search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add ClamAV Interface.
[inoclam.git] / clam.c
blob757cbf0d56aa40cbc850eaabea59d64b992a60a8
1 /*
2 * inoclam - Inotify+ClamAV virus scanner
3 * Copyright (C) 2007 Vermont Department of Taxes
4 *
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * Contributor(s):
19 * Tom Cort <tom.cort@state.vt.us>
20 */
21
22 #include <clamav.h>
23 #include <errno.h>
24 #include <stdio.h>
25 #include <string.h>
26 #include <libdaemon/dlog.h>
27 #include <pthread.h>
28
29 #include "clam.h"
30 #include "monitor.h"
31 #include "sig.h"
32
33 /**
34 * Multiple threads are using and altering "engine".
35 * Use the engine_lock to prevent concurrency issues.
36 */
37 struct cl_engine *engine = NULL;
38
39 /**
40 * Load the virus definition files and prepare the engine.
41 */
42 void clam_init()
43 {
44 unsigned int sigs = 0;
45 int ret;
46
47 pthread_t tt;
48
49 memset(&engine_lock, '\0', sizeof(pthread_mutex_t));
50 pthread_mutex_init(&engine_lock, 0);
51
52 pthread_mutex_lock(&engine_lock);
53
54 /* Load virus definition files */
55 ret = cl_load(cl_retdbdir(), &engine, &sigs, CL_DB_STDOPT);
56 if (CL_SUCCESS != ret) {
57 pthread_mutex_unlock(&engine_lock);
58 daemon_log(LOG_ERR, "(%s:%u) cl_load() error: %s", __FILE__, __LINE__, cl_strerror(ret));
59 engine = NULL;
60 return;
61 }
62
63 daemon_log(LOG_INFO, "(%s:%u) Virus definitions loaded (%d signatures).", __FILE__, __LINE__, sigs);
64
65 /* prepare the detection engine */
66 ret = cl_build(engine);
67 if (CL_SUCCESS != ret) {
68 pthread_mutex_unlock(&engine_lock);
69 daemon_log(LOG_ERR, "(%s:%u) cl_build() error: %s", __FILE__, __LINE__, cl_strerror(ret));
70 cl_free(engine);
71 engine = NULL;
72 return;
73 }
74
75 daemon_log(LOG_INFO, "(%s:%u) Virus detection engine ready.", __FILE__, __LINE__);
76 pthread_mutex_unlock(&engine_lock);
77
78 monitor_inc();
79 pthread_attr_init(&ta);
80 pthread_attr_setdetachstate(&ta, PTHREAD_CREATE_DETACHED);
81 ret = pthread_create(&tt, &ta, (void *(*)(void *)) clam_refresh, (void *) NULL);
82 if (ret) {
83 monitor_dec();
84 daemon_log(LOG_ERR, "(%s:%u) Can't create clam_refresh thread: %s", __FILE__, __LINE__, strerror(errno));
85 }
86 }
87
88 /**
89 * Thread that reloads virus definitions as needed
90 */
91 void clam_refresh()
92 {
93 int sigs, ret;
94 struct cl_stat dbstat;
95
96 memset(&dbstat, 0, sizeof(struct cl_stat));
97 cl_statinidir(cl_retdbdir(), &dbstat);
98
99 do {
100 if (cl_statchkdir(&dbstat) == 1) {
101 struct cl_engine *tmp_engine = NULL;
102 struct cl_engine *old_engine = NULL;
103
104 daemon_log(LOG_INFO, "(%s:%u) Reloading new virus definitions", __FILE__, __LINE__);
105
106 /* Load virus definition files */
107 ret = cl_load(cl_retdbdir(), &tmp_engine, &sigs, CL_DB_STDOPT);
108 if (CL_SUCCESS != ret) {
109 daemon_log(LOG_ERR, "(%s:%u) cl_load() error: %s", __FILE__, __LINE__, cl_strerror(ret));
110 tmp_engine = NULL;
111 continue;
112 }
113
114 daemon_log(LOG_INFO, "(%s:%u) Virus definitions loaded (%d signatures).", __FILE__, __LINE__, sigs);
115
116 /* prepare the detection engine */
117 ret = cl_build(tmp_engine);
118 if (CL_SUCCESS != ret) {
119 daemon_log(LOG_ERR, "(%s:%u) cl_build() error: %s", __FILE__, __LINE__, cl_strerror(ret));
120 cl_free(tmp_engine);
121 tmp_engine = NULL;
122 continue;
123 }
124
125 /* Swap tmp_engine and engine, free resources from old engine */
126 pthread_mutex_lock(&engine_lock);
127 old_engine = engine;
128 engine = tmp_engine;
129 tmp_engine = NULL;
130 daemon_log(LOG_INFO, "(%s:%u) Virus detection engine ready.", __FILE__, __LINE__);
131 pthread_mutex_unlock(&engine_lock);
132
133 cl_free(old_engine);
134 old_engine = NULL;
135
136 cl_statfree(&dbstat);
137 memset(&dbstat, 0, sizeof(struct cl_stat));
138 cl_statinidir(cl_retdbdir(), &dbstat);
139 }
140
141 sleep(10);
142 } while (!exit_now);
143
144 cl_statfree(&dbstat);
145
146 monitor_dec();
147 /* pthread_exit(NULL);
148 */ return;
149 }
150
151 /**
152 * Scans a file for virus.
153 * @return -1 Error || 0 No Virus || +1 Virus Found
154 */
155 int contains_virus(char *filename)
156 {
157 int ret;
158 struct cl_limits limits;
159 const char *virname;
160
161 pthread_mutex_lock(&engine_lock);
162
163 memset(&limits, 0, sizeof(struct cl_limits));
164 limits.maxfiles = 1;
165 limits.maxfilesize = 10 * 1048576;
166 limits.maxreclevel = 1;
167 limits.maxmailrec = 1;
168 limits.maxratio = 200;
169
170 ret = cl_scanfile(filename, &virname, NULL, engine, &limits, CL_SCAN_STDOPT);
171 if (CL_VIRUS == ret) {
172 pthread_mutex_unlock(&engine_lock);
173 daemon_log(LOG_INFO, "(%s:%u) Virus detected: %s", __FILE__, __LINE__, virname);
174 return 1;
175 } else if (CL_CLEAN == ret) {
176 pthread_mutex_unlock(&engine_lock);
177 daemon_log(LOG_INFO, "(%s:%u) No virus detected.", __FILE__, __LINE__);
178 return 0;
179 } else {
180 pthread_mutex_unlock(&engine_lock);
181 daemon_log(LOG_ERR, "(%s:%u) Scan Error: %s", __FILE__, __LINE__, cl_strerror(ret));
182 return -1;
183 }
184 }
185
186 /**
187 * Free resources used by the engine.
188 */
189 void clam_exit()
190 {
191 pthread_mutex_lock(&engine_lock);
192
193 if (engine) {
194 cl_free(engine);
195 engine = NULL;
196 }
197
198 pthread_mutex_unlock(&engine_lock);
199 }
Inoclam monitors directories with inotify and virus scans files with ClamAV when they are created or changed.