Your message dated Mon, 21 Jan 2019 13:34:21 +0000
with message-id <[email protected]>
and subject line Bug#919814: fixed in c-icap-modules 1:0.5.3-1
has caused the Debian Bug report #919814,
regarding c-icap-modules: Add support for libclamav9
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
919814: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919814
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: c-icap-modules
Version: 1:0.4.4-1
Severity: normal
Tags: patch
I would like to upload new clamav release to unstable/stable. This
requires changes to the source package due to ABI changes on clamav's
side.
The new version 0.5.3 has support for that. I am also attaching a tiny
backport of those changes.
Sebastian
From: Sebastian Andrzej Siewior <[email protected]>
Date: Sat, 19 Jan 2019 21:12:25 +0100
Subject: [PATCH] backport clamav changes from 0.5.3
---
configure.ac | 12 ++++++++
services/virus_scan/clamav_mod.c | 62 +++++++++++++++++++++++++++++++++++++++-
2 files changed, 73 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 6d01fad8e47b..df5060941b7b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -187,7 +187,19 @@ if test a"$clamav" = "ayes"; then
AC_DEFINE(HAVE_LIBCLAMAV_095,1,[Define HAVE_LIBCLAMAV_095 if have clamav 0.95.x or newer])
AC_MSG_RESULT(yes),
)
+
+ #
+ # clamav dropped CL_SCAN_HEURISTIC_ENCRYPTED in 0.101 replacing it with
+ # CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE and CL_SCAN_HEURISTIC_ENCRYPTED_DOC
# restore flags / clamav tests
+ AC_MSG_CHECKING([for HAVE_CL_SCAN_OPTIONS in clamav.h])
+ AC_TRY_COMPILE(
+ [#include <clamav.h>],
+ [struct cl_scan_options CLAMSCAN_OPTIONS = { 0, 0, 0, 0, 0 };],
+ AC_DEFINE(HAVE_CL_SCAN_OPTIONS,1,[Define HAVE_CL_SCAN_OPTIONS if have clamav 0.101.x or newer])
+ AC_MSG_RESULT(yes),
+ AC_MSG_RESULT(no),
+ )
CFLAGS=$OLD_CFLAGS
fi # if test a"$clamav" = "ayes";
diff --git a/services/virus_scan/clamav_mod.c b/services/virus_scan/clamav_mod.c
index e860a93d2e22..9a886f9e62b5 100644
--- a/services/virus_scan/clamav_mod.c
+++ b/services/virus_scan/clamav_mod.c
@@ -123,7 +123,12 @@ struct virus_db {
#ifndef HAVE_LIBCLAMAV_095
struct cl_limits limits;
#endif
+
+#ifdef HAVE_CL_SCAN_OPTIONS
+struct cl_scan_options CLAMSCAN_OPTIONS;
+#else
unsigned int CLAMSCAN_OPTIONS = CL_SCAN_STDOPT;
+#endif
struct virus_db *virusdb = NULL;
struct virus_db *old_virusdb = NULL;
@@ -186,6 +191,55 @@ int clamav_post_init(struct ci_server_conf *server_conf)
#endif
/*Build scan options*/
+#ifdef HAVE_CL_SCAN_OPTIONS
+ memset(&CLAMSCAN_OPTIONS, 1, sizeof(CLAMSCAN_OPTIONS));
+ CLAMSCAN_OPTIONS.parse = ~0;
+
+#if defined(CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE)
+ if (CLAMAV_BLOCKENCRYPTED) {
+ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS;
+ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE;
+ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_ENCRYPTED_DOC;
+ }
+#endif
+
+#if defined(CL_SCAN_HEURISTIC_BROKEN)
+ if (CLAMAV_BLOCKBROKEN) {
+ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS;
+ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_BROKEN;
+ }
+#endif
+
+#if defined(CL_SCAN_GENERAL_HEURISTIC_PRECEDENCE)
+ if (CLAMAV_HEURISTIC_PRECEDENCE) {
+ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS;
+ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_GENERAL_HEURISTIC_PRECEDENCE;
+ }
+#endif
+
+#if defined(CL_SCAN_HEURISTIC_MACROS)
+ if (CLAMAV_BLOCKMACROS) {
+ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS;
+ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_MACROS;
+ }
+#endif
+
+#if defined(CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH)
+ if (CLAMAV_PHISHING_BLOCKSSL) {
+ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS;
+ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH;
+ }
+#endif
+
+#if defined(CL_SCAN_HEURISTIC_PHISHING_CLOAK)
+ if (CLAMAV_PHISHING_BLOCKCLOAK) {
+ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS;
+ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_PHISHING_CLOAK;
+ }
+#endif
+
+#else /*!HAVE_CL_SCAN_OPTIONS*/
+
#if defined(CL_SCAN_BLOCKENCRYPTED)
if (CLAMAV_BLOCKENCRYPTED)
CLAMSCAN_OPTIONS |= CL_SCAN_BLOCKENCRYPTED;
@@ -211,6 +265,8 @@ int clamav_post_init(struct ci_server_conf *server_conf)
CLAMSCAN_OPTIONS |= CL_SCAN_PHISHING_BLOCKCLOAK;
#endif
+#endif /*HAVE_CL_SCAN_OPTIONS*/
+
clamav_set_versions();
av_register_engine(&clamav_engine);
av_reload_istag();
@@ -483,7 +539,11 @@ int clamav_scan_simple_file(ci_simple_file_t *body, av_virus_info_t *vinfo)
vinfo->virus_found = 0;
vdb = get_virusdb();
lseek(fd, 0, SEEK_SET);
-#ifndef HAVE_LIBCLAMAV_095
+#if defined(HAVE_CL_SCAN_OPTIONS)
+ ret =
+ cl_scandesc(fd, NULL, &virname, &scanned_data, vdb,
+ &CLAMSCAN_OPTIONS);
+#elif !defined(HAVE_LIBCLAMAV_095)
ret =
cl_scandesc(fd, &virname, &scanned_data, vdb, &limits,
CLAMSCAN_OPTIONS);
--
2.11.0
--- End Message ---
--- Begin Message ---
Source: c-icap-modules
Source-Version: 1:0.5.3-1
We believe that the bug you reported is fixed in the latest version of
c-icap-modules, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mathieu Parent <[email protected]> (supplier of updated c-icap-modules package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 21 Jan 2019 14:11:27 +0100
Source: c-icap-modules
Binary: libc-icap-mod-virus-scan libc-icap-mod-urlcheck
libc-icap-mod-contentfiltering
Architecture: source amd64
Version: 1:0.5.3-1
Distribution: unstable
Urgency: medium
Maintainer: Mathieu Parent <[email protected]>
Changed-By: Mathieu Parent <[email protected]>
Description:
libc-icap-mod-contentfiltering - Content filtering Service for c-icap
libc-icap-mod-urlcheck - URL Check Service for c-icap
libc-icap-mod-virus-scan - Antivirus Service for c-icap
Closes: 919814
Changes:
c-icap-modules (1:0.5.3-1) unstable; urgency=medium
.
[ Ondřej Nový ]
* d/watch: Use https protocol
.
[ Mathieu Parent ]
* New upstream version 0.5.3
- Supports libclamav9 (Closes: #919814)
* tests: Ensure clamav-daemon is started after freshclam
* Add debian/gitlab-ci.yml
Checksums-Sha1:
f59229810175f6f418228e0fcd93bf9486565865 2206 c-icap-modules_0.5.3-1.dsc
df76f30b2cc29aeef700f477693e7017eaa847f4 452505
c-icap-modules_0.5.3.orig.tar.gz
53c302a0441376a7374dde3daab857207d1f10a2 5712
c-icap-modules_0.5.3-1.debian.tar.xz
0c712f45649a02640f2740640f28fa74576a8337 7501
c-icap-modules_0.5.3-1_amd64.buildinfo
7c84f332827e69b9964143a57f7aa92f99c568a5 55300
libc-icap-mod-contentfiltering-dbgsym_0.5.3-1_amd64.deb
c4dbce8b8a2620e69bfbf7052c0b03d671d7c222 25288
libc-icap-mod-contentfiltering_0.5.3-1_amd64.deb
b13d7067026e8a94c6ffa860ba005ebfc0cc7fe7 123960
