Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 17:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Removed ClamAV support.

Browse source
This commit is contained in:
Jon Siwek 2010-10-22 16:01:53 -05:00
parent 049bda7078
commit b0d78eab40
3 changed files with 0 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

3
config.h.in
View file

@ -174,9 +174,6 @@
/* GeoIP geographic lookup functionality */ /* GeoIP geographic lookup functionality */
#cmakedefine USE_GEOIP #cmakedefine USE_GEOIP
/* Use libclamav */
#undef USE_LIBCLAMAV
/* Use Google's perftools */ /* Use Google's perftools */
#cmakedefine USE_PERFTOOLS #cmakedefine USE_PERFTOOLS

46
src/FileAnalyzer.cc
View file

@ -7,10 +7,6 @@ magic_t File_Analyzer::magic = 0;
magic_t File_Analyzer::magic_mime = 0; magic_t File_Analyzer::magic_mime = 0;
#endif #endif
#ifdef HAVE_LIBCLAMAV
struct cl_node* File_Analyzer::clam_root = 0;
#endif
File_Analyzer::File_Analyzer(Connection* conn) File_Analyzer::File_Analyzer(Connection* conn)
: TCP_ApplicationAnalyzer(AnalyzerTag::File, conn) : TCP_ApplicationAnalyzer(AnalyzerTag::File, conn)
{ {
@ -23,11 +19,6 @@ File_Analyzer::File_Analyzer(Connection* conn)
InitMagic(&magic_mime, MAGIC_MIME); InitMagic(&magic_mime, MAGIC_MIME);
} }
#endif #endif
#ifdef HAVE_LIBCLAMAV
if ( ! clam_root )
InitClamAV();
#endif
} }
void File_Analyzer::DeliverStream(int len, const u_char* data, bool orig) void File_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
@ -74,19 +65,6 @@ void File_Analyzer::Identify()
vl->append(new StringVal(descr ? descr : "<unknown>")); vl->append(new StringVal(descr ? descr : "<unknown>"));
vl->append(new StringVal(mime ? mime : "<unknown>")); vl->append(new StringVal(mime ? mime : "<unknown>"));
ConnectionEvent(file_transferred, vl); ConnectionEvent(file_transferred, vl);
#ifdef HAVE_LIBCLAMAV
const char* virname;
int ret = cl_scanbuff(buffer, buffer_len, &virname, clam_root);
if ( ret == CL_VIRUS )
{
val_list* vl = new val_list;
vl->append(BuildConnVal());
vl->append(new StringVal(virname));
ConnectionEvent(file_virus, vl);
}
#endif
} }
#ifdef HAVE_LIBMAGIC #ifdef HAVE_LIBMAGIC
@ -105,27 +83,3 @@ void File_Analyzer::InitMagic(magic_t* magic, int flags)
} }
} }
#endif #endif
#ifdef HAVE_LIBCLAMAV
void File_Analyzer::InitClamAV()
{
unsigned int sigs;
int ret = cl_loaddbdir(cl_retdbdir(), &clam_root, &sigs);
if ( ret )
{
error(fmt("can't load ClamAV database: %s", cl_perror(ret)));
clam_root = 0;
return;
}
ret = cl_build(clam_root);
if ( ret )
{
error(fmt("can't init ClamAV database: %s", cl_perror(ret)));
cl_free(clam_root);
clam_root = 0;
return;
}
}
#endif

9
src/FileAnalyzer.h
View file

@ -11,10 +11,6 @@
#include <magic.h> #include <magic.h>
#endif #endif
#ifdef HAVE_LIBCLAMAV
#include <clamav.h>
#endif
class File_Analyzer : public TCP_ApplicationAnalyzer { class File_Analyzer : public TCP_ApplicationAnalyzer {
public: public:
File_Analyzer(Connection* conn); File_Analyzer(Connection* conn);
@ -43,11 +39,6 @@ protected:
static magic_t magic; static magic_t magic;
static magic_t magic_mime; static magic_t magic_mime;
#endif #endif
#ifdef HAVE_LIBCLAMAV
static void InitClamAV();
static struct cl_node *clam_root;
#endif
}; };
#endif #endif