From 5462d5d829a514890c0dca0c1a4a085c834b1cfd Mon Sep 17 00:00:00 2001
From: Janos SUTO <sj@acts.hu>
Date: Thu, 22 Aug 2024 19:52:02 +0200
Subject: [PATCH 1/3] Removed non-working clamd code

Signed-off-by: Janos SUTO <sj@acts.hu>
---
 README.md        |  1 -
 RELEASE_NOTES    |  5 ++++
 build/piler.conf |  1 -
 configure        | 35 ----------------------
 configure.in     | 28 ------------------
 cppcheck.sh      |  2 +-
 src/av.h         | 25 ----------------
 src/avir.c       | 21 --------------
 src/cfg.c        |  3 --
 src/cfg.h        |  4 ---
 src/clamd.c      | 75 ------------------------------------------------
 src/config.h     |  2 --
 src/dirs.c       |  4 ---
 src/piler.c      |  7 -----
 14 files changed, 6 insertions(+), 207 deletions(-)
 delete mode 100644 src/av.h
 delete mode 100644 src/avir.c
 delete mode 100644 src/clamd.c

diff --git a/README.md b/README.md
index 103a616e..de1079f0 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,6 @@ piler is an open source email archival application. Please visit https://www.mai
 Features:
 
 - built-in smtp server
-- clamd support
 - archival rules
 - retention rules
 - legal hold
diff --git a/RELEASE_NOTES b/RELEASE_NOTES
index 6bd6c6f0..f62d3f90 100644
--- a/RELEASE_NOTES
+++ b/RELEASE_NOTES
@@ -14,6 +14,8 @@
 
 - Display svg images in preview pane (#97)
 
+- Removed non-functioning clamd support
+  I suggest to run an anti-virus software on your MX
 
 
 1.4.6:
@@ -26,6 +28,9 @@
   Note that it requires real-time (rt) index. When using plain index,
   then no audit record is written
 
+  When using piler in docker, be sure to update /etc/piler/manticore.conf
+  to include the index audit1 {} block
+
 - Added support for path prefix, ie. when the archive can be accessed
   at https://example.com/archive/ (instead of using a dedicated hostname,
   eg. https://archive.example.com).
diff --git a/build/piler.conf b/build/piler.conf
index f3e18e41..45ecafc9 100644
--- a/build/piler.conf
+++ b/build/piler.conf
@@ -1,7 +1,6 @@
 archive_emails_not_having_message_id=0
 backlog=20
 cipher_list=ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
-clamd_socket=/var/run/clamav/clamd.ctl
 default_retention_days=2557
 enable_chunking=1
 enable_cjk=0
diff --git a/configure b/configure
index 32e1dac8..af8b2f92 100755
--- a/configure
+++ b/configure
@@ -654,7 +654,6 @@ CFGDIR
 MYSQL_CONFIG
 iv
 id_bin
-libclamav_extra_libs
 sql_obj
 sql_libs
 sql_includes
@@ -720,7 +719,6 @@ ac_user_opts='
 enable_option_checking
 enable_static_build
 enable_compat_layout
-enable_clamd
 enable_memcached
 enable_tweak_sent_time
 with_piler_user
@@ -1351,7 +1349,6 @@ Optional Features:
   --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
   --enable-static-build   build statically linked executables (default: dynamically linked)
   --enable-compat-layout  support for older storage layout (default: no)
-  --enable-clamd          build clamd antivirus support
   --enable-memcached      build memcached support
   --tweak-sent-time       tweak sent time
 
@@ -3566,12 +3563,8 @@ fi
 
 
 
-
-have_libclamav="no"
 have_libtool="no"
-have_clamd="no"
 
-have_antivirus="no"
 have_mysql="no"
 have_psql="no"
 have_tre="no"
@@ -3647,22 +3640,6 @@ fi
 
 
 
-
-
-# Check whether --enable-clamd was given.
-if test ${enable_clamd+y}
-then :
-  enableval=$enable_clamd; want_clamd=$enableval
-else $as_nop
-  want_clamd="no"
-fi
-
-   if test "$want_clamd" = "yes"; then
-      have_clamd="yes"
-      have_antivirus="yes"
-   fi
-
-
 # Check whether --enable-memcached was given.
 if test ${enable_memcached+y}
 then :
@@ -4517,12 +4494,6 @@ printf "%s\n" "#define HAVE_DAEMON 0" >>confdefs.h
    if test -x /usr/xpg4/bin/id; then id_bin="/usr/xpg4/bin/id"; fi
 fi
 
