public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2017-01-27 19:44 Austin English
  0 siblings, 0 replies; 15+ messages in thread
From: Austin English @ 2017-01-27 19:44 UTC (permalink / raw
  To: gentoo-commits

commit:     bcbbdee31e7cc94d9262a9df057db8fdd31d2f47
Author:     Austin English <wizardedit <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 27 19:36:06 2017 +0000
Commit:     Austin English <wizardedit <AT> gentoo <DOT> org>
CommitDate: Fri Jan 27 19:44:13 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bcbbdee3

app-antivirus/clamav: use upstream fix for broken zlib check instead of disabling it completely

Ack'ed by radhermit

Gentoo-Bug: https://bugs.gentoo.org/604650

Package-Manager: Portage-2.3.2, Repoman-2.3.1

 app-antivirus/clamav/clamav-0.99.1.ebuild          |  7 +++++--
 app-antivirus/clamav/clamav-0.99.2.ebuild          |  5 +++--
 app-antivirus/clamav/clamav-0.99.ebuild            |  5 ++++-
 .../clamav/files/clamav-configure-zlib.patch       | 22 ++++++++++++++++++++++
 4 files changed, 34 insertions(+), 5 deletions(-)

diff --git a/app-antivirus/clamav/clamav-0.99.1.ebuild b/app-antivirus/clamav/clamav-0.99.1.ebuild
index 4f16064..be2a73a 100644
--- a/app-antivirus/clamav/clamav-0.99.1.ebuild
+++ b/app-antivirus/clamav/clamav-0.99.1.ebuild
@@ -1,10 +1,10 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Id$
 
 EAPI=5
 
-inherit eutils flag-o-matic user systemd
+inherit autotools eutils flag-o-matic user systemd
 
 DESCRIPTION="Clam Anti-Virus Scanner"
 HOMEPAGE="http://www.clamav.net/"
@@ -45,6 +45,9 @@ pkg_setup() {
 src_prepare() {
 	use ppc64 && append-flags -mminimal-toc
 	use uclibc && export ac_cv_type_error_t=yes
+
+	epatch "${FILESDIR}"/${PN}-configure-zlib.patch # 604650, fixed in upstream HEAD
+	eautoconf
 }
 
 src_configure() {

diff --git a/app-antivirus/clamav/clamav-0.99.2.ebuild b/app-antivirus/clamav/clamav-0.99.2.ebuild
index 5ab484b..1ce8399 100644
--- a/app-antivirus/clamav/clamav-0.99.2.ebuild
+++ b/app-antivirus/clamav/clamav-0.99.2.ebuild
@@ -4,7 +4,7 @@
 
 EAPI=5
 
-inherit eutils flag-o-matic user systemd
+inherit autotools eutils flag-o-matic user systemd
 
 DESCRIPTION="Clam Anti-Virus Scanner"
 HOMEPAGE="http://www.clamav.net/"
@@ -48,13 +48,14 @@ src_prepare() {
 	use uclibc && export ac_cv_type_error_t=yes
 
 	epatch "${FILESDIR}"/${P}-gcc-6.patch #592432
+	epatch "${FILESDIR}"/${PN}-configure-zlib.patch # 604650, fixed in upstream HEAD
+	eautoconf
 }
 
 src_configure() {
 	econf \
 		--disable-experimental \
 		--disable-fanotify \
-		--disable-zlib-vcheck \
 		--enable-id-check \
 		--with-dbdir="${EPREFIX}"/var/lib/clamav \
 		--with-system-tommath \

diff --git a/app-antivirus/clamav/clamav-0.99.ebuild b/app-antivirus/clamav/clamav-0.99.ebuild
index 144082f..b77f3e7 100644
--- a/app-antivirus/clamav/clamav-0.99.ebuild
+++ b/app-antivirus/clamav/clamav-0.99.ebuild
@@ -4,7 +4,7 @@
 
 EAPI=5
 
-inherit eutils flag-o-matic user systemd
+inherit autotools eutils flag-o-matic user systemd
 
 DESCRIPTION="Clam Anti-Virus Scanner"
 HOMEPAGE="http://www.clamav.net/"
@@ -45,6 +45,9 @@ pkg_setup() {
 src_prepare() {
 	use ppc64 && append-flags -mminimal-toc
 	use uclibc && export ac_cv_type_error_t=yes
+
+	epatch "${FILESDIR}"/${PN}-configure-zlib.patch # 604650, fixed in upstream HEAD
+	eautoconf
 }
 
 src_configure() {

diff --git a/app-antivirus/clamav/files/clamav-configure-zlib.patch b/app-antivirus/clamav/files/clamav-configure-zlib.patch
new file mode 100644
index 00000000..8d1f4e6
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-configure-zlib.patch
@@ -0,0 +1,22 @@
+commit f0bcd186190fe6e67b3f0eaaceb7a99aa6a98865
+Author: Steven Morgan <stevmorg@cisco.com>
+Date:   Thu Jan 5 12:30:35 2017 -0500
+
+    bb111711 - fix zlib version check - patch by Daniel J. Luke.
+
+diff --git a/m4/reorganization/libs/libz.m4 b/m4/reorganization/libs/libz.m4
+index b5c7414..f7b67ca 100644
+--- a/m4/reorganization/libs/libz.m4
++++ b/m4/reorganization/libs/libz.m4
+@@ -29,9 +29,9 @@ then
+     AC_MSG_ERROR([Please install zlib and zlib-devel packages])
+ else
+ 
+-    vuln=`grep "ZLIB_VERSION \"1.2.0" $ZLIB_HOME/include/zlib.h`
++    vuln=`grep "ZLIB_VERSION \"1.2.0\"" $ZLIB_HOME/include/zlib.h`
+     if test -z "$vuln"; then
+-	vuln=`grep "ZLIB_VERSION \"1.2.1" $ZLIB_HOME/include/zlib.h`
++	vuln=`grep "ZLIB_VERSION \"1.2.1\"" $ZLIB_HOME/include/zlib.h`
+     fi
+ 
+     if test -n "$vuln"; then


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2017-11-23 22:30 Robin H. Johnson
  0 siblings, 0 replies; 15+ messages in thread
From: Robin H. Johnson @ 2017-11-23 22:30 UTC (permalink / raw
  To: gentoo-commits

commit:     e33445233f097eadbbb1acf0861e9a41593bc593
Author:     coyote <coyote <AT> bks <DOT> tv>
AuthorDate: Thu Nov 23 01:52:52 2017 +0000
Commit:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Thu Nov 23 22:30:48 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e3344523

app-antivirus/clamav: fix compatibility with >=zlib-1.2.9

Include patch from  Marc Deslauriers <marc.deslauriers <AT> canonical.com> to
fix compatibility with zlib newer 1.2.9 and enable test in ebuild (now
it work correctly).

(commit message cleaned up by Robin H. Johnson <robbat2 <AT> gentoo.org>)

Bug: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1692073
Closes: https://bugs.gentoo.org/638544
(cherry picked from commit 535d9b43c3472916bfb977921f0a10f2cc02dc4b)
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>

 app-antivirus/clamav/Manifest                      |  2 +-
 app-antivirus/clamav/clamav-0.99.2-r1.ebuild       |  6 ++-
 .../clamav/files/clamav-0.99.2-bytecode_api.patch  | 50 ++++++++++++++++++++++
 3 files changed, 56 insertions(+), 2 deletions(-)

diff --git a/app-antivirus/clamav/Manifest b/app-antivirus/clamav/Manifest
index 18a55f717c3..7c1733ae48b 100644
--- a/app-antivirus/clamav/Manifest
+++ b/app-antivirus/clamav/Manifest
@@ -1,4 +1,4 @@
 DIST clamav-0.98.7.tar.gz 15118851 SHA256 282417b707740de13cd8f18d4cbca9ddd181cf96b444db2cad98913a5153e272 SHA512 acf01961472c13ccb219420cc3fa3c3e6f8a733edef371dbc04ce5867900aa1535e956ec8ad50d31c8f872a0a1d79fcccac944cd86e29ecdfa4af18f7fd5afb9 WHIRLPOOL c9f2e6f52f07f68bdcccf55ca1aab0bf3deaa6963279459d64ecca076a9ed0ef53c25996b2b673e9746833822df24689a9fab0654064c5ee6ed372a86966fbb6
 DIST clamav-0.99.1.tar.gz 15990867 SHA256 e144689122d3f91293808c82cbb06b7d3ac9eca7ae29564c5d148ffe7b25d58a SHA512 9beb5c0ebff2aef741bb27811c1f10a7cd5da354ff67272ee8994d87c95e272a5983105af0fe1a734e1fa99f112dc4dddd9d82074a0df6715814817f85a45f4f WHIRLPOOL e2afd7b7d377c1a1af802e780839bb21bcd318035ac858b6cb11545db3673d3f74ba3159b837238982248720379f98ab51e279a8636bbea89331136891e88e5d
-DIST clamav-0.99.2.tar.gz 16067497 SHA256 167bd6a13e05ece326b968fdb539b05c2ffcfef6018a274a10aeda85c2c0027a SHA512 7744ba8a344b163cf98e9737cddfd25d2120b34ee9c4518380e028c9ec3cd50127b198b0dfa9fde30f5ce9aab0c0e6384712fbc11287e77d16ce052fd7b6ac44 WHIRLPOOL 371dc56c3ffa0ff40381d451687a9331a0587943a048604c6667e1018fbfe5559b023654d29f47505bd69a1a44f88adfb5b93b7c55c8cbc6f0bbfcbf836bf631
+DIST clamav-0.99.2.tar.gz 16067497 BLAKE2B 4155e3125ccc45cc6828033f207b6b8d3514253dfb8156428ad4096c0901d5a8500f9dd253b8f40afdc49a6039b647627868f75d51829ab7bd247ada5f3b8383 SHA512 7744ba8a344b163cf98e9737cddfd25d2120b34ee9c4518380e028c9ec3cd50127b198b0dfa9fde30f5ce9aab0c0e6384712fbc11287e77d16ce052fd7b6ac44
 DIST clamav-0.99.tar.gz 15968038 SHA256 d2792c8cfadd685fffc40b2199679628815df031fd3149ccf961649fc8787ea9 SHA512 328e66fa412ba61f5e44c839b254c7a84d2ce7821fda6cf29e4ee9532c06e45bdec62f202ca561223e984fff170bfd8280e5cc8e306c09a3017b17e7db3bbf56 WHIRLPOOL 696b425c0d3a6639d627e6dba000a57c4e532232f9f42a564a992c0b459d8041a1947b09548d99b621a5685c78d91045adf4b61731242f55eda2b8d5150fc8b8

diff --git a/app-antivirus/clamav/clamav-0.99.2-r1.ebuild b/app-antivirus/clamav/clamav-0.99.2-r1.ebuild
index 579249e1388..a44017407cf 100644
--- a/app-antivirus/clamav/clamav-0.99.2-r1.ebuild
+++ b/app-antivirus/clamav/clamav-0.99.2-r1.ebuild
@@ -7,7 +7,6 @@ inherit autotools eutils flag-o-matic user systemd
 
 DESCRIPTION="Clam Anti-Virus Scanner"
 HOMEPAGE="http://www.clamav.net/"
-# no longer on sf.net from 0.99.2 onwards
 SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
 
 LICENSE="GPL-2"
@@ -40,6 +39,7 @@ PATCHES=(
 	"${FILESDIR}"/${P}-gcc-6.patch
 	"${FILESDIR}"/${P}-tinfo.patch
 	"${FILESDIR}"/${PN}-0.99-zlib.patch
+	"${FILESDIR}"/${P}-bytecode_api.patch
 )
 
 pkg_setup() {
@@ -142,6 +142,10 @@ src_install() {
 	prune_libtool_files --all
 }
 
+src_test() {
+	emake quick-check
+}
+
 pkg_postinst() {
 	if use milter ; then
 		elog "For simple instructions how to setup the clamav-milter read the"

diff --git a/app-antivirus/clamav/files/clamav-0.99.2-bytecode_api.patch b/app-antivirus/clamav/files/clamav-0.99.2-bytecode_api.patch
new file mode 100644
index 00000000000..d6cd5264ed7
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.99.2-bytecode_api.patch
@@ -0,0 +1,50 @@
+Description: fix compatibility with zlib 1.2.9 and newer
+Author: Marc Deslauriers <marc.deslauriers@canonical.com>
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1692073
+
+--- a/libclamav/bytecode_api.c	2017-08-08 15:20:06.651685637 -0400
++++ b/libclamav/bytecode_api.c	2017-08-15 15:45:14.645714766 -0400
+@@ -811,8 +811,20 @@ int32_t cli_bcapi_inflate_init(struct cl
+         cli_dbgmsg("bytecode api: inflate_init: invalid buffers!\n");
+         return -1;
+     }
+-    memset(&stream, 0, sizeof(stream));
+-    ret = inflateInit2(&stream, windowBits);
++
++    b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates)*n);
++    if (!b) {
++        return -1;
++    }
++    ctx->inflates = b;
++    ctx->ninflates = n;
++    b = &b[n-1];
++
++    b->from = from;
++    b->to = to;
++    b->needSync = 0;
++    memset(&b->stream, 0, sizeof(stream));
++    ret = inflateInit2(&b->stream, windowBits);
+     switch (ret) {
+         case Z_MEM_ERROR:
+             cli_dbgmsg("bytecode api: inflateInit2: out of memory!\n");
+@@ -829,20 +841,6 @@ int32_t cli_bcapi_inflate_init(struct cl
+             cli_dbgmsg("bytecode api: inflateInit2: unknown error %d\n", ret);
+             return -1;
+     }
+-
+-    b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates)*n);
+-    if (!b) {
+-        inflateEnd(&stream);
+-        return -1;
+-    }
+-    ctx->inflates = b;
+-    ctx->ninflates = n;
+-    b = &b[n-1];
+-
+-    b->from = from;
+-    b->to = to;
+-    b->needSync = 0;
+-    memcpy(&b->stream, &stream, sizeof(stream));
+     return n-1;
+ }
+ 


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2017-12-07 15:29 Craig Andrews
  0 siblings, 0 replies; 15+ messages in thread
From: Craig Andrews @ 2017-12-07 15:29 UTC (permalink / raw
  To: gentoo-commits

commit:     ed2ec9f4ebd6b7cf6c8bcbf06fcbb46d826d6d01
Author:     Craig Andrews <candrews <AT> gentoo <DOT> org>
AuthorDate: Thu Nov 30 16:19:34 2017 +0000
Commit:     Craig Andrews <candrews <AT> gentoo <DOT> org>
CommitDate: Thu Dec  7 15:28:48 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ed2ec9f4

app-antivirus/clamav: Fix SIGSEGV on 64bit archs

Suggested-by: Jiří Moravec <qjim <AT> volny.cz>
Bug: https://bugzilla.clamav.net/show_bug.cgi?id=11965
Closes: https://bugs.gentoo.org/638932
Closes: https://bugs.gentoo.org/616564
Closes: https://github.com/gentoo/gentoo/pull/6358
Package-Manager: Portage-2.3.16, Repoman-2.3.6

 app-antivirus/clamav/Manifest                      |   2 +-
 app-antivirus/clamav/clamav-0.99.2-r2.ebuild       | 159 +++++++++++++++++++++
 .../clamav-0.99.2-pcre2-compile-erroffset.patch    |  12 ++
 3 files changed, 172 insertions(+), 1 deletion(-)

diff --git a/app-antivirus/clamav/Manifest b/app-antivirus/clamav/Manifest
index b2d1c7d6d75..2f052faf2fc 100644
--- a/app-antivirus/clamav/Manifest
+++ b/app-antivirus/clamav/Manifest
@@ -1,4 +1,4 @@
 DIST clamav-0.98.7.tar.gz 15118851 BLAKE2B 5fffd1896645b5e77f26819eb16e1d9e9cbb8a71d5627aa31ce009b37172fe5c9fff77d6646940c8065c856cf1a74737ffafc79d4e288b8d1202620fe568d1bc SHA512 acf01961472c13ccb219420cc3fa3c3e6f8a733edef371dbc04ce5867900aa1535e956ec8ad50d31c8f872a0a1d79fcccac944cd86e29ecdfa4af18f7fd5afb9
-DIST clamav-0.99.1.tar.gz 15990867 SHA256 e144689122d3f91293808c82cbb06b7d3ac9eca7ae29564c5d148ffe7b25d58a SHA512 9beb5c0ebff2aef741bb27811c1f10a7cd5da354ff67272ee8994d87c95e272a5983105af0fe1a734e1fa99f112dc4dddd9d82074a0df6715814817f85a45f4f WHIRLPOOL e2afd7b7d377c1a1af802e780839bb21bcd318035ac858b6cb11545db3673d3f74ba3159b837238982248720379f98ab51e279a8636bbea89331136891e88e5d
+DIST clamav-0.99.1.tar.gz 15990867 BLAKE2B 3b5d046c0b4e965ff26bea3b6b416e261ce86c449d092fd1debf52e4df5e5448039f7769f94d5817c9754100d296a0eb37ca5289f3cb5af8e58be9e93ef59a18 SHA512 9beb5c0ebff2aef741bb27811c1f10a7cd5da354ff67272ee8994d87c95e272a5983105af0fe1a734e1fa99f112dc4dddd9d82074a0df6715814817f85a45f4f
 DIST clamav-0.99.2.tar.gz 16067497 BLAKE2B 4155e3125ccc45cc6828033f207b6b8d3514253dfb8156428ad4096c0901d5a8500f9dd253b8f40afdc49a6039b647627868f75d51829ab7bd247ada5f3b8383 SHA512 7744ba8a344b163cf98e9737cddfd25d2120b34ee9c4518380e028c9ec3cd50127b198b0dfa9fde30f5ce9aab0c0e6384712fbc11287e77d16ce052fd7b6ac44
 DIST clamav-0.99.tar.gz 15968038 BLAKE2B d3690f08215b8d870e8fb11b11eea6bb92a2eb4b7edddb037ed2f0e8c823a6c5856a3824716cd04f02ec985188ccd36ae41c5077df09ed1948281012dd28ef8c SHA512 328e66fa412ba61f5e44c839b254c7a84d2ce7821fda6cf29e4ee9532c06e45bdec62f202ca561223e984fff170bfd8280e5cc8e306c09a3017b17e7db3bbf56

