[clamav-users] Problem with ClamAV 0.98.4 - HAVP won't load CVD files

Al Varnell alvarnell at mac.com
Wed Jul 9 02:42:54 EDT 2014

So you’ve tried the beta and it didn’t fix the issue?  One of the reasons for announcing the beta was so folks like you can play in the bug fixing process.

There are dozens of changes to each version and only a few of the major items are ever mentioned in the announcements.  There are far too many bug fixes for developers to respond to all issues such as yours.  It’s likely to be several weeks or even months before 0.98.5 is released.


On Tue, Jul 08, 2014 at 11:32 PM, Henrik K wrote

> It's been two mondays now and no news... a new beta is posted but nothing
> about the issue is mentioned?

> On Thu, Jun 26, 2014 at 12:52:47PM -0400, Shawn Webb wrote:
>> Hey Paul,
>> The reason for that is likely due to my usage of ctors and dtors with
>> 0.98.3. In that version, I had added a ctors entry in libclamav to call
>> cl_initialize_crypto and a dtors entry to call cl_cleanup_crypto. It turns
>> out that operating systems like AIX, HPUX, and Solaris 10 don't support
>> ctors/dtors. In order to provide support for those OSs, I opted to remove
>> the ctors/dtors entries and call cl_initialize_crypto directly in the
>> applications that we distribute that consume libclamav (clamscan, clamd,
>> clamdscan, freshclam, etc.) That means that we're no longer calling
>> cl_initialize_crypto in the background and third-party applications will
>> need to call cl_initialize_crypto themselves. But that may or may not
>> change with the discussion on Monday.
>> Thanks,
>> Shawn
>> On Thu, Jun 26, 2014 at 12:37 PM, Paul Kosinski <clamav at iment.com> wrote:

>>> Shawn,
>>> Yes indeed, HAVP calls into libclamav directly.  But then why does this
>>> only fail in 0.98.4 but *not* in 0.98.3?  Wasn't OpenSSL already being
>>> used in 0.98.3?
>>> An additional problem is that the HAVP developer seems to have stopped
>>> working on it, according to the HAVP forum (http://havp.hege.li/forum/).
>>> Of course, since HAVP is Open Source, I could change it for my use
>>> (but I don't want to take it over).
>>> Thanks for the quick response,
>>> Paul

>>>> Hey Paul,
>>>> It looks like HAVP is calling into libclamav directly. That means
>>>> that HAVP will need to either initialize OpenSSL prior to calling the
>>>> cl_init() function in libclamav, or it will need to call
>>>> cl_initialize_crypto() prior to calling cl_init(). We have an open
>>>> bug on our end to track this issue (bugzilla bug 11037).
>>>> Additionally, a bug report should be opened with HAVP to document
>>>> the issue on their end. I will be discussing with the team soon
>>>> potential solutions going forward.
>>>> Thanks,
>>>> Shawn

More information about the clamav-users mailing list