-
-if test "$have_clamd" = "yes" ; then
-   defs="$defs -DHAVE_ANTIVIRUS"
-   objs="$objs avir.o"
-fi
-
 echo; echo
 
 echo "run as user: $RUNNING_USER"
@@ -4569,12 +4540,6 @@ fi
 
 echo
 
-if test "$have_clamd" = "yes"; then
-   echo "clamd support: yes"
-   objs="$objs clamd.o"
-   defs="$defs -DHAVE_CLAMD"
-fi
-
 if test "$want_memcached" = "yes"; then
    echo "memcached support: yes"
    objs="$objs memc.o"
diff --git a/configure.in b/configure.in
index c0eb5470..225d5f74 100644
--- a/configure.in
+++ b/configure.in
@@ -27,15 +27,11 @@ AC_SUBST(MAKE)
 AC_SUBST(sql_includes)
 AC_SUBST(sql_libs)
 AC_SUBST(sql_obj)
-AC_SUBST(libclamav_extra_libs)
 AC_SUBST(id_bin)
 AC_SUBST(iv)
 
-have_libclamav="no"
 have_libtool="no"
-have_clamd="no"
 
-have_antivirus="no"
 have_mysql="no"
 have_psql="no"
 have_tre="no"
@@ -101,17 +97,6 @@ AC_ARG_ENABLE(compat-layout,
           [  --enable-compat-layout  support for older storage layout (default: no)], have_compat_storage_layout=$enableval, have_compat_storage_layout="no")
 
 
-dnl clamd
-
-
-AC_ARG_ENABLE(clamd,
-	[  --enable-clamd          build clamd antivirus support], want_clamd=$enableval, want_clamd="no")
-   if test "$want_clamd" = "yes"; then
-      have_clamd="yes"
-      have_antivirus="yes"
-   fi
-
-
 AC_ARG_ENABLE(memcached,
         [  --enable-memcached      build memcached support], want_memcached=$enableval, want_memcached="no")
 
@@ -326,13 +311,6 @@ if test "$os" = "SunOS"; then
    if test -x /usr/xpg4/bin/id; then id_bin="/usr/xpg4/bin/id"; fi
 fi
 
-dnl whether we have antivirus support
-
-if test "$have_clamd" = "yes" ; then
-   defs="$defs -DHAVE_ANTIVIRUS"
-   objs="$objs avir.o"
-fi
-
 echo; echo
 
 echo "run as user: $RUNNING_USER"
@@ -375,12 +353,6 @@ fi
 
 echo
 
-if test "$have_clamd" = "yes"; then
-   echo "clamd support: yes"
-   objs="$objs clamd.o"
-   defs="$defs -DHAVE_CLAMD"
-fi
-
 if test "$want_memcached" = "yes"; then
    echo "memcached support: yes"
    objs="$objs memc.o"
diff --git a/cppcheck.sh b/cppcheck.sh
index 88794857..f5105267 100755
--- a/cppcheck.sh
+++ b/cppcheck.sh
@@ -4,4 +4,4 @@ set -o nounset
 set -o errexit
 set -o pipefail
 
