);
diff --git a/src/src/macro_predef.c b/src/src/macro_predef.c
index d13248ce4..08028bf5b 100644
--- a/src/src/macro_predef.c
+++ b/src/src/macro_predef.c
@@ -43,6 +43,7 @@ builtin_macro_create_var(name, US"y");
}
+/* restricted snprintf */
void
spf(uschar * buf, int len, const uschar * fmt, ...)
{
@@ -261,6 +262,10 @@ due to conflicts with other common macros. */
builtin_macro_create(US"_HAVE_TRANSPORT_APPEND_MBX");
# endif
#endif
+
+#ifdef WITH_CONTENT_SCAN
+features_malware();
+#endif
}
diff --git a/src/src/macro_predef.h b/src/src/macro_predef.h
index 00d9537ca..bfa201068 100644
--- a/src/src/macro_predef.h
+++ b/src/src/macro_predef.h
@@ -2,7 +2,7 @@
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) Jeremy Harris 2017 */
+/* Copyright (c) Jeremy Harris 2017 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
/* Global functions */
@@ -12,6 +12,7 @@ extern void builtin_macro_create(const uschar *);
extern void builtin_macro_create_var(const uschar *, const uschar *);
extern void options_from_list(optionlist *, unsigned, const uschar *, uschar *);
+extern void features_malware(void);
extern void options_main(void);
extern void options_routers(void);
extern void options_transports(void);
diff --git a/src/src/malware.c b/src/src/malware.c
index 7ae8200ae..fa1a7aaba 100644
--- a/src/src/malware.c
+++ b/src/src/malware.c
@@ -4,13 +4,13 @@
/* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003 - 2015
* License: GPL
- * Copyright (c) The Exim Maintainers 2017
+ * Copyright (c) The Exim Maintainers 2017 - 2018
*/
/* Code for calling virus (malware) scanners. Called from acl.c. */
#include "exim.h"
-#ifdef WITH_CONTENT_SCAN
+#ifdef WITH_CONTENT_SCAN /* entire file */
typedef enum {M_FPROTD, M_DRWEB, M_AVES, M_FSEC, M_KAVD, M_CMDL,
M_SOPHIE, M_CLAMD, M_SOCK, M_MKSD, M_AVAST, M_FPROT6D} scanner_t;
@@ -23,72 +23,130 @@ static struct scan
contype_t conn;
} m_scans[] =
{
+#ifndef DISABLE_MAL_FFROTD
{ M_FPROTD, US"f-protd", US"localhost 10200-10204", MC_TCP },
+#endif
+#ifndef DISABLE_MAL_FFROT6D
+ { M_FPROT6D, US"f-prot6d", US"localhost 10200", MC_TCP },
+#endif
+#ifndef DISABLE_MAL_DRWEB
{ M_DRWEB, US"drweb", US"/usr/local/drweb/run/drwebd.sock", MC_STRM },
+#endif
+#ifndef DISABLE_MAL_AVE
{ M_AVES, US"aveserver", US"/var/run/aveserver", MC_UNIX },
+#endif
+#ifndef DISABLE_MAL_FSECURE
{ M_FSEC, US"fsecure", US"/var/run/.fsav", MC_UNIX },
+#endif
+#ifndef DISABLE_MAL_KAV
{ M_KAVD, US"kavdaemon", US"/var/run/AvpCtl", MC_UNIX },
- { M_CMDL, US"cmdline", NULL, MC_NONE },
+#endif
+#ifndef DISABLE_MAL_SOPHIE
{ M_SOPHIE, US"sophie", US"/var/run/sophie", MC_UNIX },
+#endif
+#ifndef DISABLE_MAL_CLAM
{ M_CLAMD, US"clamd", US"/tmp/clamd", MC_NONE },
- { M_SOCK, US"sock", US"/tmp/malware.sock", MC_STRM },
+#endif
+#ifndef DISABLE_MAL_MKS
{ M_MKSD, US"mksd", NULL, MC_NONE },
+#endif
+#ifndef DISABLE_MAL_AVAST
{ M_AVAST, US"avast", US"/var/run/avast/scan.sock", MC_STRM },
- { M_FPROT6D, US"f-prot6d", US"localhost 10200", MC_TCP },
+#endif
+#ifndef DISABLE_MAL_SOCK
+ { M_SOCK, US"sock", US"/tmp/malware.sock", MC_STRM },
+#endif
+#ifndef DISABLE_MAL_CMDLINE
+ { M_CMDL, US"cmdline", NULL, MC_NONE },
+#endif
{ -1, NULL, NULL, MC_NONE } /* end-marker */
};
+/******************************************************************************/
+# ifdef MACRO_PREDEF /* build solely to predefine macros */
+
+# include "macro_predef.h"
+
+void
+features_malware(void)
+{
+struct scan * sc;
+uschar * s, * t;
