Mailing List Archive: ClamAV: win32

w32.clamav.net

1 2

View All

Index | Next | Previous | View Threaded

dave-usenet at djwcomputers

Sep 15, 2006, 5:01 PM

Post #26 of 47 (5041 views)
Permalink

Re: w32.clamav.net [In reply to]

In message <450AD7F0.3010107 [at] bandsman> Nigel Horne
<njh [at] bandsman> wrote:

>You *should* be able to call freshclam from time to time with the
>Windows XP scheduler, however it is true that I need to get the daemon
>mode working, or modify the Windows service program to call freshclam
>from time to time.

If you modify the Windows service to do it, please make it optional -- I
like having control over freshclam myself.
--
Dave Warren,
MSN Instant Messenger: dave [at] djwcomputers
Phone: (204) 480-8407 Toll free: (888) 371-3470
Fax: (204) 283-6028

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

clamav-win32 at subscriptions

Sep 16, 2006, 5:21 AM

Post #27 of 47 (5053 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

On Friday, September 15, 2006 at 9:42 AM, Nigel Horne wrote:

> > 1) Can you describe the tool-chain you are working with on
windows?
> Visual Studio 2005
>
> > What external packages/libraries have been configured and how were
they
> > built, where are they stored, etc?
>
> pthread-win32

A small list, great!

You are apparently not using the pre-built library distribution since
you are currently shipping statically linked code.

> > 2) It seems that the binary files in the current clamAV.msi were
built
> > without "SUPPORT FOR DIGITAL SIGNATURES", since freshclam reports
this.
> > What are the issues and plans in this area? Can I help?
>
> I am yet to add GMP to the project. It is on my TODO list. You can
help
> by pointing me in the direction of the correct source version to use,
I
> hear that some are better than others ;-)

I seem to have worked out a recipe for this. I'll document it and send
it along.

> > 3) Are the files generated in when building clamAV.msi, merely
built
> > from the latest files from cvs.clamav.net?
>
> Yes, but you need the patches in contrib since not all developers have
> included fixes in their code. You'll also need .vcproj files which I
can
> send you - I haven't bothered to commit them to CVS.

Please send them (or commit them to CVS). Thanks. Please also include
how you structure your directory tree (or Visual Studio configuration)
as to how the external libraries and include files are referenced.
Also, please describe how you apply the patch to the code from CVS
(cygwin maybe?).

> > 4) freshclam running at the start of the ClamAV service is nice,
but
> > I'd really hope that the system running ClamAV wouldn't reboot or
> > restart the ClamaAV service very often. Meanwhile, there have been
> > virusdb updates for the last few days which have ranged from a
minimum
> > of 4 up to 8 times per day, so clearly continuously running
freshclam is
> > desirable. What are your plans regarding getting both clamd and
> > freshclam running in the background? Can I help?
>
> You *should* be able to call freshclam from time to time with the
> Windows XP scheduler, however it is true that I need to get the daemon
> mode working, or modify the Windows service program to call freshclam
> from time to time.

Hmm... Since your existing service merely runs the base clamd or
freshclam executable in another process, it would seem you could avoid
recreating the scheduling issues already included in freshclam by
starting the separate process as "%clamavpath%\freshclam.exe --daemon",
with the freshclam.conf Foreground set to True. A remaining issue would
be how gracefully to stop the freshclam process. A windows API is
available which is equivalent to "kill -INT". This API is:
GenerateConsoleCtrlEvent(CTRL_C_EVENT, dwProcessId);

I'm not sure why running the existing freshclam with the --daemon
argument doesn't run continuously right now (even when invoked from the
command line). I get the expected behavior when I run a cygwin version
of freshclam with the same arguments and freshclam.conf Foreground set
to true. I'll explore this when I can build what is running..

Meanwhile, I notice via network traces and examining
contrib/Windows/Projects/clamAV/patches that freshclam is not currently
doing DNS queries to get database version information. The attached
patch provides this functionality on windows.

- Mark Pizzolato

Attachments:

clamav-devel-20060915.win32dns.patch.txt (3.24 KB)

njh at bandsman

Sep 17, 2006, 3:43 AM

Post #28 of 47 (5047 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

> Meanwhile, I notice via network traces and examining
> contrib/Windows/Projects/clamAV/patches that freshclam is not currently
> doing DNS queries to get database version information. The attached
> patch provides this functionality on windows.

