231
231
return clamukofsth(arg);
234
#elif defined(CLAMAUTH)
238
#include <sys/types.h>
239
#include <sys/stat.h>
247
#include "libclamav/clamav.h"
248
#include "libclamav/scanners.h"
250
#include "shared/optparser.h"
251
#include "shared/output.h"
257
#define SUPPORTED_PROTOCOL 2
259
static int cauth_fd = -1;
261
struct ClamAuthEvent {
267
static void cauth_exit(int sig)
269
logg("*ClamAuth: cauth_exit(), signal %d\n", sig);
273
logg("ClamAuth: stopped\n");
276
static int cauth_scanfile(const char *fname, int extinfo, struct thrarg *tharg)
278
struct cb_context context;
282
context.filename = fname;
285
fd = open(fname, O_RDONLY);
289
if(cl_scandesc_callback(fd, &virname, NULL, tharg->engine, tharg->options, &context) == CL_VIRUS) {
291
detstats_add(virname, fname, context.virsize, context.virhash);
292
if(extinfo && context.virsize)
293
logg("ClamAuth: %s: %s(%s:%llu) FOUND\n", fname, virname, context.virhash, context.virsize);
295
logg("ClamAuth: %s: %s FOUND\n", fname, virname);
296
virusaction(fname, virname, tharg->opts);
302
void *clamukoth(void *arg)
304
struct thrarg *tharg = (struct thrarg *) arg;
306
struct sigaction act;
307
int eventcnt = 1, extinfo;
309
struct ClamAuthEvent event;
311
/* ignore all signals except SIGUSR1 */
313
sigdelset(&sigset, SIGUSR1);
314
/* The behavior of a process is undefined after it ignores a
315
* SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
316
sigdelset(&sigset, SIGFPE);
317
sigdelset(&sigset, SIGILL);
318
sigdelset(&sigset, SIGSEGV);
320
sigdelset(&sigset, SIGBUS);
322
pthread_sigmask(SIG_SETMASK, &sigset, NULL);
323
memset(&act, 0, sizeof(struct sigaction));
324
act.sa_handler = cauth_exit;
325
sigfillset(&(act.sa_mask));
326
sigaction(SIGUSR1, &act, NULL);
327
sigaction(SIGSEGV, &act, NULL);
329
extinfo = optget(tharg->opts, "ExtendedDetectionInfo")->enabled;
331
cauth_fd = open("/dev/clamauth", O_RDONLY);
333
logg("!ClamAuth: Can't open /dev/clamauth\n");
335
logg("!ClamAuth: Please make sure ClamAuth.kext is loaded\n");
336
else if(errno == EACCES)
337
logg("!ClamAuth: This application requires root privileges\n");
339
logg("!ClamAuth: /dev/clamauth: %s\n", cli_strerror(errno, err, sizeof(err)));
345
if(read(cauth_fd, &event, sizeof(event)) > 0) {
347
if(event.action != SUPPORTED_PROTOCOL) {
348
logg("!ClamAuth: Protocol version mismatch (tool: %d, driver: %d)\n", SUPPORTED_PROTOCOL, event.action);
352
if(strncmp(event.path, "ClamAuth", 8)) {
353
logg("!ClamAuth: Invalid version event\n");
357
logg("ClamAuth: Driver version: %s, protocol version: %d\n", &event.path[9], event.action);
359
cauth_scanfile(event.path, extinfo, tharg);
363
if(errno == ENODEV) {
364
printf("^ClamAuth: ClamAuth module deactivated, terminating\n");