Your message dated Wed, 27 Nov 2013 09:19:02 +0000
with message-id <[email protected]>
and subject line Bug#693542: fixed in clamav-unofficial-sigs 3.7.2-1
has caused the Debian Bug report #693542,
regarding clamav-unofficial-sigs: Time limits for curl and rsync should be
configurable.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
693542: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693542
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: clamav-unofficial-sigs
Version: 3.7.1-3
Severity: normal
Dear Maintainer,
The timeouts used by curl and rsync are hardcoded in the update script,
and therefore large database files will fail to completely download
for slower connections. This will often happen for large files like
/var/cache/clamav-unofficial-sigs/si-dbs/securiteinfo.hdb.
Configuration options should be available to adjust these values.
I have patched my copy to get around this problem. It is attached for
your perusal.
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages clamav-unofficial-sigs depends on:
ii bind9-host [host] 1:9.8.4.dfsg-1
ii clamav 0.97.6+dfsg-1
ii curl 7.28.0-2
ii dnsutils 1:9.8.4.dfsg-1
ii gnupg 1.4.12-6
ii rsync 3.0.9-3
clamav-unofficial-sigs recommends no packages.
Versions of packages clamav-unofficial-sigs suggests:
ii clamav-daemon 0.97.6+dfsg-1
-- no debconf information
>From 818d29feaa1de05d74222c83bb73ce7b3324836b Mon Sep 17 00:00:00 2001
From: Carlos Maddela <[email protected]>
Date: Sun, 18 Nov 2012 04:08:19 +1100
Subject: =?UTF-8?q?configurable=20timeouts=0AAllow=20curl=20and=20rsync=20ti?=
=?UTF-8?q?me=20limits=20to=20be=20configurable.?=
---
clamav-unofficial-sigs.conf | 10 ++++++++++
clamav-unofficial-sigs.sh | 23 +++++++++++++++--------
2 files changed, 25 insertions(+), 8 deletions(-)
diff --git a/clamav-unofficial-sigs.conf b/clamav-unofficial-sigs.conf
index d18f2c4..838d20c 100644
--- a/clamav-unofficial-sigs.conf
+++ b/clamav-unofficial-sigs.conf
@@ -254,6 +254,16 @@ log_file_name="clamav-unofficial-sigs.log"
rsync_proxy=""
curl_proxy=""
+# Set curl time limits in seconds. Set to 0 to disable.
+# Default values if unset:
+# curl_connect_timeout=15
+# curl_max_time=60
+
+# Set rsync time limits in seconds. Set to 0 to disable.
+# Default values if unset:
+# rsync_contimeout=30
+# rsync_timeout=30
+
# After you have completed the configuration of this file, set the
# following variable to "yes".
user_configuration_complete="no"
diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh
index fa801f4..c4c290c 100755
--- a/clamav-unofficial-sigs.sh
+++ b/clamav-unofficial-sigs.sh
@@ -605,9 +605,13 @@ mkdir -p "$work_dir" "$ss_dir" "$si_dir" "$mbl_dir" "$config_dir" "$gpg_dir" "$a
# Set secured access permissions to the GPG directory
chmod 0700 "$gpg_dir"
+# Set the time limits for curl.
+curl_connect_timeout="--connect-timeout ${curl_connect_timeout:-15}"
+curl_max_time="--max-time ${curl_max_time:-60}"
+
# If we haven't done so yet, download Sanesecurity public GPG key and import to custom keyring.
if [ ! -s "$gpg_dir/publickey.gpg" ] ; then
- if ! curl -s -S $curl_proxy --connect-timeout 15 --max-time 60 -L -R http://www.sanesecurity.net/publickey.gpg -o $gpg_dir/publickey.gpg
+ if ! curl -s -S $curl_proxy $curl_connect_timeout $curl_max_time -L -R http://www.sanesecurity.net/publickey.gpg -o $gpg_dir/publickey.gpg
then
echo ""
echo "Could not download Sanesecurity public GPG key"
@@ -800,9 +804,12 @@ fi
# If the local rsync client supports the '--contimeout' flag, then enable it.
if rsync --help | grep 'contimeout' > /dev/null ; then
- contimeout="--contimeout=30"
+ rsync_contimeout="--contimeout=${rsync_contimeout:-30}"
fi
+# Set rsync timeout.
