Index: UPDATING =================================================================== --- UPDATING +++ UPDATING @@ -5,6 +5,34 @@ You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20211007: + AFFECTS: user of security/clamav + AUTHOR: yasu@FreeBSD.org + + Upstream changed end-of-life policy and introduced long time support + (LTS) feature release. + + * LTS feature release will be identified approximately every two + years and supported for at least three years from the initial + publication date of that LTS feature version. + * Regular (non-LTS) feature releases will be supported for at least + four months from the initial publication date of the next feature + release or until the feature release after that is published. + + According to it new port security/clamav-lts is added for users who + want to use LTS version of ClamAV. + + Users wanting to switch to LTS version can replace security/clamav + with security/clamav-lts with one of following commands. + + If you use pkg with binary packages: + # pkg set -o security/clamav:security/clamav-lts + # pkg upgrade + If you use portmaster: + # portmaster -o security/clamav-lts security/clamav + If you use portupgrade: + # portupgrade -o security/clamav-lts security/clamav + 20211006: AFFECTS: users of misc/freebsd-doc-* AUTHOR: blackend@FreeBSD.org Index: security/Makefile =================================================================== --- security/Makefile +++ security/Makefile @@ -88,6 +88,7 @@ SUBDIR += cl-md5-sbcl SUBDIR += clamassassin SUBDIR += clamav + SUBDIR += clamav-lts SUBDIR += clamav-unofficial-sigs SUBDIR += clamd-stream-client SUBDIR += clamfs Index: security/clamav-lts/Makefile =================================================================== --- security/clamav-lts/Makefile +++ security/clamav-lts/Makefile @@ -3,6 +3,7 @@ PORTEPOCH= 1 CATEGORIES= security MASTER_SITES= https://www.clamav.net/downloads/production/ +PKGNAMESUFFIX= -lts MAINTAINER= yasu@FreeBSD.org COMMENT= Command line virus scanner written entirely in C @@ -15,18 +16,10 @@ libmspack.so:archivers/libmspack USES= compiler cpe gmake gnome libtool ncurses pathfix pkgconfig ssl -USE_RC_SUBR= clamav-clamd clamav-freshclam USE_LDCONFIG= yes +USE_RC_SUBR= clamav-clamd clamav-freshclam GNU_CONFIGURE= yes -INSTALL_TARGET= install-strip - -PLIST_SUB+= CLAMAVGROUP=${CLAMAVGROUP} \ - CLAMAVUSER=${CLAMAVUSER} \ - DBDIR=${DBDIR} \ - LOGDIR=${LOGDIR} \ - RUNDIR=${RUNDIR} - CONFIGURE_ARGS= --disable-dependency-tracking \ --enable-bigstack \ --enable-clamdtop \ @@ -36,12 +29,14 @@ --with-openssl=${OPENSSLBASE} \ --with-system-libmspack=${LOCALBASE}/lib/libmspack.so +INSTALL_TARGET= install-strip CFLAGS_i386= -march=i486 - # This port has a problem with -pthread, # force to use -lthr until it's not fixed. LDFLAGS+= -lthr +CONFLICTS_INSTALL= clamav-[0-9]* + SUB_FILES= pkg-deinstall SUB_LIST+= CHMOD=${CHMOD} \ CHOWN=${CHOWN} \ @@ -54,8 +49,22 @@ LOGDIR=${LOGDIR} \ RUNDIR=${RUNDIR} +CLAMAVUSER?= clamav +CLAMAVGROUP?= clamav + +.if ${CLAMAVUSER} == "clamav" +USERS= clamav +.endif + +.if ${CLAMAVGROUP} == "clamav" +GROUPS= clamav mail +.endif + PLIST_SUB+= CLAMAVGROUP=${CLAMAVGROUP} \ - CLAMAVUSER=${CLAMAVUSER} + CLAMAVUSER=${CLAMAVUSER} \ + DBDIR=${DBDIR} \ + LOGDIR=${LOGDIR} \ + RUNDIR=${RUNDIR} OPTIONS_DEFINE= ARC ARJ DMG_XAR DOCS EXPERIMENTAL ICONV IPV6 JSON LDAP LHA \ MILTER PCRE STDERR TESTS UNRAR UNZOO @@ -75,49 +84,40 @@ ARC_RUN_DEPENDS= arc:archivers/arc ARJ_RUN_DEPENDS= arj:archivers/arj -DMG_XAR_CONFIGURE_WITH= xml=${LOCALBASE} DMG_XAR_USE= GNOME=libxml2 +DMG_XAR_CONFIGURE_WITH= xml=${LOCALBASE} EXPERIMENTAL_CONFIGURE_ENABLE= experimental -ICONV_CONFIGURE_WITH= iconv