00001 <?php 00002 /* 00003 +-----------------------------------------------------------------------------+ 00004 | ILIAS open source | 00005 +-----------------------------------------------------------------------------+ 00006 | Copyright (c) 1998-2001 ILIAS open source, University of Cologne | 00007 | | 00008 | This program is free software; you can redistribute it and/or | 00009 | modify it under the terms of the GNU General Public License | 00010 | as published by the Free Software Foundation; either version 2 | 00011 | of the License, or (at your option) any later version. | 00012 | | 00013 | This program is distributed in the hope that it will be useful, | 00014 | but WITHOUT ANY WARRANTY; without even the implied warranty of | 00015 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 00016 | GNU General Public License for more details. | 00017 | | 00018 | You should have received a copy of the GNU General Public License | 00019 | along with this program; if not, write to the Free Software | 00020 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | 00021 +-----------------------------------------------------------------------------+ 00022 */ 00023 00024 00035 require_once "class.ilVirusScanner.php"; 00036 00037 class ilVirusScannerSophos extends ilVirusScanner 00038 { 00044 function ilVirusScannerSophos($a_scancommand, $a_cleancommand) 00045 { 00046 $this->ilVirusScanner($a_scancommand, $a_cleancommand); 00047 $this->type = "sophos"; 00048 $this->scanZipFiles = true; 00049 } 00050 00059 function scanFile($a_filepath, $a_origname = "") 00060 { 00061 // This function should: 00062 // - call the external scanner for a_filepath 00063 // - set scanFilePath to a_filepath 00064 // - set scanFileOrigName to a_origname 00065 // - set scanFileIsInfected according the scan result 00066 // - set scanResult to the scanner output message 00067 // - call logScanResult() if file is infected 00068 // - return the scanResult, if file is infected 00069 // - return an empty string, if file is not infected 00070 00071 $this->scanFilePath = $a_filepath; 00072 $this->scanFileOrigName = $a_origname; 00073 00074 // Call of scan_file from Sophie (www.vanja.com/tools/sophie) 00075 // sophie must run as a process 00076 $cmd = $this->scanCommand . " " . $a_filepath. " 2>&1"; 00077 exec($cmd, $out, $ret); 00078 $this->scanResult = implode("\n", $out); 00079 00080 // sophie could be called 00081 if ($ret == 0) 00082 { 00083 if (ereg("FILE INFECTED", $this->scanResult)) 00084 { 00085 $this->scanFileIsInfected = true; 00086 $this->logScanResult(); 00087 return $this->scanResult; 00088 } 00089 else 00090 { 00091 $this->scanFileIsInfected = false; 00092 return ""; 00093 } 00094 } 00095 00096 // sophie has failed (probably the daemon doesn't run) 00097 $this->log->write("ERROR (Virus Scanner failed): " 00098 . $this->scanResult 00099 . "; COMMAMD=" . $cmd); 00100 00101 // try fallback: scan by cleaner command (sweep) 00102 // -ss: Don't display anything except on error or virus 00103 // -archive: sweep inside archives 00104 unset($out, $ret); 00105 $cmd = $this->cleanCommand . " -ss -archive " . $a_filepath . " 2>&1"; 00106 exec($cmd, $out, $ret); 00107 $this->scanResult = implode("\n", $out). " [". $ret. "]"; 00108 00109 // error codes from sweep: 00110 // 0 If no errors are encountered and no viruses are found. 00111 // 1 If the user interrupts SWEEP (usually by pressing control-C) or kills the process. 00112 // 2 If some error preventing further execution is discovered. 00113 // 3 If viruses or virus fragments are discovered. 00114 if ($ret == 0) 00115 { 00116 $this->scanFileIsCleaned = false; 00117 return ""; 00118 } 00119 else if ($ret == 3) 00120 { 00121 $this->scanFileIsInfected = true; 00122 $this->logScanResult(); 00123 return $this->scanResult; 00124 } 00125 else 00126 { 00127 $this->ilias->raiseError($this->lng->txt("virus_scan_error")." " 00128 . $this->lng->txt("virus_scan_message")." " 00129 . $this->scanResult, 00130 $this->ilias->error_obj->WARNING); 00131 } 00132 } 00133 00142 function cleanFile($a_filepath, $a_origname = "") 00143 { 00144 // This function should: 00145 // - call the external cleaner 00146 // - set cleanFilePath to a_filepath 00147 // - set cleanFileOrigName to a_origname 00148 // - set cleanFileIsCleaned according the clean result 00149 // - set cleanResult to the cleaner output message 00150 // - call logCleanResult in any case 00151 // - return the cleanResult, if file is cleaned 00152 // - return an empty string, if file is not cleaned 00153 00154 $this->cleanFilePath = $a_filepath; 00155 $this->cleanFileOrigName = $a_origname; 00156 00157 // Call of sweep from Sophos (www.sophos.com) 00158 // -di: Disinfect infected items 00159 // -nc: Don't ask for confirmation before disinfection/deletion 00160 // -ss: Don't display anything except on error or virus 00161 // -eec: Use extended error codes 00162 // -archive: sweep inside archives 00163 00164 $cmd = $this->cleanCommand . " -di -nc -ss -eec -archive " . $a_filepath . " 2>&1"; 00165 exec($cmd, $out, $ret); 00166 $this->cleanResult = implode("\n", $out). " [". $ret. "]"; 00167 00168 // always log the result from a clean attempt 00169 $this->logCleanResult(); 00170 00171 // Extended error codes from sweep: 00172 // 0 If no errors are encountered and no viruses are found. 00173 // 8 If survivable errors have occurred. 00174 // 12 If compressed files have been found and decompressed. 00175 // 16 If compressed files have been found and not decompressed. 00176 // 20 If viruses have been found and disinfected. 00177 // 24 If viruses have been found and not disinfected. 00178 // 28 If viruses have been found in memory. 00179 // 32 If there has been an integrity check failure. 00180 // 36 If unsurvivable errors have occurred. 00181 // 40 If execution has been interrupted. 00182 if ($ret == 20) 00183 { 00184 $this->cleanFileIsCleaned = true; 00185 return $this->cleanResult; 00186 } 00187 else 00188 { 00189 $this->cleanFileIsCleaned = false; 00190 return ""; 00191 } 00192 } 00193 } 00194 ?>
1.7.1