-cppcheck -DHAVE_PDFTOTEXT -DHAVE_PPTHTML -DHAVE_TNEF -DHAVE_UNRTF -DHAVE_XLS2CSV -DHAVE_CATPPT -DHAVE_CATDOC -DHAVE_ZIP -D_GNU_SOURCE -DHAVE_DAEMON -DHAVE_TRE -DHAVE_CLAMD -DHAVE_LIBCLAMAV -DNEED_MYSQL --error-exitcode=1 --enable=all --suppressions-list=suppressions.txt --force src/ unit_tests/
+cppcheck -DHAVE_PDFTOTEXT -DHAVE_PPTHTML -DHAVE_TNEF -DHAVE_UNRTF -DHAVE_XLS2CSV -DHAVE_CATPPT -DHAVE_CATDOC -DHAVE_ZIP -D_GNU_SOURCE -DHAVE_DAEMON -DHAVE_TRE -DNEED_MYSQL --error-exitcode=1 --enable=all --suppressions-list=suppressions.txt --force src/ unit_tests/
diff --git a/src/av.h b/src/av.h
deleted file mode 100644
index 883e4ff7..00000000
--- a/src/av.h
+++ /dev/null
@@ -1,25 +0,0 @@
-/*
- * av.h, SJ
- */
-
-#ifndef _AV_H
- #define _AV_H
-
-#include "defs.h"
-#include "cfg.h"
-
-
-#define AV_OK 200
-#define AV_VIRUS 403
-#define AV_ERROR 501
-
-
-// clamd stuff
-
-#define CLAMD_RESP_CLEAN "OK"
-#define CLAMD_RESP_INFECTED "FOUND"
-#define CLAMD_RESP_ERROR "ERROR"
-
-int clamd_scan(char *tmpfile, struct config *cfg);
-
-#endif /* _AV_H */
diff --git a/src/avir.c b/src/avir.c
deleted file mode 100644
index 4bc29349..00000000
--- a/src/avir.c
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
- * avir.c, SJ
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <sys/time.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <piler.h>
-
-
-int do_av_check(char *filename, struct config *cfg){
-   int rav = AVIR_OK;
-
-   if(clamd_scan(filename, cfg) == AV_VIRUS) rav = AVIR_VIRUS;
-
-   if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: done virus scanning", filename);
-
-   return rav;
-}
diff --git a/src/cfg.c b/src/cfg.c
index 95a9635a..86e4c18a 100644
--- a/src/cfg.c
+++ b/src/cfg.c
@@ -50,9 +50,6 @@ struct _parse_rule config_parse_rules[] =
    { "backlog", "integer", (void*) int_parser, offsetof(struct config, backlog), "20", sizeof(int)},
    { "check_for_client_timeout_interval", "integer", (void*) int_parser, offsetof(struct config, check_for_client_timeout_interval), "20", sizeof(int)},
    { "cipher_list", "string", (void*) string_parser, offsetof(struct config, cipher_list), "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS", MAXVAL-1},
-   { "clamd_addr", "string", (void*) string_parser, offsetof(struct config, clamd_addr), "", MAXVAL-1},
-   { "clamd_port", "integer", (void*) int_parser, offsetof(struct config, clamd_port), "0", sizeof(int)},
-   { "clamd_socket", "string", (void*) string_parser, offsetof(struct config, clamd_socket), CLAMD_SOCKET, MAXVAL-1},
    { "debug", "integer", (void*) int_parser, offsetof(struct config, debug), "0", sizeof(int)},
    { "default_retention_days", "integer", (void*) int_parser, offsetof(struct config, default_retention_days), "2557", sizeof(int)},
    { "enable_chunking", "integer", (void*) int_parser, offsetof(struct config, enable_chunking), "0", sizeof(int)},
diff --git a/src/cfg.h b/src/cfg.h
index 067b4f61..eb5220c9 100644
--- a/src/cfg.h
+++ b/src/cfg.h
@@ -19,10 +19,6 @@ struct config {
    char listen_addr[MAXVAL];
    int listen_port;
 
-   char clamd_addr[MAXVAL];
-   int clamd_port;
-   char clamd_socket[MAXVAL];
-
    int encrypt_messages;
 
    int enable_chunking;
diff --git a/src/clamd.c b/src/clamd.c
deleted file mode 100644
index 07b4a15b..00000000
--- a/src/clamd.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * clamd.c, SJ
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <strings.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <netdb.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <piler.h>
-
-
-int clamd_scan(char *tmpfile, struct config *cfg){
-   int s, n;
-   char buf[MAXBUFSIZE], scan_cmd[SMALLBUFSIZE];
-   struct sockaddr_un server;
-
-   chmod(tmpfile, 0644);
-
-   strcpy(server.sun_path, cfg->clamd_socket);
-   server.sun_family = AF_UNIX;
-
-   if((s = socket(AF_UNIX, SOCK_STREAM, 0)) == -1){
-      syslog(LOG_PRIORITY, "ERR: create socket to %s", cfg->clamd_socket);
-      return AV_ERROR;
-   }
-
-   if(connect(s, (struct sockaddr *)&server, strlen(server.sun_path) + sizeof (server.sun_family)) == -1){
-      syslog(LOG_PRIORITY, "CLAMD ERR: connect to %s", cfg->clamd_socket);
-      return AV_ERROR;
-   }
-
-
-   /* issue the SCAN command with full path to the temporary directory */
-
-
-   memset(scan_cmd, 0, SMALLBUFSIZE);
-   snprintf(scan_cmd, SMALLBUFSIZE-1, "SCAN %s/%s\r\n", cfg->workdir, tmpfile);
-
-   if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: CLAMD CMD: %s", tmpfile, scan_cmd);
-
-   send(s, scan_cmd, strlen(scan_cmd), 0);
-
-   /* read CLAMD's answers */
-
-   n = recvtimeout(s, buf, MAXBUFSIZE, TIMEOUT);
-
-   close(s);
-
-   if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: CLAMD DEBUG: %d %s", tmpfile, n, buf);
-
-   if(strcasestr(buf, CLAMD_RESP_INFECTED)){
-      char *p = strchr(buf, ' ');
-      if(p){
-         char *q = strrchr(p, ' ');
-         if(q){
-            *q = '\0';
-            p++;
-            syslog(LOG_PRIORITY, "%s: VIRUS <%s> found, status=%s", tmpfile, p, S_STATUS_DISCARDED);
-         }
-      }
-
-      return AV_VIRUS;
-   }
-
-   return AV_OK;
-}
diff --git a/src/config.h b/src/config.h
index 4bec7d93..56ae7364 100644
--- a/src/config.h
+++ b/src/config.h
@@ -19,8 +19,6 @@ typedef unsigned long long uint64;
 #define QUEUE_DIR DATADIR "/piler/store"
 #define ERROR_DIR DATADIR "/piler/error"
 