Looks good. I needed to add

#include "shared/memory.h"
#include "shared/output.h"

to remove some warnings, and

#ifdef _MSC_VER
#include <winsock.h>
#endif

at the top to get it to compile.

I will pass the patch on to the author of freshclam for
his approval and subsequent inclusion of the patch in freshclam.
>
> - Mark Pizzolato

-Nigel
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

clamav-win32 at subscriptions

Sep 17, 2006, 6:38 AM

Post #29 of 47 (5052 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

On Sunday, September 17, 2006 at 3:43 AM Nigel Horne wrote:

> Looks good. I needed to add
>
> #include "shared/memory.h"
> #include "shared/output.h"
>
> to remove some warnings, and
>
> #ifdef _MSC_VER
> #include <winsock.h>
> #endif
>
> at the top to get it to compile.

Sorry about the extra work to compile. I don't yet have a build
environment that works on windows... hint hint.

I don't understand the need for the winsock.h reference in dns.c. I can
cleanly compile the block of code contained in the #elif
defined(C_WINDOWS) #else block without the need for winsock.h.

Thanks for passing this along.

- Mark Pizzolato

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

njh at bandsman

Sep 17, 2006, 7:54 AM

Post #30 of 47 (5051 views)
Permalink

Re: Re: w32.clamav.net [In reply to]

clamav-win32 [at] subscriptions wrote:

> Sorry about the extra work to compile. I don't yet have a build
> environment that works on windows... hint hint.

I have added libclamav/*vcproj to CVS. Please check it, if that all
seems OK I'll add the others.

> - Mark Pizzolato

-Nigel

--
Nigel Horne. Arranger, Adjudicator, Band Trainer, Composer, Tutor,
Typesetter.
NJH Music, Barnsley, UK. ICQ#20252325
njh [at] bandsman http://www.bandsman.co.uk

njh at bandsman

Sep 18, 2006, 6:38 AM

Post #31 of 47 (5024 views)
Permalink

Re: Re: w32.clamav.net [In reply to]

clamav-win32 [at] subscriptions wrote:
> In any case, some folks have already
> reported issues with the mmap() implementation by reporting error
> messages which match the ones implemented in the
> contrib/Windows/Projects/ClamAV/libclamav/compat.c code. The attached
> patch fixes mmap() to support multiple concurrent mmap() calls, and
> provides fixes which will work for both the mmap and readdir code when
> compiled for a 64bit OS environment if that ever happens.

Thanks for these patches. I am testing them now, and if all looks fine
I'll upload to w32.clamav.net later today.

njh at bandsman

Sep 18, 2006, 12:10 PM

Post #32 of 47 (5037 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

> 4) freshclam running at the start of the ClamAV service is nice, but
> I'd really hope that the system running ClamAV wouldn't reboot or
> restart the ClamaAV service very often. Meanwhile, there have been
> virusdb updates for the last few days which have ranged from a minimum
> of 4 up to 8 times per day, so clearly continuously running freshclam is
> desirable. What are your plans regarding getting both clamd and
> freshclam running in the background?

The latest freshclam now supports the --daemon mode, and the latest
PowerTools from www.bandsman.co.uk/clamav.htm make use of this facility.

