mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-06-01 13:10:33 +00:00
Code Issues Projects Releases Wiki Activity

clamav: update to 0.99.1

Browse Source 
removed debian patches
brut force remove rpaths

Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Armin Kuster
2016-01-24 19:45:45 -08:00
parent d3ec54611d
commit 73f384257d
30 changed files with 115 additions and 62116 deletions
Download Patch File Download Diff File Expand all files Collapse all files
recipes-security/clamav/clamav-0.98.5/0001-Change-paths-in-sample-conf-file-to-match-Debian.patch
-40
View File
@@ -1,40 +0,0 @@
From a6d6189e25d0a1053dc1aaff1b4c71f84b4599cf Mon Sep 17 00:00:00 2001
From: Scott Kitterman <scott@kitterman.com>
Date: Mon, 10 Mar 2014 19:20:18 -0400
Subject: Change paths in sample conf file to match Debian
---
etc/clamav-milter.conf.sample | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/etc/clamav-milter.conf.sample b/etc/clamav-milter.conf.sample
index b7d66a4f9641..ed0d519ffb9b 100644
--- a/etc/clamav-milter.conf.sample
+++ b/etc/clamav-milter.conf.sample
@@ -64,7 +64,7 @@ Example
# daemon (main thread).
#
# Default: disabled
-#PidFile /var/run/clamav-milter.pid
+#PidFile /var/run/clamav/clamav-milter.pid
# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
@@ -90,7 +90,7 @@ Example
# with the same socket: clamd servers will be selected in a round-robin fashion.
#
# Default: no default
-#ClamdSocket tcp:scanner.mydomain:7357
+ClamdSocket /var/run/clamav/clamd
##
@@ -212,7 +212,7 @@ Example
# A full path is required.
#
# Default: disabled
-#LogFile /tmp/clamav-milter.log
+#LogFile /var/log/clamav/clamav-milter.log
# By default the log file is locked for writing - the lock protects against
# running clamav-milter multiple times.
recipes-security/clamav/clamav-0.98.5/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
-56
View File
@@ -1,56 +0,0 @@
From 3ae8ea99a010e5c513aa48c3bfa15a65772f742b Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Sat, 29 Mar 2014 15:52:55 +0100
Subject: Add an additional \n after the number in the pidfile
start-stop-daemon works without the \n in the file but pkill does not.
Also the output of cat $PifFile looks better :)
https://bugzilla.clamav.net/show_bug.cgi?id=10907
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
---
clamav-milter/clamav-milter.c | 2 +-
clamd/server-th.c | 2 +-
freshclam/freshclam.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/clamav-milter/clamav-milter.c b/clamav-milter/clamav-milter.c
index b6ac9e157872..2c7a4d7d3414 100644
--- a/clamav-milter/clamav-milter.c
+++ b/clamav-milter/clamav-milter.c
@@ -381,7 +381,7 @@ int main(int argc, char **argv) {
if((fd = fopen(opt->strarg, "w")) == NULL) {
logg("!Can't save PID in file %s\n", opt->strarg);
} else {
- if (fprintf(fd, "%u", (unsigned int)getpid())<0) {
+ if (fprintf(fd, "%u\n", (unsigned int)getpid())<0) {
logg("!Can't save PID in file %s\n", opt->strarg);
}
fclose(fd);
diff --git a/clamd/server-th.c b/clamd/server-th.c
index 7ec5ae80cd64..d97cd6fb34e1 100644
--- a/clamd/server-th.c
+++ b/clamd/server-th.c
@@ -1034,7 +1034,7 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi
if((fd = fopen(opt->strarg, "w")) == NULL) {
logg("!Can't save PID in file %s\n", opt->strarg);
} else {
- if (fprintf(fd, "%u", (unsigned int) mainpid)<0) {
+ if (fprintf(fd, "%u\n", (unsigned int) mainpid)<0) {
logg("!Can't save PID in file %s\n", opt->strarg);
}
fclose(fd);
diff --git a/freshclam/freshclam.c b/freshclam/freshclam.c
index 1a3279966720..166586bf6447 100644
--- a/freshclam/freshclam.c
+++ b/freshclam/freshclam.c
@@ -135,7 +135,7 @@ writepid (const char *pidfile)
}
else
{
- fprintf (fd, "%d", (int) getpid ());
+ fprintf (fd, "%d\n", (int) getpid ());
fclose (fd);
}
umask (old_umask);
recipes-security/clamav/clamav-0.98.5/0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
-30
View File
@@ -1,30 +0,0 @@
From d5febd3fab63a6dc4af148ab1b94fe8a85412b46 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Fri, 25 Apr 2014 22:06:23 +0200
Subject: unit_tests: increment test-timeout from 40secs to 5mins
I see now and then that tests on the slower archs (arm*, mips) fail due to
the timeout restriction. Often a second build even on the same buildd
succeeds. I think that the buildd is either close to the limit or has
something else (another sbuild running) going so it does not finish the
test in 40secs.
Therefore I raise the bar to a 5 minutes limit. The worst thing that can
happen is, that it takes more than 4 minutes before an enless loop will
be detected.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
---
unit_tests/preload_run.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/unit_tests/preload_run.sh b/unit_tests/preload_run.sh
index 8b8c8e3954dd..365b3a8e0edb 100755
--- a/unit_tests/preload_run.sh
+++ b/unit_tests/preload_run.sh
@@ -5,5 +5,5 @@
ulimit -c 0 || true
LD_PRELOAD=$LIBPRELOAD
export LD_PRELOAD
-export CK_DEFAULT_TIMEOUT=40
+export CK_DEFAULT_TIMEOUT=300
exec $@
recipes-security/clamav/clamav-0.98.5/0004-Fix-compiling-on-Hurd.patch
-50
View File
@@ -1,50 +0,0 @@
From db4079249ca4ead5821ce6e1d32edad84c2579aa Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date: Sat, 21 Jun 2014 17:00:47 +0200
Subject: Fix compiling on Hurd.
The header linux/sockios.h is not available on Hurd.
---
libclamav/hostid.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/libclamav/hostid.c b/libclamav/hostid.c
index bf988de2d6fd..e683539eaf41 100644
--- a/libclamav/hostid.c
+++ b/libclamav/hostid.c
@@ -47,7 +47,7 @@
#include <ifaddrs.h>
#endif
-#if defined(SIOCGIFHWADDR)
+#if defined(SIOCGIFHWADDR) && !defined(__GNU__)
#if defined(_AIX)
#include <sys/ndd_var.h>
#include <sys/kinfo.h>
@@ -116,7 +116,7 @@ struct device *get_devices(void)
uint8_t *mac;
int sock;
-#if defined(SIOCGIFHWADDR)
+#if defined(SIOCGIFHWADDR) && !defined(__GNU__)
struct ifreq ifr;
#else
struct sockaddr_dl *sdl;
@@ -155,7 +155,7 @@ struct device *get_devices(void)
* Instead, Linux uses its own ioctl. This code only runs if we're not Linux,
* Windows, or FreeBSD.
*/
-#if !defined(SIOCGIFHWADDR)
+#if !defined(SIOCGIFHWADDR) || defined(__GNU__)
for (i=0; i < ndevices; i++) {
if (!(strcmp(devices[i].name, addr->ifa_name))) {
sdl = (struct sockaddr_dl *)(addr->ifa_addr);
@@ -180,7 +180,7 @@ struct device *get_devices(void)
}
/* This is the Linux version of getting the MAC addresses */
-#if defined(SIOCGIFHWADDR)
+#if defined(SIOCGIFHWADDR) && !defined(__GNU__)
for (i=0; i < ndevices; i++) {
if (!(devices[i].name))
continue;
recipes-security/clamav/clamav-0.98.5/0005-Workaround-a-bug-in-libc-on-Hurd.patch
-35
View File
@@ -1,35 +0,0 @@
From b8e7d19ec50c30c59fa1038cd9da6d37c2176833 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date: Sat, 21 Jun 2014 17:02:06 +0200
Subject: Workaround a bug in libc on Hurd
The send() function, when asked to send 0 characters, doesn't trigger a corresponding recv(), except on Hurd.
This breaks the communication between clamd and clamdscan.
See: https://bugs.debian.org/752237
---
clamd/scanner.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/clamd/scanner.c b/clamd/scanner.c
index cd3d07c4ad3e..d531c4420686 100644
--- a/clamd/scanner.c
+++ b/clamd/scanner.c
@@ -119,6 +119,7 @@ int scan_callback(STATBUF *sb, char *filename, const char *msg, enum cli_ftw_rea
/* detect disconnected socket,
* this should NOT detect half-shutdown sockets (SHUT_WR) */
+#if !defined(__GNU__)
if (send(scandata->conn->sd, &ret, 0, 0) == -1 && errno != EINTR) {
logg("$Client disconnected while command was active!\n");
thrmgr_group_terminate(scandata->conn->group);
@@ -126,7 +127,7 @@ int scan_callback(STATBUF *sb, char *filename, const char *msg, enum cli_ftw_rea
free(filename);
return CL_BREAK;
}
-
+#endif
if (thrmgr_group_need_terminate(scandata->conn->group)) {
logg("^Client disconnected while scanjob was active\n");
if (reason == visit_file)
recipes-security/clamav/clamav-0.98.5/0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
-22
View File
@@ -1,22 +0,0 @@
From 0fd50756af998fabc3393f67ff8b78a4855303d9 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date: Mon, 4 Aug 2014 22:44:40 +0200
Subject: remove unnecessary/harmful flags from libclamav.pc
---
libclamav.pc.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libclamav.pc.in b/libclamav.pc.in
index 27db30e757ff..19ef1e4e0399 100644
--- a/libclamav.pc.in
+++ b/libclamav.pc.in
@@ -6,6 +6,6 @@ includedir=@includedir@
Name: libclamav
Description: A GPL virus scanner
Version: @PACKAGE_VERSION@
-Libs: -L${libdir} -lclamav @LIBCLAMAV_LIBS@
-Cflags: -I${includedir} @CFLAGS@
+Libs: -L${libdir} -lclamav
+Cflags: -I${includedir}
recipes-security/clamav/clamav-0.98.5/0007-libclamav-use-libmspack.patch
-4042
View File
File diff suppressed because it is too large Load Diff
recipes-security/clamav/clamav-0.98.5/0008-Add-upstream-systemd-support-for-clamav-daemon-and-c.patch
-655
View File
@@ -1,655 +0,0 @@
From d2564db5d3f50adc67474ffb22b0ee7027a82828 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date: Mon, 11 Aug 2014 23:22:05 +0200
Subject: Add upstream systemd support for clamav-daemon and clamav-freshclam.