+uschar buf[64];
+
+spf(buf, sizeof(buf), US"_HAVE_MALWARE_");
+
+for (sc = m_scans; sc->scancode != -1; sc++)
+ {
+ for(s = sc->name, t = buf+14; *s; s++) if (*s != '-') *t++ = toupper(*s);
+ *t = '\0';
+ builtin_macro_create(buf);
+ }
+}
+
+/******************************************************************************/
+# else /*!MACRO_PREDEF, main build*/
+
+
+#define MALWARE_TIMEOUT 120 /* default timeout, seconds */
+
+static const uschar * malware_regex_default = US ".+";
+static const pcre * malware_default_re = NULL;
+
+
+
+#ifndef DISABLE_MAL_CLAM
/* The maximum number of clamd servers that are supported in the configuration */
-#define MAX_CLAMD_SERVERS 32
-#define MAX_CLAMD_SERVERS_S "32"
+# define MAX_CLAMD_SERVERS 32
+# define MAX_CLAMD_SERVERS_S "32"
typedef struct clamd_address {
uschar * hostspec;
unsigned tcp_port;
unsigned retry;
} clamd_address;
-
-#ifndef nelements
-# define nelements(arr) (sizeof(arr) / sizeof(arr[0]))
#endif
-#define MALWARE_TIMEOUT 120 /* default timeout, seconds */
-
-
-#define DRWEBD_SCAN_CMD (1) /* scan file, buffer or diskfile */
-#define DRWEBD_RETURN_VIRUSES (1<<0) /* ask daemon return to us viruses names from report */
-#define DRWEBD_IS_MAIL (1<<19) /* say to daemon that format is "archive MAIL" */
+#ifndef DISABLE_MAL_DRWEB
+# define DRWEBD_SCAN_CMD (1) /* scan file, buffer or diskfile */
+# define DRWEBD_RETURN_VIRUSES (1<<0) /* ask daemon return to us viruses names from report */
+# define DRWEBD_IS_MAIL (1<<19) /* say to daemon that format is "archive MAIL" */
-#define DERR_READ_ERR (1<<0) /* read error */
-#define DERR_NOMEMORY (1<<2) /* no memory */
-#define DERR_TIMEOUT (1<<9) /* scan timeout has run out */
-#define DERR_BAD_CALL (1<<15) /* wrong command */
-
-
-static const uschar * malware_regex_default = US ".+";
-static const pcre * malware_default_re = NULL;
+# define DERR_READ_ERR (1<<0) /* read error */
+# define DERR_NOMEMORY (1<<2) /* no memory */
+# define DERR_TIMEOUT (1<<9) /* scan timeout has run out */
+# define DERR_BAD_CALL (1<<15) /* wrong command */
static const uschar * drweb_re_str = US "infected\\swith\\s*(.+?)$";
static const pcre * drweb_re = NULL;
+#endif
+#ifndef DISABLE_MAL_FSECURE
static const uschar * fsec_re_str = US "\\S{0,5}INFECTED\\t[^\\t]*\\t([^\\t]+)\\t\\S*$";
static const pcre * fsec_re = NULL;
+#endif
+#ifndef DISABLE_MAL_KAV
static const uschar * kav_re_sus_str = US "suspicion:\\s*(.+?)\\s*$";
static const uschar * kav_re_inf_str = US "infected:\\s*(.+?)\\s*$";
static const pcre * kav_re_sus = NULL;
static const pcre * kav_re_inf = NULL;
+#endif
+#ifndef DISABLE_MAL_AVAST
static const uschar * ava_re_clean_str = US "(?!\\\\)\\t\\[\\+\\]";
static const uschar * ava_re_virus_str = US "(?!\\\\)\\t\\[L\\]\\d\\.\\d\\t\\d\\s(.*)";
static const pcre * ava_re_clean = NULL;
static const pcre * ava_re_virus = NULL;
+#endif
+#ifndef DISABLE_MAL_FFROT6D
static const uschar * fprot6d_re_error_str = US "^\\d+\\s<(.+?)>$";
static const uschar * fprot6d_re_virus_str = US "^\\d+\\s<infected:\\s+(.+?)>\\s+.+$";
static const pcre * fprot6d_re_error = NULL;
static const pcre * fprot6d_re_virus = NULL;
+#endif
@@ -142,6 +200,7 @@ return m_errlog_defer(scanent, hostport, str);
/*************************************************/
+#ifndef DISABLE_MAL_CLAM
/* Only used by the Clamav code, which is working from a list of servers and
uses the returned in_addr to get a second connection to the same system.
