head 1.4; access; symbols pkgsrc-2013Q2:1.4.0.16 pkgsrc-2013Q2-base:1.4 pkgsrc-2012Q4:1.4.0.14 pkgsrc-2012Q4-base:1.4 pkgsrc-2011Q4:1.4.0.12 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q2:1.4.0.10 pkgsrc-2011Q2-base:1.4 pkgsrc-2009Q4:1.4.0.8 pkgsrc-2009Q4-base:1.4 pkgsrc-2008Q4:1.4.0.6 pkgsrc-2008Q4-base:1.4 pkgsrc-2008Q3:1.4.0.4 pkgsrc-2008Q3-base:1.4 cube-native-xorg:1.4.0.2 cube-native-xorg-base:1.4 pkgsrc-2008Q2:1.3.0.4 pkgsrc-2008Q2-base:1.3 cwrapper:1.3.0.2 pkgsrc-2008Q1:1.1.0.4 pkgsrc-2008Q1-base:1.1 pkgsrc-2007Q4:1.1.0.2; locks; strict; comment @# @; 1.4 date 2008.09.04.06.44.07; author martti; state dead; branches; next 1.3; 1.3 date 2008.06.10.08.23.54; author martti; state Exp; branches 1.3.4.1; next 1.2; 1.2 date 2008.04.15.07.56.06; author martti; state Exp; branches; next 1.1; 1.1 date 2008.02.12.14.17.16; author martti; state Exp; branches 1.1.2.1 1.1.4.1; next ; 1.3.4.1 date 2008.09.05.11.41.53; author ghen; state dead; branches; next ; 1.1.2.1 date 2008.02.12.14.17.16; author ghen; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2008.02.19.11.24.54; author ghen; state Exp; branches; next ; 1.1.4.1 date 2008.04.16.19.23.54; author ghen; state Exp; branches; next 1.1.4.2; 1.1.4.2 date 2008.06.13.13.57.36; author ghen; state Exp; branches; next ; desc @@ 1.4 log @Updated mail/clamav to 0.94 * Lots of bug fixes I removed patch-ba and tested this on NetBSD/i386 3.1.1_PATCH and NetBSD/amd64 4.0_STABLE and everything seems to work... @ text @$NetBSD: patch-ba,v 1.3 2008/06/10 08:23:54 martti Exp $ Fix pkg/36853 --- clamav-milter/clamav-milter.c.orig 2008-06-10 10:42:12.000000000 +0300 +++ clamav-milter/clamav-milter.c 2008-06-10 10:42:58.000000000 +0300 @@@@ -90,6 +90,9 @@@@ #if HAVE_RESOLV_H #include /* for HEADER */ #include +#if __RES >= 20030124 +#define HAVE_BIND9 +#endif #endif #ifdef HAVE_UNISTD_H #include @@@@ -513,6 +516,20 @@@@ #endif /*SESSION*/ static pthread_cond_t watchdog_cond = PTHREAD_COND_INITIALIZER; +#ifndef HAVE_BIND9 +static pthread_mutex_t res_mutex = PTHREAD_MUTEX_INITIALIZER; +#define RES_QUERY(len, h, c, t, q, s) \ + do { \ + pthread_mutex_lock(&res_mutex); \ + len = res_query((h), (c), (t), (q), (s)); \ + pthread_mutex_unlock(&res_mutex); \ + } while (/*CONSTCOND*/0) +#else +static pthread_key_t res_key; +#define RES_QUERY(len, h, c, t, q, s) \ + len = res_nquery((res_state)pthread_getspecific(res_key), \ + (h), (c), (t), (q), (s)) +#endif #ifndef SHUT_RD #define SHUT_RD 0 @@@@ -2053,12 +2070,19 @@@@ logg(_("Starting %s\n"), clamav_version); logg(_("*Debugging is on\n")); +#ifndef HAVE_BIND9 if(!(_res.options&RES_INIT)) if(res_init() < 0) { fprintf(stderr, "%s: Can't initialise the resolver\n", argv[0]); return EX_UNAVAILABLE; } +#else + if (pthread_key_create(&res_key, free)) { + perror("pthread_key_create"); + return EX_UNAVAILABLE; + } +#endif if(blacklist_time) { char name[MAXHOSTNAMELEN + 1]; @@@@ -2574,6 +2598,18 @@@@ int sock = s->sock; struct sockaddr *server = (struct sockaddr *)s->server; int server_index = s->server_index; +#ifdef HAVE_BIND9 + res_state res = cli_calloc(1, sizeof(*res)); + if (pthread_setspecific(res_key, res)) { + perror("pthread_setspecific"); + free(res); + return