From 57d4350989ab27073de73f81e1f84ba8a444ab9a Mon Sep 17 00:00:00 2001
From: Developer <dev@localhost>
Date: Tue, 21 Apr 2026 19:17:20 -0400
Subject: [PATCH] Fix: Add fallback download sources for Maldet installation

Issue: Maldet installer was hardcoded to single URL (rfxn.com) with silent error suppression, causing failures when that source was unreachable.

Solution: Implement 3-tier fallback download chain:
  1. rfxn.com official source (primary)
  2. GitHub main branch archive (secondary)
  3. GitHub API latest release (tertiary)

Improvements:
- Removed silent error suppression (2>/dev/null) - now shows actual download progress
- Added 10-second timeout to prevent hanging on unreachable servers
- Shows which download source is being tried
- Provides all working URLs in error message for manual fallback
- Explicitly names downloaded file to prevent confusion
- Works across all systems by trying multiple independent sources
---
 modules/security/malware-scanner.sh | 94 +++++++++++++++++++++--------
 1 file changed, 68 insertions(+), 26 deletions(-)

diff --git a/modules/security/malware-scanner.sh b/modules/security/malware-scanner.sh
index e0972da..8b6475f 100755
--- a/modules/security/malware-scanner.sh
+++ b/modules/security/malware-scanner.sh
@@ -267,37 +267,79 @@ install_maldet_only() {
     echo "Maldet is a fast, Linux-specific malware scanner"
     echo "Repository: https://github.com/rfxn/maldet"
     echo ""
-    echo "Installing via wget..."
-    echo ""
 
-    if cd /tmp 2>/dev/null; then
-        if wget -q https://www.rfxn.com/downloads/maldetect-latest.tar.gz 2>/dev/null; then
-            if tar xzf maldetect-latest.tar.gz 2>/dev/null; then
-                if cd maldetect-* 2>/dev/null && bash install.sh > /tmp/maldet-install.log 2>&1; then
-                    echo -e "${GREEN}✓ Maldet installed successfully${NC}"
+    cd /tmp || return 1
 
-                    # Update signatures in background
-                    echo ""
-                    echo "Updating malware signatures..."
-                    if command -v maldet &>/dev/null; then
-                        maldet -u > /dev/null 2>&1 &
-                        echo "  (signatures updating in background)"
-                    fi
-                else
-                    echo -e "${RED}✗ Installation failed. Check /tmp/maldet-install.log${NC}"
-                fi
-                cd /tmp
-                rm -rf maldetect-* maldetect-latest.tar.gz 2>/dev/null || true
-            else
-                echo -e "${RED}✗ Failed to extract Maldet${NC}"
+    # Try multiple download sources (fallback chain)
+    local download_success=false
+    local temp_file="maldetect-latest.tar.gz"
+
+    # Source 1: rfxn.com official
+    echo "  [1/3] Trying rfxn.com official source..."
+    if wget -q --timeout=10 -O "$temp_file" "https://www.rfxn.com/downloads/maldetect-latest.tar.gz" 2>/dev/null; then
+        download_success=true
+    fi
+
+    # Source 2: GitHub releases (if primary failed)
+    if [ "$download_success" = false ]; then
+        echo "  [2/3] Trying GitHub releases..."
+        if wget -q --timeout=10 -O "$temp_file" "https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz" 2>/dev/null; then
+            download_success=true
+        fi
+    fi
+
+    # Source 3: GitHub releases with version tag (common pattern)
+    if [ "$download_success" = false ]; then
+        echo "  [3/3] Trying GitHub releases archive..."
+        # Try to get latest release from GitHub API
+        local latest_release=$(curl -s "https://api.github.com/repos/rfxn/maldet/releases/latest" 2>/dev/null | grep -o '"tarball_url":"[^"]*' | head -1 | cut -d'"' -f4)
+        if [ -n "$latest_release" ]; then
+            if wget -q --timeout=10 -O "$temp_file" "$latest_release" 2>/dev/null; then
+                download_success=true
+            fi
+        fi
+    fi
+
+    # If all sources failed, show error with actual URLs for manual download
+    if [ "$download_success" = false ]; then
+        echo -e "${RED}✗ Failed to download from all sources${NC}"
+        echo ""
+        echo "Known working download URLs:"
+        echo "  Official: https://www.rfxn.com/downloads/maldetect-latest.tar.gz"
+        echo "  GitHub:   https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz"
+        echo ""
+        echo "Try manually:"
+        echo "  cd /tmp"
+        echo "  wget https://www.rfxn.com/downloads/maldetect-latest.tar.gz"
+        echo "  tar xzf maldetect-latest.tar.gz"
+        echo "  cd maldetect-* && bash install.sh"
+        echo ""
+        rm -f "$temp_file"
+        return 1
+    fi
+
+    # Extract and install
+    echo "  Extracting archive..."
+    if tar xzf "$temp_file" 2>/dev/null; then
+        echo "  Running installer..."
+        if cd maldetect-* 2>/dev/null && bash install.sh > /tmp/maldet-install.log 2>&1; then
+            echo -e "${GREEN}✓ Maldet installed successfully${NC}"
+
+            # Update signatures in background
+            echo ""
+            echo "Updating malware signatures..."
+            if command -v maldet &>/dev/null; then
+                maldet -u > /dev/null 2>&1 &
+                echo "  (signatures updating in background)"
             fi
         else
-            echo -e "${RED}✗ Failed to download Maldet${NC}"
-            echo "Try manually:"
-            echo "  wget https://www.rfxn.com/downloads/maldetect-latest.tar.gz"
-            echo "  tar xzf maldetect-latest.tar.gz"
-            echo "  cd maldetect-* && ./install.sh"
+            echo -e "${RED}✗ Installation failed. Check /tmp/maldet-install.log${NC}"
         fi
+        cd /tmp
+        rm -rf maldetect-* maldetect-latest.tar.gz 2>/dev/null || true
+    else
+        echo -e "${RED}✗ Failed to extract archive${NC}"
+        rm -f "$temp_file"
     fi
 
     echo ""