-Nigel
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

njh at bandsman

Sep 18, 2006, 2:33 PM

Post #33 of 47 (5036 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

> >> 3) What's the correct way to specify paths in the conf files?
> Since the
> >> default installation is at "C:\Program Files\clamd" I decided to stick
> >> with that, but when I attempt to enter that into a conf file, it gives
> >> me "C:\Program" -- I've tried with and without quotes.
> >>
> >> C:\Progra~1 seems to work, but I wouldn't rely on that as there is no
> >> guarantee that all systems will use ~1
> >
> >You can't enter the location of a configuration file in that file
> >itself. Think about it - it's a paradox. You need to give the
> >configuration file's location as an argument to clamd, thus to use
> >the D drive try:
> > clamd -c "D:\Program Files\clamAV\conf\clamd.conf"
>
> No, I understand that -- But if nothing else, freshclam.conf's
> notifyclam directive needs the path\filename of the clamd.conf file as
> the default is not set.
>
> >There is a known limitation in clamd.conf (and freshclam.conf) that you
> >can't specify spaces in pathnames, e.g. to change the location of the
> >log files. This is true of all operating systems, since it is a clamd
> >issue rather than an issue on the Windows version. You can raise the
> >issue either by discussing it on the clamav-users mailing list, or by
> >raising a bug at bugs [at] clamav
>
> Ahh, interesting thanks, I'll post there. Perhaps until that bug is
> resolved, a different default installation path would be appropriate?

The latest version from w32.clamav.net or www.bandsman.co.uk/clamav.hmt
should now support spaces in pathnames with quotes, e.g.:

LogFile "C:\Program Files\clamAV\log\clamd.log"

> Dave Warren,

-Nigel Horne

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

dave-usenet at djwcomputers

Sep 18, 2006, 10:28 PM

Post #34 of 47 (5014 views)
Permalink

Re: w32.clamav.net [In reply to]

In message <JJELLMKCFCEGOKNBAFEJIENJCCAA.njh [at] bandsman> "Nigel
Horne" <njh [at] bandsman> wrote:

>The latest version from w32.clamav.net or www.bandsman.co.uk/clamav.hmt
>should now support spaces in pathnames with quotes, e.g.:
>
>LogFile "C:\Program Files\clamAV\log\clamd.log"

Awesome, thanks!
--
Dave Warren,
MSN Instant Messenger: dave [at] djwcomputers
Phone: (204) 480-8407 Toll free: (888) 371-3470
Fax: (204) 283-6028

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

iprat at sapse

Sep 19, 2006, 4:40 AM

Post #35 of 47 (5020 views)
Permalink

Re: w32.clamav.net [In reply to]

Hi Nigel.

Testing 2006-09-18 build I encountered three things that I think I
should mention:

1) Freshclam still gives always "WARNING: Invalid DNS reply. Falling
back to HTTP mode." I assume you are still working on the dns patch for
freshclam.

2) Clamd and clamscan always claim database is older than 7 days when
freshclam does not update database (because it is up to date) just after
a fresh install. This is not a problem, just a cosmetic issue that is
automatically solved the first time freshclam needs to update database.
In my case I just deleted files in data and called freshclam and after
that all was fine.

3) Clamd is never notified by freshclam, because it claims: [.WARNING:
Clamd was NOT notified: Can't find or parse configuration file "C:\Prog
ram]. In readme says this message means daily and main are not in
documents and settings �? what relation has this which clamd being
notified ?

Good job Nigel, freshclam --daemon works fine here :D

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

njh at bandsman

Sep 20, 2006, 6:39 AM

Post #36 of 47 (4999 views)
Permalink

Re: Re: w32.clamav.net [In reply to]

Ignasi Prat wrote:
> Hi Nigel.
>
> Testing 2006-09-18 build I encountered three things that I think I
> should mention:
>
> 1) Freshclam still gives always "WARNING: Invalid DNS reply. Falling
> back to HTTP mode." I assume you are still working on the dns patch for
> freshclam.

Mark has sent a fix to his patch which I'll test and upload ASAP.
>
> 2) Clamd and clamscan always claim database is older than 7 days when
> freshclam does not update database (because it is up to date) just after
> a fresh install. This is not a problem, just a cosmetic issue that is
> automatically solved the first time freshclam needs to update database.
> In my case I just deleted files in data and called freshclam and after
> that all was fine.

That's because I don't always put the latest signatures in to the
distribution file.

> 3) Clamd is never notified by freshclam, because it claims: [.WARNING:
> Clamd was NOT notified: Can't find or parse configuration file "C:\Prog
> ram]. In readme says this message means daily and main are not in
> documents and settings �? what relation has this which clamd being
> notified ?

That is a bug in freshclam. The bug is not Windows specific.

