------------------------------------------------------------------------ 10-May-2003 (Version 1.44) - Major bug fixed (infite loop in sophie_getline()). Thanks to Lutz Jaenicke for sending a patch and detailed description of the problem. ------------------------------------------------------------------------ 18-Apr-2003 (Version 1.43) - buf is now MAXPATHLEN (was hardcoded to 256 - forgot about it :) Thanks to Rainer Link for pointing this out - Removed fgets() in while() loop, and substituted it with sophie_getline(). Removed code that reopens the socket, and the references to msgfp. Thanks to Rainer Link for pointing the problems with fgets() NOTE: Please test this release, and let me know if you experience any trouble with sophie_getline() ------------------------------------------------------------------------ 28-Feb-2003 (Version 1.42) - Grp* options added, which are initialized if engine 2.14+ is used. This will make startup faster. NOTE: Individual options are NOT set if engine is 2.14 or newer. ------------------------------------------------------------------------ 02-Jan-2003 (Version 1.41) - License is modified [sophie.c], in order to allow linking to SAVI This should, hopefully, resolve some "legal" issues. Thanks to Rainer Link for the tip. - SOPHIE_SOPHOS_UPX is now enabled by default (in sophie_init.h), so that Yaha-K (and similar things) can be detected. - Small manpage added. Thanks to Anne Bennett for the manpage. - Sophie now logs failure to restart itself. Thanks to Anne Bennett for the patch. - Added contrib/ subdirectory. RPM specfile and init file added. Thanks to Tim Jackson for the files. ------------------------------------------------------------------------ 20-Jun-2002 (Version 1.40rc1) - Sophie will print current PROC_COUNT when SIGUSR1 is delivered to parent process. [sophie.c] - Small typo fixed [sophie.c] - Socket file was actually not chowned() to RUNAS_USER when Sophie started. Only group was modified. [sophie.c] - Moved stuff from config.h(.in), and put back sophie.h. Can't remember why I removed sophie.h at all. - Added break for all cases that return -1 in sophie_scanfile() [sophie_core.c] - Fix for a memory leaks in sophie_log_virus() [sophie_core.c] and sophie_scanfile() [sophie_core.c]. If one child process would scan many files, this problem could be observed. Thanks to Sophos for providing patch for this. - Minor fix (added #ifdef for timestamp declarations) [sophie_core.c] Thanks to Sophos for noticing this. ------------------------------------------------------------------------ 20-Jun-2002 (Version 1.39rc1) - Version number change ------------------------------------------------------------------------ 16-Jun-2002 (Version 1.39rc1) - Signal handling (SIGCHLD) redone in order to make sure PROC_COUNT is properly decremented. ------------------------------------------------------------------------ 11-Jun-2002 (Version 1.38) - When reloading, Sophie would try to close/shutdown network socket even if it was not compiled with --enable-net. Would cause Sophie to stop working properly after -HUP was sent. ------------------------------------------------------------------------ 02-Jun-2002 (Version 1.37) - Forgot to close/shutdown tcp_sock when restarting Sophie. That would generate "Address already in use" errors when network mode was used. Fixed. - initgroups() is now called only if Sophie is started by root - Fixed a typo in configure.in and added missing #undef for UNISTD_H_DECLARES_INITGROUPS (Scot W. Hatzel provided most of the patches for this release) - Checking if errno == EAGAIN (with network mode), and reading again (Thanks to Scot W. Hetzel for reporting this) - Modified sample_apps/sock_net/send_file.c ; send_msg now contains newline, as opposed to sending newline after 1st write() (Thanks to Scot W. Hetzel for reporting this) - Made sample_apps/perl_net/*.pl Perl 5.005 compatible. It doesn't like '$sock' as a name of a socket - changed to SOCK. (Thanks to Scot W. Hetzel for reporting this) - FreeBSD declares initgroups() in unistd.h - added check to configure for that (Thanks to Scot W. Hetzel for reporting this) - Include netinet/in.h if compiling on FreeBSD (Thanks to Alain Fauconnet and Scot W. Hetzel for reporting this) ------------------------------------------------------------------------ 01-Jun-2002 (Version 1.36) - SAVI config option "OutlookExpress" added (no idea what it does) - Added verbosity (for --enable-error-strings) at few more places where -1 was returned [sophie.c] - If opendir() [sophie_scandir.c] fails, verbose error message is returned (before, it was only '-1:' if error strings were enabled (suggested by Mark Martinec) - PROC_COUNT is printed on child startup (w/ debugging turned on) - declared PROC_COUNT as volatile (suggested by Mark Martinec) - config.h is now a dependancy, and in case it's changed, 'make' will recompile Sophie (suggested by Mark Martinec) - Fixed major bug which was introduced when -HUP handling was being rewritten (PROC_COUNT would not be decreased properly) - AIX related fix (initgroup is not in grp.h, on AIX 4.2) - AIX 'default user' changed to daemon (seems that 'mail' is just a mail alias on AIX - not an account) ------------------------------------------------------------------------ 20-May-2002 (Version 1.35) - Removed #define of "BSD", since it wasn't being used anywhere, and would cause gcc to complain about redefinition of BSD - Checking if the user (RUNAS_USER) really exists, before Sophie starts. (thanks to Jarno Huuskonen for noticing this) - [SECURITY] Added initgroups() in order to 'reset' list of supplemental groups available to Sophie child process. (thanks to Jarno Huuskonen for noticing this) - Checking if the userInfo->pw_gid is valid (and not a NULL, for example, which could cause trouble). (thanks to Jarno Huuskonen for noticing this) ------------------------------------------------------------------------ 14-May-2002 (Version 1.34) - Added support for 5 new configuration keywords/options, which can be found in Engine 2.10 "Pdf" "Rtf" "Html" "Elf" "WordB" ------------------------------------------------------------------------ 11-May-2002 (Version 1.33) - Version number change. This should encourage people to upgrade ------------------------------------------------------------------------ 29-Apr-2002 (Version 1.33rc7) - Some AIX related fixes - Sophie binary is now being stripped on most platforms, by default ------------------------------------------------------------------------ 23-Apr-2002 (Version 1.33rc6) - Added check for sys/sched.h and sched.h (for AIX) in configure.in - Check for vsnprintf() (in stdio.h) in configure.in - sophie.h contents moved to config.h ------------------------------------------------------------------------ 23-Apr-2002 (Version 1.33rc5) - --enable-timestamps configure option added. Timestamps have to be specifically enabled (since daemontools add timestamp, to Sophie which is running in foreground mode, already) ------------------------------------------------------------------------ 22-Apr-2002 (Version 1.33rc4) - Timestamp is now printed with Sophie messages, when Sophie is not started in daemon mode. ------------------------------------------------------------------------ 17-Apr-2002 (Version 1.33rc3) - Removed WAIT_ANY completely, and put -1 for waitpid() call. - Signal handler (for SIGCHLD) needs to be re-initialized when SIGCHLD is caught. This was causing trouble on Solaris. ------------------------------------------------------------------------ 17-Apr-2002 (Version 1.33rc2) - Cleaned up sophie.c a bit (removed some code outside of loop, which could never be executed) - Fixes for Tru64 (OSF 4.x, OSF 5.x). Sophie now compiles okay on OSF 4.0g and OSF 5.1a, with Compaq C compiler - WAIT_ANY is defined as -1 in sophie.h, if it already doesn't exist in the system. ------------------------------------------------------------------------ 13-Apr-2002 (Version 1.33rc1) - Signal handling redone - New configuration option added: --enable-error-strings Sophie can now return the error message, when error occured. For example, when --enable-error-string is used, Sophie will return: -1:Error: Virus scan failed NOTE: Make sure you know what you're doing when enabling this option. It will, most likely, break most apps that talk to Sophie. - Parent process now runs as root, and each child is running as RUNAS_USER. Socketfile/pidfile are being removed now, when Sophie is terminated. - HUP signal will now terminate Sophie, and restart it (by issuing execv(program_name, program_args). - Sophie prints more information when '-v' switch is used. NOTE: Output format has been modified slightly, so make sure that it doesn't affect any scripts that might be invoking Sophie with '-v' switch. - The timeout now doesn't affect the length of the whole connection, but the length of scanning a file. Before, it was working like: * accept connection * set alarm timeout * fgets() while loop, which reads line of input at a time * scan a file * exit (or abort, it timeout was reached meanwhile) Now, it works like: * accept connection * set alarm timeout (initially, we need this one) * fgets() while loop, which reads line of input at a time * scan a file * set alarm timeout * exit (if connection was closed, or if timeout for the last scanning was reached) So, if you want to scan 10 files, timeout will affect each of them, not all of them (hope this makes sense :) NOTE: Please, keep in mind that if you use internal Sophie routine for scanning directory, timeout will not be reset for every file in a directory! - Increased default timeout to 300 seconds. There are files which take ages to get scanned, so... - Added support for SOPHOS_HQX_DECOMPRESSION flag - Latest config.guess and config.sub added - Portability (Tru64) fixes - Ignoring SIGALRM in parent process ------------------------------------------------------------------------ 12-Mar-2002 (Version 1.32) - Sophie wouldn't compile if network support was disabled. Stupid error on my side. - Added more error cases in sophie_core.c. When -1 is returned, text error message will be logged for many more cases. - Using strrchr() instead of rindex() ------------------------------------------------------------------------ 12-Mar-2002 (Version 1.31) - 'Network' feature added to Sophie. It is possible from remote machine to send a file to Sophie (which listens on some port), and have that file scanned, and response returned. Read README.NETWORK for more details. WARNING: This feature is considered EXPERIMENTAL and UNSTABLE. Don't use use it on production machine without doing some heavy testing first. New configure options: --enable-net enable network support [no] --with-net-port=PORT port to use [4009] --with-net-tempdir=DIR temporary directory to use for network scans [/tmp] - AIX related changes to configure.in. - SOPHIE_LISTEN_QUEUE is now the same as MAX_PROC. Sophie will accept as many connections as it can fork processes. - gcc -rpath, option (for linker) is now used in order to make sure binary will look in the right place for the library. (Thanks to Will Day for testing/helping) This will solve the LD_LIBRARY_PATH "requirement" (I hope) ------------------------------------------------------------------------ 26-Feb-2002 (Version 1.30) - added --with-timeout configure option - Increased SOPHIE_LISTEN_QUEUE to 30 * Integrated a patch from willday -at- rom.oit.gatech.edu (these are all his contribution - many, many thanks) - Adds configure options for several things out of sophie.h: --with-socketfile=PATH path of socket file [/var/run/sophie] --with-pidfile=PATH path of pid file [/var/run/sophie.pid] --with-user=USER user to run as [varies per OS] --with-group=GROUP group to own socket file [varies per OS] --with-maxproc=NUM max concurrent scans [20] --with-logname=NAME name for syslog messages [sophie] --with-logfacility=FACILITY facility for syslog messages [LOG_MAIL] --with-logpriority=PRIORITY priority for syslog messages [varies per OS] - Replaces "SLOWARIS" ifdef with a more proper "SOLARIS". :) - Adds support for Sun C "SunPro" compiler in s_comput.h. (At least, for 5.0. I don't have 4.x or 6.0 convenient to test.) - Adds "-R${savilib}" (runtime search path) to LDFLAGS and "-xCC" (allows c++ comments) to CFLAGS when using solaris/cc. - Moves "-Isav_if" from configure.in to Makefile.in, to allow specifying CFLAGS at configure time. - In configure.in, sets CFLAGS only if not specified, and chooses default CFLAGS in a more portable manner. - Replaces getpwnam with getgrnam (and related) when working with the SOPHIE_SOCKET_GROUP. * In Makefile.in: - Replaces "@LDFLAGS@" with "${LDFLAGS}" in 'sophie' link target, since @LDFLAGS@ is already substituted at the top of the Makefile.in. - Changes 'sophie' link target to allow recompilation of only those object files that need it (rather than recompilation of all files for each link). ------------------------------------------------------------------------ 25-Feb-2002 (Version 1.18) - RUNAS_USER added to sophie.h - Sophie can now run as user other than root (default is 'mail' on Linux - check the file please). NOTE: Make sure user the Sophie is running as does have read privileges to directory and files which needs to be scanned. Otherwise, you will get -1 response. - setpriority() removed. It was not as useful as one would expect ;) - eicar.com is now created from Makefile, instead of being bundled in tarfile (Thanks to Lars Hecking for neat Makefile entry) - Old SYSLOG_FACILITY defines changed to SYSLOG_LEVEL (to avoid confusion). SYSLOG_FACILITY set to LOG_MAIL. Thanks to Klaus Muth for patch. - Added support for 10 new configuration keywords/options, which can be found in Engine 2.9 "Mime" "ActiveMimeHandling" "DelVBA5Project" "ScrapObjectHandling" "SrpStreamHandling" "Office2001Handling" "Upx" "Mac" "SafeMacDfHandling" "PalmPilotHandling" - SOPHIE_TIMEOUT (in sophie.c) increased from 30 to 90 (seconds) Some people did have problems with Sophie (scanning) terminating while scanning big attachments. ------------------------------------------------------------------------ 