*/
@@ -152,6 +211,7 @@ m_tcpsocket(const uschar * hostname, unsigned int port,
return ip_connectedsocket(SOCK_STREAM, hostname, port, port, 5,
host, errstr, fastopen_blob);
}
+#endif
static int
m_sock_send(int sock, uschar * buf, int cnt, uschar ** errstr)
@@ -186,7 +246,7 @@ m_pcre_exec(const pcre * cre, uschar * text)
{
int ovector[10*3];
int i = pcre_exec(cre, NULL, CS text, Ustrlen(text), 0, 0,
- ovector, nelements(ovector));
+ ovector, nelem(ovector));
uschar * substr = NULL;
if (i >= 2) /* Got it */
pcre_get_substring(CS text, ovector, i, 1, (const char **) &substr);
@@ -263,9 +323,10 @@ return fd_ready(sock, tmo-time(NULL))
+#ifndef DISABLE_MAL_MKS
/* ============= private routines for the "mksd" scanner type ============== */
-#include <sys/uio.h>
+# include <sys/uio.h>
static inline int
mksd_writev (int sock, struct iovec * iov, int iovcnt)
@@ -388,8 +449,10 @@ if (mksd_read_lines (sock, av_buffer, sizeof (av_buffer), tmo) < 0)
return mksd_parse_line (scanent, CS av_buffer);
}
+#endif /* MKSD */
+#ifndef DISABLE_MAL_CLAM
static int
clamd_option(clamd_address * cd, const uschar * optstr, int * subsep)
{
@@ -408,6 +471,9 @@ while ((s = string_nextinlist(&optstr, subsep, NULL, 0)))
return FAIL;
return OK;
}
+#endif
+
+
/*************************************************
* Scan content for malware *
@@ -531,6 +597,7 @@ if (!malware_ok)
switch (scanent->scancode)
{
+#ifndef DISABLE_MAL_FFROTD
case M_FPROTD: /* "f-protd" scanner type -------------------------------- */
{
uschar *fp_scan_option;
@@ -584,7 +651,56 @@ if (!malware_ok)
}
break;
} /* f-protd */
+#endif
+
+#ifndef DISABLE_MAL_FFROT6D
+ case M_FPROT6D: /* "f-prot6d" scanner type ----------------------------------- */
+ {
+ int bread;
+ uschar * e;
+ uschar * linebuffer;
+ uschar * scanrequest;
+ uschar av_buffer[1024];
+
+ if ((!fprot6d_re_virus && !(fprot6d_re_virus = m_pcre_compile(fprot6d_re_virus_str, &errstr)))
+ || (!fprot6d_re_error && !(fprot6d_re_error = m_pcre_compile(fprot6d_re_error_str, &errstr))))
+ return malware_errlog_defer(errstr);
+
+ scanrequest = string_sprintf("SCAN FILE %s\n", eml_filename);
+ DEBUG(D_acl) debug_printf_indent("Malware scan: issuing %s: %s\n",
+ scanner_name, scanrequest);
+
+ if (m_sock_send(sock, scanrequest, Ustrlen(scanrequest), &errstr) < 0)
+ return m_errlog_defer(scanent, CUS callout_address, errstr);
+
+ bread = ip_recv(sock, av_buffer, sizeof(av_buffer), tmo-time(NULL));
+
+ if (bread <= 0)
+ return m_errlog_defer_3(scanent, CUS callout_address,
+ string_sprintf("unable to read from socket (%s)", strerror(errno)),
+ sock);
+
+ if (bread == sizeof(av_buffer))
+ return m_errlog_defer_3(scanent, CUS callout_address,
+ US"buffer too small", sock);
+
+ av_buffer[bread] = '\0';
+ linebuffer = string_copy(av_buffer);
+
+ m_sock_send(sock, US"QUIT\n", 5, 0);
+
+ if ((e = m_pcre_exec(fprot6d_re_error, linebuffer)))
+ return m_errlog_defer_3(scanent, CUS callout_address,
+ string_sprintf("scanner reported error (%s)", e), sock);