NULL; + } + if (res_ninit(res) < 0) { + perror("res_ninit"); + return NULL; + } +#endif if(last_failed_pings[server_index]) { s->rc = 0; @@@@ -6178,7 +6214,7 @@@@ return NULL; } - len = res_query(host, C_IN, T_MX, (u_char *)&q, sizeof(q)); + RES_QUERY(len, host, C_IN, T_MX, (u_char *)&q, sizeof(q)); if(len < 0) return t; /* Host has no MX records */ @@@@ -6247,7 +6283,7 @@@@ if((host == NULL) || (*host == '\0')) return t; - len = res_query(host, C_IN, T_A, (u_char *)&q, sizeof(q)); + RES_QUERY(len, host, C_IN, T_A, (u_char *)&q, sizeof(q)); if(len < 0) return t; /* Host has no A records */ @@@@ -6306,7 +6342,6 @@@@ * an SPF system, we ONLY use SPF records to reduce phish false positives * TODO: IPv6? * TODO: cache queries? - * TODO: check res_query is thread safe * * INPUT: prevhosts, a list of hosts already searched: stops include loops * e.g. mercado.com includes medrcadosw.com which includes mercado.com, @@@@ -6358,7 +6393,7 @@@@ *ptr = '\0'; logg("*SPF query '%s'\n", host); - len = res_query(host, C_IN, T_TXT, (u_char *)&q, sizeof(q)); + RES_QUERY(len, host, C_IN, T_TXT, (u_char *)&q, sizeof(q)); if(len < 0) { free(host); return 0; /* Host has no TXT records */ @ 1.3 log @Updated mail/clamav to 0.93.1 * libclamav/petite.c: fix possible invalid memory access (bb#1000) Reported by Damian Put * clamdscan/clamdscan.c: don't show scan summary when clamd cannot be contacted (bb#1041) * libclamav/hashtab.[ch], scanners.c: avoid using C99 flexible array members (bb #1039) * libclamav/unzip.c: correct the previous fix * libclamav/unzip.c: check for unprefixed bz2 - bb#1038 * libclamav/ole2_extract.c: revert last commit * libclamav/ole2_extract.c: use cli_unlink * libclamav/ole2_extract.c: partial scan of broken ole files * contrib/init/RedHat: check for already running clamav-milter (bb #823) * libclamav/regex: avoid name collisions on AIX (bb #947) sync with libc: minor cleanups * doc/clamdoc.tex: add a note about forking daemons (bb#906) * libclamav/Makefile.am: link .la files first, this should avoid linking to old libclamav as in bb #931 * libclamav/readdb.h: read daily.cfg stored inside .cld containers (bb#1006) * libclamav/mbox.c, shared/network.c: prevent uninitialized use of hostent structure (bb #1003). * libclamav/mspack.c: downgrade some error messages (bb#911) * clamav-milter: retrieve db version from daily.cld (bb#942) * libclamav/scanners.c: don't return CL_EMAX* error codes to applications (bb#1001) * clamscan/manager.c: print information about clean files when the RAR code is not compiled-in (bb#999) * libclamav/unzip.c: remove detection of Suspect.Zip and Exploit.Zip.ModifiedHeaders (bb#997) * libclamav: scan for embedded PEs inside OLE2 files (bb#914) * libclamav/cvd.c: add work-around for zlib issues with mixed data (bb#932) * libclamav/others.h: explicitely cast some constants (bb#936) * sigtool/sigtool.c: bb#938 (sigtool --list-sigs not working with .cld files) * libclamav/dconf.h: fix flag code assignment (bb #952) * libclamav/iana_tld.h, libclamav/phishcheck.c: update TLD list (bb #925) @ text @d1 1 a1 1 $NetBSD: patch-ba,v 1.2 2008/04/15 07:56:06 martti Exp $ @ 1.3.4.1 