> Good job Nigel, freshclam --daemon works fine here :D

Thanks ;-)

-Nigel

iprat at sapse

Sep 20, 2006, 8:24 AM

Post #37 of 47 (5000 views)
Permalink

Re: w32.clamav.net [In reply to]

Al 20/09/2006 15:39, En/na Nigel Horne ha escrit:
>> 1) Freshclam still gives always "WARNING: Invalid DNS reply. Falling
>> back to HTTP mode." I assume you are still working on the dns patch
>> for freshclam.
>
> Mark has sent a fix to his patch which I'll test and upload ASAP.
>>
Tested and working here.
>> 2) Clamd and clamscan always claim database is older than 7 days when
>> freshclam does not update database (because it is up to date) just
>> after a fresh install. This is not a problem, just a cosmetic issue
>> that is automatically solved the first time freshclam needs to update
>> database. In my case I just deleted files in data and called freshclam
>> and after that all was fine.
>
> That's because I don't always put the latest signatures in to the
> distribution file.
>
Don't worry about that, just executing freshclam after installing solves
the problem as you say.
>> 3) Clamd is never notified by freshclam, because it claims: [.WARNING:
>> Clamd was NOT notified: Can't find or parse configuration file "C:\Prog
>> ram]. In readme says this message means daily and main are not in
>> documents and settings �? what relation has this which clamd being
>> notified ?
>
> That is a bug in freshclam. The bug is not Windows specific.
>
Well, but it seems to be solved with today's build, look what it says
that after an update:

C:\Program Files\clamAV>freshclam
ClamAV update process started at Wed Sep 20 17:15:25 2006
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
See the FAQ at http://www.clamav.net/faq.html for an explanation.
main.cvd is up to date (version: 40, sigs: 64138, f-level: 8, builder:
tkojm)
Downloading daily-1910.cdiff [100%]
daily.cvd updated (version: 1910, sigs: 6066, f-level: 8, builder:
ccordes)
Database updated (70204 signatures) from db.UK.clamav.net (IP:
193.19.98.136)
Clamd successfully notified about the update.

But haven't seen any line in clamd.log, shouldn't an update be logged in
clamd.log ?

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

iprat at sapse

Sep 20, 2006, 8:39 AM

Post #38 of 47 (4995 views)
Permalink

Re: w32.clamav.net [In reply to]

> But haven't seen any line in clamd.log, shouldn't an update be logged in
> clamd.log ?
>
Forget about this post, on the next update the following line was shown
both in the console and clamd.log:

"Database correctly reloaded (70211 signatures)"

So I must have made an error before.

Good job Nigel !

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

dave-usenet at djwcomputers

Sep 20, 2006, 8:41 AM

Post #39 of 47 (5005 views)
Permalink

Re: w32.clamav.net [In reply to]

In message <45114497.5030800 [at] bandsman> Nigel Horne
<njh [at] bandsman> wrote:

>Ignasi Prat wrote:
>> Hi Nigel.
>>
>> Testing 2006-09-18 build I encountered three things that I think I
>> should mention:
>>
>> 1) Freshclam still gives always "WARNING: Invalid DNS reply. Falling
>> back to HTTP mode." I assume you are still working on the dns patch for
>> freshclam.
>
>Mark has sent a fix to his patch which I'll test and upload ASAP.

I'm not seeing that here... Am I missing something?

--------------------------------------
Current working dir is C:\Progra~1\clamAV\data
Max retries == 3
ClamAV update process started at Wed Sep 20 10:32:59 2006
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
See the FAQ at http://www.clamav.net/faq.html for an explanation.
TTL: 879
Software version from DNS: 0.88.4
main.cvd version from DNS: 40
main.cvd is up to date (version: 40, sigs: 64138, f-level: 8, builder:
tkojm)
daily.cvd version from DNS: 1911
daily.cvd is up to date (version: 1911, sigs: 6073, f-level: 8, builder:
ccordes)

>> 2) Clamd and clamscan always claim database is older than 7 days when
>> freshclam does not update database (because it is up to date) just after
>> a fresh install. This is not a problem, just a cosmetic issue that is
>> automatically solved the first time freshclam needs to update database.
>> In my case I just deleted files in data and called freshclam and after
>> that all was fine.
>
>That's because I don't always put the latest signatures in to the
>distribution file.

That's fair -- Is there a need to include any definitions, since they'll
tend to be out of date anyway?

