Package: release.debian.org User: release.debian....@packages.debian.org Usertags: pu Tags: stretch Severity: normal
Please find attached the proposed update to c-icap-modules for Stretch as part of the clamav transition, #924278. Sebastian
diff -Nru c-icap-modules-0.4.4/debian/changelog c-icap-modules-0.4.4/debian/changelog --- c-icap-modules-0.4.4/debian/changelog 2016-10-09 21:29:45.000000000 +0200 +++ c-icap-modules-0.4.4/debian/changelog 2019-03-10 22:00:14.000000000 +0100 @@ -1,3 +1,10 @@ +c-icap-modules (1:0.4.4-1+deb9u1) stretch; urgency=medium + + * Non-maintainer upload. + * Add support for clamav 0.101.1 (Closes: #919814). + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Sun, 10 Mar 2019 22:00:14 +0100 + c-icap-modules (1:0.4.4-1) unstable; urgency=medium * New upstream release diff -Nru c-icap-modules-0.4.4/debian/control c-icap-modules-0.4.4/debian/control --- c-icap-modules-0.4.4/debian/control 2016-10-09 21:29:45.000000000 +0200 +++ c-icap-modules-0.4.4/debian/control 2019-03-10 22:00:14.000000000 +0100 @@ -2,7 +2,7 @@ Section: net Priority: extra Maintainer: Mathieu Parent <sath...@debian.org> -Build-Depends: debhelper (>= 9~), autotools-dev, libicapapi-dev (>=1:0.4.1~), libclamav-dev, libltdl-dev | libltdl3-dev, libdb-dev, dh-autoreconf +Build-Depends: debhelper (>= 9~), autotools-dev, libicapapi-dev (>=1:0.4.1~), libclamav-dev (>= 0.101.1), libltdl-dev | libltdl3-dev, libdb-dev, dh-autoreconf Standards-Version: 3.9.8 Homepage: http://c-icap.sourceforge.net/ Vcs-Git: https://anonscm.debian.org/git/collab-maint/c-icap-modules.git diff -Nru c-icap-modules-0.4.4/debian/patches/c-icap-modules-clamav-backport.patch c-icap-modules-0.4.4/debian/patches/c-icap-modules-clamav-backport.patch --- c-icap-modules-0.4.4/debian/patches/c-icap-modules-clamav-backport.patch 1970-01-01 01:00:00.000000000 +0100 +++ c-icap-modules-0.4.4/debian/patches/c-icap-modules-clamav-backport.patch 2019-03-10 21:59:09.000000000 +0100 @@ -0,0 +1,131 @@ +From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> +Date: Sat, 19 Jan 2019 21:12:25 +0100 +Subject: [PATCH] backport clamav changes from 0.5.3 + +--- + configure.ac | 12 ++++++++ + services/virus_scan/clamav_mod.c | 62 +++++++++++++++++++++++++++++++++++++++- + 2 files changed, 73 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 6d01fad8e47b..df5060941b7b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -187,7 +187,19 @@ if test a"$clamav" = "ayes"; then + AC_DEFINE(HAVE_LIBCLAMAV_095,1,[Define HAVE_LIBCLAMAV_095 if have clamav 0.95.x or newer]) + AC_MSG_RESULT(yes), + ) ++ ++ # ++ # clamav dropped CL_SCAN_HEURISTIC_ENCRYPTED in 0.101 replacing it with ++ # CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE and CL_SCAN_HEURISTIC_ENCRYPTED_DOC + # restore flags / clamav tests ++ AC_MSG_CHECKING([for HAVE_CL_SCAN_OPTIONS in clamav.h]) ++ AC_TRY_COMPILE( ++ [#include <clamav.h>], ++ [struct cl_scan_options CLAMSCAN_OPTIONS = { 0, 0, 0, 0, 0 };], ++ AC_DEFINE(HAVE_CL_SCAN_OPTIONS,1,[Define HAVE_CL_SCAN_OPTIONS if have clamav 0.101.x or newer]) ++ AC_MSG_RESULT(yes), ++ AC_MSG_RESULT(no), ++ ) + CFLAGS=$OLD_CFLAGS + fi # if test a"$clamav" = "ayes"; + +diff --git a/services/virus_scan/clamav_mod.c b/services/virus_scan/clamav_mod.c +index e860a93d2e22..9a886f9e62b5 100644 +--- a/services/virus_scan/clamav_mod.c ++++ b/services/virus_scan/clamav_mod.c +@@ -123,7 +123,12 @@ struct virus_db { + #ifndef HAVE_LIBCLAMAV_095 + struct cl_limits limits; + #endif ++ ++#ifdef HAVE_CL_SCAN_OPTIONS ++struct cl_scan_options CLAMSCAN_OPTIONS; ++#else + unsigned int CLAMSCAN_OPTIONS = CL_SCAN_STDOPT; ++#endif + + struct virus_db *virusdb = NULL; + struct virus_db *old_virusdb = NULL; +@@ -186,6 +191,55 @@ int clamav_post_init(struct ci_server_conf *server_conf) + #endif + + /*Build scan options*/ ++#ifdef HAVE_CL_SCAN_OPTIONS ++ memset(&CLAMSCAN_OPTIONS, 1, sizeof(CLAMSCAN_OPTIONS)); ++ CLAMSCAN_OPTIONS.parse = ~0; ++ ++#if defined(CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE) ++ if (CLAMAV_BLOCKENCRYPTED) { ++ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS; ++ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE; ++ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_ENCRYPTED_DOC; ++ } ++#endif ++ ++#if defined(CL_SCAN_HEURISTIC_BROKEN) ++ if (CLAMAV_BLOCKBROKEN) { ++ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS; ++ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_BROKEN; ++ } ++#endif ++ ++#if defined(CL_SCAN_GENERAL_HEURISTIC_PRECEDENCE) ++ if (CLAMAV_HEURISTIC_PRECEDENCE) { ++ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS; ++ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_GENERAL_HEURISTIC_PRECEDENCE; ++ } ++#endif ++ ++#if defined(CL_SCAN_HEURISTIC_MACROS) ++ if (CLAMAV_BLOCKMACROS) { ++ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS; ++ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_MACROS; ++ } ++#endif ++ ++#if defined(CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH) ++ if (CLAMAV_PHISHING_BLOCKSSL) { ++ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS; ++ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_PHISHING_SSL_MISMATCH; ++ } ++#endif ++ ++#if defined(CL_SCAN_HEURISTIC_PHISHING_CLOAK) ++ if (CLAMAV_PHISHING_BLOCKCLOAK) { ++ CLAMSCAN_OPTIONS.general |= CL_SCAN_GENERAL_HEURISTICS; ++ CLAMSCAN_OPTIONS.heuristic |= CL_SCAN_HEURISTIC_PHISHING_CLOAK; ++ } ++#endif ++ ++#else /*!HAVE_CL_SCAN_OPTIONS*/ ++ + #if defined(CL_SCAN_BLOCKENCRYPTED) + if (CLAMAV_BLOCKENCRYPTED) + CLAMSCAN_OPTIONS |= CL_SCAN_BLOCKENCRYPTED; +@@ -211,6 +265,8 @@ int clamav_post_init(struct ci_server_conf *server_conf) + CLAMSCAN_OPTIONS |= CL_SCAN_PHISHING_BLOCKCLOAK; + #endif + ++#endif /*HAVE_CL_SCAN_OPTIONS*/ ++ + clamav_set_versions(); + av_register_engine(&clamav_engine); + av_reload_istag(); +@@ -483,7 +539,11 @@ int clamav_scan_simple_file(ci_simple_file_t *body, av_virus_info_t *vinfo) + vinfo->virus_found = 0; + vdb = get_virusdb(); + lseek(fd, 0, SEEK_SET); +-#ifndef HAVE_LIBCLAMAV_095 ++#if defined(HAVE_CL_SCAN_OPTIONS) ++ ret = ++ cl_scandesc(fd, NULL, &virname, &scanned_data, vdb, ++ &CLAMSCAN_OPTIONS); ++#elif !defined(HAVE_LIBCLAMAV_095) + ret = + cl_scandesc(fd, &virname, &scanned_data, vdb, &limits, + CLAMSCAN_OPTIONS); +-- +2.11.0 + diff -Nru c-icap-modules-0.4.4/debian/patches/series c-icap-modules-0.4.4/debian/patches/series --- c-icap-modules-0.4.4/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ c-icap-modules-0.4.4/debian/patches/series 2019-03-10 21:59:27.000000000 +0100 @@ -0,0 +1 @@ +c-icap-modules-clamav-backport.patch