* -1 wait 60 seconds for max_children and continue.(Old behavior) * 0 or no value, no waiting, exit if max_children.(New default) * >0 means wait that long, then exit if neccessary.(Mix)
Justification:
If there are too many milters, hanging around doing nothing for 60 seconds wont make it any better. Besides, sendmail milter could be configured to time out before that.
Also, you would expect that saying --max-children actualy limited it to --max-children.
Joe
diff -ur clamav-devel-jm1/clamav-milter/clamav-milter.c
clamav-devel-jm2/clamav-milter/clamav-milter.c
--- clamav-devel-jm1/clamav-milter/clamav-milter.c Tue Apr 27 13:48:27 2004
+++ clamav-devel-jm2/clamav-milter/clamav-milter.c Tue Apr 27 13:53:20 2004
@@ -603,7 +603,7 @@
*/
static char const rcsid[] = "$Id: clamav-milter.c,v 1.83 2004/04/25 12:56:35
nigelhorne Exp $";
-#define CM_VERSION "0.70s"
+#define CM_VERSION "0.70s-jm"
/*#define CONFDIR "/usr/local/etc"*/
@@ -820,6 +820,12 @@
static pthread_cond_t n_children_cond = PTHREAD_COND_INITIALIZER;
static unsigned int n_children = 0;
static unsigned int max_children = 0;
+/*
+ * -1 wait 60 seconds for max_children and continue.
+ * 0 no waiting, exit if max_children.
+ * >0 means wait that long, then exit if neccessary.
+ */
+static int max_child_wait = 0;
short use_syslog = 0;
static const char *pidFile;
static int logVerbose = 0;
@@ -860,6 +866,13 @@
puts("\t--headers\t\t-H\tInclude original message headers in the report.");
puts("\t--local\t\t\t-l\tScan messages sent from machines on our LAN.");
puts("\t--outgoing\t\t-o\tScan outgoing messages from this machine.");
+ puts("\t--max-children\t\t-m\tMaximum amount of children to run.");
+ puts("\t--max-child-wait=secs\t-w\tAfter maximum amount of children,");
+ puts("\t\t\t\t\thow long do we wait for less children and do we exit?");
+ puts("\t\t\t\t\t0 or unspecified means no wait and exit.");
+ puts("\t\t\t\t\tNegative value means wait 60 seconds and continue.");
+ puts("\t\t\t\t\tPositive value means wait value seconds ");
+ puts("\t\t\t\t\tand exit if still max-children.");
puts("\t--noreject\t\t-N\tDon't reject viruses, silently throw them away.");
puts("\t--noxheader\t\t-n\tSuppress X-Virus-Scanned/X-Virus-Status headers.");
puts("\t--pidfile=FILE\t\t-i FILE\tLocation of pidfile.");
@@ -920,9 +933,9 @@
for(;;) {
int opt_index = 0;
#ifdef CL_DEBUG
- const char *args = "bc:CDfF:lm:nNop:PqQ:dhHs:St:U:Vx:";
+ const char *args = "bc:CDfF:lm:nNop:PqQ:dhHs:St:U:Vw::x:";
#else
- const char *args = "bc:CDfF:lm:nNop:PqQ:dhHs:St:U:V";
+ const char *args = "bc:CDfF:lm:nNop:PqQ:dhHs:St:U:Vw::";
#endif
static struct option long_options[] = {
@@ -987,6 +1000,9 @@
"max-children", 1, NULL, 'm'
},
{
+ "max-child-wait", 2, NULL, 'w'
+ },
+ {
"server", 1, NULL, 's'
},
{
@@ -1098,6 +1114,12 @@
case 'V':
puts(clamav_version);
return EX_OK;
+ case 'w':
+ if(optarg)
+ max_child_wait = atoi(optarg);
+ else
+ max_child_wait = 0;
+ break;
#ifdef CL_DEBUG
case 'x':
debug_level = atoi(optarg);
@@ -1816,6 +1838,22 @@
struct timeval now;
struct timespec timeout;
struct timezone tz;
+
+ /*
+ * If --max-child-wait=0, then we dont bs around with
+ * waiting for children to exit.
+ */
+
+ if(max_child_wait == 0) {
+ pthread_mutex_unlock(&n_children_mutex);
+ if(use_syslog)
+ syslog(LOG_NOTICE,
+ "%s: hit max-children limit (%u >=
%u): exiting.",
+ smfi_getsymval(ctx,"i"), n_children,
max_children);
+ clamfi_cleanup(ctx);
+ return cl_error;
+ }
+
/*
* Use pthread_cond_timedwait rather than
@@ -1828,13 +1866,13 @@
* It stops sendmail getting fidgety.
*/
gettimeofday(&now, &tz);
- timeout.tv_sec = now.tv_sec + 60;
+ timeout.tv_sec = now.tv_sec + ((max_child_wait > 0) ?
max_child_wait : 60);
timeout.tv_nsec = 0;
if(use_syslog)
syslog(LOG_NOTICE,
- "hit max-children limit (%u >= %u): waiting
for some to exit",
- n_children, max_children);
+ "hit max-children limit (%u >= %u): waiting %d
seconds for some to exit",
+ n_children, max_children, timeout.tv_sec -
now.tv_sec);
do
rc = pthread_cond_timedwait(&n_children_cond,
&n_children_mutex, &timeout);
while(rc != ETIMEDOUT);
@@ -1845,11 +1883,13 @@
pthread_mutex_unlock(&n_children_mutex);
if(rc == ETIMEDOUT) {
-#ifdef CL_DEBUG
if(use_syslog)
syslog(LOG_NOTICE, "Timeout waiting for a child to
die");
-#endif
cli_dbgmsg("Timeout waiting for a child to die\n");
+ if(max_child_wait > 0 ) {
+ clamfi_cleanup(ctx);
+ return cl_error;
+ }
}
}
diff -ur clamav-devel-jm1/docs/man/clamav-milter.8
clamav-devel-jm2/docs/man/clamav-milter.8
--- clamav-devel-jm1/docs/man/clamav-milter.8 Tue Apr 27 13:48:27 2004
+++ clamav-devel-jm2/docs/man/clamav-milter.8 Tue Apr 27 13:53:20 2004
@@ -142,7 +142,13 @@
\fB\-\-max\-children=n, \-m n\fR
Maximum number of children.
There is no default, if this argument is not \fBclamav\-milter\fR will
-spawn as many children as is necessary.
+spawn as many children as is necessary, except see clamav.conf(5) for the MaxThreads
option.
+.TP
+\fB\-\-max\-child\-wait=n, \-w n\fR
+Maximum amount of time to wait for number of children to climb down from
max\-children.
+If this is negative than we wait 60 seconds and then continue.
+If this is zero or unspecified we do not wait and we exit. This is the default.
+If this is positive we wait that many seconds for less than max\-children and if not,
we then exit.
.TP
\fB\-\-template\-file=file \-t file\fR
File points to a file whose contents is sent whenever a virus is intercepted.
