diff mbox series

[bug#32958] gnu: Add clamav.

Message ID 20181024110927.7442ebf1@centurylink.net
State Accepted
Headers show
Series [bug#32958] gnu: Add clamav. | expand

Checks

Context Check Description
cbaines/applying patch success Successfully applied
cbaines/applying patch success Successfully applied
cbaines/applying patch success Successfully applied
cbaines/applying patch success Successfully applied

Commit Message

Eric Bavier Oct. 24, 2018, 4:09 p.m. UTC 
On Sun, 07 Oct 2018 09:36:16 +0100
Christopher Baines <mail@cbaines.net> wrote:

> Eric Bavier <ericbavier@centurylink.net> writes:
> 
> > Hi Christopher,
> >
> > On Sat, 06 Oct 2018 20:56:23 +0100
> > Christopher Baines <mail@cbaines.net> wrote:
> >  
> >> Tags: moreinfo
> >> 
> >> This probably isn't ready quite yet, as the source release includes
> >> quite a bit of bundled software, and I've only had an initial attempt at
> >> cleaning it up. I also haven't looked in to the test suite in detail.  
> >
> > I've had a local clamav patch for a while now, and had just recently
> > picked it up to dust it off for the 0.100.2 release.  Much is similar
> > to your patch, and I had started writing a clamd service.  Do you mind
> > if I merge some parts of your patch into mine and then send it here?  
> 
> Not at all Eric, that sounds great :)

Here is my small series of patches.

1. Turns on RTTI in llvm by default.

2. Adds a TomsFastMath package that is otherwise bundled in clamav

3. Adds clamav.  Uses a patch borrowed from debian to use a system
tomsfastmath and uses a system llvm.  A few tests that cannot pass
inside the build container are skipped.

I'm not posting my clamd-service at this time because it needs quite a
bit more work.

`~Eric

Comments

Eric Bavier Nov. 17, 2018, 6:41 a.m. UTC | #1 
On Wed, 24 Oct 2018 11:09:27 -0500
Eric Bavier <ericbavier@centurylink.net> wrote: 
> 
> Here is my small series of patches.
> 
> 1. Turns on RTTI in llvm by default.
> 
> 2. Adds a TomsFastMath package that is otherwise bundled in clamav
> 
> 3. Adds clamav.  Uses a patch borrowed from debian to use a system
> tomsfastmath and uses a system llvm.  A few tests that cannot pass
> inside the build container are skipped.

I've pushed these patches in commits:

fc9dbf41311d99d0fd8befc789ea7c0e35911890
7ed018e8a2f885246461ad65420bf39d741d343c
0a41123f01d5d2466d6f533be3644ac8c9a2bdf9

`~Eric
diff mbox series

Patch

From 6f9dfe688d0e7119f477d5418ffbf529c5a3f411 Mon Sep 17 00:00:00 2001
From: Eric Bavier <bavier@member.fsf.org>
Date: Fri, 28 Oct 2016 22:42:59 -0500
Subject: [PATCH 3/4] gnu: Add ClamAV.

* gnu/packages/antivirus.scm: New file.
* gnu/packages/patches/clamav-system-tomsfastmath.patch,
gnu/packages/patches/clamav-config-llvm-libs.patch: New files.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add new module.
(dist_patch_DATA): Add patches.

