[clamav-users] Freshclam can't use HTTPS with PrivateMirror?
Micah Snyder (micasnyd)
micasnyd at cisco.com
Thu Oct 18 16:23:11 UTC 2018
Hi Sean,
Sorry to say -- freshclam presently doesn't support HTTPS. It is not simply a matter of connecting over port 443 and performing TLS encryption handshakes. Certificate validation is also required. We're considering rewriting a lot of freshclam code to use libcurl to handle HTTPS connections, but feature planning for 0.102 is not complete and I can't promise that it will make it the next version of ClamAV.
Regards,
Micah
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
On Oct 17, 2018, at 10:51 AM, Sean <smalder73 at gmail.com<mailto:smalder73 at gmail.com>> wrote:
Hi,
I'm new to the list, but have been using clam for a good while, it's
just always worked :)
We have created a private mirror of clam data updates on a network
that is not Internet connected. We are required to encrypt network
traffic, e.g. the mirror server must redirect http -> https. I was
hoping to configure freshclam.conf to use the PrivateMirror setting as
detailed at https://github.com/Cisco-Talos/clamav-faq/blob/master/mirrors/CvdPrivateMirror.md
Option #2. We wish to go with #2, because we will not control all
clients, and it will be simpler to user freshclam with proper
configuration than having to support clients configuring a custom
script and having the right things installed to run it.
I see in the code
(https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.101/freshclam/manager.c#L225)
that unless a proxy is used, the port is hard coded to 80.
Is there a reason for this? Should I file a bug? I would think that
utilizing https as much as possible would be a good idea.
Thanks!
--Sean
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20181018/05d7fb41/attachment.htm>
More information about the clamav-users
mailing list