I'm building clam 0.99.3/head,
git branch -a | grep \*
* 0.99.3
git log | head
commit 6f8290632b6e1ddcf08b3a64c6cbc9d8b98571e3
Author: Steven Morgan <stevm...@cisco.com>
Date: Wed Nov 29 17:38:57 2017 -0500
ClamAV 0.99.3 beta2 versioning.
commit 0a320049f1fe058dbed05606c925bb2ec2584264
Author: Steven Morgan <stevm...@cisco.com>
Date: Wed Nov 29 17:18:42 2017 -0500
The build FAILs -- as it has for over a year -- when linking against
OpenSSL 1.1.0x libs/api, due to reference of deprecated symbols,
...
-L/usr/local/lib64 -Wl,-rpath,/usr/local/lib64 -o clamscan output.o
getopt.o optparser.o actions.o misc.o clamscan.o manager.o ../libclamav/
libclamav.la -lpthread
libtool: link: rm -f .libs/clamscan.nm .libs/clamscan.nmS
.libs/clamscan.nmT
libtool: link: rm -f ".libs/clamscan.nmI"
libtool: link: (cd .libs && /usr/bin/gcc-7 -O3 -Wall -fstack-protector
-funwind-tables -fasynchronous-unwind-tables -fmessage-length=0
-grecord-gcc-switches -march=native -mtune=native
-I/usr/local/openssl11/include -I/usr/local/include -I/usr/local/include
-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -c
-fno-builtin "clamscanS.c")
libtool: link: rm -f ".libs/clamscanS.c" ".libs/clamscan.nm"
".libs/clamscan.nmS" ".libs/clamscan.nmT" ".libs/clamscan.nmI"
libtool: link: /usr/bin/gcc-7 -O3 -Wall -fstack-protector
-funwind-tables -fasynchronous-unwind-tables -fmessage-length=0
-grecord-gcc-switches -march=native -mtune=native
-I/usr/local/openssl11/include -I/usr/local/include -I/usr/local/include
-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Wl,-rpath
-Wl,/usr/local/openssl11/lib64 -Wl,-rpath -Wl,/usr/local/lib64 -Wl,-rpath
-Wl,/usr/local/lib64 -o .libs/clamscan output.o getopt.o optparser.o
actions.o misc.o clamscan.o manager.o -L/usr/local/openssl11/lib64
-L/usr/local/lib64 ../libclamav/.libs/libclamav.so
-L/usr/local/openssl11/lib -L/lib64 -L/usr/local/lib /usr/lib64/libxml2.so
-llzma -lbz2 /usr/lib64/libltdl.so -ldl /usr/local/lib64/libpcre2-8.so -lm
/usr/local/lib64/libpcrecpp.so /usr/local/lib64/libpcre.so
/usr/local/lib64/libcurl.so /usr/local/lib64/libnghttp2.so -lpsl -lz -lssl
-lcrypto -lssh2 -lpthread -pthread
../libclamav/.libs/libclamav.so: undefined reference to
`X509_CRL_get_nextUpdate'
../libclamav/.libs/libclamav.so: undefined reference to
`SSL_library_init'
../libclamav/.libs/libclamav.so: undefined reference to
`ERR_load_crypto_strings'
../libclamav/.libs/libclamav.so: undefined reference to
`OpenSSL_add_all_algorithms'
../libclamav/.libs/libclamav.so: undefined reference to `EVP_cleanup'
../libclamav/.libs/libclamav.so: undefined reference to
`OpenSSL_add_all_digests'
../libclamav/.libs/libclamav.so: undefined reference to
`SSL_load_error_strings'
../libclamav/.libs/libclamav.so: undefined reference to
`OpenSSL_add_all_ciphers'
collect2: error: ld returned 1 exit status
Makefile:611: recipe for target 'clamscan' failed
make[2]: *** [clamscan] Error 1
make[2]: Leaving directory '/usr/local/src/clamav-devel/clamscan'
Makefile:767: recipe for target 'all-recursive' failed
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory '/usr/local/src/clamav-devel'
Makefile:596: recipe for target 'all' failed
make: *** [all] Error 2
Mod'ing the build by applying changes similar to a 3rd-party patch (
https://github.com/patch-exchange/openssl-1.1-transition/tree/master/clamav)