diff --git a/app-antivirus/clamav/clamav-0.99.2-r2.ebuild b/app-antivirus/clamav/clamav-0.99.2-r2.ebuild
new file mode 100644
index 00000000000..136dd3847d5
--- /dev/null
+++ b/app-antivirus/clamav/clamav-0.99.2-r2.ebuild
@@ -0,0 +1,159 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools eutils flag-o-matic user systemd
+
+DESCRIPTION="Clam Anti-Virus Scanner"
+HOMEPAGE="http://www.clamav.net/"
+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
+IUSE="bzip2 clamdtop iconv ipv6 libressl milter metadata-analysis-api selinux static-libs uclibc"
+
+CDEPEND="bzip2? ( app-arch/bzip2 )
+	clamdtop? ( sys-libs/ncurses:0 )
+	iconv? ( virtual/libiconv )
+	metadata-analysis-api? ( dev-libs/json-c )
+	milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )
+	dev-libs/libtommath
+	>=sys-libs/zlib-1.2.2
+	!libressl? ( dev-libs/openssl:0= )
+	libressl? ( dev-libs/libressl:0= )
+	sys-devel/libtool
+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
+	!!<app-antivirus/clamav-0.99"
+# hard block clamav < 0.99 due to linking problems Bug #567680
+# openssl is now *required* see this link as to why
+# http://blog.clamav.net/2014/02/introducing-openssl-as-dependency-to.html
+DEPEND="${CDEPEND}
+	virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-clamav )"
+
+DOCS=( AUTHORS BUGS ChangeLog FAQ INSTALL NEWS README UPGRADE )
+PATCHES=(
+	"${FILESDIR}"/${P}-gcc-6.patch
+	"${FILESDIR}"/${P}-tinfo.patch
+	"${FILESDIR}"/${PN}-0.99-zlib.patch
+	"${FILESDIR}"/${P}-bytecode_api.patch
+	"${FILESDIR}"/${P}-pcre2-compile-erroffset.patch
+)
+
+pkg_setup() {
+	enewgroup clamav
+	enewuser clamav -1 -1 /dev/null clamav
+}
+
+src_prepare() {
+	default
+
+	eautoconf
+}
+
+src_configure() {
+	use ppc64 && append-flags -mminimal-toc
+	use uclibc && export ac_cv_type_error_t=yes
+
+	econf \
+		$(use_enable bzip2) \
+		$(use_enable clamdtop) \
+		$(use_enable ipv6) \
+		$(use_enable milter) \
+		$(use_enable static-libs static) \
+		$(use_with iconv) \
+		$(use_with metadata-analysis-api libjson /usr) \
+		--cache-file="${S}"/config.cache \
+		--disable-experimental \
+		--disable-gcc-vcheck \
+		--disable-zlib-vcheck \
+		--enable-id-check \
+		--with-dbdir="${EPREFIX}"/var/lib/clamav \
+		--with-system-tommath \
+		--with-zlib="${EPREFIX}"/usr
+}
+
+src_install() {
+	default
+
+	rm -rf "${ED}"/var/lib/clamav
+	newinitd "${FILESDIR}"/clamd.initd-r6 clamd
+	newconfd "${FILESDIR}"/clamd.conf-r1 clamd
+
+	systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf"
+	systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
+	systemd_dounit "${FILESDIR}/clamd.service"
+	systemd_dounit "${FILESDIR}/freshclamd.service"
+
+	keepdir /var/lib/clamav
+	fowners clamav:clamav /var/lib/clamav
+	keepdir /var/log/clamav
+	fowners clamav:clamav /var/log/clamav
+
+	dodir /etc/logrotate.d
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/clamav.logrotate clamav
+
+	# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
+	sed -i -e "s:^\(Example\):\# \1:" \
+		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \
+		-e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \
+		-e "s:.*\(User\) .*:\1 clamav:" \
+		-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
+		-e "s:^\#\(LogTime\).*:\1 yes:" \
+		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+		"${ED}"/etc/clamd.conf.sample || die
+	sed -i -e "s:^\(Example\):\# \1:" \
+		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \
+		-e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \
+		-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
+		-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
+		-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+		"${ED}"/etc/freshclam.conf.sample || die
+
+	if use milter ; then
+		# MilterSocket one to include ' /' because there is a 2nd line for
+		# inet: which we want to leave
+		dodoc "${FILESDIR}"/clamav-milter.README.gentoo
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \
+			-e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \
+			-e "s:.*\(User\) .*:\1 clamav:" \
+			-e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \
+			-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
+			"${ED}"/etc/clamav-milter.conf.sample || die
+		cat >> "${ED}"/etc/conf.d/clamd <<-EOF
+			MILTER_NICELEVEL=19
+			START_MILTER=no
+		EOF
+
+		systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
+	fi
+
+	for i in clamd freshclam clamav-milter
+	do
+		[[ -f "${D}"/etc/"${i}".conf.sample ]] && mv "${D}"/etc/"${i}".conf{.sample,}
+	done
+
+	prune_libtool_files --all
+}
+
+src_test() {
+	emake quick-check
+}
+
+pkg_postinst() {
+	if use milter ; then
+		elog "For simple instructions how to setup the clamav-milter read the"
+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
+	fi
+	if test -z $(find "${ROOT}"var/lib/clamav -maxdepth 1 -name 'main.c*' -print -quit) ; then
+		ewarn "You must run freshclam manually to populate the virus database files"
+		ewarn "before starting clamav for the first time.\n"
+	fi
+}

diff --git a/app-antivirus/clamav/files/clamav-0.99.2-pcre2-compile-erroffset.patch b/app-antivirus/clamav/files/clamav-0.99.2-pcre2-compile-erroffset.patch
new file mode 100644
index 00000000000..1ee55171afb
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.99.2-pcre2-compile-erroffset.patch
@@ -0,0 +1,12 @@
+--- clamav-0.99.2/libclamav/regex_pcre.c~	2017-11-28 14:40:56.484208243 +0100
++++ clamav-0.99.2/libclamav/regex_pcre.c	2017-11-28 14:41:07.301207800 +0100
+@@ -112,7 +112,8 @@ int cli_pcre_addoptions(struct cli_pcre_
+ #if USING_PCRE2
+ int cli_pcre_compile(struct cli_pcre_data *pd, long long unsigned match_limit, long long unsigned match_limit_recursion, unsigned int options, int opt_override)
+ {
+-    int errornum, erroffset;
++    int errornum;
++    size_t erroffset;
+     pcre2_general_context *gctx;
+     pcre2_compile_context *cctx;
+ 


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2018-01-26 15:23 Thomas Deutschmann
  0 siblings, 0 replies; 15+ messages in thread
From: Thomas Deutschmann @ 2018-01-26 15:23 UTC (permalink / raw
  To: gentoo-commits

commit:     194c79e18139961a9411a22566eb29d764081ef2
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 26 15:23:29 2018 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Fri Jan 26 15:23:43 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=194c79e1

app-antivirus/clamav: rev bump to fix fd leak in cli_scanscript

Package-Manager: Portage-2.3.20, Repoman-2.3.6

 ...lamav-0.99.3.ebuild => clamav-0.99.3-r1.ebuild} |   1 +
 ...mav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch | 132 +++++++++++++++++++++
 2 files changed, 133 insertions(+)

diff --git a/app-antivirus/clamav/clamav-0.99.3.ebuild b/app-antivirus/clamav/clamav-0.99.3-r1.ebuild
similarity index 98%
rename from app-antivirus/clamav/clamav-0.99.3.ebuild
rename to app-antivirus/clamav/clamav-0.99.3-r1.ebuild
index 3a577d05ac2..adb446d1472 100644
--- a/app-antivirus/clamav/clamav-0.99.3.ebuild
+++ b/app-antivirus/clamav/clamav-0.99.3-r1.ebuild
@@ -40,6 +40,7 @@ PATCHES=(
 	"${FILESDIR}"/${PN}-0.99.2-tinfo.patch
 	"${FILESDIR}"/${PN}-0.99.2-bytecode_api.patch
 	"${FILESDIR}"/${PN}-0.99.2-pcre2-compile-erroffset.patch
+	"${FILESDIR}"/${PN}-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
 )
 
 pkg_setup() {

diff --git a/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
new file mode 100644
index 00000000000..a457a71758c
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.99.3-fix-fd-leaks-in-cli_scanscript.patch
@@ -0,0 +1,132 @@
+Author: Manuel Mausz <manuel-clamav@mausz.at>
+
+http://lists.clamav.net/pipermail/clamav-users/2018-January/005687.html
+
+--- clamav-0.99.3/libclamav/scanners.c.orig	2018-01-26 14:35:23.299386703 +0100
++++ clamav-0.99.3/libclamav/scanners.c	2018-01-26 14:47:44.422451335 +0100
+@@ -1342,39 +1342,35 @@
+ 		return CL_CLEAN;
+ 	}
+ 
+-	/* dump to disk only if explicitly asked to
+-	 * or if necessary to check relative offsets,
+-	 * otherwise we can process just in-memory */
+-	if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
+-		if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
+-			cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
+-			return ret;
+-		}
+-		if (ctx->engine->keeptmp)
+-			cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
+-	}
+-
+ 	if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) {
+ 		cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF);
+-		free(tmpname);
+ 		return CL_EMEM;
+ 	}
+-
+ 	text_normalize_init(&state, normalized, SCANBUFF + maxpatlen);
+-	ret = CL_CLEAN;
+-
+ 
+ 	if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) {
+-		free(tmpname);
++		free(normalized);
+ 		return ret;
+ 	}
+ 
+ 	if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) {
+ 		cli_ac_freedata(&tmdata);
+-		free(tmpname);
++		free(normalized);
+ 		return ret;
+ 	}
+ 
++	/* dump to disk only if explicitly asked to
++	 * or if necessary to check relative offsets,
++	 * otherwise we can process just in-memory */
++	if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
++		if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
++			cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
++			goto done;
++		}
++		if (ctx->engine->keeptmp)
++			cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
++	}
++
+ 	mdata[0] = &tmdata;
+ 	mdata[1] = &gmdata; 
+ 
+@@ -1388,9 +1384,8 @@
+ 
+ 			if  (write(ofd, state.out, state.out_pos) == -1) {
+ 				cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
+-				close(ofd);
+-				free(tmpname);
+-				return CL_EWRITE;
++				ret = CL_EWRITE;
++				goto done;
+ 			}
+ 			text_normalize_reset(&state);
+ 		}
+@@ -1409,11 +1404,6 @@
+ 			funmap(*ctx->fmap);
+ 		}
+ 		*ctx->fmap = map;
+-
+-		/* If we aren't keeping temps, delete the normalized file after scan. */
+-		if(!(ctx->engine->keeptmp))
+-			if (cli_unlink(tmpname)) ret = CL_EUNLINK;
+-
+ 	} else {
+ 		/* Since the above is moderately costly all in all,
+ 		 * do the old stuff if there's no relative offsets. */
+@@ -1421,11 +1411,8 @@
+ 		if (troot) {
+ 			cli_targetinfo(&info, 7, map);
+ 			ret = cli_ac_caloff(troot, &tmdata, &info);
+-			if (ret) {
+-				cli_ac_freedata(&tmdata);
+-				free(tmpname);
+-				return ret;
+-			}
++			if (ret)
++				goto done;
+ 		}
+ 
+ 		while(1) {
+@@ -1466,13 +1453,6 @@
+ 
+ 	}
+ 
+-	if(ctx->engine->keeptmp) {
+-		free(tmpname);
+-		if (ofd >= 0)
+-			close(ofd);
+-	}
+-	free(normalized);
+-
+ 	if(ret != CL_VIRUS || SCAN_ALL)  {
+ 		if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS)
+ 			viruses_found++;
+@@ -1481,9 +1461,19 @@
+ 				viruses_found++;
+ 	}
+ 
++done:
++	free(normalized);
+ 	cli_ac_freedata(&tmdata);
+ 	cli_ac_freedata(&gmdata);
+ 
++	if (ofd != -1)
++		close(ofd);
++	if (tmpname != NULL) {
++		if (!ctx->engine->keeptmp)
++			if (cli_unlink(tmpname)) ret = CL_EUNLINK;
++		free(tmpname);
++	}
++
+ 	if (SCAN_ALL && viruses_found)
+ 		return CL_VIRUS;
+ 


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2018-03-29 22:42 Thomas Deutschmann
  0 siblings, 0 replies; 15+ messages in thread
From: Thomas Deutschmann @ 2018-03-29 22:42 UTC (permalink / raw
  To: gentoo-commits

commit:     6c8c54a1663246d42c8fda0de366a3078a02be13
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Thu Mar 29 22:41:57 2018 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Thu Mar 29 22:42:18 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6c8c54a1

app-antivirus/clamav: Make clamav work with >=zlib-1.2.9

..in addition, an automagic on dev-libs/check was fixed.

Closes: https://bugs.gentoo.org/649516
Package-Manager: Portage-2.3.26, Repoman-2.3.7

 app-antivirus/clamav/clamav-0.99.4-r1.ebuild       | 159 +++++++++++++++++++++
 .../files/clamav-0.99.4-fix-newer-zlib.patch       |  54 +++++++
 2 files changed, 213 insertions(+)

diff --git a/app-antivirus/clamav/clamav-0.99.4-r1.ebuild b/app-antivirus/clamav/clamav-0.99.4-r1.ebuild
new file mode 100644
index 00000000000..cee37d96b48
--- /dev/null
+++ b/app-antivirus/clamav/clamav-0.99.4-r1.ebuild
@@ -0,0 +1,159 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools eutils flag-o-matic user systemd
+
+DESCRIPTION="Clam Anti-Virus Scanner"
+HOMEPAGE="http://www.clamav.net/"
+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
+IUSE="bzip2 clamdtop iconv ipv6 libressl milter metadata-analysis-api selinux static-libs test uclibc"
+
+CDEPEND="bzip2? ( app-arch/bzip2 )
+	clamdtop? ( sys-libs/ncurses:0 )
+	iconv? ( virtual/libiconv )
+	metadata-analysis-api? ( dev-libs/json-c:= )
+	milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )
+	dev-libs/libtommath
+	>=sys-libs/zlib-1.2.2:=
+	!libressl? ( dev-libs/openssl:0= )
+	libressl? ( dev-libs/libressl:0= )
+	sys-devel/libtool
+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
+	!!<app-antivirus/clamav-0.99"
+# hard block clamav < 0.99 due to linking problems Bug #567680
+# openssl is now *required* see this link as to why
+# http://blog.clamav.net/2014/02/introducing-openssl-as-dependency-to.html
+DEPEND="${CDEPEND}
+	virtual/pkgconfig
+	test? ( dev-libs/check )"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-clamav )"
+
+DOCS=( AUTHORS BUGS ChangeLog FAQ INSTALL NEWS README UPGRADE )
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.99.4-fix-newer-zlib.patch
+	"${FILESDIR}/${P}-pcre2-compile-erroffset.patch"
+)
+
+pkg_setup() {
+	enewgroup clamav
+	enewuser clamav -1 -1 /dev/null clamav
+}
+
+src_prepare() {
+	default
+
+	eautoconf
+}
+
+src_configure() {
+	use ppc64 && append-flags -mminimal-toc
+	use uclibc && export ac_cv_type_error_t=yes
+
+	econf \
+		$(use_enable bzip2) \
+		$(use_enable clamdtop) \
+		$(use_enable ipv6) \
+		$(use_enable milter) \
+		$(use_enable static-libs static) \
+		$(use_enable test check) \
+		$(use_with iconv) \
+		$(use_with metadata-analysis-api libjson /usr) \
+		--cache-file="${S}"/config.cache \
+		--disable-experimental \
+		--disable-gcc-vcheck \
+		--disable-zlib-vcheck \
+		--enable-id-check \
+		--with-dbdir="${EPREFIX}"/var/lib/clamav \
+		--with-system-tommath \
+		--with-zlib="${EPREFIX}"/usr \
+		--disable-llvm
+}
+
+src_install() {
+	default
+
+	rm -rf "${ED}"/var/lib/clamav
+	newinitd "${FILESDIR}"/clamd.initd-r6 clamd
+	newconfd "${FILESDIR}"/clamd.conf-r1 clamd
+
+	systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf"
+	systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
+	systemd_dounit "${FILESDIR}/clamd.service"
+	systemd_dounit "${FILESDIR}/freshclamd.service"
+
+	keepdir /var/lib/clamav
+	fowners clamav:clamav /var/lib/clamav
+	keepdir /var/log/clamav
+	fowners clamav:clamav /var/log/clamav
+
+	dodir /etc/logrotate.d
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/clamav.logrotate clamav
+
+	# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
+	sed -i -e "s:^\(Example\):\# \1:" \
+		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \
+		-e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \
+		-e "s:.*\(User\) .*:\1 clamav:" \
+		-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
+		-e "s:^\#\(LogTime\).*:\1 yes:" \
+		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+		"${ED}"/etc/clamd.conf.sample || die
+	sed -i -e "s:^\(Example\):\# \1:" \
+		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \
+		-e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \
+		-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
+		-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
+		-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+		"${ED}"/etc/freshclam.conf.sample || die
+
+	if use milter ; then
+		# MilterSocket one to include ' /' because there is a 2nd line for
+		# inet: which we want to leave
+		dodoc "${FILESDIR}"/clamav-milter.README.gentoo
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \
+			-e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \
+			-e "s:.*\(User\) .*:\1 clamav:" \
+			-e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \
+			-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
+			"${ED}"/etc/clamav-milter.conf.sample || die
+		cat >> "${ED}"/etc/conf.d/clamd <<-EOF
+			MILTER_NICELEVEL=19
+			START_MILTER=no
+		EOF
+
+		systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
+	fi
+
+	for i in clamd freshclam clamav-milter
+	do
+		[[ -f "${D}"/etc/"${i}".conf.sample ]] && mv "${D}"/etc/"${i}".conf{.sample,}
+	done
+
+	prune_libtool_files --all
+}
+
+src_test() {
+	emake quick-check
+}
+
+pkg_postinst() {
+	if use milter ; then
+		elog "For simple instructions how to setup the clamav-milter read the"
+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
+	fi
+	if test -z $(find "${ROOT}"var/lib/clamav -maxdepth 1 -name 'main.c*' -print -quit) ; then
+		ewarn "You must run freshclam manually to populate the virus database files"
+		ewarn "before starting clamav for the first time.\n"
+	fi
+}

diff --git a/app-antivirus/clamav/files/clamav-0.99.4-fix-newer-zlib.patch b/app-antivirus/clamav/files/clamav-0.99.4-fix-newer-zlib.patch
new file mode 100644
index 00000000000..18673419a58
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.99.4-fix-newer-zlib.patch
@@ -0,0 +1,54 @@
+https://bugs.gentoo.org/649516
+
+Description: fix compatibility with zlib 1.2.9 and newer
+Author: Marc Deslauriers <marc.deslauriers@canonical.com>
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1692073
+
+Index: clamav-0.99.2+dfsg/libclamav/bytecode_api.c
+===================================================================
+--- clamav-0.99.2+dfsg.orig/libclamav/bytecode_api.c	2017-08-08 15:20:06.651685637 -0400
++++ clamav-0.99.2+dfsg/libclamav/bytecode_api.c	2017-08-15 15:45:14.645714766 -0400
+@@ -811,8 +811,20 @@ int32_t cli_bcapi_inflate_init(struct cl
+         cli_dbgmsg("bytecode api: inflate_init: invalid buffers!\n");
+         return -1;
+     }
+-    memset(&stream, 0, sizeof(stream));
+-    ret = inflateInit2(&stream, windowBits);
++
++    b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates)*n);
++    if (!b) {
++        return -1;
++    }
++    ctx->inflates = b;
++    ctx->ninflates = n;
++    b = &b[n-1];
++
++    b->from = from;
++    b->to = to;
++    b->needSync = 0;
++    memset(&b->stream, 0, sizeof(stream));
++    ret = inflateInit2(&b->stream, windowBits);
+     switch (ret) {
+         case Z_MEM_ERROR:
+             cli_dbgmsg("bytecode api: inflateInit2: out of memory!\n");
+@@ -829,20 +841,6 @@ int32_t cli_bcapi_inflate_init(struct cl
+             cli_dbgmsg("bytecode api: inflateInit2: unknown error %d\n", ret);
+             return -1;
+     }
+-
+-    b = cli_realloc(ctx->inflates, sizeof(*ctx->inflates)*n);
+-    if (!b) {
+-        inflateEnd(&stream);
+-        return -1;
+-    }
+-    ctx->inflates = b;
+-    ctx->ninflates = n;
+-    b = &b[n-1];
+-
+-    b->from = from;
+-    b->to = to;
+-    b->needSync = 0;
+-    memcpy(&b->stream, &stream, sizeof(stream));
+     return n-1;
+ }
+ 


