ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilVirusScannerSophos.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4
14require_once "./Services/VirusScanner/classes/class.ilVirusScanner.php";
15
17{
23 function ilVirusScannerSophos($a_scancommand, $a_cleancommand)
24 {
25 $this->ilVirusScanner($a_scancommand, $a_cleancommand);
26 $this->type = "sophos";
27 $this->scanZipFiles = true;
28 }
29
38 function scanFile($a_filepath, $a_origname = "")
39 {
40 // This function should:
41 // - call the external scanner for a_filepath
42 // - set scanFilePath to a_filepath
43 // - set scanFileOrigName to a_origname
44 // - set scanFileIsInfected according the scan result
45 // - set scanResult to the scanner output message
46 // - call logScanResult() if file is infected
47 // - return the scanResult, if file is infected
48 // - return an empty string, if file is not infected
49
50 $this->scanFilePath = $a_filepath;
51 $this->scanFileOrigName = $a_origname;
52
53 // Call of scan_file from Sophie (www.vanja.com/tools/sophie)
54 // sophie must run as a process
55 $cmd = $this->scanCommand . " " . $a_filepath. " 2>&1";
56 exec($cmd, $out, $ret);
57 $this->scanResult = implode("\n", $out);
58
59 // sophie could be called
60 if ($ret == 0)
61 {
62 if (ereg("FILE INFECTED", $this->scanResult))
63 {
64 $this->scanFileIsInfected = true;
65 $this->logScanResult();
66 return $this->scanResult;
67 }
68 else
69 {
70 $this->scanFileIsInfected = false;
71 return "";
72 }
73 }
74
75 // sophie has failed (probably the daemon doesn't run)
76 $this->log->write("ERROR (Virus Scanner failed): "
77 . $this->scanResult
78 . "; COMMAMD=" . $cmd);
79
80 // try fallback: scan by cleaner command (sweep)
81 // -ss: Don't display anything except on error or virus
82 // -archive: sweep inside archives
83 unset($out, $ret);
84 $cmd = $this->cleanCommand . " -ss -archive " . $a_filepath . " 2>&1";
85 exec($cmd, $out, $ret);
86 $this->scanResult = implode("\n", $out). " [". $ret. "]";
87
88 // error codes from sweep:
89 // 0 If no errors are encountered and no viruses are found.
90 // 1 If the user interrupts SWEEP (usually by pressing control-C) or kills the process.
91 // 2 If some error preventing further execution is discovered.
92 // 3 If viruses or virus fragments are discovered.
93 if ($ret == 0)
94 {
95 $this->scanFileIsCleaned = false;
96 return "";
97 }
98 else if ($ret == 3)
99 {
100 $this->scanFileIsInfected = true;
101 $this->logScanResult();
102 return $this->scanResult;
103 }
104 else
105 {
106 $this->ilias->raiseError($this->lng->txt("virus_scan_error")." "
107 . $this->lng->txt("virus_scan_message")." "
108 . $this->scanResult,
109 $this->ilias->error_obj->WARNING);
110 }
111 }
112
121 function cleanFile($a_filepath, $a_origname = "")
122 {
123 // This function should:
124 // - call the external cleaner
125 // - set cleanFilePath to a_filepath
126 // - set cleanFileOrigName to a_origname
127 // - set cleanFileIsCleaned according the clean result
128 // - set cleanResult to the cleaner output message
129 // - call logCleanResult in any case
130 // - return the cleanResult, if file is cleaned
131 // - return an empty string, if file is not cleaned
132
133 $this->cleanFilePath = $a_filepath;
134 $this->cleanFileOrigName = $a_origname;
135
136 // Call of sweep from Sophos (www.sophos.com)
137 // -di: Disinfect infected items
138 // -nc: Don't ask for confirmation before disinfection/deletion
139 // -ss: Don't display anything except on error or virus
140 // -eec: Use extended error codes
141 // -archive: sweep inside archives
142
143 $cmd = $this->cleanCommand . " -di -nc -ss -eec -archive " . $a_filepath . " 2>&1";
144 exec($cmd, $out, $ret);
145 $this->cleanResult = implode("\n", $out). " [". $ret. "]";
146
147 // always log the result from a clean attempt
148 $this->logCleanResult();
149
150 // Extended error codes from sweep:
151 // 0 If no errors are encountered and no viruses are found.
152 // 8 If survivable errors have occurred.
153 // 12 If compressed files have been found and decompressed.
154 // 16 If compressed files have been found and not decompressed.
155 // 20 If viruses have been found and disinfected.
156 // 24 If viruses have been found and not disinfected.
157 // 28 If viruses have been found in memory.
158 // 32 If there has been an integrity check failure.
159 // 36 If unsurvivable errors have occurred.
160 // 40 If execution has been interrupted.
161 if ($ret == 20)
162 {
163 $this->cleanFileIsCleaned = true;
164 return $this->cleanResult;
165 }
166 else
167 {
168 $this->cleanFileIsCleaned = false;
169 return "";
170 }
171 }
172}
173?>
Interface to the sophos virus protector.
ilVirusScannerSophos($a_scancommand, $a_cleancommand)
Constructor @access public.
cleanFile($a_filepath, $a_origname="")
clean an infected file
scanFile($a_filepath, $a_origname="")
scan a file for viruses
Base class for the interface to an external virus scanner.
logScanResult()
write the result of the last scan to the log
ilVirusScanner($a_scancommand, $a_cleancommand)
Constructor @access public.
logCleanResult()
write the result of the last clean to the log
redirection script todo: (a better solution should control the processing via a xml file)
$cmd
Definition: sahs_server.php:35