1 |
commit: f2ed7b0fa315384aa5131056a3221c2cac0beb3f |
2 |
Author: S. Lockwood-Childs <sjl <AT> vctlabs <DOT> com> |
3 |
AuthorDate: Wed May 23 09:52:37 2018 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Jun 12 11:09:43 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=f2ed7b0f |
7 |
|
8 |
app-antivirus/clamav: add package |
9 |
|
10 |
clamav uses fts functions, so depend on fts-standalone and link |
11 |
against that external libfts when building against musl |
12 |
|
13 |
app-antivirus/clamav/Manifest | 2 + |
14 |
app-antivirus/clamav/clamav-0.100.0.ebuild | 169 +++++++++++++++++++ |
15 |
app-antivirus/clamav/clamav-0.99.4-r1.ebuild | 161 ++++++++++++++++++ |
16 |
.../clamav/files/clamav-0.100.0_autotools.patch | 10 ++ |
17 |
app-antivirus/clamav/files/clamav-0.99-zlib.patch | 22 +++ |
18 |
.../clamav/files/clamav-0.99.2-bytecode_api.patch | 50 ++++++ |
19 |
.../clamav/files/clamav-0.99.2-gcc-6.patch | 84 ++++++++++ |
20 |
.../clamav-0.99.2-pcre2-compile-erroffset.patch | 12 ++ |
21 |
.../clamav/files/clamav-0.99.2-tinfo.patch | 23 +++ |
22 |
...lamav-0.99.3-VMSF_DELTA-fix-CVE-2012-6706.patch | 186 +++++++++++++++++++++ |
23 |
...mav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch | 132 +++++++++++++++ |
24 |
.../files/clamav-0.99.4-fix-newer-zlib.patch | 54 ++++++ |
25 |
.../clamav-0.99.4-pcre2-compile-erroffset.patch | 11 ++ |
26 |
.../clamav/files/clamav-milter.README.gentoo | 85 ++++++++++ |
27 |
app-antivirus/clamav/files/clamav-milter.service | 12 ++ |
28 |
.../clamav/files/clamav-milter.service-r1 | 13 ++ |
29 |
app-antivirus/clamav/files/clamav.logrotate | 17 ++ |
30 |
app-antivirus/clamav/files/clamd.conf | 9 + |
31 |
app-antivirus/clamav/files/clamd.conf-r1 | 7 + |
32 |
app-antivirus/clamav/files/clamd.initd-r6 | 128 ++++++++++++++ |
33 |
app-antivirus/clamav/files/clamd.service | 12 ++ |
34 |
app-antivirus/clamav/files/clamd_at.service | 12 ++ |
35 |
app-antivirus/clamav/files/freshclamd.service | 10 ++ |
36 |
app-antivirus/clamav/files/tmpfiles.d/clamav.conf | 1 + |
37 |
app-antivirus/clamav/metadata.xml | 20 +++ |
38 |
25 files changed, 1242 insertions(+) |
39 |
|
40 |
diff --git a/app-antivirus/clamav/Manifest b/app-antivirus/clamav/Manifest |
41 |
new file mode 100644 |
42 |
index 0000000..e2e5315 |
43 |
--- /dev/null |
44 |
+++ b/app-antivirus/clamav/Manifest |
45 |
@@ -0,0 +1,2 @@ |
46 |
+DIST clamav-0.100.0.tar.gz 16036757 BLAKE2B c51edfb05726e16e2ff1ef1fee9f174af5a0d65396f847a4f6e1246d5844b92eb70896fc598d2c73719b1315ff3c41aca503823431e0918d52f56d29399dd796 SHA512 57e1da86a32fdfb66887c4aeed03008bc070ce3cb6b881db411332f2f2e640b73dca84d990f5886526b3d6bd0c2770c7dcce5b4e7cf48323824c362452593549 |
47 |
+DIST clamav-0.99.4.tar.gz 16083015 BLAKE2B 3c2e7d11ee05fe846f75c3fb6501b5fd809a2e58f8e69c82e493e32fcbc87ca0e5b5f7ab83a0d7e251a5dc8e84aed1475c87c1248b393fa04b6924a2ab32b9bf SHA512 778d5ef510d8d4bdfac5dc33d92469ed4283c414b3d42da6e1a0b13ed70e37755d5c837622dc336bc728ba1f8bf5485fc8a8d3a67a90e9aaa9e4dc71ece0691d |
48 |
|
49 |
diff --git a/app-antivirus/clamav/clamav-0.100.0.ebuild b/app-antivirus/clamav/clamav-0.100.0.ebuild |
50 |
new file mode 100644 |
51 |
index 0000000..004feb5 |
52 |
--- /dev/null |
53 |
+++ b/app-antivirus/clamav/clamav-0.100.0.ebuild |
54 |
@@ -0,0 +1,169 @@ |
55 |
+# Copyright 1999-2018 Gentoo Foundation |
56 |
+# Distributed under the terms of the GNU General Public License v2 |
57 |
+ |
58 |
+EAPI=6 |
59 |
+ |
60 |
+inherit autotools eutils flag-o-matic user systemd |
61 |
+ |
62 |
+DESCRIPTION="Clam Anti-Virus Scanner" |
63 |
+HOMEPAGE="https://www.clamav.net/" |
64 |
+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz" |
65 |
+ |
66 |
+LICENSE="GPL-2" |
67 |
+SLOT="0" |
68 |
+KEYWORDS="~amd64 ~arm ~ia64 ~ppc64 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris" |
69 |
+IUSE="bzip2 doc clamdtop iconv ipv6 libressl milter metadata-analysis-api selinux static-libs system-libmspack test uclibc" |
70 |
+ |
71 |
+CDEPEND="bzip2? ( app-arch/bzip2 ) |
72 |
+ clamdtop? ( sys-libs/ncurses:0 ) |
73 |
+ iconv? ( virtual/libiconv ) |
74 |
+ metadata-analysis-api? ( dev-libs/json-c:= ) |
75 |
+ milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) ) |
76 |
+ dev-libs/libtommath |
77 |
+ >=sys-libs/zlib-1.2.2:= |
78 |
+ !libressl? ( dev-libs/openssl:0= ) |
79 |
+ libressl? ( dev-libs/libressl:0= ) |
80 |
+ sys-devel/libtool |
81 |
+ || ( dev-libs/libpcre2 >dev-libs/libpcre-6 ) |
82 |
+ system-libmspack? ( dev-libs/libmspack ) |
83 |
+ elibc_musl? ( sys-libs/fts-standalone ) |
84 |
+ !!<app-antivirus/clamav-0.99" |
85 |
+# hard block clamav < 0.99 due to linking problems Bug #567680 |
86 |
+# openssl is now *required* see this link as to why |
87 |
+# https://blog.clamav.net/2014/02/introducing-openssl-as-dependency-to.html |
88 |
+DEPEND="${CDEPEND} |
89 |
+ virtual/pkgconfig |
90 |
+ test? ( dev-libs/check )" |
91 |
+RDEPEND="${CDEPEND} |
92 |
+ selinux? ( sec-policy/selinux-clamav )" |
93 |
+ |
94 |
+DOCS=( docs/clamdoc.pdf docs/phishsigs_howto.pdf docs/signatures.pdf ) |
95 |
+HTML_DOCS=( docs/html ) |
96 |
+ |
97 |
+PATCHES=( |
98 |
+ "${FILESDIR}/${P}_autotools.patch" |
99 |
+) |
100 |
+ |
101 |
+pkg_setup() { |
102 |
+ enewgroup clamav |
103 |
+ enewuser clamav -1 -1 /dev/null clamav |
104 |
+} |
105 |
+ |
106 |
+src_prepare() { |
107 |
+ use elibc_musl && append-ldflags -lfts |
108 |
+ default |
109 |
+ |
110 |
+ eautoconf |
111 |
+} |
112 |
+ |
113 |
+src_configure() { |
114 |
+ use ppc64 && append-flags -mminimal-toc |
115 |
+ use uclibc && export ac_cv_type_error_t=yes |
116 |
+ |
117 |
+ econf \ |
118 |
+ $(use_enable bzip2) \ |
119 |
+ $(use_enable clamdtop) \ |
120 |
+ $(use_enable ipv6) \ |
121 |
+ $(use_enable milter) \ |
122 |
+ $(use_enable static-libs static) \ |
123 |
+ $(use_enable test check) \ |
124 |
+ $(use_with iconv) \ |
125 |
+ $(use_with metadata-analysis-api libjson /usr) \ |
126 |
+ $(use_with system-libmspack) \ |
127 |
+ --cache-file="${S}"/config.cache \ |
128 |
+ --disable-experimental \ |
129 |
+ --disable-gcc-vcheck \ |
130 |
+ --disable-zlib-vcheck \ |
131 |
+ --enable-id-check \ |
132 |
+ --with-dbdir="${EPREFIX}"/var/lib/clamav \ |
133 |
+ --with-system-tommath \ |
134 |
+ --with-zlib="${EPREFIX}"/usr \ |
135 |
+ --disable-llvm |
136 |
+} |
137 |
+ |
138 |
+src_install() { |
139 |
+ default |
140 |
+ |
141 |
+ rm -rf "${ED}"/var/lib/clamav |
142 |
+ newinitd "${FILESDIR}"/clamd.initd-r6 clamd |
143 |
+ newconfd "${FILESDIR}"/clamd.conf-r1 clamd |
144 |
+ |
145 |
+ systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf" |
146 |
+ systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service" |
147 |
+ systemd_dounit "${FILESDIR}/clamd.service" |
148 |
+ systemd_dounit "${FILESDIR}/freshclamd.service" |
149 |
+ |
150 |
+ keepdir /var/lib/clamav |
151 |
+ fowners clamav:clamav /var/lib/clamav |
152 |
+ keepdir /var/log/clamav |
153 |
+ fowners clamav:clamav /var/log/clamav |
154 |
+ |
155 |
+ dodir /etc/logrotate.d |
156 |
+ insinto /etc/logrotate.d |
157 |
+ newins "${FILESDIR}"/clamav.logrotate clamav |
158 |
+ |
159 |
+ # Modify /etc/{clamd,freshclam}.conf to be usable out of the box |
160 |
+ sed -i -e "s:^\(Example\):\# \1:" \ |
161 |
+ -e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \ |
162 |
+ -e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \ |
163 |
+ -e "s:.*\(User\) .*:\1 clamav:" \ |
164 |
+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \ |
165 |
+ -e "s:^\#\(LogTime\).*:\1 yes:" \ |
166 |
+ -e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \ |
167 |
+ "${ED}"/etc/clamd.conf.sample || die |
168 |
+ sed -i -e "s:^\(Example\):\# \1:" \ |
169 |
+ -e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \ |
170 |
+ -e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \ |
171 |
+ -e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \ |
172 |
+ -e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \ |
173 |
+ -e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \ |
174 |
+ -e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \ |
175 |
+ "${ED}"/etc/freshclam.conf.sample || die |
176 |
+ |
177 |
+ if use milter ; then |
178 |
+ # MilterSocket one to include ' /' because there is a 2nd line for |
179 |
+ # inet: which we want to leave |
180 |
+ ##dodoc "${FILESDIR}"/clamav-milter.README.gentoo |
181 |
+ sed -i -e "s:^\(Example\):\# \1:" \ |
182 |
+ -e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \ |
183 |
+ -e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \ |
184 |
+ -e "s:.*\(User\) .*:\1 clamav:" \ |
185 |
+ -e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \ |
186 |
+ -e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \ |
187 |
+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \ |
188 |
+ "${ED}"/etc/clamav-milter.conf.sample || die |
189 |
+ cat >> "${ED}"/etc/conf.d/clamd <<-EOF |
190 |
+ MILTER_NICELEVEL=19 |
191 |
+ START_MILTER=no |
192 |
+ EOF |
193 |
+ |
194 |
+ systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service |
195 |
+ fi |
196 |
+ |
197 |
+ if use doc; then |
198 |
+ einstalldocs |
199 |
+ doman docs/man/*.[1-8] |
200 |
+ fi |
201 |
+ |
202 |
+ for i in clamd freshclam clamav-milter |
203 |
+ do |
204 |
+ [[ -f "${D}"/etc/"${i}".conf.sample ]] && mv "${D}"/etc/"${i}".conf{.sample,} |
205 |
+ done |
206 |
+ |
207 |
+ prune_libtool_files --all |
208 |
+} |
209 |
+ |
210 |
+src_test() { |
211 |
+ emake quick-check |
212 |
+} |
213 |
+ |
214 |
+pkg_postinst() { |
215 |
+ if use milter ; then |
216 |
+ elog "For simple instructions how to setup the clamav-milter read the" |
217 |
+ elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}" |
218 |
+ fi |
219 |
+ if test -z $(find "${ROOT}"var/lib/clamav -maxdepth 1 -name 'main.c*' -print -quit) ; then |
220 |
+ ewarn "You must run freshclam manually to populate the virus database files" |
221 |
+ ewarn "before starting clamav for the first time.\n" |
222 |
+ fi |
223 |
+} |
224 |
|
225 |
diff --git a/app-antivirus/clamav/clamav-0.99.4-r1.ebuild b/app-antivirus/clamav/clamav-0.99.4-r1.ebuild |
226 |
new file mode 100644 |
227 |
index 0000000..049142a |
228 |
--- /dev/null |
229 |
+++ b/app-antivirus/clamav/clamav-0.99.4-r1.ebuild |
230 |
@@ -0,0 +1,161 @@ |
231 |
+# Copyright 1999-2018 Gentoo Foundation |
232 |
+# Distributed under the terms of the GNU General Public License v2 |
233 |
+ |
234 |
+EAPI=6 |
235 |
+ |
236 |
+inherit autotools eutils flag-o-matic user systemd |
237 |
+ |
238 |
+DESCRIPTION="Clam Anti-Virus Scanner" |
239 |
+HOMEPAGE="https://www.clamav.net/" |
240 |
+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz" |
241 |
+ |
242 |
+LICENSE="GPL-2" |
243 |
+SLOT="0" |
244 |
+KEYWORDS="alpha amd64 ~arm hppa ia64 ~ppc ppc64 ~sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris" |
245 |
+IUSE="bzip2 clamdtop iconv ipv6 libressl milter metadata-analysis-api selinux static-libs test uclibc" |
246 |
+ |
247 |
+CDEPEND="bzip2? ( app-arch/bzip2 ) |
248 |
+ clamdtop? ( sys-libs/ncurses:0 ) |
249 |
+ iconv? ( virtual/libiconv ) |
250 |
+ metadata-analysis-api? ( dev-libs/json-c:= ) |
251 |
+ milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) ) |
252 |
+ dev-libs/libtommath |
253 |
+ >=sys-libs/zlib-1.2.2:= |
254 |
+ !libressl? ( dev-libs/openssl:0= ) |
255 |
+ libressl? ( dev-libs/libressl:0= ) |
256 |
+ sys-devel/libtool |
257 |
+ || ( dev-libs/libpcre2 >dev-libs/libpcre-6 ) |
258 |
+ elibc_musl? ( sys-libs/fts-standalone ) |
259 |
+ !!<app-antivirus/clamav-0.99" |
260 |
+# hard block clamav < 0.99 due to linking problems Bug #567680 |
261 |
+# openssl is now *required* see this link as to why |
262 |
+# https://blog.clamav.net/2014/02/introducing-openssl-as-dependency-to.html |
263 |
+DEPEND="${CDEPEND} |
264 |
+ virtual/pkgconfig |
265 |
+ test? ( dev-libs/check )" |
266 |
+RDEPEND="${CDEPEND} |
267 |
+ selinux? ( sec-policy/selinux-clamav )" |
268 |
+ |
269 |
+DOCS=( AUTHORS BUGS ChangeLog FAQ INSTALL NEWS README UPGRADE ) |
270 |
+PATCHES=( |
271 |
+ "${FILESDIR}"/${PN}-0.99.4-fix-newer-zlib.patch |
272 |
+ "${FILESDIR}/${P}-pcre2-compile-erroffset.patch" |
273 |
+) |
274 |
+ |
275 |
+pkg_setup() { |
276 |
+ enewgroup clamav |
277 |
+ enewuser clamav -1 -1 /dev/null clamav |
278 |
+} |
279 |
+ |
280 |
+src_prepare() { |
281 |
+ use elibc_musl && append-ldflags -lfts |
282 |
+ default |
283 |
+ |
284 |
+ eautoconf |
285 |
+} |
286 |
+ |
287 |
+src_configure() { |
288 |
+ use ppc64 && append-flags -mminimal-toc |
289 |
+ use uclibc && export ac_cv_type_error_t=yes |
290 |
+ |
291 |
+ econf \ |
292 |
+ $(use_enable bzip2) \ |
293 |
+ $(use_enable clamdtop) \ |
294 |
+ $(use_enable ipv6) \ |
295 |
+ $(use_enable milter) \ |
296 |
+ $(use_enable static-libs static) \ |
297 |
+ $(use_enable test check) \ |
298 |
+ $(use_with iconv) \ |
299 |
+ $(use_with metadata-analysis-api libjson /usr) \ |
300 |
+ --cache-file="${S}"/config.cache \ |
301 |
+ --disable-experimental \ |
302 |
+ --disable-gcc-vcheck \ |
303 |
+ --disable-zlib-vcheck \ |
304 |
+ --enable-id-check \ |
305 |
+ --with-dbdir="${EPREFIX}"/var/lib/clamav \ |
306 |
+ --with-system-tommath \ |
307 |
+ --with-zlib="${EPREFIX}"/usr \ |
308 |
+ --disable-llvm |
309 |
+} |
310 |
+ |
311 |
+src_install() { |
312 |
+ default |
313 |
+ |
314 |
+ rm -rf "${ED}"/var/lib/clamav |
315 |
+ newinitd "${FILESDIR}"/clamd.initd-r6 clamd |
316 |
+ newconfd "${FILESDIR}"/clamd.conf-r1 clamd |
317 |
+ |
318 |
+ systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf" |
319 |
+ systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service" |
320 |
+ systemd_dounit "${FILESDIR}/clamd.service" |
321 |
+ systemd_dounit "${FILESDIR}/freshclamd.service" |
322 |
+ |
323 |
+ keepdir /var/lib/clamav |
324 |
+ fowners clamav:clamav /var/lib/clamav |
325 |
+ keepdir /var/log/clamav |
326 |
+ fowners clamav:clamav /var/log/clamav |
327 |
+ |
328 |
+ dodir /etc/logrotate.d |
329 |
+ insinto /etc/logrotate.d |
330 |
+ newins "${FILESDIR}"/clamav.logrotate clamav |
331 |
+ |
332 |
+ # Modify /etc/{clamd,freshclam}.conf to be usable out of the box |
333 |
+ sed -i -e "s:^\(Example\):\# \1:" \ |
334 |
+ -e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \ |
335 |
+ -e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \ |
336 |
+ -e "s:.*\(User\) .*:\1 clamav:" \ |
337 |
+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \ |
338 |
+ -e "s:^\#\(LogTime\).*:\1 yes:" \ |
339 |
+ -e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \ |
340 |
+ "${ED}"/etc/clamd.conf.sample || die |
341 |
+ sed -i -e "s:^\(Example\):\# \1:" \ |
342 |
+ -e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \ |
343 |
+ -e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \ |
344 |
+ -e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \ |
345 |
+ -e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \ |
346 |
+ -e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \ |
347 |
+ -e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \ |
348 |
+ "${ED}"/etc/freshclam.conf.sample || die |
349 |
+ |
350 |
+ if use milter ; then |
351 |
+ # MilterSocket one to include ' /' because there is a 2nd line for |