---
Makefile.am | 2 +-
clamd/Makefile.am | 4 ++
clamd/clamav-daemon.service.in | 17 ++++++
clamd/clamav-daemon.socket | 12 ++++
clamd/clamd.c | 102 +++++++++++++++++++++++++++-------
clamd/localserver.c | 34 ++++++++++++
clamd/server-th.c | 55 +++++++++++-------
clamd/tcpserver.c | 50 +++++++++++++++++
configure.ac | 3 +
freshclam/Makefile.am | 4 ++
freshclam/clamav-freshclam.service.in | 12 ++++
freshclam/freshclam.c | 39 +++++++++++--
m4/reorganization/libs/systemd.m4 | 18 ++++++
shared/misc.h | 8 +++
shared/optparser.c | 2 +-
15 files changed, 318 insertions(+), 44 deletions(-)
create mode 100644 clamd/clamav-daemon.service.in
create mode 100644 clamd/clamav-daemon.socket
create mode 100644 freshclam/clamav-freshclam.service.in
create mode 100644 m4/reorganization/libs/systemd.m4
diff --git a/Makefile.am b/Makefile.am
index 2eecd94b668b..017d6327ff58 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -33,7 +33,7 @@ pkgconfig_DATA = libclamav.pc
# don't complain that configuration files and databases are not removed, this is intended
distuninstallcheck_listfiles = find . -type f ! -name clamd.conf ! -name freshclam.conf ! -name daily.cvd ! -name main.cvd -print
DISTCLEANFILES = target.h
-DISTCHECK_CONFIGURE_FLAGS=--enable-milter --disable-clamav --enable-all-jit-targets --enable-llvm=yes
+DISTCHECK_CONFIGURE_FLAGS=--enable-milter --disable-clamav --enable-all-jit-targets --enable-llvm=yes --with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)
lcov:
($(MAKE); cd unit_tests; $(MAKE) lcov)
quick-check:
diff --git a/clamd/Makefile.am b/clamd/Makefile.am
index 61bbd69d1133..edc133138e58 100644
--- a/clamd/Makefile.am
+++ b/clamd/Makefile.am
@@ -50,6 +50,10 @@ clamd_SOURCES = \
AM_CFLAGS=@WERR_CFLAGS@
+if INSTALL_SYSTEMD_UNITS
+systemdsystemunit_DATA = clamav-daemon.socket clamav-daemon.service
+endif
+
endif
LIBS = $(top_builddir)/libclamav/libclamav.la @CLAMD_LIBS@ @THREAD_LIBS@
diff --git a/clamd/clamav-daemon.service.in b/clamd/clamav-daemon.service.in
new file mode 100644
index 000000000000..0a5d456a2b36
--- /dev/null
+++ b/clamd/clamav-daemon.service.in
@@ -0,0 +1,17 @@
+[Unit]
+Description=Clam AntiVirus userspace daemon
+Documentation=man:clamd(8) man:clamd.conf(5) http://www.clamav.net/lang/en/doc/
+Requires=clamav-daemon.socket
+# Check for database existence
+ConditionPathExistsGlob=@DBDIR@/main.{c[vl]d,inc}
+ConditionPathExistsGlob=@DBDIR@/daily.{c[vl]d,inc}
+
+[Service]
+ExecStart=@prefix@/sbin/clamd --foreground=true
+# Reload the database
+ExecReload=/bin/kill -USR2 $MAINPID
+StandardOutput=syslog
+
+[Install]
+WantedBy=multi-user.target
+Also=clamav-daemon.socket
diff --git a/clamd/clamav-daemon.socket b/clamd/clamav-daemon.socket
new file mode 100644
index 000000000000..43a34cd36aad
--- /dev/null
+++ b/clamd/clamav-daemon.socket
@@ -0,0 +1,12 @@
+[Unit]
+Description=Socket for Clam AntiVirus userspace daemon
+Documentation=man:clamd(8) man:clamd.conf(5) http://www.clamav.net/lang/en/doc/
+
+[Socket]
+ListenStream=/run/clamav/clamd.ctl
+#ListenStream=127.0.0.1:1024
+ExecStartPost=/bin/chown -R clamav:clamav /run/clamav/
+ExecStopPost=/bin/rm /run/clamav/clamd.ctl
+
+[Install]
+WantedBy=sockets.target
diff --git a/clamd/clamd.c b/clamd/clamd.c
index 96204291f433..ec15eacc8c25 100644
--- a/clamd/clamd.c
+++ b/clamd/clamd.c
@@ -72,7 +72,7 @@
#include "scanner.h"
short debug_mode = 0, logok = 0;
-short foreground = 0;
+short foreground = -1;
char hostid[37];
char *get_hostid(void *cbdata);
@@ -160,6 +160,31 @@ int main(int argc, char **argv)
debug_mode = 1;
}
+ /* check foreground option from command line to override config file */
+ int j;
+ for(j = 0; j < argc; j += 1)
+ {
+ if ((memcmp(argv[j], "--foreground", 12) == 0) || (memcmp(argv[j], "-F", 2) == 0))
+ {
+ /* found */
+ break;
+ }
+ }
+
+ if (j < argc)
+ {
+ if(optget(opts, "Foreground")->enabled)
+ {
+ foreground = 1;
+ }
+ else
+ {
+ foreground = 0;
+ }
+ }
+
+ int num_fd = sd_listen_fds(0);
+
/* parse the config file */
cfgfile = optget(opts, "config-file")->strarg;
pt = strdup(cfgfile);
@@ -295,7 +320,9 @@ int main(int argc, char **argv)
if(optget(opts, "LocalSocket")->enabled)
localsock = 1;
- if(!tcpsock && !localsock) {
+ logg("#Received %d file descriptor(s) from systemd.\n", num_fd);
+
+ if(!tcpsock && !localsock && num_fd == 0) {
logg("!Please define server type (local and/or TCP).\n");
ret = 1;
break;
@@ -577,7 +604,9 @@ int main(int argc, char **argv)
break;
}
- if(tcpsock) {
+ if(tcpsock || num_fd > 0) {
+ int *t;
+
opt = optget(opts, "TCPAddr");
if (opt->enabled) {
int breakout = 0;
@@ -604,7 +633,7 @@ int main(int argc, char **argv)
}
}
#ifndef _WIN32
- if(localsock) {
+ if(localsock && num_fd == 0) {
int *t;
mode_t sock_mode, umsk = umask(0777); /* socket is created with 000 to avoid races */
@@ -666,8 +695,43 @@ int main(int argc, char **argv)
nlsockets++;
}
+ /* check for local sockets passed by systemd */
+ if (num_fd > 0)
+ {
+ int *t;
+ t = realloc(lsockets, sizeof(int) * (nlsockets + 1));
+ if (!(t)) {
+ ret = 1;
+ break;
+ }
+ lsockets = t;
+
+ lsockets[nlsockets] = localserver(opts);
+ if (lsockets[nlsockets] == -1)
+ {
+ ret = 1;
+ break;
+ }
+ else if (lsockets[nlsockets] > 0)
+ {
+ nlsockets++;
+ }
+ }
+
/* fork into background */
- if(!optget(opts, "Foreground")->enabled) {
+ if (foreground == -1)
+ {
+ if (optget(opts, "Foreground")->enabled)
+ {
+ foreground = 1;
+ }
+ else
+ {
+ foreground = 0;
+ }
+ }
+ if(foreground == 0)
+ {
#ifdef C_BSD
/* workaround for OpenBSD bug, see https://wwws.clamav.net/bugzilla/show_bug.cgi?id=885 */
for(ret=0;(unsigned int)ret<nlsockets;ret++) {
@@ -701,8 +765,6 @@ int main(int argc, char **argv)
if(chdir("/") == -1)
logg("^Can't change current working directory to root\n");
- } else {
- foreground = 1;
}
#endif
@@ -716,22 +778,24 @@ int main(int argc, char **argv)
} while (0);
- logg("*Closing the main socket%s.\n", (nlsockets > 1) ? "s" : "");
-
- for (i = 0; i < nlsockets; i++) {
- closesocket(lsockets[i]);
- }
+ if (num_fd == 0)
+ {
+ logg("*Closing the main socket%s.\n", (nlsockets > 1) ? "s" : "");
+ for (i = 0; i < nlsockets; i++) {
+ closesocket(lsockets[i]);
+ }
#ifndef _WIN32
- if(nlsockets && localsock) {
- opt = optget(opts, "LocalSocket");
+ if(nlsockets && localsock) {
+ opt = optget(opts, "LocalSocket");
- if(unlink(opt->strarg) == -1)
- logg("!Can't unlink the socket file %s\n", opt->strarg);
- else
- logg("Socket file removed.\n");
- }
+ if(unlink(opt->strarg) == -1)
+ logg("!Can't unlink the socket file %s\n", opt->strarg);
+ else
+ logg("Socket file removed.\n");
+ }
#endif
+ }
free(lsockets);
diff --git a/clamd/localserver.c b/clamd/localserver.c
index db07415212ad..d963efd244f5 100644
--- a/clamd/localserver.c
+++ b/clamd/localserver.c
@@ -39,6 +39,7 @@
#include "shared/optparser.h"
#include "shared/output.h"
+#include "shared/misc.h"
#include "others.h"
#include "server.h"
@@ -60,6 +61,39 @@ int localserver(const struct optstruct *opts)
STATBUF foo;
char *estr;
+ int num_fd = sd_listen_fds(0);
+ if (num_fd > 2)
+ {
+ logg("!LOCAL: Received more than two file descriptors from systemd.\n");
+ return -1;
+ }
+ else if (num_fd > 0)
+ {
+ /* use socket passed by systemd */
+ int i;
+ for(i = 0; i < num_fd; i += 1)
+ {
+ sockfd = SD_LISTEN_FDS_START + i;
+ if (sd_is_socket(sockfd, AF_UNIX, SOCK_STREAM, 1) == 1)
+ {
+ /* correct socket */
+ break;
+ }
+ else
+ {
+ /* wrong socket */
+ sockfd = -2;
+ }
+ }
+ if (sockfd == -2)
+ {
+ logg("#LOCAL: No local AF_UNIX SOCK_STREAM socket received from systemd.\n");
+ return -2;
+ }
+ logg("#LOCAL: Received AF_UNIX SOCK_STREAM socket from systemd.\n");
+ return sockfd;
+ }
+ /* create socket */
memset((char *) &server, 0, sizeof(server));
server.sun_family = AF_UNIX;
strncpy(server.sun_path, optget(opts, "LocalSocket")->strarg, sizeof(server.sun_path));
diff --git a/clamd/server-th.c b/clamd/server-th.c
index d97cd6fb34e1..5c12811b662b 100644
--- a/clamd/server-th.c
+++ b/clamd/server-th.c
@@ -48,6 +48,7 @@
#include "shared/output.h"
#include "shared/optparser.h"
+#include "shared/misc.h"
#include "fan.h"
#include "server.h"
@@ -445,13 +446,19 @@ static void *acceptloop_th(void *arg)
}
pthread_mutex_unlock(fds->buf_mutex);
- for (i=0;i < fds->nfds; i++) {
- if (fds->buf[i].fd == -1)
- continue;
- logg("$Shutdown: closed fd %d\n", fds->buf[i].fd);
- shutdown(fds->buf[i].fd, 2);
- closesocket(fds->buf[i].fd);
+ if (sd_listen_fds(0) == 0)
+ {
+ /* only close the sockets, when not using systemd socket activation */
+ for (i=0;i < fds->nfds; i++)
+ {
+ if (fds->buf[i].fd == -1)
+ continue;
+ logg("$Shutdown: closed fd %d\n", fds->buf[i].fd);
+ shutdown(fds->buf[i].fd, 2);
+ closesocket(fds->buf[i].fd);
+ }
}
+
fds_free(fds);
pthread_mutex_destroy(fds->buf_mutex);
pthread_mutex_lock(&exit_mutex);
@@ -1344,16 +1351,22 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi
if (progexit) {
pthread_mutex_unlock(&exit_mutex);
pthread_mutex_lock(fds->buf_mutex);
- for (i=0;i < fds->nfds; i++) {
- if (fds->buf[i].fd == -1)
- continue;
- thrmgr_group_terminate(fds->buf[i].group);
- if (thrmgr_group_finished(fds->buf[i].group, EXIT_ERROR)) {
- logg("$Shutdown closed fd %d\n", fds->buf[i].fd);
- shutdown(fds->buf[i].fd, 2);
- closesocket(fds->buf[i].fd);