Co-authored-by: Christopher Baines <mail@cbaines.net>
---
 gnu/local.mk                                  |   4 +-
 gnu/packages/antivirus.scm                    | 156 ++++++++++++++++++
 .../patches/clamav-config-llvm-libs.patch     |  14 ++
 .../patches/clamav-system-tomsfastmath.patch  | 102 ++++++++++++
 4 files changed, 275 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/antivirus.scm
 create mode 100644 gnu/packages/patches/clamav-config-llvm-libs.patch
 create mode 100644 gnu/packages/patches/clamav-system-tomsfastmath.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 62e264f29..be27be6df 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -60,6 +60,7 @@  GNU_SYSTEM_MODULES =				\
   %D%/packages/android.scm			\
   %D%/packages/animation.scm			\
   %D%/packages/anthy.scm			\
+  %D%/packages/antivirus.scm			\
   %D%/packages/apl.scm				\
   %D%/packages/apr.scm				\
   %D%/packages/aspell.scm			\
@@ -612,7 +613,8 @@  dist_patch_DATA =						\
   %D%/packages/patches/ceph-skip-collect-sys-info-test.patch	\
   %D%/packages/patches/ceph-skip-unittest_blockdev.patch	\
   %D%/packages/patches/chmlib-inttypes.patch			\
-  %D%/packages/patches/clang-3.5-libc-search-path.patch		\
+  %D%/packages/patches/clamav-config-llvm-libs.patch		\
+  %D%/packages/patches/clamav-system-tomsfastmath.patch		\
   %D%/packages/patches/clang-3.8-libc-search-path.patch		\
   %D%/packages/patches/clang-6.0-libc-search-path.patch		\
   %D%/packages/patches/clang-runtime-asan-build-fixes.patch	\
diff --git a/gnu/packages/antivirus.scm b/gnu/packages/antivirus.scm
new file mode 100644
index 000000000..f117e3080
--- /dev/null
+++ b/gnu/packages/antivirus.scm
@@ -0,0 +1,156 @@ 
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016, 2017, 2018 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2018 Christopher Baines <mail@cbaines.net>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages antivirus)
+  #:use-module (guix licenses)
+  #:use-module (guix build-system gnu)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix utils)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages autotools)
+  #:use-module (gnu packages bison)
+  #:use-module (gnu packages check)
+  #:use-module (gnu packages compression)
+  #:use-module (gnu packages curl)
+  #:use-module (gnu packages cyrus-sasl)
+  #:use-module (gnu packages flex)
+  #:use-module (gnu packages llvm)
+  #:use-module (gnu packages multiprecision)
+  #:use-module (gnu packages ncurses)
+  #:use-module (gnu packages pcre)
+  #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages tls)
+  #:use-module (gnu packages web)
+  #:use-module (gnu packages xml))
+
+(define-public clamav
+  (package
+    (name "clamav")
+    (version "0.100.2")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://www.clamav.net/downloads/production/"
+                                  "clamav-" version ".tar.gz"))
+              (sha256
+               (base32
+                "1mkd41sxbjkfjinpx5b9kb85q529gj2s3d0klysssqhysh64ybja"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  (for-each delete-file-recursively
+                            '("win32"              ;unnecessary
+                              "libclamav/c++/llvm" ;use system llvm
+                              "libclamunrar"))))   ;non-free license
+              (patches
+               (search-patches "clamav-system-tomsfastmath.patch"
+                               "clamav-config-llvm-libs.patch"))))
+    (build-system gnu-build-system)
+    (native-inputs
+     `(("bison" ,bison)
+       ("check" ,check)                 ;for tests
+       ("flex" ,flex)
+       ("pkg-config" ,pkg-config)
+       ;; The tomsfastmath patch touches configure.ac and Makefile.am
+       ("autoconf" ,autoconf)
+       ("automake" ,automake)
+       ("libtool" ,libtool)))
+    (inputs
+     `(("bzip2" ,bzip2)
+       ("libcurl" ,curl)
+       ("libjson" ,json-c)
+       ("libltdl" ,libltdl)
+       ("libmspack" ,libmspack)
+       ("llvm" ,llvm-3.6)               ;requires <3.7, for JIT/verifier
+       ("ncurses" ,ncurses)
+       ("openssl" ,libressl)
+       ("pcre" ,pcre "bin")             ;for pcre-config
+       ("sasl" ,cyrus-sasl)             ;for linking curl with libtool
