moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-09 02:46:40 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-64075 antivirus_clamav: refactor scan_data for tcpsocket

Browse source 
- Fix whitespace accross scanner_test for codechecker
- Deprecate \antivirus_clamav\scanner::scan_data_execute_unixsocket()
This commit is contained in:
Didier 'OdyX' Raboud 2019-12-02 11:29:01 +01:00
parent 22b617569c
commit 90c6f0cfea
No known key found for this signature in database
GPG key ID: A9C6FAC60D630169
2 changed files with 127 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

66
lib/antivirus/clamav/classes/scanner.php
View file

@ -34,6 +34,7 @@ define('ANTIVIRUS_CLAMAV_SOCKET_CHUNKSIZE', 1024);
/** /**
* Class implementing ClamAV antivirus. * Class implementing ClamAV antivirus.
* @copyright 2015 Ruslan Kabalin, Lancaster University. * @copyright 2015 Ruslan Kabalin, Lancaster University.
* @copyright 2019 Didier Raboud, Liip AG.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/ */
class scanner extends \core\antivirus\scanner { class scanner extends \core\antivirus\scanner {
@ -47,6 +48,8 @@ class scanner extends \core\antivirus\scanner {
return (bool)$this->get_config('pathtoclam'); return (bool)$this->get_config('pathtoclam');
} else if ($this->get_config('runningmethod') === 'unixsocket') { } else if ($this->get_config('runningmethod') === 'unixsocket') {
return (bool)$this->get_config('pathtounixsocket'); return (bool)$this->get_config('pathtounixsocket');
} else if ($this->get_config('runningmethod') === 'tcpsocket') {
return (bool)$this->get_config('tcpsockethost') && (bool)$this->get_config('tcpsocketport');
} }
return false; return false;
} }
@ -92,10 +95,11 @@ class scanner extends \core\antivirus\scanner {
* @return int Scanning result constant. * @return int Scanning result constant.
*/ */
public function scan_data($data) { public function scan_data($data) {
// We can do direct stream scanning if unixsocket running method is in use, // We can do direct stream scanning if unixsocket or tcpsocket running methods are in use,
// if not, use default process. // if not, use default process.
if ($this->get_config('runningmethod') === 'unixsocket') { $runningmethod = $this->get_config('runningmethod');
$return = $this->scan_data_execute_unixsocket($data); if (in_array($runningmethod, array('unixsocket', 'tcpsocket'))) {
$return = $this->scan_data_execute_socket($data, $runningmethod);
if ($return === self::SCAN_RESULT_ERROR) { if ($return === self::SCAN_RESULT_ERROR) {
$this->message_admins($this->get_scanning_notice()); $this->message_admins($this->get_scanning_notice());
@ -120,6 +124,15 @@ class scanner extends \core\antivirus\scanner {
return 'unix://' . $this->get_config('pathtounixsocket'); return 'unix://' . $this->get_config('pathtounixsocket');
} }
/**
* Returns a Internet domain socket destination url
*
* @return string The socket url, fit for stream_socket_client()
*/
private function get_tcpsocket_destination() {
return 'tcp://' . $this->get_config('tcpsockethost') . ':' . $this->get_config('tcpsocketport');
}
/** /**
* Returns the string equivalent of a numeric clam error code * Returns the string equivalent of a numeric clam error code
* *
@ -226,12 +239,12 @@ class scanner extends \core\antivirus\scanner {
// After scanning we revert permissions to initial ones. // After scanning we revert permissions to initial ones.
chmod($file, $perms); chmod($file, $perms);
// Parse the output. // Parse the output.
return $this->parse_unixsocket_response($output); return $this->parse_socket_response($output);
} }
} }
/** /**
* Scan data using unix socket. * Scan data socket.
* *
* We are running INSTREAM command and passing data stream in chunks. * We are running INSTREAM command and passing data stream in chunks.
* The format of the chunk is: <length><data> where <length> is the size of the following * The format of the chunk is: <length><data> where <length> is the size of the following
@ -240,11 +253,25 @@ class scanner extends \core\antivirus\scanner {
* Do not exceed StreamMaxLength as defined in clamd.conf, otherwise clamd will * Do not exceed StreamMaxLength as defined in clamd.conf, otherwise clamd will
* reply with INSTREAM size limit exceeded and close the connection. * reply with INSTREAM size limit exceeded and close the connection.
* *
* @param string $data The varaible containing the data to scan. * @param string $data The variable containing the data to scan.
* @param string $type Either 'tcpsocket' or 'unixsocket'
* @return int Scanning result constant. * @return int Scanning result constant.