- fds->buf[i].fd = -1;
- }
+ if (sd_listen_fds(0) == 0)
+ {
+ /* only close the sockets, when not using systemd socket activation */
+ for (i=0;i < fds->nfds; i++)
+ {
+ if (fds->buf[i].fd == -1)
+ continue;
+ thrmgr_group_terminate(fds->buf[i].group);
+ if (thrmgr_group_finished(fds->buf[i].group, EXIT_ERROR))
+ {
+ logg("$Shutdown closed fd %d\n", fds->buf[i].fd);
+ shutdown(fds->buf[i].fd, 2);
+ closesocket(fds->buf[i].fd);
+ fds->buf[i].fd = -1;
+ }
+ }
}
pthread_mutex_unlock(fds->buf_mutex);
break;
@@ -1462,9 +1475,13 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi
#endif
if(dbstat.entries)
cl_statfree(&dbstat);
- logg("*Shutting down the main socket%s.\n", (nsockets > 1) ? "s" : "");
- for (i = 0; i < nsockets; i++)
- shutdown(socketds[i], 2);
+ if (sd_listen_fds(0) == 0)
+ {
+ /* only close the sockets, when not using systemd socket activation */
+ logg("*Shutting down the main socket%s.\n", (nsockets > 1) ? "s" : "");
+ for (i = 0; i < nsockets; i++)
+ shutdown(socketds[i], 2);
+ }
if((opt = optget(opts, "PidFile"))->enabled) {
if(unlink(opt->strarg) == -1)
diff --git a/clamd/tcpserver.c b/clamd/tcpserver.c
index c3027a85c1f4..81387b3c8512 100644
--- a/clamd/tcpserver.c
+++ b/clamd/tcpserver.c
@@ -60,6 +60,56 @@ int tcpserver(int **lsockets, unsigned int *nlsockets, char *ipaddr, const struc
sockets = *lsockets;
+ int num_fd = sd_listen_fds(0);
+ if (num_fd > 2)
+ {
+ logg("!TCP: Received more than two file descriptors from systemd.\n");
+ return -1;
+ }
+ else if (num_fd > 0)
+ {
+ /* use socket passed by systemd */
+ int i;
+ for(i = 0; i < num_fd; i += 1)
+ {
+ sockfd = SD_LISTEN_FDS_START + i;
+ if (sd_is_socket(sockfd, AF_INET, SOCK_STREAM, 1) == 1)
+ {
+ /* correct socket */
+ logg("#TCP: Received AF_INET SOCK_STREAM socket from systemd.\n");
+ break;
+ }
+ else if (sd_is_socket(sockfd, AF_INET6, SOCK_STREAM, 1) == 1)
+ {
+ /* correct socket */
+ logg("#TCP: Received AF_INET6 SOCK_STREAM socket from systemd.\n");
+ break;
+ }
+ else
+ {
+ /* wrong socket */
+ sockfd = -2;
+ }
+ }
+ if (sockfd == -2)
+ {
+ logg("#TCP: No tcp AF_INET/AF_INET6 SOCK_STREAM socket received from systemd.\n");
+ return -2;
+ }
+
+ t = realloc(sockets, sizeof(int) * (*nlsockets + 1));
+ if (!(t)) {
+ return -1;
+ }
+ sockets = t;
+
+ sockets[*nlsockets] = sockfd;
+ (*nlsockets)++;
+ *lsockets = sockets;
+ return 0;
+ }
+
+ /* create socket */
snprintf(port, sizeof(port), "%lld", optget(opts, "TCPSocket")->numarg);
memset(&hints, 0x00, sizeof(struct addrinfo));
diff --git a/configure.ac b/configure.ac
index 41043753fc92..02caad29410a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -86,6 +86,7 @@ AM_MAINTAINER_MODE
m4_include([m4/reorganization/libs/libz.m4])
m4_include([m4/reorganization/libs/bzip.m4])
m4_include([m4/reorganization/libs/unrar.m4])
+m4_include([m4/reorganization/libs/systemd.m4])
m4_include([m4/reorganization/code_checks/ipv6.m4])
m4_include([m4/reorganization/code_checks/dns.m4])
m4_include([m4/reorganization/code_checks/fanotify.m4])
@@ -137,9 +138,11 @@ clamscan/Makefile
database/Makefile
docs/Makefile
clamd/Makefile
+clamd/clamav-daemon.service
clamdscan/Makefile
clamsubmit/Makefile
clamav-milter/Makefile
+freshclam/clamav-freshclam.service
freshclam/Makefile
sigtool/Makefile
clamconf/Makefile
diff --git a/freshclam/Makefile.am b/freshclam/Makefile.am
index 58fc17471c35..051bf3380e98 100644
--- a/freshclam/Makefile.am
+++ b/freshclam/Makefile.am
@@ -49,6 +49,10 @@ freshclam_SOURCES = \
mirman.c \
mirman.h
+if INSTALL_SYSTEMD_UNITS
+systemdsystemunit_DATA = clamav-freshclam.service
+endif
+
AM_CFLAGS=@WERR_CFLAGS@
DEFS = @DEFS@ -DCL_NOTHREADS
AM_CPPFLAGS = @SSL_CPPFLAGS@ -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav @FRESHCLAM_CPPFLAGS@ @JSON_CPPFLAGS@
diff --git a/freshclam/clamav-freshclam.service.in b/freshclam/clamav-freshclam.service.in
new file mode 100644
index 000000000000..f717cd642106
--- /dev/null
+++ b/freshclam/clamav-freshclam.service.in
@@ -0,0 +1,12 @@
+[Unit]
+Description=ClamAV virus database updater
+Documentation=man:freshclam(1) man:freshclam.conf(5) http://www.clamav.net/lang/en/doc/
+# If user wants it run from cron, don't start the daemon.
+ConditionPathExists=!/etc/cron.d/clamav-freshclam
+
+[Service]
+ExecStart=@prefix@/bin/freshclam -d --foreground=true
+StandardOutput=syslog
+
+[Install]
+WantedBy=multi-user.target
diff --git a/freshclam/freshclam.c b/freshclam/freshclam.c
index 166586bf6447..f170613877c4 100644
--- a/freshclam/freshclam.c
+++ b/freshclam/freshclam.c
@@ -64,7 +64,7 @@
static short terminate = 0;
extern int active_children;
-static short foreground = 1;
+static short foreground = -1;
char updtmpdir[512], dbdir[512];
int sigchld_wait = 1;
const char *pidfile = NULL;
@@ -117,7 +117,7 @@ sighandler (int sig)
if (pidfile)
unlink (pidfile);
logg ("Update process terminated\n");
- exit (2);
+ exit (0);
}
return;
@@ -322,6 +322,26 @@ main (int argc, char **argv)
return 0;
}
+ /* check foreground option from command line to override config file */
+ int j;
+ for(j = 0; j < argc; j += 1)
+ {
+ if ((memcmp(argv[j], "--foreground", 12) == 0) || (memcmp(argv[j], "-F", 2) == 0))
+ {
+ /* found */
+ break;
+ }
+ }
+
+ if (j < argc) {
+ if(optget(opts, "Foreground")->enabled) {
+ foreground = 1;
+ }
+ else {
+ foreground = 0;
+ }
+ }
+
/* parse the config file */
cfgfile = optget (opts, "config-file")->strarg;
pt = strdup (cfgfile);
@@ -638,7 +658,19 @@ main (int argc, char **argv)
bigsleep = 24 * 3600 / checks;
#ifndef _WIN32
- if (!optget (opts, "Foreground")->enabled)
+ /* fork into background */
+ if (foreground == -1)
+ {
+ if (optget(opts, "Foreground")->enabled)
+ {
+ foreground = 1;
+ }
+ else
+ {
+ foreground = 0;
+ }
+ }
+ if(foreground == 0)
{
if (daemonize () == -1)
{
@@ -646,7 +678,6 @@ main (int argc, char **argv)
optfree (opts);
return FCE_FAILEDUPDATE;
}
- foreground = 0;
mprintf_disabled = 1;
}
#endif
diff --git a/m4/reorganization/libs/systemd.m4 b/m4/reorganization/libs/systemd.m4
new file mode 100644
index 000000000000..cac5d4272fda
--- /dev/null
+++ b/m4/reorganization/libs/systemd.m4
@@ -0,0 +1,18 @@
+dnl Check for systemd-daemon
+PKG_CHECK_MODULES(SYSTEMD, [libsystemd-daemon], [AC_DEFINE([HAVE_SYSTEMD],,[systemd-daemon is supported])], [AC_MSG_RESULT([systemd-daemon is not supported])])
+CLAMD_LIBS="$CLAMD_LIBS $SYSTEMD_LIBS"
+CFLAGS="$CFLAGS $SYSTEMD_CFLAGS"
+
+dnl Check for systemd system unit installation directory (see man 7 daemon)
+AC_ARG_WITH([systemdsystemunitdir], AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),, [with_systemdsystemunitdir=auto])
+AS_IF([test "x$with_systemdsystemunitdir" = "xyes" -o "x$with_systemdsystemunitdir" = "xauto"], [
+ def_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)
+ AS_IF([test "x$def_systemdsystemunitdir" = "x"],
+ [AS_IF([test "x$with_systemdsystemunitdir" = "xyes"], [AC_MSG_ERROR([systemd support requested but pkg-config unable to query systemd package])])
+ with_systemdsystemunitdir=no],
+ [with_systemdsystemunitdir=$def_systemdsystemunitdir])])
+AS_IF([test "x$with_systemdsystemunitdir" != "xno"],
+ [AC_SUBST([systemdsystemunitdir], [$with_systemdsystemunitdir])])
+AM_CONDITIONAL(INSTALL_SYSTEMD_UNITS, [test "x$with_systemdsystemunitdir" != "xno"])
+AC_MSG_RESULT([checking for systemd system unit installation directory... $with_systemdsystemunitdir])
+
diff --git a/shared/misc.h b/shared/misc.h
index 7f3a9f962d0d..3e093936caa1 100644
--- a/shared/misc.h
+++ b/shared/misc.h
@@ -37,6 +37,14 @@
# endif
#endif
+#ifdef HAVE_SYSTEMD
+# include <systemd/sd-daemon.h>
+#else
+# define sd_listen_fds(u) 0
+# define SD_LISTEN_FDS_START 3
+# define sd_is_socket(f, a, s, l) 1
+#endif
+
#include <limits.h>
#ifndef PATH_MAX
diff --git a/shared/optparser.c b/shared/optparser.c
index 63c88550d5b8..b61ec832a32f 100644
--- a/shared/optparser.c
+++ b/shared/optparser.c
@@ -272,7 +272,7 @@ const struct clam_option __clam_options[] = {
{ "AllowAllMatchScan", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 1, NULL, 0, OPT_CLAMD, "Permit use of the ALLMATCHSCAN command.", "yes" },
- { "Foreground", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_MILTER, "Don't fork into background.", "no" },
+ { "Foreground", "foreground", 'F', CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_MILTER, "Don't fork into background.", "no" },
{ "Debug", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM, "Enable debug messages in libclamav.", "no" },
recipes-security/clamav/clamav-0.98.5/0009-fix-ssize_t-size_t-off_t-printf-modifier.patch
-478
View File
@@ -1,478 +0,0 @@
From 26516ebe7ae678be78e748bc973835844e369f72 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Sun, 17 Aug 2014 21:24:03 +0200
Subject: fix ssize_t/size_t/off_t printf modifier
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This fixes a segfault on ARM, Sparc, … if 64bit off_t is used. Once LFS
is enabled then off_t becomes 64bit and there is no portable way to express
it except to cast the variable to signed long long. However with LFS
enabled we can spare that cast.
The 32bit Architectures may explode here because the earlier 64bit off_t
consumes two argument slots and the filename (on which glibc uses
strlen()) becomes invalid.
