[clamav-users] ClamAV 0.101.0 / HAVP

Scott Kitterman debian at kitterman.com
Mon Feb 4 15:55:26 UTC 2019 

One of the other Debian clamav maintainers sent him patches for 0.101.1 
support with libclamav, in addition to others we've been carrying.

Scott K

On Monday, February 04, 2019 03:24:42 PM Micah Snyder wrote:
> Paul,
> 
> Just heard back from Christian Hilgers.  He has just released HAVP v0.93
> with support for ClamAV 0.101: http://www.havp.org/downloads/
> 
> He's also open to the idea of putting HAVP on GitHub.  I won't pressure him
> further, but if anyone else is keen to contribute to HAVP, you may wish to
> reach out to him.
> 
> Regards,
> -Micah
> 
> On Nov 20, 2018, at 10:01 AM, Micah Snyder (micasnyd)
> <micasnyd at cisco.com<mailto:micasnyd at cisco.com>> wrote:
> 
> I just took a peek at the HAVP source code. It looks like it has a
> "ClamdScanner" and a "ClamLibScanner".  The ClamLibScanner code is only
> built if you configure with --enable-clamav, else I _think_ it falls back
> to the ClamdScanner variant.
> 
> To get HAVP's ClamLibScanner class to build with libclamav 9.0.0 (from
> ClamAV 0.101.0), it will need some minor changes to set the scanning
> options the new way, and the ClamLibScanner's "Scan()" method will need a
> small change to include the filename (or NULL, if a descriptive name is not
> available).  Some additional work would be needed to make these changes
> only if the libclamav version number is 9 or higher in order to support
> both versions, though that shouldn't be too difficult.
> 
> I just reached out to Christian Hilgers (HAVP author) to tell him about the
> API changes and ask if he'd be interested in putting HAVP's source code on
> Github so the open source community may contribute pull-requests to the
> project, as it presently appears to only be available via download from
> their website). I don't know if he actively uses that email address though.
>  It is listed in the source code, so it may see a fair amount of spam.
> *shrugs*.
> 
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
> 
> 
> On Nov 19, 2018, at 8:54 PM, Paul Kosinski
> <clamav-users at iment.com<mailto:clamav-users at iment.com>> wrote:
> 
> I have long been using HAVP with ClamAV to scan HTTP traffic (inbound).
> HAVP uses libclamav directly (rather than e.g., clamd) so it doesn't
> have an excessive performance impact. (Cf. http://www.havp.org/)
> 
> Unfortunately, HAVP hasn't seen any development for a bit over 2 years.
> In the past, simply symlinking the old libclamav.so.x to the new one has
> worked. Now, since the libclamav interface is changing, I worry that
> HAVP might need major modification to work.
> 
> Are there any other users of HAVP in conjunction with ClamAV? (HAVP was
> originally written to work with ClamAV as well as other AV packages,
> such as Kaspersky, Sophos and F-Prot.)
> 
> 
> 
> On Mon, 19 Nov 2018 19:40:30 +0000
> "Joel Esler (jesler)" <jesler at cisco.com<mailto:jesler at cisco.com>> wrote:
> 
> https://blog.clamav.net/2018/11/the-clamav-01010-release-candidate-is.html
> 
> The ClamAV 0.101.0 release candidate is here!
> The ClamAV 0.101.0 release candidate is
> here<http://www.clamav.net/downloads>!
> 
> We have also made significant improvements to our User
> Manual<https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.101/docs/UserM
> anual.md> (the user manual will be moved to
> clamav.net<http://clamav.net><http://clamav.net> soon) and to the inline
> Doxygen documentation in clamav.h for libclamav
> users. Please take a peek, and consider submitting your own
> recommendations via GitHub pull-request. In particular, we'd love to
> expand the Usage section with details on how to integrate ClamAV with
> other software. Your input would be greatly appreciated.
> 
> A short summary of the improvements found in 0.101:
> 
> 
>  *   Changes to the libclamav API:
>     *   Those who build applications around our shared library will
> need to change how they declare and pass scanning options to
> libclamav. Please take a look at the change to our example code for
> details.
>     *   Scanning functions now have a filename argument. The
> argument is optional, but improves the efficiency when parsing
> certain types that require a file on disk to open and read, and will
> allow for additional improvements in the future.
>     *   Many of the scanning option #defines have changed. These can
> be found in our clamav.h header.
>     *   The libclamav version number has changed.
>  *   Some of the clamd config and clamscan command line option names
> have changed. The original versions will still work for a time, but
> eventually they will be deprecated. These options in question are
> detailed in the NEWS document.
>  *   A new sub-signature type called "Byte Compare". Byte Compare
> sub-signatures can be used to evaluate a numeric value at a given
> offset from the start of another (matched) sub-signature within the
> same logical signature. That numerical value may be interpreted from
> signed ascii decimal, unsigned ascii hex, or unsigned binary data
> relative to a match offset. For details, see the signature writing
> documentation.
>  *   Changes to our documentation. Documentation is now in Markdown
> and should be easier to navigate and easier to contribute to.
>  *   Support for extraction/scanning of RAR v5.x archives.
> 
> 
> For additional details on changes in 0.101, please read the notes in
> our NEWS document.
> 
> Thank you in advance for test-driving the ClamAV 0.101 release
> candidate<http://www.clamav.net/downloads>! Bugs should be brought to
> our attention via the clamav-devel mailing
> list<http://www.clamav.net/contact#ml> or via
> bugzilla<https://bugzilla.clamav.net/>.
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml
> 
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

More information about the clamav-users mailing list