clamav/clamonacc/client/protocol.c

/*
 *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
 *  Copyright (C) 2009 Sourcefire, Inc.
 *
 *  Authors: Tomasz Kojm, aCaB, Mickey Sola
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License version 2 as
 *  published by the Free Software Foundation.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 *  MA 02110-1301, USA.
 */

#if HAVE_CONFIG_H
#include "clamav-config.h"
#endif

#if defined(C_SOLARIS)
#ifndef __EXTENSIONS__
#define __EXTENSIONS__
#endif
#endif

/* must be first because it may define _XOPEN_SOURCE */
#include "shared/fdpassing.h"
#include <stdio.h>
#include <curl/curl.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <string.h>
#include <errno.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <sys/types.h>
#ifdef HAVE_SYS_SELECT_H
#include <sys/select.h>
#endif
#ifndef _WIN32
#include <arpa/inet.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <netdb.h>
#endif

#include "libclamav/clamav.h"
#include "shared/actions.h"
#include "shared/output.h"
#include "shared/misc.h"

#include "communication.h"
#include "protocol.h"
#include "client.h"

static const char *scancmd[] = { "CONTSCAN", "MULTISCAN", "INSTREAM", "FILDES", "ALLMATCHSCAN" };

/* Issues an INSTREAM command to clamd and streams the given file
 * Returns >0 on success, 0 soft fail, -1 hard fail */
static int onas_send_stream(CURL *curl, const char *filename, int fd, int64_t timeout, uint64_t maxstream) {
	uint32_t buf[BUFSIZ/sizeof(uint32_t)];
    	uint64_t len;
        uint64_t todo = maxstream;
	int ret = 1;
        int close_flag = 0;

        if (0 == fd) {
            if(filename) {
		if((fd = safe_open(filename, O_RDONLY | O_BINARY))<0) {
			logg("~%s: Access denied. ERROR\n", filename);
			return 0;
		}
                //logg("DEBUG: >>>>> fd is %d\n", fd);
                close_flag = 1;
            } else {
                fd = 0;
            }
        }


	if(onas_sendln(curl, "zINSTREAM", 10, timeout)) {
		ret = -1;
		goto strm_out;
	}

	while((len = read(fd, &buf[1], sizeof(buf) - sizeof(uint32_t))) > 0) {
		if((uint64_t)len > todo) len = todo;
		buf[0] = htonl(len);
		if (onas_sendln(curl, (const char *)buf, len+sizeof(uint32_t), timeout)) {
			ret = -1;
			goto strm_out;
		}
		todo -= len;
		if(!todo) {
			len = 0;
			break;
		}
	}

	if(len) {
		logg("!Failed to read from %s.\n", filename ? filename : "STDIN");
		ret =  0;
		goto strm_out;
	}
	*buf=0;
	onas_sendln(curl, (const char *)buf, 4, timeout);

strm_out:
        if (close_flag) {
            //logg("DEBUG: >>>>> closed fd %d\n", fd);
            close(fd);
        }
	return ret;
}

#ifdef HAVE_FD_PASSING
/* Issues a FILDES command and pass a FD to clamd
 * Returns >0 on success, 0 soft fail, -1 hard fail */
static int onas_send_fdpass(CURL *curl, const char *filename, int fd, int64_t timeout) {
	CURLcode result;
	struct iovec iov[1];
	struct msghdr msg;
	struct cmsghdr *cmsg;
	unsigned char fdbuf[CMSG_SPACE(sizeof(int))];
	char dummy[]="";
	int ret = 1;
        int close_flag = 0;

        if (0 == fd) {
            if(filename) {
		if((fd = open(filename, O_RDONLY))<0) {
			logg("~%s: Access denied. ERROR\n", filename);
			return 0;
		}
                close_flag = 1;
            } else {
                fd = 0;
            }
        }
	if(result = onas_sendln(curl, "zFILDES", 8, timeout)) {
		logg("*ClamProto: error sending w/ curl, %s\n", curl_easy_strerror(result));
		ret = -1;
		goto fd_out;
	}

	iov[0].iov_base = dummy;
	iov[0].iov_len = 1;
	memset(&msg, 0, sizeof(msg));
	msg.msg_control = fdbuf;
	msg.msg_iov = iov;
	msg.msg_iovlen = 1;
	msg.msg_controllen = CMSG_LEN(sizeof(int));
	cmsg = CMSG_FIRSTHDR(&msg);
	cmsg->cmsg_len = CMSG_LEN(sizeof(int));
	cmsg->cmsg_level = SOL_SOCKET;
	cmsg->cmsg_type = SCM_RIGHTS;
	*(int *)CMSG_DATA(cmsg) = fd;
	if(onas_sendln(curl, &msg, 0, timeout) == -1) {
		logg("!FD send failed: %s\n", strerror(errno));
		ret = -1;
		goto fd_out;
	}
fd_out:
        if (close_flag) {
            close(fd);
        }
	return ret;
}
#endif