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2018-04-12 12:13 Thomas Raschbacher
  0 siblings, 0 replies; 15+ messages in thread
From: Thomas Raschbacher @ 2018-04-12 12:13 UTC (permalink / raw
  To: gentoo-commits

commit:     74eede5d3485d1ac7022221ce0e34c4b01c4ea17
Author:     Thomas Raschbacher <lordvan <AT> gentoo <DOT> org>
AuthorDate: Thu Apr 12 12:12:04 2018 +0000
Commit:     Thomas Raschbacher <lordvan <AT> gentoo <DOT> org>
CommitDate: Thu Apr 12 12:13:09 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=74eede5d

new version + autotools patch

 app-antivirus/clamav/Manifest                      |   1 +
 app-antivirus/clamav/clamav-0.100.0.ebuild         | 160 +++++++++++++++++++++
 .../clamav/files/clamav-0.100.0_autotools.patch    |  10 ++
 app-antivirus/clamav/metadata.xml                  |   1 +
 4 files changed, 172 insertions(+)

diff --git a/app-antivirus/clamav/Manifest b/app-antivirus/clamav/Manifest
index 1296e9f756b..a0ce2687d0b 100644
--- a/app-antivirus/clamav/Manifest
+++ b/app-antivirus/clamav/Manifest
@@ -1,3 +1,4 @@
+DIST clamav-0.100.0.tar.gz 16036757 BLAKE2B c51edfb05726e16e2ff1ef1fee9f174af5a0d65396f847a4f6e1246d5844b92eb70896fc598d2c73719b1315ff3c41aca503823431e0918d52f56d29399dd796 SHA512 57e1da86a32fdfb66887c4aeed03008bc070ce3cb6b881db411332f2f2e640b73dca84d990f5886526b3d6bd0c2770c7dcce5b4e7cf48323824c362452593549
 DIST clamav-0.99.2.tar.gz 16067497 BLAKE2B 4155e3125ccc45cc6828033f207b6b8d3514253dfb8156428ad4096c0901d5a8500f9dd253b8f40afdc49a6039b647627868f75d51829ab7bd247ada5f3b8383 SHA512 7744ba8a344b163cf98e9737cddfd25d2120b34ee9c4518380e028c9ec3cd50127b198b0dfa9fde30f5ce9aab0c0e6384712fbc11287e77d16ce052fd7b6ac44
 DIST clamav-0.99.3.tar.gz 16082645 BLAKE2B 3be06e563f17a07e4c7e95eb3efbb61e80858bcb3dffc584f13ec30dc2ef9c5257aec78605f1c03e183b4b7ed5b08343a25b579b2b12e54458694eff624aa01e SHA512 0d3c75d571ed4aa4937ef2b743a39a9a144f5adfd6f56f71046e5a8387b8ed7c3c4d9a4196aa85750f9ec4dc545720fdd659289d0cce086ab13a7cc505a0ab3e
 DIST clamav-0.99.4.tar.gz 16083015 BLAKE2B 3c2e7d11ee05fe846f75c3fb6501b5fd809a2e58f8e69c82e493e32fcbc87ca0e5b5f7ab83a0d7e251a5dc8e84aed1475c87c1248b393fa04b6924a2ab32b9bf SHA512 778d5ef510d8d4bdfac5dc33d92469ed4283c414b3d42da6e1a0b13ed70e37755d5c837622dc336bc728ba1f8bf5485fc8a8d3a67a90e9aaa9e4dc71ece0691d

diff --git a/app-antivirus/clamav/clamav-0.100.0.ebuild b/app-antivirus/clamav/clamav-0.100.0.ebuild
new file mode 100644
index 00000000000..1abf0370982
--- /dev/null
+++ b/app-antivirus/clamav/clamav-0.100.0.ebuild
@@ -0,0 +1,160 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools eutils flag-o-matic user systemd
+
+DESCRIPTION="Clam Anti-Virus Scanner"
+HOMEPAGE="http://www.clamav.net/"
+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
+IUSE="bzip2 clamdtop iconv ipv6 libressl milter metadata-analysis-api selinux static-libs system-libmspack test uclibc"
+
+CDEPEND="bzip2? ( app-arch/bzip2 )
+	clamdtop? ( sys-libs/ncurses:0 )
+	iconv? ( virtual/libiconv )
+	metadata-analysis-api? ( dev-libs/json-c:= )
+	milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )
+	dev-libs/libtommath
+	>=sys-libs/zlib-1.2.2:=
+	!libressl? ( dev-libs/openssl:0= )
+	libressl? ( dev-libs/libressl:0= )
+	sys-devel/libtool
+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
+	system-libmspack? ( dev-libs/libmspack )
+	!!<app-antivirus/clamav-0.99"
+# hard block clamav < 0.99 due to linking problems Bug #567680
+# openssl is now *required* see this link as to why
+# http://blog.clamav.net/2014/02/introducing-openssl-as-dependency-to.html
+DEPEND="${CDEPEND}
+	virtual/pkgconfig
+	test? ( dev-libs/check )"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-clamav )"
+
+DOCS=( AUTHORS BUGS ChangeLog FAQ INSTALL NEWS README UPGRADE )
+PATCHES=(
+	"${FILESDIR}/${P}_autotools.patch"
+)
+
+pkg_setup() {
+	enewgroup clamav
+	enewuser clamav -1 -1 /dev/null clamav
+}
+
+src_prepare() {
+	default
+
+	eautoconf
+}
+
+src_configure() {
+	use ppc64 && append-flags -mminimal-toc
+	use uclibc && export ac_cv_type_error_t=yes
+
+	econf \
+		$(use_enable bzip2) \
+		$(use_enable clamdtop) \
+		$(use_enable ipv6) \
+		$(use_enable milter) \
+		$(use_enable static-libs static) \
+		$(use_enable test check) \
+		$(use_with iconv) \
+		$(use_with metadata-analysis-api libjson /usr) \
+		$(use_with system-libmspack) \
+		--cache-file="${S}"/config.cache \
+		--disable-experimental \
+		--disable-gcc-vcheck \
+		--disable-zlib-vcheck \
+		--enable-id-check \
+		--with-dbdir="${EPREFIX}"/var/lib/clamav \
+		--with-system-tommath \
+		--with-zlib="${EPREFIX}"/usr \
+		--disable-llvm
+}
+
+src_install() {
+	default
+
+	rm -rf "${ED}"/var/lib/clamav
+	newinitd "${FILESDIR}"/clamd.initd-r6 clamd
+	newconfd "${FILESDIR}"/clamd.conf-r1 clamd
+
+	systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf"
+	systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
+	systemd_dounit "${FILESDIR}/clamd.service"
+	systemd_dounit "${FILESDIR}/freshclamd.service"
+
+	keepdir /var/lib/clamav
+	fowners clamav:clamav /var/lib/clamav
+	keepdir /var/log/clamav
+	fowners clamav:clamav /var/log/clamav
+
+	dodir /etc/logrotate.d
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/clamav.logrotate clamav
+
+	# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
+	sed -i -e "s:^\(Example\):\# \1:" \
+		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \
+		-e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \
+		-e "s:.*\(User\) .*:\1 clamav:" \
+		-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
+		-e "s:^\#\(LogTime\).*:\1 yes:" \
+		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+		"${ED}"/etc/clamd.conf.sample || die
+	sed -i -e "s:^\(Example\):\# \1:" \
+		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \
+		-e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \
+		-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
+		-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
+		-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+		"${ED}"/etc/freshclam.conf.sample || die
+
+	if use milter ; then
+		# MilterSocket one to include ' /' because there is a 2nd line for
+		# inet: which we want to leave
+		dodoc "${FILESDIR}"/clamav-milter.README.gentoo
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \
+			-e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \
+			-e "s:.*\(User\) .*:\1 clamav:" \
+			-e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \
+			-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
+			"${ED}"/etc/clamav-milter.conf.sample || die
+		cat >> "${ED}"/etc/conf.d/clamd <<-EOF
+			MILTER_NICELEVEL=19
+			START_MILTER=no
+		EOF
+
+		systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
+	fi
+
+	for i in clamd freshclam clamav-milter
+	do
+		[[ -f "${D}"/etc/"${i}".conf.sample ]] && mv "${D}"/etc/"${i}".conf{.sample,}
+	done
+
+	prune_libtool_files --all
+}
+
+src_test() {
+	emake quick-check
+}
+
+pkg_postinst() {
+	if use milter ; then
+		elog "For simple instructions how to setup the clamav-milter read the"
+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
+	fi
+	if test -z $(find "${ROOT}"var/lib/clamav -maxdepth 1 -name 'main.c*' -print -quit) ; then
+		ewarn "You must run freshclam manually to populate the virus database files"
+		ewarn "before starting clamav for the first time.\n"
+	fi
+}

diff --git a/app-antivirus/clamav/files/clamav-0.100.0_autotools.patch b/app-antivirus/clamav/files/clamav-0.100.0_autotools.patch
new file mode 100644
index 00000000000..58c3b4e324f
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.100.0_autotools.patch
@@ -0,0 +1,10 @@
+--- clamav-0.100.0/configure.ac_orig	2018-04-12 13:12:58.201729248 +0200
++++ clamav-0.100.0/configure.ac	2018-04-12 13:23:44.982679360 +0200
+@@ -47,6 +47,7 @@
+ LT_CONFIG_LTDL_DIR([libltdl])
+ LT_INIT([dlopen disable-static])
+ LTDL_INIT([recursive])
++PKG_PROG_PKG_CONFIG(0.16)
+ 
+ m4_include([m4/reorganization/build_tools.m4])
+ m4_include([m4/reorganization/headers.m4])

diff --git a/app-antivirus/clamav/metadata.xml b/app-antivirus/clamav/metadata.xml
index 7d510408a04..5ddb818cae4 100644
--- a/app-antivirus/clamav/metadata.xml
+++ b/app-antivirus/clamav/metadata.xml
@@ -12,6 +12,7 @@
   <use>
     <flag name="clamdtop">A Top like tool which shows what clamd is currently scanning amongst other things</flag>
     <flag name="metadata-analysis-api">Enables collection of file property metadata using ClamAV API for analysis by ClamAV bytecode programs.</flag>
+    <flag name="system-libmspack">Use system libmspack instead of built in</flag>
   </use>
   <upstream>
     <remote-id type="sourceforge">clamav</remote-id>


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2018-04-20 12:03 Thomas Raschbacher
  0 siblings, 0 replies; 15+ messages in thread
From: Thomas Raschbacher @ 2018-04-20 12:03 UTC (permalink / raw
  To: gentoo-commits

commit:     8a1683cff89eed7ef6c64df2d1636bf341887baa
Author:     Thomas Raschbacher <lordvan <AT> gentoo <DOT> org>
AuthorDate: Fri Apr 20 12:01:30 2018 +0000
Commit:     Thomas Raschbacher <lordvan <AT> gentoo <DOT> org>
CommitDate: Fri Apr 20 12:03:08 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8a1683cf

app-antivirus/clamav: updated clamav-milter README

Package-Manager: Portage-2.3.27, Repoman-2.3.9

 app-antivirus/clamav/clamav-0.99.2-r1.ebuild       |  2 +-
 app-antivirus/clamav/clamav-0.99.2-r3.ebuild       |  2 +-
 .../clamav/files/clamav-milter.README.gentoo       | 49 ++++++++++++++++++++--
 app-antivirus/clamav/files/clamd.initd-r6          |  2 +-
 4 files changed, 48 insertions(+), 7 deletions(-)

diff --git a/app-antivirus/clamav/clamav-0.99.2-r1.ebuild b/app-antivirus/clamav/clamav-0.99.2-r1.ebuild
index c0eb37e298b..d4a161880c9 100644
--- a/app-antivirus/clamav/clamav-0.99.2-r1.ebuild
+++ b/app-antivirus/clamav/clamav-0.99.2-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=6

diff --git a/app-antivirus/clamav/clamav-0.99.2-r3.ebuild b/app-antivirus/clamav/clamav-0.99.2-r3.ebuild
index a4419b7542f..44c387e2dcf 100644
--- a/app-antivirus/clamav/clamav-0.99.2-r3.ebuild
+++ b/app-antivirus/clamav/clamav-0.99.2-r3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=6

diff --git a/app-antivirus/clamav/files/clamav-milter.README.gentoo b/app-antivirus/clamav/files/clamav-milter.README.gentoo
index 17e9ba628ea..f526bd35a92 100644
--- a/app-antivirus/clamav/files/clamav-milter.README.gentoo
+++ b/app-antivirus/clamav/files/clamav-milter.README.gentoo
@@ -19,7 +19,10 @@ Step 2 - Tell the init script to start clamd as well as freshclam and the
 	START_FRESHCLAM=yes
 	START_MILTER=yes
 
-Step 3 - Edit sendmail.mc
+Step 3 - Inform your MTA about the new milter.
+
+            SENDMAIL
+        Step 3.a.1 - Edit sendmail.mc
 
 	Add these lines to sendmail.mc before any any other 
 	INPUT_MAIL_FILTER lines and before MAILER(local)
@@ -30,15 +33,53 @@ Step 3 - Edit sendmail.mc
 	INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m')dnl
 	define(`confINPUT_MAIL_FILTERS', `clmilter')dnl
 
-Step 4 - Rebuild sendmail.cf
+	Step 3.a.2 - Rebuild sendmail.cf
 
 	cd /etc/mail
 	m4 sendmail.mc > sendmail.cf
 
-Step 5 - Start clamad
+
+	
+	    POSTFIX
+	Step 3.b - Edit main.cf.
+
+	Add unix:/var/run/clamav/clamav-milter.sock to your 
+	smtpd_milters line.  If the line doesn't exist, just
+	stick it at the bottom of main.cf on a new line.
+	
+	If you're appending, this is a space separated list.
+	If virus scanning is your most intensive test, you 
+	may wish to put it on the end of the list so earlier,
+	easiser tests may punt the message before you go through the
+	trouble of virus scanning it.
+
+	Only one milter example:
+
+	# milters to run on network received mail.
+	smtpd_milters=unix:/var/run/clamav/clamav-milter.suck
+
+	Multiple milters example:
+
+	# milters to run on network received mail.
+	smtpd_milters=unix:/var/run/dkim-filter/dkim-filter.sock unix:/var/run/clamav/clamav-milter.sock
+
+
+Step 5 - Adjust permissions for clamav-milter socket
+
+	Edit /etc/clamav-milter.conf and check/change MilterSocketGroup and MilterSocketMode
+	e.g. for postfix it would be this (sendmail,.. should be similar):
+	MiltersocketGroup postfix
+	MilterSocketMode 660
+
+Step 6 - Start clamad
 
 	/etc/init.d/clamd start
 
-Step 6 - Restart sendmail
+Step 7 - Restart your MTA
 
+	    SENDMAIL
 	/etc/init.d/sendmail restart
+
+	    POSTFIX
+	/etc/init.d/postfix restart
+

diff --git a/app-antivirus/clamav/files/clamd.initd-r6 b/app-antivirus/clamav/files/clamd.initd-r6
index 7b50af64072..8cf8dd0a4ba 100644
--- a/app-antivirus/clamav/files/clamd.initd-r6
+++ b/app-antivirus/clamav/files/clamd.initd-r6
@@ -1,5 +1,5 @@
 #!/sbin/openrc-run
-# Copyright 1999-2013 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
 daemon_clamd="/usr/sbin/clamd"


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2019-10-14  7:11 Lars Wendler
  0 siblings, 0 replies; 15+ messages in thread
From: Lars Wendler @ 2019-10-14  7:11 UTC (permalink / raw
  To: gentoo-commits

commit:     f593e3ceffb4852d91cd62263c52bb33d38c3444
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Mon Oct 14 07:10:09 2019 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Mon Oct 14 07:11:46 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f593e3ce

app-antivirus/clamav: Remove automagic dep on dev-libs/icu (again)

Bug: https://bugs.gentoo.org/661328
Package-Manager: Portage-2.3.76, Repoman-2.3.17
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>

 app-antivirus/clamav/clamav-0.102.0.ebuild         |   1 +
 .../files/clamav-0.102.0-libxml2_pkgconfig.patch   | 101 +++++++++++++++++++++
 2 files changed, 102 insertions(+)

diff --git a/app-antivirus/clamav/clamav-0.102.0.ebuild b/app-antivirus/clamav/clamav-0.102.0.ebuild
index c2735a25d7d..85d704dacfe 100644
--- a/app-antivirus/clamav/clamav-0.102.0.ebuild
+++ b/app-antivirus/clamav/clamav-0.102.0.ebuild
@@ -47,6 +47,7 @@ RDEPEND="${CDEPEND}
 HTML_DOCS=( docs/html )
 
 PATCHES=(
+	"${FILESDIR}/${PN}-0.102.0-libxml2_pkgconfig.patch" #661328
 	"${FILESDIR}/${PN}-0.101.2-tinfo.patch" #670729
 )
 

diff --git a/app-antivirus/clamav/files/clamav-0.102.0-libxml2_pkgconfig.patch b/app-antivirus/clamav/files/clamav-0.102.0-libxml2_pkgconfig.patch
new file mode 100644
index 00000000000..1a6303b5c8c
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.102.0-libxml2_pkgconfig.patch
@@ -0,0 +1,101 @@
+https://bugs.gentoo.org/661328
+
+--- clamav-0.102.0/m4/reorganization/libs/xml.m4
++++ clamav-0.102.0/m4/reorganization/libs/xml.m4
+@@ -4,85 +4,29 @@
+ [AS_HELP_STRING([--disable-xml], [do not include DMG and XAR support])],
+ want_xml=$enableval, want_xml="auto")
+ 
+-XML_HOME=""
+-xmlconfig=""
+ if test "X$want_xml" != "Xno"; then
+-  AC_MSG_CHECKING([for libxml2 installation])
+-  AC_ARG_WITH([xml],
+-    AS_HELP_STRING([--with-xml@<:@=DIR@:>@], [path to directory containing libxml2 library
+-                    @<:@default=/usr/local or /usr if not found in /usr/local@:>@]),
+-    [with_xml_val=$withval]
++  PKG_CHECK_MODULES([XML], [libxml-2.0],
++    [found_xml=yes],
++    [
++	found_xml=no
++	AS_IF([test "x$want_xml" = xyes],
++	    [AC_MSG_ERROR([--enable-xml set but cannot find libxml2])]
++	)
++    ]
+   )
+ 
+-  AS_IF([test "x$with_xml_val" = "xno"], [XML_HOME=""],
+-    [test "x$with_xml_val" = "xyes"], [XML_HOME="/usr/local"],
+-    [XML_HOME="$with_xml_val"])
+-
+-  AS_IF([test "x$XML_HOME" != "x"], [
+-     AS_IF([test ! -x "$XML_HOME/bin/xml2-config"], [XML_HOME=""])
+-     ])
+-
+-  AS_IF([test "x$XML_HOME" = "x" -a "x$with_xml_val" = "xyes"], [
+-     AS_IF([test -x "/usr/bin/xml2-config"], [XML_HOME="/usr"])
+-     ])
+-
+-  if test "x$XML_HOME" != "x"; then
+-    AC_MSG_RESULT([$XML_HOME])
+-    with_xml="yes"
+-  else
+-    AC_MSG_RESULT([not found])
+-  fi
+-
+-  found_xml="no"
+-  XMLCONF_VERSION=""
+-  XML_CPPFLAGS=""
+-  XML_LIBS=""
+-  case "$with_xml" in
+-    yes) AC_PATH_PROG([xmlconfig], [xml2-config])
+-        if test "x$xmlconfig" = x ; then
+-            AC_MSG_NOTICE([can not locate xml2-config in PATH, will search default XML_HOME variants])
+-            
+-            if test "x$XML_HOME" != "x"; then
+-                AC_MSG_CHECKING([xml2-config version])
+-                XMLCONF_VERSION="`$XML_HOME/bin/xml2-config --version`"
+-
+-                if test "x%XMLCONF_VERSION" != "x"; then
+-                    AC_MSG_RESULT([$XMLCONF_VERSION])
+-                    found_xml="yes"
+-                    XML_CPPFLAGS="`$XML_HOME/bin/xml2-config --cflags`"
+-                    XML_LIBS="`$XML_HOME/bin/xml2-config --libs`"
+-                    AS_ECHO("$XML_CPPFLAGS")
+-                    AS_ECHO("$XML_LIBS")
+-                else
+-                    AC_MSG_ERROR([xml2-config failed])
+-                fi
+-            fi
+-        else
+-            found_xml="yes"
+-            XMLCONF_VERSION="`$xmlconfig --version`"
+-            XML_CPPFLAGS="`$xmlconfig --cflags`"
+-            XML_LIBS="`$xmlconfig --libs`"
+-        fi
+-  esac
+-
+   working_xml="no"
+   if test "X$found_xml" != "Xno"; then
+-
+-    readerresult=""
+-    if test "x$xmlconfig" = x ; then
+-        readerresult="$XML_HOME/include/libxml2/libxml/xmlreader.h"
+-    else
+-        readerresult="`$xmlconfig --prefix`/include/libxml2/libxml/xmlreader.h"
+-    fi
+-    
++    XML_HOME=$(${PKG_CONFIG} --variable prefix libxml-2.0)
+     AC_MSG_CHECKING([for xmlreader.h in $readerresult])
+     
+-    if test ! -f "$readerresult"; then
++    if test ! -f "$XML_HOME/include/libxml2/libxml/xmlreader.h"; then
+       AC_MSG_RESULT([not found])
+     else
+       AC_MSG_RESULT([found])
+       save_LIBS="$LIBS"
+       save_CPPFLAGS="$CPPFLAGS"
++      XML_CPPFLAGS="$XML_CFLAGS"
+       CPPFLAGS="$CPPFLAGS $XML_CPPFLAGS"
+       save_LDFLAGS="$LDFLAGS"
+       LDFLAGS="$LDFLAGS $XML_LIBS"


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2020-03-20 23:50 Thomas Deutschmann
  0 siblings, 0 replies; 15+ messages in thread
From: Thomas Deutschmann @ 2020-03-20 23:50 UTC (permalink / raw
  To: gentoo-commits

commit:     822c01a576d1b9c063b45be5b1eba77130f4b073
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Fri Mar 20 23:14:09 2020 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Fri Mar 20 23:48:58 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=822c01a5

app-antivirus/clamav: rev bump

- Migrate to EAPI 7.

- Fix USE=libclamav-only.

- Set proper REQUIRED_USE to indicate that USE=libclamav-only
  will really only install libs.

- Install HTML docs only when USE=doc is set.

