Allow access to sendmail variables in the template file

git-svn: trunk@615
21 years ago · 456edb5589
parent e28753034b
commit 456edb5589
4 changed files with 79 additions and 18 deletions
--- a/clamav-devel/ChangeLog
+++ b/clamav-devel/ChangeLog
@ -1,3 +1,14 @@
+Wed Jun 16 09:09:45 BST 2004 (njh)
+----------------------------------
+  * clamav-milter:		Added access to sendmail variables in template
+	files
+				Use qualified host name for X-Virus-Scanned
+	header when localSocket is set
+  * docs/man/clamav-milter.8:	Added access to sendmail variables in template
+	files
+  * libclamav:			Added small performance improvements
+  				Added thread safety measures
+
 Tue Jun 15 22:41:03 CEST 2004 (tk)
 ----------------------------------
  * clamscan, clamd, freshclam: call geteuid() instead of getuid() to avoid
--- a/clamav-devel/clamav-milter/INSTALL
+++ b/clamav-devel/clamav-milter/INSTALL
@ -404,6 +404,11 @@ Changes
 0.72a	8/6/04	--from didn't take an option (fix to 0.71a)
 0.73	14/6/04	Up-issued
 0.73a	14/6/04	Added support for Windows SFU 3.5
+0.73b	15/6/04	Use fully qualified host name for X-Virus-Scanned header when
+			localSocket is set
+		In template files support {sendmail-variable} and support \%v
+			to send the %v string
+		Tidyup handling if the quarantine directory can't be created

 BUG REPORTS

--- a/clamav-devel/clamav-milter/clamav-milter.c
+++ b/clamav-devel/clamav-milter/clamav-milter.c
@ -26,6 +26,9 @@
 *
 * Change History:
 * $Log: clamav-milter.c,v $
+ * Revision 1.97  2004/06/16 08:08:47  nigelhorne
+ * Allow access to sendmail variables in the template file
+ *
 * Revision 1.96  2004/06/14 14:34:15  nigelhorne
 * Added support for Windows SFU 3.5
 *
@ -299,9 +302,9 @@
 * Revision 1.6  2003/09/28 16:37:23  nigelhorne
 * Added -f flag use MaxThreads if --max-children not set
 */
-static	char	const	rcsid[] = "$Id: clamav-milter.c,v 1.96 2004/06/14 14:34:15 nigelhorne Exp $";
+static	char	const	rcsid[] = "$Id: clamav-milter.c,v 1.97 2004/06/16 08:08:47 nigelhorne Exp $";

-#define	CM_VERSION	"0.73a"
+#define	CM_VERSION	"0.73b"

 /*#define	CONFDIR	"/usr/local/etc"*/

@ -447,7 +450,7 @@ static	void	header_list_add(header_list_t list, const char *headerf, const char
 static	void	header_list_print(header_list_t list, FILE *fp);
 static	int	connect2clamd(struct privdata *privdata);
 static	void	checkClamd(void);
-static	int	sendtemplate(const char *filename, FILE *sendmail, const char *clamdMessage);
+static	int	sendtemplate(SMFICTX *ctx, const char *filename, FILE *sendmail, const char *clamdMessage);

 static	char	clamav_version[128];
 static	int	fflag = 0;	/* force a scan, whatever */
@ -1909,13 +1912,19 @@ clamfi_eom(SMFICTX *ctx)
 		char buf[1024];

 		/*
-		 * Include the hostname where the scan took place:
+		 * Include the hostname where the scan took place
 		 */
-		if(localSocket)
+		if(localSocket) {
+			char hostname[32];
+
+			if(gethostname(hostname, sizeof(hostname)) < 0)
+				strncpy(hostname,
+					smfi_getsymval(ctx, "{j}"),
+					sizeof(hostname) - 1);
+
 			snprintf(buf, sizeof(buf) - 1, "%s\n\ton %s",
-				clamav_version,
-				smfi_getsymval(ctx, "{j}"));
-		else {
+				clamav_version, hostname);
+		} else {
 			char *hostname = cli_strtok(serverHostNames, privdata->serverNumber, ":");

 			if(hostname) {
@ -2107,7 +2116,7 @@ clamfi_eom(SMFICTX *ctx)
 				fputs("Subject: Virus intercepted\n\n", sendmail);

 				if((templatefile == NULL) ||
-				   (sendtemplate(templatefile, sendmail, mess) < 0)) {
+				   (sendtemplate(ctx, templatefile, sendmail, mess) < 0)) {
 					if(bflag)
 						fputs("A message you sent to\n", sendmail);
 					else if(pflag)
@ -2273,7 +2282,11 @@ clamfi_free(struct privdata *privdata)
 		}

 		if(privdata->filename != NULL) {
-			if(unlink(privdata->filename) < 0) {
+			/*
+			 * Don't print an error if the file hasn't been created
+			 * yet
+			 */
+			if((unlink(privdata->filename) < 0) && (errno != ENOENT)) {
 				perror(privdata->filename);
 				if(use_syslog)
 					syslog(LOG_ERR,
@ -2531,7 +2544,8 @@ updateSigFile(void)
 	signatureStamp = statb.st_mtime;

 	signature = cli_realloc(signature, statb.st_size);
-	read(fd, signature, statb.st_size);
+	if(signature)
+		read(fd, signature, statb.st_size);
 	close(fd);

 	return statb.st_size;
@ -2653,7 +2667,12 @@ connect2clamd(struct privdata *privdata)
 		sprintf(privdata->filename, "%s/%02d%02d%02d", quarantine_dir,
 			YY, MM, DD);

