qmail-queue patch for Kaspersky Antivirus

Sun, 29 Jul 2001 06:58:31 -0700 


I thought somebody could be interested in this.  And don't forget to allow
scanning /var/qmail/queue in defUnix.prf.  You don't have to recompile
anything but qmail-queue for scanning, (if you don't need more friedly error
message "known viruses found") I hope somebody will find it usefull.
Copyright on avp-client.c is unknown since I heavily ripped
AvpDaemonClient.c example in AVP distribution which is without any
copyright explicitly written (I could rewrite it from scratch in case
somebody will need it ;-).

O.


// Program to test daemon scanning.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>        // struct sockaddr_un 
#include <sys/file.h>
#include <time.h>
#include <stdarg.h>
#include <paths.h>
#include <errno.h>

// ... Cfg pathnames 
#define AVP_NODE_DIR      "/var/run"
#define AVP_NODE_DIR_MODE 0777
#define AVP_NODE_PID      AVP_NODE_DIR "/AvpPid"
#define AVP_NODE_LOG      AVP_NODE_DIR "/AvpLog"
#define AVP_NODE_CTL      AVP_NODE_DIR "/AvpCtl\0\0\0"
char *NodePid=AVP_NODE_PID;
char *NodeCtl=AVP_NODE_CTL;

static int  AvpFile=-1;

struct sockaddr_un AvpAddr;

int AvpConnect(void) {
	if(AvpFile==-1)
	{
		bzero((char *)&AvpAddr,sizeof(AvpAddr));
		AvpAddr.sun_family=AF_UNIX;
		strcpy(AvpAddr.sun_path,NodeCtl);
		if((AvpFile=socket(AF_UNIX,SOCK_STREAM,0))<0)
			return -1;
	}
	
	if(AvpFile!=-1 && connect(AvpFile,(struct sockaddr *)(&AvpAddr),sizeof(AvpAddr.sun_family)+strlen(NodeCtl))>=0) {
		return 0;
	}
	return -1;
}

void AvpClose(void) {
	(void)close(AvpFile);
	AvpFile=-1;
}

int AvpScan(const char *file)
{
	char buftoscan[2048];
	time_t now;
	long uintbuf=0; 
	int len;

	// build the message 
	(void)time(&now);
	len = snprintf(buftoscan, 2047, "<0>%.15s:%s", ctime(&now)+4, file);

	if(write(AvpFile,buftoscan,len+1)>=0)
	{
		if(read(AvpFile,(char*)&uintbuf,2) == -1) return -2;
		return (uintbuf&0xff)-0x30;
	}
	return -1;
}

--- /usr/home/ondrej/Projects/qmail/qmail-1.03/Makefile	Tue May  8 15:29:43 2001
+++ /usr/home/ondrej/Projects/qmail/qmail-queue-avp/Makefile	Sun Jul 29 15:24:05 2001
@@ -1446,10 +1446,10 @@
 	nroff -man qmail-qstat.8 > qmail-qstat.0
 
 qmail-queue: \
-load qmail-queue.o triggerpull.o fmtqfn.o now.o date822fmt.o \
+load qmail-queue.o avp-client.o triggerpull.o fmtqfn.o now.o date822fmt.o \
 datetime.a seek.a ndelay.a open.a sig.a alloc.a substdio.a error.a \
 str.a fs.a auto_qmail.o auto_split.o auto_uids.o
-	./load qmail-queue triggerpull.o fmtqfn.o now.o \
+	./load qmail-queue avp-client.o triggerpull.o fmtqfn.o now.o \
 	date822fmt.o datetime.a seek.a ndelay.a open.a sig.a \
 	alloc.a substdio.a error.a str.a fs.a auto_qmail.o \
 	auto_split.o auto_uids.o 
@@ -1463,6 +1463,10 @@
 alloc.h substdio.h datetime.h now.h datetime.h triggerpull.h extra.h \
 auto_qmail.h auto_uids.h date822fmt.h fmtqfn.h
 	./compile qmail-queue.c
+
+avp-client.o: \
+compile avp-client.c
+	./compile avp-client.c
 
 qmail-queue-log: \
 load qmail-queue-log.o triggerpull.o fmtqfn.o now.o date822fmt.o \
--- qmail.c~	Sun Jul 29 16:13:34 2001
+++ qmail.c	Sun Jul 29 16:07:30 2001
@@ -97,6 +97,7 @@
     case 115: /* compatibility */
     case 11: return "Denvelope address too long for qq (#5.1.3)";
     case 31: return "Dmail server permanently rejected message (#5.3.0)";
+	case 32: return "Dknown viruses were found (#5.3.0)";
     case 51: return "Zqq out of memory (#4.3.0)";
     case 52: return "Zqq timeout (#4.3.0)";
     case 53: return "Zqq write error or disk full (#4.3.0)";
--- /usr/home/ondrej/Projects/qmail/qmail-1.03/qmail-queue.c	Tue Nov 21 00:44:57 2000
+++ /usr/home/ondrej/Projects/qmail/qmail-queue-avp/qmail-queue.c	Sun Jul 29 16:12:02 2001
@@ -36,10 +36,13 @@
 char *messfn;
 char *todofn;
 char *intdfn;
+char *scanfn;
+int scanlen;
 int messfd;
 int intdfd;
 int flagmademess = 0;
 int flagmadeintd = 0;
+int scanres;
 
 void cleanup()
 {
@@ -58,6 +61,7 @@
 void die(e) int e; { _exit(e); }
 void die_write() { cleanup(); die(53); }
 void die_read() { cleanup(); die(54); }
+void die_virus() { cleanup(); die(32); }
 void sigalrm() { /* thou shalt not clean up here */ die(52); }
 void sigbug() { die(81); }
 
@@ -202,6 +206,16 @@
 
  if (substdio_flush(&ssout) == -1) die_write();
  if (fsync(messfd) == -1) die_write();
+
+ if (AvpConnect() == 0) // Pokud se neprikonektime, budeme to tise ignorovat
+  {
+   scanlen = strlen(auto_qmail)+strlen(messfn)+8;
+   scanfn = alloc(scanlen);
+   snprintf(scanfn, scanlen, "%s/%s/%s", auto_qmail, "queue", messfn);
+   if ((scanres = AvpScan(scanfn)) != 0) die_virus();
+   alloc_free(scanfn);
+   AvpClose();
+  }
 
  intdfd = open_excl(intdfn);
  if (intdfd == -1) die(65);


-- 
Ondřej Surý <[EMAIL PROTECTED]>    Globe Internet s.r.o. http://globe.cz/
Tel: +420235365000   Fax: +420235365009         Pláničkova 1, 162 00 Praha 6
GPG fingerprint:          CC91 8F02 8CDE 911A 933F  AE52 F4E6 6A7C C20D F273

Reply via email to