"Mark Pizzolato" <[EMAIL PROTECTED]> schrieb: > It would seem that the better thing to do would be to use the > internal timestamp in the database (i.e. the cvd's stime).
That's not possible :(.
Because of the current signature-update-process the cvd-build-time is always (a few seconds or a few minutes) before the last-modified-time on the update-servers.
Hmmm... I see that now.
So, you're suggesting that the modified times on the http servers (and mirrors), will essentially always be later than the internal timestamp, and we'd always end up copying a new database. That sort of makes sense.
HOWEVER...
I didn't see that before since when I tested with:
freshclam --no-dns --daemon --verbose --debug --checks=1440
Current working dir is /usr/share/clamav
Max retries == 3
ClamAV update process started at Mon Mar 14 09:22:26 2005
Connected to db.us.clamav.net (IP: 66.111.55.10).
Trying to retrieve http://db.us.clamav.net/main.cvd
If-Modified-Since: Tue, 08 Mar 2005 00:17:01 GMT
Reading CVD header (main.cvd): OK
main.cvd is up to date (version: 30, sigs: 31086, f-level: 4, builder: tkojm)
Connected to db.us.clamav.net (IP: 66.111.55.10).
Trying to retrieve http://db.us.clamav.net/daily.cvd
If-Modified-Since: Thu, 10 Mar 2005 21:01:48 GMT
Reading CVD header (daily.cvd): OK
Retrieving http://db.us.clamav.net/daily.cvd
Downloading daily.cvd [*]
daily.cvd updated (version: 762, sigs: 520, f-level: 4, builder: ccordes)
Database updated (31606 signatures) from db.us.clamav.net (IP: 66.111.55.10)
Clamd successfully notified about the update.
ClamAV update process started at Mon Mar 14 09:23:36 2005
Connected to db.us.clamav.net (IP: 207.201.202.73).
Trying to retrieve http://db.us.clamav.net/main.cvd
If-Modified-Since: Tue, 08 Mar 2005 00:17:01 GMT
Reading CVD header (main.cvd): OK
main.cvd is up to date (version: 30, sigs: 31086, f-level: 4, builder: tkojm)
Connected to db.us.clamav.net (IP: 207.201.202.73).
Trying to retrieve http://db.us.clamav.net/daily.cvd
If-Modified-Since: Sun, 13 Mar 2005 23:35:33 GMT
Reading CVD header (daily.cvd): OK
daily.cvd is up to date (version: 762, sigs: 520, f-level: 4, builder: ccordes)
Max retries == 3
ClamAV update process started at Mon Mar 14 09:24:36 2005
Connected to db.us.clamav.net (IP: 216.24.174.245).
Trying to retrieve http://db.us.clamav.net/main.cvd
If-Modified-Since: Tue, 08 Mar 2005 00:17:01 GMT
Reading CVD header (main.cvd): OK
main.cvd is up to date (version: 30, sigs: 31086, f-level: 4, builder: tkojm)
Connected to db.us.clamav.net (IP: 216.24.174.245).
Trying to retrieve http://db.us.clamav.net/daily.cvd
If-Modified-Since: Sun, 13 Mar 2005 23:35:33 GMT
Reading CVD header (daily.cvd): OK
daily.cvd is up to date (version: 762, sigs: 520, f-level: 4, builder: ccordes)
The above output is produced with the proposed patch applied and the following for local clamav databases (local timezone is -0800):
$ ls -l /usr/share/clamav/
total 1.8M
-rw-r--r-- 1 clamav clamav 70K Mar 14 09:22 daily.cvd
-rw-r--r-- 1 clamav clamav 1.8M Mar 8 11:58 main.cvdBased on what you are suggesting, I wonder why the If-Modified-Since http request isn't returning a new file each time.
A network trace of the http traffic illuminates what is happening:
GET /daily.cvd HTTP/1.1
Host: db.us.clamav.net
User-Agent: clamav/devel-20050309
Connection: close
Range: bytes=0-511
If-Modified-Since: Sun, 13 Mar 2005 23:35:33 GMT HTTP/1.1 206 Partial Content
Date: Mon, 14 Mar 2005 18:33:52 GMT
Server: Apache/2.0.48 (Fedora)
Last-Modified: Sun, 13 Mar 2005 23:37:09 GMT
ETag: "8d406b-1147d-46253340"
Accept-Ranges: bytes
Content-Length: 512
Content-Range: bytes 0-511/70781
Connection: close
Content-Type: text/plain; charset=UTF-8ClamAV-VDB:14 Mar 2005 00-35 +0100:762:520:4:5bfc3bac4d31e4b52[...]
Note the Range request for the first 512 bytes. This gets the database header which includes the version and internal timestamps. This info is then used to determine if the database needs updating. If such a determination is made, then the whole database is requested without an If-Modified-Since header.
If, the local file's mtime was used in the requested "If-Modified-Since" header (and the time was quite recent), then http response would have been 304 Not Modified", and a proper version check could not have been performed.
So, I suggest that the proposed patch actually implements correct and desired behavior.
- Mark Pizzolato
_______________________________________________ http://lurker.clamav.net/list/clamav-devel.html
