diff --git a/ChangeLog b/ChangeLog index be8da289..76930c2e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4303,6 +4303,11 @@ v0.33.19 26-Oct-2001 File search is done on long and short filenames. Uploaded files are accepted with long filenames, the short name is created when the upload is processed. + The virus scan after files upload tried also to use scanners + that were not available. + The upload virus file scan now also scans files that are not + known archives. Should catch macro viri and worms. + The file CRC is now set when importing an uploaded file. mbnewusr: New program, run by user bbs. This is only to register a new diff --git a/Makefile b/Makefile index fb6177b7..4c3c69c1 100644 --- a/Makefile +++ b/Makefile @@ -51,6 +51,7 @@ install: mkdir ${PREFIX}/log ; \ ${CHOWN} ${OWNER}.${GROUP} ${PREFIX}/log ; \ fi + @chmod 0775 ${PREFIX}/log @if [ ! -d ${PREFIX}/magic ] ; then \ mkdir ${PREFIX}/magic ; \ ${CHOWN} ${OWNER}.${GROUP} ${PREFIX}/magic ; \ diff --git a/mbfido/mbfpack.c b/mbfido/mbfpack.c index b7a50d76..5245150f 100644 --- a/mbfido/mbfpack.c +++ b/mbfido/mbfpack.c @@ -39,8 +39,8 @@ -extern int do_quiet; /* Supress screen output */ - +extern int do_quiet; /* Supress screen output */ +extern int do_index; /* Reindex filebases */ /* @@ -92,7 +92,7 @@ void PackFileBase(void) Marker(); sprintf(fAreas, "%s/fdb/fdb%d.data", getenv("MBSE_ROOT"), i); - sprintf(fTmp, "%s/fdb/fdbtmp.data", getenv("MBSE_ROOT")); + sprintf(fTmp, "%s/fdb/fdb%d.temp", getenv("MBSE_ROOT"), i); if ((pFile = fopen(fAreas, "r")) == NULL) { Syslog('!', "Creating new %s", fAreas); @@ -115,16 +115,17 @@ void PackFileBase(void) fwrite(&file, sizeof(file), 1, fp); } else { iRemoved++; - Syslog('+', "Removed file \"%s\" from area %d", file.Name, i); - sprintf(fn, "%s/%s", area.Path, file.Name); + Syslog('+', "Removed file \"%s\" from area %d", file.LName, i); + sprintf(fn, "%s/%s", area.Path, file.LName); rc = unlink(fn); if (rc) - Syslog('+', "Unlink %s result %d", fn, rc); + Syslog('+', "Unlink %s failed, result %d", fn, rc); /* * If a dotted version (thumbnail) exists, remove it silently */ - sprintf(fn, "%s/.%s", area.Path, file.Name); + sprintf(fn, "%s/.%s", area.Path, file.LName); unlink(fn); + do_index = TRUE; } } diff --git a/mbsebbs/file.c b/mbsebbs/file.c index 7f8bc4f0..274b4de7 100644 --- a/mbsebbs/file.c +++ b/mbsebbs/file.c @@ -1201,9 +1201,11 @@ int Upload() case 3: /* - * No valid unarchiver found, just import + * No valid unarchiver found, just import after scanning, + * may catch macro viri. */ - ImportFile(dp->d_name, Area, FALSE, iTime, statfile.st_size); + if (!ScanDirect(dp->d_name)) + ImportFile(dp->d_name, Area, FALSE, iTime, statfile.st_size); break; } } diff --git a/mbsebbs/filesub.c b/mbsebbs/filesub.c index 5ff8753b..7a648c15 100644 --- a/mbsebbs/filesub.c +++ b/mbsebbs/filesub.c @@ -527,15 +527,15 @@ int ScanDirect(char *fn) while (fread(&virscan, virscanhdr.recsize, 1, fp) == 1) { + if (virscan.available) { sprintf(temp1, "%s %s %s >/dev/null", virscan.scanner, virscan.options, temp); colour(CFG.TextColourF, CFG.TextColourB); /* Scanning */ /* with */ printf("%s %s %s %s ", (char *) Language(132), fn, (char *) Language(133), virscan.comment); fflush(stdout); - Syslog('b', "%s ", temp1); if ((err = system(temp1))) { - Syslog('?', "VIRUS ALERT: Result %d", err); + WriteError("VIRUS ALERT: Result %d (%s)", err, virscan.comment); colour(CFG.HiliteF, CFG.HiliteB); /* Possible VIRUS found! */ printf("%s\n", (char *) Language(199)); @@ -544,6 +544,7 @@ int ScanDirect(char *fn) /* Ok */ printf("%s\n", (char *) Language(200)); fflush(stdout); + } } fclose(fp); } @@ -594,10 +595,7 @@ int ScanArchive(char *fn, char *ftype) return 3; } - Syslog('b', "Archiver %s", archiver.comment); - cwd = getcwd(cwd, 80); - Syslog('b', "Current directory is %s", cwd); sprintf(temp, "%s/%s/tmp", CFG.bbs_usersdir, exitinfo.Name); if (chdir(temp)) { @@ -611,7 +609,6 @@ int ScanArchive(char *fn, char *ftype) printf("%s %s ", (char *) Language(201), fn); fflush(stdout); sprintf(temp, "%s %s/%s >/dev/null", archiver.funarc, cwd, fn); - Syslog('b', "Unarc %s", temp); if ((err = system(temp))) { WriteError("$Failed %s", temp); @@ -635,15 +632,15 @@ int ScanArchive(char *fn, char *ftype) while (fread(&virscan, virscanhdr.recsize, 1, fp) == 1) { + if (virscan.available) { sprintf(temp, "%s %s * >/dev/null", virscan.scanner, virscan.options); colour(CFG.TextColourF, CFG.TextColourB); /* Scanning */ /* with */ printf("%s %s %s %s ", (char *) Language(132), fn, (char *) Language(133), virscan.comment); fflush(stdout); - Syslog('b', "%s ", temp); if ((err = system(temp))) { - Syslog('?', "VIRUS ALERT: Result %d", err); + WriteError("VIRUS ALERT: Result %d (%s)", err, virscan.comment); colour(CFG.HiliteF, CFG.HiliteB); /* Possible VIRUS found! */ printf("%s\n", (char *) Language(199)); @@ -652,6 +649,7 @@ int ScanArchive(char *fn, char *ftype) /* Ok */ printf("%s\n", (char *) Language(200)); fflush(stdout); + } } fclose(fp); } @@ -697,8 +695,6 @@ char *GetFileType(char *fn) else sprintf((char*)dbuf+strlen(dbuf), " %02x", buf[i]); - Syslog('b', "file head: %s", dbuf); - /* * Various expected uploads. Not that the standard MS-DOS archivers * must return the exact format, ie "ZIP" for PKZIP. These strings @@ -724,7 +720,7 @@ char *GetFileType(char *fn) if (memcmp(buf, "RIFF", 4) == 0) return (char *)"WAV"; if (memcmp(buf, "EMOD", 4) == 0) return (char *)"MOD"; if (memcmp(buf, "MTM", 3) == 0) return (char *)"MTM"; - if (memcmp(buf, "#/bin/", 6) == 0) return (char *)"UNIX script"; + if (memcmp(buf, "#!/bin/", 7) == 0) return (char *)"UNIX script"; if (memcmp(buf, "\037\235", 2) == 0) return (char *)"Compressed data"; if (memcmp(buf, "\037\213", 2) == 0) return (char *)"gzip compress"; if (memcmp(buf, "\177ELF", 4) == 0) return (char *)"ELF"; @@ -763,7 +759,6 @@ int ImportFile(char *fn, int Area, int fileid, time_t iTime, off_t Size) sprintf(temp, "%s/%s", area.Path, fn); sprintf(temp1, "%s/%s/upl/%s", CFG.bbs_usersdir, exitinfo.Name, fn); - Syslog('b', "Move %s to %s", temp1, temp); if ((file_mv(temp1, temp))) { WriteError("$Can't move %s to %s", fn, area.Path); } else { @@ -788,9 +783,9 @@ int ImportFile(char *fn, int Area, int fileid, time_t iTime, off_t Size) */ strcpy(temp, CFG.sByteRatio); token = strtok(temp, ":"); - i = atoi(token); + i = atoi(token); token = strtok(NULL, "\0"); - x = atoi(token); + x = atoi(token); Size *= i / x; /* You have */ /* extra download KBytes. */ printf("%s %ld %s\n", (char *) Language(249), (long)(Size / 1024), (char *) Language(250)); @@ -808,7 +803,7 @@ int ImportFile(char *fn, int Area, int fileid, time_t iTime, off_t Size) token = strtok(temp, ":"); i = atoi(token); token = strtok(NULL, "\0"); - x = atoi(token); + x = atoi(token); iTime *= i / x; iTime /= 60; /* Divide Seconds by 60 to give minutes */ @@ -874,9 +869,9 @@ int Addfile(char *File, int AreaNum, int fileid) strcpy(temp1, File); name_mangle(temp1); strcpy(file.Name, temp1); - sprintf(temp1,"%ld",(long)(statfile.st_size)); - file.Size = atoi(temp1); + file.Size = (long)(statfile.st_size); file.FileDate = statfile.st_mtime; + file.Crc32 = file_crc(Filename, TRUE); strcpy(file.Uploader, exitinfo.sUserName); file.UploadDate = time(NULL); @@ -899,13 +894,12 @@ int Addfile(char *File, int AreaNum, int fileid) } } - if (fileid) { + if (fileid && strlen(archiver.iunarc)) { /* * The right unarchiver is still in memory, * get the FILE_ID.DIZ if it exists. */ sprintf(temp, "%s %s/%s FILE_ID.DIZ >/dev/null", archiver.iunarc, area.Path, File); - Syslog('b', "%s", temp); if ((err = system(temp))) { WriteError("$Unpack error %s", temp); } else {