log @Pullup ticket 2518 - requested by martti security update for clamav - pkgsrc/mail/clamav/Makefile 1.87 - pkgsrc/mail/clamav/buildlink3.mk 1.16 - pkgsrc/mail/clamav/distinfo 1.54 - pkgsrc/mail/clamav/patches/patch-ad 1.15 - pkgsrc/mail/clamav/patches/patch-af 1.6 - pkgsrc/mail/clamav/patches/patch-ah 1.16 - pkgsrc/mail/clamav/patches/patch-ba removed Module Name: pkgsrc Committed By: martti Date: Thu Sep 4 06:44:07 UTC 2008 Modified Files: pkgsrc/mail/clamav: Makefile buildlink3.mk distinfo pkgsrc/mail/clamav/patches: patch-ad patch-af patch-ah Removed Files: pkgsrc/mail/clamav/patches: patch-ba Log Message: Updated mail/clamav to 0.94 * Lots of bug fixes I removed patch-ba and tested this on NetBSD/i386 3.1.1_PATCH and NetBSD/amd64 4.0_STABLE and everything seems to work... @ text @d1 1 a1 1 $NetBSD: patch-ba,v 1.3 2008/06/10 08:23:54 martti Exp $ @ 1.2 log @Updated mail/clamav to 0.93 http://secunia.com/secunia_research/2008-11/advisory/ http://www.frsirt.com/english/advisories/2008/1218 Changes since 0.92.1 This release introduces many new features and engine enhancements, please see the notes below for the list of major changes. The most visible one is the new logic in scan limits which affects some command line and config options of clamscan and clamd. Please see clamscan(1) and clamd.conf(5) and the example config file for more information on the new options. Most important changes include: * libclamav: - New logic in scan limits: provides much more efficient protection against DoS attacks but also results in different command line and config options to clamscan and clamd (see below) - New/improved modules: unzip, SIS, cabinet, CHM, SZDD, text normalisator, entity converter - Improved filetype detection; filetype definitions can be remotely updated - Support for .cld containers (which replace .inc directories) - Improved pattern matcher and signature formats - More efficient scanning of HTML files - Many other improvements * clamd: - NEW CONFIG FILE OPTIONS: MaxScanSize, MaxFileSize, MaxRecursion, MaxFiles - ** THE FOLLOWING OPTIONS ARE NO LONGER SUPPORTED **: MailMaxRecursion, ArchiveMaxFileSize, ArchiveMaxRecursion, ArchiveMaxFiles, ArchiveMaxCompressionRatio, ArchiveBlockMax * clamscan: - NEW CMDLINE OPTIONS: --max-filesize, --max-scansize - REMOVED OPTIONS: --block-max, --max-space, --max-ratio * freshclam: - NEW CONFIG OPTION CompressLocalDatabase - NEW CMDLINE SWITCH --no-warnings - main.inc and daily.inc directories are no longer used by ClamAV; please remove them manually from your database directory @ text @d1 1 a1 1 $NetBSD: patch-ba,v 1.1 2008/02/12 14:17:16 martti Exp $ d5 2 a6 2 --- clamav-milter/clamav-milter.c.orig 2008-04-15 10:32:16.000000000 +0300 +++ clamav-milter/clamav-milter.c 2008-04-15 10:32:35.000000000 +0300 d38 1 a38 1 @@@@ -2051,12 +2068,19 @@@@ d58 1 a58 1 @@@@ -2571,6 +2595,18 @@@@ d77 1 a77 1 @@@@ -6172,7 +6208,7 @@@@ d86 1 a86 1 @@@@ -6241,7 +6277,7 @@@@ d95 1 a95 1 @@@@ -6300,7 +6336,6 @@@@ d103 1 a103 1 @@@@ -6352,7 +6387,7 @@@@ @ 1.1 log @Updated mail/clamav to 0.92.1 * Fix pkg/36853 with patch from Christos Zoulas (patch-ba) * Lots of bug fixes since 0.92 @ text @d1 1 a1 