From: Dietmar Maurer <dietmar@proxmox.com>
Date: Wed, 21 Feb 2018 08:45:19 +0000 (+0100)
Subject: add support for avast virus scanner
X-Git-Url: https://git.proxmox.com/?p=pmg-api.git;a=commitdiff_plain;h=6ccbc37ff43d9c6a355809cc5d26bf240311114f

add support for avast virus scanner
---

diff --git a/PMG/Config.pm b/PMG/Config.pm
index 9f79fa5..267e3c8 100755
--- a/PMG/Config.pm
+++ b/PMG/Config.pm
@@ -92,12 +92,18 @@ sub properties {
 	    type => 'string',
 	    pattern => "http://.*",
 	},
+	avast => {
+	    description => "Use Avast Virus Scanner (/bin/scan). You need to buy and install 'Avast Core Security' before you can enable this feature.",
+	    type => 'boolean',
+	    default => 0,
+	},
     };
 }
 
 sub options {
     return {
 	advfilter => { optional => 1 },
+	avast => { optional => 1 },
 	statlifetime => { optional => 1 },
 	dailyreport => { optional => 1 },
 	demo => { optional => 1 },
diff --git a/PMG/Utils.pm b/PMG/Utils.pm
index a78728e..6689d10 100644
--- a/PMG/Utils.pm
+++ b/PMG/Utils.pm
@@ -327,11 +327,87 @@ sub analyze_virus_clam {
     return $vinfo ? "$vinfo (clamav)" : undef;
 }
 
+sub analyze_virus_avast {
+    my ($queue, $dname, $pmg_cfg) = @_;
+
+    my $timeout = 60*5;
+    my $vinfo;
+
+    my ($csec, $usec) = gettimeofday();
+
+    my $previous_alarm;
+
+    eval {
+
+	$previous_alarm = alarm($timeout);
+
+	$SIG{ALRM} = sub {
+	    die "$queue->{logid}: Maximum time ($timeout sec) exceeded. " .
+		"virus analyze (avast) failed: ERROR";
+	};
+
+	open(my $cmd, '-|', '/bin/scan', $dname) ||
+	    die "$queue->{logid}: can't exec avast scan: $! : ERROR";
+
+	my $response = '';
+	while (defined(my $line = <$cmd>)) {
+	    if ($line =~ m/^$dname\s+(.*\S)\s*$/) {
+		# we just use the first detected virus name
+		$vinfo = $1 if !$vinfo;
+	    }
+
+	    $response .= $line;
+	}
+
+	close($cmd);
+
+	alarm(0); # avoid race conditions
+
+	if ($vinfo) {
+	    syslog('info', "$queue->{logid}: virus detected: $vinfo (avast)");
+	}
+    };
+    my $err = $@;
+
+    alarm($previous_alarm);
+
+    my ($csec_end, $usec_end) = gettimeofday();
+    $queue->{ptime_clam} =
+	int (($csec_end-$csec)*1000 + ($usec_end - $usec)/1000);
+
+    if ($err) {
+	syslog ('err', $err);
+	$vinfo = undef;
+	$queue->{errors} = 1;
+    }
+
+    return undef if !$vinfo;
+
+    $queue->{vinfo_avast} = $vinfo;
+
+    return "$vinfo (avast)";
+}
+
 sub analyze_virus {
     my ($queue, $filename, $pmg_cfg, $testmode) = @_;
 
     # TODO: support other virus scanners?
 
+    if ($testmode) {
+	my $vinfo_clam = analyze_virus_clam($queue, $filename, $pmg_cfg);
+	my $vinfo_avast = analyze_virus_avast($queue, $filename, $pmg_cfg);
+
+	return $vinfo_avast || $vinfo_clam;
+    }
+
+    my $enable_avast  = $pmg_cfg->get('admin', 'avast');
+
+    if ($enable_avast) {
+	if (my $vinfo = analyze_virus_avast($queue, $filename, $pmg_cfg)) {
+	    return $vinfo;
+	}
+    }
+
     # always scan with clamav
     return analyze_virus_clam($queue, $filename, $pmg_cfg);
 }
diff --git a/bin/pmg-smtp-filter b/bin/pmg-smtp-filter
index ac2c384..8bd7740 100755
--- a/bin/pmg-smtp-filter
+++ b/bin/pmg-smtp-filter
@@ -172,9 +172,10 @@ sub get_prox_vars {
     $vars->{__spaminfo} = $spaminfo;
 
     if ($opt_testmode) {
-	if ($queue->{vinfo_clam}) {
+	if ($queue->{vinfo_clam} || $queue->{vinfo_avast}) {
 	    $vars->{'VIRUS_INFO'} = "Virus Info:";
 	    $vars->{'VIRUS_INFO'} .= " clam: $queue->{vinfo_clam}" if $queue->{vinfo_clam};
+	    $vars->{'VIRUS_INFO'} .= " avast: $queue->{vinfo_avast}" if $queue->{vinfo_avast};
 	} else {
 	    $vars->{'VIRUS_INFO'} = '';
 	}