''' sophie module, version 0.1 (c) 2003 Jan ONDREJ (SAL) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. ''' from avlib import * import socket,re __all__=['sophie','trophie'] class sophie(ascanner): ''' Sophie realscanner. This scanners is a realscanner, which can be used to scan for viruses. Sophie uses sophos libsavi. It can also be used for Trophie with TrendMicro antivirus scanner. If you need a chrooted sophie, copy it into chroot and start it from here. Do not forget to update it's chrooted database. Usage: sophie(sophie_socket,chroot_path='') Where: sophie_socket is a filename to sophie via UNIX socket chroot_path is a path, which you need to add (may be the same as your CHROOT, if you are using sagator in chroot and sophie not) ''' name='sophie()' def __init__(self,scanner,chroot_path=''): self.scanner=scanner self.chroot=chroot_path def scanfile(self,files,dir='',args={}): level=0.0 detected='' virlist=[] s=socket.socket(socket.AF_UNIX,socket.SOCK_STREAM) socket_settimeout(s,120) s.connect(self.scanner) for fname in files: s.sendall(self.chroot+fname+'\n') ret=s.recv(256) debug.echo(4,self.name+': ',ret) if ret!='0': reg=re.search('^(-?[0-9]+):(.*)$',ret) if reg.group(1)=="1": level+=1.0 virlist.append(fname+': '+reg.group(2)+'\n') if detected=='': detected=reg.group(2) if reg.group(1)=="-1": raise ScannerError,reg.group(2) return level,detected,virlist class trophie(sophie): ''' Trophie realscanner. It is an alias for sophie. See sophie documentation. ''' name='trophie()'