Or if you are, would it be worth including the /test/ files?

>> 3) Clamd is never notified by freshclam, because it claims: [.WARNING:
>> Clamd was NOT notified: Can't find or parse configuration file "C:\Prog
>> ram]. In readme says this message means daily and main are not in
>> documents and settings �? what relation has this which clamd being
>> notified ?
>
>That is a bug in freshclam. The bug is not Windows specific.

Is it? It looks to me like LFN/SFN issue, if I use

NotifyClamd SFN C:\Progra~1\ClamAV\conf\clamd.conf

Then my freshclam.log looks good:
--------------------------------------
ClamAV update process started at Wed Sep 20 10:24:26 2006
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
See the FAQ at http://www.clamav.net/faq.html for an explanation.
main.cvd is up to date (version: 40, sigs: 64138, f-level: 8, builder:
tkojm)
Downloading daily.cvd [100]
daily.cvd updated (version: 1911, sigs: 6073, f-level: 8, builder:
ccordes)
Database updated (70211 signatures) from db.US.clamav.net (IP:
193.1.193.64)
Clamd successfully notified about the update.

And ClamD notices too...
--
Dave Warren,
MSN Instant Messenger: dave [at] djwcomputers
Phone: (204) 480-8407 Toll free: (888) 371-3470
Fax: (204) 283-6028

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

njh at bandsman

Sep 20, 2006, 8:48 AM

Post #40 of 47 (4994 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

> >That is a bug in freshclam. The bug is not Windows specific.
>
> Is it?

Yes. OPT_STR in shared/cfgparser should, I suspect, be OPT_QUOTESTR.

> Dave Warren,

-Nigel
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

clamav-win32 at subscriptions

Sep 20, 2006, 10:21 AM

Post #41 of 47 (4988 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

On Wednesday, September 20, 2006 at 8:49 AM, Nigel Horne wrote:

> > >That is a bug in freshclam. The bug is not Windows specific.
> >
> > Is it?
>
> Yes. OPT_STR in shared/cfgparser should, I suspect, be OPT_QUOTESTR.

Hmmm... I missed that in the OPT_QUOTESTR patch.

I've passed along a change to Tomasz.

- Mark Pizzolato

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

clamav-win32 at subscriptions

Sep 20, 2006, 10:41 AM

Post #42 of 47 (4997 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

On Monday, September 18, 2006 at 12:10 PM, Nigel Horne wrote:

> > 4) freshclam running at the start of the ClamAV service is nice,
but
> > I'd really hope that the system running ClamAV wouldn't reboot or
> > restart the ClamaAV service very often. Meanwhile, there have been
> > virusdb updates for the last few days which have ranged from a
minimum
> > of 4 up to 8 times per day, so clearly continuously running
freshclam is
> > desirable. What are your plans regarding getting both clamd and
> > freshclam running in the background?
>
> The latest freshclam now supports the --daemon mode, and the latest
> PowerTools from www.bandsman.co.uk/clamav.htm make use of this
facility.

This seems to work, and is a big step forward! Thanks!

Meanwhile, now the freshclam process doesn't get stopped when the ClamAV
service is stopped, and ANOTHER freshclam process is started each time
the ClamAV service is started. Stopping these freshclam processes
requires either rebooting the system or the use of an externally
acquired tool (tkill.exe from the windows resource kit, or a tool from
sysinternals.com (pskill, or procexp)).

When the ClamAV service is stopping, you might want to try cleanly
stopping freshclam with:

GenerateConsoleCtrlEvent(CTRL_C_EVENT, dwProcessId);

Where dwProcessId is the process ID of the freshclam process saved when
the process was created.

- Mark Pizzolato

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

dave-usenet at djwcomputers

Sep 20, 2006, 7:07 PM

Post #43 of 47 (5002 views)
Permalink

Re: w32.clamav.net [In reply to]

In message
<1FAA21D2C1671847926FF89CE540D49514ED0A [at] redroof>
<clamav-win32 [at] subscriptions>
wrote:

>On Wednesday, September 20, 2006 at 8:49 AM, Nigel Horne wrote:
>
>> > >That is a bug in freshclam. The bug is not Windows specific.
>> >
>> > Is it?
>>
>> Yes. OPT_STR in shared/cfgparser should, I suspect, be OPT_QUOTESTR.
>
>Hmmm... I missed that in the OPT_QUOTESTR patch.
>
>I've passed along a change to Tomasz.

