Hello

The current Debian jessie version of clamav does not allow systemd
to pass more than two sockets (one UDS, one TCP) to the clamav daemon.

This prevents us from binding explicitly to several IP:port combinations.

We have been using the attached patch successfully in production for
several versions to fix that issue but of course every new version of clamav
breaks this again until we compile our own, patched version so I want to
submit this patch for inclusion in the Debian patch series.

-- 
Mit freundlichen Grüßen,

Matthias Hörmann

fon: +49 (0) 521 - 329647-29
fax: +49 (0) 521 - 329647-40
email: mhoerm...@saltation.de


---------------
saltation GmbH & Co. KG | Niederwall 43 | 33602 Bielefeld
Sitz Bielefeld | Amtsgericht Bielefeld HRA 15344
Persönlich haftende Gesellschafterin:
saltation Beteiligungs-GmbH | Niederwall 43 | 33602 Bielefeld
Sitz Bielefeld | Amtsgericht Bielefeld HRB 39339
Geschäftsführer: Daniel Brün
---------------
--- a/clamd/localserver.c
+++ b/clamd/localserver.c
@@ -63,12 +63,7 @@
 	char *estr;
 
     int num_fd = sd_listen_fds(0);
-    if (num_fd > 2)
-    {
-        logg("!LOCAL: Received more than two file descriptors from systemd.\n");
-        return -1;
-    }
-    else if (num_fd > 0)
+    if (num_fd > 0)
     {
         /* use socket passed by systemd */
         int i;
--- a/clamd/tcpserver.c
+++ b/clamd/tcpserver.c
@@ -58,19 +58,15 @@
     int yes = 1;
     int res;
     unsigned int i=0;
-	int num_fd;
+    int num_fd;
 
     sockets = *lsockets;
 
     num_fd = sd_listen_fds(0);
-    if (num_fd > 2)
-    {
-        logg("!TCP: Received more than two file descriptors from systemd.\n");
-        return -1;
-    }
-    else if (num_fd > 0)
+    if (num_fd > 0)
     {
         /* use socket passed by systemd */
+        int found = 0;
         int i;
         for(i = 0; i < num_fd; i += 1)
         {
@@ -79,34 +75,37 @@
             {
                 /* correct socket */
                 logg("#TCP: Received AF_INET SOCK_STREAM socket from systemd.\n");
-                break;
+                t = realloc(sockets, sizeof(int) * (*nlsockets + 1));
+                if (!(t)) {
+                    return -1;
+                }
+                sockets = t;
+
+                sockets[*nlsockets] = sockfd;
+                (*nlsockets)++;
+                found++;
             }
             else if (sd_is_socket(sockfd, AF_INET6, SOCK_STREAM, 1) == 1)
             {
                 /* correct socket */
                 logg("#TCP: Received AF_INET6 SOCK_STREAM socket from systemd.\n");
-                break;
-            }
-            else
-            {
-                /* wrong socket */
-                sockfd = -2;
+                t = realloc(sockets, sizeof(int) * (*nlsockets + 1));
+                if (!(t)) {
+                    return -1;
+                }
+                sockets = t;
+
+                sockets[*nlsockets] = sockfd;
+                (*nlsockets)++;
+                found++;
             }
         }
-        if (sockfd == -2)
+        if (found == 0)
         {
             logg("#TCP: No tcp AF_INET/AF_INET6 SOCK_STREAM socket received from systemd.\n");
             return -2;
         }
 
-        t = realloc(sockets, sizeof(int) * (*nlsockets + 1));
-        if (!(t)) {
-            return -1;
-        }
-        sockets = t;
-
-        sockets[*nlsockets] = sockfd;
-        (*nlsockets)++;
         *lsockets = sockets;
         return 0;
     }
_______________________________________________
Pkg-clamav-devel mailing list
Pkg-clamav-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel

Reply via email to