mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s3:modules: Implement dummy virus scanner that uses filename matching
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14971 Signed-off-by: Pavel Filipenský <pfilipen@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
parent
9693f7ea73
commit
9f34babec7
@ -35,12 +35,14 @@
|
|||||||
|
|
||||||
enum virusfilter_scanner_enum {
|
enum virusfilter_scanner_enum {
|
||||||
VIRUSFILTER_SCANNER_CLAMAV,
|
VIRUSFILTER_SCANNER_CLAMAV,
|
||||||
|
VIRUSFILTER_SCANNER_DUMMY,
|
||||||
VIRUSFILTER_SCANNER_FSAV,
|
VIRUSFILTER_SCANNER_FSAV,
|
||||||
VIRUSFILTER_SCANNER_SOPHOS
|
VIRUSFILTER_SCANNER_SOPHOS
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct enum_list scanner_list[] = {
|
static const struct enum_list scanner_list[] = {
|
||||||
{ VIRUSFILTER_SCANNER_CLAMAV, "clamav" },
|
{ VIRUSFILTER_SCANNER_CLAMAV, "clamav" },
|
||||||
|
{ VIRUSFILTER_SCANNER_DUMMY, "dummy" },
|
||||||
{ VIRUSFILTER_SCANNER_FSAV, "fsav" },
|
{ VIRUSFILTER_SCANNER_FSAV, "fsav" },
|
||||||
{ VIRUSFILTER_SCANNER_SOPHOS, "sophos" },
|
{ VIRUSFILTER_SCANNER_SOPHOS, "sophos" },
|
||||||
{ -1, NULL }
|
{ -1, NULL }
|
||||||
@ -199,6 +201,7 @@ static int virusfilter_vfs_connect(
|
|||||||
int snum = SNUM(handle->conn);
|
int snum = SNUM(handle->conn);
|
||||||
struct virusfilter_config *config = NULL;
|
struct virusfilter_config *config = NULL;
|
||||||
const char *exclude_files = NULL;
|
const char *exclude_files = NULL;
|
||||||
|
const char *infected_files = NULL;
|
||||||
const char *temp_quarantine_dir_mode = NULL;
|
const char *temp_quarantine_dir_mode = NULL;
|
||||||
const char *infected_file_command = NULL;
|
const char *infected_file_command = NULL;
|
||||||
const char *scan_error_command = NULL;
|
const char *scan_error_command = NULL;
|
||||||
@ -255,6 +258,12 @@ static int virusfilter_vfs_connect(
|
|||||||
set_namearray(&config->exclude_files, exclude_files);
|
set_namearray(&config->exclude_files, exclude_files);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
infected_files = lp_parm_const_string(
|
||||||
|
snum, "virusfilter", "infected files", NULL);
|
||||||
|
if (infected_files != NULL) {
|
||||||
|
set_namearray(&config->infected_files, infected_files);
|
||||||
|
}
|
||||||
|
|
||||||
config->cache_entry_limit = lp_parm_int(
|
config->cache_entry_limit = lp_parm_int(
|
||||||
snum, "virusfilter", "cache entry limit", 100);
|
snum, "virusfilter", "cache entry limit", 100);
|
||||||
|
|
||||||
@ -537,6 +546,9 @@ static int virusfilter_vfs_connect(
|
|||||||
case VIRUSFILTER_SCANNER_CLAMAV:
|
case VIRUSFILTER_SCANNER_CLAMAV:
|
||||||
ret = virusfilter_clamav_init(config);
|
ret = virusfilter_clamav_init(config);
|
||||||
break;
|
break;
|
||||||
|
case VIRUSFILTER_SCANNER_DUMMY:
|
||||||
|
ret = virusfilter_dummy_init(config);
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
DBG_ERR("Unhandled scanner %d\n", backend);
|
DBG_ERR("Unhandled scanner %d\n", backend);
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -83,6 +83,9 @@ struct virusfilter_config {
|
|||||||
/* Exclude files */
|
/* Exclude files */
|
||||||
name_compare_entry *exclude_files;
|
