#
# Patch file to convert protector-1.00 to protector-1.00.1
# Released - 14 Feb 2001 (Happy valentine's day)
#
# 14 Feb 2001
#
#
# Copyright (c) Christopher M. R. Lowth - chris@lowth.com
# Written by Christopher M. R. Lowth
#
# Permission is granted to anyone to use this software for any purpose on
# any computer system, and to alter it and redistribute it freely, subject
# to the following restrictions:
#
# 1. The author is not responsible for the consequences of use of this
#    software, no matter how awful, even if they arise from flaws in it.
#
# 2. The origin of this software must not be misrepresented, either by
#    explicit claim or by omission.  Since few users ever read sources,
#    credits must appear in the documentation.
#
# 3. Altered versions must be plainly marked as such, and must not be
#    misrepresented as being the original software.  Since few users
#    ever read sources, credits must appear in the documentation.
#
# 4. This notice may not be removed or altered.
#
# 
# Following the failure of version 1.00 to block the VBS/OnTheFly (Anna
# Kournikova) visual basic virus this week, patch 1 is released as a quick
# fix to the problem.
# 
# This fix works by inspecting the file name of the attachments and blocking
# any that have double extensions (such as MyPicture.gif.vbs) and any that
# have *.vb? extensions. This modification is required because VB scripts
# arrive as pure text, and have no magic header that m_file can identify.
#
# This update should be considered temporary.
#
#
#  To apply this patch, copy this file to
#	/tmp/protector-1.00.1.patch
#  then..
#
#  Take note: If you have modified the original protector-1.00 sources, this
#  patch may not work, and may even reverse out your changes - so backup the
#  modified software first.
#
#  cd to the directory containing the protector-1.00 sources
#
#  $ cd ..
#  $ cp -rdp protector-1.00 protector-1.00.1
#  $ cd protector-1.00.1
#  $ make clean
#  $ patch -p1 < /tmp/protector-1.00.1.patch
#  $ make build
#  $ make install
#


diff -Naur protector-1.00/CHANGES protector-1.00.1/CHANGES
--- protector-1.00/CHANGES	Thu Jan  1 00:00:00 1970
+++ protector-1.00.1/CHANGES	Wed Feb 14 22:10:59 2001
@@ -0,0 +1,11 @@
+14 Feb 2001
+
+Following the failure of version 1.00 to block the VBS/OnTheFly (Anna
+Kournikova) visual basic virus this week, patch 1 is released as a quick
+fix to the problem.
+
+This fix works by inspecting the file name of the attachment and blocking
+any that have double extensions (such as MyPicture.gif.vbs) and any that
+have *.vb? extensions. This modification is required because VB scripts
+arrive as pure text, and have no magic header that m_file can identify.
+This update should be considered temporary.
diff -Naur protector-1.00/GUIDE.html protector-1.00.1/GUIDE.html
--- protector-1.00/GUIDE.html	Mon May 22 16:16:06 2000
+++ protector-1.00.1/GUIDE.html	Wed Feb 14 22:06:04 2001
@@ -1,8 +1,8 @@
 <html><head> </head><body>
-<h2>Using protector 1.00</h2>
+<h2>Using protector 1.00.1</h2>
 
 <pre>Author: chris@lowth.com
-Date:    22 May 2000</pre>
+Date:    14 Feb 2001</pre>
 
 <h3>Functional overview</h3>
 The protector program inserts itself (<a href=INSTALL.html>on
diff -Naur protector-1.00/NOTES.html protector-1.00.1/NOTES.html
--- protector-1.00/NOTES.html	Mon May 22 07:54:31 2000
+++ protector-1.00.1/NOTES.html	Wed Feb 14 22:06:04 2001
@@ -1,4 +1,4 @@
-<h1>PROTECTOR(1) - 1.00 - March 2000</h1>
+<h1>PROTECTOR(1) - 1.00.1 - Feb 2001</h1>
 
 <h2>How it works - quick overview</h2>
 
diff -Naur protector-1.00/index.html protector-1.00.1/index.html
--- protector-1.00/index.html	Tue May 23 16:17:57 2000
+++ protector-1.00.1/index.html	Wed Feb 14 22:06:04 2001
@@ -1,4 +1,4 @@
-<h1>Protector 1.00</h1>
+<h1>Protector 1.00.1</h1>
 Simple (free) e-mail attachment filter, useful for basic virus protection.
 <hr>
 
