00001 <?php 00002 /* 00003 +-----------------------------------------------------------------------------+ 00004 | ILIAS open source | 00005 +-----------------------------------------------------------------------------+ 00006 | Copyright (c) 1998-2001 ILIAS open source, University of Cologne | 00007 | | 00008 | This program is free software; you can redistribute it and/or | 00009 | modify it under the terms of the GNU General Public License | 00010 | as published by the Free Software Foundation; either version 2 | 00011 | of the License, or (at your option) any later version. | 00012 | | 00013 | This program is distributed in the hope that it will be useful, | 00014 | but WITHOUT ANY WARRANTY; without even the implied warranty of | 00015 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 00016 | GNU General Public License for more details. | 00017 | | 00018 | You should have received a copy of the GNU General Public License | 00019 | along with this program; if not, write to the Free Software | 00020 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | 00021 +-----------------------------------------------------------------------------+ 00022 */ 00023 00024 00034 require_once "class.ilVirusScanner.php"; 00035 00036 class ilVirusScannerSophos extends ilVirusScanner 00037 { 00043 function ilVirusScannerSophos($a_scancommand, $a_cleancommand) 00044 { 00045 $this->ilVirusScanner($a_scancommand, $a_cleancommand); 00046 $this->type = "sophos"; 00047 $this->scanZipFiles = true; 00048 } 00049 00058 function scanFile($a_filepath, $a_origname = "") 00059 { 00060 // This function should: 00061 // - call the external scanner for a_filepath 00062 // - set scanFilePath to a_filepath 00063 // - set scanFileOrigName to a_origname 00064 // - set scanFileIsInfected according the scan result 00065 // - set scanResult to the scanner output message 00066 // - call logScanResult() if file is infected 00067 // - return the scanResult, if file is infected 00068 // - return an empty string, if file is not infected 00069 00070 $this->scanFilePath = $a_filepath; 00071 $this->scanFileOrigName = $a_origname; 00072 00073 // Call of scan_file from Sophie (www.vanja.com/tools/sophie) 00074 // sophie must run as a process 00075 $cmd = $this->scanCommand . " " . $a_filepath. " 2>&1"; 00076 exec($cmd, $out, $ret); 00077 $this->scanResult = implode("\n", $out); 00078 00079 // sophie could be called 00080 if ($ret == 0) 00081 { 00082 if (ereg("FILE INFECTED", $this->scanResult)) 00083 { 00084 $this->scanFileIsInfected = true; 00085 $this->logScanResult(); 00086 return $this->scanResult; 00087 } 00088 else 00089 { 00090 $this->scanFileIsInfected = false; 00091 return ""; 00092 } 00093 } 00094 00095 // sophie has failed (probably the daemon doesn't run) 00096 $this->log->write("ERROR (Virus Scanner failed): " 00097 . $this->scanResult 00098 . "; COMMAMD=" . $cmd); 00099 00100 // try fallback: scan by cleaner command (sweep) 00101 // -ss: Don't display anything except on error or virus 00102 // -archive: sweep inside archives 00103 unset($out, $ret); 00104 $cmd = $this->cleanCommand . " -ss -archive " . $a_filepath . " 2>&1"; 00105 exec($cmd, $out, $ret); 00106 $this->scanResult = implode("\n", $out). " [". $ret. "]"; 00107 00108 // error codes from sweep: 00109 // 0 If no errors are encountered and no viruses are found. 00110 // 1 If the user interrupts SWEEP (usually by pressing control-C) or kills the process. 00111 // 2 If some error preventing further execution is discovered. 00112 // 3 If viruses or virus fragments are discovered. 00113 if ($ret == 0) 00114 { 00115 $this->scanFileIsCleaned = false; 00116 return ""; 00117 } 00118 else if ($ret == 3) 00119 { 00120 $this->scanFileIsInfected = true; 00121 $this->logScanResult(); 00122 return $this->scanResult; 00123 } 00124 else 00125 { 00126 $this->ilias->raiseError($this->lng->txt("virus_scan_error")." " 00127 . $this->lng->txt("virus_scan_message")." " 00128 . $this->scanResult, 00129 $this->ilias->error_obj->WARNING); 00130 } 00131 } 00132 00141 function cleanFile($a_filepath, $a_origname = "") 00142 { 00143 // This function should: 00144 // - call the external cleaner 00145 // - set cleanFilePath to a_filepath 00146 // - set cleanFileOrigName to a_origname 00147 // - set cleanFileIsCleaned according the clean result 00148 // - set cleanResult to the cleaner output message 00149 // - call logCleanResult in any case 00150 // - return the cleanResult, if file is cleaned 00151 // - return an empty string, if file is not cleaned 00152 00153 $this->cleanFilePath = $a_filepath; 00154 $this->cleanFileOrigName = $a_origname; 00155 00156 // Call of sweep from Sophos (www.sophos.com) 00157 // -di: Disinfect infected items 00158 // -nc: Don't ask for confirmation before disinfection/deletion 00159 // -ss: Don't display anything except on error or virus 00160 // -eec: Use extended error codes 00161 // -archive: sweep inside archives 00162 00163 $cmd = $this->cleanCommand . " -di -nc -ss -eec -archive " . $a_filepath . " 2>&1"; 00164 exec($cmd, $out, $ret); 00165 $this->cleanResult = implode("\n", $out). " [". $ret. "]"; 00166 00167 // always log the result from a clean attempt 00168 $this->logCleanResult(); 00169 00170 // Extended error codes from sweep: 00171 // 0 If no errors are encountered and no viruses are found. 00172 // 8 If survivable errors have occurred. 00173 // 12 If compressed files have been found and decompressed. 00174 // 16 If compressed files have been found and not decompressed. 00175 // 20 If viruses have been found and disinfected. 00176 // 24 If viruses have been found and not disinfected. 00177 // 28 If viruses have been found in memory. 00178 // 32 If there has been an integrity check failure. 00179 // 36 If unsurvivable errors have occurred. 00180 // 40 If execution has been interrupted. 00181 if ($ret == 20) 00182 { 00183 $this->cleanFileIsCleaned = true; 00184 return $this->cleanResult; 00185 } 00186 else 00187 { 00188 $this->cleanFileIsCleaned = false; 00189 return ""; 00190 } 00191 } 00192 } 00193 ?>
1.7.1