In brief:
ssize_t -> %zd
size_t -> %zu
off_t -> %llu (with LFS enabled)
https://bugzilla.clamav.net/show_bug.cgi?id=11092
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
---
clamd/clamd.c | 2 +-
clamd/server-th.c | 3 ++-
libclamav/adc.c | 5 +++--
libclamav/asn1.c | 3 ++-
libclamav/bytecode.c | 4 ++--
libclamav/bytecode_api.c | 2 +-
libclamav/hashtab.c | 32 +++++++++++++++++++++-----------
libclamav/jsparse/js-norm.c | 6 ++++--
libclamav/matcher.c | 6 ++++--
libclamav/pdf.c | 29 +++++++++++++++++++----------
libclamav/regex_list.c | 5 ++++-
libclamav/scanners.c | 5 +++--
shared/misc.h | 4 ++++
shared/output.c | 3 ++-
sigtool/sigtool.c | 3 ++-
15 files changed, 74 insertions(+), 38 deletions(-)
diff --git a/clamd/clamd.c b/clamd/clamd.c
index ec15eacc8c25..8c87e1bb9a87 100644
--- a/clamd/clamd.c
+++ b/clamd/clamd.c
@@ -355,7 +355,7 @@ int main(int argc, char **argv)
if(logg_size)
- logg("#Log file size limited to %u bytes.\n", logg_size);
+ logg("#Log file size limited to %" PRId64 "bytes.\n", logg_size);
else
logg("#Log file size limit disabled.\n");
diff --git a/clamd/server-th.c b/clamd/server-th.c
index 5c12811b662b..84086f39fbfb 100644
--- a/clamd/server-th.c
+++ b/clamd/server-th.c
@@ -689,7 +689,8 @@ static int handle_stream(client_conn_t *conn, struct fd_buf *buf, const struct o
logg("!INSTREAM: Can't write to temporary file.\n");
*error = 1;
}
- logg("$Processed %lu bytes of chunkdata, pos %lu\n", cmdlen, pos);
+ logg("$Processed %" _sizet " bytes of chunkdata, pos %" _sizet "\n",
+ cmdlen, pos);
pos += cmdlen;
if (pos == buf->off) {
buf->off = 0;
diff --git a/libclamav/adc.c b/libclamav/adc.c
index 6ad00ea96571..684335f1bfb5 100644
--- a/libclamav/adc.c
+++ b/libclamav/adc.c
@@ -28,6 +28,7 @@
#include <string.h>
#endif
+#include "shared/misc.h"
#include "clamav.h"
#include "cltypes.h"
#include "others.h"
@@ -86,8 +87,8 @@ int adc_decompress(adc_stream *strm)
return ADC_DATA_ERROR;
}
- cli_dbgmsg("adc_decompress: avail_in %lu avail_out %lu state %u\n", strm->avail_in, strm->avail_out, strm->state);
-
+ cli_dbgmsg("adc_decompress: avail_in %" _sizet " avail_out %" _sizet " state %u\n",
+ strm->avail_in, strm->avail_out, strm->state);
while (strm->avail_out) {
/* Exit if needs more in bytes and none available */
int needsInput;
diff --git a/libclamav/asn1.c b/libclamav/asn1.c
index c6cf0dd00c50..e6f55642640d 100644
--- a/libclamav/asn1.c
+++ b/libclamav/asn1.c
@@ -24,6 +24,7 @@
#include <time.h>
+#include "shared/misc.h"
#include "clamav.h"
#include "asn1.h"
#include "bignum.h"
@@ -1481,7 +1482,7 @@ int asn1_check_mscat(struct cl_engine *engine, fmap_t *map, size_t offset, unsig
if (engine->dconf->pe & PE_CONF_DISABLECERT)
return CL_VIRUS;
- cli_dbgmsg("in asn1_check_mscat (offset: %lu)\n", offset);
+ cli_dbgmsg("in asn1_check_mscat (offset: %" _sizet ")\n", offset);
crtmgr_init(&certs);
if(crtmgr_add_roots(engine, &certs)) {
crtmgr_free(&certs);
diff --git a/libclamav/bytecode.c b/libclamav/bytecode.c
index 28d2d716f93b..b34f818fdaba 100644
--- a/libclamav/bytecode.c
+++ b/libclamav/bytecode.c
@@ -1489,8 +1489,8 @@ void cli_sigperf_print()
cli_infomsg (NULL, "%-*s %*s %*s %*s %*s\n", max_name_len, "=============",
8, "=====", 8, "========", 12, "===========", 9, "=========");
while (elem->run_count) {
- cli_infomsg (NULL, "%-*s %*lu %*lu %*llu %*.2f\n", max_name_len, elem->bc_name,
- 8, elem->run_count, 8, elem->match_count,
+ cli_infomsg (NULL, "%-*s %*lu %*lu %*" PRIu64 " %*.2f\n", max_name_len,
+ elem->bc_name, 8, elem->run_count, 8, elem->match_count,
12, elem->usecs, 9, (double)elem->usecs/elem->run_count);
elem++;
}
diff --git a/libclamav/bytecode_api.c b/libclamav/bytecode_api.c
index 5bded4ebaca0..72a9393183a2 100644
--- a/libclamav/bytecode_api.c
+++ b/libclamav/bytecode_api.c
@@ -122,7 +122,7 @@ int32_t cli_bcapi_seek(struct cli_bc_ctx* ctx, int32_t pos, uint32_t whence)
return -1;
}
if (off < 0 || off > ctx->file_size) {
- cli_dbgmsg("bcapi_seek: out of file: %ld (max %d)\n",
+ cli_dbgmsg("bcapi_seek: out of file: %" PRId64 " (max %d)\n",
off, ctx->file_size);
return -1;
}
diff --git a/libclamav/hashtab.c b/libclamav/hashtab.c
index 88e81ba2c2ef..cafce3ac8927 100644
--- a/libclamav/hashtab.c
+++ b/libclamav/hashtab.c
@@ -25,6 +25,7 @@
#include <stdio.h>
#include <string.h>
+#include "shared/misc.h"
#include "cltypes.h"
#include "clamav.h"
#include "others.h"
@@ -329,9 +330,10 @@ static int cli_hashtab_grow(struct cli_hashtable *s)
struct cli_element* htable;
size_t i,idx, used = 0;
- cli_dbgmsg("hashtab.c: new capacity: %lu\n",new_capacity);
+ cli_dbgmsg("hashtab.c: new capacity: %" _sizet "\n",new_capacity);
if(new_capacity == s->capacity) {
- cli_errmsg("hashtab.c: capacity problem growing from: %lu\n",s->capacity);
+ cli_errmsg("hashtab.c: capacity problem growing from: %" _sizet
+ "\n", s->capacity);
return CL_EMEM;
}
htable = cli_calloc(new_capacity, sizeof(*s->htable));
@@ -372,7 +374,7 @@ static int cli_hashtab_grow(struct cli_hashtable *s)
s->used = used;
s->capacity = new_capacity;
s->maxfill = new_capacity*8/10;
- cli_dbgmsg("Table %p size after grow:%ld\n",(void*)s,s->capacity);
+ cli_dbgmsg("Table %p size after grow: %" _sizet "\n", s, s->capacity);
PROFILE_GROW_DONE(s);
return CL_SUCCESS;
}
@@ -386,7 +388,7 @@ static int cli_htu32_grow(struct cli_htu32 *s, mpool_t *mempool)
const size_t new_capacity = nearest_power(s->capacity + 1);
struct cli_htu32_element* htable = mpool_calloc(mempool, new_capacity, sizeof(*s->htable));
size_t i,idx, used = 0;
- cli_dbgmsg("hashtab.c: new capacity: %lu\n",new_capacity);
+ cli_dbgmsg("hashtab.c: new capacity: %" _sizet "\n", new_capacity);
if(new_capacity == s->capacity || !htable)
return CL_EMEM;
@@ -422,7 +424,7 @@ static int cli_htu32_grow(struct cli_htu32 *s, mpool_t *mempool)
s->used = used;
s->capacity = new_capacity;
s->maxfill = new_capacity*8/10;
- cli_dbgmsg("Table %p size after grow:%ld\n",(void*)s,s->capacity);
+ cli_dbgmsg("Table %p size after grow: %" _sizet "\n", s, s->capacity);
PROFILE_GROW_DONE(s);
return CL_SUCCESS;
}
@@ -437,7 +439,9 @@ const struct cli_element* cli_hashtab_insert(struct cli_hashtable *s, const char
if(!s)
return NULL;
if(s->used > s->maxfill) {
- cli_dbgmsg("hashtab.c:Growing hashtable %p, because it has exceeded maxfill, old size:%ld\n",(void*)s,s->capacity);
+ cli_dbgmsg("hashtab.c:Growing hashtable %p, because it has "
+ "exceeded maxfill, old size: %" _sizet "\n", s,
+ s->capacity);
cli_hashtab_grow(s);
}
do {
@@ -486,7 +490,8 @@ const struct cli_element* cli_hashtab_insert(struct cli_hashtable *s, const char
} while (tries <= s->capacity);
/* no free place found*/
PROFILE_HASH_EXHAUSTED(s);
- cli_dbgmsg("hashtab.c: Growing hashtable %p, because its full, old size:%ld.\n",(void*)s,s->capacity);
+ cli_dbgmsg("hashtab.c: Growing hashtable %p, because its full, "
+ "old size: %" _sizet ".\n", s, s->capacity);
} while( cli_hashtab_grow(s) >= 0 );
cli_warnmsg("hashtab.c: Unable to grow hashtable\n");
return NULL;
@@ -504,7 +509,9 @@ int cli_htu32_insert(struct cli_htu32 *s, const struct cli_htu32_element *item,
if(!s)
return CL_ENULLARG;
if(s->used > s->maxfill) {
- cli_dbgmsg("hashtab.c:Growing hashtable %p, because it has exceeded maxfill, old size:%ld\n",(void*)s,s->capacity);
+ cli_dbgmsg("hashtab.c:Growing hashtable %p, because it has "
+ "exceeded maxfill, old size: %" _sizet "\n", s,
+ s->capacity);
cli_htu32_grow(s, mempool);
}
do {
@@ -543,7 +550,8 @@ int cli_htu32_insert(struct cli_htu32 *s, const struct cli_htu32_element *item,
} while (tries <= s->capacity);
/* no free place found*/
PROFILE_HASH_EXHAUSTED(s);
- cli_dbgmsg("hashtab.c: Growing hashtable %p, because its full, old size:%ld.\n",(void*)s,s->capacity);
+ cli_dbgmsg("hashtab.c: Growing hashtable %p, because its full, "
+ "old size: %" _sizet ".\n", s, s->capacity);
} while( (ret = cli_htu32_grow(s, mempool)) >= 0 );
cli_warnmsg("hashtab.c: Unable to grow hashtable\n");
return ret;
@@ -632,11 +640,13 @@ int cli_hashtab_generate_c(const struct cli_hashtable *s,const char* name)
else if(e->key == DELETED_KEY)
printf("\t{DELETED_KEY,0,0},\n");
else
- printf("\t{\"%s\", %ld, %ld},\n", e->key, e->data, e->len);
+ printf("\t{\"%s\", %ld, %" _sizet"},\n", e->key,
+ e->data, e->len);
}
printf("};\n");
printf("const struct cli_hashtable %s = {\n",name);
- printf("\t%s_elements, %ld, %ld, %ld", name, s->capacity, s->used, s->maxfill);
+ printf("\t%s_elements, %" _sizet ", %" _sizet" , %" _sizet, name,
+ s->capacity, s->used, s->maxfill);
printf("\n};\n");
PROFILE_REPORT(s);
diff --git a/libclamav/jsparse/js-norm.c b/libclamav/jsparse/js-norm.c
index 85eba72c2e87..9a56aa34856f 100644
--- a/libclamav/jsparse/js-norm.c
+++ b/libclamav/jsparse/js-norm.c
@@ -34,6 +34,7 @@
#include <ctype.h>
#include <assert.h>
+#include "shared/misc.h"
#include "clamav.h"
#include "cltypes.h"
#include "jsparse/lexglobal.h"
@@ -525,7 +526,8 @@ static int replace_token_range(struct tokens *dst, size_t start, size_t end, con
{
const size_t len = with ? with->cnt : 0;
size_t i;
- cli_dbgmsg(MODULE "Replacing tokens %lu - %lu with %lu tokens\n",start, end, len);
+ cli_dbgmsg(MODULE "Replacing tokens %" _sizet " - %" _sizet " with %"
+ _sizet " tokens\n", start, end, len);
if(start >= dst->cnt || end > dst->cnt)
return -1;
for(i=start;i<end;i++) {
@@ -547,7 +549,7 @@ static int append_tokens(struct tokens *dst, const struct tokens *src)
return CL_ENULLARG;
if(tokens_ensure_capacity(dst, dst->cnt + src->cnt))
return CL_EMEM;
- cli_dbgmsg(MODULE "Appending %lu tokens\n", src->cnt);
+ cli_dbgmsg(MODULE "Appending %" _sizet " tokens\n", src->cnt);
