Added virus name to the return value of the scan function.
Fixed errors.
1.1 --- a/src/IkarusScanner.py Tue Feb 18 15:38:00 2014 +0100
1.2 +++ b/src/IkarusScanner.py Mon Feb 24 16:47:02 2014 +0100
1.3 @@ -10,6 +10,7 @@
1.4 import time
1.5
1.6 import urllib3
1.7 +import xml.etree.ElementTree as ET
1.8
1.9 class IkarusScanner:
1.10
1.11 @@ -38,12 +39,12 @@
1.12
1.13 self.__scanserverTimestamp = time.time()
1.14
1.15 - __LOCAL_SCANSERVER_URL = config.get("Main", "LocalScanserverURL")
1.16 - __REMOTE_SCANSERVER_URL = config.get("Main", "RemoteScanserverURL")
1.17 - __SCANSERVER_RETRY_TIMEOUT = int(config.get("Main", "RetryTimeout"))
1.18 + self.__LOCAL_SCANSERVER_URL = config.get("Main", "LocalScanserverURL")
1.19 + self.__REMOTE_SCANSERVER_URL = config.get("Main", "RemoteScanserverURL")
1.20 + self.__SCANSERVER_RETRY_TIMEOUT = int(config.get("Main", "RetryTimeout"))
1.21
1.22 # Convert file size from MB to byte
1.23 - __MAX_SCAN_FILE_SIZE = int(config.get("Main", "MaxFileSize")) * 0x100000
1.24 + self.__MAX_SCAN_FILE_SIZE = int(config.get("Main", "MaxFileSize")) * 0x100000
1.25
1.26
1.27 def checkMinimumOptions (self, config):
1.28 @@ -73,7 +74,8 @@
1.29 return config
1.30
1.31 def contactScanserver(self, url, fields):
1.32 - return httpPool.request_encode_body('POST', url, fields = fields, retries = 0)
1.33 + self.__LOG.debug("Contacting server %s" % url)
1.34 + return self.__httpPool.request_encode_body('POST', url, fields = fields, retries = 0)
1.35
1.36 def scanFile (self, path, fileobject):
1.37 return self.scanFileIkarus (path, fileobject)
1.38 @@ -81,12 +83,10 @@
1.39 def scanFileIkarus (self, path, fileobject):
1.40 retval = { "infected" : False, "virusname" : "Unknown" }
1.41 self.__LOG.debug ("Scan File: %s" % (path))
1.42 -
1.43 -
1.44
1.45 if (os.fstat(fileobject.fileno()).st_size > self.__MAX_SCAN_FILE_SIZE):
1.46 self.__LOG.info("File max size exceeded. The file is not scanned.")
1.47 - retval["infected"] = True
1.48 + retval["infected"] = False
1.49 retval["virusname"] = "File is to big to be scanned."
1.50 return retval
1.51
1.52 @@ -97,24 +97,25 @@
1.53
1.54 if self.__remoteScanserverReachable:
1.55 try:
1.56 - response = contactScanserver(self.__REMOTE_SCANSERVER_URL, fields)
1.57 + response = self.contactScanserver(self.__REMOTE_SCANSERVER_URL, fields)
1.58 # We should catch socket.error here, but this does not work. Needs checking.
1.59 except:
1.60 self.__LOG.info("Remote scan server unreachable, using local scan server.")
1.61 + self.__LOG.debug("Exception: %s: %s" % (sys.exc_info()[0], sys.exc_info()[1]))
1.62 self.__LOG.info("Next check for remote server in %s seconds." % (self.__SCANSERVER_RETRY_TIMEOUT))
1.63
1.64 self.__remoteScanserverReachable = False
1.65 self.__scanserverTimestamp = time.time()
1.66
1.67 try:
1.68 - response = contactScanserver(self.__LOCAL_SCANSERVER_URL, fields)
1.69 + response = self.contactScanserver(self.__LOCAL_SCANSERVER_URL, fields)
1.70 except:
1.71 self.__LOG.error ("Connection to local scan server could not be established.")
1.72 - self.__LOG.error ("Exception: %s" %(sys.exc_info()[0]))
1.73 + self.__LOG.debug ("Exception: %s" % (sys.exc_info()[0]))
1.74 return retval
1.75 else:
1.76 try:
1.77 - response = contactScanserver(self.__LOCAL_SCANSERVER_URL, fields)
1.78 + response = self.contactScanserver(self.__LOCAL_SCANSERVER_URL, fields)
1.79 except:
1.80 self.__LOG.error ("Connection to local scan server could not be established.")
1.81 self.__LOG.error ("Exception: %s" %(sys.exc_info()[0]))
1.82 @@ -124,10 +125,11 @@
1.83 if response.status == self.__STATUS_CODE_OK:
1.84 retval["infected"] = False
1.85 elif response.status == self.__STATUS_CODE_INFECTED:
1.86 - # Parse xml for info if desired
1.87 - #contentXML = r.content
1.88 - #root = ET.fromstring(contentXML)
1.89 - #status = root[1][2].text
1.90 + # Parse xml for info
1.91 + root = ET.fromstring(response.data)
1.92 +
1.93 + # this should be done in a more generic way
1.94 + retval["virusname"] = root[1][3][0].text
1.95 retval["infected"] = True
1.96 else:
1.97 self.__LOG.error ("Connection error to scan server.")