352 |
+ # inet: which we want to leave |
353 |
+ dodoc "${FILESDIR}"/clamav-milter.README.gentoo |
354 |
+ sed -i -e "s:^\(Example\):\# \1:" \ |
355 |
+ -e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \ |
356 |
+ -e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \ |
357 |
+ -e "s:.*\(User\) .*:\1 clamav:" \ |
358 |
+ -e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \ |
359 |
+ -e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \ |
360 |
+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \ |
361 |
+ "${ED}"/etc/clamav-milter.conf.sample || die |
362 |
+ cat >> "${ED}"/etc/conf.d/clamd <<-EOF |
363 |
+ MILTER_NICELEVEL=19 |
364 |
+ START_MILTER=no |
365 |
+ EOF |
366 |
+ |
367 |
+ systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service |
368 |
+ fi |
369 |
+ |
370 |
+ for i in clamd freshclam clamav-milter |
371 |
+ do |
372 |
+ [[ -f "${D}"/etc/"${i}".conf.sample ]] && mv "${D}"/etc/"${i}".conf{.sample,} |
373 |
+ done |
374 |
+ |
375 |
+ prune_libtool_files --all |
376 |
+} |
377 |
+ |
378 |
+src_test() { |
379 |
+ emake quick-check |
380 |
+} |
381 |
+ |
382 |
+pkg_postinst() { |
383 |
+ if use milter ; then |
384 |
+ elog "For simple instructions how to setup the clamav-milter read the" |
385 |
+ elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}" |
386 |
+ fi |
387 |
+ if test -z $(find "${ROOT}"var/lib/clamav -maxdepth 1 -name 'main.c*' -print -quit) ; then |
388 |
+ ewarn "You must run freshclam manually to populate the virus database files" |
389 |
+ ewarn "before starting clamav for the first time.\n" |
390 |
+ fi |
391 |
+} |
392 |
|
393 |
diff --git a/app-antivirus/clamav/files/clamav-0.100.0_autotools.patch b/app-antivirus/clamav/files/clamav-0.100.0_autotools.patch |
394 |
new file mode 100644 |
395 |
index 0000000..58c3b4e |
396 |
--- /dev/null |
397 |
+++ b/app-antivirus/clamav/files/clamav-0.100.0_autotools.patch |
398 |
@@ -0,0 +1,10 @@ |
399 |
+--- clamav-0.100.0/configure.ac_orig 2018-04-12 13:12:58.201729248 +0200 |
400 |
++++ clamav-0.100.0/configure.ac 2018-04-12 13:23:44.982679360 +0200 |
401 |
+@@ -47,6 +47,7 @@ |
402 |
+ LT_CONFIG_LTDL_DIR([libltdl]) |
403 |
+ LT_INIT([dlopen disable-static]) |
404 |
+ LTDL_INIT([recursive]) |
405 |
++PKG_PROG_PKG_CONFIG(0.16) |
406 |
+ |
407 |
+ m4_include([m4/reorganization/build_tools.m4]) |
408 |
+ m4_include([m4/reorganization/headers.m4]) |
409 |
|
410 |
diff --git a/app-antivirus/clamav/files/clamav-0.99-zlib.patch b/app-antivirus/clamav/files/clamav-0.99-zlib.patch |
411 |
new file mode 100644 |
412 |
index 0000000..8d1f4e6 |
413 |
--- /dev/null |
414 |
+++ b/app-antivirus/clamav/files/clamav-0.99-zlib.patch |
415 |
@@ -0,0 +1,22 @@ |
416 |
+commit f0bcd186190fe6e67b3f0eaaceb7a99aa6a98865 |
417 |
+Author: Steven Morgan <stevmorg@×××××.com> |
418 |
+Date: Thu Jan 5 12:30:35 2017 -0500 |
419 |
+ |
420 |
+ bb111711 - fix zlib version check - patch by Daniel J. Luke. |
421 |
+ |
422 |
+diff --git a/m4/reorganization/libs/libz.m4 b/m4/reorganization/libs/libz.m4 |
423 |
+index b5c7414..f7b67ca 100644 |
424 |
+--- a/m4/reorganization/libs/libz.m4 |
425 |
++++ b/m4/reorganization/libs/libz.m4 |
426 |
+@@ -29,9 +29,9 @@ then |
427 |
+ AC_MSG_ERROR([Please install zlib and zlib-devel packages]) |
428 |
+ else |
429 |
+ |
430 |
+- vuln=`grep "ZLIB_VERSION \"1.2.0" $ZLIB_HOME/include/zlib.h` |
431 |
++ vuln=`grep "ZLIB_VERSION \"1.2.0\"" $ZLIB_HOME/include/zlib.h` |
432 |
+ if test -z "$vuln"; then |
433 |
+- vuln=`grep "ZLIB_VERSION \"1.2.1" $ZLIB_HOME/include/zlib.h` |
434 |
++ vuln=`grep "ZLIB_VERSION \"1.2.1\"" $ZLIB_HOME/include/zlib.h` |
435 |
+ fi |
436 |
+ |
437 |
+ if test -n "$vuln"; then |
438 |
|
439 |
diff --git a/app-antivirus/clamav/files/clamav-0.99.2-bytecode_api.patch b/app-antivirus/clamav/files/clamav-0.99.2-bytecode_api.patch |
440 |
new file mode 100644 |
441 |
index 0000000..d6cd526 |
442 |
--- /dev/null |
443 |
+++ b/app-antivirus/clamav/files/clamav-0.99.2-bytecode_api.patch |
444 |
@@ -0,0 +1,50 @@ |
445 |
+Description: fix compatibility with zlib 1.2.9 and newer |
446 |
+Author: Marc Deslauriers <marc.deslauriers@×××××××××.com> |
447 |
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1692073 |
448 |
+ |
449 |
+--- a/libclamav/bytecode_api.c 2017-08-08 15:20:06.651685637 -0400 |
450 |
++++ b/libclamav/bytecode_api.c 2017-08-15 15:45:14.645714766 -0400 |
451 |
+@@ -811,8 +811,20 @@ int32_t cli_bcapi_inflate_init(struct cl |
452 |
+ cli_dbgmsg("bytecode api: inflate_init: invalid buffers!\n"); |
453 |
+ return -1; |
454 |
+ } |
455 |
+- memset(&stream, 0, sizeof(stream)); |
456 |
+- ret = inflateInit2(&stream, windowBits); |
457 |
++ |
458 |
++ b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates)*n); |
459 |
++ if (!b) { |
460 |
++ return -1; |
461 |
++ } |
462 |
++ ctx->inflates = b; |
463 |
++ ctx->ninflates = n; |
464 |
++ b = &b[n-1]; |
465 |
++ |
466 |
++ b->from = from; |
467 |
++ b->to = to; |
468 |
++ b->needSync = 0; |
469 |
++ memset(&b->stream, 0, sizeof(stream)); |
470 |
++ ret = inflateInit2(&b->stream, windowBits); |
471 |
+ switch (ret) { |
472 |
+ case Z_MEM_ERROR: |
473 |
+ cli_dbgmsg("bytecode api: inflateInit2: out of memory!\n"); |
474 |
+@@ -829,20 +841,6 @@ int32_t cli_bcapi_inflate_init(struct cl |
475 |
+ cli_dbgmsg("bytecode api: inflateInit2: unknown error %d\n", ret); |
476 |
+ return -1; |
477 |
+ } |
478 |
+- |
479 |
+- b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates)*n); |
480 |
+- if (!b) { |
481 |
+- inflateEnd(&stream); |
482 |
+- return -1; |
483 |
+- } |
484 |
+- ctx->inflates = b; |
485 |
+- ctx->ninflates = n; |
486 |
+- b = &b[n-1]; |
487 |
+- |
488 |
+- b->from = from; |
489 |
+- b->to = to; |
490 |
+- b->needSync = 0; |
491 |
+- memcpy(&b->stream, &stream, sizeof(stream)); |
492 |
+ return n-1; |
493 |
+ } |
494 |
+ |
495 |
|
496 |
diff --git a/app-antivirus/clamav/files/clamav-0.99.2-gcc-6.patch b/app-antivirus/clamav/files/clamav-0.99.2-gcc-6.patch |
497 |
new file mode 100644 |
498 |
index 0000000..2031edb |
499 |
--- /dev/null |
500 |
+++ b/app-antivirus/clamav/files/clamav-0.99.2-gcc-6.patch |
501 |
@@ -0,0 +1,84 @@ |
502 |
+diff --git a/libclamav/c++/llvm/include/llvm/ADT/StringMap.h b/libclamav/c++/llvm/include/llvm/ADT/StringMap.h |
503 |
+index 59ff6aa..1325394 100644 |
504 |
+--- a/libclamav/c++/llvm/include/llvm/ADT/StringMap.h |
505 |
++++ b/libclamav/c++/llvm/include/llvm/ADT/StringMap.h |
506 |
+@@ -169,3 +169,3 @@ public: |
507 |
+ KeyLength+1; |
508 |
+- unsigned Alignment = alignof<StringMapEntry>(); |
509 |
++ unsigned Alignment = alignOf<StringMapEntry>(); |
510 |
+ |
511 |
+diff --git a/libclamav/c++/llvm/include/llvm/CodeGen/SlotIndexes.h b/libclamav/c++/llvm/include/llvm/CodeGen/SlotIndexes.h |
512 |
+index 88044c7..86b0f40 100644 |
513 |
+--- a/libclamav/c++/llvm/include/llvm/CodeGen/SlotIndexes.h |
514 |
++++ b/libclamav/c++/llvm/include/llvm/CodeGen/SlotIndexes.h |
515 |
+@@ -417,3 +417,3 @@ namespace llvm { |
516 |
+ ileAllocator.Allocate(sizeof(IndexListEntry), |
517 |
+- alignof<IndexListEntry>())); |
518 |
++ alignOf<IndexListEntry>())); |
519 |
+ |
520 |
+diff --git a/libclamav/c++/llvm/include/llvm/Support/AlignOf.h b/libclamav/c++/llvm/include/llvm/Support/AlignOf.h |
521 |
+index 6a7a1a6..979e597 100644 |
522 |
+--- a/libclamav/c++/llvm/include/llvm/Support/AlignOf.h |
523 |
++++ b/libclamav/c++/llvm/include/llvm/Support/AlignOf.h |
524 |
+@@ -51,8 +51,8 @@ struct AlignOf { |
525 |
+ |
526 |
+-/// alignof - A templated function that returns the mininum alignment of |
527 |
++/// alignOf - A templated function that returns the mininum alignment of |
528 |
+ /// of a type. This provides no extra functionality beyond the AlignOf |
529 |
+ /// class besides some cosmetic cleanliness. Example usage: |
530 |
+-/// alignof<int>() returns the alignment of an int. |
531 |
++/// alignOf<int>() returns the alignment of an int. |
532 |
+ template <typename T> |
533 |
+-static inline unsigned alignof() { return AlignOf<T>::Alignment; } |
534 |
++static inline unsigned alignOf() { return AlignOf<T>::Alignment; } |
535 |
+ |
536 |
+diff --git a/libclamav/c++/llvm/include/llvm/Support/Allocator.h b/libclamav/c++/llvm/include/llvm/Support/Allocator.h |
537 |
+index 4a7251f..17caf5e 100644 |
538 |
+--- a/libclamav/c++/llvm/include/llvm/Support/Allocator.h |
539 |
++++ b/libclamav/c++/llvm/include/llvm/Support/Allocator.h |
540 |
+@@ -203,3 +203,3 @@ public: |
541 |
+ for (char *Ptr = (char*)(Slab+1); Ptr < End; Ptr += sizeof(T)) { |
542 |
+- Ptr = Allocator.AlignPtr(Ptr, alignof<T>()); |
543 |
++ Ptr = Allocator.AlignPtr(Ptr, alignOf<T>()); |
544 |
+ if (Ptr + sizeof(T) <= End) |
545 |
+diff --git a/libclamav/c++/llvm/lib/Analysis/ScalarEvolution.cpp b/libclamav/c++/llvm/lib/Analysis/ScalarEvolution.cpp |
546 |
+index b892d85..dc72346 100644 |
547 |
+--- a/libclamav/c++/llvm/lib/Analysis/ScalarEvolution.cpp |
548 |
++++ b/libclamav/c++/llvm/lib/Analysis/ScalarEvolution.cpp |
549 |
+@@ -495,3 +495,3 @@ void SCEVUnknown::print(raw_ostream &OS) const { |
550 |
+ if (isAlignOf(AllocTy)) { |
551 |
+- OS << "alignof(" << *AllocTy << ")"; |
552 |
++ OS << "alignOf(" << *AllocTy << ")"; |
553 |
+ return; |
554 |
+diff --git a/libclamav/c++/llvm/lib/Target/X86/X86CodeEmitter.cpp b/libclamav/c++/llvm/lib/Target/X86/X86CodeEmitter.cpp |
555 |
+index 824021c..757ca50 100644 |
556 |
+--- a/libclamav/c++/llvm/lib/Target/X86/X86CodeEmitter.cpp |
557 |
++++ b/libclamav/c++/llvm/lib/Target/X86/X86CodeEmitter.cpp |
558 |
+@@ -569,3 +569,3 @@ void Emitter<CodeEmitter>::emitMemModRMByte(const MachineInstr &MI, |
559 |
+ // Calculate what the SS field value should be... |
560 |
+- static const unsigned SSTable[] = { ~0, 0, 1, ~0, 2, ~0, ~0, ~0, 3 }; |
561 |
++ static const unsigned SSTable[] = { ~0u, 0u, 1u, ~0u, 2u, ~0u, ~0u, ~0u, 3u }; |
562 |
+ unsigned SS = SSTable[Scale.getImm()]; |
563 |
+diff --git a/libclamav/c++/llvm/lib/Target/X86/X86MCCodeEmitter.cpp b/libclamav/c++/llvm/lib/Target/X86/X86MCCodeEmitter.cpp |
564 |
+index 9564fe0..b2b7986 100644 |
565 |
+--- a/libclamav/c++/llvm/lib/Target/X86/X86MCCodeEmitter.cpp |
566 |
++++ b/libclamav/c++/llvm/lib/Target/X86/X86MCCodeEmitter.cpp |
567 |
+@@ -332,3 +332,3 @@ void X86MCCodeEmitter::EmitMemModRMByte(const MCInst &MI, unsigned Op, |
568 |
+ // Calculate what the SS field value should be... |
569 |
+- static const unsigned SSTable[] = { ~0, 0, 1, ~0, 2, ~0, ~0, ~0, 3 }; |
570 |
++ static const unsigned SSTable[] = { ~0u, 0u, 1u, ~0u, 2u, ~0u, ~0u, ~0u, 3u }; |
571 |
+ unsigned SS = SSTable[Scale.getImm()]; |
572 |
+diff --git a/libclamav/mpool.c b/libclamav/mpool.c |
573 |
+index cd38e15..b5e537d 100644 |
574 |
+--- a/libclamav/mpool.c |
575 |
++++ b/libclamav/mpool.c |
576 |
+@@ -417,3 +417,3 @@ static size_t from_bits(unsigned int bits) { |
577 |
+ |
578 |
+-static inline unsigned int alignof(size_t size) |
579 |
++static inline unsigned int alignOf(size_t size) |
580 |
+ { |
581 |
+@@ -609,3 +609,3 @@ static void* allocate_aligned(struct MPMAP *mpm, size_t size, unsigned align, co |
582 |
+ void *mpool_malloc(struct MP *mp, size_t size) { |
583 |
+- size_t align = alignof(size); |
584 |
++ size_t align = alignOf(size); |
585 |
+ size_t i, needed = align_increase(size+FRAG_OVERHEAD, align); |
586 |
|
587 |
diff --git a/app-antivirus/clamav/files/clamav-0.99.2-pcre2-compile-erroffset.patch b/app-antivirus/clamav/files/clamav-0.99.2-pcre2-compile-erroffset.patch |
588 |
new file mode 100644 |
589 |
index 0000000..1ee5517 |
590 |
--- /dev/null |
591 |
+++ b/app-antivirus/clamav/files/clamav-0.99.2-pcre2-compile-erroffset.patch |
592 |
@@ -0,0 +1,12 @@ |
593 |
+--- clamav-0.99.2/libclamav/regex_pcre.c~ 2017-11-28 14:40:56.484208243 +0100 |
594 |
++++ clamav-0.99.2/libclamav/regex_pcre.c 2017-11-28 14:41:07.301207800 +0100 |
595 |
+@@ -112,7 +112,8 @@ int cli_pcre_addoptions(struct cli_pcre_ |
596 |
+ #if USING_PCRE2 |
597 |
+ int cli_pcre_compile(struct cli_pcre_data *pd, long long unsigned match_limit, long long unsigned match_limit_recursion, unsigned int options, int opt_override) |
598 |
+ { |
599 |
+- int errornum, erroffset; |
600 |
++ int errornum; |
601 |
++ size_t erroffset; |
602 |
+ pcre2_general_context *gctx; |
603 |
+ pcre2_compile_context *cctx; |
604 |
+ |
605 |
|
606 |
diff --git a/app-antivirus/clamav/files/clamav-0.99.2-tinfo.patch b/app-antivirus/clamav/files/clamav-0.99.2-tinfo.patch |
607 |
new file mode 100644 |
608 |
index 0000000..4593d16 |
609 |
--- /dev/null |
610 |
+++ b/app-antivirus/clamav/files/clamav-0.99.2-tinfo.patch |
611 |
@@ -0,0 +1,23 @@ |
612 |
+--- a/m4/reorganization/clamdtop.m4 |
613 |
++++ b/m4/reorganization/clamdtop.m4 |
614 |
+@@ -4,12 +4,20 @@ |
615 |
+ |
616 |
+ if test "$enable_clamdtop" != "no"; then |
617 |
+ |
618 |
++PKG_CHECK_MODULES([CURSES],[ncurses], |
619 |
++ [HAVE_LIBNCURSES=yes; CURSES_INCLUDE="<ncurses.h>"], |
620 |
++ [HAVE_LIBNCURSES=no], |
621 |
++) |
622 |
++ |
623 |
++if test "X$HAVE_LIBNCURSES" != "Xyes"; then |
624 |
++ HAVE_LIBNCURSES= |
625 |
+ AC_LIB_FIND([ncurses], [ncurses/ncurses.h], |
626 |
+ AC_LANG_PROGRAM([#include <ncurses/ncurses.h>], |
627 |
+ [initscr(); KEY_RESIZE;]), |
628 |
+ [CURSES_CPPFLAGS="$INCNCURSES"; CURSES_LIBS="$LTLIBNCURSES"; |
629 |
+ CURSES_INCLUDE="<ncurses/ncurses.h>"], |
630 |
+ []) |
631 |
++fi |
632 |
+ |
633 |
+ if test "X$HAVE_LIBNCURSES" != "Xyes"; then |
634 |
+ HAVE_LIBNCURSES= |
635 |
|
636 |
diff --git a/app-antivirus/clamav/files/clamav-0.99.3-VMSF_DELTA-fix-CVE-2012-6706.patch b/app-antivirus/clamav/files/clamav-0.99.3-VMSF_DELTA-fix-CVE-2012-6706.patch |
637 |
new file mode 100644 |
638 |
index 0000000..90facf6 |
639 |
--- /dev/null |
640 |
+++ b/app-antivirus/clamav/files/clamav-0.99.3-VMSF_DELTA-fix-CVE-2012-6706.patch |
641 |
@@ -0,0 +1,186 @@ |
642 |
+Apply proposed changes to fix RAR VMSF_DELTA Filter Signedness error (CVE-2012-6706) |
643 |
+ |
644 |
+Cherry picked from commit a7d8447bd9a4d5ae1fa970c1849c8caeb5f1a805 [Link 1] and |
645 |
+d4699442bce76574573dc564e7f2177d679b88bd [Link 2]. |
646 |
+ |
647 |
+Link 1: https://github.com/Cisco-Talos/clamav-devel/commit/a7d8447bd9a4d5ae1fa970c1849c8caeb5f1a805 |
648 |
+Link 2: https://github.com/Cisco-Talos/clamav-devel/commit/d4699442bce76574573dc564e7f2177d679b88bd |
649 |
+ |
650 |
+--- a/libclamunrar/unrarvm.c |
651 |
++++ b/libclamunrar/unrarvm.c |
652 |
+@@ -213,17 +213,20 @@ void rarvm_addbits(rarvm_input_t *rarvm_input, int bits) |
653 |
+ |
654 |
+ unsigned int rarvm_getbits(rarvm_input_t *rarvm_input) |
655 |
+ { |
656 |
+- unsigned int bit_field; |
657 |
++ unsigned int bit_field = 0; |
658 |
+ |
659 |
+- if (rarvm_input->in_addr+2 < rarvm_input->buf_size) { |
660 |
++ if (rarvm_input->in_addr < rarvm_input->buf_size) { |
661 |
+ bit_field = (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr] << 16; |
662 |
+- bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+1] << 8; |
663 |
+- bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+2]; |
664 |
+- bit_field >>= (8-rarvm_input->in_bit); |
665 |
+- |
666 |