Closes: https://bugs.gentoo.org/709616
Package-Manager: Portage-2.3.94, Repoman-2.3.21
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 ...mav-0.102.2.ebuild => clamav-0.102.2-r1.ebuild} | 178 +++++++++++----------
 .../files/clamav-0.102.2-fix-curl-detection.patch  |  26 +++
 2 files changed, 123 insertions(+), 81 deletions(-)

diff --git a/app-antivirus/clamav/clamav-0.102.2.ebuild b/app-antivirus/clamav/clamav-0.102.2-r1.ebuild
similarity index 50%
rename from app-antivirus/clamav/clamav-0.102.2.ebuild
rename to app-antivirus/clamav/clamav-0.102.2-r1.ebuild
index 1aa121ef78f..1c7040145e4 100644
--- a/app-antivirus/clamav/clamav-0.102.2.ebuild
+++ b/app-antivirus/clamav/clamav-0.102.2-r1.ebuild
@@ -1,9 +1,9 @@
 # Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=6
+EAPI=7
 
-inherit autotools eutils flag-o-matic ltprune systemd
+inherit autotools flag-o-matic systemd
 
 DESCRIPTION="Clam Anti-Virus Scanner"
 HOMEPAGE="https://www.clamav.net/"
@@ -13,6 +13,9 @@ LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="~alpha amd64 arm arm64 hppa ia64 ppc ppc64 ~sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
 IUSE="bzip2 doc clamdtop clamsubmit iconv ipv6 libclamav-only libressl milter metadata-analysis-api selinux static-libs test uclibc xml"
+
+REQUIRED_USE="libclamav-only? ( !clamdtop !clamsubmit !milter !metadata-analysis-api )"
+
 RESTRICT="!test? ( test )"
 
 # Require acct-{user,group}/clamav at build time so that we can set
@@ -20,37 +23,33 @@ RESTRICT="!test? ( test )"
 # pkg_postinst; calling "chown" on the live filesystem scares me.
 CDEPEND="acct-group/clamav
 	acct-user/clamav
+	dev-libs/libltdl
+	dev-libs/libmspack
+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
+	>=sys-libs/zlib-1.2.2:=
 	bzip2? ( app-arch/bzip2 )
 	clamdtop? ( sys-libs/ncurses:0 )
+	clamsubmit? ( net-misc/curl dev-libs/json-c:= )
+	elibc_musl? ( sys-libs/fts-standalone )
 	iconv? ( virtual/libiconv )
-	metadata-analysis-api? ( dev-libs/json-c:= )
-	milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )
-	>=sys-libs/zlib-1.2.2:=
+	!libclamav-only? ( net-misc/curl )
 	!libressl? ( dev-libs/openssl:0= )
 	libressl? ( dev-libs/libressl:0= )
-	dev-libs/libltdl
-	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
-	dev-libs/libmspack
-	xml? ( dev-libs/libxml2 )
-	elibc_musl? ( sys-libs/fts-standalone )
-	!libclamav-only? ( net-misc/curl )
-	clamsubmit? ( net-misc/curl dev-libs/json-c:= )"
-REQUIRED_USE="
-	libclamav-only? ( !clamsubmit )
-	clamsubmit? ( !libclamav-only )
-"
+	milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )
+	xml? ( dev-libs/libxml2 )"
+
+BDEPEND="virtual/pkgconfig"
 
 DEPEND="${CDEPEND}
-	virtual/pkgconfig
+	metadata-analysis-api? ( dev-libs/json-c:* )
 	test? ( dev-libs/check )"
 RDEPEND="${CDEPEND}
 	selinux? ( sec-policy/selinux-clamav )"
 
-HTML_DOCS=( docs/html/. )
-
 PATCHES=(
 	"${FILESDIR}/${PN}-0.101.2-tinfo.patch" #670729
 	"${FILESDIR}/${PN}-0.102.1-libxml2_pkgconfig.patch" #661328
+	"${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616
 )
 
 src_prepare() {
@@ -106,79 +105,94 @@ src_install() {
 	default
 
 	rm -rf "${ED}"/var/lib/clamav || die
-	newinitd "${FILESDIR}"/clamd.initd-r6 clamd
-	newconfd "${FILESDIR}"/clamd.conf-r1 clamd
-
-	systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf"
-	systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
-	systemd_dounit "${FILESDIR}/clamd.service"
-	systemd_dounit "${FILESDIR}/freshclamd.service"
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/clamav.logrotate clamav
-
-	# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
-	sed -i -e "s:^\(Example\):\# \1:" \
-		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \
-		-e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \
-		-e "s:.*\(User\) .*:\1 clamav:" \
-		-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
-		-e "s:^\#\(LogTime\).*:\1 yes:" \
-		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
-		-e "s:^\#\(DatabaseDirectory\).*:\1 /var/lib/clamav:" \
-		"${ED}"/etc/clamd.conf.sample || die
-	sed -i -e "s:^\(Example\):\# \1:" \
-		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \
-		-e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \
-		-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
-		-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
-		-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
-		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
-		-e "s:^\#\(DatabaseDirectory\).*:\1 /var/lib/clamav:" \
-		"${ED}"/etc/freshclam.conf.sample || die
 
-	if use milter ; then
-		# MilterSocket one to include ' /' because there is a 2nd line for
-		# inet: which we want to leave
-		##dodoc "${FILESDIR}"/clamav-milter.README.gentoo
+	if ! use libclamav-only ; then
+		newinitd "${FILESDIR}"/clamd.initd-r6 clamd
+		newconfd "${FILESDIR}"/clamd.conf-r1 clamd
+
+		systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf"
+		systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
+		systemd_dounit "${FILESDIR}/clamd.service"
+		systemd_dounit "${FILESDIR}/freshclamd.service"
+
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}"/clamav.logrotate clamav
+
+		# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
 		sed -i -e "s:^\(Example\):\# \1:" \
-			-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \
-			-e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \
+			-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \
+			-e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \
 			-e "s:.*\(User\) .*:\1 clamav:" \
-			-e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \
+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
+			-e "s:^\#\(LogTime\).*:\1 yes:" \
 			-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
-			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
-			"${ED}"/etc/clamav-milter.conf.sample || die
-		cat >> "${ED}"/etc/conf.d/clamd <<-EOF
-			MILTER_NICELEVEL=19
-			START_MILTER=no
-		EOF
-
-		systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
-	fi
+			-e "s:^\#\(DatabaseDirectory\).*:\1 /var/lib/clamav:" \
+			"${ED}"/etc/clamd.conf.sample || die
 
-	if use doc; then
-	   einstalldocs
-	   doman docs/man/*.[1-8]
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \
+			-e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \
+			-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
+			-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
+			-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+			-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+			-e "s:^\#\(DatabaseDirectory\).*:\1 /var/lib/clamav:" \
+			"${ED}"/etc/freshclam.conf.sample || die
+
+		if use milter ; then
+			# MilterSocket one to include ' /' because there is a 2nd line for
+			# inet: which we want to leave
+			##dodoc "${FILESDIR}"/clamav-milter.README.gentoo
+			sed -i -e "s:^\(Example\):\# \1:" \
+				-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \
+				-e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \
+				-e "s:.*\(User\) .*:\1 clamav:" \
+				-e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \
+				-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
+				"${ED}"/etc/clamav-milter.conf.sample || die
+
+			cat >> "${ED}"/etc/conf.d/clamd <<-EOF
+				MILTER_NICELEVEL=19
+				START_MILTER=no
+			EOF
+
+			systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
+		fi
+
+		local i
+		for i in clamd freshclam clamav-milter
+		do
+			if [[ -f "${ED}"/etc/"${i}".conf.sample ]]; then
+				mv "${ED}"/etc/"${i}".conf{.sample,} || die
+			fi
+		done
+
+		# These both need to be writable by the clamav user.
+		# TODO: use syslog by default; that's what it's for.
+		diropts -o clamav -g clamav
+		keepdir /var/lib/clamav
+		keepdir /var/log/clamav
 	fi
 
-	for i in clamd freshclam clamav-milter
-	do
-		if [[ -f "${D}"/etc/"${i}".conf.sample ]]; then
-			mv "${D}"/etc/"${i}".conf{.sample,} || die
-		fi
-	done
+	if use doc ; then
+		local HTML_DOCS=( docs/html/. )
+		einstalldocs
 
-	prune_libtool_files --all
+		if ! use libclamav-only ; then
+			doman docs/man/*.[1-8]
+		fi
+	fi
 
-	# These both need to be writable by the clamav user.
-	# TODO: use syslog by default; that's what it's for.
-	diropts -o clamav -g clamav
-	keepdir /var/lib/clamav
-	keepdir /var/log/clamav
+	find "${ED}" -name '*.la' -delete || die
 }
 
 src_test() {
+	if use libclamav-only ; then
+		ewarn "Test target not available when USE=libclamav-only is set, skipping tests ..."
+		return 0
+	fi
+
 	emake quick-check
 }
 
@@ -187,11 +201,13 @@ pkg_postinst() {
 		elog "For simple instructions how to setup the clamav-milter read the"
 		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
 	fi
-	local databases=( "${ROOT}"var/lib/clamav/main.c[lv]d )
+
+	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
 	if [[ ! -f "${databases}" ]] ; then
 		ewarn "You must run freshclam manually to populate the virus database"
 		ewarn "before starting clamav for the first time."
 	fi
+
 	elog "For instructions on how to use clamonacc, see"
 	elog
 	elog "  https://www.clamav.net/documents/on-access-scanning"

diff --git a/app-antivirus/clamav/files/clamav-0.102.2-fix-curl-detection.patch b/app-antivirus/clamav/files/clamav-0.102.2-fix-curl-detection.patch
new file mode 100644
index 00000000000..f89a704ea3e
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.102.2-fix-curl-detection.patch
@@ -0,0 +1,26 @@
+https://bugs.gentoo.org/709616
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -197,6 +197,10 @@ AC_CONFIG_FILES([
+                  clamav-types.h
+                  clamav-version.h])
+ if test "x$enable_libclamav_only" != "xyes"; then
++    if test "$have_curl" = "no"; then
++        AC_MSG_ERROR([libcurl not found. libcurl (e.g. libcurl-devel) is required in order to build freshclam and clamsubmit.])
++    fi
++
+     AC_CONFIG_FILES([
+                      clamscan/Makefile
+                      database/Makefile
+--- a/m4/reorganization/libs/curl.m4
++++ b/m4/reorganization/libs/curl.m4
+@@ -92,8 +92,6 @@ if test "X$have_curl" = "Xyes"; then
+     )
+ 
+     LDFLAGS="$save_LDFLAGS"
+-else
+-    AC_MSG_ERROR([libcurl not found. libcurl (e.g. libcurl-devel) is required in order to build freshclam and clamsubmit.])
+ fi
+ 
+ AC_SUBST([CLAMSUBMIT_LIBS])


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2020-06-21 13:38 Michael Orlitzky
  0 siblings, 0 replies; 15+ messages in thread
From: Michael Orlitzky @ 2020-06-21 13:38 UTC (permalink / raw
  To: gentoo-commits

commit:     3bf547dbe7ade89d37115521322b3b6566e1f5c5
Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
AuthorDate: Sun Jun 21 12:32:06 2020 +0000
Commit:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
CommitDate: Sun Jun 21 13:37:44 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3bf547db

app-antivirus/clamav: new revision to unbundle tomsfastmath.

Now that dev-libs/tomsfastmath is in the tree, add a new revision of
clamav that (a) deletes the bundled copy from the source tree, and (b)
patches in the system copy. Thanks to sam_c for taking this on!

Closes: https://bugs.gentoo.org/649394
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org>

 app-antivirus/clamav/clamav-0.102.3-r1.ebuild      | 222 +++++++++++++++++++++
 .../files/clamav-0.102.3-system-tomsfastmath.patch | 113 +++++++++++
 2 files changed, 335 insertions(+)

diff --git a/app-antivirus/clamav/clamav-0.102.3-r1.ebuild b/app-antivirus/clamav/clamav-0.102.3-r1.ebuild
new file mode 100644
index 00000000000..09054b32b34
--- /dev/null
+++ b/app-antivirus/clamav/clamav-0.102.3-r1.ebuild
@@ -0,0 +1,222 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools flag-o-matic systemd
+
+DESCRIPTION="Clam Anti-Virus Scanner"
+HOMEPAGE="https://www.clamav.net/"
+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
+IUSE="bzip2 doc clamdtop clamsubmit iconv ipv6 libclamav-only libressl milter metadata-analysis-api selinux test uclibc xml"
+
+REQUIRED_USE="libclamav-only? ( !clamdtop !clamsubmit !milter !metadata-analysis-api )"
+
+RESTRICT="!test? ( test )"
+
+# Require acct-{user,group}/clamav at build time so that we can set
+# the permissions on /var/lib/clamav in src_install rather than in
+# pkg_postinst; calling "chown" on the live filesystem scares me.
+CDEPEND="acct-group/clamav
+	acct-user/clamav
+	dev-libs/libltdl
+	dev-libs/libmspack
+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
+	dev-libs/tomsfastmath
+	>=sys-libs/zlib-1.2.2:=
+	bzip2? ( app-arch/bzip2 )
+	clamdtop? ( sys-libs/ncurses:0 )
+	clamsubmit? ( net-misc/curl dev-libs/json-c:= )
+	elibc_musl? ( sys-libs/fts-standalone )
+	iconv? ( virtual/libiconv )
+	!libclamav-only? ( net-misc/curl )
+	!libressl? ( dev-libs/openssl:0= )
+	libressl? ( dev-libs/libressl:0= )
+	milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )
+	xml? ( dev-libs/libxml2 )"
+
+BDEPEND="virtual/pkgconfig"
+
+DEPEND="${CDEPEND}
+	metadata-analysis-api? ( dev-libs/json-c:* )
+	test? ( dev-libs/check )"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-clamav )"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-0.101.2-tinfo.patch" #670729
+	"${FILESDIR}/${PN}-0.102.1-libxml2_pkgconfig.patch" #661328
+	"${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616
+	"${FILESDIR}/${P}-system-tomsfastmath.patch" # 649394
+)
+
+src_prepare() {
+	default
+
+	# Be extra sure that we're using the system copy of tomsfastmath
+	einfo "removing bundled copy of dev-libs/tomsfastmath"
+	rm -r libclamav/tomsfastmath || \
+		die "failed to remove bundled tomsfastmath"
+
+	AT_NO_RECURSIVE="yes" eautoreconf
+}
+
+src_configure() {
+	use elibc_musl && append-ldflags -lfts
+	use ppc64 && append-flags -mminimal-toc
+	use uclibc && export ac_cv_type_error_t=yes
+
+	# according to configure help it should be
+	# $(use_enable xml)
+	# but that does not work
+	# do not add this, since --disable-xml seems to override
+	# --without-xml
+	JSONUSE="--without-libjson"
+
+	if use clamsubmit || use metadata-analysis-api; then
+		# either of those 2 requires libjson.
+		# clamsubmit will be built as soon as libjson and curl are found
+		# but we only install the binary if requested
+		JSONUSE="--with-libjson=${EPREFIX}/usr"
+	fi
+
+	local myeconfargs=(
+		$(use_enable bzip2)
+		$(use_enable clamdtop)
+		$(use_enable ipv6)
+		$(use_enable milter)
+		$(use_enable test check)
+		$(use_with xml)
+		$(use_with iconv)
+		${JSONUSE}
+		$(use_enable libclamav-only)
+		$(use_with !libclamav-only libcurl)
+		--with-system-libmspack
+		--cache-file="${S}"/config.cache
+		--disable-experimental
+		--disable-static
+		--disable-zlib-vcheck
+		--enable-id-check
+		--with-dbdir="${EPREFIX}"/var/lib/clamav
+		# Don't call --with-zlib=/usr (see bug #699296)
+		--with-zlib
+		--disable-llvm
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	rm -rf "${ED}"/var/lib/clamav || die
+
+	if ! use libclamav-only ; then
+		newinitd "${FILESDIR}"/clamd.initd-r6 clamd
+		newconfd "${FILESDIR}"/clamd.conf-r1 clamd
+
+		systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf"
+		systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
+		systemd_dounit "${FILESDIR}/clamd.service"
+		systemd_dounit "${FILESDIR}/freshclamd.service"
+
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}"/clamav.logrotate clamav
+
+		# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \
+			-e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \
+			-e "s:.*\(User\) .*:\1 clamav:" \
+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
+			-e "s:^\#\(LogTime\).*:\1 yes:" \
+			-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+			-e "s:^\#\(DatabaseDirectory\).*:\1 /var/lib/clamav:" \
+			"${ED}"/etc/clamd.conf.sample || die
+
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \
+			-e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \
+			-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
+			-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
+			-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+			-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+			-e "s:^\#\(DatabaseDirectory\).*:\1 /var/lib/clamav:" \
+			"${ED}"/etc/freshclam.conf.sample || die
+
+		if use milter ; then
+			# MilterSocket one to include ' /' because there is a 2nd line for
+			# inet: which we want to leave
+			##dodoc "${FILESDIR}"/clamav-milter.README.gentoo
+			sed -i -e "s:^\(Example\):\# \1:" \
+				-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \
+				-e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \
+				-e "s:.*\(User\) .*:\1 clamav:" \
+				-e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \
+				-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
+				"${ED}"/etc/clamav-milter.conf.sample || die
+
+			cat >> "${ED}"/etc/conf.d/clamd <<-EOF
+				MILTER_NICELEVEL=19
+				START_MILTER=no
+			EOF
+
+			systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
+		fi
+
+		local i
+		for i in clamd freshclam clamav-milter
+		do
+			if [[ -f "${ED}"/etc/"${i}".conf.sample ]]; then
+				mv "${ED}"/etc/"${i}".conf{.sample,} || die
+			fi
+		done
+
+		# These both need to be writable by the clamav user.
+		# TODO: use syslog by default; that's what it's for.
+		diropts -o clamav -g clamav
+		keepdir /var/lib/clamav
+		keepdir /var/log/clamav
+	fi
+
+	if use doc ; then
+		local HTML_DOCS=( docs/html/. )
+		einstalldocs
+
+		if ! use libclamav-only ; then
+			doman docs/man/*.[1-8]
+		fi
+	fi
+
+	find "${ED}" -name '*.la' -delete || die
+}
+
+src_test() {
+	if use libclamav-only ; then
+		ewarn "Test target not available when USE=libclamav-only is set, skipping tests ..."
+		return 0
+	fi
+
+	emake quick-check
+}
+
+pkg_postinst() {
+	if use milter ; then
+		elog "For simple instructions how to setup the clamav-milter read the"
+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
+	fi
+
+	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
+	if [[ ! -f "${databases}" ]] ; then
+		ewarn "You must run freshclam manually to populate the virus database"
+		ewarn "before starting clamav for the first time."
+	fi
+
+	elog "For instructions on how to use clamonacc, see"
+	elog
+	elog "  https://www.clamav.net/documents/on-access-scanning"
+}

diff --git a/app-antivirus/clamav/files/clamav-0.102.3-system-tomsfastmath.patch b/app-antivirus/clamav/files/clamav-0.102.3-system-tomsfastmath.patch
new file mode 100644
index 00000000000..ee575c3b128
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.102.3-system-tomsfastmath.patch
@@ -0,0 +1,113 @@
+From bcf63fa6bbd519bc61c2b2553fb1913f802eb96e Mon Sep 17 00:00:00 2001
+From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
+Date: Wed, 11 Mar 2015 20:03:15 +0100
+Subject: add support for system tomsfastmath
+
+Patch-Name: add-support-for-system-tomsfastmath.patch
+---
+ configure.ac                           |  2 ++
+ libclamav/Makefile.am                  | 10 ++++++++--
+ libclamav/bignum.h                     |  6 +++++-
+ libclamav/xdp.c                        |  2 +-
+ m4/reorganization/libs/tomsfastmath.m4 | 12 ++++++++++++
+ 5 files changed, 28 insertions(+), 4 deletions(-)
+ create mode 100644 m4/reorganization/libs/tomsfastmath.m4
+
+diff --git a/configure.ac b/configure.ac
+index 8375971..3cacfb8 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -98,6 +98,7 @@ m4_include([m4/reorganization/libs/libmspack.m4])
+ if test "x$use_internal_mspack" = "xno"; then
+     mspack_msg="External, $LIBMSPACK_CFLAGS $LIBMSPACK_LIBS"
+ fi
++m4_include([m4/reorganization/libs/tomsfastmath.m4])
+ 
+ AM_MAINTAINER_MODE
+ m4_include([m4/reorganization/libs/libz.m4])
+@@ -356,6 +357,7 @@ fi
+ CL_MSG_STATUS([yara        ],[$enable_yara],[$enable_yara])
+ CL_MSG_STATUS([fts         ],[yes],[$lfs_fts_msg])
+ 
++CL_MSG_STATUS([tomsfastmath],[yes],[$tomsfastmath_msg])
+ 
+ # Yep, downgrading the compiler avoids the bug too:
+ # 4.0.x, and 4.1.0 are the known buggy versions
+diff --git a/libclamav/Makefile.am b/libclamav/Makefile.am
+index 699d033..3282272 100644
+--- a/libclamav/Makefile.am
++++ b/libclamav/Makefile.am
+@@ -602,8 +602,10 @@ libclamav_la_SOURCES += yara_arena.c \
+ 	yara_clam.h
+ endif
+ 
+-libclamav_la_SOURCES += bignum.h\
+-	bignum_fast.h\
++libclamav_la_SOURCES += bignum.h
++
++if !SYSTEM_TOMSFASTMATH
++libclamav_la_SOURCES += bignum_fast.h\
+         tomsfastmath/addsub/fp_add.c\
+         tomsfastmath/addsub/fp_add_d.c\
+         tomsfastmath/addsub/fp_addmod.c\
+@@ -685,6 +687,10 @@ libclamav_la_SOURCES += bignum.h\
+         tomsfastmath/sqr/fp_sqr_comba_generic.c\
+         tomsfastmath/sqr/fp_sqr_comba_small_set.c\
+ 	tomsfastmath/sqr/fp_sqrmod.c
++else
++libclamav_la_CFLAGS += $(TOMSFASTMATH_CFLAGS)
++libclamav_la_LIBADD += $(TOMSFASTMATH_LIBS)
++endif
+ 
+ .PHONY2: version.h.tmp
+ version.c: version.h
+diff --git a/libclamav/bignum.h b/libclamav/bignum.h
+index 8fdc956..56dfa95 100644
+--- a/libclamav/bignum.h
++++ b/libclamav/bignum.h
+@@ -1,9 +1,13 @@
+ #ifndef BIGNUM_H_
+ #define BIGNUM_H_
+ 
++#if HAVE_SYSTEM_TOMSFASTMATH
++#include <tfm.h>
++#else
+ #define TFM_CHECK
+-
+ #include "bignum_fast.h"
++#endif
++
+ typedef fp_int mp_int;
+ #define mp_cmp fp_cmp
+ #define mp_toradix_n(a, b, c, d) fp_toradix_n(a, b, c, d)
+diff --git a/libclamav/xdp.c b/libclamav/xdp.c
+index d5a4c4b..cc3b40d 100644
+--- a/libclamav/xdp.c
++++ b/libclamav/xdp.c
+@@ -52,7 +52,7 @@
+ #include "scanners.h"
+ #include "conv.h"
+ #include "xdp.h"
+-#include "bignum_fast.h"
++#include "bignum.h"
+ #include "filetypes.h"
+ 
+ static char *dump_xdp(cli_ctx *ctx, const char *start, size_t sz);
+diff --git a/m4/reorganization/libs/tomsfastmath.m4 b/m4/reorganization/libs/tomsfastmath.m4
+new file mode 100644
+index 0000000..2a821a1
+--- /dev/null
++++ b/m4/reorganization/libs/tomsfastmath.m4
+@@ -0,0 +1,12 @@
++dnl Check for system tomsfastmath
++PKG_CHECK_MODULES([TOMSFASTMATH], [tomsfastmath], [have_system_tomsfastmath=yes], [have_system_tomsfastmath=no])
++
++AM_CONDITIONAL([SYSTEM_TOMSFASTMATH], [test "x$have_system_tomsfastmath" = "xyes"])
++
++if test "x$have_system_tomsfastmath" = "xyes"; then
++    AC_DEFINE([HAVE_SYSTEM_TOMSFASTMATH], [1], [link against system-wide tomsfastmath library])
++    tomsfastmath_msg="External, $TOMSFASTMATH_CFLAGS $TOMSFASTMATH_LIBS"
++else
++    AC_DEFINE([HAVE_SYSTEM_TOMSFASTMATH], [0], [don't link against system-wide tomsfastmath library])
++    tomsfastmath_msg="Internal"
++fi