29-Oct-2001 (Version 1.17) (modification submitted by Lutz Jaenicke ) - Added @LDFLAGS@ in Makefile. Now "# LDFLAGS= ./configure" can be used when compiling Sophie. - PIDFILE added (/var/run/sophie.pid). Will simplify restart/shutdown of Sophie in scripts - Sophie now detaches properly from file descriptors and parent process group. This will prevent OpenSSH channels from being open when logging out. ------------------------------------------------------------------------ 16-Aug-2001 (Version 1.16) - Sophie checks for the file/dir existance before scanning (requested - implemented) ------------------------------------------------------------------------ 10-Aug-2001 (Version 1.15) - Small 'visual' change - socket path will now show up in output of "sophie -v" command ------------------------------------------------------------------------ 10-Aug-2001 (Version 1.14) - Sophie can process directories now (too many people were asking for this, I had to implement it :). If you supply a directory to Sophie, it will return when it finds the first virus. Keep in mind - Sophie still returns only virus name, not the filename which was infected. Also keep in mind that it is doing scanning recursively, and also keep in mind that I might have screwed up something when implementing that recursive function :) Test it please... Filename reporting might be added later, but I have to point this once again - I made Sophie because I wanted to *detect* viruses in mails (and analyze those mails later), not because I wanted to write a replacement for Sophos 'sweep' program which does all those nice things people keep asking for :) So - some features might need to wait, since I want to make sure Sophie works okay as it is now. - If invalid group was specified for sophie socket, and -D was used, error would show up only in syslog. Now, Sophie will complain to stderr as well. ------------------------------------------------------------------------ 08-Aug-2001 (Version 1.13) - Modified the way Sophie reads from the socket. Before, only one request (for file) would be processed (because I didn't need anything else :). Now, you can send more requests, as long as socket to Sophie is open. (requested by Rainer Link ) ------------------------------------------------------------------------ 07-Aug-2001 (Version 1.12) - Changed syslog defaults for different OSs (the facilities) ------------------------------------------------------------------------ 02-Aug-2001 (Version 1.11) - Added alarm() in order to catch processes that do not receive data (through the socket) during SOPHIE_TIMEOUT seconds. If no data is received, Sophie child will exit. ------------------------------------------------------------------------ 31-Jul-2001 - Portability fixes. Now seems to work just fine on Solaris and HP-UX. Tested: Solaris 7 (Sparc, gcc3), Solaris 8 (x86, gcc2), and HP-UX 10.20 (gcc2). - Started adding more error checking (on response from Sophos library). All error messages from swerror2.h will be included in 'human readable' format - just in case something goes wrong. ------------------------------------------------------------------------ 30-Jul-2001 - Signals now caught using sigaction() instead of signal. More portable, and much much more reliable (at least for me :) - Compiles/works on HP-UX 10.20 with GCC 2.95.3 - Socket on Linux group-owned by "mail" - Socket on Solaris/BSD group-owned by nobody" - Socket on HP-UX 10.20 group-owned by "daemon" - Increased SOPHIE_LISTEN_QUEUE and MAX_PROC values ------------------------------------------------------------------------ 29-Jul-2001 (Version 1.10) - Added "support" for 3 new configuration keywords/options, which can be found in Engine 2.5 "Vbe" (SOPHOS_VBE) "ExecFileDisinfection" (SOPHOS_EXEC_FILE_DISINFECTION) "VisioFileHandling" (SOPHOS_VISIO_FILE_HANDLING) ------------------------------------------------------------------------ 24-Jun-2001 (Version 1.9) - Changed SOPHIE_SOCKET_GROUP (in sophie.h) to 'mail' (was 'virge') - Modified the way processes are limited (suggested by Philipp Gaschütz (philipp -at corpex.de)) - Modified Makefile.in, so that sophie will be rebuilt if any changes are made to *.c files, and make is re-issued (til now, you had to 'make clean ; make' in order to rebuild sophie after making changes to sources) ------------------------------------------------------------------------ 18-May-2001 (Version 1.8) - Added REPORT_VIRUSNAME in sophie.h - if set to 1, virus name will be returned by Sophie - Updated sophie_core.c to fill in VIR_NAME variable with virus name - Updated perl sample app to print virus name (if returned by Sophie) ------------------------------------------------------------------------