*/ */
public function scan_data_execute_unixsocket($data) { public function scan_data_execute_socket($data, $type) {
$socket = stream_socket_client($this->get_unixsocket_destination(), $errno, $errstr, ANTIVIRUS_CLAMAV_SOCKET_TIMEOUT); switch ($type) {
case "tcpsocket":
$socketurl = $this->get_tcpsocket_destination();
break;
case "unixsocket":
$socketurl = $this->get_unixsocket_destination();
break;
default;
// This should not happen.
debugging('Unknown socket type!');
return self::SCAN_RESULT_ERROR;
}
$socket = stream_socket_client($socketurl, $errno, $errstr, ANTIVIRUS_CLAMAV_SOCKET_TIMEOUT);
if (!$socket) { if (!$socket) {
// Can't open socket for some reason, notify admins. // Can't open socket for some reason, notify admins.
$notice = get_string('errorcantopensocket', 'antivirus_clamav', "$errstr ($errno)"); $notice = get_string('errorcantopensocket', 'antivirus_clamav', "$errstr ($errno)");
@ -270,17 +297,17 @@ class scanner extends \core\antivirus\scanner {
fclose($socket); fclose($socket);
// Parse the output. // Parse the output.
return $this->parse_unixsocket_response($output); return $this->parse_socket_response($output);
} }
} }
/** /**
* Parse unix socket command response. * Parse socket command response.
* *
* @param string $output The unix socket command response. * @param string $output The socket response.
* @return int Scanning result constant. * @return int Scanning result constant.
*/ */
private function parse_unixsocket_response($output) { private function parse_socket_response($output) {
$splitoutput = explode(': ', $output); $splitoutput = explode(': ', $output);
$message = trim($splitoutput[1]); $message = trim($splitoutput[1]);
if ($message === 'OK') { if ($message === 'OK') {
@ -298,4 +325,19 @@ class scanner extends \core\antivirus\scanner {
} }
} }
} }
/**
* Scan data using Unix domain socket.
*
* @deprecated since Moodle 3.9 MDL-64075 - please do not use this function any more.
* @see antivirus_clamav\scanner::scan_data_execute_socket()
*
* @param string $data The variable containing the data to scan.
* @return int Scanning result constant.
*/
public function scan_data_execute_unixsocket($data) {
debugging('antivirus_clamav\scanner::scan_data_execute_unixsocket() is deprecated. ' .
'Use antivirus_clamav\scanner::scan_data_execute_socket() instead.', DEBUG_DEVELOPER);
return $this->scan_data_execute_socket($data, "unixsocket");
}
} }

103
lib/antivirus/clamav/tests/scanner_test.php
View file

@ -44,8 +44,8 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
public function test_scan_file_not_exists() { public function test_scan_file_not_exists() {
$antivirus = $this->getMockBuilder('\antivirus_clamav\scanner') $antivirus = $this->getMockBuilder('\antivirus_clamav\scanner')
->setMethods(array('scan_file_execute_commandline', 'message_admins')) ->setMethods(array('scan_file_execute_commandline', 'message_admins'))
->getMock(); ->getMock();
// Test specifying file that does not exist. // Test specifying file that does not exist.
$nonexistingfile = $this->tempfile . '_'; $nonexistingfile = $this->tempfile . '_';
@ -63,8 +63,8 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
'get_config', 'get_config',
); );
$antivirus = $this->getMockBuilder('\antivirus_clamav\scanner') $antivirus = $this->getMockBuilder('\antivirus_clamav\scanner')
->setMethods($methods) ->setMethods($methods)
->getMock(); ->getMock();
// Initiate mock scanning with configuration setting to use commandline. // Initiate mock scanning with configuration setting to use commandline.
$configmap = array(array('runningmethod', 'commandline')); $configmap = array(array('runningmethod', 'commandline'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap)); $antivirus->method('get_config')->will($this->returnValueMap($configmap));
@ -97,8 +97,8 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
'get_config', 'get_config',
); );
$antivirus = $this->getMockBuilder('\antivirus_clamav\scanner') $antivirus = $this->getMockBuilder('\antivirus_clamav\scanner')
->setMethods($methods) ->setMethods($methods)
->getMock(); ->getMock();
// Initiate mock scanning with configuration setting to use commandline. // Initiate mock scanning with configuration setting to use commandline.
$configmap = array(array('runningmethod', 'commandline')); $configmap = array(array('runningmethod', 'commandline'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap)); $antivirus->method('get_config')->will($this->returnValueMap($configmap));
@ -132,8 +132,8 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
'get_scanning_notice', 'get_scanning_notice',
); );
$antivirus = $this->getMockBuilder('\antivirus_clamav\scanner') $antivirus = $this->getMockBuilder('\antivirus_clamav\scanner')
->setMethods($methods) ->setMethods($methods)
->getMock(); ->getMock();
// Configure scan_file_execute_commandline and scan_file_execute_unixsocket // Configure scan_file_execute_commandline and scan_file_execute_unixsocket
// method stubs to behave as if there is a scanning error (SCAN_RESULT_ERROR). // method stubs to behave as if there is a scanning error (SCAN_RESULT_ERROR).
