ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilVirusScannerSophos.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
11require_once "./Services/VirusScanner/classes/class.ilVirusScanner.php";
12
14{
20 public function __construct($a_scancommand, $a_cleancommand)
21 {
22 parent::__construct($a_scancommand, $a_cleancommand);
23 $this->type = "sophos";
24 $this->scanZipFiles = true;
25 }
26
34 public function scanFile($a_filepath, $a_origname = "")
35 {
36 // This function should:
37 // - call the external scanner for a_filepath
38 // - set scanFilePath to a_filepath
39 // - set scanFileOrigName to a_origname
40 // - set scanFileIsInfected according the scan result
41 // - set scanResult to the scanner output message
42 // - call logScanResult() if file is infected
43 // - return the scanResult, if file is infected
44 // - return an empty string, if file is not infected
45
46 $this->scanFilePath = $a_filepath;
47 $this->scanFileOrigName = $a_origname;
48
49 // Call of scan_file from Sophie (www.vanja.com/tools/sophie)
50 // sophie must run as a process
51 $cmd = $this->scanCommand . " " . $a_filepath . " 2>&1";
52 exec($cmd, $out, $ret);
53 $this->scanResult = implode("\n", $out);
54
55 // sophie could be called
56 if ($ret == 0) {
57 if (preg_match("/FILE INFECTED/", $this->scanResult)) {
58 $this->scanFileIsInfected = true;
59 $this->logScanResult();
60 return $this->scanResult;
61 } else {
62 $this->scanFileIsInfected = false;
63 return "";
64 }
65 }
66
67 // sophie has failed (probably the daemon doesn't run)
68 $this->log->write("ERROR (Virus Scanner failed): "
69 . $this->scanResult
70 . "; COMMAMD=" . $cmd);
71
72 // try fallback: scan by cleaner command (sweep)
73 // -ss: Don't display anything except on error or virus
74 // -archive: sweep inside archives
75 unset($out, $ret);
76 $cmd = $this->cleanCommand . " -ss -archive " . $a_filepath . " 2>&1";
77 exec($cmd, $out, $ret);
78 $this->scanResult = implode("\n", $out) . " [" . $ret . "]";
79
80 // error codes from sweep:
81 // 0 If no errors are encountered and no viruses are found.
82 // 1 If the user interrupts SWEEP (usually by pressing control-C) or kills the process.
83 // 2 If some error preventing further execution is discovered.
84 // 3 If viruses or virus fragments are discovered.
85 if ($ret == 0) {
86 $this->scanFileIsCleaned = false;
87 return "";
88 } elseif ($ret == 3) {
89 $this->scanFileIsInfected = true;
90 $this->logScanResult();
91 return $this->scanResult;
92 } else {
93 $this->ilias->raiseError(
94 $this->lng->txt("virus_scan_error") . " "
95 . $this->lng->txt("virus_scan_message") . " "
96 . $this->scanResult,
97 $this->ilias->error_obj->WARNING
98 );
99 }
100 }
101
109 public function cleanFile($a_filepath, $a_origname = "")
110 {
111 // This function should:
112 // - call the external cleaner
113 // - set cleanFilePath to a_filepath
114 // - set cleanFileOrigName to a_origname
115 // - set cleanFileIsCleaned according the clean result
116 // - set cleanResult to the cleaner output message
117 // - call logCleanResult in any case
118 // - return the cleanResult, if file is cleaned
119 // - return an empty string, if file is not cleaned
120
121 $this->cleanFilePath = $a_filepath;
122 $this->cleanFileOrigName = $a_origname;
123
124 // Call of sweep from Sophos (www.sophos.com)
125 // -di: Disinfect infected items
126 // -nc: Don't ask for confirmation before disinfection/deletion
127 // -ss: Don't display anything except on error or virus
128 // -eec: Use extended error codes
129 // -archive: sweep inside archives
130
131 $cmd = $this->cleanCommand . " -di -nc -ss -eec -archive " . $a_filepath . " 2>&1";
132 exec($cmd, $out, $ret);
133 $this->cleanResult = implode("\n", $out) . " [" . $ret . "]";
134
135 // always log the result from a clean attempt
136 $this->logCleanResult();
137
138 // Extended error codes from sweep:
139 // 0 If no errors are encountered and no viruses are found.
140 // 8 If survivable errors have occurred.
141 // 12 If compressed files have been found and decompressed.
142 // 16 If compressed files have been found and not decompressed.
143 // 20 If viruses have been found and disinfected.
144 // 24 If viruses have been found and not disinfected.
145 // 28 If viruses have been found in memory.
146 // 32 If there has been an integrity check failure.
147 // 36 If unsurvivable errors have occurred.
148 // 40 If execution has been interrupted.
149 if ($ret == 20) {
150 $this->cleanFileIsCleaned = true;
151 return $this->cleanResult;
152 } else {
153 $this->cleanFileIsCleaned = false;
154 return "";
155 }
156 }
157}
An exception for terminatinating execution or to throw for unit testing.
Interface to the sophos virus protector.
__construct($a_scancommand, $a_cleancommand)
Constructor @access public.
cleanFile($a_filepath, $a_origname="")
clean an infected file
scanFile($a_filepath, $a_origname="")
scan a file for viruses
Base class for the interface to an external virus scanner This class is abstract and needs to be exte...
logScanResult()
write the result of the last scan to the log @access public
logCleanResult()
write the result of the last clean to the log @access public
redirection script todo: (a better solution should control the processing via a xml file)
$ret
Definition: parser.php:6