fyi.
building clamav-devel 0.99.3 branch head
cd clamav-devel
git log | head -n 10
commit 7e83eea9a4c3be1ba24b7c44e10e9d9eea84e2d9
Author: Steven Morgan <stevmorg@cisco.com>
Date: Mon Mar 20 14:56:34 2017 -0400
clamdoc version update.
commit b2e3350bc201aee13dc3469eab3978be8fe6a3f3
Author: Steven Morgan <stevmorg@cisco.com>
Date: Thu Mar 16 15:06:09 2017 -0400
on linux64 with openssl v110 locally installed
openssl version
OpenSSL 1.1.0e 16 Feb 2017
pkg-config --libs --cflags openssl
-I/usr/local/openssl11/include -L/usr/local/openssl11/lib64 -lssl -lcrypto
for this env
export SSL11_LIBS= -lssl -lcrypto
export SSL11_CFLAGS= -I/usr/local/openssl11/include
export SSL11_INCLUDES= -I/usr/local/openssl11/include
export SSL11_LDFLAGS= -L/usr/local/openssl11/lib64 -Wl,-rpath,/usr/local/openssl11/lib64
referencing this patch for 0.99.2
https://github.com/patch-exchange/openssl-1.1-transition/blob/master/clamav/clamav-0.99.2-openssl-1.1.patch
as a basis for building this patch (NOTE the 'manual', non-conditional fix for lib64 rpaths in openssl.m4),
cat clamav-0.99.3-test-openssl-1.1.patch
diff -ur clamav-devel.ORIG/libclamav/crypto.c clamav-devel/libclamav/crypto.c
--- clamav-devel.ORIG/libclamav/crypto.c 2017-03-23 10:20:29.590645016 -0700
+++ clamav-devel/libclamav/crypto.c 2017-03-23 10:18:15.455247547 -0700
@@ -36,6 +36,7 @@
#include "clamav-config.h"
#endif
+#include <openssl/ssl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -120,19 +121,13 @@
int cl_initialize_crypto(void)
{
- SSL_load_error_strings();
- SSL_library_init();
- OpenSSL_add_all_digests();
- OpenSSL_add_all_algorithms();
- OpenSSL_add_all_ciphers();
- ERR_load_crypto_strings();
-
+ OPENSSL_init_ssl(0, NULL);
return 0;
}
void cl_cleanup_crypto(void)
{
- EVP_cleanup();
+ return 0;
}
unsigned char *cl_hash_data(char *alg, const void *buf, size_t len, unsigned char *obuf, unsigned int *olen)
@@ -1111,7 +1106,7 @@
if ((x)) {
ASN1_TIME *tme;
- tme = X509_CRL_get_nextUpdate(x);
+ tme = X509_CRL_get0_nextUpdate(x);
if (!tme || X509_cmp_current_time(tme) < 0) {
X509_CRL_free(x);
return NULL;
diff -ur clamav-devel.ORIG/m4/reorganization/libs/openssl.m4 clamav-devel/m4/reorganization/libs/openssl.m4
--- clamav-devel.ORIG/m4/reorganization/libs/openssl.m4 2017-03-23 10:20:29.606644944 -0700
+++ clamav-devel/m4/reorganization/libs/openssl.m4 2017-03-23 09:54:07.397505020 -0700
@@ -30,9 +30,9 @@
LIBS="$LIBS $SSL_LIBS"
if test "$LIBSSL_HOME" != "/usr"; then
- SSL_LDFLAGS="-L$LIBSSL_HOME/lib"
- SSL_CPPFLAGS="-I$LIBSSL_HOME/include"
- LDFLAGS="-L$LIBSSL_HOME/lib"
+ SSL_LDFLAGS="$SSL11_LDFLAGS"
+ SSL_CPPFLAGS="$SSL_INCLUDES"
+ LDFLAGS="$SSL11_LDFLAGS"
CFLAGS="$SSL_CPPFLAGS"
else
SSL_LDFLAGS=""
@@ -44,7 +44,7 @@
AC_LINK_IFELSE(
[AC_LANG_PROGRAM([[#include <openssl/ssl.h>]],
- [[SSL_library_init();]])],
+ [[OPENSSL_init_ssl(0, NULL);]])],
[have_ssl="yes";],
[AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])])
applying
patch -p1 < ../clamav-0.99.3-test-openssl-1.1.patch
reconfig
export LDFLAGS=" ${SSL11_LDFLAGS}"
export CFLAGS+=" ${SSL11_CFLAGS}"
export LIBS="${SSL11_LIBS}"
export CPPFLAGS=" ${SSL11_INCLUDES}"
autoreconf -vif
./configure \
--disable-debug \
--prefix=/usr/local \
--libdir=/usr/local/lib64 \
--enable-rpath \
--enable-shared --disable-static \
--enable-clamav \
--enable-clamdtop \
--enable-libfreshclam \
--enable-milter \
--with-openssl=/usr/local/openssl11 \
...
