911106dfb16696472af8c1b7b4c554a829354fa8jm * CDDL HEADER START
911106dfb16696472af8c1b7b4c554a829354fa8jm * The contents of this file are subject to the terms of the
911106dfb16696472af8c1b7b4c554a829354fa8jm * Common Development and Distribution License (the "License").
911106dfb16696472af8c1b7b4c554a829354fa8jm * You may not use this file except in compliance with the License.
911106dfb16696472af8c1b7b4c554a829354fa8jm * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
911106dfb16696472af8c1b7b4c554a829354fa8jm * See the License for the specific language governing permissions
911106dfb16696472af8c1b7b4c554a829354fa8jm * and limitations under the License.
911106dfb16696472af8c1b7b4c554a829354fa8jm * When distributing Covered Code, include this CDDL HEADER in each
911106dfb16696472af8c1b7b4c554a829354fa8jm * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
911106dfb16696472af8c1b7b4c554a829354fa8jm * If applicable, add the following below this CDDL HEADER, with the
911106dfb16696472af8c1b7b4c554a829354fa8jm * fields enclosed by brackets "[]" replaced with your own identifying
911106dfb16696472af8c1b7b4c554a829354fa8jm * information: Portions Copyright [yyyy] [name of copyright owner]
911106dfb16696472af8c1b7b4c554a829354fa8jm * CDDL HEADER END
911106dfb16696472af8c1b7b4c554a829354fa8jm * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
911106dfb16696472af8c1b7b4c554a829354fa8jm * Use is subject to license terms.
911106dfb16696472af8c1b7b4c554a829354fa8jm * PRIVATE header file for the icap client vs_icap.c
911106dfb16696472af8c1b7b4c554a829354fa8jm#pragma ident "%Z%%M% %I% %E% SMI"
911106dfb16696472af8c1b7b4c554a829354fa8jmextern "C" {
911106dfb16696472af8c1b7b4c554a829354fa8jm/* macros */
911106dfb16696472af8c1b7b4c554a829354fa8jm/* max sizes for vs_options_t */
911106dfb16696472af8c1b7b4c554a829354fa8jm#define VS_BUF_SZ 4096 /* keep this a power-of-two value. */
911106dfb16696472af8c1b7b4c554a829354fa8jm#define VS_HDR_SZ 8 /* > length of VS_BUF_SZ in hex + 2 for \r\n */
911106dfb16696472af8c1b7b4c554a829354fa8jm#define VS_ENCAP_SZ 64 /* space reserved in header for encap offsets */
911106dfb16696472af8c1b7b4c554a829354fa8jm * The Symantec ICAP server REQUIRES the "avscan" resource name
911106dfb16696472af8c1b7b4c554a829354fa8jm * after the IP address in the OPTIONS and RESPMOD requests
911106dfb16696472af8c1b7b4c554a829354fa8jm * This is ignored by the other ICAP servers.
911106dfb16696472af8c1b7b4c554a829354fa8jm/* infection/violation record processing */
911106dfb16696472af8c1b7b4c554a829354fa8jm/* previewing files */
911106dfb16696472af8c1b7b4c554a829354fa8jm/* defines which files types should be previewed */
911106dfb16696472af8c1b7b4c554a829354fa8jmtypedef enum {
911106dfb16696472af8c1b7b4c554a829354fa8jm VS_PREVIEW_NONE, /* preview no files, transfer all complete */
911106dfb16696472af8c1b7b4c554a829354fa8jm VS_PREVIEW_LIST, /* preview only files of listed types */
911106dfb16696472af8c1b7b4c554a829354fa8jm VS_PREVIEW_EXCEPT /* preview all files except listed types */
911106dfb16696472af8c1b7b4c554a829354fa8jm/* valid ICAP response codes */
911106dfb16696472af8c1b7b4c554a829354fa8jmtypedef enum {
911106dfb16696472af8c1b7b4c554a829354fa8jm VS_RESP_FORBIDDEN = 403, /* virus found but not repairable */
911106dfb16696472af8c1b7b4c554a829354fa8jm VS_RESP_SERV_UNAVAIL = 503, /* service unavailable or overloaded */
911106dfb16696472af8c1b7b4c554a829354fa8jm /* Symantec additions - not ICAP standard */
911106dfb16696472af8c1b7b4c554a829354fa8jm /* all else */
911106dfb16696472af8c1b7b4c554a829354fa8jm/* the ICAP OPTIONS HEADERS used by NAS AVA */
911106dfb16696472af8c1b7b4c554a829354fa8jmtypedef enum {
911106dfb16696472af8c1b7b4c554a829354fa8jm * the ICAP RESPMOD RESPONSE HEADERS used by NAS AVA
911106dfb16696472af8c1b7b4c554a829354fa8jm * Do NOT change the order of:
911106dfb16696472af8c1b7b4c554a829354fa8jm * VS_RESP_X_VIRUS_ID, VS_RESP_X_INFECTION, VS_RESP_X_VIOLATIONS
911106dfb16696472af8c1b7b4c554a829354fa8jm * Virus data saved from any one of these headers may be replaced
911106dfb16696472af8c1b7b4c554a829354fa8jm * with data found in a preferable header (one with more info).
911106dfb16696472af8c1b7b4c554a829354fa8jm * They are listed in order of preference.
