Skip to content

Commit da69ec8

Browse files
committed
Provide cf-ray ids to user when freshclam fails
Providing cf-ray ids to the user when freshclam fails will skip the step of having to ask them for the ids. This should save some time when the user is not in the same time zone.
1 parent 24226f7 commit da69ec8

4 files changed

Lines changed: 108 additions & 4 deletions

File tree

libfreshclam/libfreshclam.c

Lines changed: 52 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -646,6 +646,22 @@ fc_error_t fc_update_database(
646646
&dbFilename,
647647
bUpdated);
648648

649+
#if 0
650+
if (FC_ERETRYLATER == ret){
651+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
652+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
653+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
654+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
655+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
656+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
657+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
658+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
659+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
660+
fprintf(stderr, "%s::%d::FIXME::TAKE THIS OUT\n", __FUNCTION__, __LINE__);
661+
ret = FC_EFORBIDDEN;
662+
}
663+
#endif
664+
649665
switch (ret) {
650666
case FC_SUCCESS: {
651667
if (*bUpdated) {
@@ -693,9 +709,19 @@ fc_error_t fc_update_database(
693709
logg(LOGG_INFO, " In order to rectify this please check that you are:\n");
694710
logg(LOGG_INFO, " a. Running an up-to-date version of FreshClam\n");
695711
logg(LOGG_INFO, " b. Running FreshClam no more than once an hour\n");
696-
logg(LOGG_INFO, " c. If you have checked (a) and (b), please open a ticket at\n");
712+
logg(LOGG_INFO, " c. Connecting from an IP in a blocked region\n");
713+
logg(LOGG_INFO, " Please see https://www.cisco.com/c/m/en_us/crisissupport.html\n");
714+
logg(LOGG_INFO, " d. If you have checked (a), (b) and (c), please open a ticket at\n");
697715
logg(LOGG_INFO, " https://github.com/Cisco-Talos/clamav/issues\n");
698716
logg(LOGG_INFO, " and we will investigate why your network is blocked.\n");
717+
if (g_rayLst.cnt > 0) {
718+
logg(LOGG_INFO, " Please provide the following cf-ray ids with your ticket.\n");
719+
logg(LOGG_INFO, "\n CF-RAYS=========================================================================\n");
720+
for (i = 0; i < g_rayLst.cnt; i++) {
721+
logg(LOGG_INFO, " cf-ray: %s\n", g_rayLst.ids[i]);
722+
}
723+
logg(LOGG_INFO, "\n");
724+
}
699725
logg(LOGG_WARNING, "You are on cool-down until after: %s\n", retry_after_string);
700726
status = ret;
701727
goto done;
@@ -795,7 +821,18 @@ fc_error_t fc_update_databases(
795821
logg(LOGG_INFO, " CDN and your own network.\n");
796822
logg(LOGG_INFO, " 4. Please do not open a ticket asking for an exemption from the rate limit,\n");
797823
logg(LOGG_INFO, " it will not be granted.\n");
824+
if (g_rayLst.cnt > 0) {
825+
logg(LOGG_INFO, " 5. If you have verified that you are not blocked due to your region, and have\n");
826+
logg(LOGG_INFO, " not exceeded the rate limit, please provide the following cf-ray ids when\n");
827+
logg(LOGG_INFO, " submitting a ticket.\n");
828+
logg(LOGG_INFO, "\n CF-RAYS=========================================================================\n");
829+
for (i = 0; i < g_rayLst.cnt; i++) {
830+
logg(LOGG_INFO, " cf-ray: %s\n", g_rayLst.ids[i]);
831+
}
832+
logg(LOGG_INFO, "\n");
833+
}
798834
logg(LOGG_WARNING, "You are still on cool-down until after: %s\n", retry_after_string);
835+
799836
status = FC_SUCCESS;
800837
goto done;
801838
} else {
@@ -805,6 +842,10 @@ fc_error_t fc_update_databases(
805842
}
806843
}
807844

845+
/*Clear the old cf-ray ids. This is really only so that
846+
* we don't have stale ones when we are running in daemon mode.*/
847+
memset(&g_rayLst, 0, sizeof(g_rayLst));
848+
808849
for (i = 0; i < nDatabases; i++) {
809850
if (FC_SUCCESS != (ret = fc_update_database(
810851
databaseList[i],
@@ -914,7 +955,17 @@ fc_error_t fc_download_url_database(
914955
logg(LOGG_INFO, " c. If you have checked (a) and (b), please open a ticket at\n");
915956
logg(LOGG_INFO, " https://github.com/Cisco-Talos/clamav/issues\n");
916957
logg(LOGG_INFO, " and we will investigate why your network is blocked.\n");
958+
if (g_rayLst.cnt > 0) {
959+
size_t i;
960+
logg(LOGG_INFO, " Please provide the following cf-ray ids with your ticket.\n");
961+
logg(LOGG_INFO, "\n CF-RAYS=========================================================================\n");
962+
for (i = 0; i < g_rayLst.cnt; i++) {
963+
logg(LOGG_INFO, " cf-ray: %s\n", g_rayLst.ids[i]);
964+
}
965+
logg(LOGG_INFO, "\n");
966+
}
917967
logg(LOGG_WARNING, "You are on cool-down until after: %s\n", retry_after_string);
968+
918969
status = ret;
919970
goto done;
920971
break;

libfreshclam/libfreshclam.h

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -238,6 +238,19 @@ fc_error_t fc_update_databases(
238238
void *context,
239239
uint32_t *nUpdated);
240240