/* Sends a proper scan request to clamd and parses its replies
 * This is used only in non IDSESSION mode
 * Returns the number of infected files or -1 on error
 * NOTE: filename may be NULL for STREAM scantype. */
int onas_dsresult(CURL *curl, int scantype, uint64_t maxstream, const char *filename, int fd, int64_t timeout, int *printok, int *errors, cl_error_t *ret_code) {
	int infected = 0, len = 0, beenthere = 0;
	char *bol, *eol;
	struct RCVLN rcv;
	STATBUF sb;

	onas_recvlninit(&rcv, curl);

	if (ret_code) {
		*ret_code = CL_SUCCESS;
	}

	switch(scantype) {
		case MULTI:
		case CONT:
		case ALLMATCH:
			if (!filename) {
				logg("Filename cannot be NULL for MULTISCAN or CONTSCAN.\n");
				if (ret_code) {
					*ret_code = CL_ENULLARG;
				}
				return -1;
			}
			len = strlen(filename) + strlen(scancmd[scantype]) + 3;
			if (!(bol = malloc(len))) {
				logg("!Cannot allocate a command buffer: %s\n", strerror(errno));
				if (ret_code) {
					*ret_code = CL_EMEM;
				}
				return -1;
			}
			sprintf(bol, "z%s %s", scancmd[scantype], filename);
			if(onas_sendln(curl, bol, len, timeout)) {
				if (ret_code) {
					*ret_code = CL_EWRITE;
				}
				free(bol);
				return -1;
			}
			free(bol);
			break;

		case STREAM:
			/* NULL filename safe in send_stream() */
			len = onas_send_stream(curl, filename, fd, timeout, maxstream);
			break;
#ifdef HAVE_FD_PASSING
		case FILDES:
			/* NULL filename safe in send_fdpass() */
			len = onas_send_fdpass(curl, filename, fd, timeout);
			break;
#endif
	}

	if(len <=0) {
		*printok = 0;
		if(errors)
			(*errors)++;
		return len;
	}

	while((len = onas_recvln(&rcv, &bol, &eol, timeout))) {
		if(len == -1) {
			if (ret_code) {
				*ret_code = CL_EREAD;
			}
			return -1;
		}
		beenthere = 1;
		if(!filename) {
			logg("~%s\n", bol);
		}
		if(len > 7) {
			char *colon = strrchr(bol, ':');

			if(colon && colon[1] != ' ') {
				char *br;
				*colon = 0;

				br = strrchr(bol, '(');
				if(br) {
					*br = 0;
				}
				colon = strrchr(bol, ':');
			}

			if(!colon) {
				char * unkco = "UNKNOWN COMMAND";
				if (!strncmp(bol, unkco, sizeof(unkco) - 1)) {
					logg("*clamd replied \"UNKNOWN COMMAND\". Command was %s\n",
							(scantype < 0 || scantype > MAX_SCANTYPE) ? "unidentified" :
							scancmd[scantype]);
				} else {
					logg("*Failed to parse reply: \"%s\"\n", bol);
				}

				if (ret_code) {
					*ret_code = CL_EPARSE;
				}
				return -1;

			} else if(!memcmp(eol - 7, " FOUND", 6)) {
				static char last_filename[PATH_MAX+1] = {'\0'};
				*(eol - 7) = 0;
				*printok = 0;

				if (scantype != ALLMATCH) {
					infected++;
				} else {
					if (filename != NULL && strcmp(filename, last_filename)) {
						infected++;
						strncpy(last_filename, filename, PATH_MAX);
						last_filename[PATH_MAX] = '\0';
					}
				}

				if(filename) {
					if(scantype >= STREAM) {
						logg("~%s%s FOUND\n", filename, colon);
						if(action) {
							action(filename);
						}
					} else {
						logg("~%s FOUND\n", bol);
						*colon = '\0';
						if(action) {
							action(bol);
						}
					}
				}

				if (ret_code) {
					*ret_code = CL_VIRUS;
				}

			} else if(len > 49 && !memcmp(eol-50, " lstat() failed: No such file or directory. ERROR", 49)) {
				if(errors) {
					(*errors)++;
				}
				*printok = 0;

				if(filename) {
					(scantype >= STREAM) ? logg("*%s%s\n", filename, colon) : logg("*%s\n", bol);
				}

				if (ret_code) {
					*ret_code = CL_ESTAT;
				}
                        } else if(len > 41 && !memcmp(eol-42, " lstat() failed: Permission denied. ERROR", 41)) {
				if(errors) {
					(*errors)++;
				}
				*printok = 0;

				if(filename) {
					(scantype >= STREAM) ? logg("*%s%s\n", filename, colon) : logg("*%s\n", bol);
				}

				if (ret_code) {
					*ret_code = CL_ESTAT;
				}
                        } else if(len > 21 && !memcmp(eol-22, " Access denied. ERROR", 21)) {
				if(errors) {
					(*errors)++;
				}
				*printok = 0;

				if(filename) {
					(scantype >= STREAM) ? logg("*%s%s\n", filename, colon) : logg("*%s\n", bol);
				}

				if (ret_code) {
					*ret_code = CL_EACCES;
				}
			} else if(!memcmp(eol-7, " ERROR", 6)) {
				if(errors) {
					(*errors)++;
				}
				*printok = 0;

				if(filename) {
					(scantype >= STREAM) ? logg("~%s%s\n", filename, colon) : logg("~%s\n", bol);
				}

				if (ret_code) {
					*ret_code = CL_ESTATE;
				}
			}
		}
	}
	if(!beenthere) {
		if (!filename) {
			logg("STDIN: noreply from clamd\n.");
			if (ret_code) {
				*ret_code = CL_EACCES;
			}
			return -1;
		}
		if(CLAMSTAT(filename, &sb) == -1) {
			logg("~%s: stat() failed with %s, clamd may not be responding\n",
					filename, strerror(errno));
			if (ret_code) {
				*ret_code = CL_EACCES;
			}
			return -1;
		}
		if(!S_ISDIR(sb.st_mode)) {
			logg("~%s: no reply from clamd\n", filename);
			if (ret_code) {
				*ret_code = CL_EACCES;
			}
			return -1;
		}
	}
	return infected;
}