(c) 2005 Salvatore Toribio for the sophie patch

This patch only adds the sophie routine just based
in the standard trophie routine.
Sophie could be foud at http://www.clanfield.info/sophie/
(Original home of Sophie http://www.vanja.com/tools/sophie/)

To apply the patch:

tar xzf p3scan-2.1.tar.gz -C /var/tmp
cp p3scan-2.1-sophie.patch /var/tmp/
cd /var/tmp
patch -p0 < p3scan-2.1-sophie.patch

Salvatore Toribio
http://toribio.apollinare.org/p3scan/
20050611


diff -Naur p3scan-2.1.orig/Makefile p3scan-2.1/Makefile
--- p3scan-2.1.orig/Makefile	Wed Jan  5 18:53:04 2005
+++ p3scan-2.1/Makefile	Sat Jun 11 12:36:07 2005
@@ -51,7 +51,7 @@
 # End user options
 
 OBJECTS=getline.o parsefile.o p3scan.o \
-	scanner_basic.o scanner_avpd.o scanner_trophie.o
+	scanner_basic.o scanner_avpd.o scanner_trophie.o scanner_sophie.o
 LIBS=libripmime.a
 
 all: $(PROGS)
diff -Naur p3scan-2.1.orig/README p3scan-2.1/README
--- p3scan-2.1.orig/README	Wed Jan  5 18:53:04 2005
+++ p3scan-2.1/README	Sat Jun 11 12:42:27 2005
@@ -55,6 +55,9 @@
       http://www.kaspersky.com/
     Trophie Anti-Virus Daemon
       http://www.vanja.com/tools/trophie/
+    Sophie Anti-Virus Daemon
+      http://www.clanfield.info/sophie/     (by Salvatore Toribio 20050513)
+      (Original home of Sophie http://www.vanja.com/tools/sophie/)  
     FRISK F-Prot Antivirus
       http://www.f-prot.com/
     Clam Anti-Virus
diff -Naur p3scan-2.1.orig/p3scan.conf p3scan-2.1/p3scan.conf
--- p3scan-2.1.orig/p3scan.conf	Wed Jan  5 18:53:04 2005
+++ p3scan-2.1/p3scan.conf	Sat Jun 11 12:40:34 2005
@@ -9,6 +9,8 @@
 
 # (C) 2003-2005 by Jack S. Lai <laitcg@cox.net>
 
+# Salvatore Toribio, added routine for Sophie 20050611
+
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2 of the License, or
@@ -201,6 +203,16 @@
 #     don't use trophies standard-config  you have to set scanner to the
 #     trophie socket.
 #
+#   SOPHIE:
+#
+#     Sophie is an OpenSource Anti-Virus Daemon, which uses the
+#     libsavi interface from Sophos Antivirus (http://www.sophos.com/).
+#     Sophie can be found at http://www.clanfield.info/sophie/
+#     (Original home of Sophie http://www.vanja.com/tools/sophie/).
+#     Configuration is very simple, just set scannertype to 'sophie' and
+#     it should work. If you don't use sophies standard-config 
+#     you have to set scanner to the sophie socket.
+#
 #   FRISK F-Prot Antivirus: http://www.f-prot.com
 #
 #      Un-comment appropriate options below.
@@ -237,6 +249,7 @@
 #     basic   : <no default>
 #     avpd    : /var/run/
 #     trophie : /var/run/trophie
+#     sophie  : /var/run/sophie
 #
 #
 # Sample: scannertype basic using McAfee UVSCAN:
diff -Naur p3scan-2.1.orig/scanner.h p3scan-2.1/scanner.h
--- p3scan-2.1.orig/scanner.h	Wed Jan  5 18:53:04 2005
+++ p3scan-2.1/scanner.h	Sat Jun 11 12:36:07 2005
@@ -38,11 +38,13 @@
 extern scanner_t scanner_basic;
 extern scanner_t scanner_avpd;
 extern scanner_t scanner_trophie;
+extern scanner_t scanner_sophie;
 
 scanner_t *scannerlist[] = {
     &scanner_basic, /* first one is default */
     &scanner_avpd,
     &scanner_trophie,
+    &scanner_sophie,
     NULL
 };
 