ICONV_USES= iconv +ICONV_CONFIGURE_WITH= iconv IPV6_CONFIGURE_ENABLE= ipv6 -JSON_CONFIGURE_WITH= libjson=${LOCALBASE} JSON_LIB_DEPENDS= libjson-c.so:devel/json-c -LDAP_LDFLAGS= -lldap -L${LOCALBASE}/lib +JSON_CONFIGURE_WITH= libjson=${LOCALBASE} LDAP_USE= OPENLDAP=yes +LDAP_LDFLAGS= -lldap -L${LOCALBASE}/lib LHA_RUN_DEPENDS= lha:archivers/lha -MILTER_CONFIGURE_WITH= sendmail=/usr/sbin/sendmail +.if !exists(/usr/lib/libmilter.so) +MILTER_LIB_DEPENDS+= libmilter.so:mail/libmilter +.endif +MILTER_USE= RC_SUBR=clamav-milter MILTER_CONFIGURE_ENABLE= milter +MILTER_CONFIGURE_WITH= sendmail=/usr/sbin/sendmail .if !exists(/usr/lib/libmilter.so) MILTER_CFLAGS= -I${LOCALBASE}/include MILTER_LDFLAGS= -L${LOCALBASE}/lib -MILTER_LIB_DEPENDS+= libmilter.so:mail/libmilter .endif -MILTER_USE= RC_SUBR=clamav-milter -PCRE_CONFIGURE_WITH= pcre PCRE_LIB_DEPENDS= libpcre2-8.so:devel/pcre2 +PCRE_CONFIGURE_WITH= pcre STDERR_EXTRA_PATCHES= ${FILESDIR}/extra-patch-shared_output.c -TESTS_CONFIGURE_ENABLE= check TESTS_BUILD_DEPENDS= ${LOCALBASE}/include/check.h:devel/check TESTS_USES= python:build +TESTS_CONFIGURE_ENABLE= check UNRAR_CONFIGURE_ENABLE= unrar UNZOO_RUN_DEPENDS= unzoo:archivers/unzoo -CLAMAVUSER?= clamav -CLAMAVGROUP?= clamav - CLAMAV_CLAMD_SOCKET?= ${RUNDIR}/clamd.sock CLAMAV_CLAMD_PIDFILE?= ${RUNDIR}/clamd.pid CLAMAV_MILTER_SOCKET?= ${RUNDIR}/clmilter.sock -.if ${CLAMAVUSER} == "clamav" -USERS= clamav -.endif - -.if ${CLAMAVGROUP} == "clamav" -GROUPS= clamav mail -.endif - DBDIR= /var/db/clamav LOGDIR= /var/log/clamav RUNDIR= /var/run/clamav Index: security/clamav-lts/distinfo =================================================================== --- /dev/null +++ security/clamav-lts/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1624295813 +SHA256 (clamav-0.103.3.tar.gz) = 9f6e3d18449f3d1a3992771d696685249dfa12736fe2b2929858f2c7d8276ae9 +SIZE (clamav-0.103.3.tar.gz) = 13389239 Index: security/clamav-lts/files/clamav-clamd.in =================================================================== --- /dev/null +++ security/clamav-lts/files/clamav-clamd.in @@ -0,0 +1,51 @@ +#!/bin/sh + +# PROVIDE: clamav_clamd +# REQUIRE: LOGIN +# BEFORE: mail +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable clamd: +# +# clamav_clamd_enable="YES" +# clamav_clamd_flags="" +# +# See clamd(8) for flags +# + +. /etc/rc.subr + +name=clamav_clamd +rcvar=clamav_clamd_enable + +# read settings, set default values +load_rc_config "$name" + +: ${clamav_clamd_enable:=NO} +: ${clamav_clamd_socket="%%CLAMAV_CLAMD_SOCKET%%"} +: ${clamav_clamd_pidfile="%%CLAMAV_CLAMD_PIDFILE%%"} +: ${clamav_clamd_user="%%CLAMAVUSER%%"} + +command=%%PREFIX%%/sbin/clamd +required_dirs=%%DBDIR%% +required_files=%%PREFIX%%/etc/clamd.conf + +start_precmd=clamav_clamd_precmd +extra_commands=reload +reload_cmd="%%PREFIX%%/bin/clamdscan --reload" + +#clamav .93 won't start without a valid main.c[vl]d file +clamav_clamd_precmd() +{ + local rundir=${clamav_clamd_pidfile%/*} + if [ ! -d $rundir ] ; then + install -d -m 0755 -o ${clamav_clamd_user} -g ${clamav_clamd_user} $rundir + fi + if [ ! -f %%DBDIR%%/main.cvd -a ! -f %%DBDIR%%/main.cld ];then + echo "Missing %%DBDIR%%/*.cvd or *.cld files. You must run freshclam first" + exit 1 + fi +} + +run_rc_command "$1" Index: security/clamav-lts/files/clamav-freshclam.in =================================================================== --- /dev/null +++ security/clamav-lts/files/clamav-freshclam.in @@ -0,0 +1,45 @@ +#!