memcpy(&dst->data[dst->cnt], src->data, src->cnt * sizeof(dst->data[0]));
dst->cnt += src->cnt;
return CL_SUCCESS;
diff --git a/libclamav/matcher.c b/libclamav/matcher.c
index 3f4f5c1659d5..e684f7122e26 100644
--- a/libclamav/matcher.c
+++ b/libclamav/matcher.c
@@ -52,6 +52,7 @@
#include "perflogging.h"
#include "bytecode_priv.h"
#include "bytecode_api_impl.h"
+#include "shared/misc.h"
#ifdef CLI_PERF_LOGGING
@@ -1069,8 +1070,9 @@ int cli_matchmeta(cli_ctx *ctx, const char *fname, size_t fsizec, size_t fsizer,
const struct cli_cdb *cdb;
unsigned int viruses_found = 0;
- cli_dbgmsg("CDBNAME:%s:%lu:%s:%lu:%lu:%d:%u:%u:%p\n",
- cli_ftname(ctx->container_type), fsizec, fname, fsizec, fsizer, encrypted, filepos, res1, res2);
+ cli_dbgmsg("CDBNAME:%s:%" _sizet ":%s:%" _sizet ":%" _sizet ":%d:%u:%u:%p\n",
+ cli_ftname(ctx->container_type), fsizec, fname, fsizec, fsizer,
+ encrypted, filepos, res1, res2);
if (ctx->engine && ctx->engine->cb_meta)
if (ctx->engine->cb_meta(cli_ftname(ctx->container_type), fsizec, fname, fsizer, encrypted, filepos, ctx->cb_ctx) == CL_VIRUS) {
diff --git a/libclamav/pdf.c b/libclamav/pdf.c
index 2e469c1e5d56..2de348e7c3fd 100644
--- a/libclamav/pdf.c
+++ b/libclamav/pdf.c
@@ -60,6 +60,7 @@
#include "rijndael.h"
#include "textnorm.h"
#include "json_api.h"
+#include "shared/misc.h"
#ifdef CL_DEBUG
/*#define SAVE_TMP
@@ -1019,10 +1020,12 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)
orig_length = length;
if (length > pdf->size || obj->start + p_stream + length > pdf->size) {
- cli_dbgmsg("cli_pdf: length out of file: %ld + %ld > %ld\n",
- p_stream, length, pdf->size);
- noisy_warnmsg("length out of file, truncated: %ld + %ld > %ld\n",
- p_stream, length, pdf->size);
+ cli_dbgmsg("cli_pdf: length out of file: %" PRId64 " + %"
+ PRId64 " > % " PRId64 "\n", p_stream,
+ length, pdf->size);
+ noisy_warnmsg("length out of file, truncated: %" PRId64
+ " + %" PRId64 " > %" PRId64 "\n",
+ p_stream, length, pdf->size);
length = pdf->size - (obj->start + p_stream);
}
@@ -1044,17 +1047,21 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)
if (length < 0)
length = 0;
- cli_dbgmsg("cli_pdf: calculated length %ld\n", length);
+ cli_dbgmsg("cli_pdf: calculated length %" PRId64 "\n",
+ length);
} else {
if (size > (size_t)length+2) {
- cli_dbgmsg("cli_pdf: calculated length %ld < %ld\n",
+ cli_dbgmsg("cli_pdf: calculated length %" PRId64 " < %"
+ _ssizet "\n",
length, size);
length = size;
}
}
if (orig_length && size > (size_t)orig_length + 20) {
- cli_dbgmsg("cli_pdf: orig length: %ld, length: %ld, size: %ld\n", orig_length, length, size);
+ cli_dbgmsg("cli_pdf: orig length: %" PRId64 ", length: %"
+ PRId64", size: %" _ssizet "\n", orig_length,
+ length, size);
pdfobj_flag(pdf, obj, BAD_STREAMLEN);
}
@@ -1240,7 +1247,7 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)
}
} while (0);
- cli_dbgmsg("cli_pdf: extracted %ld bytes %u %u obj to %s\n", sum, obj->id>>8, obj->id&0xff, fullname);
+ cli_dbgmsg("cli_pdf: extracted %" PRId64 " bytes %u %u obj to %p\n", sum, obj->id>>8, obj->id&0xff, fullname);
if (flags & PDF_EXTRACT_OBJ_SCAN && sum) {
int rc2;
@@ -2493,7 +2500,8 @@ int cli_pdf(const char *dir, cli_ctx *ctx, off_t offset)
if (pdfver != start || offset) {
pdf.flags |= 1 << BAD_PDF_HEADERPOS;
- cli_dbgmsg("cli_pdf: PDF header is not at position 0: %ld\n",pdfver-start+offset);
+ cli_dbgmsg("cli_pdf: PDF header is not at position 0: %" PRId64 "\n",
+ pdfver - start + offset);
#if HAVE_JSON
if (pdfobj)
cli_jsonbool(pdfobj, "BadVersionLocation", 1);
@@ -2602,7 +2610,8 @@ int cli_pdf(const char *dir, cli_ctx *ctx, off_t offset)
while ((rc = pdf_findobj(&pdf)) > 0) {
struct pdf_obj *obj = &pdf.objs[pdf.nobjs-1];
- cli_dbgmsg("cli_pdf: found %d %d obj @%ld\n", obj->id >> 8, obj->id&0xff, obj->start + offset);
+ cli_dbgmsg("cli_pdf: found %d %d obj @%" PRId64 "\n", obj->id >> 8,
+ obj->id & 0xff, obj->start + offset);
}
if (pdf.nobjs)
diff --git a/libclamav/regex_list.c b/libclamav/regex_list.c
index f30cc4cd4349..4b27c2974fb6 100644
--- a/libclamav/regex_list.c
+++ b/libclamav/regex_list.c
@@ -41,6 +41,7 @@
#include <assert.h>
#include "regex/regex.h"
+#include "shared/misc.h"
#include "clamav.h"
#include "others.h"
@@ -84,7 +85,9 @@ static inline size_t get_char_at_pos_with_skip(const struct pre_fixup_info* info
return (pos <= strlen(buffer)) ? buffer[pos>0 ? pos-1:0] : '\0';
}
str = info->pre_displayLink.data;
- cli_dbgmsg("calc_pos_with_skip: skip:%lu, %lu - %lu \"%s\",\"%s\"\n", pos, info->host_start, info->host_end, str, buffer);
+ cli_dbgmsg("calc_pos_with_skip: skip: %" _sizet ", %" _sizet " - %"
+ _sizet " \"%s\",\"%s\"\n", pos, info->host_start,
+ info->host_end, str, buffer);
pos += info->host_start;
while(str[realpos] && !isalnum(str[realpos])) realpos++;
for(; str[realpos] && (pos>0); pos--) {
diff --git a/libclamav/scanners.c b/libclamav/scanners.c
index 07a38eedc7a5..49cd70a18d9e 100644
--- a/libclamav/scanners.c
+++ b/libclamav/scanners.c
@@ -49,6 +49,7 @@
#define DCONF_MAIL ctx->dconf->mail
#define DCONF_OTHER ctx->dconf->other
+#include "shared/misc.h"
#include "clamav.h"
#include "others.h"
#include "dconf.h"
@@ -3171,8 +3172,8 @@ int cli_map_scandesc(cl_fmap_t *map, off_t offset, size_t length, cli_ctx *ctx,
if (!length) length = old_len - offset;
if (length > old_len - offset) {
- cli_dbgmsg("Data truncated: %lu -> %lu\n",
- (unsigned long)length, old_len - offset);
+ cli_dbgmsg("Data truncated: %" _sizet" -> %" PRIu64" \n", length,
+ old_len - offset);
length = old_len - offset;
}
diff --git a/shared/misc.h b/shared/misc.h
index 3e093936caa1..65f8c9ce0382 100644
--- a/shared/misc.h
+++ b/shared/misc.h
@@ -51,6 +51,10 @@
#define PATH_MAX 1024
#endif
+#include <inttypes.h>
+#define _sizet "zu"
+#define _ssizet "zd"
+
char *freshdbdir(void);
void print_version(const char *dbdir);
int check_flevel(void);
diff --git a/shared/output.c b/shared/output.c
index 5e947a57a6f9..ab054a8bbeee 100644
--- a/shared/output.c
+++ b/shared/output.c
@@ -214,7 +214,8 @@ static int rename_logg(STATBUF *sb)
if (!logg_rotate) {
if (logg_fp) {
- fprintf(logg_fp, "Log size = %zu, max = %zu\n", sb->st_size, logg_size);
+ fprintf(logg_fp, "Log size = %" PRId64 ", max = %" PRId64 "\n",
+ sb->st_size, logg_size);
fprintf(logg_fp, "WARNING: Log size limit met but log file rotation turned off. Forcing log file rotation anyways.\n");
}
diff --git a/sigtool/sigtool.c b/sigtool/sigtool.c
index f2135c210e02..d67e662cfea1 100644
--- a/sigtool/sigtool.c
+++ b/sigtool/sigtool.c
@@ -373,7 +373,8 @@ static char *getdsig(const char *host, const char *user, const unsigned char *da
closesocket(sockd);
return NULL;
} else {
- mprintf("Signature received (length = %lu)\n", (unsigned long)strlen(buff) - 10);
+ mprintf("Signature received (length = %" _sizet ")\n",
+ (unsigned long)strlen(buff) - 10);
}
} else {
mprintf("!getdsig: Communication error with remote server\n");
recipes-security/clamav/clamav-0.98.5/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
-26
View File
@@ -1,26 +0,0 @@
From 86ebd6e3f8fa60d0bdbed10eb10c5a7699b821e4 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date: Mon, 25 Aug 2014 22:54:37 +0200
Subject: hardcode LLVM linker flag, because llvm-config returns only flags for
linking statically
this reduces the size of libclamav by more than 80 percent
---
libclamav/c++/configure.ac | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libclamav/c++/configure.ac b/libclamav/c++/configure.ac
index a6697ddd8e82..3c7c7e26fbf8 100644
--- a/libclamav/c++/configure.ac
+++ b/libclamav/c++/configure.ac
@@ -121,8 +121,8 @@ if test "x$llvmconfig" != "x"; then
else
AC_SUBST(LLVMCONFIG_LDFLAGS, [`$llvmconfig --ldflags`])
fi
- AC_SUBST(LLVMCONFIG_LIBS, [`$llvmconfig --libs jit nativecodegen scalaropts ipo`])
- AC_SUBST(LLVMCONFIG_LIBFILES, [`$llvmconfig --libfiles jit nativecodegen scalaropts ipo`])
+ AC_SUBST(LLVMCONFIG_LIBS, [-lLLVM-$llvmver])
+ AC_SUBST(LLVMCONFIG_LIBFILES, [])
AC_MSG_NOTICE([CXXFLAGS from llvm-config: $LLVMCONFIG_CXXFLAGS])
AC_MSG_NOTICE([LDFLAGS from llvm-config: $LLVMCONFIG_LDFLAGS])
AC_MSG_NOTICE([LIBS from llvm-config: $LLVMCONFIG_LIBS])
recipes-security/clamav/clamav-0.98.5/0011-Add-libmspack-library-from-upstream-without-unnecess.patch
-56090
View File
File diff suppressed because it is too large Load Diff
recipes-security/clamav/clamav-0.98.5/0012-allow-to-use-internal-libmspack-if-the-external-is-n.patch
-106
View File
@@ -1,106 +0,0 @@
From 2bb998ed68841356499fe5c5cde875e87563572c Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Wed, 30 Jul 2014 21:59:17 +0200
Subject: allow to use internal libmspack if the external is not available
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
---
configure.ac | 16 ++++++++++++++--
libclamav/Makefile.am | 30 +++++++++++++++++++++++++++++-
2 files changed, 43 insertions(+), 3 deletions(-)
diff --git a/configure.ac b/configure.ac
index 02caad29410a..5abe018a00b0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -131,6 +131,18 @@ m4_include([m4/reorganization/libs/curl.m4])
m4_include([m4/reorganization/substitutions.m4])
+PKG_CHECK_MODULES([LIBMSPACK], [libmspack],
+ use_internal_mspack=no, use_internal_mspack=yes)
+
+AM_CONDITIONAL([USE_INTERNAL_MSPACK], test "x$use_internal_mspack" = "xyes")
+
+if test "x$use_internal_mspack" = "xyes"; then
+ mspack_msg="Internal"
+ AC_CONFIG_SUBDIRS([libclamav/libmspack-0.4alpha])
+else
+ mspack_msg="External, $LIBMSPACK_CFLAGS $LIBMSPACK_LIBS"
+fi
+
AM_CONDITIONAL([ENABLE_CLAMSUBMIT], [test "$have_curl" = "yes"])
AC_CONFIG_FILES([
@@ -178,8 +190,6 @@ fi