@ -171,8 +171,8 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
'get_scanning_notice', 'get_scanning_notice',
); );
$antivirus = $this->getMockBuilder('\antivirus_clamav\scanner') $antivirus = $this->getMockBuilder('\antivirus_clamav\scanner')
->setMethods($methods) ->setMethods($methods)
->getMock(); ->getMock();
// Configure scan_file_execute_commandline and scan_file_execute_unixsocket // Configure scan_file_execute_commandline and scan_file_execute_unixsocket
// method stubs to behave as if there is a scanning error (SCAN_RESULT_ERROR). // method stubs to behave as if there is a scanning error (SCAN_RESULT_ERROR).
@ -205,20 +205,30 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
public function test_scan_data_no_virus() { public function test_scan_data_no_virus() {
$methods = array( $methods = array(
'scan_data_execute_unixsocket', 'scan_data_execute_socket',
'message_admins', 'message_admins',
'get_config', 'get_config',
); );
$antivirus = $this->getMockBuilder('\antivirus_clamav\scanner') $antivirus = $this->getMockBuilder('\antivirus_clamav\scanner')
->setMethods($methods) ->setMethods($methods)
->getMock(); ->getMock();
// Initiate mock scanning with configuration setting to use unixsocket. // Initiate mock scanning with configuration setting to use unixsocket.
$configmap = array(array('runningmethod', 'unixsocket')); $configmap = array(array('runningmethod', 'unixsocket'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap)); $antivirus->method('get_config')->will($this->returnValueMap($configmap));
// Configure scan_data_execute_unixsocket method stubs to behave as if // Configure scan_data_execute_socket method stubs to behave as if
// no virus has been found (SCAN_RESULT_OK). // no virus has been found (SCAN_RESULT_OK).
$antivirus->method('scan_data_execute_unixsocket')->willReturn(0); $antivirus->method('scan_data_execute_socket')->willReturn(0);
// Set expectation that message_admins is NOT called.
$antivirus->expects($this->never())->method('message_admins');
// Run mock scanning.
$this->assertEquals(0, $antivirus->scan_data(''));
// Re-initiate mock scanning with configuration setting to use tcpsocket.
$configmap = array(array('runningmethod', 'tcpsocket'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap));
// Set expectation that message_admins is NOT called. // Set expectation that message_admins is NOT called.
$antivirus->expects($this->never())->method('message_admins'); $antivirus->expects($this->never())->method('message_admins');
@ -229,20 +239,30 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
public function test_scan_data_virus() { public function test_scan_data_virus() {
$methods = array( $methods = array(
'scan_data_execute_unixsocket', 'scan_data_execute_socket',
'message_admins', 'message_admins',
'get_config', 'get_config',
); );
$antivirus = $this->getMockBuilder('\antivirus_clamav\scanner') $antivirus = $this->getMockBuilder('\antivirus_clamav\scanner')
->setMethods($methods) ->setMethods($methods)
->getMock(); ->getMock();
// Initiate mock scanning with configuration setting to use unixsocket. // Initiate mock scanning with configuration setting to use unixsocket.
$configmap = array(array('runningmethod', 'unixsocket')); $configmap = array(array('runningmethod', 'unixsocket'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap)); $antivirus->method('get_config')->will($this->returnValueMap($configmap));
// Configure scan_data_execute_unixsocket method stubs to behave as if // Configure scan_data_execute_socket method stubs to behave as if
// no virus has been found (SCAN_RESULT_FOUND). // no virus has been found (SCAN_RESULT_FOUND).
$antivirus->method('scan_data_execute_unixsocket')->willReturn(1); $antivirus->method('scan_data_execute_socket')->willReturn(1);
// Set expectation that message_admins is NOT called.
$antivirus->expects($this->never())->method('message_admins');
// Run mock scanning.
$this->assertEquals(1, $antivirus->scan_data(''));
// Re-initiate mock scanning with configuration setting to use tcpsocket.
$configmap = array(array('runningmethod', 'tcpsocket'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap));
// Set expectation that message_admins is NOT called. // Set expectation that message_admins is NOT called.