1 $NetBSD$ d5 2 a6 2 --- clamav-milter/clamav-milter.c.orig 2008-02-12 16:03:08.000000000 +0200 +++ clamav-milter/clamav-milter.c 2008-02-12 16:04:59.000000000 +0200 d17 1 a17 1 @@@@ -505,6 +508,20 @@@@ d38 1 a38 1 @@@@ -2061,12 +2078,19 @@@@ d58 1 a58 1 @@@@ -2577,6 +2601,18 @@@@ d77 1 a77 1 @@@@ -6137,7 +6173,7 @@@@ d86 1 a86 1 @@@@ -6206,7 +6242,7 @@@@ d95 1 a95 1 @@@@ -6265,7 +6301,6 @@@@ d103 1 a103 1 @@@@ -6317,7 +6352,7 @@@@ @ 1.1.4.1 log @Pullup ticket 2333 - requested by martti latest update for clamav - pkgsrc/mail/clamav/Makefile 1.83 - pkgsrc/mail/clamav/distinfo 1.51 - pkgsrc/mail/clamav/patches/patch-ad 1.14 - pkgsrc/mail/clamav/patches/patch-af 1.5 - pkgsrc/mail/clamav/patches/patch-ah 1.14 - pkgsrc/mail/clamav/patches/patch-ba 1.2 Module Name: pkgsrc Committed By: martti Date: Tue Apr 15 07:56:06 UTC 2008 Modified Files: pkgsrc/mail/clamav: Makefile distinfo pkgsrc/mail/clamav/patches: patch-ad patch-af patch-ah patch-ba Log Message: Updated mail/clamav to 0.93 http://secunia.com/secunia_research/2008-11/advisory/ http://www.frsirt.com/english/advisories/2008/1218 Changes since 0.92.1 This release introduces many new features and engine enhancements, please see the notes below for the list of major changes. The most visible one is the new logic in scan limits which affects some command line and config options of clamscan and clamd. Please see clamscan(1) and clamd.conf(5) and the example config file for more information on the new options. Most important changes include: * libclamav: - New logic in scan limits: provides much more efficient protection against DoS attacks but also results in different command line and config options to clamscan and clamd (see below) - New/improved modules: unzip, SIS, cabinet, CHM, SZDD, text normalisator, entity converter - Improved filetype detection; filetype definitions can be remotely updated - Support for .cld containers (which replace .inc directories) - Improved pattern matcher and signature formats - More efficient scanning of HTML files - Many other improvements * clamd: - NEW CONFIG FILE OPTIONS: MaxScanSize, MaxFileSize, MaxRecursion, MaxFiles - ** THE FOLLOWING OPTIONS ARE NO LONGER SUPPORTED **: MailMaxRecursion, ArchiveMaxFileSize, ArchiveMaxRecursion, ArchiveMaxFiles, ArchiveMaxCompressionRatio, ArchiveBlockMax * clamscan: - NEW CMDLINE OPTIONS: --max-filesize, --max-scansize - REMOVED OPTIONS: --block-max, --max-space, --max-ratio * freshclam: - NEW CONFIG OPTION CompressLocalDatabase - NEW CMDLINE SWITCH --no-warnings - main.inc and daily.inc directories are no longer used by ClamAV; please remove them manually from your database directory @ text @d1 1 a1 1 $NetBSD: patch-ba,v 1.1 2008/02/12 14:17:16 martti Exp $ d5 2 a6 2 --- clamav-milter/clamav-milter.c.orig 2008-04-15 10:32:16.000000000 +0300 +++ clamav-milter/clamav-milter.c 2008-04-15 10:32:35.000000000 +0300 d17 1 a17 1 @@@@ -513,6 +516,20 @@@@ d38 1 a38 1 @@@@ -2051,12 +2068,19 @@@@ d58 1 a58 1 @@@@ -2571,6 +2595,18 @@@@ d77 1 a77 1 @@@@ -6172,7 +6208,7 @@@@ d86 1 a86 1 @@@@ -6241,7 +6277,7 @@@@ d95 1 a95 1 @@@@ -6300,7 +6336,6 @@@@ d103 1 a103 1 @@@@ -6352,7 +6387,7 @@@@ @ 1.1.4.2 log @Pullup