+- return (bit_field & 0xffff); |
667 |
++ if (rarvm_input->in_addr+1 < rarvm_input->buf_size) { |
668 |
++ bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+1] << 8; |
669 |
++ if (rarvm_input->in_addr+2 < rarvm_input->buf_size) { |
670 |
++ bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+2]; |
671 |
++ } |
672 |
++ } |
673 |
+ } |
674 |
+- return 0; |
675 |
++ bit_field >>= (8-rarvm_input->in_bit); |
676 |
++ |
677 |
++ return (bit_field & 0xffff); |
678 |
+ } |
679 |
+ |
680 |
+ unsigned int rarvm_read_data(rarvm_input_t *rarvm_input) |
681 |
+@@ -311,10 +314,10 @@ static unsigned int *rarvm_get_operand(rarvm_data_t *rarvm_data, |
682 |
+ } |
683 |
+ } |
684 |
+ |
685 |
+-static unsigned int filter_itanium_getbits(unsigned char *data, int bit_pos, int bit_count) |
686 |
++static unsigned int filter_itanium_getbits(unsigned char *data, unsigned int bit_pos, unsigned int bit_count) |
687 |
+ { |
688 |
+- int in_addr=bit_pos/8; |
689 |
+- int in_bit=bit_pos&7; |
690 |
++ unsigned int in_addr=bit_pos/8; |
691 |
++ unsigned int in_bit=bit_pos&7; |
692 |
+ unsigned int bit_field=(unsigned int)data[in_addr++]; |
693 |
+ bit_field|=(unsigned int)data[in_addr++] << 8; |
694 |
+ bit_field|=(unsigned int)data[in_addr++] << 16; |
695 |
+@@ -323,10 +326,10 @@ static unsigned int filter_itanium_getbits(unsigned char *data, int bit_pos, int |
696 |
+ return(bit_field & (0xffffffff>>(32-bit_count))); |
697 |
+ } |
698 |
+ |
699 |
+-static void filter_itanium_setbits(unsigned char *data, unsigned int bit_field, int bit_pos, int bit_count) |
700 |
++static void filter_itanium_setbits(unsigned char *data, unsigned int bit_field, unsigned int bit_pos, unsigned int bit_count) |
701 |
+ { |
702 |
+- int i, in_addr=bit_pos/8; |
703 |
+- int in_bit=bit_pos&7; |
704 |
++ unsigned int i, in_addr=bit_pos/8; |
705 |
++ unsigned int in_bit=bit_pos&7; |
706 |
+ unsigned int and_mask=0xffffffff>>(32-bit_count); |
707 |
+ and_mask=~(and_mask<<in_bit); |
708 |
+ |
709 |
+@@ -343,11 +346,12 @@ static void filter_itanium_setbits(unsigned char *data, unsigned int bit_field, |
710 |
+ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_filters_t filter_type) |
711 |
+ { |
712 |
+ unsigned char *data, cmp_byte2, cur_byte, *src_data, *dest_data; |
713 |
+- int i, j, data_size, channels, src_pos, dest_pos, border, width, PosR; |
714 |
+- int op_type, cur_channel, byte_count, start_pos, pa, pb, pc; |
715 |
++ unsigned int i, j, data_size, channels, src_pos, dest_pos, border, width, PosR; |
716 |
++ unsigned int op_type, cur_channel, byte_count, start_pos; |
717 |
++ int pa, pb, pc; |
718 |
+ unsigned int file_offset, cur_pos, predicted; |
719 |
+- int32_t offset, addr; |
720 |
+- const int file_size=0x1000000; |
721 |
++ uint32_t offset, addr; |
722 |
++ const unsigned int file_size=0x1000000; |
723 |
+ |
724 |
+ switch(filter_type) { |
725 |
+ case VMSF_E8: |
726 |
+@@ -356,7 +360,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil |
727 |
+ data_size = rarvm_data->R[4]; |
728 |
+ file_offset = rarvm_data->R[6]; |
729 |
+ |
730 |
+- if (((unsigned int)data_size >= VM_GLOBALMEMADDR) || (data_size < 4)) { |
731 |
++ if ((data_size > VM_GLOBALMEMADDR) || (data_size < 4)) { |
732 |
+ break; |
733 |
+ } |
734 |
+ |
735 |
+@@ -367,12 +371,14 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil |
736 |
+ if (cur_byte==0xe8 || cur_byte==cmp_byte2) { |
737 |
+ offset = cur_pos+file_offset; |
738 |
+ addr = GET_VALUE(FALSE, data); |
739 |
+- if (addr < 0) { |
740 |
+- if (addr+offset >=0 ) { |
741 |
++ // We check 0x80000000 bit instead of '< 0' comparison |
742 |
++ // not assuming int32 presence or uint size and endianness. |
743 |
++ if ((addr & 0x80000000)!=0) { // addr<0 |
744 |
++ if (((addr+offset) & 0x80000000)==0) { // addr+offset>=0 |
745 |
+ SET_VALUE(FALSE, data, addr+file_size); |
746 |
+ } |
747 |
+ } else { |
748 |
+- if (addr<file_size) { |
749 |
++ if (((addr-file_size) & 0x80000000)!=0) { // addr<file_size |
750 |
+ SET_VALUE(FALSE, data, addr-offset); |
751 |
+ } |
752 |
+ } |
753 |
+@@ -386,7 +392,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil |
754 |
+ data_size = rarvm_data->R[4]; |
755 |
+ file_offset = rarvm_data->R[6]; |
756 |
+ |
757 |
+- if (((unsigned int)data_size >= VM_GLOBALMEMADDR) || (data_size < 21)) { |
758 |
++ if ((data_size > VM_GLOBALMEMADDR) || (data_size < 21)) { |
759 |
+ break; |
760 |
+ } |
761 |
+ |
762 |
+@@ -429,7 +435,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil |
763 |
+ border = data_size*2; |
764 |
+ |
765 |
+ SET_VALUE(FALSE, &rarvm_data->mem[VM_GLOBALMEMADDR+0x20], data_size); |
766 |
+- if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) { |
767 |
++ if (data_size > VM_GLOBALMEMADDR/2 || channels > 1024 || channels == 0) { |
768 |
+ break; |
769 |
+ } |
770 |
+ for (cur_channel=0 ; cur_channel < channels ; cur_channel++) { |
771 |
+@@ -440,7 +446,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil |
772 |
+ } |
773 |
+ break; |
774 |
+ case VMSF_RGB: { |
775 |
+- const int channels=3; |
776 |
++ const unsigned int channels=3; |
777 |
+ data_size = rarvm_data->R[4]; |
778 |
+ width = rarvm_data->R[0] - 3; |
779 |
+ PosR = rarvm_data->R[1]; |
780 |
+@@ -448,15 +454,14 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil |
781 |
+ dest_data = src_data + data_size; |
782 |
+ |
783 |
+ SET_VALUE(FALSE, &rarvm_data->mem[VM_GLOBALMEMADDR+0x20], data_size); |
784 |
+- if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) { |
785 |
++ if (data_size > VM_GLOBALMEMADDR/2 || data_size < 3 || width > data_size || PosR > 2) { |
786 |
+ break; |
787 |
+ } |
788 |
+ for (cur_channel=0 ; cur_channel < channels; cur_channel++) { |
789 |
+ unsigned int prev_byte = 0; |
790 |
+ for (i=cur_channel ; i<data_size ; i+=channels) { |
791 |
+- int upper_pos=i-width; |
792 |
+- if (upper_pos >= 3) { |
793 |
+- unsigned char *upper_data = dest_data+upper_pos; |
794 |
++ if (i >= width+3) { |
795 |
++ unsigned char *upper_data = dest_data+i-width; |
796 |
+ unsigned int upper_byte = *upper_data; |
797 |
+ unsigned int upper_left_byte = *(upper_data-3); |
798 |
+ predicted = prev_byte+upper_byte-upper_left_byte; |
799 |
+@@ -486,13 +491,14 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil |
800 |
+ break; |
801 |
+ } |
802 |
+ case VMSF_AUDIO: { |
803 |
+- int channels=rarvm_data->R[0]; |
804 |
++ unsigned int channels=rarvm_data->R[0]; |
805 |
+ data_size = rarvm_data->R[4]; |
806 |
+ src_data = rarvm_data->mem; |
807 |
+ dest_data = src_data + data_size; |
808 |
+ |
809 |
+ SET_VALUE(FALSE, &rarvm_data->mem[VM_GLOBALMEMADDR+0x20], data_size); |
810 |
+- if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) { |
811 |
++ // In fact, audio channels never exceed 4. |
812 |
++ if (data_size > VM_GLOBALMEMADDR/2 || channels > 128 || channels == 0) { |
813 |
+ break; |
814 |
+ } |
815 |
+ for (cur_channel=0 ; cur_channel < channels ; cur_channel++) { |
816 |
+@@ -553,7 +559,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil |
817 |
+ data_size = rarvm_data->R[4]; |
818 |
+ src_pos = 0; |
819 |
+ dest_pos = data_size; |
820 |
+- if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) { |
821 |
++ if (data_size > VM_GLOBALMEMADDR/2) { |
822 |
+ break; |
823 |
+ } |
824 |
+ while (src_pos < data_size) { |
825 |
+-- |
826 |
+2.16.2 |
827 |
+ |
828 |
|
829 |
diff --git a/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch |
830 |
new file mode 100644 |
831 |
index 0000000..a457a71 |
832 |
--- /dev/null |
833 |
+++ b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch |
834 |
@@ -0,0 +1,132 @@ |
835 |
+Author: Manuel Mausz <manuel-clamav@×××××.at> |
836 |
+ |
837 |
+http://lists.clamav.net/pipermail/clamav-users/2018-January/005687.html |
838 |
+ |
839 |
+--- clamav-0.99.3/libclamav/scanners.c.orig 2018-01-26 14:35:23.299386703 +0100 |
840 |
++++ clamav-0.99.3/libclamav/scanners.c 2018-01-26 14:47:44.422451335 +0100 |
841 |
+@@ -1342,39 +1342,35 @@ |
842 |
+ return CL_CLEAN; |
843 |
+ } |
844 |
+ |
845 |
+- /* dump to disk only if explicitly asked to |
846 |
+- * or if necessary to check relative offsets, |
847 |
+- * otherwise we can process just in-memory */ |
848 |
+- if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { |
849 |
+- if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { |
850 |
+- cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); |
851 |
+- return ret; |
852 |
+- } |
853 |
+- if (ctx->engine->keeptmp) |
854 |
+- cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); |
855 |
+- } |
856 |
+- |
857 |
+ if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) { |
858 |
+ cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF); |
859 |
+- free(tmpname); |
860 |
+ return CL_EMEM; |
861 |
+ } |
862 |
+- |
863 |
+ text_normalize_init(&state, normalized, SCANBUFF + maxpatlen); |
864 |
+- ret = CL_CLEAN; |
865 |
+- |
866 |
+ |
867 |
+ if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) { |
868 |
+- free(tmpname); |
869 |
++ free(normalized); |
870 |
+ return ret; |
871 |
+ } |
872 |
+ |
873 |
+ if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) { |
874 |
+ cli_ac_freedata(&tmdata); |
875 |
+- free(tmpname); |
876 |
++ free(normalized); |
877 |
+ return ret; |
878 |
+ } |
879 |
+ |
880 |
++ /* dump to disk only if explicitly asked to |
881 |
++ * or if necessary to check relative offsets, |
882 |
++ * otherwise we can process just in-memory */ |
883 |
++ if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) { |
884 |
++ if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) { |
885 |
++ cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n"); |
886 |
++ goto done; |
887 |
++ } |
888 |
++ if (ctx->engine->keeptmp) |
889 |
++ cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname); |
890 |
++ } |
891 |
++ |
892 |
+ mdata[0] = &tmdata; |
893 |
+ mdata[1] = &gmdata; |
894 |
+ |
895 |
+@@ -1388,9 +1384,8 @@ |
896 |
+ |
897 |
+ if (write(ofd, state.out, state.out_pos) == -1) { |
898 |
+ cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname); |
899 |
+- close(ofd); |
900 |
+- free(tmpname); |
901 |
+- return CL_EWRITE; |
902 |
++ ret = CL_EWRITE; |
903 |
++ goto done; |
904 |
+ } |
905 |
+ text_normalize_reset(&state); |
906 |
+ } |
907 |
+@@ -1409,11 +1404,6 @@ |
908 |
+ funmap(*ctx->fmap); |
909 |
+ } |
910 |
+ *ctx->fmap = map; |
911 |
+- |
912 |
+- /* If we aren't keeping temps, delete the normalized file after scan. */ |
913 |
+- if(!(ctx->engine->keeptmp)) |
914 |
+- if (cli_unlink(tmpname)) ret = CL_EUNLINK; |
915 |
+- |
916 |
+ } else { |
917 |
+ /* Since the above is moderately costly all in all, |
918 |
+ * do the old stuff if there's no relative offsets. */ |
919 |
+@@ -1421,11 +1411,8 @@ |
920 |
+ if (troot) { |
921 |
+ cli_targetinfo(&info, 7, map); |
922 |
+ ret = cli_ac_caloff(troot, &tmdata, &info); |
923 |
+- if (ret) { |
924 |
+- cli_ac_freedata(&tmdata); |
925 |
+- free(tmpname); |
926 |
+- return ret; |
927 |
+- } |
928 |
++ if (ret) |
929 |
++ goto done; |
930 |
+ } |
931 |
+ |
932 |
+ while(1) { |
933 |
+@@ -1466,13 +1453,6 @@ |
934 |
+ |
935 |
+ } |
936 |
+ |
937 |
+- if(ctx->engine->keeptmp) { |
938 |
+- free(tmpname); |
939 |
+- if (ofd >= 0) |
940 |
+- close(ofd); |
941 |
+- } |
942 |
+- free(normalized); |
943 |
+- |
944 |
+ if(ret != CL_VIRUS || SCAN_ALL) { |
945 |
+ if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS) |
946 |
+ viruses_found++; |
947 |
+@@ -1481,9 +1461,19 @@ |
948 |
+ viruses_found++; |
949 |
+ } |
950 |
+ |
951 |
++done: |
952 |
++ free(normalized); |
953 |
+ cli_ac_freedata(&tmdata); |
954 |
+ cli_ac_freedata(&gmdata); |
955 |
+ |
956 |
++ if (ofd != -1) |
957 |
++ close(ofd); |
958 |
++ if (tmpname != NULL) { |
959 |
++ if (!ctx->engine->keeptmp) |
960 |
++ if (cli_unlink(tmpname)) ret = CL_EUNLINK; |
961 |
++ free(tmpname); |
962 |
++ } |
963 |
++ |
964 |
+ if (SCAN_ALL && viruses_found) |
965 |
+ return CL_VIRUS; |
966 |
+ |
967 |
|
968 |
diff --git a/app-antivirus/clamav/files/clamav-0.99.4-fix-newer-zlib.patch b/app-antivirus/clamav/files/clamav-0.99.4-fix-newer-zlib.patch |
969 |
new file mode 100644 |
970 |
index 0000000..1867341 |
971 |
--- /dev/null |
972 |
+++ b/app-antivirus/clamav/files/clamav-0.99.4-fix-newer-zlib.patch |
973 |
@@ -0,0 +1,54 @@ |
974 |
+https://bugs.gentoo.org/649516 |
975 |
+ |
976 |
+Description: fix compatibility with zlib 1.2.9 and newer |
977 |
+Author: Marc Deslauriers <marc.deslauriers@×××××××××.com> |
978 |
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1692073 |
979 |
+ |
980 |
+Index: clamav-0.99.2+dfsg/libclamav/bytecode_api.c |
981 |
+=================================================================== |
982 |
+--- clamav-0.99.2+dfsg.orig/libclamav/bytecode_api.c 2017-08-08 15:20:06.651685637 -0400 |
983 |
++++ clamav-0.99.2+dfsg/libclamav/bytecode_api.c 2017-08-15 15:45:14.645714766 -0400 |
984 |
+@@ -811,8 +811,20 @@ int32_t cli_bcapi_inflate_init(struct cl |
985 |
+ cli_dbgmsg("bytecode api: inflate_init: invalid buffers!\n"); |
986 |
+ return -1; |
987 |
+ } |
988 |
+- memset(&stream, 0, sizeof(stream)); |
989 |
+- ret = inflateInit2(&stream, windowBits); |
990 |
++ |
991 |
++ b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates)*n); |
992 |
++ if (!b) { |
993 |
++ return -1; |
994 |
++ } |
995 |
++ ctx->inflates = b; |
996 |
++ ctx->ninflates = n; |
997 |
++ b = &b[n-1]; |
998 |
++ |
999 |
++ b->from = from; |
1000 |
++ b->to = to; |
1001 |
++ b->needSync = 0; |
1002 |
++ memset(&b->stream, 0, sizeof(stream)); |
1003 |
++ ret = inflateInit2(&b->stream, windowBits); |
1004 |
+ switch (ret) { |
1005 |
+ case Z_MEM_ERROR: |
1006 |
+ cli_dbgmsg("bytecode api: inflateInit2: out of memory!\n"); |
1007 |
+@@ -829,20 +841,6 @@ int32_t cli_bcapi_inflate_init(struct cl |
1008 |
+ cli_dbgmsg("bytecode api: inflateInit2: unknown error %d\n", ret); |
1009 |
+ return -1; |
1010 |
+ } |
1011 |
+- |
1012 |
+- b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates)*n); |
1013 |
+- if (!b) { |
1014 |
+- inflateEnd(&stream); |
1015 |
+- return -1; |
1016 |
+- } |
1017 |
+- ctx->inflates = b; |
1018 |
+- ctx->ninflates = n; |
1019 |
+- b = &b[n-1]; |
1020 |
+- |
1021 |
+- b->from = from; |
1022 |
+- b->to = to; |
1023 |
+- b->needSync = 0; |
1024 |
+- memcpy(&b->stream, &stream, sizeof(stream)); |
1025 |
+ return n-1; |
1026 |
+ } |
1027 |
+ |
1028 |
|
1029 |
diff --git a/app-antivirus/clamav/files/clamav-0.99.4-pcre2-compile-erroffset.patch b/app-antivirus/clamav/files/clamav-0.99.4-pcre2-compile-erroffset.patch |
1030 |
new file mode 100644 |
1031 |
index 0000000..5585ea6 |
1032 |
--- /dev/null |
1033 |
+++ b/app-antivirus/clamav/files/clamav-0.99.4-pcre2-compile-erroffset.patch |
1034 |
@@ -0,0 +1,11 @@ |
1035 |
+--- clamav-0.99.4/libclamav/regex_pcre.c_orig 2018-03-02 19:10:39.702899702 +0100 |
1036 |
++++ clamav-0.99.4/libclamav/regex_pcre.c 2018-03-02 19:09:27.600901912 +0100 |
1037 |
+@@ -112,7 +112,8 @@ |
1038 |
+ #if USING_PCRE2 |
1039 |
+ int cli_pcre_compile(struct cli_pcre_data *pd, long long unsigned match_limit, long long unsigned match_limit_recursion, unsigned int options, int opt_override) |