@@ -6,12 +6,13 @@
 
 <table>
 <tr><td>Package name<td>protector
-<tr><td>Version<td>1.00
-<tr><td>Release date<td>23 May 2000
+<tr><td>Version<td>1.00.1
+<tr><td>Release date<td>14 Feb 2000
 <tr><td>Author<td>Christopher M. R. Lowth -- <a href=mailto:chris@lowth.com>chris@lowth.com</a>
 <tr><td>Licence terms<td><a href=COPYING.html>GNU GENERAL PUBLIC LICENSE.</a>
 <tr><td>Latest version available from<td><a href=http://www.lowth.com/>http://www.lowth.com/</a>
-<tr><td>Release status<td>Alpha release - for testing and contributions
+<tr><td>Release status<td>Alpha release - for testing and contributions, updated to block visual
+basic viruses more readily.
 </table>
 
 <p>The author invites comments - bug reports, requests for change, code submissions etc. E-mail them to me at
@@ -27,7 +28,7 @@
 
 <h2>Downloading</h2>
 
-You may down-load the source code from <a href=http://www.lowth.uklinux.net/protector/protector-1.00.tgz>here</a>.
+You may down-load the source code from <a href=http://www.lowth.uklinux.net/protector/protector-1.00.1.tgz>here</a>.
 
 <h2>Overview</h2>
 
diff -Naur protector-1.00/messages/dangerous_name.txt protector-1.00.1/messages/dangerous_name.txt
--- protector-1.00/messages/dangerous_name.txt	Thu Jan  1 00:00:00 1970
+++ protector-1.00.1/messages/dangerous_name.txt	Wed Feb 14 22:12:35 2001
@@ -0,0 +1,6 @@
+DANGEROUS FILE NAME
+
+This email contained an attachment of an "illegal" or "dangerous" file
+name, so the system has replaced it with this warning message.
+
+include(STANDARD-MESG)dnl
diff -Naur protector-1.00/part_filter protector-1.00.1/part_filter
--- protector-1.00/part_filter	Tue May 23 15:53:49 2000
+++ protector-1.00.1/part_filter	Wed Feb 14 22:06:04 2001
@@ -61,7 +61,7 @@
 #
 
 
-VER=1.00
+VER=1.00.1
 TMP=/tmp/protector.$$		# For safely - this MUST include "$$".
 
 ORIGINAL=$TMP/original
@@ -83,6 +83,8 @@
 	mkdir $TMP || replace_with internal_error
 	trap 'rm -rf $TMP' 0
 
+	check_filename "$CONTENT_TYPE__NAME"
+	check_filename "$CONTENT_DISPOSITION__NAME"
 
 	## If important things arent specified - use default values.
 
@@ -242,6 +244,23 @@
 	exit 0
 }
 
+##############################################################################
+# Dangerous extension checking - a recent trick is to give files in MS mail
+# attachments two extensions, the last being hidden by the mail client, but
+# being the significant one in terms of how the file is handled when "clicked".
+# This means that calling a file "Picture.gif.exe" makes it appear as a .gif file
+# when it is in fact a .exe - here we try to trap common hybrids of this type.
+# We do this by looking for slashes or colons, and more then one dot and
+# other things we dont like
+
+check_filename()
+{
+	case "$1" in
+		*/* | *\\* | *:* | *.*.* | *.[vV][bB]? )
+			replace_with dangerous_name ;;
+	esac
+}
+
 ###############################################################################
 # Decode the attachment into it's native raw form. Several encoding styles
 # are handled here - it should be easy enough to add others if required.
@@ -381,7 +400,11 @@
 	(
 		echo "X-Warning-Code: $1"
 		echo "$HEADERS";
-		cat $ORIGINAL
+		if [ -f $ORIGINAL ]; then
+			cat $ORIGINAL
+		else
+			cat
+		fi
 	) | $LIB_DIR/bin/save_reject -w $f
 
 	exit 111
diff -Naur protector-1.00/write.c protector-1.00.1/write.c
--- protector-1.00/write.c	Thu May 18 20:45:40 2000
+++ protector-1.00.1/write.c	Wed Feb 14 21:51:49 2001
@@ -127,7 +127,7 @@
 		hdr = "";
 	if ((fld = get_sub_header(hdr, "filename")) == NULL) fld = "";
 	sprintf(buff, "CONTENT_DISPOSITION__FILENAME=%s", fld);
-
+	putenv(strdup(buff));
 
 	if ((fld = get_header(mailrec, "content-transfer-encoding", 1)) == NULL)
 		fld = "";