ticket 2422 - requested by martti latest update for clamav - pkgsrc/mail/clamav/Makefile 1.84 - pkgsrc/mail/clamav/distinfo 1.52 - pkgsrc/mail/clamav/patches/patch-ah 1.15 - pkgsrc/mail/clamav/patches/patch-ba 1.3 Module Name: pkgsrc Committed By: martti Date: Tue Jun 10 08:23:54 UTC 2008 Modified Files: pkgsrc/mail/clamav: Makefile distinfo pkgsrc/mail/clamav/patches: patch-ah patch-ba Log Message: Updated mail/clamav to 0.93.1 * libclamav/petite.c: fix possible invalid memory access (bb#1000) Reported by Damian Put * clamdscan/clamdscan.c: don't show scan summary when clamd cannot be contacted (bb#1041) * libclamav/hashtab.[ch], scanners.c: avoid using C99 flexible array members (bb #1039) * libclamav/unzip.c: correct the previous fix * libclamav/unzip.c: check for unprefixed bz2 - bb#1038 * libclamav/ole2_extract.c: revert last commit * libclamav/ole2_extract.c: use cli_unlink * libclamav/ole2_extract.c: partial scan of broken ole files * contrib/init/RedHat: check for already running clamav-milter (bb #823) * libclamav/regex: avoid name collisions on AIX (bb #947) sync with libc: minor cleanups * doc/clamdoc.tex: add a note about forking daemons (bb#906) * libclamav/Makefile.am: link .la files first, this should avoid linking to old libclamav as in bb #931 * libclamav/readdb.h: read daily.cfg stored inside .cld containers (bb#1006) * libclamav/mbox.c, shared/network.c: prevent uninitialized use of hostent structure (bb #1003). * libclamav/mspack.c: downgrade some error messages (bb#911) * clamav-milter: retrieve db version from daily.cld (bb#942) * libclamav/scanners.c: don't return CL_EMAX* error codes to applications (bb#1001) * clamscan/manager.c: print information about clean files when the RAR code is not compiled-in (bb#999) * libclamav/unzip.c: remove detection of Suspect.Zip and Exploit.Zip.ModifiedHeaders (bb#997) * libclamav: scan for embedded PEs inside OLE2 files (bb#914) * libclamav/cvd.c: add work-around for zlib issues with mixed data (bb#932) * libclamav/others.h: explicitely cast some constants (bb#936) * sigtool/sigtool.c: bb#938 (sigtool --list-sigs not working with .cld files) * libclamav/dconf.h: fix flag code assignment (bb #952) * libclamav/iana_tld.h, libclamav/phishcheck.c: update TLD list (bb #925) @ text @d1 1 a1 1 $NetBSD: patch-ba,v 1.1.4.1 2008/04/16 19:23:54 ghen Exp $ d5 2 a6 2 --- clamav-milter/clamav-milter.c.orig 2008-06-10 10:42:12.000000000 +0300 +++ clamav-milter/clamav-milter.c 2008-06-10 10:42:58.000000000 +0300 d38 1 a38 1 @@@@ -2053,12 +2070,19 @@@@ d58 1 a58 1 @@@@ -2574,6 +2598,18 @@@@ d77 1 a77 1 @@@@ -6178,7 +6214,7 @@@@ d86 1 a86 1 @@@@ -6247,7 +6283,7 @@@@ d95 1 a95 1 @@@@ -6306,7 +6342,6 @@@@ d103 1 a103 1 @@@@ -6358,7 +6393,7 @@@@ @ 1.1.2.1 log @file patch-ba was added on branch pkgsrc-2007Q4 on 2008-02-19 11:24:54 +0000 @ text @d1 111 @ 1.1.2.2 log @Pullup ticket 2288 - requested by martti latest update for clamav - pkgsrc/mail/clamav/Makefile 1.82 - pkgsrc/mail/clamav/buildlink3.mk 1.15 - pkgsrc/mail/clamav/distinfo 1.50 - pkgsrc/mail/clamav/patches/patch-ah 1.13 - pkgsrc/mail/clamav/patches/patch-ba 1.1 Module Name: pkgsrc Committed By: martti Date: Tue Feb 