+       ("tomsfastmath" ,tomsfastmath)
+       ("xml" ,libxml2)
+       ("zlib" ,zlib)))
+    (arguments
+     `(#:configure-flags
+       (let-syntax ((with (syntax-rules ()
+                            ((_ name)
+                             (string-append "--with-" name "="
+                                            (assoc-ref %build-inputs name))))))
+         (list "--disable-unrar"
+               "--enable-llvm"
+               "--with-system-llvm"
+               "--with-system-libmspack"
+               "--without-included-ltdl"
+               (with "xml")
+               (with "openssl")
+               (with "libjson")
+               (with "pcre")
+               (with "zlib")
+               (with "libcurl")
+               ;; For sanity, specifying --enable-* flags turns
+               ;; "support unavailable" warnings into errors.
+               "--enable-bzip2"
+               "--enable-check"
+               "--sysconfdir=/etc/clamav"
+               ;; Default database directory needs to be writeable
+               "--with-dbdir=/var/db/clamav"))
+       ;; install sample .conf files to %output/etc rather than /etc/clamav
+       #:make-flags (list (string-append "sysconfdir=" %output "/etc"))
+       #:phases (modify-phases %standard-phases
+                  (add-after 'unpack 'reconf
+                    (lambda _ (zero? (system* "autoreconf" "-vfi"))))
+                  (add-before 'configure 'patch-llvm-config
+                    (lambda _
+                      (substitute* '("libclamav/c++/detect.cpp"
+                                     "libclamav/c++/ClamBCRTChecks.cpp"
+                                     "libclamav/c++/bytecode2llvm.cpp")
+                        (("llvm/Config/config.h") "llvm/Config/llvm-config.h"))
+                      ;; `llvm-config --libfiles` inappropriately lists lib*.a
+                      ;; libraries, rather than the lib*.so's that our llvm
+                      ;; contains.  They're used only for listing extra build
+                      ;; dependencies, so ignore them until that's fixed.
+                      (substitute* "libclamav/c++/Makefile.in"
+                        (("@LLVMCONFIG_LIBFILES@") ""))
+                      #t))
+                  (add-before 'check 'skip-clamd-tests
+                    ;; XXX: The check?_clamd tests fail inside the build
+                    ;; chroot, but pass outside.
+                    (lambda _
+                      (substitute* "unit_tests/Makefile"
+                        (("check2_clamd.sh.*check4_clamd.sh") ""))
+                      #t)))))
+    (home-page "https://www.clamav.net")
+    (synopsis "Antivirus engine")
+    (description
+     "Clam AntiVirus is an anti-virus toolkit, designed especially for e-mail
+scanning on mail gateways.  It provides a number of utilities including a
+flexible and scalable multi-threaded daemon, a command line scanner, and
+advanced tool for automatic database updates.  The core of the package is an
+anti-virus engine available in the form of a shared library.")
+    (license (list license:gpl2+        ;ClamAV itself
+                   license:lgpl2.1      ;libclamav/mspack.[ch]
+                   license:public-domain ;libclamav/7z/*, libclamav/rijndael.[ch], etc...
+                   (package-license bzip2) ;modified bzip2 source in libclamav/nsis
+                   license:bsd-2        ;several files in libclamav
+                   license:bsd-3        ;libclamav/{regex,qsort.c,swf.[ch]
+                   license:ncsa         ;libclamav/c++/PointerTracking.cpp
+                   license:zlib         ;libclamav/inf*.h
+                   license:x11          ;libclamav/lzw
+                   (license:non-copyleft "libclamav/strlcat.c") ;"OpenBSD" license
+                   license:asl2.0       ;libclamav/yara*
+                   license:expat))))    ;shared/getopt.[ch]
diff --git a/gnu/packages/patches/clamav-config-llvm-libs.patch b/gnu/packages/patches/clamav-config-llvm-libs.patch
new file mode 100644
index 000000000..054264ee2
--- /dev/null
+++ b/gnu/packages/patches/clamav-config-llvm-libs.patch
@@ -0,0 +1,14 @@ 
+Our llvm does not contain a single top-level library, so consult llvm-config
