[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6156-g094ec9b

Sun Apr 4 01:19:40 UTC 2010

The following commit has been merged in the debian/unstable branch:
commit adf27b936e8ec316e1907304b3d459712de55347
Author: aCaB <acab at clamav.net>
Date:   Tue Feb 9 20:45:32 2010 +0100

    bb#1684

diff --git a/ChangeLog b/ChangeLog
index 024aee1..ea2ea19 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Tue Feb  9 20:44:11 CET 2010 (acab)
+-----------------------------------
+ * clamav-milter: allow SkipAuthenticated to read names from a file
+		(bb#1684)
+
 Tue Feb  9 16:35:36 CET 2010 (acab)
 -----------------------------------
  * libclamav/scanners.c: fix gzip handler
diff --git a/clamav-milter/whitelist.c b/clamav-milter/whitelist.c
index 0eca7c8..5737ce4 100644
--- a/clamav-milter/whitelist.c
+++ b/clamav-milter/whitelist.c
@@ -120,10 +120,79 @@ int whitelisted(const char *addr, int from) {
 
 
 int smtpauth_init(const char *r) {
-    if (cli_regcomp(&authreg, r, REG_ICASE|REG_NOSUB|REG_EXTENDED)) {
-	logg("!Failed to compile regex '%s' for SkipAuthSenders\n", r);
+    char *regex = NULL;
+
+    if(!strncmp(r, "file:", 5)) {
+	char buf[2048];
+	FILE *f = fopen(r+5, "r");
+	int rxsize = 0, rxavail = 0, rxused=0;
+
+	if(!f) {
+	    logg("!Cannot open whitelist file '%s'\n", r+5);
+	    return 1;
+	}
+	while(fgets(buf, sizeof(buf), f) != NULL) {
+	    int len;
+	    char *ptr;
+
+	    if(*buf == '#' || *buf == ':' || *buf == '!')
+		continue;
+	    len = strlen(buf) - 1;
+	    for(;len>=0; len--) {
+		if(buf[len] != '\n' && buf[len] != '\r') break;
+		buf[len] = '\0';
+	    }
+	    if(len<=0) continue;
+	    if(len*3+1 > rxavail) {
+		ptr = regex;
+		regex = realloc(regex, rxsize + 2048);
+		if(!regex) {
+		    logg("!Cannot allocate memory for SkipAuthenticated file\n");
+		    return 1;
+		}
+		rxavail = 2048;
+		rxsize += 2048;
+		if(!ptr) {
+		    regex[0] = '^';
+		    regex[1] = '(';
+		    rxavail -= 2;
+		    rxused = 2;
+		}
+	    }
+	    ptr = buf;
+	    while(*ptr) {
+		if((*ptr>='A' && *ptr<='Z') || (*ptr>='a' && *ptr<='z') || (*ptr>='0' && *ptr<='9') || *ptr=='@') {
+		    regex[rxused] = *ptr;
+		    rxused++;
+		    rxavail--;
+		} else {
+		    regex[rxused] = '[';
+		    regex[rxused+1] = *ptr;
+		    regex[rxused+2] = ']';
+		    rxused += 3;
+		    rxavail -= 3;
+		}
+		ptr++;
+	    }
+	    regex[rxused++] = '|';
+	    rxavail--;
+	}
+	if(rxavail < 4 && !(regex = realloc(regex, rxsize + 4))) {
+	    logg("!Cannot allocate memory for SkipAuthenticated file\n");
+	    return 1;
+	}
+	regex[rxused-1] = ')';
+	regex[rxused] = '$';
+	regex[rxused+1] = '\0';
+	r = regex;
+    }
+
+    if(cli_regcomp(&authreg, r, REG_ICASE|REG_NOSUB|REG_EXTENDED)) {
+	logg("!Failed to compile regex '%s' for SkipAuthenticated\n", r);
+	if(regex) free(regex);
 	return 1;
     }
+    if(regex) free(regex);
     skipauth = 1;
     return 0;
 }
diff --git a/etc/clamav-milter.conf b/etc/clamav-milter.conf
index 9a71041..aafc795 100644
--- a/etc/clamav-milter.conf
+++ b/etc/clamav-milter.conf
@@ -120,6 +120,10 @@ Example
 
 # Messages from authenticated SMTP users matching this extended POSIX
 # regular expression (egrep-like) will not be scanned.
+# As an alternative, a file containing a plain (not regex) list of names (one
+# per line) can be specified using the prefix "file:".
+# e.g. SkipAuthenticated file:/etc/good_guys
+#
 # Note: this is the AUTH login name!
 #
 # Default: unset (no whitelisting based on SMTP auth)
diff --git a/shared/optparser.c b/shared/optparser.c
index f29cd94..bc41265 100644
--- a/shared/optparser.c
+++ b/shared/optparser.c
@@ -417,7 +417,7 @@ const struct clam_option __clam_options[] = {
 
     { "Whitelist", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "This option specifies a file which contains a list of basic POSIX regular\nexpressions. Addresses (sent to or from - see below) matching these regexes\nwill not be scanned.  Optionally each line can start with the string \"From:\"\nor \"To:\" (note: no whitespace after the colon) indicating if it is,\nrespectively, the sender or recipient that is to be whitelisted.\nIf the field is missing, \"To:\" is assumed.\nLines starting with #, : or ! are ignored.", "/etc/whitelisted_addresses" },
 
-    { "SkipAuthenticated", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "Messages from authenticated SMTP users matching this extended POSIX\nregular expression (egrep-like) will not be scanned.\nNote: this is the AUTH login name!", "SkipAuthenticated ^(tom|dick|henry)$" },
+    { "SkipAuthenticated", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "Messages from authenticated SMTP users matching this extended POSIX\nregular expression (egrep-like) will not be scanned.\nAs an alternative, a file containing a plain (not regex) list of names (one\nper line) can be specified using the prefix \"file:\".\ne.g. SkipAuthenticated file:/etc/good_guys\n\nNote: this is the AUTH login name!", "SkipAuthenticated ^(tom|dick|henry)$" },
 
     { "LogInfected", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_MILTER, "This option allows to tune what is logged when a message is infected.\nPossible values are Off (the default - nothing is logged),\nBasic (minimal info logged), Full (verbose info logged)\nNote:\nFor this to work properly in sendmail, make sure the msg_id, mail_addr,\nrcpt_addr and i macroes are available in eom. In other words add a line like:\nMilter.macros.eom={msg_id}, {mail_addr}, {rcpt_addr}, i\nto your .cf file. Alternatively use the macro:\ndefine(`confMILTER_MACROS_EOM', `{msg_id}, {mail_addr}, {rcpt_addr}, i')\nPostfix should be working fine with the default settings.", "Basic" },
 

-- 
Debian repository for ClamAV

