I just took a peek at the HAVP source code. It looks like it has a "ClamdScanner" and a "ClamLibScanner". The ClamLibScanner code is only built if you configure with --enable-clamav, else I _think_ it falls back to the ClamdScanner variant.
To get HAVP's ClamLibScanner class to build with libclamav 9.0.0 (from ClamAV 0.101.0), it will need some minor changes to set the scanning options the new way, and the ClamLibScanner's "Scan()" method will need a small change to include the filename (or NULL, if a descriptive name is not available). Some additional work would be needed to make these changes only if the libclamav version number is 9 or higher in order to support both versions, though that shouldn't be too difficult. I just reached out to Christian Hilgers (HAVP author) to tell him about the API changes and ask if he'd be interested in putting HAVP's source code on Github so the open source community may contribute pull-requests to the project, as it presently appears to only be available via download from their website). I don't know if he actively uses that email address though. It is listed in the source code, so it may see a fair amount of spam. *shrugs*. Micah Snyder ClamAV Development Talos Cisco Systems, Inc. On Nov 19, 2018, at 8:54 PM, Paul Kosinski <clamav-us...@iment.com<mailto:clamav-us...@iment.com>> wrote: I have long been using HAVP with ClamAV to scan HTTP traffic (inbound). HAVP uses libclamav directly (rather than e.g., clamd) so it doesn't have an excessive performance impact. (Cf. http://www.havp.org/) Unfortunately, HAVP hasn't seen any development for a bit over 2 years. In the past, simply symlinking the old libclamav.so.x to the new one has worked. Now, since the libclamav interface is changing, I worry that HAVP might need major modification to work. Are there any other users of HAVP in conjunction with ClamAV? (HAVP was originally written to work with ClamAV as well as other AV packages, such as Kaspersky, Sophos and F-Prot.) On Mon, 19 Nov 2018 19:40:30 +0000 "Joel Esler (jesler)" <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: https://blog.clamav.net/2018/11/the-clamav-01010-release-candidate-is.html The ClamAV 0.101.0 release candidate is here! The ClamAV 0.101.0 release candidate is here<http://www.clamav.net/downloads>! We have also made significant improvements to our User Manual<https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.101/docs/UserManual.md> (the user manual will be moved to clamav.net<http://clamav.net> soon) and to the inline Doxygen documentation in clamav.h for libclamav users. Please take a peek, and consider submitting your own recommendations via GitHub pull-request. In particular, we'd love to expand the Usage section with details on how to integrate ClamAV with other software. Your input would be greatly appreciated. A short summary of the improvements found in 0.101: * Changes to the libclamav API: * Those who build applications around our shared library will need to change how they declare and pass scanning options to libclamav. Please take a look at the change to our example code for details. * Scanning functions now have a filename argument. The argument is optional, but improves the efficiency when parsing certain types that require a file on disk to open and read, and will allow for additional improvements in the future. * Many of the scanning option #defines have changed. These can be found in our clamav.h header. * The libclamav version number has changed. * Some of the clamd config and clamscan command line option names have changed. The original versions will still work for a time, but eventually they will be deprecated. These options in question are detailed in the NEWS document. * A new sub-signature type called "Byte Compare". Byte Compare sub-signatures can be used to evaluate a numeric value at a given offset from the start of another (matched) sub-signature within the same logical signature. That numerical value may be interpreted from signed ascii decimal, unsigned ascii hex, or unsigned binary data relative to a match offset. For details, see the signature writing documentation. * Changes to our documentation. Documentation is now in Markdown and should be easier to navigate and easier to contribute to. * Support for extraction/scanning of RAR v5.x archives. For additional details on changes in 0.101, please read the notes in our NEWS document. Thank you in advance for test-driving the ClamAV 0.101 release candidate<http://www.clamav.net/downloads>! Bugs should be brought to our attention via the clamav-devel mailing list<http://www.clamav.net/contact#ml> or via bugzilla<https://bugzilla.clamav.net/>. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
