[clamav-users] Proposals for more reliable updates

Paul Kosinski clamav-users at iment.com
Mon Jul 2 21:09:30 EDT 2018

Currently, when a daily.cvd is downloaded, its version and other such
info is in the first N bytes of the whole file, which is quite big.

How about repeating that information in the HTTP response header, so it
could be retrieved by an HTTP HEAD command, rather than having to do a
massive GET, This would allow one to determine cheaply what version of
a file is *actually* available from that mirror.

I realize that although there already is a non-standard HTTP header line
(CF-RAY) Cloudflare may not support customer defined headers.

In that case, they certainly would support auxiliary files, something
like daily.cvd.ver which contained the desired information (analogous
to ".sig" files often associated with big files for security).

If something like one of these were done, distributed mirrors would
cause less trouble. Either it would be cheap to see if the mirrored
version matched the DNS TXT file, or one could do away with that
entirely, since it would be pretty cheap to just consult the mirror.

Still another possibility would be to run a tiny DNS server on each
mirror, and have freshclam do something like:

  dig @mirror current.cvd.clamav.net

and then download from that *particular* mirror if appropriate. (Here
the DNS TXT record would only be updated *after* the cvd file was.)

The point of all these is to reduce the window of inconsistency that is
inherent in all distributed systems which serve up related data -- if
they don't apply the standard complex and expensive solutions, that is.

More information about the clamav-users mailing list