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2020-12-18  1:10 Michael Orlitzky
  0 siblings, 0 replies; 15+ messages in thread
From: Michael Orlitzky @ 2020-12-18  1:10 UTC (permalink / raw
  To: gentoo-commits

commit:     2de1bdef8744c467630be10ee4d2c723a05e708d
Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
AuthorDate: Fri Dec 18 00:52:39 2020 +0000
Commit:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
CommitDate: Fri Dec 18 00:52:39 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2de1bdef

app-antivirus/clamav: new revision with an upstream freshclam patch.

This -r2 adds a patch to ensure that freshclam does not validate
invalid databases and crash your clamd on the subsequent reload.

Upstream-bug: https://bugzilla.clamav.net/show_bug.cgi?id=12522
Package-Manager: Portage-3.0.9, Repoman-3.0.2
Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org>

 ...-0.103.0-r1.ebuild => clamav-0.103.0-r2.ebuild} |  1 +
 .../clamav-0.103.0-freshclam-db-test-fix.patch     | 27 ++++++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/app-antivirus/clamav/clamav-0.103.0-r1.ebuild b/app-antivirus/clamav/clamav-0.103.0-r2.ebuild
similarity index 99%
rename from app-antivirus/clamav/clamav-0.103.0-r1.ebuild
rename to app-antivirus/clamav/clamav-0.103.0-r2.ebuild
index 52721c9856a..1ebe1bd96d9 100644
--- a/app-antivirus/clamav/clamav-0.103.0-r1.ebuild
+++ b/app-antivirus/clamav/clamav-0.103.0-r2.ebuild
@@ -55,6 +55,7 @@ PATCHES=(
 	"${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616
 	"${FILESDIR}/${PN}-0.103.0-system-tomsfastmath.patch" # 649394
 	"${FILESDIR}/${PN}-0.103.0-upstream-openrc.patch"
+	"${FILESDIR}/${PN}-0.103.0-freshclam-db-test-fix.patch"
 )
 
 src_prepare() {

diff --git a/app-antivirus/clamav/files/clamav-0.103.0-freshclam-db-test-fix.patch b/app-antivirus/clamav/files/clamav-0.103.0-freshclam-db-test-fix.patch
new file mode 100644
index 00000000000..25ae94b9fb8
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.103.0-freshclam-db-test-fix.patch
@@ -0,0 +1,27 @@
+diff --git a/freshclam/freshclam.c b/freshclam/freshclam.c
+index 8db3b8001..8cde8c9a8 100644
+--- a/freshclam/freshclam.c
++++ b/freshclam/freshclam.c
+@@ -280,6 +280,14 @@ fc_error_t download_complete_callback(const char *dbFilename, void *context)
+                 goto done;
+             }
+         } else {
++            /*
++             * Attempt to test database in a child process.
++             */
++
++            /* We need to be able to wait for the child process ourselves.
++             * We'll re-enable wait in the global handler when we're done. */
++            g_sigchildWait = 0;
++
+             switch (pid = fork()) {
+                 case -1: {
+                     /*
+@@ -391,6 +399,7 @@ done:
+         logg("!Database test FAILED.\n");
+     }
+ 
++    /* Re-enable the global handler's child process wait */
+     g_sigchildWait = 1;
+ 
+     return status;


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2021-06-29  4:40 Sam James
  0 siblings, 0 replies; 15+ messages in thread
From: Sam James @ 2021-06-29  4:40 UTC (permalink / raw
  To: gentoo-commits

commit:     5e66ceb053b88d41ef3a76fdecd3144495d62976
Author:     Hank Leininger <hlein <AT> korelogic <DOT> com>
AuthorDate: Sun Jun 27 18:11:39 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Jun 29 04:12:01 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e66ceb0

app-antivirus/clamav: fix logrotate file deployed when USE=milter

command -v writes to stdout, not stderr, so the check for openrc/systemd
was generating output and emails.

Signed-off-by: Hank Leininger <hlein <AT> korelogic.com>
Closes: https://bugs.gentoo.org/798933
Package-Manager: Portage-3.0.20, Repoman-3.0.3
Signed-off-by: Sam James <sam <AT> gentoo.org>

 app-antivirus/clamav/clamav-0.103.3-r1.ebuild      | 234 +++++++++++++++++++++
 .../clamav/files/clamav-milter.logrotate-r1        |  25 +++
 2 files changed, 259 insertions(+)

diff --git a/app-antivirus/clamav/clamav-0.103.3-r1.ebuild b/app-antivirus/clamav/clamav-0.103.3-r1.ebuild
new file mode 100644
index 00000000000..5fcae6ee66c
--- /dev/null
+++ b/app-antivirus/clamav/clamav-0.103.3-r1.ebuild
@@ -0,0 +1,234 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools flag-o-matic systemd tmpfiles
+
+DESCRIPTION="Clam Anti-Virus Scanner"
+HOMEPAGE="https://www.clamav.net/"
+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
+IUSE="bzip2 doc clamonacc clamdtop clamsubmit iconv ipv6 libclamav-only milter metadata-analysis-api selinux systemd test uclibc xml"
+
+REQUIRED_USE="libclamav-only? ( !clamonacc !clamdtop !clamsubmit !milter !metadata-analysis-api )"
+
+RESTRICT="!test? ( test )"
+
+# Require acct-{user,group}/clamav at build time so that we can set
+# the permissions on /var/lib/clamav in src_install rather than in
+# pkg_postinst; calling "chown" on the live filesystem scares me.
+CDEPEND="acct-group/clamav
+	acct-user/clamav
+	dev-libs/libltdl
+	dev-libs/libmspack
+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
+	dev-libs/tomsfastmath
+	>=sys-libs/zlib-1.2.2:=
+	bzip2? ( app-arch/bzip2 )
+	clamdtop? ( sys-libs/ncurses:0 )
+	clamsubmit? ( net-misc/curl dev-libs/json-c:= )
+	elibc_musl? ( sys-libs/fts-standalone )
+	iconv? ( virtual/libiconv )
+	!libclamav-only? ( net-misc/curl )
+	dev-libs/openssl:0=
+	milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )
+	xml? ( dev-libs/libxml2 )"
+
+# We need at least autoconf-2.69-r5 because that's the first (patched)
+# version of it in Gentoo that supports ./configure --runstatedir.
+BDEPEND=">=sys-devel/autoconf-2.69-r5
+	virtual/pkgconfig"
+
+DEPEND="${CDEPEND}
+	metadata-analysis-api? ( dev-libs/json-c:* )
+	test? ( dev-libs/check )"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-clamav )"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-0.102.1-libxml2_pkgconfig.patch" #661328
+	"${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616
+	"${FILESDIR}/${PN}-0.103.0-system-tomsfastmath.patch" # 649394
+	"${FILESDIR}/${PN}-0.103.1-upstream-openrc.patch"
+)
+
+src_prepare() {
+	default
+
+	# Be extra sure that we're using the system copy of tomsfastmath
+	einfo "removing bundled copy of dev-libs/tomsfastmath"
+	rm -r libclamav/tomsfastmath || \
+		die "failed to remove bundled tomsfastmath"
+
+	AT_NO_RECURSIVE="yes" eautoreconf
+}
+
+src_configure() {
+	use elibc_musl && append-ldflags -lfts
+	use ppc64 && append-flags -mminimal-toc
+	use uclibc && export ac_cv_type_error_t=yes
+
+	# according to configure help it should be
+	# $(use_enable xml)
+	# but that does not work
+	# do not add this, since --disable-xml seems to override
+	# --without-xml
+	JSONUSE="--without-libjson"
+
+	if use clamsubmit || use metadata-analysis-api; then
+		# either of those 2 requires libjson.
+		# clamsubmit will be built as soon as libjson and curl are found
+		# but we only install the binary if requested
+		JSONUSE="--with-libjson=${EPREFIX}/usr"
+	fi
+
+	local myeconfargs=(
+		$(use_enable bzip2)
+		$(use_enable clamonacc)
+		$(use_enable clamdtop)
+		$(use_enable ipv6)
+		$(use_enable milter)
+		$(use_enable test check)
+		$(use_with xml)
+		$(use_with iconv)
+		${JSONUSE}
+		$(use_enable libclamav-only)
+		$(use_with !libclamav-only libcurl)
+		--with-system-libmspack
+		--cache-file="${S}"/config.cache
+		--disable-experimental
+		--disable-static
+		--disable-zlib-vcheck
+		--enable-id-check
+		--with-dbdir="${EPREFIX}"/var/lib/clamav
+		# Don't call --with-zlib=/usr (see bug #699296)
+		--with-zlib
+		--disable-llvm
+		--enable-openrc
+		--runstatedir=/run
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	rm -rf "${ED}"/var/lib/clamav || die
+
+	if ! use libclamav-only ; then
+		if use systemd; then
+			# The tmpfiles entry is behind USE=systemd because the
+			# upstream OpenRC service files should (and do) ensure that
+			# the directories they need exist and have the correct
+			# permissions without the help of opentmpfiles. There are
+			# years-old root exploits in opentmpfiles, the design is
+			# fundamentally flawed, and the maintainer is not up to
+			# the task of fixing it.
+			dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"
+			systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
+			systemd_dounit "${FILESDIR}/clamd.service"
+			systemd_newunit "${FILESDIR}/freshclamd.service-r1" \
+							"freshclamd.service"
+		fi
+
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}/clamd.logrotate" clamd
+		newins "${FILESDIR}/freshclam.logrotate" freshclam
+		use milter && \
+			newins "${FILESDIR}/clamav-milter.logrotate-r1" clamav-milter
+
+		# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s/^#\(PidFile .*\)/\1/" \
+			-e "s/^#\(LocalSocket .*\)/\1/" \
+			-e "s/^#\(User .*\)/\1/" \
+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
+			-e "s:^\#\(LogTime\).*:\1 yes:" \
+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \
+			"${ED}"/etc/clamd.conf.sample || die
+
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s/^#\(PidFile .*\)/\1/" \
+			-e "s/^#\(DatabaseOwner .*\)/\1/" \
+			-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
+			-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
+			-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \
+			"${ED}"/etc/freshclam.conf.sample || die
+
+		if use milter ; then
+			# Note: only keep the "unix" ClamdSocket and MilterSocket!
+			sed -i -e "s:^\(Example\):\# \1:" \
+				-e "s/^#\(PidFile .*\)/\1/" \
+				-e "s/^#\(ClamdSocket unix:.*\)/\1/" \
+				-e "s/^#\(User .*\)/\1/" \
+				-e "s/^#\(MilterSocket unix:.*\)/\1/" \
+				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
+				"${ED}"/etc/clamav-milter.conf.sample || die
+
+			cat >> "${ED}"/etc/conf.d/clamd <<-EOF
+				MILTER_NICELEVEL=19
+				START_MILTER=no
+			EOF
+
+			systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
+		fi
+
+		local i
+		for i in clamd freshclam clamav-milter
+		do
+			if [[ -f "${ED}"/etc/"${i}".conf.sample ]]; then
+				mv "${ED}"/etc/"${i}".conf{.sample,} || die
+			fi
+		done
+
+		# These both need to be writable by the clamav user.
+		# TODO: use syslog by default; that's what it's for.
+		diropts -o clamav -g clamav
+		keepdir /var/lib/clamav
+		keepdir /var/log/clamav
+	fi
+
+	if use doc ; then
+		local HTML_DOCS=( docs/html/. )
+		einstalldocs
+
+		if ! use libclamav-only ; then
+			doman docs/man/*.[1-8]
+		fi
+	fi
+
+	find "${ED}" -name '*.la' -delete || die
+}
+
+src_test() {
+	if use libclamav-only ; then
+		ewarn "Test target not available when USE=libclamav-only is set, skipping tests ..."
+		return 0
+	fi
+
+	emake quick-check
+}
+
+pkg_postinst() {
+	if use milter ; then
+		elog "For simple instructions how to setup the clamav-milter read the"
+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
+	fi
+
+	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
+	if [[ ! -f "${databases}" ]] ; then
+		ewarn "You must run freshclam manually to populate the virus database"
+		ewarn "before starting clamav for the first time."
+	fi
+
+	ewarn "This version of ClamAV provides separate OpenRC services"
+	ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"
+	ewarn "clamd service now starts only the clamd daemon itself. You"
+	ewarn "should add freshclam (and perhaps clamav-milter) to any"
+	ewarn "runlevels that previously contained clamd."
+}

diff --git a/app-antivirus/clamav/files/clamav-milter.logrotate-r1 b/app-antivirus/clamav/files/clamav-milter.logrotate-r1
new file mode 100644
index 00000000000..8d2f31a852a
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-milter.logrotate-r1
@@ -0,0 +1,25 @@
+# This script is intended to rotate the logs for clamav-milter in its
+# default configuration on Gentoo, where clamav-milter writes to its
+# own log file but does not rotate that file itself. The clamav-milter
+# daemon is capable of rotating its own logs; if you have "LogRotate
+# yes" in clamav-milter.conf then you do not need this script (and
+# should disable it). Likewise, if you are logging to syslog
+# (LogSyslog yes), this is redundant.
+#
+# This is more complicated than the clamd/freshclam scripts because
+# the milter doesn't yet reopen its log files when it receives a
+# SIGHUP. See https://bugzilla.clamav.net/show_bug.cgi?id=12615
+# for that. Instead we have to attempt OpenRC/systemd service
+# restarts on (only) the machines that support them.
+/var/log/clamav/clamav-milter.log {
+  su clamav clamav
+  missingok
+  postrotate
+    if command -v rc-service >/dev/null; then
+      rc-service clamav-milter status 2>/dev/null 1>&2 && rc-service clamav-milter restart 1>/dev/null
+    fi
+    if command -v systemctl >/dev/null; then
+      systemctl try-restart clamav-milter
+    fi
+  endscript
+}


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2023-01-05  7:47 Sam James
  0 siblings, 0 replies; 15+ messages in thread
From: Sam James @ 2023-01-05  7:47 UTC (permalink / raw
  To: gentoo-commits

commit:     396f59676fd3c6429eb28206b1ac76bad18ba1cc
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Thu Jan  5 07:46:02 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu Jan  5 07:46:02 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=396f5967

app-antivirus/clamav: drop 0.104.4-r1, 0.105.1

Signed-off-by: Sam James <sam <AT> gentoo.org>

 app-antivirus/clamav/Manifest                      |   2 -
 app-antivirus/clamav/clamav-0.104.4-r1.ebuild      | 215 ------------------
 app-antivirus/clamav/clamav-0.105.1.ebuild         | 246 ---------------------
 .../files/clamav-0.105.1-cmake-llvm-fix.patch      |  73 ------
 4 files changed, 536 deletions(-)

diff --git a/app-antivirus/clamav/Manifest b/app-antivirus/clamav/Manifest
index 2fec99b21026..481ecf0d62e2 100644
--- a/app-antivirus/clamav/Manifest
+++ b/app-antivirus/clamav/Manifest
@@ -15,8 +15,6 @@ DIST cexpr-0.6.0.crate 17966 BLAKE2B cb46f066eb1f4dbac00ec86dc3e562db7ee8ea5ff17
 DIST cfg-if-1.0.0.crate 7934 BLAKE2B e99a5589c11d79d77a4537b34ce0a45d37b981c123b79b807cea836c89fc3926d693458893baca2882448d3d44e3f64e06141f6d916b748daa10b8cc1ae16d1b SHA512 0fb16a8882fd30e86b62c5143b1cb18ab564e84e75bd1f28fd12f24ffdc4a42e0d2e012a99abb606c12efe3c11061ff5bf8e24ab053e550ae083f7d90f6576ff
 DIST clamav-0.103.6.tar.gz 16491761 BLAKE2B 3c43bcda4a613f81d1b31036e7323a7af7708e54af94ad30a659a8fb318d8f79f357086ce70703659298524d778374df886495cd8c75280bbbe4bae30795a85a SHA512 d39e1964678b8251bde3a9f3db30fe3d3d76cc566a86834297f4dd8489086dc9cc4c6541ca128089159f4c071d2d85b530455bd942987d3929ea0082b8ab272b
 DIST clamav-0.103.7.tar.gz 16501741 BLAKE2B 49fc1c8c42ee8168dbaec4aa13ab0dfef7fa285e335cb38b17bc020df7400ee1daae49e06ba5b4ae0364d47d707cb83c0b1a8442d5b01d2bba5827606fe27fb4 SHA512 d426169889d94411b20a2c9c9579fc22a15090c9847849822c63fc6b404075feba0ff3663ee1382b2af5300394c7a93669844736f7473bfdce3250e1fd130326
-DIST clamav-0.104.4.tar.gz 12027448 BLAKE2B e8627b49b46e9bf5669b7186d829fd2caa76d9071b1533da252fea1bdeed1b78ec4a138db8957b0d121df1180eb37a6230f5f0db1e4d3f2de80bf7dddad5b47e SHA512 5aa8abe96ff49548cf74df47a7e56279c3082dc8ca98cab02f64f44b2da0230e75b5f634b3086ba8ca155052cbc22a2a47ab3dd159ae033d3f599dcde1f2420e
-DIST clamav-0.105.1.tar.gz 29467856 BLAKE2B be46d9afd76fb536d7de7363a45d38fef6a5983011e3cd0dcc25c2a209c8d37a2bbe1f7f4a5694152cabf622ef83e072b892ae12ba404da1955bb5b654e5216d SHA512 dcaa3eb90e5a8951f1750f0676791c33507206ae0d58a3da0d07f6f86b559799db09a4aed83fbd9d3eed8f1f17654f8304070e6770ba7e02de6f2be2cda65bec
 DIST clamav-1.0.0.tar.gz 10311477 BLAKE2B 8d66c03e7717ed52cb90a139f565abe2ed3379e09d500530c260f129f1f8eb2549dca11898f6c1a85e7988ce06388c8967e6decea06c840220ffccb4010add60 SHA512 a1be526516e622fd3359461db7dd8eb0734f7ba8ecb0b63c1574e216885cd7bcdc69ffdbc5e507a0060d23769e3caa8423aa273ec57bb86e40049679a818152a
 DIST clang-sys-1.4.0.crate 38679 BLAKE2B d15bdae2142ed26b4f6bd037bd2062e8c4b7b87fc5b749b872a95ff1952d000066c255aa0984e5f9c4a5c88066db4a20cfd048db4ba5a59b331d5ffa5e9a281d SHA512 062189bb0a341e2e85de4987f4b564c1fc69e4005c9c42cfedb61dee5f48db9126a8114d1d97be1b9c21b8c885243751232fbe8cf532e1d2be593308fe45216a
 DIST clap-2.34.0.crate 202210 BLAKE2B f383adf1d757ac4b68995132b33837686ce451f85a02a8d05d2c746da398510d05d46330f3efade063c3952aacb1754cdac73dd0afcae0df5340a89f9353aa1c SHA512 c648a761b9996a7e7464a538bb53621bae22090b846a42c3b729beca3363958ae67e3da9f93f58b10a10e043cadf7ff930388680d168646178c2824177832db8