AM_CONDITIONAL([ENABLE_LLVM],
[test "$subdirfailed" != "yes" && test "$enable_llvm" != "no"])
-PKG_CHECK_MODULES([LIBMSPACK], [libmspack])
-
no_recursion="yes";
AC_OUTPUT([libclamav/Makefile])
@@ -236,6 +246,8 @@ if test "x$PCRE_HOME" = "x"; then
else
CL_MSG_STATUS([pcre ],[$PCRE_HOME],[$have_pcre])
fi
+CL_MSG_STATUS([preclass ],[$LIBJSON_HOME],[$have_json])
+CL_MSG_STATUS([libmspack ],[yes],[$mspack_msg])
if test "x$XML_LIBS" = "x"; then
CL_MSG_STATUS([dmg and xar ],[no],[])
else
diff --git a/libclamav/Makefile.am b/libclamav/Makefile.am
index 538e83dcdd03..6d2cf920d6e2 100644
--- a/libclamav/Makefile.am
+++ b/libclamav/Makefile.am
@@ -122,11 +122,12 @@ libclamav_internal_utils_nothreads_la_SOURCES=str.c\
libclamav_internal_utils_nothreads_la_LDFLAGS=-static @SSL_LDFLAGS@ @JSON_LDFLAGS@
libclamav_internal_utils_nothreads_la_CFLAGS=$(AM_CFLAGS) -DCL_NOTHREADS @SSL_CPPFLAGS@ @JSON_CPPFLAGS@
libclamav_internal_utils_nothreads_la_LIBADD=@SSL_LIBS@ @JSON_LIBS@
+SUBDIRS=
if ENABLE_LLVM
LLVMLIBADD=c++/libclamavcxx.la -lstdc++ -lm
LLVMDEP=c++/libclamavcxx.la
-SUBDIRS=c++
+SUBDIRS+=c++
else
LLVMLIBADD=libclamav_nocxx.la
LLVMDEP=libclamav_nocxx.la
@@ -147,8 +148,35 @@ if VERSIONSCRIPT
libclamav_la_LDFLAGS += -Wl,@VERSIONSCRIPTFLAG@,@top_srcdir@/libclamav/libclamav.map
endif
+if USE_INTERNAL_MSPACK
+SUBDIRS += libmspack-0.4alpha
+libclamav_la_CFLAGS += -I@top_srcdir@/libclamav/libmspack-0.4alpha/mspack
+libclamav_la_LIBADD += @top_builddir@/libclamav/libmspack-0.4alpha/.libs/cabc.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/system.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/kwajd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/hlpc.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/chmd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/qtmd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/litc.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/oabc.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/lzxd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/litd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/crc32.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/lzssd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/kwajc.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/cabd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/szddd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/lzxc.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/mszipd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/szddc.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/oabd.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/chmc.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/mszipc.o \
+ @top_builddir@/libclamav/libmspack-0.4alpha/.libs/hlpd.o
+else
libclamav_la_CFLAGS += $(LIBMSPACK_CFLAGS)
libclamav_la_LDFLAGS += $(LIBMSPACK_LIBS)
+endif
include_HEADERS = clamav.h
recipes-security/clamav/clamav-0.98.5/0013-fix-autoreconf-with-embedded-libmspack.patch
-27
View File
@@ -1,27 +0,0 @@
From b1ab1a88f38c9d9cea2433dac33b8ecb31b3c799 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date: Mon, 22 Sep 2014 21:50:05 +0200
Subject: fix autoreconf with embedded libmspack
---
libclamav/libmspack-0.4alpha/NEWS | 1 +
libclamav/libmspack-0.4alpha/configure.ac | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/libclamav/libmspack-0.4alpha/NEWS b/libclamav/libmspack-0.4alpha/NEWS
index e69de29bb2d1..8d1c8b69c3fc 100644
--- a/libclamav/libmspack-0.4alpha/NEWS
+++ b/libclamav/libmspack-0.4alpha/NEWS
@@ -0,0 +1 @@
+
diff --git a/libclamav/libmspack-0.4alpha/configure.ac b/libclamav/libmspack-0.4alpha/configure.ac
index 55fb6ce5ee9d..1fc98577f152 100644
--- a/libclamav/libmspack-0.4alpha/configure.ac
+++ b/libclamav/libmspack-0.4alpha/configure.ac
@@ -46,5 +46,5 @@ AC_SYS_LARGEFILE
AC_FUNC_FSEEKO
# Checks for library functions.
-AC_CONFIG_FILES([Makefile doc/Makefile doc/Doxyfile libmspack.pc])
+AC_CONFIG_FILES([Makefile libmspack.pc])
AC_OUTPUT
recipes-security/clamav/clamav-0.98.5/0014-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch
-23
View File
@@ -1,23 +0,0 @@
From 573da4644d9dbcff3107c4bc3a8a346a5ba0b84d Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date: Tue, 14 Oct 2014 20:16:04 +0200
Subject: remove AC_CONFIG_SRCDIR([llvm/configure]) from
libclamav/c++/configure.ac to allow compilation without the
libclamav/c++/llvm directory
---
libclamav/c++/configure.ac | 1 -
1 file changed, 1 deletion(-)
diff --git a/libclamav/c++/configure.ac b/libclamav/c++/configure.ac
index 3c7c7e26fbf8..43e187ff1f56 100644
--- a/libclamav/c++/configure.ac
+++ b/libclamav/c++/configure.ac
@@ -16,7 +16,6 @@ dnl MA 02110-1301, USA.
AC_PREREQ([2.59])
AC_INIT([libclamavc++],[devel],[http://bugs.clamav.net])
AC_CONFIG_AUX_DIR([config])
-AC_CONFIG_SRCDIR([llvm/configure])
AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_HEADER([clamavcxx-config.h])
AC_CANONICAL_TARGET
recipes-security/clamav/clamav-0.98.5/0015-bb-10731-Allow-to-specificy-a-group-for-the-socket-o.patch
-229
View File
@@ -1,229 +0,0 @@
From 9ba0bd8840f8be4cccaf8134b65a012dffdd8ae0 Mon Sep 17 00:00:00 2001
From: Shawn Webb <swebb@sourcefire.com>
Date: Thu, 31 Jul 2014 11:50:23 -0400
Subject: bb#10731 - Allow to specificy a group for the socket of which the
user is not a member
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
---
clamav-milter/clamav-milter.c | 193 +++++++++++++++++++++---------------------
1 file changed, 98 insertions(+), 95 deletions(-)
diff --git a/clamav-milter/clamav-milter.c b/clamav-milter/clamav-milter.c
index 2c7a4d7d3414..99e7fe7fac04 100644
--- a/clamav-milter/clamav-milter.c
+++ b/clamav-milter/clamav-milter.c
@@ -116,6 +116,104 @@ int main(int argc, char **argv) {
}
}
+ if(!(my_socket = optget(opts, "MilterSocket")->strarg)) {
+ logg("!Please configure the MilterSocket directive\n");
+ logg_close();
+ optfree(opts);
+ return 1;
+ }
+
+ if(smfi_setconn(my_socket) == MI_FAILURE) {
+ logg("!smfi_setconn failed\n");
+ logg_close();
+ optfree(opts);
+ return 1;
+ }
+ if(smfi_register(descr) == MI_FAILURE) {
+ logg("!smfi_register failed\n");
+ logg_close();
+ optfree(opts);
+ return 1;
+ }
+ opt = optget(opts, "FixStaleSocket");
+ umsk = umask(0777); /* socket is created with 000 to avoid races */
+ if(smfi_opensocket(opt->enabled) == MI_FAILURE) {
+ logg("!Failed to create socket %s\n", my_socket);
+ logg_close();
+ optfree(opts);
+ return 1;
+ }
+ umask(umsk); /* restore umask */
+ if(strncmp(my_socket, "inet:", 5) && strncmp(my_socket, "inet6:", 6)) {
+ /* set group ownership and perms on the local socket */
+ char *sock_name = my_socket;
+ mode_t sock_mode;
+ if(!strncmp(my_socket, "unix:", 5))
+ sock_name += 5;
+ if(!strncmp(my_socket, "local:", 6))
+ sock_name += 6;
+ if(*my_socket == ':')
+ sock_name ++;
+
+ if(optget(opts, "MilterSocketGroup")->enabled) {
+ char *gname = optget(opts, "MilterSocketGroup")->strarg, *end;
+ gid_t sock_gid = strtol(gname, &end, 10);
+ if(*end) {
+ struct group *pgrp = getgrnam(gname);
+ if(!pgrp) {
+ logg("!Unknown group %s\n", gname);
+ logg_close();
+ optfree(opts);
+ return 1;
+ }
+ sock_gid = pgrp->gr_gid;
+ }
+ if(chown(sock_name, -1, sock_gid)) {
+ logg("!Failed to change socket ownership to group %s\n", gname);
+ logg_close();
+ optfree(opts);
+ return 1;
+ }
+ }
+
+ if ((opt = optget(opts, "User"))->enabled) {
+ struct passwd *user;
+ if ((user = getpwnam(opt->strarg)) == NULL) {
+ logg("ERROR: Can't get information about user %s.\n",
+ opt->strarg);
+ logg_close();
+ optfree(opts);
+ return 1;
+ }
+
+ if(chown(sock_name, user->pw_uid, -1)) {
+ logg("!Failed to change socket ownership to user %s\n", user->pw_name);
+ optfree(opts);
+ logg_close();
+ return 1;
+ }
+ }
+
+ if(optget(opts, "MilterSocketMode")->enabled) {
+ char *end;
+ sock_mode = strtol(optget(opts, "MilterSocketMode")->strarg, &end, 8);
+ if(*end) {
+ logg("!Invalid MilterSocketMode %s\n", optget(opts, "MilterSocketMode")->strarg);
+ logg_close();
+ optfree(opts);
+ return 1;
+ }
+ } else
+ sock_mode = 0777 & ~umsk;
+
+ if(chmod(sock_name, sock_mode & 0666)) {
+ logg("!Cannot set milter socket permission to %s\n", optget(opts, "MilterSocketMode")->strarg);
+ logg_close();
+ optfree(opts);
+ return 1;
+ }
+ }
+
if(geteuid() == 0 && (opt = optget(opts, "User"))->enabled) {
struct passwd *user = NULL;
if((user = getpwnam(opt->strarg)) == NULL) {
@@ -248,15 +346,6 @@ int main(int argc, char **argv) {
multircpt = optget(opts, "SupportMultipleRecipients")->enabled;
- if(!(my_socket = optget(opts, "MilterSocket")->strarg)) {
- logg("!Please configure the MilterSocket directive\n");
- localnets_free();
- whitelist_free();
- logg_close();
- optfree(opts);
- return 1;
- }
-
if(!optget(opts, "Foreground")->enabled) {
if(daemonize() == -1) {
logg("!daemonize() failed\n");
@@ -271,92 +360,6 @@ int main(int argc, char **argv) {
logg("^Can't change current working directory to root\n");
}
- if(smfi_setconn(my_socket) == MI_FAILURE) {
- logg("!smfi_setconn failed\n");
- localnets_free();
- whitelist_free();
- logg_close();
- optfree(opts);
- return 1;
- }
- if(smfi_register(descr) == MI_FAILURE) {
- logg("!smfi_register failed\n");
- localnets_free();
- whitelist_free();
- logg_close();
- optfree(opts);
- return 1;
- }
- opt = optget(opts, "FixStaleSocket");
- umsk = umask(0777); /* socket is created with 000 to avoid races */
- if(smfi_opensocket(opt->enabled) == MI_FAILURE) {
- logg("!Failed to create socket %s\n", my_socket);
- localnets_free();
- whitelist_free();
- logg_close();
- optfree(opts);
- return 1;
- }
- umask(umsk); /* restore umask */