$antivirus->expects($this->never())->method('message_admins'); $antivirus->expects($this->never())->method('message_admins');
@ -253,22 +273,22 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
public function test_scan_data_error_donothing() { public function test_scan_data_error_donothing() {
$methods = array( $methods = array(
'scan_data_execute_unixsocket', 'scan_data_execute_socket',
'message_admins', 'message_admins',
'get_config', 'get_config',
'get_scanning_notice', 'get_scanning_notice',
); );
$antivirus = $this->getMockBuilder('\antivirus_clamav\scanner') $antivirus = $this->getMockBuilder('\antivirus_clamav\scanner')
->setMethods($methods) ->setMethods($methods)
->getMock(); ->getMock();
// Initiate mock scanning with configuration setting to do nothing on // Initiate mock scanning with configuration setting to do nothing on
// scanning error and using unixsocket. // scanning error and using unixsocket.
$configmap = array(array('clamfailureonupload', 'donothing'), array('runningmethod', 'unixsocket')); $configmap = array(array('clamfailureonupload', 'donothing'), array('runningmethod', 'unixsocket'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap)); $antivirus->method('get_config')->will($this->returnValueMap($configmap));
// Configure scan_data_execute_unixsocket method stubs to behave as if // Configure scan_data_execute_socket method stubs to behave as if
// there is a scanning error (SCAN_RESULT_ERROR). // there is a scanning error (SCAN_RESULT_ERROR).
$antivirus->method('scan_data_execute_unixsocket')->willReturn(2); $antivirus->method('scan_data_execute_socket')->willReturn(2);
$antivirus->method('get_scanning_notice')->willReturn('someerror'); $antivirus->method('get_scanning_notice')->willReturn('someerror');
// Set expectation that message_admins is called. // Set expectation that message_admins is called.
@ -276,27 +296,38 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
// Run mock scanning. // Run mock scanning.
$this->assertEquals(2, $antivirus->scan_data('')); $this->assertEquals(2, $antivirus->scan_data(''));
// Re-initiate mock scanning with configuration setting to do nothing on
// scanning error and using tcsocket.
$configmap = array(array('clamfailureonupload', 'donothing'), array('runningmethod', 'tcpsocket'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap));
// Set expectation that message_admins is called.
$antivirus->expects($this->atLeastOnce())->method('message_admins')->with($this->equalTo('someerror'));
// Run mock scanning.
$this->assertEquals(2, $antivirus->scan_data(''));
} }
public function test_scan_data_error_actlikevirus() { public function test_scan_data_error_actlikevirus() {
$methods = array( $methods = array(
'scan_data_execute_unixsocket', 'scan_data_execute_socket',
'message_admins', 'message_admins',
'get_config', 'get_config',
'get_scanning_notice', 'get_scanning_notice',
); );
$antivirus = $this->getMockBuilder('\antivirus_clamav\scanner') $antivirus = $this->getMockBuilder('\antivirus_clamav\scanner')
->setMethods($methods) ->setMethods($methods)
->getMock(); ->getMock();
// Initiate mock scanning with configuration setting to act like virus on // Initiate mock scanning with configuration setting to act like virus on
// scanning error and using unixsocket. // scanning error and using unixsocket.
$configmap = array(array('clamfailureonupload', 'actlikevirus'), array('runningmethod', 'unixsocket')); $configmap = array(array('clamfailureonupload', 'actlikevirus'), array('runningmethod', 'unixsocket'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap)); $antivirus->method('get_config')->will($this->returnValueMap($configmap));
// Configure scan_data_execute_unixsocket method stubs to behave as if // Configure scan_data_execute_socket method stubs to behave as if
// there is a scanning error (SCAN_RESULT_ERROR). // there is a scanning error (SCAN_RESULT_ERROR).
$antivirus->method('scan_data_execute_unixsocket')->willReturn(2); $antivirus->method('scan_data_execute_socket')->willReturn(2);
$antivirus->method('get_scanning_notice')->willReturn('someerror'); $antivirus->method('get_scanning_notice')->willReturn('someerror');
// Set expectation that message_admins is called. // Set expectation that message_admins is called.
@ -305,5 +336,17 @@ class antivirus_clamav_scanner_testcase extends advanced_testcase {
// Run mock scanning, we expect SCAN_RESULT_FOUND since configuration // Run mock scanning, we expect SCAN_RESULT_FOUND since configuration
// require us to act like virus. // require us to act like virus.
$this->assertEquals(1, $antivirus->scan_data('')); $this->assertEquals(1, $antivirus->scan_data(''));
// Re-initiate mock scanning with configuration setting to act like virus on
// scanning error and using tcpsocket.
$configmap = array(array('clamfailureonupload', 'actlikevirus'), array('runningmethod', 'tcpsocket'));
$antivirus->method('get_config')->will($this->returnValueMap($configmap));
// Set expectation that message_admins is called.
$antivirus->expects($this->atLeastOnce())->method('message_admins')->with($this->equalTo('someerror'));
// Run mock scanning, we expect SCAN_RESULT_FOUND since configuration
// require us to act like virus.
$this->assertEquals(1, $antivirus->scan_data(''));
} }
} }