diff --git a/app-antivirus/clamav/clamav-0.104.4-r1.ebuild b/app-antivirus/clamav/clamav-0.104.4-r1.ebuild
deleted file mode 100644
index 6514459df831..000000000000
--- a/app-antivirus/clamav/clamav-0.104.4-r1.ebuild
+++ /dev/null
@@ -1,215 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-PYTHON_COMPAT=( python3_{8..10} )
-inherit cmake flag-o-matic python-any-r1 systemd tmpfiles
-
-DESCRIPTION="Clam Anti-Virus Scanner"
-HOMEPAGE="https://www.clamav.net/"
-SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
-IUSE="doc clamonacc +clamapp libclamav-only milter rar selinux systemd test"
-
-REQUIRED_USE="libclamav-only? ( !clamonacc !clamapp !milter )
-	clamonacc? ( clamapp )
-	milter? ( clamapp )
-	test? ( !libclamav-only )"
-
-RESTRICT="!test? ( test )"
-
-# Require acct-{user,group}/clamav at build time so that we can set
-# the permissions on /var/lib/clamav in src_install rather than in
-# pkg_postinst; calling "chown" on the live filesystem scares me.
-CDEPEND="acct-group/clamav
-	acct-user/clamav
-	dev-libs/libltdl
-	dev-libs/libmspack
-	dev-libs/json-c:=
-	dev-libs/libpcre2
-	>=sys-libs/zlib-1.2.2:=
-	app-arch/bzip2
-	clamapp? ( sys-libs/ncurses:= net-misc/curl )
-	elibc_musl? ( sys-libs/fts-standalone )
-	virtual/libiconv
-	!libclamav-only? ( net-misc/curl )
-	dev-libs/openssl:=
-	milter? ( mail-filter/libmilter:= )
-	dev-libs/libxml2
-	rar? ( app-arch/unrar )
-	test? ( dev-python/pytest )"
-# TODO: there is no way to use this with the new build system instead of the bundled one
-#	dev-libs/tomsfastmath
-BDEPEND="virtual/pkgconfig
-	doc? ( app-doc/doxygen )
-	test? (
-		${PYTHON_DEPS}
-		$(python_gen_any_dep 'dev-python/pytest[${PYTHON_USEDEP}]')
-	)"
-DEPEND="${CDEPEND}
-	test? ( dev-libs/check )"
-RDEPEND="${CDEPEND}
-	selinux? ( sec-policy/selinux-clamav )"
-
-python_check_deps() {
-	has_version -b "dev-python/pytest[${PYTHON_USEDEP}]"
-}
-
-pkg_setup() {
-	use test && python-any-r1_pkg_setup
-}
-
-src_configure() {
-	use elibc_musl && append-ldflags -lfts
-	use ppc64 && append-flags -mminimal-toc
-
-	local mycmakeargs=(
-		-DDATABASE_DIRECTORY="${EPREFIX}"/var/lib/clamav
-		-DAPP_CONFIG_DIRECTORY="${EPREFIX}"/etc/clamav
-		-DENABLE_EXPERIMENTAL=OFF
-		-DENABLE_JSON_SHARED=ON
-		-DENABLE_APP=$(usex clamapp ON OFF)
-		-DENABLE_MILTER=$(usex milter ON OFF)
-		-DENABLE_CLAMONACC=$(usex clamonacc ON OFF)
-		-DCLAMAV_USER="clamav"
-		-DCLAMAV_GROUP="clamav"
-		-DBYTECODE_RUNTIME=interpreter
-		-DOPTIMIZE=ON
-		-DENABLE_EXTERNAL_MSPACK=ON
-		-DENABLE_MAN_PAGES=ON
-		-DENABLE_DOXYGEN=$(usex doc)
-		-DENABLE_UNRAR=$(usex rar ON OFF)
-		-DENABLE_TESTS=$(usex test ON OFF)
-		# Used to enable some more tests but doesn't behave well in
-		# sandbox necessarily(?) + needs certain debug symbols present
-		# in e.g. glibc.
-		-DCMAKE_DISABLE_FIND_PACKAGE_Valgrind=ON
-		-DENABLE_STATIC_LIB=OFF
-		-DENABLE_SHARED_LIB=ON
-		-DENABLE_SYSTEMD=$(usex systemd ON OFF)
-	)
-	cmake_src_configure
-}
-
-src_install() {
-	cmake_src_install
-
-	# init scripts
-	newinitd "${FILESDIR}/clamd.initd" clamd
-	newinitd "${FILESDIR}/freshclam.initd" freshclam
-	use clamonacc && \
-		newinitd "${FILESDIR}/clamonacc.initd" clamonacc
-	use milter && \
-		newinitd "${FILESDIR}/clamav-milter.initd" clamav-milter
-
-	rm -rf "${ED}"/var/lib/clamav || die
-
-	if ! use libclamav-only ; then
-		if use systemd ; then
-			# The tmpfiles entry is behind USE=systemd because the
-			# upstream OpenRC service files should (and do) ensure that
-			# the directories they need exist and have the correct
-			# permissions without the help of opentmpfiles. There are
-			# years-old root exploits in opentmpfiles, the design is
-			# fundamentally flawed, and the maintainer is not up to
-			# the task of fixing it.
-			dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"
-			systemd_newunit "${FILESDIR}/clamd_at.service-0.104.0" "clamd@.service"
-			systemd_dounit "${FILESDIR}/clamd.service"
-			systemd_newunit "${FILESDIR}/freshclamd.service-r1" \
-							"freshclamd.service"
-		fi
-
-		if use clamapp ; then
-			# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
-			sed -e "s:^\(Example\):\# \1:" \
-				-e "s/^#\(PidFile .*\)/\1/" \
-				-e "s/^#\(LocalSocket .*\)/\1/" \
-				-e "s/^#\(User .*\)/\1/" \
-				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
-				-e "s:^\#\(LogTime\).*:\1 yes:" \
-				-e "s/^#\(DatabaseDirectory .*\)/\1/" \
-				"${ED}"/etc/clamav/clamd.conf.sample > \
-				"${ED}"/etc/clamav/clamd.conf || die
-
-			sed -e "s:^\(Example\):\# \1:" \
-				-e "s/^#\(PidFile .*\)/\1/" \
-				-e "s/^#\(DatabaseOwner .*\)/\1/" \
-				-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
-				-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamav/clamd.conf:" \
-				-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
-				-e "s/^#\(DatabaseDirectory .*\)/\1/" \
-				"${ED}"/etc/clamav/freshclam.conf.sample > \
-				"${ED}"/etc/clamav/freshclam.conf || die
-
-			if use milter ; then
-				# Note: only keep the "unix" ClamdSocket and MilterSocket!
-				sed -e "s:^\(Example\):\# \1:" \
-					-e "s/^#\(PidFile .*\)/\1/" \
-					-e "s/^#\(ClamdSocket unix:.*\)/\1/" \
-					-e "s/^#\(User .*\)/\1/" \
-					-e "s/^#\(MilterSocket unix:.*\)/\1/" \
-					-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
-					"${ED}"/etc/clamav/clamav-milter.conf.sample > \
-					"${ED}"/etc/clamav/clamav-milter.conf || die
-
-				systemd_newunit "${FILESDIR}/clamav-milter.service-0.104.0" clamav-milter.service
-			fi
-
-			local i
-			for i in clamd freshclam clamav-milter
-			do
-				if [[ -f "${ED}"/etc/"${i}".conf.sample ]] ; then
-					mv "${ED}"/etc/"${i}".conf{.sample,} || die
-				fi
-			done
-
-			# These both need to be writable by the clamav user.
-			# TODO: use syslog by default; that's what it's for.
-			diropts -o clamav -g clamav
-			keepdir /var/lib/clamav
-			keepdir /var/log/clamav
-		fi
-	fi
-
-	if use doc ; then
-		local HTML_DOCS=( docs/html/. )
-		einstalldocs
-	fi
-
-	# Don't install man pages for utilities we didn't install
-	if use libclamav-only ; then
-		rm -r "${ED}"/usr/share/man || die
-	fi
-
-	find "${ED}" -name '*.la' -delete || die
-}
-
-pkg_postinst() {
-	if ! use libclamav-only ; then
-		if use systemd ; then
-			tmpfiles_process clamav.conf
-		fi
-	fi
-
-	if use milter ; then
-		elog "For simple instructions how to setup the clamav-milter read the"
-		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
-	fi
-
-	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
-	if [[ ! -f "${databases}" ]] ; then
-		ewarn "You must run freshclam manually to populate the virus database"
-		ewarn "before starting clamav for the first time."
-	fi
-
-	ewarn "This version of ClamAV provides separate OpenRC services"
-	ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"
-	ewarn "clamd service now starts only the clamd daemon itself. You"
-	ewarn "should add freshclam (and perhaps clamav-milter) to any"
-	ewarn "runlevels that previously contained clamd."
-}

diff --git a/app-antivirus/clamav/clamav-0.105.1.ebuild b/app-antivirus/clamav/clamav-0.105.1.ebuild
deleted file mode 100644
index 0d62bc5c14c0..000000000000
--- a/app-antivirus/clamav/clamav-0.105.1.ebuild
+++ /dev/null
@@ -1,246 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-LLVM_MAX_SLOT=13
-PYTHON_COMPAT=( python3_{8..11} )
-inherit cmake flag-o-matic llvm python-any-r1 systemd tmpfiles
-
-DESCRIPTION="Clam Anti-Virus Scanner"
-HOMEPAGE="https://www.clamav.net/"
-SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
-IUSE="doc clamonacc +clamapp experimental jit libclamav-only milter rar selinux systemd test"
-
-REQUIRED_USE="libclamav-only? ( !clamonacc !clamapp !milter )
-	clamonacc? ( clamapp )
-	milter? ( clamapp )
-	test? ( !libclamav-only )"
-
-RESTRICT="!test? ( test )"
-
-# Require acct-{user,group}/clamav at build time so that we can set
-# the permissions on /var/lib/clamav in src_install rather than in
-# pkg_postinst; calling "chown" on the live filesystem scares me.
-CDEPEND="
-	acct-group/clamav
-	acct-user/clamav
-	app-arch/bzip2
-	dev-libs/json-c:=
-	dev-libs/libltdl
-	dev-libs/libmspack
-	dev-libs/libpcre2:=
-	dev-libs/libxml2
-	dev-libs/openssl:=
-	dev-libs/tomsfastmath:=
-	>=sys-libs/zlib-1.2.2:=
-	virtual/libiconv
-	!libclamav-only? ( net-misc/curl )
-	clamapp? ( sys-libs/ncurses:= net-misc/curl )
-	elibc_musl? ( sys-libs/fts-standalone )
-	jit? ( <sys-devel/llvm-$((${LLVM_MAX_SLOT} + 1)):= )
-	milter? ( mail-filter/libmilter:= )
-	rar? ( app-arch/unrar )
-	test? ( dev-python/pytest )
-"
-
-BDEPEND="
-	virtual/pkgconfig
-	>=virtual/rust-1.56
-	doc? ( app-doc/doxygen )
-	test? (
-		${PYTHON_DEPS}
-		$(python_gen_any_dep 'dev-python/pytest[${PYTHON_USEDEP}]')
-	)
-"
-
-DEPEND="${CDEPEND}
-	test? ( dev-libs/check )"
-
-RDEPEND="${CDEPEND}
-	selinux? ( sec-policy/selinux-clamav )"
-
-python_check_deps() {
-	python_has_version -b "dev-python/pytest[${PYTHON_USEDEP}]"
-}
-
-pkg_setup() {
-	use jit && llvm_pkg_setup
-	use test && python-any-r1_pkg_setup
-}
-
-PATCHES=(
-	"${FILESDIR}/${P}-cmake-llvm-fix.patch"
-)
-
-src_configure() {
-	use elibc_musl && append-ldflags -lfts
-	use ppc64 && append-flags -mminimal-toc
-
-	local mycmakeargs=(
-		-DDATABASE_DIRECTORY="${EPREFIX}"/var/lib/clamav
-		-DAPP_CONFIG_DIRECTORY="${EPREFIX}"/etc/clamav
-		-DENABLE_EXPERIMENTAL=$(usex experimental ON OFF)
-		-DENABLE_JSON_SHARED=ON
-		-DENABLE_APP=$(usex clamapp ON OFF)
-		-DENABLE_MILTER=$(usex milter ON OFF)
-		-DENABLE_CLAMONACC=$(usex clamonacc ON OFF)
-		-DCLAMAV_USER="clamav"
-		-DCLAMAV_GROUP="clamav"
-		-DBYTECODE_RUNTIME=$(usex jit llvm interpreter)
-		-DOPTIMIZE=ON
-		-DENABLE_EXTERNAL_MSPACK=ON
-		-DENABLE_EXTERNAL_TOMSFASTMATH=ON
-		-DENABLE_MAN_PAGES=ON
-		-DENABLE_DOXYGEN=$(usex doc)
-		-DENABLE_UNRAR=$(usex rar ON OFF)
-		-DENABLE_TESTS=$(usex test ON OFF)
-		-DENABLE_STATIC_LIB=OFF
-		-DENABLE_SHARED_LIB=ON
-		-DENABLE_SYSTEMD=$(usex systemd ON OFF)
-	)
-
-	if use test ; then
-		# https://bugs.gentoo.org/818673
-		# Used to enable some more tests but doesn't behave well in
-		# sandbox necessarily(?) + needs certain debug symbols present
-		# in e.g. glibc.
-		mycmakeargs+=( -DCMAKE_DISABLE_FIND_PACKAGE_Valgrind=ON )
-	fi
-
-	if use jit ; then
-		# Suppress CMake warnings that variables aren't consumed if we aren't using LLVM
-		# https://github.com/Cisco-Talos/clamav/blob/main/INSTALL.md#llvm-optional-see-bytecode-runtime-section
-		# https://github.com/Cisco-Talos/clamav/blob/main/INSTALL.md#bytecode-runtime
-		mycmakeargs+=(
-			-DLLVM_ROOT_DIR="$(get_llvm_prefix -d ${LLVM_MAX_SLOT})"
-			-DLLVM_FIND_VERSION="$(best_version sys-devel/llvm:${LLVM_MAX_SLOT} | cut -c 16-)"
-		)
-	fi
-
-	cmake_src_configure
-}
-
-src_install() {
-	cmake_src_install
-	# init scripts
-	newinitd "${FILESDIR}/clamd.initd" clamd
-	newinitd "${FILESDIR}/freshclam.initd" freshclam
-	use clamonacc && \
-		newinitd "${FILESDIR}/clamonacc.initd" clamonacc
-	use milter && \
-		newinitd "${FILESDIR}/clamav-milter.initd" clamav-milter
-
-	rm -rf "${ED}"/var/lib/clamav || die
-
-	if ! use libclamav-only ; then
-		if use systemd ; then
-			# The tmpfiles entry is behind USE=systemd because the
-			# upstream OpenRC service files should (and do) ensure that
-			# the directories they need exist and have the correct
-			# permissions without the help of opentmpfiles. There are
-			# years-old root exploits in opentmpfiles, the design is
-			# fundamentally flawed, and the maintainer is not up to
-			# the task of fixing it.
-			dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"
-			systemd_newunit "${FILESDIR}/clamd_at.service-0.104.0" "clamd@.service"
-			systemd_dounit "${FILESDIR}/clamd.service"
-			systemd_newunit "${FILESDIR}/freshclamd.service-r1" \
-							"freshclamd.service"
-		fi
-
-		if use clamapp ; then
-			# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
-			sed -e "s:^\(Example\):\# \1:" \
-				-e "s/^#\(PidFile .*\)/\1/" \
-				-e "s/^#\(LocalSocket .*\)/\1/" \
-				-e "s/^#\(User .*\)/\1/" \
-				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
-				-e "s:^\#\(LogTime\).*:\1 yes:" \
-				-e "s/^#\(DatabaseDirectory .*\)/\1/" \
-				"${ED}"/etc/clamav/clamd.conf.sample > \
-				"${ED}"/etc/clamav/clamd.conf || die
-
-			sed -e "s:^\(Example\):\# \1:" \
-				-e "s/^#\(PidFile .*\)/\1/" \
-				-e "s/^#\(DatabaseOwner .*\)/\1/" \
-				-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
-				-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamav/clamd.conf:" \
-				-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
-				-e "s/^#\(DatabaseDirectory .*\)/\1/" \
-				"${ED}"/etc/clamav/freshclam.conf.sample > \
-				"${ED}"/etc/clamav/freshclam.conf || die
-
-			if use milter ; then
-				# Note: only keep the "unix" ClamdSocket and MilterSocket!
-				sed -e "s:^\(Example\):\# \1:" \
-					-e "s/^#\(PidFile .*\)/\1/" \
-					-e "s/^#\(ClamdSocket unix:.*\)/\1/" \
-					-e "s/^#\(User .*\)/\1/" \
-					-e "s/^#\(MilterSocket unix:.*\)/\1/" \
-					-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
-					"${ED}"/etc/clamav/clamav-milter.conf.sample > \
-					"${ED}"/etc/clamav/clamav-milter.conf || die
-
-				systemd_newunit "${FILESDIR}/clamav-milter.service-0.104.0" clamav-milter.service
-			fi
-
-			local i
-			for i in clamd freshclam clamav-milter
-			do
-				if [[ -f "${ED}"/etc/"${i}".conf.sample ]] ; then
-					mv "${ED}"/etc/"${i}".conf{.sample,} || die
-				fi
-			done
-
-			# These both need to be writable by the clamav user.
-			# TODO: use syslog by default; that's what it's for.
-			diropts -o clamav -g clamav
-			keepdir /var/lib/clamav
-			keepdir /var/log/clamav
-		fi
-	fi
-
-	if use doc ; then
-		local HTML_DOCS=( docs/html/. )
-		einstalldocs
-	fi
-
-	# Don't install man pages for utilities we didn't install
-	if use libclamav-only ; then
-		rm -r "${ED}"/usr/share/man || die
-	fi
-
-	find "${ED}" -name '*.la' -delete || die
-}
-
-pkg_postinst() {
-	if ! use libclamav-only ; then
-		if use systemd ; then
-			tmpfiles_process clamav.conf
-		fi
-	fi
-
-	if use milter ; then
-		elog "For simple instructions how to setup the clamav-milter read the"
-		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
-	fi
-
-	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
-	if [[ ! -f "${databases}" ]] ; then
-		ewarn "You must run freshclam manually to populate the virus database"
-		ewarn "before starting clamav for the first time."
-	fi
-
-	 if ! systemd_is_booted ; then
-		ewarn "This version of ClamAV provides separate OpenRC services"
-		ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"
-		ewarn "clamd service now starts only the clamd daemon itself. You"
-		ewarn "should add freshclam (and perhaps clamav-milter) to any"
-		ewarn "runlevels that previously contained clamd."
-	fi
-}

