Mercurialosecfs / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | bz2 | zip | gz | help
Shorter timeout for remote scan server.
authorck
Fri, 06 Dec 2013 13:15:45 +0100
changeset 7e75bc05c279d
parent 6 b4b18827d89d
child 8 0a5ba0ef1058
Shorter timeout for remote scan server.
Limit number of connection pools to 1.
Remote server is not contacted for a certain time when connection fails.
config/OsecFS.cfg file | annotate | diff | revisions
src/OsecFS.py file | annotate | diff | revisions 
     1.1 --- a/config/OsecFS.cfg	Wed Dec 04 15:36:45 2013 +0100
     1.2 +++ b/config/OsecFS.cfg	Fri Dec 06 13:15:45 2013 +0100
     1.3 @@ -9,7 +9,10 @@
     1.4  MaxFileSize: 50
     1.5  
     1.6  # the URL of the local scan server
     1.7 -LocalScanserverURL: http://192.168.63.129/virusscan
     1.8 +LocalScanserverURL: http://localhost/virusscan
     1.9  
    1.10  # the URL of the remote scan server
    1.11  RemoteScanserverURL: http://192.168.63.129/virusscan
    1.12 +
    1.13 +# wait time in seconds until a new connection attempt to remote server is made
    1.14 +RetryTimeout: 600

     2.1 --- a/src/OsecFS.py	Wed Dec 04 15:36:45 2013 +0100
     2.2 +++ b/src/OsecFS.py	Fri Dec 06 13:15:45 2013 +0100
     2.3 @@ -10,6 +10,7 @@
     2.4  import logging
     2.5  import os
     2.6  import errno
     2.7 +import time
     2.8  
     2.9  # ToDo replace with ikarus
    2.10  #import pyclamav
    2.11 @@ -30,12 +31,15 @@
    2.12  STATUS_CODE_INFECTED = 210
    2.13  STATUS_CODE_NOT_FOUND = 404
    2.14  
    2.15 -MAX_SCAN_FILE_SIZE = 50 * 0x100000
    2.16 -
    2.17  SYSTEM_FILE_COMMAND = "file"
    2.18  
    2.19 +MAX_SCAN_FILE_SIZE = 50 * 0x100000
    2.20 +SCANSERVER_RETRY_TIMEOUT = 60
    2.21 +
    2.22  # Global http pool manager used to connect to the scan server
    2.23 -httpPool = urllib3.PoolManager()
    2.24 +remoteScanserverReachable = True
    2.25 +scanserverTimestamp = 0
    2.26 +httpPool = urllib3.PoolManager(num_pools = 1, timeout = 3)
    2.27  
    2.28  def checkMinimumOptions (config):
    2.29      for section, options in MINOPTS.iteritems ():
    2.30 @@ -110,8 +114,15 @@
    2.31          m = m.replace('w', 'a', 1)
    2.32  
    2.33      return m
    2.34 +    
    2.35 +def contactScanserver(url, fields):
    2.36 +    return httpPool.request_encode_body('POST', url, fields = fields, retries = 0)
    2.37 +    
    2.38  
    2.39  def scanFileIkarus (path, fileobject):
    2.40 +    global remoteScanserverReachable
    2.41 +    global scanserverTimestamp
    2.42 +
    2.43      infected = False
    2.44      LOG.debug ("Scan File: %s" % (path))
    2.45  
    2.46 @@ -121,18 +132,34 @@
    2.47  
    2.48      fields = { 'up_file' : fileobject.read() }
    2.49  
    2.50 -    try:
    2.51 -        response = httpPool.request_encode_body('POST', REMOTE_SCANSERVER_URL, fields = fields)
    2.52 -        # We should catch socket.error here, but this does not work. Needs checking.
    2.53 -    except:
    2.54 -        LOG.info("Remote scan server unreachable, using local scan server.")
    2.55 +    if (remoteScanserverReachable == False) and ((scanserverTimestamp + SCANSERVER_RETRY_TIMEOUT) < time.time()):
    2.56 +        remoteScanserverReachable = True
    2.57  
    2.58 +    if remoteScanserverReachable:
    2.59          try:
    2.60 -            response = httpPool.request_encode_body('POST', LOCAL_SCANSERVER_URL, fields = fields)
    2.61 +            response = contactScanserver(REMOTE_SCANSERVER_URL, fields)
    2.62 +            # We should catch socket.error here, but this does not work. Needs checking.
    2.63 +        except:
    2.64 +            LOG.info("Remote scan server unreachable, using local scan server.")
    2.65 +            LOG.info("Next check for remote server in %s seconds." % (SCANSERVER_RETRY_TIMEOUT))
    2.66 +            
    2.67 +            remoteScanserverReachable = False
    2.68 +            scanserverTimestamp = time.time()
    2.69 +
    2.70 +            try:
    2.71 +                response = contactScanserver(LOCAL_SCANSERVER_URL, fields)
    2.72 +            except:
    2.73 +                LOG.error ("Connection to local scan server could not be established.")
    2.74 +                LOG.error ("Exception: %s" %(sys.exc_info()[0]))
    2.75 +                return False
    2.76 +    else:
    2.77 +        try:
    2.78 +            response = contactScanserver(LOCAL_SCANSERVER_URL, fields)
    2.79          except:
    2.80              LOG.error ("Connection to local scan server could not be established.")
    2.81              LOG.error ("Exception: %s" %(sys.exc_info()[0]))
    2.82              return False
    2.83 +    
    2.84  
    2.85      if response.status == STATUS_CODE_OK:
    2.86          infected = False
    2.87 @@ -157,7 +184,6 @@
    2.88  
    2.89      LOG.debug ("Scan File: %s" % (path))
    2.90  
    2.91 -    # ToDo implement ikarus
    2.92      result = pyclamav.scanfile (path)
    2.93      LOG.debug ("Result of file \"%s\": %s" % (path, result))
    2.94      if (result[0] != 0):
    2.95 @@ -343,12 +369,15 @@
    2.96      config = loadConfig ()
    2.97      initLog (config)
    2.98  
    2.99 +    scanserverTimestamp = time.time()
   2.100 +
   2.101      LOCAL_SCANSERVER_URL = config.get("Main", "LocalScanserverURL")
   2.102      REMOTE_SCANSERVER_URL = config.get("Main", "RemoteScanserverURL")
   2.103 +    SCANSERVER_RETRY_TIMEOUT = int(config.get("Main", "RetryTimeout"))
   2.104  
   2.105      # Convert file size from MB to byte
   2.106      MAX_SCAN_FILE_SIZE = int(config.get("Main", "MaxFileSize")) * 0x100000
   2.107 -
   2.108 +    
   2.109      osecfs = OsecFS (config.get ("Main", "Rootpath"))
   2.110      osecfs.flags = 0
   2.111      osecfs.multithreaded = 0
osecfs