1040 |
+ { |
1041 |
+- int errornum, erroffset; |
1042 |
++ int errornum; |
1043 |
++ size_t erroffset; |
1044 |
+ pcre2_general_context *gctx; |
1045 |
+ pcre2_compile_context *cctx; |
1046 |
|
1047 |
diff --git a/app-antivirus/clamav/files/clamav-milter.README.gentoo b/app-antivirus/clamav/files/clamav-milter.README.gentoo |
1048 |
new file mode 100644 |
1049 |
index 0000000..f526bd3 |
1050 |
--- /dev/null |
1051 |
+++ b/app-antivirus/clamav/files/clamav-milter.README.gentoo |
1052 |
@@ -0,0 +1,85 @@ |
1053 |
+Nick Hadaway <raker@g.o> |
1054 |
+Updated by Andrea Barisani <lcars@g.o> |
1055 |
+18/05/2004 |
1056 |
+ |
1057 |
+Setting up clamav-milter on Gentoo Linux |
1058 |
+ |
1059 |
+Step 1 - Configure clamd |
1060 |
+ |
1061 |
+Check /etc/clamd.conf, default values should work out of the box but |
1062 |
+read and understand all the options especially if you are going to |
1063 |
+use it on production boxes. |
1064 |
+ |
1065 |
+Step 2 - Tell the init script to start clamd as well as freshclam and the |
1066 |
+ milter itself. |
1067 |
+ |
1068 |
+ nano -w /etc/conf.d/clamd |
1069 |
+ |
1070 |
+ START_CLAMD=yes |
1071 |
+ START_FRESHCLAM=yes |
1072 |
+ START_MILTER=yes |
1073 |
+ |
1074 |
+Step 3 - Inform your MTA about the new milter. |
1075 |
+ |
1076 |
+ SENDMAIL |
1077 |
+ Step 3.a.1 - Edit sendmail.mc |
1078 |
+ |
1079 |
+ Add these lines to sendmail.mc before any any other |
1080 |
+ INPUT_MAIL_FILTER lines and before MAILER(local) |
1081 |
+ NOTE: ANY INPUT_MAIL_FILTER definitions put before these lines |
1082 |
+ will be discarded due to the use of confINPUT_MAIL_FILTERS |
1083 |
+ Make this your first mail filter. :) |
1084 |
+ |
1085 |
+ INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m')dnl |
1086 |
+ define(`confINPUT_MAIL_FILTERS', `clmilter')dnl |
1087 |
+ |
1088 |
+ Step 3.a.2 - Rebuild sendmail.cf |
1089 |
+ |
1090 |
+ cd /etc/mail |
1091 |
+ m4 sendmail.mc > sendmail.cf |
1092 |
+ |
1093 |
+ |
1094 |
+ |
1095 |
+ POSTFIX |
1096 |
+ Step 3.b - Edit main.cf. |
1097 |
+ |
1098 |
+ Add unix:/var/run/clamav/clamav-milter.sock to your |
1099 |
+ smtpd_milters line. If the line doesn't exist, just |
1100 |
+ stick it at the bottom of main.cf on a new line. |
1101 |
+ |
1102 |
+ If you're appending, this is a space separated list. |
1103 |
+ If virus scanning is your most intensive test, you |
1104 |
+ may wish to put it on the end of the list so earlier, |
1105 |
+ easiser tests may punt the message before you go through the |
1106 |
+ trouble of virus scanning it. |
1107 |
+ |
1108 |
+ Only one milter example: |
1109 |
+ |
1110 |
+ # milters to run on network received mail. |
1111 |
+ smtpd_milters=unix:/var/run/clamav/clamav-milter.suck |
1112 |
+ |
1113 |
+ Multiple milters example: |
1114 |
+ |
1115 |
+ # milters to run on network received mail. |
1116 |
+ smtpd_milters=unix:/var/run/dkim-filter/dkim-filter.sock unix:/var/run/clamav/clamav-milter.sock |
1117 |
+ |
1118 |
+ |
1119 |
+Step 5 - Adjust permissions for clamav-milter socket |
1120 |
+ |
1121 |
+ Edit /etc/clamav-milter.conf and check/change MilterSocketGroup and MilterSocketMode |
1122 |
+ e.g. for postfix it would be this (sendmail,.. should be similar): |
1123 |
+ MiltersocketGroup postfix |
1124 |
+ MilterSocketMode 660 |
1125 |
+ |
1126 |
+Step 6 - Start clamad |
1127 |
+ |
1128 |
+ /etc/init.d/clamd start |
1129 |
+ |
1130 |
+Step 7 - Restart your MTA |
1131 |
+ |
1132 |
+ SENDMAIL |
1133 |
+ /etc/init.d/sendmail restart |
1134 |
+ |
1135 |
+ POSTFIX |
1136 |
+ /etc/init.d/postfix restart |
1137 |
+ |
1138 |
|
1139 |
diff --git a/app-antivirus/clamav/files/clamav-milter.service b/app-antivirus/clamav/files/clamav-milter.service |
1140 |
new file mode 100644 |
1141 |
index 0000000..5a1a24f |
1142 |
--- /dev/null |
1143 |
+++ b/app-antivirus/clamav/files/clamav-milter.service |
1144 |
@@ -0,0 +1,12 @@ |
1145 |
+[Unit] |
1146 |
+Description=Milter module for the ClamAV scanner |
1147 |
+After=nss-lookup.target network.target |
1148 |
+Before=sendmail.service |
1149 |
+Before=postfix.service |
1150 |
+ |
1151 |
+[Service] |
1152 |
+ExecStart=/usr/sbin/clamav-milter -c /etc/clamav-milter.conf --nofork=yes |
1153 |
+Restart=on-failure |
1154 |
+ |
1155 |
+[Install] |
1156 |
+WantedBy=multi-user.target |
1157 |
|
1158 |
diff --git a/app-antivirus/clamav/files/clamav-milter.service-r1 b/app-antivirus/clamav/files/clamav-milter.service-r1 |
1159 |
new file mode 100644 |
1160 |
index 0000000..f0118d8 |
1161 |
--- /dev/null |
1162 |
+++ b/app-antivirus/clamav/files/clamav-milter.service-r1 |
1163 |
@@ -0,0 +1,13 @@ |
1164 |
+[Unit] |
1165 |
+Description=Milter module for the ClamAV scanner |
1166 |
+After=nss-lookup.target network.target |
1167 |
+Before=sendmail.service |
1168 |
+Before=postfix.service |
1169 |
+ |
1170 |
+[Service] |
1171 |
+Type=forking |
1172 |
+PIDFile=/run/clamav/clamav-milter.pid |
1173 |
+ExecStart=/usr/sbin/clamav-milter -c /etc/clamav-milter.conf |
1174 |
+ |
1175 |
+[Install] |
1176 |
+WantedBy=multi-user.target |
1177 |
|
1178 |
diff --git a/app-antivirus/clamav/files/clamav.logrotate b/app-antivirus/clamav/files/clamav.logrotate |
1179 |
new file mode 100644 |
1180 |
index 0000000..7a81126 |
1181 |
--- /dev/null |
1182 |
+++ b/app-antivirus/clamav/files/clamav.logrotate |
1183 |
@@ -0,0 +1,17 @@ |
1184 |
+/var/log/clamav/clamd.log { |
1185 |
+ su clamav clamav |
1186 |
+ missingok |
1187 |
+ postrotate |
1188 |
+ /etc/init.d/clamd logfix |
1189 |
+ /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true |
1190 |
+ endscript |
1191 |
+} |
1192 |
+ |
1193 |
+/var/log/clamav/freshclam.log { |
1194 |
+ su clamav clamav |
1195 |
+ missingok |
1196 |
+ postrotate |
1197 |
+ /etc/init.d/clamd logfix |
1198 |
+ /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true |
1199 |
+ endscript |
1200 |
+} |
1201 |
|
1202 |
diff --git a/app-antivirus/clamav/files/clamd.conf b/app-antivirus/clamav/files/clamd.conf |
1203 |
new file mode 100644 |
1204 |
index 0000000..ee05513 |
1205 |
--- /dev/null |
1206 |
+++ b/app-antivirus/clamav/files/clamd.conf |
1207 |
@@ -0,0 +1,9 @@ |
1208 |
+# Config file for /etc/init.d/clamd |
1209 |
+ |
1210 |
+# NOTICE: Since clamav-0.85-r1, only START_CLAMD and START_FRESHCLAM settings |
1211 |
+# are used, other are silently ignored |
1212 |
+ |
1213 |
+START_CLAMD=yes |
1214 |
+START_FRESHCLAM=yes |
1215 |
+CLAMD_NICELEVEL=3 |
1216 |
+FRESHCLAM_NICELEVEL=19 |
1217 |
|
1218 |
diff --git a/app-antivirus/clamav/files/clamd.conf-r1 b/app-antivirus/clamav/files/clamd.conf-r1 |
1219 |
new file mode 100644 |
1220 |
index 0000000..de95554 |
1221 |
--- /dev/null |
1222 |
+++ b/app-antivirus/clamav/files/clamd.conf-r1 |
1223 |
@@ -0,0 +1,7 @@ |
1224 |
+# Config file for /etc/init.d/clamd |
1225 |
+ |
1226 |
+START_CLAMD=yes |
1227 |
+START_FRESHCLAM=yes |
1228 |
+CLAMD_NICELEVEL=3 |
1229 |
+FRESHCLAM_NICELEVEL=19 |
1230 |
+IONICE_LEVEL=2 |
1231 |
|
1232 |
diff --git a/app-antivirus/clamav/files/clamd.initd-r6 b/app-antivirus/clamav/files/clamd.initd-r6 |
1233 |
new file mode 100644 |
1234 |
index 0000000..8cf8dd0 |
1235 |
--- /dev/null |
1236 |
+++ b/app-antivirus/clamav/files/clamd.initd-r6 |
1237 |
@@ -0,0 +1,128 @@ |
1238 |
+#!/sbin/openrc-run |
1239 |
+# Copyright 1999-2018 Gentoo Foundation |
1240 |
+# Distributed under the terms of the GNU General Public License v2 |
1241 |
+ |
1242 |
+daemon_clamd="/usr/sbin/clamd" |
1243 |
+daemon_freshclam="/usr/bin/freshclam" |
1244 |
+daemon_milter="/usr/sbin/clamav-milter" |
1245 |