- if(strncmp(my_socket, "inet:", 5) && strncmp(my_socket, "inet6:", 6)) {
- /* set group ownership and perms on the local socket */
- char *sock_name = my_socket;
- mode_t sock_mode;
- if(!strncmp(my_socket, "unix:", 5))
- sock_name += 5;
- if(!strncmp(my_socket, "local:", 6))
- sock_name += 6;
- if(*my_socket == ':')
- sock_name ++;
-
- if(optget(opts, "MilterSocketGroup")->enabled) {
- char *gname = optget(opts, "MilterSocketGroup")->strarg, *end;
- gid_t sock_gid = strtol(gname, &end, 10);
- if(*end) {
- struct group *pgrp = getgrnam(gname);
- if(!pgrp) {
- logg("!Unknown group %s\n", gname);
- localnets_free();
- whitelist_free();
- logg_close();
- optfree(opts);
- return 1;
- }
- sock_gid = pgrp->gr_gid;
- }
- if(chown(sock_name, -1, sock_gid)) {
- logg("!Failed to change socket ownership to group %s\n", gname);
- localnets_free();
- whitelist_free();
- logg_close();
- optfree(opts);
- return 1;
- }
- }
- if(optget(opts, "MilterSocketMode")->enabled) {
- char *end;
- sock_mode = strtol(optget(opts, "MilterSocketMode")->strarg, &end, 8);
- if(*end) {
- logg("!Invalid MilterSocketMode %s\n", optget(opts, "MilterSocketMode")->strarg);
- localnets_free();
- whitelist_free();
- logg_close();
- optfree(opts);
- return 1;
- }
- } else
- sock_mode = 0777 & ~umsk;
-
- if(chmod(sock_name, sock_mode & 0666)) {
- logg("!Cannot set milter socket permission to %s\n", optget(opts, "MilterSocketMode")->strarg);
- localnets_free();
- whitelist_free();
- logg_close();
- optfree(opts);
- return 1;
- }
- }
-
maxfilesize = optget(opts, "MaxFileSize")->numarg;
if(!maxfilesize) {
logg("^Invalid MaxFileSize, using default (%d)\n", CLI_DEFAULT_MAXFILESIZE);
recipes-security/clamav/clamav-0.98.5/0016-clamav-milter-add-additinal-SMFIF_-flags-before-invo.patch
-86
View File
@@ -1,86 +0,0 @@
From dbc72db36eced2d3ca7c5b7f14970528c435429e Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Sun, 26 Oct 2014 12:11:09 +0100
Subject: clamav-milter: add additinal SMFIF_* flags before invoking
smfi_register()
unfortunately after the shifting of the code (so that the socket could
be part of a group which is not part of the clamav user) I forgot (or
did not see it) to have the header flags added before the
smfi_register() was invoked. As a result the socket was working but it
was unable to add the X-Virus-Scanned & X-Virus-Status flags. This
patch fixes the issue.
https://bugzilla.clamav.net/show_bug.cgi?id=10731
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
---
clamav-milter/clamav-milter.c | 48 ++++++++++++++++++++++++-------------------
1 file changed, 27 insertions(+), 21 deletions(-)
diff --git a/clamav-milter/clamav-milter.c b/clamav-milter/clamav-milter.c
index 99e7fe7fac04..22db98ab7c5e 100644
--- a/clamav-milter/clamav-milter.c
+++ b/clamav-milter/clamav-milter.c
@@ -116,6 +116,33 @@ int main(int argc, char **argv) {
}
}
+ pt = optget(opts, "AddHeader")->strarg;
+ if (strcasecmp(pt, "No")) {
+ char myname[255];
+
+ if (((opt = optget(opts, "ReportHostname"))->enabled &&
+ strncpy(myname, opt->strarg, sizeof(myname))) ||
+ !gethostname(myname, sizeof(myname))) {
+
+ myname[sizeof(myname)-1] = '\0';
+ snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s at %s",
+ get_version(), myname);
+ } else {
+ snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s",
+ get_version());
+ }
+ xvirushdr[sizeof(xvirushdr)-1] = '\0';
+
+ descr.xxfi_flags |= SMFIF_ADDHDRS;
+
+ if (strcasecmp(pt, "Add")) { /* Replace or Yes */
+ descr.xxfi_flags |= SMFIF_CHGHDRS;
+ addxvirus = 1;
+ } else { /* Add */
+ addxvirus = 2;
+ }
+ }
+
if(!(my_socket = optget(opts, "MilterSocket")->strarg)) {
logg("!Please configure the MilterSocket directive\n");
logg_close();
@@ -323,27 +350,6 @@ int main(int argc, char **argv) {
return 1;
}
- pt = optget(opts, "AddHeader")->strarg;
- if(strcasecmp(pt, "No")) {
- char myname[255];
-
- if(((opt = optget(opts, "ReportHostname"))->enabled && strncpy(myname, opt->strarg, sizeof(myname))) || !gethostname(myname, sizeof(myname))) {
- myname[sizeof(myname)-1] = '\0';
- snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s at %s", get_version(), myname);
- } else
- snprintf(xvirushdr, sizeof(xvirushdr), "clamav-milter %s", get_version());
- xvirushdr[sizeof(xvirushdr)-1] = '\0';
-
- descr.xxfi_flags |= SMFIF_ADDHDRS;
-
- if(strcasecmp(pt, "Add")) { /* Replace or Yes */
- descr.xxfi_flags |= SMFIF_CHGHDRS;
- addxvirus = 1;
- } else { /* Add */
- addxvirus = 2;
- }
- }
-
multircpt = optget(opts, "SupportMultipleRecipients")->enabled;
if(!optget(opts, "Foreground")->enabled) {
recipes-security/clamav/clamav-0.98.5/0017-Bump-.so-version-number.patch
-22
View File
@@ -1,22 +0,0 @@
From 6569ca8a084191f9fedde16abf8fa15b6ebef4fe Mon Sep 17 00:00:00 2001
From: Shawn Webb <swebb@sourcefire.com>
Date: Wed, 19 Nov 2014 11:51:22 -0500
Subject: Bump .so version number
---
m4/reorganization/version.m4 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/m4/reorganization/version.m4 b/m4/reorganization/version.m4
index ea263b28e647..f4fe8b1e150e 100644
--- a/m4/reorganization/version.m4
+++ b/m4/reorganization/version.m4
@@ -3,7 +3,7 @@ dnl VERSION="devel-`date +%Y%m%d`"
VERSION="0.98.5"
LC_CURRENT=7
-LC_REVISION=22
+LC_REVISION=24
LC_AGE=1
LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE"
AC_SUBST([LIBCLAMAV_VERSION])
recipes-security/clamav/clamav-0.98.5/0018-llvm-don-t-use-system-libs.patch
-26
View File
@@ -1,26 +0,0 @@
From 169677f7699f78d483c84b4ab54943ea622535c8 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Wed, 19 Nov 2014 23:04:32 +0100
Subject: llvm: don't use --system-libs
this continues the saga of not linking the .a files so we don't care
about the libs llvm links against (like -ledit)
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
---
libclamav/c++/configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libclamav/c++/configure.ac b/libclamav/c++/configure.ac
index 43e187ff1f56..2d2d47b9d24c 100644
--- a/libclamav/c++/configure.ac
+++ b/libclamav/c++/configure.ac
@@ -115,7 +115,7 @@ if test "x$llvmconfig" != "x"; then
if test $llvmver_test -ge 350; then
dnl LLVM 3.5.0 and after splits linker flags into two sets
ldflags=`$llvmconfig --ldflags`
- syslibs=`$llvmconfig --system-libs`
+ syslibs=
AC_SUBST(LLVMCONFIG_LDFLAGS, ["$ldflags $syslibs"])
else
AC_SUBST(LLVMCONFIG_LDFLAGS, [`$llvmconfig --ldflags`])
recipes-security/clamav/clamav-0.98.5/clamav-0001-clamdscan.patch
-21
View File
@@ -1,21 +0,0 @@
Fixes build error
proto.c: In function 'dconnect':
proto.c:86:67: error: invalid application of 'sizeof' to incomplete type 'struct sockaddr_un'
if (connect(sockd, (struct sockaddr *)&nixsock, sizeof(nixsock)) == 0)
Patch sent upstream: http://lurker.clamav.net/message/20140928.130829.5494fd68.en.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
diff -uNr a/clamdscan/proto.c b/clamdscan/proto.c
--- a/clamdscan/proto.c 2014-05-06 20:39:56.000000000 +0200
+++ b/clamdscan/proto.c 2014-05-10 10:41:44.000000000 +0200
@@ -35,6 +35,7 @@
#include <sys/stat.h>
#include <fcntl.h>
#include <sys/types.h>
+#include <sys/un.h>
#ifdef HAVE_SYS_SELECT_H
#include <sys/select.h>
#endif
recipes-security/clamav/clamav-0.98.5/series
-18
View File
@@ -1,18 +0,0 @@
0001-Change-paths-in-sample-conf-file-to-match-Debian.patch
0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
0004-Fix-compiling-on-Hurd.patch
0005-Workaround-a-bug-in-libc-on-Hurd.patch
0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
0007-libclamav-use-libmspack.patch
0008-Add-upstream-systemd-support-for-clamav-daemon-and-c.patch
0009-fix-ssize_t-size_t-off_t-printf-modifier.patch
0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
0011-Add-libmspack-library-from-upstream-without-unnecess.patch
0012-allow-to-use-internal-libmspack-if-the-external-is-n.patch
0013-fix-autoreconf-with-embedded-libmspack.patch
0014-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch
0015-bb-10731-Allow-to-specificy-a-group-for-the-socket-o.patch
0016-clamav-milter-add-additinal-SMFIF_-flags-before-invo.patch
0017-Bump-.so-version-number.patch
0018-llvm-don-t-use-system-libs.patch
recipes-security/clamav/clamav-0.98.5/clamav-freshclam.service → recipes-security/clamav/clamav-0.99.1/clamav-freshclam.service
View File
recipes-security/clamav/clamav-0.98.5/clamav-milter.conf.sample → recipes-security/clamav/clamav-0.99.1/clamav-milter.conf.sample
View File
recipes-security/clamav/clamav-0.98.5/clamav.service → recipes-security/clamav/clamav-0.99.1/clamav.service
View File
recipes-security/clamav/clamav-0.98.5/clamd.conf → recipes-security/clamav/clamav-0.99.1/clamd.conf
View File
recipes-security/clamav/clamav-0.98.5/freshclam.conf → recipes-security/clamav/clamav-0.99.1/freshclam.conf
View File
recipes-security/clamav/clamav-0.99.1/mempool_build_fix.patch
+14
View File
@@ -0,0 +1,14 @@
Index: libclamav/readdb.c
===================================================================
--- a/libclamav/readdb.c
+++ b/libclamav/readdb.c
@@ -4163,7 +4163,9 @@ static int cli_loadpwdb(FILE *fs, struct
/* use the tdb to track filetypes and check flevels */
memset(&tdb, 0, sizeof(tdb));
+#ifdef USE_MPOOL
tdb.mempool = engine->mempool;
+#endif
ret = init_tdb(&tdb, engine, attribs, passname);
free(attribs);
if(ret != CL_SUCCESS) {
recipes-security/clamav/clamav-0.99.1/remove_rpath_chk.patch
+16
View File
@@ -0,0 +1,16 @@
Index: clamav-0.99/configure
===================================================================
--- clamav-0.99.orig/configure
+++ clamav-0.99/configure
@@ -16192,11 +16192,6 @@ $as_echo_n "checking for shared library
if ${acl_cv_rpath+:} false; then :