-#define CLAMD_SOCKET "/tmp/clamd"
-
 #define PIDFILE "/var/run/piler/piler.pid"
 #define QUARANTINELEN 255
 #define TIMEOUT 60
diff --git a/src/dirs.c b/src/dirs.c
index 6803c1b0..01098a1d 100644
--- a/src/dirs.c
+++ b/src/dirs.c
@@ -61,11 +61,7 @@ void check_and_create_directories(struct config *cfg){
 
    for(i=0; i<cfg->number_of_worker_processes; i++){
       snprintf(s, sizeof(s)-1, "%s/%d", cfg->workdir, i);
-   #ifdef HAVE_ANTIVIRUS
-      createdir(s, 0711);
-   #else
       createdir(s, 0700);
-   #endif
    }
 
 }
diff --git a/src/piler.c b/src/piler.c
index 735967c9..655b1146 100644
--- a/src/piler.c
+++ b/src/piler.c
@@ -152,13 +152,6 @@ int process_email(char *filename, struct session_data *sdata, struct data *data,
 
    bzero(&counters, sizeof(counters));
 
-#ifdef HAVE_ANTIVIRUS
-   if(do_av_check(filename, cfg) == AVIR_VIRUS){
-      unlink(filename);
-      return OK;
-   }
-#endif
-
    init_session_data(sdata, cfg);
 
    sdata->tot_len = size;

From 5738b424a478402d803aa46fc349b2d999daede5 Mon Sep 17 00:00:00 2001
From: Janos SUTO <sj@acts.hu>
Date: Thu, 22 Aug 2024 19:58:06 +0200
Subject: [PATCH 2/3] Fixed piler.h

Signed-off-by: Janos SUTO <sj@acts.hu>
---
 src/piler.h | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/piler.h b/src/piler.h
index 758a9b2b..eab96ab0 100644
--- a/src/piler.h
+++ b/src/piler.h
@@ -15,7 +15,6 @@
 #include <defs.h>
 #include <tai.h>
 #include <sig.h>
-#include <av.h>
 #include <rules.h>
 #include <screen.h>
 #include <sql.h>
@@ -33,8 +32,6 @@ void insert_offset(struct session_data *sdata, int server_id);
 
 void tear_down_client(int n);
 
-int do_av_check(char *filename, struct config *cfg);
-
 int make_digests(struct session_data *sdata, struct config *cfg);
 void digest_file(char *filename, char *digest);
 void digest_string(char *digestname, char *s, char *digest);

From 812c3f0cad93452536a2238fce8e7b60daad4053 Mon Sep 17 00:00:00 2001
From: Janos SUTO <sj@acts.hu>
Date: Thu, 22 Aug 2024 20:00:17 +0200
Subject: [PATCH 3/3] Fixed Makefile.in

Signed-off-by: Janos SUTO <sj@acts.hu>
---
 src/Makefile.in | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/Makefile.in b/src/Makefile.in
index 6eed82b8..f89e465c 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -38,7 +38,7 @@ install: install-piler
 
 
 piler: piler.c libpiler.a
-	$(CC) $(CFLAGS) $(INCDIR) $(DEFS) -o $@ $< -lpiler $(LIBS) $(LIBDIR) @LDFLAGS@ @libclamav_extra_libs@
+	$(CC) $(CFLAGS) $(INCDIR) $(DEFS) -o $@ $< -lpiler $(LIBS) $(LIBDIR) @LDFLAGS@
 
 libpiler.a: $(OBJS) $(SQL_OBJS)
 	ar cr libpiler.a $(OBJS) $(SQL_OBJS)
@@ -100,4 +100,3 @@ clean:
 
 distclean: clean
 	rm -f Makefile
-