911106dfb16696472af8c1b7b4c554a829354fa8jmtypedef enum {
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_options_t
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_impl.c manages an array of vs_options_t, one per scan engine.
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_options_t is used to store the scan engine configuration info
911106dfb16696472af8c1b7b4c554a829354fa8jm * returned from the scan engine in the ICAP OPTIONS RESPONSE.
911106dfb16696472af8c1b7b4c554a829354fa8jm * This information is then used to determine how to communicate with
911106dfb16696472af8c1b7b4c554a829354fa8jm * the scan engines (eg which files to preview), when to resend the
911106dfb16696472af8c1b7b4c554a829354fa8jm * ICAP OPTIONS REQUEST, and the istag is used as the scanstamp of
911106dfb16696472af8c1b7b4c554a829354fa8jm * the file. The istag is also returned in the ICAP RESPMOD RESPONSE
911106dfb16696472af8c1b7b4c554a829354fa8jm * and is used to update the stored one if it has changed.
911106dfb16696472af8c1b7b4c554a829354fa8jm /* host & port used to detect config changes */
911106dfb16696472af8c1b7b4c554a829354fa8jm /* configuration options returned from scan engine */
911106dfb16696472af8c1b7b4c554a829354fa8jm char vso_defninfo[VS_DEFN_SZ]; /* virus definition info */
911106dfb16696472af8c1b7b4c554a829354fa8jm char vso_service[VS_SERVICE_SZ]; /* name of SE service */
911106dfb16696472af8c1b7b4c554a829354fa8jm vs_preview_t vso_xfer_how; /* transfer preview or complete */
911106dfb16696472af8c1b7b4c554a829354fa8jm iovec_t *vso_xfer_preview; /* file exts supporting preview */
911106dfb16696472af8c1b7b4c554a829354fa8jm iovec_t *vso_xfer_complete; /* file exts to be sent complete */
911106dfb16696472af8c1b7b4c554a829354fa8jm time_t vso_req_time; /* time when option was last sent */
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_info_t
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_info_t is part of the context created for each scan engine request.
911106dfb16696472af8c1b7b4c554a829354fa8jm * It contains send/recv buffers and other temporary storage required
911106dfb16696472af8c1b7b4c554a829354fa8jm * during the processing of the request/response.
911106dfb16696472af8c1b7b4c554a829354fa8jm * threat_hdr_t defines from which header the virus information was
911106dfb16696472af8c1b7b4c554a829354fa8jm * obtained. This is used to determine whether to overwrite existing
911106dfb16696472af8c1b7b4c554a829354fa8jm * info if a 'better' header is found.
911106dfb16696472af8c1b7b4c554a829354fa8jm /* response header information */
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_scan_ctx_t
911106dfb16696472af8c1b7b4c554a829354fa8jm * A vs_scan_ctx_t is created for each scan request. It will contain
911106dfb16696472af8c1b7b4c554a829354fa8jm * everything that is needed to process the scan request and return
911106dfb16696472af8c1b7b4c554a829354fa8jm * the response to the caller.
911106dfb16696472af8c1b7b4c554a829354fa8jm * - engine connection information used to identify which scan engine
911106dfb16696472af8c1b7b4c554a829354fa8jm * the request is being sent to,
911106dfb16696472af8c1b7b4c554a829354fa8jm * - information about the file being scanned,
911106dfb16696472af8c1b7b4c554a829354fa8jm * - a place to store information about the file that will be created
911106dfb16696472af8c1b7b4c554a829354fa8jm * to hold cleaned data if the scan engine detects an infection
911106dfb16696472af8c1b7b4c554a829354fa8jm * and returns a cleaned version of the file,
911106dfb16696472af8c1b7b4c554a829354fa8jm * - a copy of the vs_options_t for the scan engine. This allows the
911106dfb16696472af8c1b7b4c554a829354fa8jm * NAS AVA scan engine connection parameters to be reconfigured without
911106dfb16696472af8c1b7b4c554a829354fa8jm * affecting any in-progress requests,
911106dfb16696472af8c1b7b4c554a829354fa8jm * - a vs_info_t - the temporary storage needed to process the request,
911106dfb16696472af8c1b7b4c554a829354fa8jm * - a vs_result_t - a place to store the scan result information to be
911106dfb16696472af8c1b7b4c554a829354fa8jm * returned to the caller.
911106dfb16696472af8c1b7b4c554a829354fa8jm /* scan engine idx and connection info */
911106dfb16696472af8c1b7b4c554a829354fa8jm /* info about file to be scanned */
911106dfb16696472af8c1b7b4c554a829354fa8jm /* file to hold repaired data */
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_icap_hdr_t
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_icap.c defines tables of handlers for each ICAP OPTIONS RESPONSE HEADER
911106dfb16696472af8c1b7b4c554a829354fa8jm * and each ICAP RESPMOD RESPONSE HEADER which NAS AVA uses.
911106dfb16696472af8c1b7b4c554a829354fa8jm * Each entry in these tables is an vs_hdr_t.
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_resp_msg_t
911106dfb16696472af8c1b7b4c554a829354fa8jm * vs_icap.c defines a table mapping ICAP response code values to text strings.
911106dfb16696472af8c1b7b4c554a829354fa8jm * Each entry in this tables is a vs_resp_msg_t.
911106dfb16696472af8c1b7b4c554a829354fa8jm#endif /* _VS_ICAP_H_ */