diff -Naur p3scan-2.1.orig/scanner_sophie.c p3scan-2.1/scanner_sophie.c
--- p3scan-2.1.orig/scanner_sophie.c	Thu Jan  1 01:00:00 1970
+++ p3scan-2.1/scanner_sophie.c	Sat Jun 11 12:36:07 2005
@@ -0,0 +1,187 @@
+/*
+ * 
+ * P3Scan v1.0
+ *
+ * (C) 2003 by Jack S. Lai <laitcg@cox.net>
+ *
+ * It's intent is to provide a follow on program to POP3-Virusscan-Proxy 0.4
+ * by Folke Ashberg <folke@ashberg.de>.
+ *
+ * It is based upon his program but provides numerous changes to include
+ * scanning pop3 mail for spam, hardening the program, addaption to todays
+ * email environment, and many other changes.
+ *
+ * The initial release of p3scan includes patches made and submitted to the
+ * original project but were never incorporated.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *
+ * Sophie routine by Salvatore Toribio, based in the Trophie routine (20050514)
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+#include <errno.h>
+#include <malloc.h>
+#include <sys/un.h>
+#include <sys/socket.h>
+#include <stdarg.h>
+#include <ctype.h>
+
+#include "p3scan.h"
+
+#define DEFAULT_SOCKET_PATH "/var/run/sophie"
+
+struct configuration_t * config;
+
+static int  sophie_fd;    // fd for log
+static int  connected;     // have done connect
+
+static struct sockaddr_un sophie_socket;	// AF_UNIX address of local logger
+
+static int sophie_socket_connect(struct proxycontext *p){
+   if (sophie_fd == -1){
+      bzero((char *)&sophie_socket, sizeof(sophie_socket));
+      sophie_socket.sun_family=AF_UNIX;
+      strcpy(sophie_socket.sun_path, config->virusscanner);
+      if ((sophie_fd=socket(AF_UNIX,SOCK_STREAM,0)) < 0 ){
+         do_log(LOG_CRIT, "create socket error: socket() not created %s",
+         config->virusscanner);
+         return -1;
+      }
+    }
+    if (sophie_fd!=-1 && connected==-1){
+      do_log(LOG_DEBUG, "Trying to connect to socket");
+      if (connect(sophie_fd, (struct sockaddr *)(&sophie_socket),
+         sizeof(sophie_socket.sun_family) + strlen(config->virusscanner)) >= 0){
+         connected=1;
+         do_log(LOG_DEBUG, "sophie_socket_connect connected");
+         return 0;
+      }
+   } else {
+      do_log(LOG_DEBUG, "Already connected");
+      return 0;
+   }
+   do_log(LOG_CRIT, "can't connect to socket %s", config->virusscanner);
+   return -1;
+}
+
+static void sophie_socket_close(void){
+   close(sophie_fd);
+   sophie_fd=-1;
+   connected=0;
+   do_log(LOG_DEBUG, "sophie_socket_close");
+}
+
+
+static int sophie_scanfile(struct proxycontext * p, char * filetoscan, char ** virname){
+   char *sendbuf;
+   char recvbuf[512];
+   int len;
+
+   *virname=NULL;
+   if(sophie_fd<0 || !connected)
+   if (sophie_socket_connect(p)!=0) return SCANNER_RET_ERR;
+   len=strlen(filetoscan);
+   sendbuf=malloc(len+2);
+   (void)snprintf(sendbuf, len+2, "%s\n", filetoscan);
+    /* send filename */
+   do_log(LOG_DEBUG, "Sending to socket");
+   if (write(sophie_fd, sendbuf, len+1) <0){
+      do_log(LOG_ALERT, "Can't write to sophie socket");
+      free(sendbuf);
+      return SCANNER_RET_ERR;
+   }
+   free(sendbuf);
+   do_log(LOG_DEBUG, "OK");
+   /* retrieve message */
+   memset(recvbuf, 0, sizeof(recvbuf));
+   if ((len = read(sophie_fd, recvbuf, sizeof(recvbuf))) > 0){
+      do_log(LOG_DEBUG, "%i bytes read", len);
+      if (strchr(recvbuf, '\n'))
+      *strchr(recvbuf, '\n') = '\0';
+      if (recvbuf[0] == '1'){
+         /* virus */
+         do_log(LOG_DEBUG, "it's a virus");
+         *virname=strdup(recvbuf+2);
+         return SCANNER_RET_VIRUS;
+      } else if (!strncmp(recvbuf, "-1", 2)){
+         do_log(LOG_CRIT, "Error scanning %s (error or file not found)",
+         filetoscan);
+         return SCANNER_RET_ERR;
+      }
+   } else {
+      do_log(LOG_ALERT, "Can't read message to sophie socket");
+      return SCANNER_RET_ERR;
+   }
+   return SCANNER_RET_OK;
+}
+
+static int init1(void){
+   do_log(LOG_DEBUG, "Sophie Init1");
+   if (strlen(NONULL(config->virusscanner))<1){
+      do_log(LOG_CRIT, "no scanner was defined. we're using " DEFAULT_SOCKET_PATH);
+      config->virusscanner=strdup(DEFAULT_SOCKET_PATH);
+   }
+
+   connected=-1;
+   sophie_fd=-1;
+
+   do_log(LOG_DEBUG, "Sophie Init1 Done");
+
+   return 0;
+}
+
+static int init2(struct proxycontext *p){
+   do_log(LOG_DEBUG, "Sophie Init2");
+
+   /* Connect to socket */
+   if (sophie_socket_connect(p)!=0) return -1;
+
+   do_log(LOG_DEBUG, "Sophie Init2 Done");
+
+   return 0;
+}
+
+static void uninit2(struct proxycontext *p){
+   sophie_socket_close();
+}
+
+static int scan(struct proxycontext *p, char ** virname){
+   int ret;
+   do_log(LOG_DEBUG, "Sophie scanner says hello");
+
+   ret=sophie_scanfile(p, p->scanthis, virname);
+
+   do_log(LOG_DEBUG, "Sophie scanner says goodbye");
+   return ret;
+}
+
+scanner_t scanner_sophie = {
+   "sophie",                    /* name */
+   "Sophie antivirus daemon (for Sophos Antivirus)",  /* description */
+   &init1,                       /* init1 (once, afer startup) */
+   &init2,                       /* init2 (every connection before first mail) */
+   &scan,                        /* scan */
+   &uninit2,                     /* uninit2 */
+   NULL,                         /* uninit1 */
+   0                             /* dirscan */
+};
+