+ if (!(malware_name = m_pcre_exec(fprot6d_re_virus, linebuffer)))
+ malware_name = NULL;
+
+ break;
+ } /* f-prot6d */
+#endif
+
+#ifndef DISABLE_MAL_DRWEB
case M_DRWEB: /* "drweb" scanner type ----------------------------------- */
/* v0.1 - added support for tcp sockets */
/* v0.0 - initial release -- support for unix sockets */
@@ -739,7 +855,7 @@ badseek: err = errno;
/* try matcher on the line, grab substring */
result = pcre_exec(drweb_re, NULL, CS tmpbuf, Ustrlen(tmpbuf), 0, 0,
- ovector, nelements(ovector));
+ ovector, nelem(ovector));
if (result >= 2)
{
const char * pre_malware_nb;
@@ -780,7 +896,9 @@ badseek: err = errno;
}
break;
} /* drweb */
+#endif
+#ifndef DISABLE_MAL_AVE
case M_AVES: /* "aveserver" scanner type -------------------------------- */
{
uschar buf[32768];
@@ -848,7 +966,9 @@ badseek: err = errno;
}
break;
} /* aveserver */
+#endif
+#ifndef DISABLE_MAL_FSECURE
case M_FSEC: /* "fsecure" scanner type ---------------------------------- */
{
int i, j, bread = 0;
@@ -865,7 +985,7 @@ badseek: err = errno;
scanner_name, scanner_options);
/* pass options */
memset(av_buffer, 0, sizeof(av_buffer));
- for (i = 0; i != nelements(cmdopt); i++)
+ for (i = 0; i != nelem(cmdopt); i++)
{
if (m_sock_send(sock, cmdopt[i], Ustrlen(cmdopt[i]), &errstr) < 0)
@@ -931,7 +1051,9 @@ badseek: err = errno;
fsec_found:
break;
} /* fsecure */
+#endif
+#ifndef DISABLE_MAL_KAV
case M_KAVD: /* "kavdaemon" scanner type -------------------------------- */
{
time_t t;
@@ -1043,7 +1165,9 @@ badseek: err = errno;
break;
}
+#endif
+#ifndef DISABLE_MAL_CMDLINE
case M_CMDL: /* "cmdline" scanner type ---------------------------------- */
{
const uschar *cmdline_scanner = scanner_options;
@@ -1177,7 +1301,9 @@ badseek: err = errno;
malware_name = NULL;
break;
} /* cmdline */
+#endif
+#ifndef DISABLE_MAL_SOPHIE
case M_SOPHIE: /* "sophie" scanner type --------------------------------- */
{
int bread = 0;
@@ -1222,7 +1348,9 @@ badseek: err = errno;
break;
}
+#endif
+#ifndef DISABLE_MAL_CLAM
case M_CLAMD: /* "clamd" scanner type ----------------------------------- */
{
/* This code was originally contributed by David Saez */
@@ -1709,7 +1837,9 @@ b_seek: err = errno;
break;
} /* clamd */
+#endif
+#ifndef DISABLE_MAL_SOCK
case M_SOCK: /* "sock" scanner type ------------------------------------- */
/* This code was derived by Martin Poole from the clamd code contributed
by David Saez and the cmdline code
@@ -1790,7 +1920,9 @@ b_seek: err = errno;
malware_name = NULL;
break;
}
+#endif
+#ifndef DISABLE_MAL_MKS
case M_MKSD: /* "mksd" scanner type ------------------------------------- */
{
char *mksd_options_end;
@@ -1823,7 +1955,9 @@ b_seek: err = errno;
}
break;
}
+#endif
+#ifndef DISABLE_MAL_AVAST
case M_AVAST: /* "avast" scanner type ----------------------------------- */
{
int ovector[1*3];
@@ -1903,7 +2037,7 @@ b_seek: err = errno;
break; /* ignore the "210 SCAN DATA" message */
if (pcre_exec(ava_re_clean, NULL, CS buf, slen,