then build
make V=1 -j4
make install
completes OK, bins linked against openssl v110 libs,
ldd `which clamdscan` `which clamd` | egrep "ssl|crypto"
libssl.so.1.1 => /usr/local/openssl11/lib64/libssl.so.1.1 (0x00007fbda5a85000)
libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1 (0x00007fbda55dc000)
libssl.so.1.1 => /usr/local/openssl11/lib64/libssl.so.1.1 (0x00007f08b5a00000)
libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1 (0x00007f08b5557000)
freshclam works
freshclam -v --config-file=/usr/local/etc/clamav/freshclam.conf
ls -al /var/lib/clamav
drwxrwxrwx 2 clamav clamav 4.0K Feb 27 12:56 ./
drwxr-xr-x 119 root root 4.0K Feb 27 08:48 ../
-rw-r--r-- 1 clamav clamav 102K Feb 27 12:56 bytecode.cvd
-rw-r--r-- 1 clamav clamav 39M Feb 27 12:55 daily.cvd
-rw-r--r-- 1 clamav clamav 105M Feb 27 12:55 main.cvd
-rw------- 1 clamav clamav 156 Feb 27 12:56 mirrors.dat
-rw-r--r-- 1 clamav clamav 47M Feb 27 12:56 safebrowsing.cvd
daemons start
systemctl start freshclam-custom.service
systemctl start clamd-custom.service
exec looks ok
clamdscan --version
ClamAV 0.99.3-beta1/23230/Thu Mar 23 05:28:56 2017
clamscan -d /var/lib/clamav
...
----------- SCAN SUMMARY -----------
Known viruses: 9027416
Engine version: 0.99.3-beta1
Scanned directories: 1
Scanned files: 41
Infected files: 0
Data scanned: 0.61 MB
Data read: 0.33 MB (ratio 1.82:1)
Time: 20.842 sec (0 m 20 s)
clamdscan /usr/local/scripts/TEST/eicar.com.txt
/usr/local/scripts/TEST/eicar.com.txt: Eicar-Test-Signature FOUND
----------- SCAN SUMMARY -----------
Infected files: 1
Time: 0.002 sec (0 m 0 s)
not yet ready for pull request, but works -- so far -- as a 1st step here.
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
http://www.clamav.net/contact.html#ml
building clamav-devel 0.99.3 branch head
cd clamav-devel
git log | head -n 10
commit 7e83eea9a4c3be1ba24b7c44e10e9d9eea84e2d9
Author: Steven Morgan <stevmorg@cisco.com>
Date: Mon Mar 20 14:56:34 2017 -0400
clamdoc version update.
commit b2e3350bc201aee13dc3469eab3978be8fe6a3f3
Author: Steven Morgan <stevmorg@cisco.com>
Date: Thu Mar 16 15:06:09 2017 -0400
on linux64 with openssl v110 locally installed
openssl version
OpenSSL 1.1.0e 16 Feb 2017
pkg-config --libs --cflags openssl
-I/usr/local/openssl11/include -L/usr/local/openssl11/lib64 -lssl -lcrypto
for this env
export SSL11_LIBS= -lssl -lcrypto
export SSL11_CFLAGS= -I/usr/local/openssl11/include
export SSL11_INCLUDES= -I/usr/local/openssl11/include
export SSL11_LDFLAGS= -L/usr/local/openssl11/lib64 -Wl,-rpath,/usr/local/openssl11/lib64
referencing this patch for 0.99.2
https://github.com/patch-exchange/openssl-1.1-transition/blob/master/clamav/clamav-0.99.2-openssl-1.1.patch
as a basis for building this patch (NOTE the 'manual', non-conditional fix for lib64 rpaths in openssl.m4),
cat clamav-0.99.3-test-openssl-1.1.patch
diff -ur clamav-devel.ORIG/libclamav/crypto.c clamav-devel/libclamav/crypto.c
--- clamav-devel.ORIG/libclamav/crypto.c 2017-03-23 10:20:29.590645016 -0700
+++ clamav-devel/libclamav/crypto.c 2017-03-23 10:18:15.455247547 -0700
@@ -36,6 +36,7 @@
#include "clamav-config.h"
#endif
+#include <openssl/ssl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -120,19 +121,13 @@
int cl_initialize_crypto(void)
{
- SSL_load_error_strings();
- SSL_library_init();
- OpenSSL_add_all_digests();
- OpenSSL_add_all_algorithms();
- OpenSSL_add_all_ciphers();
- ERR_load_crypto_strings();
-
+ OPENSSL_init_ssl(0, NULL);
