trophie_init.c

一个使用诺顿病毒库的病毒扫描的例子程序

#include "trophie.h"
#include "trophie_init.h"

/* Show *some* of the settings. This is really dodgy */
void trophie_show_settings(void)
{
	int vs_data = 0;
	char vs_text[2048];

	/* Show the version */
	trophie_version();

	/* Show the 'header' */
	fprintf(stdout, "+-----------------------------------------+---------------------------+\n");
	fprintf(stdout, "| Configuration parameter                 |           Value           |\n");
	fprintf(stdout, "+-----------------------------------------+---------------------------+\n");

	/* Good luck :) */

	vs_ret = VSGetLogFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetLogFlag", vs_ret);

	vs_ret = VSGetScanJavaFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetScanJavaFlag", vs_ret);

	vs_ret = VSGetScanMacroFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetScanMacroFlag", vs_ret);

	vs_ret = VSGetSoftMiceFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetSoftMiceFlag", vs_ret);

	vs_ret = VSGetExtractArchiveFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetExtractArchiveFlag", vs_ret);

	vs_ret = VSGetExpandLiteFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetExpandLiteFlag", vs_ret);

	vs_ret = VSGetDecodeFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetDecodeFlag", vs_ret);

	vs_ret = VSGetSmartDecompressFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetSmartDecompressFlag", vs_ret);

	/* reminder: we can set heuristic level to 0-4 range */
	vs_ret = VSGetHeuristicLevel(vs_addr, &vs_data);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetHeuristicLevel", vs_data);

	vs_ret = VSGetVSVerboseLevel(vs_addr, &vs_data);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetVSVerboseLevel", vs_data);

	/* can be set */
	vs_ret = VSGetDecompressLayer(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetDecompressLayer", vs_ret);

	vs_ret = VSGetConfChangeFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetConfChangeFlag", vs_ret);

	vs_ret = VSGetCurrentPatternFileVersion(vs_addr, &vs_data);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetCurrentPatternFileVersion", vs_data);

/* For some reason, Sparc/Solaris 2.7 crashes here - didn't bother to check why */
/* Oups - HP-UX 10.20 fails as well */
#ifdef LINUX
	vs_ret = VSGetVSDebug(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetVSDebug", vs_ret);
#endif

	vs_ret = VSGetExtractAmgFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetExtractAmgFlag", vs_ret);

	vs_ret = VSGetScanLiteFileFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetScanLiteFileFlag", vs_ret);

	vs_ret = VSGetProcessAllFileInArcFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetProcessAllFileInArcFlag", vs_ret);

	vs_ret = VSGetKeepDecompressFileFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetKeepDecompressFileFlag", vs_ret);

	/* can be set */
	vs_ret = VSGetEncryptTempFileFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetEncryptTempFileFlag", vs_ret);

/* For some reason it fails on HPUX - won't bother... */
#ifndef HPUX1020
	vs_ret = VSGetProcessAllVolumeFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetProcessAllVolumeFlag", vs_ret);
#endif
	vs_ret = VSGetScanBPFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetScanBPFlag", vs_ret);

	vs_ret = VSGetScanMemoryFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetScanMemoryFlag", vs_ret);

	vs_ret = VSGetProcessAllSubDirFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetProcessAllSubDirFlag", vs_ret);

	/* can be set */
	vs_ret = VSGetProcessAllFileFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetProcessAllFileFlag", vs_ret);

	vs_ret = VSGetCountFileFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetCountFileFlag", vs_ret);

	vs_ret = VSGetScanGenericMacroFlag(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetScanGenericMacroFlag", vs_ret);

/*	vs_ret = VSSetExtractPath(vs_addr, "/var/tmp"); */
	if ((vs_ret = VSGetExtractPath(vs_addr, vs_text, 1024)) == 0)
	{
		if (vs_text[0] == '\0')
			strncpy(vs_text, "(none set)", sizeof(vs_text)-1);
		fprintf(stdout, "| %-40s| %25s |\n", "VSGetExtractPath", vs_text);
	}

	vs_ret = VSGetTempPath(vs_addr, vs_text, 1024);
	fprintf(stdout, "| %-40s| %25s |\n", "VSGetTempPath", vs_text);

	vs_ret = VSGetLogFilePath(vs_addr, vs_text, 1024);
	fprintf(stdout, "| %-40s| %25s |\n", "VSGetLogFilePath", vs_text);

/*	vs_ret = VSSetVirusHospitalPath(vs_addr, "/var/tmp"); */
	vs_ret = VSGetVirusHospitalPath(vs_addr, vs_text, 1024);
	fprintf(stdout, "| %-40s| %25s |\n", "VSGetVirusHospitalPath", vs_text);

	vs_ret = VSGetPatternPath(vs_addr, vs_text, 1024);
	fprintf(stdout, "| %-40s| %25s |\n", "VSGetPatternPath", vs_text);

	vs_ret = VSGetDetectableVirusNumber(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetDetectableVirusNumber", vs_ret);

/*
	vs_ret = VSGetProcessExtNumber(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetProcessExtNumber", vs_ret);

	vs_ret = VSGetArchProcessExtNumber(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "VSGetArchProcessExtNumber", vs_ret);
*/

	vs_ret = VSGetMemoryDecompressSize(vs_addr, &vs_data);
	fprintf(stdout, "| %-40s| %22d KB |\n", "VSGetMemoryDecompressSize", vs_data/1024);