Can't ask for a better turnaround time, thanks!
--
Dave Warren,
MSN Instant Messenger: dave [at] djwcomputers
Phone: (204) 480-8407 Toll free: (888) 371-3470
Fax: (204) 283-6028

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

njh at bandsman

Sep 21, 2006, 12:49 AM

Post #44 of 47 (4998 views)
Permalink

Re: Re: w32.clamav.net [In reply to]

clamav-win32 [at] subscriptions wrote:

> Meanwhile, now the freshclam process doesn't get stopped when the ClamAV
> service is stopped, and ANOTHER freshclam process is started each time
> the ClamAV service is started. Stopping these freshclam processes
> requires either rebooting the system or the use of an externally
> acquired tool (tkill.exe from the windows resource kit, or a tool from
> sysinternals.com (pskill, or procexp)).
>
> When the ClamAV service is stopping, you might want to try cleanly
> stopping freshclam with:
>
> GenerateConsoleCtrlEvent(CTRL_C_EVENT, dwProcessId);
>
> Where dwProcessId is the process ID of the freshclam process saved when
> the process was created.

That code has been in there for some time, but it fails - it generates error 6 -
incorrect handle. I am aware of the issue.
>
> - Mark Pizzolato

-Nigel

--
Nigel Horne. Arranger, Adjudicator, Band Trainer, Composer, Tutor, Typesetter.
NJH Music, Barnsley, UK. ICQ#20252325
njh [at] bandsman http://www.bandsman.co.uk

clamav-win32 at subscriptions

Sep 21, 2006, 5:08 AM

Post #45 of 47 (5008 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

On Thursday, September 21, 2006 at 12:49 AM, Nigel Horne wrote:
> Mark Pizzolato wrote:
>
> > When the ClamAV service is stopping, you might want to try cleanly
> > stopping freshclam with:
> >
> > GenerateConsoleCtrlEvent(CTRL_C_EVENT, dwProcessId);
> >
> > Where dwProcessId is the process ID of the freshclam process saved
when
> > the process was created.
>
> That code has been in there for some time, but it fails - it generates
> error 6 - incorrect handle. I am aware of the issue.

Sorry, I didn't know that. The only help I can offer then, is to
describe what code I have written elsewhere, which runs in the context
of a service does. The following is used to start the executable:

PROCESS_INFORMATION pinfo;
DWORD status = ERROR_SUCCESS;

szCommandLine = (TCHAR *)malloc(sizeof(*szProgram)*
(4+((szProgram)? _tcslen(szProgram) : 0) +
((szProgramArguments)? _tcslen(szProgramArguments) :
0)));
if (szProgram)
{
if (szProgramArguments)
_stprintf(szCommandLine, "\"%s\" %s", szProgram,
szProgramArguments);
else
_stprintf(szCommandLine, "\"%s\"", szProgram);
}
else
if (szProgramArguments)
_tcscpy(szCommandLine, szProgramArguments);
else
*szCommandLine = NULCHAR;
if (!CreateProcess(szProgram,
szCommandLine,
NULL,
NULL,
TRUE,
CREATE_NEW_PROCESS_GROUP |
NORMAL_PRIORITY_CLASS,
NULL,
szWorkingDirectory,
NULL,
&pinfo))
status = GetLastError();
free(szCommandLine);
if (status == ERROR_SUCCESS)
{
CloseHandle(pinfo.hProcess);
CloseHandle(pinfo.hThread);
}

On success, the returned pinfo structure contains the dwProcessId which
is later used at shutdown time to pass to GenerateConsoleCtrlEvent().