return 0;
}
void cl_cleanup_crypto(void)
{
- EVP_cleanup();
+ return 0;
}
unsigned char *cl_hash_data(char *alg, const void *buf, size_t len, unsigned char *obuf, unsigned int *olen)
@@ -1111,7 +1106,7 @@
if ((x)) {
ASN1_TIME *tme;
- tme = X509_CRL_get_nextUpdate(x);
+ tme = X509_CRL_get0_nextUpdate(x);
if (!tme || X509_cmp_current_time(tme) < 0) {
X509_CRL_free(x);
return NULL;
diff -ur clamav-devel.ORIG/m4/reorganization/libs/openssl.m4 clamav-devel/m4/reorganization/libs/openssl.m4
--- clamav-devel.ORIG/m4/reorganization/libs/openssl.m4 2017-03-23 10:20:29.606644944 -0700
+++ clamav-devel/m4/reorganization/libs/openssl.m4 2017-03-23 09:54:07.397505020 -0700
@@ -30,9 +30,9 @@
LIBS="$LIBS $SSL_LIBS"
if test "$LIBSSL_HOME" != "/usr"; then
- SSL_LDFLAGS="-L$LIBSSL_HOME/lib"
- SSL_CPPFLAGS="-I$LIBSSL_HOME/include"
- LDFLAGS="-L$LIBSSL_HOME/lib"
+ SSL_LDFLAGS="$SSL11_LDFLAGS"
+ SSL_CPPFLAGS="$SSL_INCLUDES"
+ LDFLAGS="$SSL11_LDFLAGS"
CFLAGS="$SSL_CPPFLAGS"
else
SSL_LDFLAGS=""
@@ -44,7 +44,7 @@
AC_LINK_IFELSE(
[AC_LANG_PROGRAM([[#include <openssl/ssl.h>]],
- [[SSL_library_init();]])],
+ [[OPENSSL_init_ssl(0, NULL);]])],
[have_ssl="yes";],
[AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])])
applying
patch -p1 < ../clamav-0.99.3-test-openssl-1.1.patch
reconfig
export LDFLAGS=" ${SSL11_LDFLAGS}"
export CFLAGS+=" ${SSL11_CFLAGS}"
export LIBS="${SSL11_LIBS}"
export CPPFLAGS=" ${SSL11_INCLUDES}"
autoreconf -vif
./configure \
--disable-debug \
--prefix=/usr/local \
--libdir=/usr/local/lib64 \
--enable-rpath \
--enable-shared --disable-static \
--enable-clamav \
--enable-clamdtop \
--enable-libfreshclam \
--enable-milter \
--with-openssl=/usr/local/openssl11 \
...
then build
make V=1 -j4
make install
completes OK, bins linked against openssl v110 libs,
ldd `which clamdscan` `which clamd` | egrep "ssl|crypto"
libssl.so.1.1 => /usr/local/openssl11/lib64/libssl.so.1.1 (0x00007fbda5a85000)
libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1 (0x00007fbda55dc000)
libssl.so.1.1 => /usr/local/openssl11/lib64/libssl.so.1.1 (0x00007f08b5a00000)
libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1 (0x00007f08b5557000)
freshclam works
freshclam -v --config-file=/usr/local/etc/clamav/freshclam.conf
ls -al /var/lib/clamav
drwxrwxrwx 2 clamav clamav 4.0K Feb 27 12:56 ./
drwxr-xr-x 119 root root 4.0K Feb 27 08:48 ../
-rw-r--r-- 1 clamav clamav 102K Feb 27 12:56 bytecode.cvd
-rw-r--r-- 1 clamav clamav 39M Feb 27 12:55 daily.cvd
-rw-r--r-- 1 clamav clamav 105M Feb 27 12:55 main.cvd
-rw------- 1 clamav clamav 156 Feb 27 12:56 mirrors.dat
-rw-r--r-- 1 clamav clamav 47M Feb 27 12:56 safebrowsing.cvd
daemons start
systemctl start freshclam-custom.service
systemctl start clamd-custom.service
exec looks ok
clamdscan --version
ClamAV 0.99.3-beta1/23230/Thu Mar 23 05:28:56 2017
clamscan -d /var/lib/clamav
...
----------- SCAN SUMMARY -----------
Known viruses: 9027416
Engine version: 0.99.3-beta1
Scanned directories: 1
Scanned files: 41
Infected files: 0
Data scanned: 0.61 MB
Data read: 0.33 MB (ratio 1.82:1)
Time: 20.842 sec (0 m 20 s)
clamdscan /usr/local/scripts/TEST/eicar.com.txt
/usr/local/scripts/TEST/eicar.com.txt: Eicar-Test-Signature FOUND
----------- SCAN SUMMARY -----------
Infected files: 1
Time: 0.002 sec (0 m 0 s)
not yet ready for pull request, but works -- so far -- as a 1st step here.
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
http://www.clamav.net/contact.html#ml