$as_echo_n "(cached) " >&6
else
-
- CC="$CC" GCC="$GCC" LDFLAGS="$LDFLAGS" LD="$LD" with_gnu_ld="$with_gnu_ld" \
- ${CONFIG_SHELL-/bin/sh} "$ac_aux_dir/config.rpath" "$host" > conftest.sh
- . ./conftest.sh
- rm -f ./conftest.sh
acl_cv_rpath=done
fi
recipes-security/clamav/clamav-0.99.1/rpath_rmove.patch
+44
View File
@@ -0,0 +1,44 @@
Index: clamav-0.99/configure
===================================================================
--- clamav-0.99.orig/configure
+++ clamav-0.99/configure
@@ -9266,7 +9266,7 @@ $as_echo_n "checking whether the $compil
# are reset later if shared libraries are not supported. Putting them
# here allows them to be overridden if necessary.
runpath_var=LD_RUN_PATH
- hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_flag_spec='${wl}-rpath $libdir'
export_dynamic_flag_spec='${wl}--export-dynamic'
# ancient GNU ld didn't support --whole-archive et. al.
if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
@@ -9502,7 +9502,7 @@ _LT_EOF
# DT_RUNPATH tag from executables and libraries. But doing so
# requires that you compile everything twice, which is a pain.
if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
- hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_flag_spec='${wl}-rpath $libdir'
archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
else
@@ -10074,7 +10074,7 @@ $as_echo "$lt_cv_irix_exported_symbol" >
archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
fi
archive_cmds_need_lc='no'
- hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_flag_spec='${wl}-rpath $libdir'
hardcode_libdir_separator=:
inherit_rpath=yes
link_all_deplibs=yes
Index: clamav-0.99/config/config.rpath
===================================================================
--- clamav-0.99.orig/config/config.rpath
+++ clamav-0.99/config/config.rpath
@@ -156,7 +156,7 @@ if test "$with_gnu_ld" = yes; then
# here allows them to be overridden if necessary.
# Unlike libtool, we use -rpath here, not --rpath, since the documented
# option of GNU ld is called -rpath, not --rpath.
- hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_flag_spec=
case "$host_os" in
aix3* | aix4* | aix5*)
# On AIX/PPC, the GNU linker is very broken
recipes-security/clamav/clamav-0.98.5/volatiles.03_clamav → recipes-security/clamav/clamav-0.99.1/volatiles.03_clamav
View File
recipes-security/clamav/clamav_0.98.5.bb → recipes-security/clamav/clamav_0.99.1.bb
+41 -34
View File
@@ -3,60 +3,66 @@ DESCRIPTION = "ClamAV is an open source antivirus engine for detecting trojans,
HOMEPAGE = "http://www.clamav.net/index.html"
SECTION = "security"
LICENSE = "LGPL-2.1"
DEPENDS = "libtool db openssl zlib ncurses bzip2 libmspack"
DEPENDS = "libtool db libmspack "
LIC_FILES_CHKSUM = "file://COPYING.LGPL;beginline=2;endline=3;md5=4b89c05acc71195e9a06edfa2fa7d092"
SRC_URI = "https://launchpad.net/debian/+archive/primary/+files/clamav_0.98.5%2Bdfsg.orig.tar.xz;name=archive \
file://0001-Change-paths-in-sample-conf-file-to-match-Debian.patch \
file://0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch \
file://0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch \
file://0004-Fix-compiling-on-Hurd.patch \
file://0005-Workaround-a-bug-in-libc-on-Hurd.patch \
file://0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch \
file://0008-Add-upstream-systemd-support-for-clamav-daemon-and-c.patch \
file://0009-fix-ssize_t-size_t-off_t-printf-modifier.patch \
file://0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch \
file://0014-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch \
file://0015-bb-10731-Allow-to-specificy-a-group-for-the-socket-o.patch \
file://0016-clamav-milter-add-additinal-SMFIF_-flags-before-invo.patch \
file://0017-Bump-.so-version-number.patch \
file://0018-llvm-don-t-use-system-libs.patch \
file://clamav-0001-clamdscan.patch \
SRC_URI = "http://www.clamav.net/downloads/production/${BPN}-${PV}.tar.gz \
file://clamd.conf \
file://freshclam.conf \
file://volatiles.03_clamav \
file://mempool_build_fix.patch \
file://remove_rpath_chk.patch \
"
SRC_URI[md5sum] = "cf1f3cbe62a08c9165801f79239166ff"
SRC_URI[sha256sum] = "e144689122d3f91293808c82cbb06b7d3ac9eca7ae29564c5d148ffe7b25d58a"
SRC_URI[archive.md5sum] = "34d5e8698e57ce45c4a8c3c2cb211cf3"
SRC_URI[archive.sha256sum] = "0e353f646a0add17ca42e75ccfc7edf4f8b7c1acc972a86c317543f6b365db2d"
inherit autotools-brokensep pkgconfig useradd systemd
inherit autotools-brokensep pkgconfig useradd systemd
UID = "clamav"
GID = "clamav"
S = "${WORKDIR}/${BPN}-${PV}+dfsg"
PACKAGECONFIG ??= ""
PACKAGECONFIG ?= "ncurses openssl bz2 zlib "
PACKAGECONFIG += " ${@bb.utils.contains("DISTRO_FEATURES", "ipv6", "ipv6", "", d)}"
PACKAGECONFIG += "${@base_contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}"
PACKAGECONFIG[pcre] = "--with-pcre=${STAGING_LIBDIR}, --without-pcre, libpcre"
PACKAGECONFIG[xml] = "--with-xml=${STAGING_LIBDIR}/.., --with-xml=no, libxml2,"
PACKAGECONFIG[json] = "--with-libjson=${STAGING_LIBDIR}, --without-libjson, json,"
PACKAGECONFIG[curl] = "--with-libcurl=${STAGING_LIBDIR}, --without-libcurl, curl,"
PACKAGECONFIG[ipv6] = "--enable-ipv6, --disable-ipv6"
PACKAGECONFIG[openssl] = "--with-openssl=${STAGING_DIR_HOST}/usr, --without-openssl, openssl, openssl"
PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_DIR_HOST}/usr, --without-zlib, zlib, "
PACKAGECONFIG[bz2] = "--with-libbz2-prefix=${STAGING_LIBDIR}/.., --without-libbz2-prefix, "
PACKAGECONFIG[ncurses] = "--with-libncurses-prefix=${STAGING_LIBDIR}/.., --without-libncurses-prefix, ncurses, "
PACKAGECONFI[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', "
EXTRA_OECONF += " --with-user=${UID} --with-group=${GID} \
--without-libcheck-prefix --disable-unrar \
--disable-llvm \
--with-openssl=${STAGING_LIBDIR}/.. \
--with-zlib=${STAGING_LIBDIR}/.. \
--with-libbz2-prefix=${STAGING_DIR}${prefix} \
--with-libncurses-prefix=${STAGING_LIBDIR}/.. \
"
--disable-mempool \
--program-prefix="" \
--disable-yara \
--disable-rpath \
"
do_install_append () {
do_configure () {
cd ${S}
./configure ${CONFIGUREOPTS} ${EXTRA_OECONF}
}
do_compile_append() {
# brute force removing RPATH
chrpath -d ${B}/libclamav/.libs/libclamav.so.7.1.1
chrpath -d ${B}/sigtool/.libs/sigtool
chrpath -d ${B}/clambc/.libs/clambc
chrpath -d ${B}/clamscan/.libs/clamscan
chrpath -d ${B}/clamconf/.libs/clamconf
chrpath -d ${B}/clamd/.libs/clamd
chrpath -d ${B}/freshclam/.libs/freshclam
}
do_install_append() {
install -d ${D}/${sysconfdir}
install -d ${D}/${localstatedir}/lib/clamav
install -d ${D}${sysconfdir}/clamav ${D}${sysconfdir}/default/volatiles
@@ -64,6 +70,7 @@ do_install_append () {
install -m 644 ${WORKDIR}/clamd.conf ${D}/${sysconfdir}
install -m 644 ${WORKDIR}/freshclam.conf ${D}/${sysconfdir}
install -m 0644 ${WORKDIR}/volatiles.03_clamav ${D}${sysconfdir}/default/volatiles/volatiles.03_clamav
sed -i -e 's#${STAGING_DIR_HOST}##g' ${D}${libdir}/pkgconfig/libclamav.pc
}
pkg_postinst_${PN} () {
@@ -77,8 +84,8 @@ pkg_postinst_${PN} () {
PACKAGES = "${PN} ${PN}-dev ${PN}-dbg ${PN}-daemon ${PN}-doc \
${PN}-clamdscan ${PN}-freshclam ${PN}-libclamav6 ${PN}-staticdev"
FILES_${PN} = "${bindir}/clambc ${bindir}/clamscan ${bibdir}/clamsubmit \
${bindir}/sigtool ${mandir}/man1/clambc* ${mandir}/man1/clamscan* \
FILES_${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit \
${bindir}/*sigtool ${mandir}/man1/clambc* ${mandir}/man1/clamscan* \
${mandir}/man1/sigtool* ${mandir}/man1/clambsubmit* \
${docdir}/clamav/* "
@@ -113,7 +120,7 @@ FILES_${PN}-libclamav6 = "${libdir}/libclamav.so* ${libdir}/libmspack.so*\
${docdir}/libclamav6/* "
FILES_${PN}-doc = "${mandir}/man/* \
${datadir}/man/* \
${datadir}/man/* \
${docdir}/* "
INSANE_SKIP_${PN}-libclamav6 = "dev-so"