name_compare_entry *exclude_files;
|
||||||
|
|
||||||
|
/* Infected files */
|
||||||
|
name_compare_entry *infected_files;
|
||||||
|
|
||||||
/* Scan result cache */
|
/* Scan result cache */
|
||||||
struct virusfilter_cache *cache;
|
struct virusfilter_cache *cache;
|
||||||
int cache_entry_limit;
|
int cache_entry_limit;
|
||||||
@ -149,5 +152,6 @@ struct virusfilter_backend {
|
|||||||
int virusfilter_sophos_init(struct virusfilter_config *config);
|
int virusfilter_sophos_init(struct virusfilter_config *config);
|
||||||
int virusfilter_fsav_init(struct virusfilter_config *config);
|
int virusfilter_fsav_init(struct virusfilter_config *config);
|
||||||
int virusfilter_clamav_init(struct virusfilter_config *config);
|
int virusfilter_clamav_init(struct virusfilter_config *config);
|
||||||
|
int virusfilter_dummy_init(struct virusfilter_config *config);
|
||||||
|
|
||||||
#endif /* _VIRUSFILTER_COMMON_H */
|
#endif /* _VIRUSFILTER_COMMON_H */
|
||||||
|
58
source3/modules/vfs_virusfilter_dummy.c
Normal file
58
source3/modules/vfs_virusfilter_dummy.c
Normal file
@ -0,0 +1,58 @@
|
|||||||
|
/*
|
||||||
|
Samba-VirusFilter VFS modules
|
||||||
|
Dummy scanner with infected files support.
|
||||||
|
Copyright (C) 2022 Pavel Filipenský <pfilipen@redhat.com>
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation; either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "modules/vfs_virusfilter_utils.h"
|
||||||
|
|
||||||
|
static virusfilter_result virusfilter_dummy_scan(
|
||||||
|
struct vfs_handle_struct *handle,
|
||||||
|
struct virusfilter_config *config,
|
||||||
|
const struct files_struct *fsp,
|
||||||
|
char **reportp)
|
||||||
|
{
|
||||||
|
bool ok;
|
||||||
|
|
||||||
|
DBG_INFO("Scanning file: %s\n", fsp_str_dbg(fsp));
|
||||||
|
ok = is_in_path(fsp->fsp_name->base_name,
|
||||||
|
config->infected_files,
|
||||||
|
false);
|
||||||
|
return ok ? VIRUSFILTER_RESULT_INFECTED : VIRUSFILTER_RESULT_CLEAN;
|
||||||
|
}
|
||||||
|
|
||||||
|
static struct virusfilter_backend_fns virusfilter_backend_dummy = {
|
||||||
|
.connect = NULL,
|
||||||
|
.disconnect = NULL,
|
||||||
|
.scan_init = NULL,
|
||||||
|
.scan = virusfilter_dummy_scan,
|
||||||
|
.scan_end = NULL,
|
||||||
|
};
|
||||||
|
|
||||||
|
int virusfilter_dummy_init(struct virusfilter_config *config)
|
||||||
|
{
|
||||||
|
struct virusfilter_backend *backend = NULL;
|
||||||
|
|
||||||
|
backend = talloc_zero(config, struct virusfilter_backend);
|
||||||
|
if (backend == NULL) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
backend->fns = &virusfilter_backend_dummy;
|
||||||
|
backend->name = "dummy";
|
||||||
|
config->backend = backend;
|
||||||
|
return 0;
|
||||||
|
}
|
@ -591,6 +591,7 @@ bld.SAMBA3_MODULE('vfs_virusfilter',
|
|||||||
vfs_virusfilter_sophos.c
|
vfs_virusfilter_sophos.c
|
||||||
vfs_virusfilter_fsav.c
|
vfs_virusfilter_fsav.c
|
||||||
vfs_virusfilter_clamav.c
|
vfs_virusfilter_clamav.c
|
||||||
|
vfs_virusfilter_dummy.c
|
||||||
''',
|
''',
|
||||||
deps='samba-util VFS_VIRUSFILTER_UTILS',
|
deps='samba-util VFS_VIRUSFILTER_UTILS',
|
||||||
init_function='',
|
init_function='',
|
||||||
|
Loading…
Reference in New Issue
Block a user