#if (NEWER_VSAPI == 1)
	if (strncmp(trophie_vs.version_string, "5.4", 3) == 0)
	{
		int ext_counter = 0;
		char *ext_string;
		char *i_hate_value_computed_not_used_warning;
		int spaces;
		
		fprintf(stdout, "+-----------------------------------------+---------------------------+\n");
		fprintf(stdout, "| (settings below are supported by newer engines (5.450, for example) |\n");
		fprintf(stdout, "+-----------------------------------------+---------------------------+\n");

		vs_ret = VSGetOleEmbedScanLayer(vs_addr);
		fprintf(stdout, "| %-40s| %25d |\n", "VSGetOleEmbedScanLayer", vs_ret);

		vs_ret = VSGetRTFScanLayer(vs_addr);
		fprintf(stdout, "| %-40s| %25d |\n", "VSGetRTFScanLayer", vs_ret);

		vs_ret = VSGetMsgScanLayer(vs_addr);
		fprintf(stdout, "| %-40s| %25d |\n", "VSGetMsgScanLayer", vs_ret);

		vs_ret = VSGetScriptTrapFlag(vs_addr);
		fprintf(stdout, "| %-40s| %25d |\n", "VSGetScriptTrapFlag", vs_ret);

/*
		vs_ret = _VSGetSkipRB9Flag(vs_addr);
		fprintf(stdout, "| %-40s| %25d |\n", "_VSGetSkipRB9Flag", vs_ret);
*/

		vs_ret = VSGetRedAlertFlag(vs_addr);
		fprintf(stdout, "| %-40s| %25d |\n", "VSGetRedAlertFlag", vs_ret);

		vs_ret = VSGetExtractFileSizeLimit(vs_addr, &vs_data);
		fprintf(stdout, "| %-40s| %22d MB |\n", "VSGetExtractFileSizeLimit", vs_data/1024/1024);

		vs_ret = VSGetDefaultExtListSize(vs_addr, &vs_data);
		fprintf(stdout, "| %-40s| %25d |\n", "VSGetDefaultExtListSize", vs_data);

		fprintf(stdout, "+-----------------------------------------+---------------------------+\n");

		vs_ret = VSGetDefaultExtList(vs_addr, vs_text);
		fprintf(stdout, "| %-66s  |\n", "VSGetDefaultExtList");
		fprintf(stdout, "| %-66s  |\n", " ");

		ext_string = vs_text;
		
		while(*ext_string != '\0')
		{
			if (ext_counter == 0)
				fprintf(stdout, "| ");

			while(*ext_string != ';')
			{
				printf("%c", *ext_string);
				i_hate_value_computed_not_used_warning = (char *)ext_string++;
				ext_counter++;
			}
			printf(", ");
				
			i_hate_value_computed_not_used_warning = (char *)ext_string++;
			ext_counter+=2;

			if (ext_counter >= 64)
			{
				for(spaces = 0 ; spaces < (68 - ext_counter) ; spaces++)
					printf(" ");

				printf("|\n");
				ext_counter = 0;
			}
		}
		for (spaces = 0 ; spaces < (68 - ext_counter) ; spaces++)
			printf(" ");

		fprintf(stdout, "|\n");
	}
#endif

/* just a template :) */
/*
	vs_ret = x(vs_addr);
	fprintf(stdout, "| %-40s| %25d |\n", "x", vs_ret);
*/
	fprintf(stdout, "+-----------------------------------------+---------------------------+\n");
}

/* Initialize VSAPI */
void trophie_init(void)
{
	if((vs_ret = VSInit(getpid(), "VSCAN", -1, &vs_addr)) != 0)
	{
		fprintf(stderr, "ERROR: VSInit() failed (return code: [%d])\n", vs_ret);
		exit(-1);
	}
	
	/* Should work... ;) */
	if ((vs_ret = VSReadVirusPattern(vs_addr, -1, 0, 0)) != 0)
	{
		fprintf(stderr, "VSReadVirusPattern() failed (return code: [%d])\n", vs_ret);
		exit(-1);
	}

	trophie_vs.handle_addr = vs_addr;
	trophie_vs.version_string[0] = 0;

	if ((vs_ret = VSGetVSCInfo(&trophie_vs)) != 0)
	{
		fprintf(stderr, "VSGetVSCInfo() failed (return code: [%d])\n", vs_ret);
		exit(-1);
	}

	/* Set the callback function */
	if ((vs_ret = VSSetProcessFileCallBackFunc(vs_addr, &vs_virus_scan_file_callback_function)) != 0)
	{
		fprintf(stderr, "VSSetProcessFileCallBackFunc() failed (return code: [%d]\n", vs_ret);
		exit(-1);
	}

	/* Here we will set some params on our own */
	/* To define them, look at trophie_init.h file */
	if (VS_PROCESS_ALL_FILES_IN_ARCHIVE)
		VSSetProcessAllFileInArcFlag(vs_addr, 1);
	
	if (VS_PROCESS_ALL_FILES)
		VSSetProcessAllFileFlag(vs_addr, 1);
}

/* Bye, bye, VSAPI */
void trophie_end(void)
{
	if ((vs_ret = VSQuit(vs_addr)) != 0)
	{
		fprintf(stderr, "ERROR: VSQuit() failed (return code: [%d])\n", vs_ret);
		exit(-1);
	}

	trophie_print(0, "Cleanup       : VSAPI cleaned up and terminated");

}

/* Show the VSAPI version & pattern details */
void trophie_version(void)
{
	fprintf(stdout, "Initializing  : VSAPI version %s\n", trophie_vs.version_string);
	fprintf(stdout, "Initializing  : Pattern version %d (pattern number %lu)\n", trophie_vs.pattern_version, trophie_vs.pattern_number);
	fprintf(stdout, "Socket path   : \"%s\"\n", TROPHIE_SOCKET_NAME);
}