That would be perfect, thanks so much for your help! I'll continue investigating the updates to manager.c. -- Matt Bearup
> Date: Sat, 11 Oct 2014 08:41:07 +0200 > Subject: Re: [Clamav-devel] HTTPS Support? > Content-Type: text/plain; charset=us-ascii > > Hello, > > I think this is really not required, but still I can add a certificate > for our official mirror at https://clamav.upjs.sk/. > But still I think this will be only one official mirror with https support. > Content to this mirror is uploaded over ssh, so also our source is secure. > > SAL > >> Date: Fri, 10 Oct 2014 11:36:08 -0700 >> Subject: [Clamav-devel] HTTPS Support? >> Content-Type: text/plain; charset=UTF-8 >> >> My team is currently evaluating AV solutions and we're interesting in using >> ClamAV. However, due to policy requirements the updates need to be >> downloaded via a secure protocol (e.g. https). Yes, I'm aware that this is >> pointless because the signature of downloaded CVDs is verified to >> identify/prevent tampering, but the policy requirement still stands for us. >> Has anyone considered supporting HTTPS for retrieving updates? I don't see >> any mention of it in the archives so I'm guessing no... >> >> 1. I see that the code in manager.c is hard-coded to use http. I could >> update that to read an option from the config file for either http or https >> and then pull updates from our own https mirror... >> 2. Due to the same policy requirements, our mirror will also have to get *its >> *definitions via a secure protocol. Considering that manager.c is >> hard-coded to use http, I assume there are no https mirrors out there, >> correct? Alternatively the sync method for public mirrors (rsync overssh) >> would meet that need, but that would require us to make the mirror public, >> which I'm not sure we could do. >> >> Appreciate any answers/feedback >> >> -- >> Matt Bearup _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net http://www.clamav.net/contact.html#ml
