ILIAS  Release_3_10_x_branch Revision 61812
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilVirusScannerSophos.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 
34 require_once "class.ilVirusScanner.php";
35 
36 class ilVirusScannerSophos extends ilVirusScanner
37 {
43  function ilVirusScannerSophos($a_scancommand, $a_cleancommand)
44  {
45  $this->ilVirusScanner($a_scancommand, $a_cleancommand);
46  $this->type = "sophos";
47  $this->scanZipFiles = true;
48  }
49 
58  function scanFile($a_filepath, $a_origname = "")
59  {
60  // This function should:
61  // - call the external scanner for a_filepath
62  // - set scanFilePath to a_filepath
63  // - set scanFileOrigName to a_origname
64  // - set scanFileIsInfected according the scan result
65  // - set scanResult to the scanner output message
66  // - call logScanResult() if file is infected
67  // - return the scanResult, if file is infected
68  // - return an empty string, if file is not infected
69 
70  $this->scanFilePath = $a_filepath;
71  $this->scanFileOrigName = $a_origname;
72 
73  // Call of scan_file from Sophie (www.vanja.com/tools/sophie)
74  // sophie must run as a process
75  $cmd = $this->scanCommand . " " . $a_filepath. " 2>&1";
76  exec($cmd, $out, $ret);
77  $this->scanResult = implode("\n", $out);
78 
79  // sophie could be called
80  if ($ret == 0)
81  {
82  if (ereg("FILE INFECTED", $this->scanResult))
83  {
84  $this->scanFileIsInfected = true;
85  $this->logScanResult();
86  return $this->scanResult;
87  }
88  else
89  {
90  $this->scanFileIsInfected = false;
91  return "";
92  }
93  }
94 
95  // sophie has failed (probably the daemon doesn't run)
96  $this->log->write("ERROR (Virus Scanner failed): "
97  . $this->scanResult
98  . "; COMMAMD=" . $cmd);
99 
100  // try fallback: scan by cleaner command (sweep)
101  // -ss: Don't display anything except on error or virus
102  // -archive: sweep inside archives
103  unset($out, $ret);
104  $cmd = $this->cleanCommand . " -ss -archive " . $a_filepath . " 2>&1";
105  exec($cmd, $out, $ret);
106  $this->scanResult = implode("\n", $out). " [". $ret. "]";
107 
108  // error codes from sweep:
109  // 0 If no errors are encountered and no viruses are found.
110  // 1 If the user interrupts SWEEP (usually by pressing control-C) or kills the process.
111  // 2 If some error preventing further execution is discovered.
112  // 3 If viruses or virus fragments are discovered.
113  if ($ret == 0)
114  {
115  $this->scanFileIsCleaned = false;
116  return "";
117  }
118  else if ($ret == 3)
119  {
120  $this->scanFileIsInfected = true;
121  $this->logScanResult();
122  return $this->scanResult;
123  }
124  else
125  {
126  $this->ilias->raiseError($this->lng->txt("virus_scan_error")." "
127  . $this->lng->txt("virus_scan_message")." "
128  . $this->scanResult,
129  $this->ilias->error_obj->WARNING);
130  }
131  }
132 
141  function cleanFile($a_filepath, $a_origname = "")
142  {
143  // This function should:
144  // - call the external cleaner
145  // - set cleanFilePath to a_filepath
146  // - set cleanFileOrigName to a_origname
147  // - set cleanFileIsCleaned according the clean result
148  // - set cleanResult to the cleaner output message
149  // - call logCleanResult in any case
150  // - return the cleanResult, if file is cleaned
151  // - return an empty string, if file is not cleaned
152 
153  $this->cleanFilePath = $a_filepath;
154  $this->cleanFileOrigName = $a_origname;
155 
156  // Call of sweep from Sophos (www.sophos.com)
157  // -di: Disinfect infected items
158  // -nc: Don't ask for confirmation before disinfection/deletion
159  // -ss: Don't display anything except on error or virus
160  // -eec: Use extended error codes
161  // -archive: sweep inside archives
162 
163  $cmd = $this->cleanCommand . " -di -nc -ss -eec -archive " . $a_filepath . " 2>&1";
164  exec($cmd, $out, $ret);
165  $this->cleanResult = implode("\n", $out). " [". $ret. "]";
166 
167  // always log the result from a clean attempt
168  $this->logCleanResult();
169 
170  // Extended error codes from sweep:
171  // 0 If no errors are encountered and no viruses are found.
172  // 8 If survivable errors have occurred.
173  // 12 If compressed files have been found and decompressed.
174  // 16 If compressed files have been found and not decompressed.
175  // 20 If viruses have been found and disinfected.
176  // 24 If viruses have been found and not disinfected.
177  // 28 If viruses have been found in memory.
178  // 32 If there has been an integrity check failure.
179  // 36 If unsurvivable errors have occurred.
180  // 40 If execution has been interrupted.
181  if ($ret == 20)
182  {
183  $this->cleanFileIsCleaned = true;
184  return $this->cleanResult;
185  }
186  else
187  {
188  $this->cleanFileIsCleaned = false;
189  return "";
190  }
191  }
192 }
193 ?>