DISCLAIMER: There is no guarantee that
I know what I am talking about. That said, I have used or am using just about everything I post here. YMMV. Use at your own risk.
Things I
have cooked up for ClamAv and
related
Debian package repository for customized packages.
This patch makes clamav-milter generate a somewhat sendmail looking received header when the --headers argument is used.
This applies to both 0.80 and clamav-devel as of this date.
What I run with. These patches apply to similary dated CVS
clamav-devel.jm-pl1.patch (4/24/04)
clamav-devel.jm-pl2.patch (4/27/04)
clamav-devel.jm-pl3.patch (4/28/04)
clamav-devel.jm-pl3.a.patch (4/29/04)
clamav-devel.jm-pl4.a.patch (5/12/04)
clamav-devel.jm-pl4.b.patch (5/16/04)
clamav-devel.jm-pl6.patch (5/19/04)Dont use this one yet
Patch here.Dont use this one yet
So this(4/27/04) morning clamd hung up. But then to add insult to injury max-children of clamav-milter piled up behind it like a car wreck. This patch adds the argument --max-child-wait=
* -1 wait 60 seconds for max_children and continue.(Old behavior)
* 0 or no value, no waiting, exit if max_children.(New default)
* >0 means wait that long, then exit if neccessary.(Mix)
Unpatched clamav-devel 0.70s (as of 4/27/04)
Unpatched clamav-devel 0.70t (as of 4/28/04)
Unpatched clamav-devel 0.70x (as of 5/12/04)
Patched clamav-devel.jm-pl1(as of 4/27/04)
Patched clamav-devel.jm-pl1(as of 4/27/04)
Patched clamav-devel.jm-pl1(as of 5/12/04)
I wrote this patch because I kept getting virus emails quarantined by amavisd (after passing through clamav-milter) which were not recognized as RFC822 mail files. Since I cant currently tell why they are there, this patch will allow me to remove the uncertainty involved.
This patch
* updates libclamav to recognize a new option CL_UNKNOWN_MAIL which will treat the file as RFC822 if unrecognized.
* updates clamscan to recognize these new command line arguments (all equivalent) --mbox-force or --mail or -M which turns on above behavior.
* updates clamd to recognize new commands designed to ask for this behavior. MAILSCAN, CONTMAILSCAN, MAILSTREAM.
* updates clamd to recognize new configuration option "ScanUnknownAsMail" designed to ask for this behavior.
* updates clamdscan to recognize the new command line arguments and use the above commands to clamd.
* updates clamav-milter to use the MAILSTREAM or MAILSCAN commands to clamd.
Some notes:
- clamd will reject with unknown command the new verbs if ScanMail is not in the config file.
- clamdscan will not use the new verbs if ScanMail is not in the config file.
- clamscan will treat the new arguments as implying -m (--mbox).
Unpatched clamav-0.70
Unpatched clamav-devel (as of 4/23/04)
Patched clamav-devel-jm(as of 4/27/04)
A patch I wrote that fixes clamd not reading exactly up to StreamMaxLength configuration option before terminating the scan. My approach adjust clamd to scan up to StreamMaxLength and no more, closing the connection afterwards.
Clean patch against 0.70-rc.May 1, 2004. This has been integrated into CVS.
A patch I wrote that enforces the StreamMaxLength configure option in Clamav-milter. This is a fix for the write errors clamav-milter was having writing to clamd.
Clean patch against 0.70-rc.
This patch works by counting bytes written in clamfi_envbody.
These patches work differently, re-working the clamfi_send function to track and return bytes written to clamd. They also add sendmail envelope id logging in a less redundant fashion. I wrote this patch because I think the way StreamMaxLength was done in the official version to be mistaken.
Un-Clean patch for 0.70.
Clean patch for 0.70o.
Clean patch for 0.70r.
Clean patch for 0.70t.
patch only depends on clamd-stream-maxsizenoreturn.
May 12, 2004
Seems like things are moving slowly in my direction. Here is the patch against clamav-milter 0.70x. No dependencies.
Clean patch for 0.70x.
A patch that adds paranoid checking on each memory allocation. This uses an expanded macro with function-scope side effects.
The patch is designed to return either a temporary failure or accept status to sendmail (depending on your arguments to clamav-milter) in case of memory starvation. My testing indicates that more commonly, libmilter will refuse to spawn a thread sooner than clamav-milter itself runs out of memory.
Neither of the below patches will apply clean without the above clamav-milter.streammaxlength patch.
A version of the patch which requires the vsnprintf_alloc patch. Not recommended anymore
A version of the patch which does NOT requires the vsnprintf_alloc patch.
Same patch as above for clamav-milter 0.70r.
Same patch as above for clamav-milter 0.70t.
Same patch as above for clamav-milter 0.70u.
Same patch as above for clamav-milter 0.70x.
A patch that adds {vs}[n]printf_alloc functions which handle their own allocation and length checking. This patch does not require any other patch on this page
May 12, 2004
I have (stupidly enough) reinvented the aspritnf|vasprintf wheel. So while I figure out the proper autoconfy way of doing things heres this patch which adds asprintf|vasprintf to clamav-devel.
This patches clamav-milter to use the vsprintf_alloc functions. This patch requires the above clamav-milter.ALLOC_CHECK (the one that does not require the vsnprintf_alloc patch)patch.
Same patch as above for clamav-milter 0.70r.
Same patch as above for clamav-milter 0.70t.
May 12, 2004
This patches clamav-milter to use the vasprintf functions. This patch requires the above clamav-milter.ALLOC_CHECK (the one that does not require the vsnprintf_alloc patch)patch.
Clean version for patchclamav-milter 0.70x.
A patch that adds --dont-log-infected -I command line arguments to control the redundant logging of infected messages. Sendmail and Milter already log this. Default is on. This patch relies on the clamav-milter.ALLOC_CHECK patch (iteration 10 or higher)
Clamav-milter 0.70r (Deprecated)
Clamav-milter 0.70s
Clamav-milter 0.70t
Clamav-milter 0.70x
A version of the patch that applies clean against unpatched clamav-devel.
Clamav-milter 0.70r Deprecated
Clamav-milter 0.70s
Clamav-milter 0.70t