for v0.99.2x, also available for over a year now,
https://github.com/patch-exchange/openssl-1.1-transition/blob/master/clamav/clamav-0.99.2-openssl-1.1.patch
clam* build/linked with OpenSSL 1.1.0,
ldd `which clamdscan` `which clamd` | egrep "ssl|crypto"
libssl.so.1.1 => /usr/local/openssl11/lib64/libssl.so.1.1
(0x00007fbda5a85000)
libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1
(0x00007fbda55dc000)
libssl.so.1.1 => /usr/local/openssl11/lib64/libssl.so.1.1
(0x00007f08b5a00000)
libcrypto.so.1.1 => /usr/local/openssl11/lib64/libcrypto.so.1.1
(0x00007f08b5557000)
and exec OK
systemctl status clamd.service
● clamd.service - clamd scanner daemon
Loaded: loaded (/etc/systemd/system/clamd.service; enabled;
vendor preset: disabled)
Active: active (running) since Thu 2017-11-30 15:46:05 PST; 1h
20min ago
Main PID: 14070 (clamd)
Tasks: 2 (limit: 512)
CGroup: /system.slice/clamd.service
└─14070 /usr/local/sbin/clamd -c
/usr/local/etc/clamav/clamd.conf
Nov 30 17:07:21 dev.loc clamd[14070]: SelfCheck: Database status OK.
Nov 30 17:07:22 dev.loc clamd[30292]: Portable Executable support
enabled.
Nov 30 17:07:22 dev.loc clamd[30292]: ELF support enabled.
Nov 30 17:07:22 dev.loc clamd[30292]: Mail files support enabled.
Nov 30 17:07:22 dev.loc clamd[30292]: OLE2 support enabled.
Nov 30 17:07:22 dev.loc clamd[30292]: PDF support enabled.
Nov 30 17:07:22 dev.loc clamd[30292]: SWF support enabled.
Nov 30 17:07:22 dev.loc clamd[30292]: HTML support enabled.
Nov 30 17:07:22 dev.loc clamd[30292]: XMLDOCS support enabled.
Nov 30 17:07:22 dev.loc clamd[30292]: HWP3 support enabled.
Nov 30 17:07:22 dev.loc clamd[30292]: Self checking every 1800
seconds.
clamscan -d /var/lib/clamav
...
----------- SCAN SUMMARY -----------
Known viruses: 9380408
Engine version: 0.99.3-beta2
Scanned directories: 1
Scanned files: 33
Infected files: 0
Data scanned: 4.41 MB
Data read: 1.93 MB (ratio 2.29:1)
Time: 27.834 sec (0 m 27 s)
openssl references in git log suggest openssl 110 readiness, as well as the
option to link to local instances of it,
...
commit a4013285691478f165f1fe2de070ff32f34093fc
Author: Micah Snyder <micas...@cisco.com>
Date: Fri Nov 17 09:00:06 2017 -0500
Regargeting openssl solution to match the other projects.
...
commit 89c6504289cd54e2db60e9e04e5752c553d4449c
Author: Steven Morgan <smor...@sourcefire.com>
Date: Fri Jul 14 16:50:12 2017 -0400
fix for linking to openssl fo x64.
...
commit 950be7e5eb93cdafc1349d85813c125a53886ee5
Author: Steven Morgan <smor...@sourcefire.com>
Date: Wed Dec 21 17:16:39 2016 -0500
Change Windows build to use OpenSSL 1.1.0.c
...
commit dd1b59482dab05f732b8116218eea9d187c41031
Author: Mickey Sola <ms...@sourcefire.com>
Date: Tue Aug 9 15:48:31 2016 -0400
bb11594 - allow for compilation against openssl 1.1.0
...
commit 3f40439f56ba179107afea9e349441fa57cbeb84
Author: Kevin Lin <k...@sourcefire.com>
Date: Thu Oct 22 14:50:41 2015 -0400
fix for openssl build with specific openssl location (needs autogen)
...
But attempting to view that bug#11594 for more detail, we're refused:
@ https://bugzilla.clamav.net/show_bug.cgi?id=11594
"You are not authorized to access bug #11594"
What's needed to get full OpenSSL 1.1.0 compat into master branch?
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
http://www.clamav.net/contact.html#ml