12 14:17:16 UTC 2008 Modified Files: pkgsrc/mail/clamav: Makefile buildlink3.mk distinfo pkgsrc/mail/clamav/patches: patch-ah Added Files: pkgsrc/mail/clamav/patches: patch-ba Log Message: Updated mail/clamav to 0.92.1 * Fix pkg/36853 with patch from Christos Zoulas (patch-ba) * Lots of bug fixes since 0.92 @ text @a0 111 $NetBSD$ Fix pkg/36853 --- clamav-milter/clamav-milter.c.orig 2008-02-12 16:03:08.000000000 +0200 +++ clamav-milter/clamav-milter.c 2008-02-12 16:04:59.000000000 +0200 @@@@ -90,6 +90,9 @@@@ #if HAVE_RESOLV_H #include /* for HEADER */ #include +#if __RES >= 20030124 +#define HAVE_BIND9 +#endif #endif #ifdef HAVE_UNISTD_H #include @@@@ -505,6 +508,20 @@@@ #endif /*SESSION*/ static pthread_cond_t watchdog_cond = PTHREAD_COND_INITIALIZER; +#ifndef HAVE_BIND9 +static pthread_mutex_t res_mutex = PTHREAD_MUTEX_INITIALIZER; +#define RES_QUERY(len, h, c, t, q, s) \ + do { \ + pthread_mutex_lock(&res_mutex); \ + len = res_query((h), (c), (t), (q), (s)); \ + pthread_mutex_unlock(&res_mutex); \ + } while (/*CONSTCOND*/0) +#else +static pthread_key_t res_key; +#define RES_QUERY(len, h, c, t, q, s) \ + len = res_nquery((res_state)pthread_getspecific(res_key), \ + (h), (c), (t), (q), (s)) +#endif #ifndef SHUT_RD #define SHUT_RD 0 @@@@ -2061,12 +2078,19 @@@@ logg(_("Starting %s\n"), clamav_version); logg(_("*Debugging is on\n")); +#ifndef HAVE_BIND9 if(!(_res.options&RES_INIT)) if(res_init() < 0) { fprintf(stderr, "%s: Can't initialise the resolver\n", argv[0]); return EX_UNAVAILABLE; } +#else + if (pthread_key_create(&res_key, free)) { + perror("pthread_key_create"); + return EX_UNAVAILABLE; + } +#endif if(blacklist_time) { char name[MAXHOSTNAMELEN + 1]; @@@@ -2577,6 +2601,18 @@@@ int sock = s->sock; struct sockaddr *server = (struct sockaddr *)s->server; int server_index = s->server_index; +#ifdef HAVE_BIND9 + res_state res = cli_calloc(1, sizeof(*res)); + if (pthread_setspecific(res_key, res)) { + perror("pthread_setspecific"); + free(res); + return NULL; + } + if (res_ninit(res) < 0) { + perror("res_ninit"); + return NULL; + } +#endif if(last_failed_pings[server_index]) { s->rc = 0; @@@@ -6137,7 +6173,7 @@@@ return NULL; } - len = res_query(host, C_IN, T_MX, (u_char *)&q, sizeof(q)); + RES_QUERY(len, host, C_IN, T_MX, (u_char *)&q, sizeof(q)); if(len < 0) return t; /* Host has no MX records */ @@@@ -6206,7 +6242,7 @@@@ if((host == NULL) || (*host == '\0')) return t; - len = res_query(host, C_IN, T_A, (u_char *)&q, sizeof(q)); + RES_QUERY(len, host, C_IN, T_A, (u_char *)&q, sizeof(q)); if(len < 0) return t; /* Host has no A records */ @@@@ -6265,7 +6301,6 @@@@ * an SPF system, we ONLY use SPF records to reduce phish false positives * TODO: IPv6? * TODO: cache queries? - * TODO: check res_query is thread safe * * INPUT: prevhosts, a list of hosts already searched: stops include loops * e.g. mercado.com includes medrcadosw.com which includes mercado.com, @@@@ -6317,7 +6352,7 @@@@ *ptr = '\0'; logg("*SPF query '%s'\n", host); - len = res_query(host, C_IN, T_TXT, (u_char *)&q, sizeof(q)); + RES_QUERY(len, host, C_IN, T_TXT, (u_char *)&q, sizeof(q)); if(len < 0) { free(host); return 0; /* Host has no TXT records */ @