241+
#define MAX_CFRAYS 10
242+
#define CFRAY_LEN 20
243+
typedef struct fc_cfray_list_ {
244+
uint8_t ids[MAX_CFRAYS][CFRAY_LEN + 1];
245+
uint32_t cnt;
246+
} fc_cfray_list;
247+
#define INSERT_CFRAY(lst, ray) \
248+
{ \
249+
if (lst->cnt < MAX_CFRAYS) { \
250+
memcpy(lst->ids[lst->cnt++], ray, CFRAY_LEN); \
251+
} \
252+
}
253+
241254
/* ----------------------------------------------------------------------------
242255
* Callback function type definitions.
243256
*/

libfreshclam/libfreshclam_internal.c

Lines changed: 42 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -118,6 +118,8 @@ uint32_t g_bCompressLocalDatabase = 0;
118118

119119
freshclam_dat_v1_t *g_freshclamDat = NULL;
120120

121+
fc_cfray_list g_rayLst = {0};
122+
121123
/** @brief Generate a Version 4 UUID according to RFC-4122
122124
*
123125
* Uses the openssl RAND_bytes function to generate a Version 4 UUID.
@@ -217,8 +219,9 @@ fc_error_t load_freshclam_dat(void)
217219
/* Verify that file size is as expected. */
218220
off_t file_size = lseek(handle, 0L, SEEK_END);
219221

220-
if (strlen(MIRRORS_DAT_MAGIC) + sizeof(freshclam_dat_v1_t) != (size_t)file_size) {
221-
logg(LOGG_DEBUG, "freshclam.dat is bigger than expected: %zu != %ld\n", sizeof(freshclam_dat_v1_t), file_size);
222+
size_t minSize = strlen(MIRRORS_DAT_MAGIC) + sizeof(freshclam_dat_v1_t);
223+
if (minSize > (size_t)file_size) {
224+
logg(LOGG_DEBUG, "freshclam.dat is smaller than expected: %zu != %ld\n", sizeof(freshclam_dat_v1_t), file_size);
222225
goto done;
223226
}
224227

@@ -244,6 +247,13 @@ fc_error_t load_freshclam_dat(void)
244247
goto done;
245248
}
246249

250+
if (sizeof(fc_cfray_list) != (bread = read(handle, &g_rayLst, sizeof(fc_cfray_list)))) {
251+
char error_message[260];
252+
cli_strerror(errno, error_message, 260);
253+
logg(LOGG_ERROR, "Can't read from freshclam.dat. Bytes read: %zi, error: %s\n", bread, error_message);
254+
goto done;
255+
}
256+
247257
/* Got it. */
248258
close(handle);
249259
handle = -1;
@@ -329,6 +339,10 @@ fc_error_t save_freshclam_dat(void)
329339

330340
logg(LOGG_DEBUG, "Saved freshclam.dat\n");
331341

342+
if (-1 == write(handle, &g_rayLst, sizeof(fc_cfray_list))) {
343+
logg(LOGG_ERROR, "Can't write to freshclam.dat\n");
344+
}
345+
332346
status = FC_SUCCESS;
333347
done:
334348
if (-1 != handle) {
@@ -801,6 +815,24 @@ static size_t WriteFileCallback(void *contents, size_t size, size_t nmemb, void
801815
return bytes_written;
802816
}
803817

818+
size_t HeaderCallback(char *buffer,
819+
size_t size,
820+
size_t nitems,
821+
void *userdata)
822+
{
823+
824+
const char *const needle = "cf-ray: ";
825+
size_t totBytes = size * nitems;
826+
if (totBytes >= strlen(needle) + CFRAY_LEN) {
827+
if (0 == strncmp(needle, buffer, strlen(needle))) {
828+
fc_cfray_list *rays = (fc_cfray_list *)userdata;
829+
INSERT_CFRAY(rays, &(buffer[strlen(needle)]));
830+
}
831+
}
832+
833+
return size * nitems;
834+
}
835+
804836
/**
805837
* @brief Get the cvd header info struct for the newest available database.
806838
*
@@ -1283,6 +1315,14 @@ static fc_error_t downloadFile(
12831315
logg(LOGG_ERROR, "downloadFile: Failed to set write-data file handle for curl session.\n");
12841316
}
12851317

1318+
if (CURLE_OK != curl_easy_setopt(curl, CURLOPT_HEADERDATA, &g_rayLst)) {
1319+
logg(LOGG_ERROR, "downloadFile: Failed to set header-data for header callback for curl session.\n");
1320+
}
1321+
1322+
if (CURLE_OK != curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, HeaderCallback)) {
1323+
logg(LOGG_ERROR, "downloadFile: Failed to set header-data callback function for curl session.\n");
1324+
}
1325+
12861326
logg(LOGG_DEBUG, "downloadFile: Download source: %s\n", url);
12871327
logg(LOGG_DEBUG, "downloadFile: Download destination: %s\n", destfile);
12881328

@@ -1380,7 +1420,6 @@ static fc_error_t downloadFile(
13801420
}
13811421

13821422
done:
1383-
13841423
if (NULL != slist) {
13851424
curl_slist_free_all(slist);
13861425
}

libfreshclam/libfreshclam_internal.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,7 @@ extern uint32_t g_requestTimeout;
6464
extern uint32_t g_bCompressLocalDatabase;
6565

6666
extern freshclam_dat_v1_t *g_freshclamDat;
67+
extern fc_cfray_list g_rayLst;
6768

6869
fc_error_t load_freshclam_dat(void);
6970
fc_error_t save_freshclam_dat(void);

0 commit comments

Comments
 (0)