# HG changeset patch # User ck # Date 1386166755 -3600 # Node ID 5b7c05fc9a5ed240d5c4983bb0dfe94a0bb78c7f # Parent 114537186d9e29cf184124d8ee47489ff8066c0c Changed requests to urllib3. Added maximimum file size for scanned files. diff -r 114537186d9e -r 5b7c05fc9a5e config/OsecFS.cfg --- a/config/OsecFS.cfg Tue Dec 03 14:53:22 2013 +0100 +++ b/config/OsecFS.cfg Wed Dec 04 15:19:15 2013 +0100 @@ -5,8 +5,11 @@ # where the files really are on the filesystem Rootpath: /tmp/root_fuse +# the maximum file size in MB that is scanned +MaxFileSize: 50 + # the URL of the local scan server -LocalScanserverURL: http://192.168.63.128/virusscan +LocalScanserverURL: http://192.168.63.129/virusscan # the URL of the remote scan server -RemoteScanserverURL: http://192.168.63.128/virusscan \ No newline at end of file +RemoteScanserverURL: http://192.168.63.129/virusscan diff -r 114537186d9e -r 5b7c05fc9a5e src/OsecFS.py --- a/src/OsecFS.py Tue Dec 03 14:53:22 2013 +0100 +++ b/src/OsecFS.py Wed Dec 04 15:19:15 2013 +0100 @@ -15,7 +15,7 @@ #import pyclamav import subprocess -import requests +import urllib3 MINOPTS = { "Main" : ["Logfile", "Mountpoint", "Rootpath", "LocalScanserverURL", "RemoteScanserverURL", "ReadOnly"]} @@ -30,8 +30,12 @@ STATUS_CODE_INFECTED = 210 STATUS_CODE_NOT_FOUND = 404 +MAX_SCAN_FILE_SIZE = 50 * 0x100000 + SYSTEM_FILE_COMMAND = "file" +# Global http pool manager used to connect to the scan server +httpPool = urllib3.PoolManager() def checkMinimumOptions (config): for section, options in MINOPTS.iteritems (): @@ -110,37 +114,29 @@ def scanFileIkarus (path, fileobject): infected = False LOG.debug ("Scan File: %s" % (path)) - - files = {'up_file': (path, fileobject)} - - try: - #TODO: change to remote server - r = requests.post(LOCAL_SCANSERVER_URL, files=files) - except requests.exceptions.ConnectionError: - #LOG.info("Remote scan server unreachable, using local scan server.") - # TODO: - # Here the local scan server should be contacted. - # The requests package does not upload content in the second post request, - # so no fallback server can be used right now (bug?) - # I did not a find a solution yet, maybe another http package has to be used. - # Disabled for now. - - #try: - # r = requests.post(LOCAL_SCANSERVER_URL, files=files) - #except requests.exceptions.ConnectionError: - # return 2 - LOG.error ("Connection to scan server could not be established.") - return False - except: - LOG.error ("Something went wrong at scanning.") - LOG.error ("Exception: %s" %(sys.exc_info()[0],)) + if (os.fstat(fileobject.fileno()).st_size > MAX_SCAN_FILE_SIZE): + LOG.info("File max size exceeded. The file is not scanned.") return False + fields = { 'up_file' : (path, fileobject.read()) } - if r.status_code == STATUS_CODE_OK: + try: + response = httpPool.request_encode_body('POST', REMOTE_SCANSERVER_URL, fields = fields) + # We should catch socket.error here, but this does not work. Needs checking. + except: + LOG.info("Remote scan server unreachable, using local scan server.") + + try: + response = httpPool.request_encode_body('POST', LOCAL_SCANSERVER_URL, fields = fields) + except: + LOG.error ("Connection to local scan server could not be established.") + LOG.error ("Exception: %s" %(sys.exc_info()[0])) + return False + + if response.status == STATUS_CODE_OK: infected = False - elif r.status_code == STATUS_CODE_INFECTED: + elif response.status == STATUS_CODE_INFECTED: # Parse xml for info if desired #contentXML = r.content #root = ET.fromstring(contentXML) @@ -350,6 +346,9 @@ LOCAL_SCANSERVER_URL = config.get("Main", "LocalScanserverURL") REMOTE_SCANSERVER_URL = config.get("Main", "RemoteScanserverURL") + # Convert file size from MB to byte + MAX_SCAN_FILE_SIZE = int(config.get("Main", "MaxFileSize")) * 0x100000 + osecfs = OsecFS (config.get ("Main", "Rootpath")) osecfs.flags = 0 osecfs.multithreaded = 0