/bin/sh + +# PROVIDE: clamav_freshclam +# REQUIRE: LOGIN clamav_clamd +# BEFORE: mail +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable the freshclam daemon: +# +# clamav_freshclam_enable="YES" +# clamav_freshclam_flags="" +# +# See freshclam(1) for flags +# + +. /etc/rc.subr + +name=clamav_freshclam +rcvar=clamav_freshclam_enable + +# read settings, set default values +load_rc_config ${name} + +: ${clamav_freshclam_enable:=NO} +: ${clamav_freshclam_pidfile=%%RUNDIR%%/freshclam.pid} +: ${clamav_freshclam_user=%%CLAMAVUSER%%} + +command=%%PREFIX%%/bin/freshclam +pidfile=${clamav_freshclam_pidfile} +command_args="--daemon -p ${pidfile}" +required_dirs=%%DBDIR%% +required_files=%%PREFIX%%/etc/freshclam.conf + +start_precmd=clamav_freshclam_precmd + +clamav_freshclam_precmd() +{ + local rundir=${clamav_freshclam_pidfile%/*} + if [ ! -d $rundir ] ; then + install -d -m 0755 -o ${clamav_freshclam_user} -g ${clamav_freshclam_user} $rundir + fi +} + +run_rc_command "$1" Index: security/clamav-lts/files/clamav-milter.in =================================================================== --- /dev/null +++ security/clamav-lts/files/clamav-milter.in @@ -0,0 +1,101 @@ +#!/bin/sh + +# PROVIDE: clamav_milter +# REQUIRE: LOGIN clamav_clamd +# BEFORE: mail +# KEYWORD: shutdown + +# +# Add the following lines to /etc/rc.conf to enable clamav-milter: +# +# clamav_milter_enable="YES" +# +# See clamav-milter(1) for flags +# + +. /etc/rc.subr + +name=clamav_milter +rcvar=clamav_milter_enable + +load_rc_config $name + +: ${clamav_milter_enable:=NO} +: ${clamav_milter_socket="%%CLAMAV_MILTER_SOCKET%%"} +: ${clamav_milter_conf="%%PREFIX%%/etc/clamav-milter.conf"} +: ${clamav_milter_flags="-c ${clamav_milter_conf}"} +: ${clamav_milter_socktimeout=60} +: ${clamav_milter_socket_mode=777} +: ${clamav_milter_socket_user=%%CLAMAVUSER%%} +: ${clamav_milter_socket_group=%%CLAMAVGROUP%%} +: ${clamav_clamd_enable:=NO} +: ${clamav_clamd_socket="%%CLAMAV_CLAMD_SOCKET%%"} + +command=%%PREFIX%%/sbin/clamav-milter +required_dirs=%%DBDIR%% +required_files=${clamav_milter_conf} + +start_precmd=start_precmd +start_postcmd=start_postcmd + +start_precmd() +{ + if [ -S "$clamav_milter_socket" ]; then + warn "Stale socket $clamav_milter_socket removed." + rm "$clamav_milter_socket" + fi + rc_flags="${flags:-$clamav_milter_flags}" + + clamav_clamd_socket_prefix=${clamav_clamd_socket%:*} + # We can have inet or inet6, try to remove 6 + clamav_clamd_socket_prefix=${clamav_clamd_socket_prefix%6} + + if checkyesno clamav_clamd_enable && [ "x$clamav_clamd_socket" != "x" -a "${clamav_clamd_socket_prefix}" != "inet" ]; then + echo -n "Waiting for clamd socket.. " + i=${clamav_milter_socktimeout} + while [ $i -ne 0 ] + do + [ -S "$clamav_clamd_socket" ] && break + if [ `expr $i % 10` -eq 0 ]; then + echo -n "${i}.. " + fi + sleep 1 + i=$(($i-1)) + done + echo + if [ $i -eq 0 ]; then + echo "There is no clamd socket (${clamav_clamd_socket})!" + exit 1 + fi + fi +} + +start_postcmd() +{ + clamav_milter_socket_prefix=${clamav_milter_socket%:*} + # We can have inet or inet6, try to remove 6 + clamav_milter_socket_prefix=${clamav_milter_socket_prefix%6} + + if [ "x$clamav_milter_socket" != "x" -a "${clamav_milter_socket_prefix}" != "inet" ]; then + echo -n "Waiting for clamav-milter socket.. " + i=${clamav_milter_socktimeout} + while [ $i -ne 0 ] + do + [ -S "$clamav_milter_socket" ] && break + if [ `expr $i % 10` -eq 0 ]; then + echo -n "${i}.. " + fi + sleep 1 + i=$(($i-1)) + done + echo + if [ $i -eq 0 ]; then + echo "There is no clamav-milter socket (${clamav_milter_socket})!" + exit 1 + fi + %%CHMOD%% ${clamav_milter_socket_mode} ${clamav_milter_socket} + %%CHOWN%% ${clamav_milter_socket_user}:${clamav_milter_socket_group} ${clamav_milter_socket} + fi +} + +run_rc_command "$1" Index: security/clamav-lts/files/extra-patch-shared_output.c =================================================================== --- /dev/null +++ security/clamav-lts/files/extra-patch-shared_output.c @@ -0,0 +1,17 @@ +--- shared/output.c.orig Thu May 18 22:10:40 2006 ++++ shared/output.c Thu May 18 22:12:43 2006 +@@ -236,7 +236,13 @@ + return; + } + +- fd = stdout; ++/* fd = stdout; (missing flag 'mprintf_stdout') --eh. */ ++ ++ if(mprintf_stdout) ++ fd = stdout; ++ else ++ fd = stderr; ++ + + /* legend: + * ! - error Index: security/clamav-lts/files/patch-libclamav_c++_llvm_include_llvm_Support_CFG.h =================================================================== --- /dev/null +++ security/clamav-lts/files/patch-libclamav_c++_llvm_include_llvm_Support_CFG.h @@ -0,0 +1,62 @@ +--- libclamav/c++/llvm/include/llvm/Support/CFG.h.orig 2016-04-22 15:02:19 UTC ++++ libclamav/c++/llvm/include/llvm/Support/CFG.h +@@ -27,8 +27,9 @@ namespace llvm { + + template // Predecessor Iterator + class PredIterator : public std::iterator { +- typedef std::iterator super; ++ Ptr, ptrdiff_t, Ptr*, Ptr*> { ++ typedef std::iterator super; + typedef PredIterator Self; + USE_iterator It; + +@@ -40,6 +41,7 @@ class PredIterator : public std::iteratoruse_begin()) { + advancePastNonTerminators(); +@@ -49,7 +51,7 @@ class PredIterator : public std::iterator(*It)->getParent(); + } +@@ -87,10 +89,11 @@ inline const_pred_iterator pred_end(const BasicBlock * + + template // Successor Iterator + class SuccIterator : public std::iterator { ++ BB_, ptrdiff_t, BB_*, BB_*> { + const Term_ Term; + unsigned idx; +- typedef std::iterator super; ++ typedef std::iterator super; + typedef SuccIterator Self; + + inline bool index_is_valid(int idx) { +@@ -99,6 +102,7 @@ class SuccIterator : public std::iteratorgetSuccessor(idx); } ++ inline reference operator*() const { return Term->getSuccessor(idx); } + inline pointer operator->() const { return operator*(); } + + inline Self& operator++() { ++idx; return *this; } // Preincrement Index: security/clamav-lts/files/pkg-deinstall.in =================================================================== --- /dev/null +++ security/clamav-lts/files/pkg-deinstall.in @@ -0,0 +1,25 @@ +#!/bin/sh + +if [ "$2" != "POST-DEINSTALL" ]; then + exit 0 +fi + +CLAMAVUSER=%%CLAMAVUSER%% + +echo +echo "====================================================" +echo +echo "If you want remove clamav permanently from you system" +echo "execute following commands:" +echo +echo " # rm -rf %%LOGDIR%%" +echo " # rm -rf %%RUNDIR%%" +echo " # rm -rf %%DBDIR%%" +if pw usershow "${CLAMAVUSER}" 2>/dev/null 1>&2; then + echo " # pw userdel ${CLAMAVUSER}" +fi +echo +echo "====================================================" +echo + +exit 0 Index: security/clamav-lts/pkg-descr =================================================================== --- /dev/null +++ security/clamav-lts/pkg-descr @@ -0,0 +1,8 @@ +This the Long Term Support (LTS) version of Clam Antivirus. +Clam Antivirus is command line virus scanner written entirely in C +and its database is kept up to date. It also detects polymorphic +viruses, scans compressed files and supported by AMaViS. +Optionally you can use the clamav-milter interface to connect +clamav with sendmail. + +WWW: https://www.clamav.net/ Index: security/clamav-lts/pkg-plist =================================================================== --- /dev/null +++ security/clamav-lts/pkg-plist @@ -0,0 +1,81 @@ +bin/clamav-config +bin/clambc +bin/clamconf +bin/clamdscan +bin/clamdtop +bin/clamscan +%%JSON%%bin/clamsubmit +bin/freshclam +bin/sigtool +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Contribute.