+for the libraries that need to be linked against.
+
+--- clamav-0.100.2/libclamav/c++/configure.ac	2018-09-19 14:29:07.000000000 -0500
++++ clamav-0.100.2/libclamav/c++/configure.ac	2018-10-06 21:45:09.377249158 -0500
+@@ -105,7 +105,7 @@
+ 
+     if test "x$llvm_linking" = "xdynamic"; then
+         AC_SUBST(LLVMCONFIG_LDFLAGS, [`$llvmconfig --ldflags`])
+-        AC_SUBST(LLVMCONFIG_LIBS, [-lLLVM-$llvmver])
++        AC_SUBST(LLVMCONFIG_LIBS, [`$llvmconfig --libs $llvmcomp`])
+         AC_SUBST(LLVMCONFIG_LIBFILES, [])
+     else
+         if test $llvmver_test -ge 350; then
diff --git a/gnu/packages/patches/clamav-system-tomsfastmath.patch b/gnu/packages/patches/clamav-system-tomsfastmath.patch
new file mode 100644
index 000000000..07ab79f3f
--- /dev/null
+++ b/gnu/packages/patches/clamav-system-tomsfastmath.patch
@@ -0,0 +1,102 @@ 
+From 756ff89526b5ffaa7a4f49b1bbecf2ecbd6f85f9 Mon Sep 17 00:00:00 2001
+From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
+Date: Wed, 11 Mar 2015 20:03:15 +0100
+Subject: add support for system tomsfastmath
+
+Patch-Name: add-support-for-system-tomsfastmath.patch
+---
+ configure.ac                           |    2 ++
+ libclamav/Makefile.am                  |   10 ++++++++--
+ libclamav/bignum.h                     |    6 +++++-
+ libclamav/xdp.c                        |    2 +-
+ m4/reorganization/libs/tomsfastmath.m4 |   12 ++++++++++++
+ 5 files changed, 28 insertions(+), 4 deletions(-)
+ create mode 100644 m4/reorganization/libs/tomsfastmath.m4
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -82,6 +82,7 @@ m4_include([m4/reorganization/libs/xml.m
+ m4_include([m4/reorganization/libs/openssl.m4])
+ m4_include([m4/reorganization/libs/json.m4])
+ m4_include([m4/reorganization/libs/pcre.m4])
++m4_include([m4/reorganization/libs/tomsfastmath.m4])
+ 
+ AM_MAINTAINER_MODE
+ m4_include([m4/reorganization/libs/libz.m4])
+@@ -285,6 +286,7 @@ else
+ fi
+ CL_MSG_STATUS([yara        ],[$enable_yara],[$enable_yara])
+ CL_MSG_STATUS([fts         ],[yes],[$lfs_fts_msg])
++CL_MSG_STATUS([tomsfastmath],[yes],[$tomsfastmath_msg])
+ 
+ 
+ # Yep, downgrading the compiler avoids the bug too:
+--- a/libclamav/Makefile.am
++++ b/libclamav/Makefile.am
+@@ -496,8 +496,10 @@ libclamav_la_SOURCES += yara_arena.c \
+ 	yara_clam.h
+ endif
+ 
+-libclamav_la_SOURCES += bignum.h\
+-	bignum_fast.h\
++libclamav_la_SOURCES += bignum.h
++
++if !SYSTEM_TOMSFASTMATH
++libclamav_la_SOURCES += bignum_fast.h\
+         tomsfastmath/addsub/fp_add.c\
+         tomsfastmath/addsub/fp_add_d.c\
+         tomsfastmath/addsub/fp_addmod.c\
+@@ -579,6 +581,10 @@ libclamav_la_SOURCES += bignum.h\
+         tomsfastmath/sqr/fp_sqr_comba_generic.c\
+         tomsfastmath/sqr/fp_sqr_comba_small_set.c\
+ 	tomsfastmath/sqr/fp_sqrmod.c
++else
++libclamav_la_CFLAGS += $(TOMSFASTMATH_CFLAGS)
++libclamav_la_LIBADD += $(TOMSFASTMATH_LIBS)
++endif
+ 
+ .PHONY: version.h.tmp
+ version.c: version.h
+--- a/libclamav/bignum.h
++++ b/libclamav/bignum.h
+@@ -1,9 +1,13 @@
+ #ifndef BIGNUM_H_
+ #define BIGNUM_H_
+ 
++#if HAVE_SYSTEM_TOMSFASTMATH
++#include <tfm.h>
++#else
+ #define TFM_CHECK
+-
+ #include "bignum_fast.h"
++#endif
++
+ typedef fp_int mp_int;
+ #define mp_cmp fp_cmp
+ #define mp_toradix_n(a,b,c,d) fp_toradix_n(a,b,c,d)
+--- a/libclamav/xdp.c
++++ b/libclamav/xdp.c
+@@ -57,7 +57,7 @@
+ #include "scanners.h"
+ #include "conv.h"
+ #include "xdp.h"
+-#include "bignum_fast.h"
++#include "bignum.h"
+ #include "filetypes.h"
+ 
+ static char *dump_xdp(cli_ctx *ctx, const char *start, size_t sz);
+--- /dev/null
++++ b/m4/reorganization/libs/tomsfastmath.m4
+@@ -0,0 +1,12 @@
++dnl Check for system tomsfastmath
++PKG_CHECK_MODULES([TOMSFASTMATH], [tomsfastmath], [have_system_tomsfastmath=yes], [have_system_tomsfastmath=no])
++
++AM_CONDITIONAL([SYSTEM_TOMSFASTMATH], [test "x$have_system_tomsfastmath" = "xyes"])
++
++if test "x$have_system_tomsfastmath" = "xyes"; then
++    AC_DEFINE([HAVE_SYSTEM_TOMSFASTMATH], [1], [link against system-wide tomsfastmath library])
++    tomsfastmath_msg="External, $TOMSFASTMATH_CFLAGS $TOMSFASTMATH_LIBS"
++else
++    AC_DEFINE([HAVE_SYSTEM_TOMSFASTMATH], [0], [don't link against system-wide tomsfastmath library])
++    tomsfastmath_msg="Internal"
++fi
-- 
2.19.1