Work on using clamdscan for remote virus scanning

Author: jcameron

Diff for: clamdscan-remote-wrapper.pl

@@ -0,0 +1,33 @@
+#!/usr/local/bin/perl
+# Emulate the flags of clamdscan-stream-client
+
+my $host;
+my $port = 3310;
+my $file = "-";
+while(@ARGV) {
+	my $a = shift(@ARGV);
+	if ($a eq "-d") {
+		$host = shift(@ARGV);
+		}
+	elsif ($a eq "-p") {
+		$port = shift(@ARGV);
+		}
+	elsif ($a eq "-" || $a !~ /^\-/) {
+		# Input file
+		$file = $a;
+		}
+	else {
+		die "Unknown flag $a";
+		}
+	}
+
+# Create a temporary config file
+my $cfile = "/tmp/clamdscan-remote-config-$$.conf";
+open(CONF, ">", $cfile);
+print CONF "TCPSocket $port\n";
+print CONF "TCPAddr $host\n";
+close(CONF);
+my $rv = system("clamdscan -c $cfile --fdpass --stream $file");
+unlink($cfile);
+exit($rv);
+

Diff for: feature-mysql.pl

@@ -2940,6 +2940,22 @@ sub delete_remote_mysql_module
 unlink("$var_directory/module.infos.cache");
 }
 
+# get_remote_mysql_module(name)
+# Returns a mysql module hash, looked up by hostname or socket file
+sub get_remote_mysql_module
+{
+my ($name) = @_;
+foreach my $mm (&list_remote_mysql_modules()) {
+	my $c = $mm->{'config'};
+	if ($c->{'sock'} && $name eq $c->{'sock'} ||
+	    $c->{'host'} && $name eq $c->{'host'}.':'.($c->{'port'} || 3306) ||
+	    $c->{'host'} && $name eq $c->{'host'}) {
+		return $mm;
+		}
+	}
+return undef;
+}
+
 $done_feature_script{'mysql'} = 1;
 
 1;

Diff for: feature-virus.pl

@@ -8,6 +8,7 @@ sub check_depends_virus
 sub init_virus
 {
 $clam_wrapper_cmd = "$module_config_directory/clam-wrapper.pl";
+$clamdscan_remote_wrapper_cmd = "$module_config_directory/clamdscan-remote-wrapper.pl";
 }
 
 # setup_virus(&domain)
@@ -330,6 +331,9 @@ sub get_domain_virus_scanner
 	elsif ($rvs[0] eq &has_command("clamd-stream-client")) {
 		$rv = "clamd-stream-client";
 		}
+	elsif ($rvs[0] eq $clamdscan_remote_wrapper_cmd) {
+		$rv = "clamdscan-remote";
+		}
 	return $rv;
 	}
 else {
@@ -358,11 +362,26 @@ sub save_domain_virus_scanner
 		$prog = &has_command("clamd-stream-client");
 		$prog .= &make_stream_client_args($config{'clamscan_host'});
 		}
+	elsif ($prog eq "clamdscan-remote") {
+		$prog = $clamdscan_remote_wrapper_cmd;
+		$prog .= &make_stream_client_args($config{'clamscan_host'});
+		if (!-r $clamdscan_remote_wrapper_cmd) {
+			&create_clamdscan_remote_wrapper_cmd();
+			}
+		}
 	$clamrec[0]->{'action'} = "$clam_wrapper_cmd $prog";
 	&procmail::modify_recipe($clamrec[0]);
 	}
 }
 
+# create_clamdscan_remote_wrapper_cmd()
+# Create a command to call clamdscan with a remote target in the /etc dir
+sub create_clamdscan_remote_wrapper_cmd
+{
+&copy_source_dest("$module_root_directory/clamdscan-remote-wrapper.pl",
+		  $clamdscan_remote_wrapper_cmd);
+}
+
 # get_global_virus_scanner()
 # Returns the virus scanning program used by all domains, and possibly also
 # the clamd hostname
@@ -415,6 +434,11 @@ sub test_virus_scanner
 	# Set remote host
 	$fullcmd .= &make_stream_client_args($host);
 	}
+elsif ($cmd eq "clamdscan-remote") {
+	# Use actual wrapper and set remote host
+	$fullcmd = $clamdscan_remote_wrapper_cmd." ".
+		   &make_stream_client_args($host);
+	}
 else {
 	# Tell command to use stdin
 	if ($cmd eq "clamdscan") {

Diff for: modify-spam.pl

@@ -161,7 +161,7 @@ package virtual_server;
 	elsif ($a eq "--spam-no-delete-level") {
 		$spamlevel = 0;
 		}
-	elsif ($a =~ /^--use-(clamscan|clamdscan)$/) {
+	elsif ($a =~ /^--use-(clamscan|clamdscan|clamd-stream-client|clamdscan-remote)$/) {
 		$virus_scanner = $1;
 		}
 	elsif ($a eq "--spamtrap") {
@@ -288,7 +288,8 @@ sub usage
 print "                      [--trashclear-none |\n";
 print "                       --trashclear-days days\n";
 print "                       --trashclear-size bytes]\n";
-print "                      [--use-clamscan | --use-clamdscan]\n";
+print "                      [--use-clamscan | --use-clamdscan |\n";
+print "                       --use-clamd-stream-client | --use-clamdscan-remote]\n";
 print "                      [--spamtrap | --no-spamtrap]\n";
 print "\n";
 print "Warning - modifying the SpamAssassin or virus scanning client for\n";

Diff for: set-spam.pl

@@ -68,7 +68,7 @@ package virtual_server;
 	elsif ($a eq "--no-spamc-max" || $a eq "--no-spam-max") {
 		$spam_max = 0;
 		}
-	elsif ($a =~ /^--use-(clamscan|clamdscan|clamd-stream-client)$/) {
+	elsif ($a =~ /^--use-(clamscan|clamdscan|clamd-stream-client|clamdscan-remote)$/) {
 		$virus_scanner = $1;
 		}
 	elsif ($a eq "--use-virus") {
@@ -144,8 +144,9 @@ package virtual_server;
 # Make sure the new virus scanner works
 if ($virus_scanner || $virus_host) {
 	local ($cmd, @args) = &split_quoted_string($new_virus_scanner);
-	&has_command($cmd) ||
-		&usage("Virus scanning command $cmd does not exist");
+	local $shcmd = $cmd eq "clamdscan-remote" ? "clamdscan" : $cmd;
+	&has_command($shcmd) ||
+		&usage("Virus scanning command $shcmd does not exist");
 	if (!$clamd || $new_virus_scanner ne "clamdscan") {
 		# Only test if we aren't enabling clamd anyway
 		$err = &test_virus_scanner($new_virus_scanner, $new_virus_host);
@@ -260,7 +261,8 @@ sub usage
 print "                    [--spamc-host hostname | --no-spamc-host]\n";
 print "                    [--spam-max bytes | --no-spam-max]\n";
 print "                    [--use-clamscan | --use-clamdscan |\n";
-print "                     --use-clamd-stream-client | --use-virus command]\n";
+print "                     --use-clamd-stream-client | --use-clamdscan-remote |\n";
+print "                     --use-virus command]\n";
 print "                    [--clamd-host hostname]\n";
 if (&check_clamd_status() >= 0) {
 	print "                    [--enable-clamd | --disable-clamd]\n";