+rsync_timeout="--timeout=${rsync_timeout:-30}"
+
# Silence curl output and only report errors - useful if script is run via cron.
if [ "$curl_silence" = "yes" ] ; then
curl_output_level="-s -S"
@@ -959,8 +966,8 @@ if [ -n "$ss_dbs" ] ; then
comment ""
comment "Sanesecurity mirror site used: $ss_mirror_site_info"
log "INFO - Sanesecurity mirror site used: $ss_mirror_site_info"
- if rsync $rsync_output_level $no_motd --files-from=$ss_include_dbs -ctuz $contimeout \
- --timeout=30 --stats rsync://$ss_mirror_ip/sanesecurity $ss_dir 2>/dev/null
+ if rsync $rsync_output_level $no_motd --files-from=$ss_include_dbs -ctuz $rsync_contimeout \
+ $rsync_timeout --stats rsync://$ss_mirror_ip/sanesecurity $ss_dir 2>/dev/null
then
ss_rsync_success="1"
for db_file in $ss_dbs ; do
@@ -1102,7 +1109,7 @@ if [ -n "$si_dbs" ] ; then
else
z_opt=""
fi
- if curl $curl_proxy $curl_output_level --connect-timeout 15 --max-time 60 \
+ if curl $curl_proxy $curl_output_level $curl_connect_timeout $curl_max_time \
-L -R $z_opt -o $si_dir/$db_file http://$si_url/$db_file
then
loop="1"
@@ -1225,7 +1232,7 @@ if [ -n "$mbl_dbs" ] ; then
comment "MalwarePatrol $db_file Database File Update"
comment "======================================================================"
comment ""
- if curl $curl_proxy $curl_output_level --connect-timeout 15 --max-time 60 -R \
+ if curl $curl_proxy $curl_output_level $curl_connect_timeout $curl_max_time -R \
-o $mbl_dir/$db_file http://$mbl_url/cgi/submit?action=list_clamav_ext
then
if ! cmp -s $mbl_dir/$db_file $clam_dbs/$db_file
@@ -1328,7 +1335,7 @@ if [ -n "$add_dbs" ] ; then
db_file=`basename $db_url`
if [ "`echo $db_url | cut -d ":" -f1`" = "rsync" ]
then
- if ! rsync $rsync_output_level $no_motd $contimeout --timeout=30 -crtuz --exclude=*.txt \
+ if ! rsync $rsync_output_level $no_motd $rsync_contimeout $rsync_timeout -crtuz --exclude=*.txt \
--stats --exclude=*.sha256 --exclude=*.sig --exclude=*.gz $db_url $add_dir ; then
echo "Failed rsync connection to $base_url - SKIPPED $db_file update"
log "WARNING - Failed rsync connection to $base_url - SKIPPED $db_file update"
@@ -1336,7 +1343,7 @@ if [ -n "$add_dbs" ] ; then
else
if [ -s "$add_dir/$db_file" ] ; then
z_opt="-z $add_dir/$db_file"
- if ! curl $curl_output_level --connect-timeout 15 --max-time 60 \
+ if ! curl $curl_output_level $curl_connect_timeout $curl_max_time \
-L -R $z_opt -o $add_dir/$db_file $db_url ; then
echo "Failed curl connection to $base_url - SKIPPED $db_file update"
log "WARNING - Failed curl connection to $base_url - SKIPPED $db_file update"
--- End Message ---
--- Begin Message ---
Source: clamav-unofficial-sigs
Source-Version: 3.7.2-1
We believe that the bug you reported is fixed in the latest version of
clamav-unofficial-sigs, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Paul Wise <[email protected]> (supplier of updated clamav-unofficial-sigs package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 27 Nov 2013 15:38:03 +0800
Source: clamav-unofficial-sigs
Binary: clamav-unofficial-sigs
Architecture: source all
Version: 3.7.2-1
Distribution: unstable
Urgency: low
Maintainer: ClamAV Team <[email protected]>
Changed-By: Paul Wise <[email protected]>
Description:
clamav-unofficial-sigs - update script for 3rd-party clamav signatures
Closes: 566702 693542 711161 714132
Changes:
clamav-unofficial-sigs (3.7.2-1) unstable; urgency=low
.
