# HG changeset patch # User ck # Date 1385478798 -3600 # Node ID 1f61fe50ab10ebf762f08d4326adf91bdbe9ddd2 # Parent e840b60f3ea36e54b4eb1d7fea96e44d7bb00ba0 Added IKARUS scan server scan on file open. diff -r e840b60f3ea3 -r 1f61fe50ab10 config/OsecFS.cfg --- a/config/OsecFS.cfg Tue Oct 29 15:13:44 2013 +0100 +++ b/config/OsecFS.cfg Tue Nov 26 16:13:18 2013 +0100 @@ -6,4 +6,10 @@ Mountpoint: /tmp/virtual_fuse # where the files really are on the filesystem -Rootpath: /tmp/root_fuse \ No newline at end of file +Rootpath: /tmp/root_fuse + +# the URL of the local scan server +LocalScanserverURL: http://192.168.63.128/virusscan + +# the URL of the remote scan server +RemoteScanserverURL: http://192.168.63.128/virusscan \ No newline at end of file diff -r e840b60f3ea3 -r 1f61fe50ab10 src/OsecFS.py --- a/src/OsecFS.py Tue Oct 29 15:13:44 2013 +0100 +++ b/src/OsecFS.py Tue Nov 26 16:13:18 2013 +0100 @@ -12,15 +12,23 @@ import errno # ToDo replace with ikarus -import pyclamav +#import pyclamav import subprocess -MINOPTS = { "Main" : ["Logfile", "Mountpoint", "Rootpath"]} +import requests + + +MINOPTS = { "Main" : ["Logfile", "Mountpoint", "Rootpath", "LocalScanserverURL", "RemoteScanserverURL"]} CONFIG_NOT_READABLE = "Configfile is not readable" CONFIG_WRONG = "Something is wrong with the config" CONFIG_MISSING = "Section: \"%s\" Option: \"%s\" in configfile is missing" LOG = None +LOCAL_SCANSERVER_URL = "" +REMOTE_SCANSERVER_URL = "" +STATUS_CODE_OK = 200 +STATUS_CODE_INFECTED = 210 +STATUS_CODE_NOT_FOUND = 404 SYSTEM_FILE_COMMAND = "file" @@ -92,21 +100,64 @@ return m +def scanFileIkarus(path, fileobject): + files = {'up_file': (path, fileobject)} + + try: + #TODO: chance to remote server + r = requests.post(LOCAL_SCANSERVER_URL, files=files) + except requests.exceptions.ConnectionError: + LOG.info("Remote scan server unreachable, using local scan server.") + # TODO: + # Here the local scan server should be contacted. + # The requests package does not upload content in the second post request, + # so no fallback server can be used right now (bug?) + # I did not a find a solution yet, maybe another http package has to be used. + # Disabled for now. -def scanFile (path): + #try: + # r = requests.post(LOCAL_SCANSERVER_URL, files=files) + #except requests.exceptions.ConnectionError: + # return 2 + return 2 + + if r.status_code == STATUS_CODE_OK: + return 0 + elif r.status_code == STATUS_CODE_INFECTED: + # Parse xml for info if desired + #contentXML = r.content + #root = ET.fromstring(contentXML) + #status = root[1][2].text + return 1 + else: + return 2 + +def scanFile (path, fileobject): infected = False LOG.debug ("Scan File: %s" % (path)) # ToDo implement ikarus - result = pyclamav.scanfile (path) + #result = pyclamav.scanfile (path) + #LOG.debug ("Result of file \"%s\": %s" % (path, result)) + #if (result[0] != 0): + # infected = True + + #if (infected == True): + # LOG.error ("Virus found deny Access %s" % (result,)) + + result = scanFileIkarus(path, fileobject) LOG.debug ("Result of file \"%s\": %s" % (path, result)) - if (result[0] != 0): + + if (result == 2): + LOG.error ("Connection to scan server could not be established.") + + if (result == 1): infected = True if (infected == True): - LOG.error ("Virus found deny Access %s" % (result,)) + LOG.error ("Virus found deny Access %s" % (result)) return infected @@ -181,7 +232,7 @@ self.file = os.fdopen (os.open (fixPath (path), flags), flag2mode (flags)) self.fd = self.file.fileno () - infected = scanFile (rootPath(self.__rootpath, path)) + infected = scanFile (rootPath(self.__rootpath, path), self.file) if (infected == True): self.file.close () return -errno.EACCES @@ -259,6 +310,9 @@ config = loadConfig () initLog (config) + LOCAL_SCANSERVER_URL = config.get("Main", "LocalScanserverURL") + REMOTE_SCANSERVER_URL = config.get("Main", "RemoteScanserverURL") + osecfs = OsecFS (config.get ("Main", "Rootpath")) osecfs.flags = 0 osecfs.multithreaded = 0