+ |
1246 |
+extra_commands="logfix" |
1247 |
+ |
1248 |
+depend() { |
1249 |
+ use net |
1250 |
+ provide antivirus |
1251 |
+} |
1252 |
+ |
1253 |
+get_config() { |
1254 |
+ clamconf | sed 's/["=]//g' | \ |
1255 |
+ awk "{ |
1256 |
+ if(\$0==\"Config file: $1.conf\") S=1 |
1257 |
+ if(S==1&&\$0==\"\") { |
1258 |
+ print \"$3\" |
1259 |
+ exit |
1260 |
+ } |
1261 |
+ if(S==1&&\$1~\"^$2\$\") { |
1262 |
+ print \$2!=\"disabled\"?\$2:\"$3\" |
1263 |
+ exit |
1264 |
+ } |
1265 |
+ }" |
1266 |
+} |
1267 |
+ |
1268 |
+start() { |
1269 |
+ # populate variables and fix log file permissions |
1270 |
+ logfix |
1271 |
+ |
1272 |
+ if [ "${START_CLAMD}" = "yes" ]; then |
1273 |
+ checkpath --quiet --mode 755 \ |
1274 |
+ --owner "${clamd_user}":"${clamd_user}" \ |
1275 |
+ --directory `dirname ${clamd_socket}` |
1276 |
+ if [ -S "${clamd_socket}" ]; then |
1277 |
+ rm -f ${clamd_socket} |
1278 |
+ fi |
1279 |
+ ebegin "Starting clamd" |
1280 |
+ start-stop-daemon --start --quiet \ |
1281 |
+ --nicelevel ${CLAMD_NICELEVEL:-0} \ |
1282 |
+ --ionice ${IONICE_LEVEL:-0} \ |
1283 |
+ --exec ${daemon_clamd} |
1284 |
+ eend $? "Failed to start clamd" |
1285 |
+ fi |
1286 |
+ |
1287 |
+ if [ "${START_FRESHCLAM}" = "yes" ]; then |
1288 |
+ checkpath --quiet --mode 755 \ |
1289 |
+ --owner "${clamd_user}":"${clamd_user}" \ |
1290 |
+ --directory `dirname ${clamd_socket}` |
1291 |
+ ebegin "Starting freshclam" |
1292 |
+ start-stop-daemon --start --quiet \ |
1293 |
+ --nicelevel ${FRESHCLAM_NICELEVEL:-0} \ |
1294 |
+ --ionice ${IONICE_LEVEL:-0} \ |
1295 |
+ --exec ${daemon_freshclam} -- -d |
1296 |
+ retcode=$? |
1297 |
+ if [ ${retcode} = 1 ]; then |
1298 |
+ eend 0 |
1299 |
+ einfo "Virus databases are already up to date." |
1300 |
+ else |
1301 |
+ eend ${retcode} "Failed to start freshclam" |
1302 |
+ fi |
1303 |
+ fi |
1304 |
+ |
1305 |
+ if [ "${START_MILTER}" = "yes" ]; then |
1306 |
+ if [ -z "${MILTER_CONF_FILE}" ]; then |
1307 |
+ MILTER_CONF_FILE="/etc/clamav-milter.conf" |
1308 |
+ fi |
1309 |
+ |
1310 |
+ ebegin "Starting clamav-milter" |
1311 |
+ start-stop-daemon --start --quiet \ |
1312 |
+ --nicelevel ${MILTER_NICELEVEL:-0} \ |
1313 |
+ --ionice ${IONICE_LEVEL:-0} \ |
1314 |
+ --exec ${daemon_milter} -- -c ${MILTER_CONF_FILE} |
1315 |
+ eend $? "Failed to start clamav-milter" |
1316 |
+ fi |
1317 |
+} |
1318 |
+ |
1319 |
+stop() { |
1320 |
+ if [ "${START_CLAMD}" = "yes" ]; then |
1321 |
+ ebegin "Stopping clamd" |
1322 |
+ start-stop-daemon --stop --quiet --name clamd |
1323 |
+ eend $? "Failed to stop clamd" |
1324 |
+ fi |
1325 |
+ if [ "${START_FRESHCLAM}" = "yes" ]; then |
1326 |
+ ebegin "Stopping freshclam" |
1327 |
+ start-stop-daemon --stop --quiet --name freshclam |
1328 |
+ eend $? "Failed to stop freshclam" |
1329 |
+ fi |
1330 |
+ if [ "${START_MILTER}" = "yes" ]; then |
1331 |
+ ebegin "Stopping clamav-milter" |
1332 |
+ start-stop-daemon --stop --quiet --name clamav-milter |
1333 |
+ eend $? "Failed to stop clamav-milter" |
1334 |
+ fi |
1335 |
+} |
1336 |
+ |
1337 |
+logfix() { |
1338 |
+ clamd_socket=$(get_config clamd LocalSocket /run/clamav/clamd.sock) |
1339 |
+ clamd_user=$(get_config clamd User clamav) |
1340 |
+ freshclam_user=$(get_config freshclam DatabaseOwner clamav) |
1341 |
+ |
1342 |
+ if [ "${START_CLAMD}" = "yes" ]; then |
1343 |
+ # fix clamd log permissions |
1344 |
+ # (might be clobbered by logrotate or something) |
1345 |
+ local logfile=$(get_config clamd LogFile) |
1346 |
+ if [ -n "${logfile}" ]; then |
1347 |
+ checkpath --quiet \ |
1348 |
+ --owner "${clamd_user}":"${clamd_user}" \ |
1349 |
+ --mode 640 \ |
1350 |
+ --file ${logfile} |
1351 |
+ fi |
1352 |
+ fi |
1353 |
+ |
1354 |
+ if [ "${START_FRESHCLAM}" = "yes" ]; then |
1355 |
+ # fix freshclam log permissions |
1356 |
+ # (might be clobbered by logrotate or something) |
1357 |
+ local logfile=$(get_config freshclam UpdateLogFile) |
1358 |
+ if [ -n "${logfile}" ]; then |
1359 |
+ checkpath --quiet \ |
1360 |
+ --owner "${freshclam_user}":"${freshclam_user}" \ |
1361 |
+ --mode 640 \ |
1362 |
+ --file ${logfile} |
1363 |
+ fi |
1364 |
+ fi |
1365 |
+} |
1366 |
|
1367 |
diff --git a/app-antivirus/clamav/files/clamd.service b/app-antivirus/clamav/files/clamd.service |
1368 |
new file mode 100644 |
1369 |
index 0000000..75aa2cc |
1370 |
--- /dev/null |
1371 |
+++ b/app-antivirus/clamav/files/clamd.service |
1372 |
@@ -0,0 +1,12 @@ |
1373 |
+[Unit] |
1374 |
+Description=clamd scanner daemon |
1375 |
+After=nss-lookup.target network.target |
1376 |
+ |
1377 |
+[Service] |
1378 |
+Type=forking |
1379 |
+ExecStart=/usr/sbin/clamd |
1380 |
+Restart=on-failure |
1381 |
+PrivateTmp=true |
1382 |
+ |
1383 |
+[Install] |
1384 |
+WantedBy=multi-user.target |
1385 |
|
1386 |
diff --git a/app-antivirus/clamav/files/clamd_at.service b/app-antivirus/clamav/files/clamd_at.service |
1387 |
new file mode 100644 |
1388 |
index 0000000..9008ba7 |
1389 |
--- /dev/null |
1390 |
+++ b/app-antivirus/clamav/files/clamd_at.service |
1391 |
@@ -0,0 +1,12 @@ |
1392 |
+[Unit] |
1393 |
+Description=clamd scanner (%i) daemon |
1394 |
+After=nss-lookup.target network.target |
1395 |
+ |
1396 |
+[Service] |
1397 |
+Type=forking |
1398 |
+ExecStart=/usr/sbin/clamd -c /etc/clamd%i.conf |
1399 |
+Restart=on-failure |
1400 |
+PrivateTmp=true |
1401 |
+ |
1402 |
+[Install] |
1403 |
+WantedBy=multi-user.target |
1404 |
|
1405 |
diff --git a/app-antivirus/clamav/files/freshclamd.service b/app-antivirus/clamav/files/freshclamd.service |
1406 |
new file mode 100644 |
1407 |
index 0000000..a0a72c2 |
1408 |
--- /dev/null |
1409 |
+++ b/app-antivirus/clamav/files/freshclamd.service |
1410 |
@@ -0,0 +1,10 @@ |
1411 |
+[Unit] |
1412 |
+Description=clamav updater |
1413 |
+ |
1414 |
+[Service] |
1415 |
+Type=forking |
1416 |
+PIDFile=/run/clamav/freshclam.pid |
1417 |
+ExecStart=/usr/bin/freshclam -d -p /run/clamav/freshclam.pid |
1418 |
+ |
1419 |
+[Install] |
1420 |
+WantedBy=multi-user.target |
1421 |
|
1422 |
diff --git a/app-antivirus/clamav/files/tmpfiles.d/clamav.conf b/app-antivirus/clamav/files/tmpfiles.d/clamav.conf |
1423 |
new file mode 100644 |
1424 |
index 0000000..1672df6 |
1425 |
--- /dev/null |
1426 |
+++ b/app-antivirus/clamav/files/tmpfiles.d/clamav.conf |
1427 |
@@ -0,0 +1 @@ |
1428 |
+d /run/clamav 0710 clamav clamav |
1429 |
|
1430 |
diff --git a/app-antivirus/clamav/metadata.xml b/app-antivirus/clamav/metadata.xml |
1431 |
new file mode 100644 |
1432 |
index 0000000..5ddb818 |
1433 |
--- /dev/null |
1434 |
+++ b/app-antivirus/clamav/metadata.xml |
1435 |
@@ -0,0 +1,20 @@ |
1436 |
+<?xml version="1.0" encoding="UTF-8"?> |
1437 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
1438 |
+<pkgmetadata> |
1439 |
+ <maintainer type="project"> |
1440 |
+ <email>antivirus@g.o</email> |
1441 |
+ <name>Gentoo Antivirus Project</name> |
1442 |
+ </maintainer> |
1443 |
+ <maintainer type="project"> |
1444 |
+ <email>net-mail@g.o</email> |
1445 |
+ <name>Net-Mail</name> |
1446 |
+ </maintainer> |
1447 |
+ <use> |
1448 |
+ <flag name="clamdtop">A Top like tool which shows what clamd is currently scanning amongst other things</flag> |
1449 |
+ <flag name="metadata-analysis-api">Enables collection of file property metadata using ClamAV API for analysis by ClamAV bytecode programs.</flag> |
1450 |
+ <flag name="system-libmspack">Use system libmspack instead of built in</flag> |
1451 |
+ </use> |
1452 |
+ <upstream> |
1453 |
+ <remote-id type="sourceforge">clamav</remote-id> |
1454 |
+ </upstream> |
1455 |
+</pkgmetadata> |