libc-icap-mod-urlcheck-dbgsym_0.5.3-1_amd64.deb
fd85ba9b9b5e2f0cea9ad06e72fc8469aededbc3 32104
libc-icap-mod-urlcheck_0.5.3-1_amd64.deb
bddf029f842ceaea2567288f2a6f8f3be2d28ae4 75724
libc-icap-mod-virus-scan-dbgsym_0.5.3-1_amd64.deb
5832ca8627415a32dcbcd6cc788121db4be36036 32728
libc-icap-mod-virus-scan_0.5.3-1_amd64.deb
Checksums-Sha256:
62080eeb294f237fd3237afcea21b3212503afb201acf9fb800ad76951cd65f7 2206
c-icap-modules_0.5.3-1.dsc
6e2f87a60379ffde26947c6e82ff0c7f614bc005588bf1efb40c74f69c82f925 452505
c-icap-modules_0.5.3.orig.tar.gz
68695c7e90aa97fb4400e69df57c79fb5c148b574377302c253582efc7173124 5712
c-icap-modules_0.5.3-1.debian.tar.xz
5a59980cc41bec107d8dd4fdc9b4aadde3094119bec74495a52d3a6318e4ba5e 7501
c-icap-modules_0.5.3-1_amd64.buildinfo
0d9cc85d958138b146c50384c35b99e339244bdaf1d88a734a58a909d79b3e7d 55300
libc-icap-mod-contentfiltering-dbgsym_0.5.3-1_amd64.deb
5b06e5ecae2d3a57c9ae78a6e77a4e64ed84e04b5fba3f3ff47a0146e9347049 25288
libc-icap-mod-contentfiltering_0.5.3-1_amd64.deb
9f8b4ca27dda083761cc442014e926c4570b0caaa90751100a9b971205cfaec7 123960
libc-icap-mod-urlcheck-dbgsym_0.5.3-1_amd64.deb
6fecd7b169ec3e4219485cbd55be665e0c982b6f0bc5459a3440594f93c07d42 32104
libc-icap-mod-urlcheck_0.5.3-1_amd64.deb
b895b28d55707d1ff0de13b3b2243cffdd61bd51cf9186870adbf7b0a6d33751 75724
libc-icap-mod-virus-scan-dbgsym_0.5.3-1_amd64.deb
f9a79e23baa83c91138d833b4671c373da86f90f53976764c28c7ee70c310524 32728
libc-icap-mod-virus-scan_0.5.3-1_amd64.deb
Files:
8d1ea03ee007c8bcb1fb20713b55e2b3 2206 net optional c-icap-modules_0.5.3-1.dsc
d5f1e553cfe60180f9fa22c9a13005be 452505 net optional
c-icap-modules_0.5.3.orig.tar.gz
3d9e4bb6a7dc04a1869c70cb399900ba 5712 net optional
c-icap-modules_0.5.3-1.debian.tar.xz
9a3c2c41885b89b5c5be1c8ebec6c690 7501 net optional
c-icap-modules_0.5.3-1_amd64.buildinfo
aa8b3acd56f9ac54283e8e03e82a621d 55300 debug optional
libc-icap-mod-contentfiltering-dbgsym_0.5.3-1_amd64.deb
86d57bf6669e6c529d31d17d07db0384 25288 net optional
libc-icap-mod-contentfiltering_0.5.3-1_amd64.deb
f6161b087fef82361c43c6f69009aa07 123960 debug optional
libc-icap-mod-urlcheck-dbgsym_0.5.3-1_amd64.deb
55bb0271563f4be940c22fee94529996 32104 net optional
libc-icap-mod-urlcheck_0.5.3-1_amd64.deb
0062ecb7236e85c74abe07edf95b3feb 75724 debug optional
libc-icap-mod-virus-scan-dbgsym_0.5.3-1_amd64.deb
045d24a7c767346f0b54aa0f07963a13 32728 net optional
libc-icap-mod-virus-scan_0.5.3-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEqIGbPTP9weQZ135HrgOYBGZoH6UFAlxFxj4ACgkQrgOYBGZo
H6XTEA//Th+DcJVBh1WBNpCSrvOrxnJ9JXuSaDoSNXrIFAJU1VtEWL7t4SErfRvl
/O2R8VbCwZkQ5+lC2RzaxFJMTLNOVHWT4eumewOf5ctLiz1QUZ4yICxw/+uJH07X
M+NFq/szJVK+Ae94bB7XAdSAXWcgeNV+IvfTgWgBfDCOW/ZshBpgkVLBr9np3+JI
O9/TRDjFPL8IV0tr8cGNRY2ATK0hb/mOtIWGkEaFQvEBbyWzHS12/JyXJffxeBDD
C2dwVHMdpCHcBkxaPpOnvehVGUTNzfdWl9A5xtnfhpz93RByuo/0iNJ0p2/UkyWU
NRR/fSAPDP+rNbzZsBagyukCh7E2NaxW6KjU5wI9jvNLTtB3nyv4G588IEm/VJNV
oUlBjYFWf9HmyAb6nCR+InOE41+rFdvx6lIwHn+NVM9n1AQNeJAhKQqWJXdnUUNk
IwNhAvggva7WdMUvBvfxP2F4IMyX+NKvCIBM+a+uPaGNtyIKtPql//zqGh+zFell
NEaG9VAl5qO5ifkXieMdwwsJ02Kroy1j9YHWbAYdHusD3D40u4TZyRBR+T1ioi/v
tfzmbTzbASW3v/0DKcToU0hsXUgFDVsONKhuSDMJnKQuXicWGWMu9E2ZWPzMNnkd
XVnkN3d1H+kBVryO8ESH8aCk37WWfV8JFNgLehhf1Ug+zuBuAbs=
=lvH3
-----END PGP SIGNATURE-----
--- End Message ---
