On Feb 28, 2014, at 7:34 AM, Shawn Webb <sw...@sourcefire.com<mailto:sw...@sourcefire.com>> wrote:
On Fri, Feb 28, 2014 at 10:27 AM, Mark Allan <markjal...@blueyonder.co.uk<mailto:markjal...@blueyonder.co.uk>>wrote: As this is first time ClamAV has had an external dependency, would it be worth making it an opt-out configure option for people who can't get it to compile or who have to rely on an older/incompatible version of OpenSSL? Mark Hey Mark, I explored that option, but I found attempting to support both too be too "cludgy". We would need to maintain two separate code paths, brought together with a shim. There would be a noticeable performance impact along with added complexity. I settled on outright replacing our current hashing functions with OpenSSL's in order to keep ClamAV's engine's performance top-notch and keep complexity at a minimum. In addition here Mark, we’re going to be using OpenSSL in future features we have planned for ClamAV, so this is the best option. -- Joel Esler | Threat Intelligence Team Lead | Open Source Manager | Vulnerability Research Team _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