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Installation-Unix.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Installation-Unix/Steps-Debian-Ubuntu.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Installation-Unix/Steps-Redhat-CentOS.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Installation-Unix/Steps-macOS.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Installation-Windows.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Introduction.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/OnAccess.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/AllowLists.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/AuthenticodeRules.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/BodySignatureFormat.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/BytecodeSignatures.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/ContainerMetadata.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/DatabaseInfo.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/DynamicConfig.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/EncryptedArchives.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/ExtendedSignatures.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/FileTypeMagic.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/FileTypes.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/FunctionalityLevels.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/HashSignatures.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/LogicalSignatures.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/PhishSigs.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Signatures/YaraRules.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Usage.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Usage/Configuration.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Usage/Scanning.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/Usage/SignatureManagement.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/development.html +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/images/demon.png +%%PORTDOCS%%%%DOCSDIR%%/html/UserManual/libclamav.html +include/clamav-config.h +include/clamav-types.h +include/clamav-version.h +include/clamav.h +include/libfreshclam.h +lib/libclamav.so +lib/libclamav.so.9 +lib/libclamav.so.9.0.5 +%%UNRAR%%lib/libclamunrar.so +%%UNRAR%%lib/libclamunrar.so.9 +%%UNRAR%%lib/libclamunrar.so.9.0.5 +%%UNRAR%%lib/libclamunrar_iface.so +%%UNRAR%%lib/libclamunrar_iface.so.9 +%%UNRAR%%lib/libclamunrar_iface.so.9.0.5 +lib/libfreshclam.so +lib/libfreshclam.so.2 +lib/libfreshclam.so.2.0.1 +libdata/pkgconfig/libclamav.pc +man/man1/clambc.1.gz +man/man1/clamconf.1.gz +man/man1/clamdscan.1.gz +man/man1/clamdtop.1.gz +man/man1/clamscan.1.gz +%%JSON%%man/man1/clamsubmit.1.gz +man/man1/freshclam.1.gz +man/man1/sigtool.1.gz +man/man5/clamav-milter.conf.5.gz +man/man5/clamd.conf.5.gz +man/man5/freshclam.conf.5.gz +man/man8/clamav-milter.8.gz +man/man8/clamd.8.gz +%%MILTER%%sbin/clamav-milter +sbin/clamd +@sample etc/clamd.conf.sample +%%MILTER%%@sample etc/clamav-milter.conf.sample +@sample etc/freshclam.conf.sample +@dir(%%CLAMAVUSER%%,%%CLAMAVGROUP%%,0755) %%DBDIR%% +@dir(%%CLAMAVUSER%%,%%CLAMAVGROUP%%,0755) %%LOGDIR%% +@dir(%%CLAMAVUSER%%,%%CLAMAVGROUP%%,0755) %%RUNDIR%% Index: security/clamav/Makefile =================================================================== --- security/clamav/Makefile +++ security/clamav/Makefile @@ -42,6 +42,8 @@ # force to use -lthr until it's not fixed. LDFLAGS+= -lthr +CONFLICTS_INSTALL= clamav-[0-9]* + SUB_FILES= pkg-deinstall SUB_LIST+= CHMOD=${CHMOD} \ CHOWN=${CHOWN} \