- 0, 0, ovector, nelements(ovector)) > 0)
+ 0, 0, ovector, nelem(ovector)) > 0)
break;
if ((malware_name = m_pcre_exec(ava_re_virus, buf)))
@@ -1956,51 +2090,7 @@ b_seek: err = errno;
}
break;
}
-
- case M_FPROT6D: /* "f-prot6d" scanner type ----------------------------------- */
- {
- int bread;
- uschar * e;
- uschar * linebuffer;
- uschar * scanrequest;
- uschar av_buffer[1024];
-
- if ((!fprot6d_re_virus && !(fprot6d_re_virus = m_pcre_compile(fprot6d_re_virus_str, &errstr)))
- || (!fprot6d_re_error && !(fprot6d_re_error = m_pcre_compile(fprot6d_re_error_str, &errstr))))
- return malware_errlog_defer(errstr);
-
- scanrequest = string_sprintf("SCAN FILE %s\n", eml_filename);
- DEBUG(D_acl) debug_printf_indent("Malware scan: issuing %s: %s\n",
- scanner_name, scanrequest);
-
- if (m_sock_send(sock, scanrequest, Ustrlen(scanrequest), &errstr) < 0)
- return m_errlog_defer(scanent, CUS callout_address, errstr);
-
- bread = ip_recv(sock, av_buffer, sizeof(av_buffer), tmo-time(NULL));
-
- if (bread <= 0)
- return m_errlog_defer_3(scanent, CUS callout_address,
- string_sprintf("unable to read from socket (%s)", strerror(errno)),
- sock);
-
- if (bread == sizeof(av_buffer))
- return m_errlog_defer_3(scanent, CUS callout_address,
- US"buffer too small", sock);
-
- av_buffer[bread] = '\0';
- linebuffer = string_copy(av_buffer);
-
- m_sock_send(sock, US"QUIT\n", 5, 0);
-
- if ((e = m_pcre_exec(fprot6d_re_error, linebuffer)))
- return m_errlog_defer_3(scanent, CUS callout_address,
- string_sprintf("scanner reported error (%s)", e), sock);
-
- if (!(malware_name = m_pcre_exec(fprot6d_re_virus, linebuffer)))
- malware_name = NULL;
-
- break;
- } /* f-prot6d */
+#endif
} /* scanner type switch */
if (sock >= 0)
@@ -2099,24 +2189,47 @@ malware_init(void)
{
if (!malware_default_re)
malware_default_re = regex_must_compile(malware_regex_default, FALSE, TRUE);
+
+#ifndef DISABLE_MAL_DRWEB
if (!drweb_re)
drweb_re = regex_must_compile(drweb_re_str, FALSE, TRUE);
+#endif
+#ifndef DISABLE_MAL_FSECURE
if (!fsec_re)
fsec_re = regex_must_compile(fsec_re_str, FALSE, TRUE);
+#endif
+#ifndef DISABLE_MAL_KAV
if (!kav_re_sus)
kav_re_sus = regex_must_compile(kav_re_sus_str, FALSE, TRUE);
if (!kav_re_inf)
kav_re_inf = regex_must_compile(kav_re_inf_str, FALSE, TRUE);
+#endif
+#ifndef DISABLE_MAL_AVA
if (!ava_re_clean)
ava_re_clean = regex_must_compile(ava_re_clean_str, FALSE, TRUE);
if (!ava_re_virus)
ava_re_virus = regex_must_compile(ava_re_virus_str, FALSE, TRUE);
+#endif
+#ifndef DISABLE_MAL_FPROT6D
if (!fprot6d_re_error)
fprot6d_re_error = regex_must_compile(fprot6d_re_error_str, FALSE, TRUE);
if (!fprot6d_re_virus)
fprot6d_re_virus = regex_must_compile(fprot6d_re_virus_str, FALSE, TRUE);
+#endif
+}
+
+
+void
+malware_show_supported(FILE * f)
+{
+struct scan * sc;
+fprintf(f, "Malware:");
+for (sc = m_scans; sc->scancode != -1; sc++) fprintf(f, " %s", sc->name);
+fprintf(f, "\n");
}
+
+# endif /*!MACRO_PREDEF*/
#endif /*WITH_CONTENT_SCAN*/
/*
* vi: aw ai sw=2