* New upstream release
* Fixes signature ignore problem (Closes: #714132)
* Adds configurability for curl/rsync timeouts (Closes: #693542)
* Adds the ability to turn off chmod calls (See: #566702)
* Deal with the cron job being disabled (Closes: #711161)
* Turn off the chmod calls by default (Closes: #566702)
* Switch priority to optional
* Bump debhelper compat level
* Bump Standards-Version, no changes needed
* Simplify the dirs file slightly
* Rewrite and update the copyright file to copyright-format 1.0
* Ignore a missing purge file
Checksums-Sha1:
d3907751f11e49bef43ca8c9565aa0c4463767fd 2055
clamav-unofficial-sigs_3.7.2-1.dsc
137c586f219f1a75a0509cf606b6ea1a1ac4ee9e 38549
clamav-unofficial-sigs_3.7.2.orig.tar.gz
9ceb6fbfb796031a2969e36511d16d1c8267af1b 9685
clamav-unofficial-sigs_3.7.2-1.debian.tar.gz
b2013ddb4b72a6a360b5279231fb1cea1e4cf066 43398
clamav-unofficial-sigs_3.7.2-1_all.deb
Checksums-Sha256:
2459c2951e25e7a760e0a69824b27dee223ffbe933d5fedb1b022d02c56a9c5a 2055
clamav-unofficial-sigs_3.7.2-1.dsc
96e98e6e4434c5950fa9831c6a43236fed7eabae44beded16171305cf3f9bdb9 38549
clamav-unofficial-sigs_3.7.2.orig.tar.gz
7f3c7559765ed9c08c45bd1de4d9c17e920f4b9608cb913e3ba75bc8efddc474 9685
clamav-unofficial-sigs_3.7.2-1.debian.tar.gz
1859c2e0eb9abb2263b6ec53d95443bb268c61be16f9fc537620bf6b9847bdc1 43398
clamav-unofficial-sigs_3.7.2-1_all.deb
Files:
476227ba88efebf43bebef4222d2a668 2055 utils optional
clamav-unofficial-sigs_3.7.2-1.dsc
3fc7934f5b3ae139e852fd6d0e1996a0 38549 utils optional
clamav-unofficial-sigs_3.7.2.orig.tar.gz
106981cb1204c3763a7c256adefe7ef0 9685 utils optional
clamav-unofficial-sigs_3.7.2-1.debian.tar.gz
8c4d3101bce25250b6b51f532c3d2b0c 43398 utils optional
clamav-unofficial-sigs_3.7.2-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iQIcBAEBCgAGBQJSlaX4AAoJEDEWul6f+mmjCYsP/2g4OdbF7gcOt+IrEDdMqRUD
/Hw23O+8Dgx4CA501K+pBsXIPRFgaG3D7wuKJmRBNPvGDuoS1bP18q4ysDz4uWgw
NfJTfAc2/kif9f/AMfVbEtPMVoQqBlCLdDMFKnfTZr6rDM0r/X7pjEEft5S36bBb
9gnkKtBlALQ0iJZShLh0RS1jFd2mRUbBySfo7WeO+mvnGLpxyxBUvD5TIijyHEp5
BERBW65lplY0/Fw/fmweDf9R+uzdMSuv4gB2FNx7EIJcz6jLERgWbceMhCNdB+ON
u+9MVJsORJlFfoTjL0RkvAn+dcZ7B1OltlfegRKuI2GGOp7SUDSxeabSGG5w9evU
vZE+Tr2zuEy/kSS+1ECWWw15ExlklESOazmM7hla2Wb2kKEzXnDYwtszZJd55qXI
K5diXaYGmOTcSOtn78EQqnPt5P5Zh+rB9CM1afBiib9sWXAI4vEP8Lo//s6eL51C
kGjJNTEguY+PqEn/621PD3ggE5k6mwzaChinhiJ6DIh4rati9eT3Xee62e2+LCfb
xbluhWLPQtq6jQOTLX5W3/wr7ebis3Cmik6mP6KCqD3p0xUjhAXhBqlzN3cqnFS1
bhwxaXNsnVuOli/XsdfHAZNVWUhrGBhUAaXtWzkx/LreNFAzaN/SX7grUCsMqVtB
c2BvrrSKOXTl/wVH6Fme
=jWb6
-----END PGP SIGNATURE-----
--- End Message ---