-		(void)mkdir(privdata->filename, 0700);
+		if(mkdir(privdata->filename, 0700) < 0) {
+			perror(privdata->filename);
+			if(use_syslog)
+				syslog(LOG_ERR, "mkdir %s failed", privdata->filename);
+			return 0;
+		}

 		do {
 			sprintf(privdata->filename,
@ -2866,18 +2885,20 @@ checkClamd(void)
 /*
 * Send a templated message about an intercepted message. Very basic for
 * now, just to prove it works, will enhance the flexability later, only
- * supports %v at present. And only one instance of %v at that
+ * supports %v and {sendmail_variables} at present. And only one instance of
+ * %v at that.
 *
 * TODO: more template features
 * TODO: allow filename to start with a '|' taken to mean the output of
 *	a program
+ * TODO: allow { to be escaped with a \ character
 */
 static int
-sendtemplate(const char *filename, FILE *sendmail, const char *clamdMessage)
+sendtemplate(SMFICTX *ctx, const char *filename, FILE *sendmail, const char *clamdMessage)
 {
 	FILE *fin = fopen(filename, "r");
 	struct stat statb;
-	char *buf, *ptr;
+	char *buf, *ptr, *ptr2;
 	int rc;

 	if(fin == NULL) {
@ -2899,22 +2920,43 @@ sendtemplate(const char *filename, FILE *sendmail, const char *clamdMessage)
 	}
 	buf = cli_malloc(statb.st_size + 1);
 	if(buf == NULL) {
+		fclose(fin);
 		if(use_syslog)
 			syslog(LOG_ERR, "Out of memory");
-		fclose(fin);
 		return -1;
 	}
 	fread(buf, sizeof(char), statb.st_size, fin);
 	fclose(fin);
 	buf[statb.st_size] = '\0';

-	if((ptr = strstr(buf, "%v")) != NULL) {
+	/* FIXME: \%v should be %%v */
+	if(((ptr = strstr(buf, "%v")) != NULL) && (strstr(buf, "\\%v") == NULL)) {
 		*ptr = '\0';
 		ptr = &ptr[2];
 		fputs(buf, sendmail);
 		/* Need to peel out the virus name and just send that */
 		fputs(clamdMessage, sendmail);
 		rc = (fputs(ptr, sendmail) == EOF) ? -1 : 0;
+	} else if((ptr = strchr(buf, '{')) && (ptr2 = strchr(ptr, '}'))) {
+		char *var;
+
+		*ptr++ = '\0';
+		fputs(buf, sendmail);
+		*ptr2++ = '\0';
+
+		if((var = cli_malloc(strlen(ptr) + 3)) != NULL) {
+			sprintf(var, "{%s}", ptr);
+			if((ptr = smfi_getsymval(ctx, var)) != NULL)
+				fputs(ptr, sendmail);
+			else if(use_syslog) {
+				fputs(var, sendmail);
+				syslog(LOG_ERR,
+					"%s: Unknown sendmail variable \"%s\"\n",
+					filename, var);
+			}
+			free(var);
+		}
+		fputs(ptr2, sendmail);
 	} else
 		rc = (fputs(buf, sendmail) == EOF) ? -1 : 0;

--- a/clamav-devel/docs/man/clamav-milter.8
+++ b/clamav-devel/docs/man/clamav-milter.8
@ -146,7 +146,7 @@ maximum time a pending thread will be held up is 1 minute, so the number
 of threads can exceed this number for short periods of time.
 There is no default, if this argument is not \fBclamav\-milter\fR will
 spawn as many children as is necessary.
-.TP
+.LP
 Most users will not need this option, if in doubt do not set it.
 .TP
 \fB\-\-template\-file=file \-t file\fR
@ -154,6 +154,9 @@ File points to a file whose contents is sent as the warning message whenever a
 virus is intercepted.
 The first occurance of %v within the file is replaced with the message
 returned from clamd, which includes the name of the virus.
+The %v string can be escaped, thus \\%v, to send the string %v.
+Any occurance of strings in braces are replaced with the appropriate
+{sendmail-variable}.
 If the \-t option is not given, clamav\-milter defaults to a hardcoded message.
 .SH "EXAMPLES"
 .LP