diff --git a/app-antivirus/clamav/files/clamav-0.105.1-cmake-llvm-fix.patch b/app-antivirus/clamav/files/clamav-0.105.1-cmake-llvm-fix.patch
deleted file mode 100644
index b73a2e066ef1..000000000000
--- a/app-antivirus/clamav/files/clamav-0.105.1-cmake-llvm-fix.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-clamav 0.105.1 doesn't support LLVM version detection
-
-See: https://github.com/Cisco-Talos/clamav/pull/692
-
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -480,39 +480,43 @@ find_package(JSONC REQUIRED)
- # Set variable required by libclamav to use libjson-c
- set(HAVE_JSON 1)
- 
-+set(LLVM_MAX_VER "14.0.0")
-+set(LLVM_MIN_VER "8.0.0")
-+
- string (TOLOWER ${BYTECODE_RUNTIME} bytecodeRuntime)
- if(${bytecodeRuntime} STREQUAL "llvm")
--    set (LLVM_FIND_VERSION "8.0.0")
--    find_package(LLVM REQUIRED)
-+    if(DEFINED LLVM_ROOT_DIR AND DEFINED LLVM_FIND_VERSION)
-+        find_package(LLVM EXACT ${LLVM_FIND_VERSION} REQUIRED HINTS ${LLVM_ROOT_DIR})
-+    elseif(DEFINED LLVM_ROOT_DIR)
-+        find_package(LLVM REQUIRED HINTS ${LLVM_ROOT_DIR})
-+    elseif(DEFINED LLVM_FIND_VERSION)
-+        find_package(LLVM EXACT ${LLVM_FIND_VERSION} REQUIRED)
-+    else()
-+        set (LLVM_FIND_VERSION ${LLVM_MIN_VER})
-+        find_package(LLVM REQUIRED)
-+    endif()
-     if(LLVM_FOUND)
-         if (LLVM_AVAILABLE_LIBS)
--            # Found using LLVMConfig.cmake
--            message("LLVM found using LLVMConfig.cmake")
--            set(LLVM_VERSION ${LLVM_VERSION_MAJOR}${LLVM_VERSION_MINOR})
-+            message(STATUS "LLVM found using LLVMConfig.cmake")
-             set(LLVM_LIBRARIES ${LLVM_AVAILABLE_LIBS})
--
--            if (${LLVM_PACKAGE_VERSION} VERSION_LESS "8.0.0")
--                message(FATAL "LLVM version ${LLVM_PACKAGE_VERSION} is too old")
--            endif()
--
-         else()
--            # Found using FindLLVM.cmake
--            message("LLVM found using FindLLVM.cmake")
--
--            # Set variable required by libclamav to use llvm instead of interpreter
--            set(LLVM_VERSION ${LLVM_VERSION_MAJOR}${LLVM_VERSION_MINOR})
--            message("LLVM_FOUND ${LLVM_FOUND}")
-+            message(STATUS "LLVM found using FindLLVM.cmake")
-+            set(LLVM_PACKAGE_VERSION ${LLVM_VERSION_STRING})
- 
--            if (${LLVM_VERSION_STRING} VERSION_GREATER_EQUAL "9.0.0")
--                if (${LLVM_VERSION_STRING} VERSION_LESS "10.0.0")
--                    set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DNDEBUG")
--                endif()
-+            if (${LLVM_VERSION_STRING} VERSION_GREATER_EQUAL "9.0.0" AND ${LLVM_VERSION_STRING} VERSION_LESS "10.0.0")
-+                set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DNDEBUG")
-             endif()
-+        endif()
- 
--            if (${LLVM_VERSION_STRING} VERSION_LESS "8.0.0")
--                message(FATAL "LLVM version ${LLVM_VERSION_STRING} is too old")
--            endif()
-+        if (${LLVM_PACKAGE_VERSION} VERSION_LESS ${LLVM_MIN_VER})
-+            message(FATAL_ERROR "LLVM version ${LLVM_PACKAGE_VERSION} is too old")
-+        elseif (${LLVM_PACKAGE_VERSION} VERSION_GREATER_EQUAL ${LLVM_MAX_VER} )
-+            message(FATAL_ERROR "LLVM version ${LLVM_PACKAGE_VERSION} is too new")
-+        else()
-+            message(STATUS "LLVM version ${LLVM_PACKAGE_VERSION} found")
-         endif()
-+        # Set variable required by libclamav to use llvm instead of interpreter
-+        set(LLVM_VERSION ${LLVM_VERSION_MAJOR}${LLVM_VERSION_MINOR})
-     endif()
- endif()
- 


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2023-02-15 22:51 Michael Orlitzky
  0 siblings, 0 replies; 15+ messages in thread
From: Michael Orlitzky @ 2023-02-15 22:51 UTC (permalink / raw
  To: gentoo-commits

commit:     a12c3ed66db1fed82adc8010d05214db44ac31ff
Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 15 22:32:11 2023 +0000
Commit:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
CommitDate: Wed Feb 15 22:33:55 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a12c3ed6

app-antivirus/clamav: add 0.103.8 (CVE-2023-20032, CVE-2023-20052).

Bug: https://bugs.gentoo.org/879625
Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org>

 app-antivirus/clamav/Manifest                      |   1 +
 app-antivirus/clamav/clamav-0.103.8.ebuild         | 240 +++++++++++++++++++++
 .../clamav/files/clamav-0.103.8-c-std.patch        | 204 ++++++++++++++++++
 3 files changed, 445 insertions(+)

diff --git a/app-antivirus/clamav/Manifest b/app-antivirus/clamav/Manifest
index 3021a4290d7a..9cf4918148b8 100644
--- a/app-antivirus/clamav/Manifest
+++ b/app-antivirus/clamav/Manifest
@@ -14,6 +14,7 @@ DIST cbindgen-0.20.0.crate 183277 BLAKE2B 51529b21879e3a3212fbb951b3bdd5c8c396dc
 DIST cexpr-0.6.0.crate 17966 BLAKE2B cb46f066eb1f4dbac00ec86dc3e562db7ee8ea5ff17d16a60004fa020405e455b8aeb3d001f669cb33d1b62525bfd04ec657ffca4ed44a83af4a5e75b2c820e3 SHA512 766bff7ca7f9bf0885aee6f014bcfc084e7fdfcd567a49443d5340acfe8f257db109de17b24588504fc35c53f2d4303e2d22da21f73669125cfca984950cf886
 DIST cfg-if-1.0.0.crate 7934 BLAKE2B e99a5589c11d79d77a4537b34ce0a45d37b981c123b79b807cea836c89fc3926d693458893baca2882448d3d44e3f64e06141f6d916b748daa10b8cc1ae16d1b SHA512 0fb16a8882fd30e86b62c5143b1cb18ab564e84e75bd1f28fd12f24ffdc4a42e0d2e012a99abb606c12efe3c11061ff5bf8e24ab053e550ae083f7d90f6576ff
 DIST clamav-0.103.7.tar.gz 16501741 BLAKE2B 49fc1c8c42ee8168dbaec4aa13ab0dfef7fa285e335cb38b17bc020df7400ee1daae49e06ba5b4ae0364d47d707cb83c0b1a8442d5b01d2bba5827606fe27fb4 SHA512 d426169889d94411b20a2c9c9579fc22a15090c9847849822c63fc6b404075feba0ff3663ee1382b2af5300394c7a93669844736f7473bfdce3250e1fd130326
+DIST clamav-0.103.8.tar.gz 16524716 BLAKE2B 207a6087de9134586215a4f3fe02cb071135c38fac792f6cb2d4c4a3c9e596bff5dd0a0ac3dd9f6018771d866fa9e64223933f96cec3ee6e8ce17a743c3d952f SHA512 8e030fef5788cf4df8f4d878363df1e5d9abcaa209b9f998f57334ede481d755b33958b5e9bb82be9643cb7442814711e4c9978314cadd7eb9161fee03b74439
 DIST clamav-1.0.0.tar.gz 10311477 BLAKE2B 8d66c03e7717ed52cb90a139f565abe2ed3379e09d500530c260f129f1f8eb2549dca11898f6c1a85e7988ce06388c8967e6decea06c840220ffccb4010add60 SHA512 a1be526516e622fd3359461db7dd8eb0734f7ba8ecb0b63c1574e216885cd7bcdc69ffdbc5e507a0060d23769e3caa8423aa273ec57bb86e40049679a818152a
 DIST clang-sys-1.4.0.crate 38679 BLAKE2B d15bdae2142ed26b4f6bd037bd2062e8c4b7b87fc5b749b872a95ff1952d000066c255aa0984e5f9c4a5c88066db4a20cfd048db4ba5a59b331d5ffa5e9a281d SHA512 062189bb0a341e2e85de4987f4b564c1fc69e4005c9c42cfedb61dee5f48db9126a8114d1d97be1b9c21b8c885243751232fbe8cf532e1d2be593308fe45216a
 DIST clap-2.34.0.crate 202210 BLAKE2B f383adf1d757ac4b68995132b33837686ce451f85a02a8d05d2c746da398510d05d46330f3efade063c3952aacb1754cdac73dd0afcae0df5340a89f9353aa1c SHA512 c648a761b9996a7e7464a538bb53621bae22090b846a42c3b729beca3363958ae67e3da9f93f58b10a10e043cadf7ff930388680d168646178c2824177832db8

diff --git a/app-antivirus/clamav/clamav-0.103.8.ebuild b/app-antivirus/clamav/clamav-0.103.8.ebuild
new file mode 100644
index 000000000000..56035dbcf6c4
--- /dev/null
+++ b/app-antivirus/clamav/clamav-0.103.8.ebuild
@@ -0,0 +1,240 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic systemd tmpfiles
+
+DESCRIPTION="Clam Anti-Virus Scanner"
+HOMEPAGE="https://www.clamav.net/"
+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
+IUSE="bzip2 doc clamonacc clamdtop clamsubmit iconv ipv6 libclamav-only milter metadata-analysis-api selinux systemd test xml"
+
+REQUIRED_USE="libclamav-only? ( !clamonacc !clamdtop !clamsubmit !milter !metadata-analysis-api )"
+
+RESTRICT="!test? ( test )"
+
+# Require acct-{user,group}/clamav at build time so that we can set
+# the permissions on /var/lib/clamav in src_install rather than in
+# pkg_postinst; calling "chown" on the live filesystem scares me.
+CDEPEND="acct-group/clamav
+	acct-user/clamav
+	dev-libs/libltdl
+	dev-libs/libmspack
+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
+	dev-libs/tomsfastmath
+	>=sys-libs/zlib-1.2.2:=
+	bzip2? ( app-arch/bzip2 )
+	clamdtop? ( sys-libs/ncurses:0 )
+	clamsubmit? ( net-misc/curl dev-libs/json-c:= )
+	elibc_musl? ( sys-libs/fts-standalone )
+	iconv? ( virtual/libiconv )
+	!libclamav-only? ( net-misc/curl )
+	dev-libs/openssl:0=
+	milter? ( mail-filter/libmilter:= )
+	xml? ( dev-libs/libxml2 )"
+
+# We need at least autoconf-2.69-r5 because that's the first (patched)
+# version of it in Gentoo that supports ./configure --runstatedir.
+BDEPEND=">=sys-devel/autoconf-2.69-r5
+	virtual/pkgconfig"
+
+DEPEND="${CDEPEND}
+	metadata-analysis-api? ( dev-libs/json-c:* )
+	test? ( dev-libs/check )"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-clamav )"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-0.102.1-libxml2_pkgconfig.patch" #661328
+	"${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616
+	"${FILESDIR}/${PN}-0.103.0-system-tomsfastmath.patch" # 649394
+	"${FILESDIR}/${PN}-0.103.1-upstream-openrc.patch"
+	"${FILESDIR}/${PN}-0.103.8-c-std.patch" #879625
+)
+
+src_prepare() {
+	default
+
+	# Be extra sure that we're using the system copy of tomsfastmath
+	einfo "removing bundled copy of dev-libs/tomsfastmath"
+	rm -r libclamav/tomsfastmath || \
+		die "failed to remove bundled tomsfastmath"
+
+	AT_NO_RECURSIVE="yes" eautoreconf
+}
+
+src_configure() {
+	use elibc_musl && append-ldflags -lfts
+	use ppc64 && append-flags -mminimal-toc
+
+	# according to configure help it should be
+	# $(use_enable xml)
+	# but that does not work
+	# do not add this, since --disable-xml seems to override
+	# --without-xml
+	JSONUSE="--without-libjson"
+
+	if use clamsubmit || use metadata-analysis-api; then
+		# either of those 2 requires libjson.
+		# clamsubmit will be built as soon as libjson and curl are found
+		# but we only install the binary if requested
+		JSONUSE="--with-libjson=${EPREFIX}/usr"
+	fi
+
+	local myeconfargs=(
+		$(use_enable bzip2)
+		$(use_enable clamonacc)
+		$(use_enable clamdtop)
+		$(use_enable ipv6)
+		$(use_enable milter)
+		$(use_enable test check)
+		$(use_with xml)
+		$(use_with iconv)
+		${JSONUSE}
+		$(use_enable libclamav-only)
+		$(use_with !libclamav-only libcurl)
+		--with-system-libmspack
+		--cache-file="${S}"/config.cache
+		--disable-experimental
+		--disable-static
+		--disable-zlib-vcheck
+		--enable-id-check
+		--with-dbdir="${EPREFIX}"/var/lib/clamav
+		# Don't call --with-zlib=/usr (see bug #699296)
+		--with-zlib
+		--disable-llvm
+		--enable-openrc
+		--runstatedir=/run
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	rm -rf "${ED}"/var/lib/clamav || die
+
+	if ! use libclamav-only ; then
+		if use systemd; then
+			# The tmpfiles entry is behind USE=systemd because the
+			# upstream OpenRC service files should (and do) ensure that
+			# the directories they need exist and have the correct
+			# permissions without the help of opentmpfiles. There are
+			# years-old root exploits in opentmpfiles, the design is
+			# fundamentally flawed, and the maintainer is not up to
+			# the task of fixing it.
+			dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"
+			systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
+			systemd_dounit "${FILESDIR}/clamd.service"
+			systemd_newunit "${FILESDIR}/freshclamd.service-r1" \
+							"freshclamd.service"
+		fi
+
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}/clamd.logrotate" clamd
+		newins "${FILESDIR}/freshclam.logrotate" freshclam
+		use milter && \
+			newins "${FILESDIR}/clamav-milter.logrotate-r1" clamav-milter
+
+		# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s/^#\(PidFile .*\)/\1/" \
+			-e "s/^#\(LocalSocket .*\)/\1/" \
+			-e "s/^#\(User .*\)/\1/" \
+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
+			-e "s:^\#\(LogTime\).*:\1 yes:" \
+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \
+			"${ED}"/etc/clamd.conf.sample || die
+
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s/^#\(PidFile .*\)/\1/" \
+			-e "s/^#\(DatabaseOwner .*\)/\1/" \
+			-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
+			-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
+			-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \
+			"${ED}"/etc/freshclam.conf.sample || die
+
+		if use milter ; then
+			# Note: only keep the "unix" ClamdSocket and MilterSocket!
+			sed -i -e "s:^\(Example\):\# \1:" \
+				-e "s/^#\(PidFile .*\)/\1/" \
+				-e "s/^#\(ClamdSocket unix:.*\)/\1/" \
+				-e "s/^#\(User .*\)/\1/" \
+				-e "s/^#\(MilterSocket unix:.*\)/\1/" \
+				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
+				"${ED}"/etc/clamav-milter.conf.sample || die
+
+			cat >> "${ED}"/etc/conf.d/clamd <<-EOF
+				MILTER_NICELEVEL=19
+				START_MILTER=no
+			EOF
+
+			systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
+		fi
+
+		local i
+		for i in clamd freshclam clamav-milter
+		do
+			if [[ -f "${ED}"/etc/"${i}".conf.sample ]]; then
+				mv "${ED}"/etc/"${i}".conf{.sample,} || die
+			fi
+		done
+
+		# These both need to be writable by the clamav user.
+		# TODO: use syslog by default; that's what it's for.
+		diropts -o clamav -g clamav
+		keepdir /var/lib/clamav
+		keepdir /var/log/clamav
+	fi
+
+	if use doc ; then
+		local HTML_DOCS=( docs/html/. )
+		einstalldocs
+
+		if ! use libclamav-only ; then
+			doman docs/man/*.[1-8]
+		fi
+	fi
+
+	find "${ED}" -name '*.la' -delete || die
+}
+
+src_test() {
+	if use libclamav-only ; then
+		ewarn "Test target not available when USE=libclamav-only is set, skipping tests ..."
+		return 0
+	fi
+
+	emake quick-check
+}
+
+pkg_postinst() {
+	if ! use libclamav-only ; then
+		if use systemd ; then
+			tmpfiles_process clamav.conf
+		fi
+	fi
+
+	if use milter ; then
+		elog "For simple instructions how to setup the clamav-milter read the"
+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
+	fi
+
+	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
+	if [[ ! -f "${databases}" ]] ; then
+		ewarn "You must run freshclam manually to populate the virus database"
+		ewarn "before starting clamav for the first time."
+	fi
+
+	ewarn "This version of ClamAV provides separate OpenRC services"
+	ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"
+	ewarn "clamd service now starts only the clamd daemon itself. You"
+	ewarn "should add freshclam (and perhaps clamav-milter) to any"
+	ewarn "runlevels that previously contained clamd."
+}