- Mark Pizzolato

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

njh at bandsman

Sep 25, 2006, 1:58 PM

Post #46 of 47 (4943 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

> > That code has been in there for some time, but it fails - it generates
> > error 6 - incorrect handle. I am aware of the issue.
>
> Sorry, I didn't know that. The only help I can offer then, is to
> describe what code I have written elsewhere, which runs in the context
> of a service does. The following is used to start the executable:
>
> PROCESS_INFORMATION pinfo;
> DWORD status = ERROR_SUCCESS;
>
> szCommandLine = (TCHAR *)malloc(sizeof(*szProgram)*
> (4+((szProgram)? _tcslen(szProgram) : 0) +
> ((szProgramArguments)? _tcslen(szProgramArguments) :
> 0)));
> if (szProgram)
> {
> if (szProgramArguments)
> _stprintf(szCommandLine, "\"%s\" %s", szProgram,
> szProgramArguments);
> else
> _stprintf(szCommandLine, "\"%s\"", szProgram);
> }
> else
> if (szProgramArguments)
> _tcscpy(szCommandLine, szProgramArguments);
> else
> *szCommandLine = NULCHAR;
> if (!CreateProcess(szProgram,
> szCommandLine,
> NULL,
> NULL,
> TRUE,
> CREATE_NEW_PROCESS_GROUP |
> NORMAL_PRIORITY_CLASS,
> NULL,
> szWorkingDirectory,
> NULL,
> &pinfo))
> status = GetLastError();
> free(szCommandLine);
> if (status == ERROR_SUCCESS)
> {
> CloseHandle(pinfo.hProcess);
> CloseHandle(pinfo.hThread);
> }
>
> On success, the returned pinfo structure contains the dwProcessId which
> is later used at shutdown time to pass to GenerateConsoleCtrlEvent().

Except, as I said, I get error -6 :-(

> - Mark Pizzolato

-Nigel
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

clamav-win32 at subscriptions

Sep 28, 2006, 12:35 PM

Post #47 of 47 (4939 views)
Permalink

RE: Re: w32.clamav.net [In reply to]

On Monday, September 25, 2006 at 1:58 PM, Nigel Horne wrote:

> > if (!CreateProcess(szProgram,
> > szCommandLine,
> > NULL,
> > NULL,
> > TRUE,
> > CREATE_NEW_PROCESS_GROUP |
> > NORMAL_PRIORITY_CLASS,
> > NULL,
> > szWorkingDirectory,
> > NULL,
> > &pinfo))
> > status = GetLastError();
> > free(szCommandLine);
> > if (status == ERROR_SUCCESS)
> > {
> > CloseHandle(pinfo.hProcess);
> > CloseHandle(pinfo.hThread);
> > }
> >
> > On success, the returned pinfo structure contains the dwProcessId
which
> > is later used at shutdown time to pass to
GenerateConsoleCtrlEvent().
>
> Except, as I said, I get error -6 :-(

OK.

Meanwhile, you seem to have done something to address the problem since
the current PowerTools.MSI installs a ClamAV Service which actually
stops the freshclam.exe process.... This may be a bit brute force using
TerminateProcess, which may leave a mess if freshclam happens to be
processing an update when it is attempted to be stopped.

In any case, if you are still interested, I've done some research on
what I'm doing in my service application: First, my earlier suggestion
about calling GenerateConsoleCtrlEvent(CTRL_C_EVENT, dwProcessId) is not
exactly what my code is doing. My code actually calls
GenerateConsoleCtrlEvent with CTRL_BREAK_EVENT. I did some testing and
the same code doesn't pass a signal to the created process when called
with CTRL_C_EVENT. It doesn't get an error, but no signal is delivered
- I can't explain why. I suggested using CTRL_C_EVENT since the
documentation doesn't seem to indicate that any unexpected behavior
would happen. This suggestion was based on the fact that freshclam.exe
already had a signal handler for SIGINT. You should be able to use
CTRL_BREAK_EVENT if you define a windows signal handler for SIGBREAK in
freshclam.c:

#ifdef C_WINDOWS
signal(SIGINT, daemon_sighandler);
signal(SIGBREAK, daemon_sighandler);
terminate = 0;
#else

Second, the above CreateProcess() code was not the only relevant code
required before creating the process. I also call AllocConsole() in the
initialization code of my service, then the background service has a
"console" which the created processes can inherit, which therefore can
be pass these signals thru.

- Mark Pizzolato

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32

1 2

View All

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads