[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b
aCaB
acab at clamav.net
Sun Apr 4 01:19:40 UTC 2010
The following commit has been merged in the debian/unstable branch:
commit adf27b936e8ec316e1907304b3d459712de55347
Author: aCaB <acab at clamav.net>
Date: Tue Feb 9 20:45:32 2010 +0100
bb#1684
diff --git a/ChangeLog b/ChangeLog
index 024aee1..ea2ea19 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Tue Feb 9 20:44:11 CET 2010 (acab)
+-----------------------------------
+ * clamav-milter: allow SkipAuthenticated to read names from a file
+ (bb#1684)
+
Tue Feb 9 16:35:36 CET 2010 (acab)
-----------------------------------
* libclamav/scanners.c: fix gzip handler
diff --git a/clamav-milter/whitelist.c b/clamav-milter/whitelist.c
index 0eca7c8..5737ce4 100644
--- a/clamav-milter/whitelist.c
+++ b/clamav-milter/whitelist.c
@@ -120,10 +120,79 @@ int whitelisted(const char *addr, int from) {
int smtpauth_init(const char *r) {
- if (cli_regcomp(&authreg, r, REG_ICASE|REG_NOSUB|REG_EXTENDED)) {
- logg("!Failed to compile regex '%s' for SkipAuthSenders\n", r);
+ char *regex = NULL;
+
+ if(!strncmp(r, "file:", 5)) {
+ char buf[2048];
+ FILE *f = fopen(r+5, "r");
+ int rxsize = 0, rxavail = 0, rxused=0;
+
+ if(!f) {
+ logg("!Cannot open whitelist file '%s'\n", r+5);
+ return 1;
+ }
+ while(fgets(buf, sizeof(buf), f) != NULL) {
+ int len;
+ char *ptr;
+
+ if(*buf == '#' || *buf == ':' || *buf == '!')
+ continue;
+ len = strlen(buf) - 1;
+ for(;len>=0; len--) {
+ if(buf[len] != '\n' && buf[len] != '\r') break;
+ buf[len] = '\0';
+ }
+ if(len<=0) continue;
+ if(len*3+1 > rxavail) {
+ ptr = regex;
+ regex = realloc(regex, rxsize + 2048);
+ if(!regex) {
+ logg("!Cannot allocate memory for SkipAuthenticated file\n");
+ return 1;
+ }
+ rxavail = 2048;
+ rxsize += 2048;
+ if(!ptr) {
+ regex[0] = '^';
+ regex[1] = '(';
+ rxavail -= 2;
+ rxused = 2;
+ }
+ }
+ ptr = buf;
+ while(*ptr) {
+ if((*ptr>='A' && *ptr<='Z') || (*ptr>='a' && *ptr<='z') || (*ptr>='0' && *ptr<='9') || *ptr=='@') {
+ regex[rxused] = *ptr;
+ rxused++;
+ rxavail--;
+ } else {
+ regex[rxused] = '[';
+ regex[rxused+1] = *ptr;
+ regex[rxused+2] = ']';
+ rxused += 3;
+ rxavail -= 3;
+ }
+ ptr++;
+ }
+ regex[rxused++] = '|';
+ rxavail--;
+ }
+ if(rxavail < 4 && !(regex = realloc(regex, rxsize + 4))) {
+ logg("!Cannot allocate memory for SkipAuthenticated file\n");
+ return 1;
+ }
+ regex[rxused-1] = ')';
+ regex[rxused] = '$';
+ regex[rxused+1] = '\0';
+ r = regex;
+ }
+
+ if(cli_regcomp(&authreg, r, REG_ICASE|REG_NOSUB|REG_EXTENDED)) {
+ logg("!Failed to compile regex '%s' for SkipAuthenticated\n", r);
+ if(regex) free(regex);
return 1;
}
+ if(regex) free(regex);
skipauth = 1;
return 0;
}
diff --git a/etc/clamav-milter.conf b/etc/clamav-milter.conf
index 9a71041..aafc795 100644
--- a/etc/clamav-milter.conf
+++ b/etc/clamav-milter.conf
@@ -120,6 +120,10 @@ Example
# Messages from authenticated SMTP users matching this extended POSIX
# regular expression (egrep-like) will not be scanned.
+# As an alternative, a file containing a plain (not regex) list of names (one
+# per line) can be specified using the prefix "file:".
+# e.g. SkipAuthenticated file:/etc/good_guys
+#
# Note: this is the AUTH login name!
#
# Default: unset (no whitelisting based on SMTP auth)
diff --git a/shared/optparser.c b/shared/optparser.c
index f29cd94..bc41265 100644
--- a/shared/optparser.c
+++ b/shared/optparser.c
@@ -417,7 +417,7 @@ const struct clam_option __clam_options[] = {
{ "Whitelist", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "This option specifies a file which contains a list of basic POSIX regular\nexpressions. Addresses (sent to or from - see below) matching these regexes\nwill not be scanned. Optionally each line can start with the string \"From:\"\nor \"To:\" (note: no whitespace after the colon) indicating if it is,\nrespectively, the sender or recipient that is to be whitelisted.\nIf the field is missing, \"To:\" is assumed.\nLines starting with #, : or ! are ignored.", "/etc/whitelisted_addresses" },
- { "SkipAuthenticated", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "Messages from authenticated SMTP users matching this extended POSIX\nregular expression (egrep-like) will not be scanned.\nNote: this is the AUTH login name!", "SkipAuthenticated ^(tom|dick|henry)$" },
+ { "SkipAuthenticated", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "Messages from authenticated SMTP users matching this extended POSIX\nregular expression (egrep-like) will not be scanned.\nAs an alternative, a file containing a plain (not regex) list of names (one\nper line) can be specified using the prefix \"file:\".\ne.g. SkipAuthenticated file:/etc/good_guys\n\nNote: this is the AUTH login name!", "SkipAuthenticated ^(tom|dick|henry)$" },
{ "LogInfected", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "This option allows to tune what is logged when a message is infected.\nPossible values are Off (the default - nothing is logged),\nBasic (minimal info logged), Full (verbose info logged)\nNote:\nFor this to work properly in sendmail, make sure the msg_id, mail_addr,\nrcpt_addr and i macroes are available in eom. In other words add a line like:\nMilter.macros.eom={msg_id}, {mail_addr}, {rcpt_addr}, i\nto your .cf file. Alternatively use the macro:\ndefine(`confMILTER_MACROS_EOM', `{msg_id}, {mail_addr}, {rcpt_addr}, i')\nPostfix should be working fine with the default settings.", "Basic" },
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list