diff --git a/app-antivirus/clamav/files/clamav-0.103.8-c-std.patch b/app-antivirus/clamav/files/clamav-0.103.8-c-std.patch
new file mode 100644
index 000000000000..91556a1ae422
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.103.8-c-std.patch
@@ -0,0 +1,204 @@
+From b9e2714d5b42ad9a0742746996b989400c794adb Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Fri, 4 Nov 2022 19:31:15 -0400
+Subject: [PATCH 1/2] clamonacc/c-thread-pool/thpool.c: define _GNU_SOURCE for
+ syscall().
+
+On Linux, thpool.c uses syscall() from unistd.h, but that function is
+not defined without _GNU_SOURCE:
+
+  c-thread-pool/thpool.c: In function 'jobqueue_pull':
+  c-thread-pool/thpool.c:474:105: error: implicit declaration of function
+  'syscall' [-Werror=implicit-function-declaration]
+
+In general that's not great, because it hinders some compiler diagnostics,
+but it will also cause problems down the road if (for example) clang-16
+decides to enable -Werror=implicit-function-declaration by default.
+
+This commit changes the _POSIX_C_SOURCE definition at the top of
+thpool.c to _GNU_SOURCE, as in the syscall(2) man page.
+---
+ clamonacc/c-thread-pool/thpool.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/clamonacc/c-thread-pool/thpool.c b/clamonacc/c-thread-pool/thpool.c
+index 46572da5f4..27c5103ff1 100644
+--- a/clamonacc/c-thread-pool/thpool.c
++++ b/clamonacc/c-thread-pool/thpool.c
+@@ -8,7 +8,7 @@
+  *
+  ********************************/
+ 
+-#define _POSIX_C_SOURCE 200809L
++#define _GNU_SOURCE
+ #include <unistd.h>
+ #include <signal.h>
+ #include <stdio.h>
+
+From 7e3425ab701141064d179c45af2251f61af4ccc7 Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Fri, 4 Nov 2022 20:08:30 -0400
+Subject: [PATCH 2/2] */*: fix invalid prototypes.
+
+Prototypes (or the declarations themselves, if there is no
+corresponding prototype) for functions that take no arguments are
+required by the C standard to specify (void) as their argument list;
+for example,
+
+  regex_pcre.h:79:1: error: function declaration isn't a prototype
+  [-Werror=strict-prototypes]
+     79 | cl_error_t cli_pcre_init_internal();
+
+Future versions of clang may become strict about this, and there's no
+harm in conforming to the standard right now, so we fix all such
+instances in this commit.
+---
+ clamonacc/clamonacc.c                | 2 +-
+ clamonacc/client/socket.h            | 2 +-
+ clamonacc/inotif/hash.c              | 2 +-
+ clamonacc/inotif/inotif.c            | 2 +-
+ clamonacc/scan/onas_queue.c          | 6 +++---
+ libclamav/matcher-pcre.h             | 6 +++---
+ libclamav/regex_pcre.h               | 2 +-
+ m4/reorganization/compiler_checks.m4 | 2 +-
+ shared/misc.h                        | 2 +-
+ 9 files changed, 13 insertions(+), 13 deletions(-)
+
+diff --git a/clamonacc/clamonacc.c b/clamonacc/clamonacc.c
+index ba986ef06c..c020897908 100644
+--- a/clamonacc/clamonacc.c
++++ b/clamonacc/clamonacc.c
+@@ -61,7 +61,7 @@
+ pthread_t ddd_pid        = 0;
+ pthread_t scan_queue_pid = 0;
+ 
+-static void onas_handle_signals();
++static void onas_handle_signals(void);
+ static int startup_checks(struct onas_context *ctx);
+ static struct onas_context *g_ctx = NULL;
+ 
+diff --git a/clamonacc/client/socket.h b/clamonacc/client/socket.h
+index 915f9086ca..ea84fb4c41 100644
+--- a/clamonacc/client/socket.h
++++ b/clamonacc/client/socket.h
+@@ -31,4 +31,4 @@ struct onas_sock_t {
+ };
+ 
+ cl_error_t onas_set_sock_only_once(struct onas_context *ctx);
+-int onas_get_sockd();
++int onas_get_sockd(void);
+diff --git a/clamonacc/inotif/hash.c b/clamonacc/inotif/hash.c
+index e4b3f1f983..2bbc4cdbb4 100644
+--- a/clamonacc/inotif/hash.c
++++ b/clamonacc/inotif/hash.c
+@@ -58,7 +58,7 @@
+ 
+ #if defined(HAVE_SYS_FANOTIFY_H)
+ 
+-static struct onas_bucket *onas_bucket_init();
++static struct onas_bucket *onas_bucket_init(void);
+ static void onas_free_bucket(struct onas_bucket *bckt);
+ static int onas_bucket_insert(struct onas_bucket *bckt, struct onas_element *elem);
+ static int onas_bucket_remove(struct onas_bucket *bckt, struct onas_element *elem);
+diff --git a/clamonacc/inotif/inotif.c b/clamonacc/inotif/inotif.c
+index 7799ae4889..b8680e9856 100644
+--- a/clamonacc/inotif/inotif.c
++++ b/clamonacc/inotif/inotif.c
+@@ -66,7 +66,7 @@
+ 
+ static int onas_ddd_init_ht(uint32_t ht_size);
+ static int onas_ddd_init_wdlt(uint64_t nwatches);
+-static int onas_ddd_grow_wdlt();
++static int onas_ddd_grow_wdlt(void);
+ 
+ static int onas_ddd_watch(const char *pathname, int fan_fd, uint64_t fan_mask, int in_fd, uint64_t in_mask);
+ static int onas_ddd_watch_hierarchy(const char *pathname, size_t len, int fd, uint64_t mask, uint32_t type);
+diff --git a/clamonacc/scan/onas_queue.c b/clamonacc/scan/onas_queue.c
+index d279df7415..6fa7df6e96 100644
+--- a/clamonacc/scan/onas_queue.c
++++ b/clamonacc/scan/onas_queue.c
+@@ -82,7 +82,7 @@ static cl_error_t onas_new_event_queue_node(struct onas_event_queue_node **node)
+     return CL_SUCCESS;
+ }
+ 
+-static void *onas_init_event_queue()
++static void *onas_init_event_queue(void)
+ {
+ 
+     if (CL_EMEM == onas_new_event_queue_node(&g_onas_event_queue_head)) {
+@@ -122,7 +122,7 @@ static void onas_destroy_event_queue_node(struct onas_event_queue_node *node)
+     return;
+ }
+ 
+-static void onas_destroy_event_queue()
++static void onas_destroy_event_queue(void)
+ {
+ 
+     if (NULL == g_onas_event_queue_head) {
+@@ -200,7 +200,7 @@ void *onas_scan_queue_th(void *arg)
+     pthread_cleanup_pop(1);
+ }
+ 
+-static int onas_queue_is_b_empty()
++static int onas_queue_is_b_empty(void)
+ {
+ 
+     if (g_onas_event_queue.head->next == g_onas_event_queue.tail) {
+diff --git a/libclamav/matcher-pcre.h b/libclamav/matcher-pcre.h
+index 5ffc88fb26..b0bd51852b 100644
+--- a/libclamav/matcher-pcre.h
++++ b/libclamav/matcher-pcre.h
+@@ -68,11 +68,11 @@ struct cli_pcre_meta {
+ };
+ 
+ /* PCRE PERFORMANCE DECLARATIONS */
+-void cli_pcre_perf_print();
+-void cli_pcre_perf_events_destroy();
++void cli_pcre_perf_print(void);
++void cli_pcre_perf_events_destroy(void);
+ 
+ /* PCRE MATCHER DECLARATIONS */
+-int cli_pcre_init();
++int cli_pcre_init(void);
+ cl_error_t cli_pcre_addpatt(struct cli_matcher *root, const char *virname, const char *trigger, const char *pattern, const char *cflags, const char *offset, const uint32_t *lsigid, unsigned int options);
+ cl_error_t cli_pcre_build(struct cli_matcher *root, long long unsigned match_limit, long long unsigned recmatch_limit, const struct cli_dconf *dconf);
+ cl_error_t cli_pcre_recaloff(struct cli_matcher *root, struct cli_pcre_off *data, struct cli_target_info *info, cli_ctx *ctx);
+diff --git a/libclamav/regex_pcre.h b/libclamav/regex_pcre.h
+index d1f4127984..52653431d4 100644
+--- a/libclamav/regex_pcre.h
++++ b/libclamav/regex_pcre.h
+@@ -76,7 +76,7 @@ struct cli_pcre_results {
+ };
+ #endif
+ 
+-cl_error_t cli_pcre_init_internal();
++cl_error_t cli_pcre_init_internal(void);
+ cl_error_t cli_pcre_addoptions(struct cli_pcre_data *pd, const char **opt, int errout);
+ cl_error_t cli_pcre_compile(struct cli_pcre_data *pd, long long unsigned match_limit, long long unsigned match_limit_recursion, unsigned int options, int opt_override);
+ int cli_pcre_match(struct cli_pcre_data *pd, const unsigned char *buffer, size_t buflen, size_t override_offset, int options, struct cli_pcre_results *results);
+diff --git a/m4/reorganization/compiler_checks.m4 b/m4/reorganization/compiler_checks.m4
+index f7984f4cb2..80c81e1d30 100644
+--- a/m4/reorganization/compiler_checks.m4
++++ b/m4/reorganization/compiler_checks.m4
+@@ -121,7 +121,7 @@ extern void abort(void);
+   ((bb_size) > 0 && (sb_size) > 0 && (size_t)(sb_size) <= (size_t)(bb_size) \
+    && (sb) >= (bb) && ((sb) + (sb_size)) <= ((bb) + (bb_size)) && ((sb) + (sb_size)) > (bb) && (sb) < ((bb) + (bb_size)))
+ 
+-int crashtest()
++int crashtest(void)
+ {
+ 	unsigned int backsize, dcur;
+ 	int dval=0x12000, unp_offset;
+diff --git a/shared/misc.h b/shared/misc.h
+index 436c73117b..63fdea0f50 100644
+--- a/shared/misc.h
++++ b/shared/misc.h
+@@ -72,7 +72,7 @@ int daemonize(void);
+ /*closes stdin, stdout, stderr.  This is called by daemonize, but not
+  * daemonize_all_return.  Users of daemonize_all_return should call this
+  * when initialization is complete.*/
+-int close_std_descriptors();
++int close_std_descriptors(void);
+ 
+ /*Returns the return value of fork.  All processes return */
+ int daemonize_all_return(void);


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
@ 2024-09-05 14:45 Michael Orlitzky
  0 siblings, 0 replies; 15+ messages in thread
From: Michael Orlitzky @ 2024-09-05 14:45 UTC (permalink / raw
  To: gentoo-commits

commit:     d11fdf6428fab5bdf185322c3aa56e1829787e15
Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
AuthorDate: Thu Sep  5 12:56:32 2024 +0000
Commit:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
CommitDate: Thu Sep  5 14:43:49 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d11fdf64

app-antivirus/clamav: add 0.103.12

Also drop USE=ipv6, since inspecting the code shows that it does
absolutely nothing.

Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org>

 app-antivirus/clamav/Manifest                      |   1 +
 app-antivirus/clamav/clamav-0.103.12.ebuild        | 237 +++++++++++++++++++++
 .../files/clamav-0.103.12-missing-const.patch      |  13 ++
 3 files changed, 251 insertions(+)

diff --git a/app-antivirus/clamav/Manifest b/app-antivirus/clamav/Manifest
index 8950166567b5..0ad425ffd34c 100644
--- a/app-antivirus/clamav/Manifest
+++ b/app-antivirus/clamav/Manifest
@@ -38,6 +38,7 @@ DIST cexpr-0.6.0.crate 17966 BLAKE2B cb46f066eb1f4dbac00ec86dc3e562db7ee8ea5ff17
 DIST cfg-if-1.0.0.crate 7934 BLAKE2B e99a5589c11d79d77a4537b34ce0a45d37b981c123b79b807cea836c89fc3926d693458893baca2882448d3d44e3f64e06141f6d916b748daa10b8cc1ae16d1b SHA512 0fb16a8882fd30e86b62c5143b1cb18ab564e84e75bd1f28fd12f24ffdc4a42e0d2e012a99abb606c12efe3c11061ff5bf8e24ab053e550ae083f7d90f6576ff
 DIST chrono-0.4.38.crate 220559 BLAKE2B ab828bfeed56eb737a1797d5e1132cafe87a1e14bf7a1fe4a5098f50e6ceead50ca2e7f041cc2ff63d5f4e41e2853322f6c345bb31ff12a5b412e3e5202f5fea SHA512 858e47e3facebd5383e71898f26b27d92fe4a69027e2cc47da2af59975ead7767355e0b699f4228eabe76a3eff8b2519c7cecf8b60dc3fc60fbf9b28e2f3d4d9
 DIST clamav-0.103.11.tar.gz 16550978 BLAKE2B 9fba6d5b41ef07b017be26b7ebd832ca03146a68545f794924332c67429ba27603745e2ad7fc0f58c341c6d9267e5b5265c37525dba9cbb15ab616915ec2d605 SHA512 86241ee8058d9a3ccc13b89bb41aa16cfbeb65717fbcfeea6117b7885e8854f5673c22475e7d33ee4210a15d583e806f252657c07933f072455027f1531427b8
+DIST clamav-0.103.12.tar.gz 16507685 BLAKE2B bc31787625f85867bf21c4555aa2fd2998514986fb571fa4e6cb9fa3fedf61b493c517291b662054edc0bbe8d45649d9c244d943df01950e204baa9e537e3e32 SHA512 0e870a5fd035fbf090359ef7634b1b36e346ff3066b896ff17c2c6ace04f4c17e16181a21fead8b8b2f397de9ea47b928515b717a41996bac4c8efed4d16ec4e
 DIST clamav-1.0.5.tar.gz 10344955 BLAKE2B 1deceff859c9eec6185f6c83833333d1a030edd1c9dcc6788f669259b4922f332b564a7c6f3fa7f03ebe2051524132becb35cbd67526aac43e95ca3978793517 SHA512 7d46cf5555107d2856430a5f09f5dfd011b597d3dc7e691db3c956867b1314b50fd23008bf45b377d31493a12716c527159d163748d6ae759e97a041780da0d9
 DIST clamav-1.0.6.tar.gz 10345779 BLAKE2B fbbef034a7bf6e2b323007a3de2464b60cc0a564551ddd4169a72af0328cfc2485c14395626e8d0258dfbb3bb41bc895d26622ff2dfb5fcd1181e6595da6489b SHA512 907cf51f8e6776a81ec5501026c240266b0eb8f7631fcbbcd0f8514446925dc731d819ae758217f9ed9414ca385b64e67f6de0e5133c04ba7590bd1e4445e09e
 DIST clamav-1.2.2.tar.gz 10372690 BLAKE2B 47940236e38296ac908be4c5d1c5ce8bbc9ec5c69fa87b2472c941d2de9642e0ab6a59c63038aa706079e8efeb161083db69ad03eaaf27a6d05f4f1a5bb70aff SHA512 32562230f367a230f70dfca5ed5000ee8829a0da7452b0113e9dbaa47ef6b21901001f741b0e52ce52c02fe8f834bd559bcbdf1ea20495bead9c4976c3a4cc92

diff --git a/app-antivirus/clamav/clamav-0.103.12.ebuild b/app-antivirus/clamav/clamav-0.103.12.ebuild
new file mode 100644
index 000000000000..8a29edbb6daa
--- /dev/null
+++ b/app-antivirus/clamav/clamav-0.103.12.ebuild
@@ -0,0 +1,237 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic systemd tmpfiles
+
+DESCRIPTION="Clam Anti-Virus Scanner"
+HOMEPAGE="https://www.clamav.net/"
+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
+
+LICENSE="GPL-2 unRAR"
+SLOT="0/lts"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos"
+IUSE="bzip2 doc clamonacc clamdtop clamsubmit iconv libclamav-only milter metadata-analysis-api selinux systemd test xml"
+
+REQUIRED_USE="libclamav-only? ( !clamonacc !clamdtop !clamsubmit !milter !metadata-analysis-api )"
+
+RESTRICT="!test? ( test )"
+
+# Require acct-{user,group}/clamav at build time so that we can set
+# the permissions on /var/lib/clamav in src_install rather than in
+# pkg_postinst; calling "chown" on the live filesystem scares me.
+CDEPEND="acct-group/clamav
+	acct-user/clamav
+	dev-libs/libltdl
+	dev-libs/libmspack
+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
+	dev-libs/tomsfastmath
+	>=sys-libs/zlib-1.2.2:=
+	bzip2? ( app-arch/bzip2 )
+	clamdtop? ( sys-libs/ncurses:0 )
+	clamsubmit? ( net-misc/curl dev-libs/json-c:= )
+	elibc_musl? ( sys-libs/fts-standalone )
+	iconv? ( virtual/libiconv )
+	!libclamav-only? ( net-misc/curl )
+	dev-libs/openssl:0=
+	milter? ( mail-filter/libmilter:= )
+	xml? ( dev-libs/libxml2 )"
+
+# We need at least autoconf-2.69-r5 because that's the first (patched)
+# version of it in Gentoo that supports ./configure --runstatedir.
+BDEPEND=">=dev-build/autoconf-2.69-r5
+	virtual/pkgconfig"
+
+DEPEND="${CDEPEND}
+	metadata-analysis-api? ( dev-libs/json-c:* )
+	test? ( dev-libs/check )"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-clamav )"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-0.102.1-libxml2_pkgconfig.patch" #661328
+	"${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616
+	"${FILESDIR}/${PN}-0.103.0-system-tomsfastmath.patch" # 649394
+	"${FILESDIR}/${PN}-0.103.1-upstream-openrc.patch"
+	"${FILESDIR}/${PN}-0.103.12-missing-const.patch"
+)
+
+src_prepare() {
+	default
+
+	# Be extra sure that we're using the system copy of tomsfastmath
+	einfo "removing bundled copy of dev-libs/tomsfastmath"
+	rm -r libclamav/tomsfastmath || \
+		die "failed to remove bundled tomsfastmath"
+
+	AT_NO_RECURSIVE="yes" eautoreconf
+}
+
+src_configure() {
+	use elibc_musl && append-ldflags -lfts
+	use ppc64 && append-flags -mminimal-toc
+
+	# according to configure help it should be
+	# $(use_enable xml)
+	# but that does not work
+	# do not add this, since --disable-xml seems to override
+	# --without-xml
+	JSONUSE="--without-libjson"
+
+	if use clamsubmit || use metadata-analysis-api; then
+		# either of those 2 requires libjson.
+		# clamsubmit will be built as soon as libjson and curl are found
+		# but we only install the binary if requested
+		JSONUSE="--with-libjson=${EPREFIX}/usr"
+	fi
+
+	local myeconfargs=(
+		$(use_enable bzip2)
+		$(use_enable clamonacc)
+		$(use_enable clamdtop)
+		$(use_enable milter)
+		$(use_enable test check)
+		$(use_with xml)
+		$(use_with iconv)
+		${JSONUSE}
+		$(use_enable libclamav-only)
+		$(use_with !libclamav-only libcurl)
+		--enable-ipv6
+		--with-system-libmspack
+		--cache-file="${S}"/config.cache
+		--disable-experimental
+		--disable-static
+		--disable-zlib-vcheck
+		--enable-id-check
+		--with-dbdir="${EPREFIX}"/var/lib/clamav
+		# Don't call --with-zlib=/usr (see bug #699296)
+		--with-zlib
+		--disable-llvm
+		--enable-openrc
+		--runstatedir=/run
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	rm -rf "${ED}"/var/lib/clamav || die
+
+	if ! use libclamav-only ; then
+		if use systemd; then
+			# The tmpfiles entry is behind USE=systemd because the
+			# OpenRC service scripts should (and do) ensure that the
+			# directories they need exist and have the correct
+			# permissions without the help of tmpfiles.
+			newtmpfiles "${FILESDIR}/tmpfiles.d/clamav-r1.conf" clamav.conf
+			systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
+			systemd_dounit "${FILESDIR}/clamd.service"
+			systemd_newunit "${FILESDIR}/freshclamd.service-r1" \
+							"freshclamd.service"
+		fi
+
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}/clamd.logrotate" clamd
+		newins "${FILESDIR}/freshclam.logrotate" freshclam
+		use milter && \
+			newins "${FILESDIR}/clamav-milter.logrotate-r1" clamav-milter
+
+		# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s/^#\(PidFile .*\)/\1/" \
+			-e "s/^#\(LocalSocket .*\)/\1/" \
+			-e "s/^#\(User .*\)/\1/" \
+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
+			-e "s:^\#\(LogTime\).*:\1 yes:" \
+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \
+			"${ED}"/etc/clamd.conf.sample || die
+
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s/^#\(PidFile .*\)/\1/" \
+			-e "s/^#\(DatabaseOwner .*\)/\1/" \
+			-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
+			-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
+			-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \
+			"${ED}"/etc/freshclam.conf.sample || die
+
+		if use milter ; then
+			# Note: only keep the "unix" ClamdSocket and MilterSocket!
+			sed -i -e "s:^\(Example\):\# \1:" \
+				-e "s/^#\(PidFile .*\)/\1/" \
+				-e "s/^#\(ClamdSocket unix:.*\)/\1/" \
+				-e "s/^#\(User .*\)/\1/" \
+				-e "s/^#\(MilterSocket unix:.*\)/\1/" \
+				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
+				"${ED}"/etc/clamav-milter.conf.sample || die
+
+			cat >> "${ED}"/etc/conf.d/clamd <<-EOF
+				MILTER_NICELEVEL=19
+				START_MILTER=no
+			EOF
+
+			systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
+		fi
+
+		local i
+		for i in clamd freshclam clamav-milter
+		do
+			if [[ -f "${ED}"/etc/"${i}".conf.sample ]]; then
+				mv "${ED}"/etc/"${i}".conf{.sample,} || die
+			fi
+		done
+
+		# These both need to be writable by the clamav user.
+		# TODO: use syslog by default; that's what it's for.
+		diropts -o clamav -g clamav
+		keepdir /var/lib/clamav
+		keepdir /var/log/clamav
+	fi
+
+	if use doc ; then
+		local HTML_DOCS=( docs/html/. )
+		einstalldocs
+
+		if ! use libclamav-only ; then
+			doman docs/man/*.[1-8]
+		fi
+	fi
+
+	find "${ED}" -name '*.la' -delete || die
+}
+
+src_test() {
+	if use libclamav-only ; then
+		ewarn "Test target not available when USE=libclamav-only is set, skipping tests ..."
+		return 0
+	fi
+
+	emake quick-check
+}
+
+pkg_postinst() {
+	if ! use libclamav-only ; then
+		if use systemd ; then
+			tmpfiles_process clamav.conf
+		fi
+	fi
+
+	if use milter ; then
+		elog "For simple instructions how to setup the clamav-milter read the"
+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
+	fi
+
+	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
+	if [[ ! -f "${databases}" ]] ; then
+		ewarn "You must run freshclam manually to populate the virus database"
+		ewarn "before starting clamav for the first time."
+	fi
+
+	ewarn "This version of ClamAV provides separate OpenRC services"
+	ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"
+	ewarn "clamd service now starts only the clamd daemon itself. You"
+	ewarn "should add freshclam (and perhaps clamav-milter) to any"
+	ewarn "runlevels that previously contained clamd."
+}

diff --git a/app-antivirus/clamav/files/clamav-0.103.12-missing-const.patch b/app-antivirus/clamav/files/clamav-0.103.12-missing-const.patch
new file mode 100644
index 000000000000..39b98b7f4732
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.103.12-missing-const.patch
@@ -0,0 +1,13 @@
+diff --git a/libclamav/regex/engine.c b/libclamav/regex/engine.c
+index ed359c3..3c25398 100644
+--- a/libclamav/regex/engine.c
++++ b/libclamav/regex/engine.c
+@@ -223,7 +223,7 @@ matcher(struct re_guts *g, const char *string, size_t nmatch,
+ 			dp = dissect(m, m->coldp, endp, gf, gl);
+ 		} else {
+ 			if (g->nplus > 0 && m->lastpos == NULL)
+-				m->lastpos = (char **)cli_malloc((g->nplus+1) *
++				m->lastpos = (const char **)cli_malloc((g->nplus+1) *
+ 							sizeof(char *));
+ 			if (g->nplus > 0 && m->lastpos == NULL) {
+ 				free(m->pmatch);


^ permalink raw reply related	[flat|nested] 15+ messages in thread

end of thread, other threads:[~2024-09-05 14:45 UTC | newest]

Thread overview: 15+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-12-18  1:10 [gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/ Michael Orlitzky
  -- strict thread matches above, loose matches on Subject: below --
2024-09-05 14:45 Michael Orlitzky
2023-02-15 22:51 Michael Orlitzky
2023-01-05  7:47 Sam James
2021-06-29  4:40 Sam James
2020-06-21 13:38 Michael Orlitzky
2020-03-20 23:50 Thomas Deutschmann
2019-10-14  7:11 Lars Wendler
2018-04-20 12:03 Thomas Raschbacher
2018-04-12 12:13 Thomas Raschbacher
2018-03-29 22:42 Thomas Deutschmann
2018-01-26 15:23 Thomas Deutschmann
2017-12-07 15:29 Craig Andrews
2017-11-23 22:30 Robin H. Johnson
2017-01-27 19:44 Austin English

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox