Changed requests to urllib3.
Added maximimum file size for scanned files.
1.1 --- a/config/OsecFS.cfg Tue Dec 03 14:53:22 2013 +0100
1.2 +++ b/config/OsecFS.cfg Wed Dec 04 15:19:15 2013 +0100
1.3 @@ -5,8 +5,11 @@
1.4 # where the files really are on the filesystem
1.5 Rootpath: /tmp/root_fuse
1.6
1.7 +# the maximum file size in MB that is scanned
1.8 +MaxFileSize: 50
1.9 +
1.10 # the URL of the local scan server
1.11 -LocalScanserverURL: http://192.168.63.128/virusscan
1.12 +LocalScanserverURL: http://192.168.63.129/virusscan
1.13
1.14 # the URL of the remote scan server
1.15 -RemoteScanserverURL: http://192.168.63.128/virusscan
1.16 \ No newline at end of file
1.17 +RemoteScanserverURL: http://192.168.63.129/virusscan
2.1 --- a/src/OsecFS.py Tue Dec 03 14:53:22 2013 +0100
2.2 +++ b/src/OsecFS.py Wed Dec 04 15:19:15 2013 +0100
2.3 @@ -15,7 +15,7 @@
2.4 #import pyclamav
2.5 import subprocess
2.6
2.7 -import requests
2.8 +import urllib3
2.9
2.10
2.11 MINOPTS = { "Main" : ["Logfile", "Mountpoint", "Rootpath", "LocalScanserverURL", "RemoteScanserverURL", "ReadOnly"]}
2.12 @@ -30,8 +30,12 @@
2.13 STATUS_CODE_INFECTED = 210
2.14 STATUS_CODE_NOT_FOUND = 404
2.15
2.16 +MAX_SCAN_FILE_SIZE = 50 * 0x100000
2.17 +
2.18 SYSTEM_FILE_COMMAND = "file"
2.19
2.20 +# Global http pool manager used to connect to the scan server
2.21 +httpPool = urllib3.PoolManager()
2.22
2.23 def checkMinimumOptions (config):
2.24 for section, options in MINOPTS.iteritems ():
2.25 @@ -110,37 +114,29 @@
2.26 def scanFileIkarus (path, fileobject):
2.27 infected = False
2.28 LOG.debug ("Scan File: %s" % (path))
2.29 -
2.30 - files = {'up_file': (path, fileobject)}
2.31 -
2.32 - try:
2.33 - #TODO: change to remote server
2.34 - r = requests.post(LOCAL_SCANSERVER_URL, files=files)
2.35 - except requests.exceptions.ConnectionError:
2.36 - #LOG.info("Remote scan server unreachable, using local scan server.")
2.37
2.38 - # TODO:
2.39 - # Here the local scan server should be contacted.
2.40 - # The requests package does not upload content in the second post request,
2.41 - # so no fallback server can be used right now (bug?)
2.42 - # I did not a find a solution yet, maybe another http package has to be used.
2.43 - # Disabled for now.
2.44 -
2.45 - #try:
2.46 - # r = requests.post(LOCAL_SCANSERVER_URL, files=files)
2.47 - #except requests.exceptions.ConnectionError:
2.48 - # return 2
2.49 - LOG.error ("Connection to scan server could not be established.")
2.50 - return False
2.51 - except:
2.52 - LOG.error ("Something went wrong at scanning.")
2.53 - LOG.error ("Exception: %s" %(sys.exc_info()[0],))
2.54 + if (os.fstat(fileobject.fileno()).st_size > MAX_SCAN_FILE_SIZE):
2.55 + LOG.info("File max size exceeded. The file is not scanned.")
2.56 return False
2.57
2.58 + fields = { 'up_file' : (path, fileobject.read()) }
2.59
2.60 - if r.status_code == STATUS_CODE_OK:
2.61 + try:
2.62 + response = httpPool.request_encode_body('POST', REMOTE_SCANSERVER_URL, fields = fields)
2.63 + # We should catch socket.error here, but this does not work. Needs checking.
2.64 + except:
2.65 + LOG.info("Remote scan server unreachable, using local scan server.")
2.66 +
2.67 + try:
2.68 + response = httpPool.request_encode_body('POST', LOCAL_SCANSERVER_URL, fields = fields)
2.69 + except:
2.70 + LOG.error ("Connection to local scan server could not be established.")
2.71 + LOG.error ("Exception: %s" %(sys.exc_info()[0]))
2.72 + return False
2.73 +
2.74 + if response.status == STATUS_CODE_OK:
2.75 infected = False
2.76 - elif r.status_code == STATUS_CODE_INFECTED:
2.77 + elif response.status == STATUS_CODE_INFECTED:
2.78 # Parse xml for info if desired
2.79 #contentXML = r.content
2.80 #root = ET.fromstring(contentXML)
2.81 @@ -350,6 +346,9 @@
2.82 LOCAL_SCANSERVER_URL = config.get("Main", "LocalScanserverURL")
2.83 REMOTE_SCANSERVER_URL = config.get("Main", "RemoteScanserverURL")
2.84
2.85 + # Convert file size from MB to byte
2.86 + MAX_SCAN_FILE_SIZE = int(config.get("Main", "MaxFileSize")) * 0x100000
2.87 +
2.88 osecfs = OsecFS (config.get ("Main", "Rootpath"))
2.89 osecfs.flags = 0
2.90 osecfs.multithreaded = 0