[Bug 268069] security/clamav: 1.0.0 does no work with cld and cvd files
- In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 268069] clamav 1.0.0 does no work with cld and cvd files"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 05 Dec 2022 09:04:01 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268069
jasiu <jasiu@tool.eu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jasiu@tool.eu.org
--- Comment #16 from jasiu <jasiu@tool.eu.org> ---
Hello all.
I noticed the same problem on 12.3-RELEASE FreeBSD 12.3-RELEASE
releng/12.3-n234202-70cb68e7a00 GENERIC amd64
Maybe it is a problem with 'Decoded signature'
look at:
LibClamAV debug: MD5(.tar.gz) = 66662314e2576ce0f21b040490bdb5d6
LibClamAV debug: cli_versig: Decoded signature:
00000000000000000000000000000000
LibClamAV debug: cli_versig: Signature doesn't match.
LibClamAV debug: cli_cvdverify: Digital signature verification error
LibClamAV debug: Cleaning up phishcheck
Reverted to port: security/clamav-lts, clamav-lts-0.103.7,1 and the problem was
gone
Here is a full debug output from freshclam:
root@thirdeye:/var/db/clamav # freshclam -u vscan --debug -v
Current working dir is /var/db/clamav/
Loaded freshclam.dat:
version: 1
uuid: 2aeb987e-bdbd-4d28-97a6-e8c686158415
retry-after: 2022-12-02 21:40:44
ClamAV update process started at Sat Dec 3 11:49:47 2022
Current working dir is /var/db/clamav/
Querying current.cvd.clamav.net
TTL: 1800
fc_dns_query_update_info: Software version from DNS: 0.103.7
WARNING: Cool-down expired, ok to try again.
Saved freshclam.dat
Current working dir is /var/db/clamav/
check_for_new_database_version: No local copy of "daily" database.
query_remote_database_version: daily.cvd version from DNS: 26739
daily database available for download (remote version: 26739)
Retrieving https://database.clamav.net/daily.cvd
downloadFile: Download source: https://database.clamav.net/daily.cvd
downloadFile: Download destination:
/var/db/clamav/tmp.165ecb003d/clamav-bd3cfc7a9a3af6e708185426742b891f.tmp
* Trying 104.16.219.84:443...
* Connected to database.clamav.net (104.16.219.84) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
* CAfile: /usr/local/share/certs/ca-root-nss.crt
* CApath: none
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.;
CN=sni.cloudflaressl.com
* start date: Jun 14 00:00:00 2022 GMT
* expire date: Jun 14 23:59:59 2023 GMT
* subjectAltName: host "database.clamav.net" matched cert's
"database.clamav.net"
* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade:
len=0
* h2h3 [:method: GET]
* h2h3 [:path: /daily.cvd]
* h2h3 [:scheme: https]
* h2h3 [:authority: database.clamav.net]
* h2h3 [user-agent: ClamAV/1.0.0 (OS: FreeBSD, ARCH: amd64, CPU: amd64, UUID:
2aeb987e-bdbd-4d28-97a6-e8c686158415)]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x801fd9000)
> GET /daily.cvd HTTP/2
Host: database.clamav.net
user-agent: ClamAV/1.0.0 (OS: FreeBSD, ARCH: amd64, CPU: amd64, UUID:
2aeb987e-bdbd-4d28-97a6-e8c686158415)
accept: */*
connection: close
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 200
< date: Sat, 03 Dec 2022 10:49:48 GMT
< content-type: application/octet-stream
< content-length: 60333814
< last-modified: Sat, 03 Dec 2022 08:16:00 GMT
< etag: "638b05c0-3989ef6"
< expires: Sat, 03 Dec 2022 22:49:48 GMT
< etag: "638b05c0-3989ef6"
[82/1841]
< expires: Sat, 03 Dec 2022 22:49:48 GMT
< cache-control: public, max-age=43200
< cf-cache-status: HIT
< age: 8995
< accept-ranges: bytes
< server-timing: cf-q-config;dur=6.0000020312145e-06
< strict-transport-security: max-age=15552000
< x-content-type-options: nosniff
< server: cloudflare
< cf-ray: 773bbce0ecebbf65-WAW
<
Time: 4.9s, ETA: 0.0s [========================>] 57.54MiB/57.54MiB
* Connection #0 to host database.clamav.net left intact
LibClamAV debug: Initialized 1.0.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 66662314e2576ce0f21b040490bdb5d6
LibClamAV debug: cli_versig: Decoded signature:
00000000000000000000000000000000
LibClamAV debug: cli_versig: Signature doesn't match.
LibClamAV debug: cli_cvdverify: Digital signature verification error
LibClamAV debug: Cleaning up phishcheck
LibClamAV debug: Phishcheck cleaned up
ERROR: Verification: Can't verify database integrity
Trying again in 5 secs...
check_for_new_database_version: No local copy of "daily" database.
query_remote_database_version: daily.cvd version from DNS: 26739
daily database available for download (remote version: 26739)
Retrieving https://database.clamav.net/daily.cvd
downloadFile: Download source: https://database.clamav.net/daily.cvd
downloadFile: Download destination:
/var/db/clamav/tmp.165ecb003d/clamav-71a990e570dd836b8a4a1002be6be9da.tmp
* Trying 104.16.219.84:443...
* Connected to database.clamav.net (104.16.219.84) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
* CAfile: /usr/local/share/certs/ca-root-nss.crt
* CApath: none
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.;
CN=sni.cloudflaressl.com
* start date: Jun 14 00:00:00 2022 GMT
* expire date: Jun 14 23:59:59 2023 GMT
* subjectAltName: host "database.clamav.net" matched cert's
"database.clamav.net"
* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade:
len=0
* h2h3 [:method: GET]
* h2h3 [:path: /daily.cvd]
* h2h3 [:scheme: https]
* h2h3 [:authority: database.clamav.net]
* h2h3 [user-agent: ClamAV/1.0.0 (OS: FreeBSD, ARCH: amd64, CPU: amd64, UUID:
2aeb987e-bdbd-4d28-97a6-e8c686158415)]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x801fd9000)
> GET /daily.cvd HTTP/2
Host: database.clamav.net
user-agent: ClamAV/1.0.0 (OS: FreeBSD, ARCH: amd64, CPU: amd64, UUID:
2aeb987e-bdbd-4d28-97a6-e8c686158415)
accept: */*
connection: close
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 200
< date: Sat, 03 Dec 2022 10:49:59 GMT
< content-type: application/octet-stream
< content-length: 60333814
< last-modified: Sat, 03 Dec 2022 08:16:00 GMT
< etag: "638b05c0-3989ef6"
< expires: Sat, 03 Dec 2022 22:49:59 GMT
< cache-control: public, max-age=43200
< cf-cache-status: HIT
< age: 9006
< accept-ranges: bytes
< server-timing: cf-q-config;dur=6.9999987317715e-06
< strict-transport-security: max-age=15552000
< x-content-type-options: nosniff
< server: cloudflare
< cf-ray: 773bbd1fd9f8fbc6-WAW
<
Time: 4.2s, ETA: 0.0s [========================>] 57.54MiB/57.54MiB
* Connection #0 to host database.clamav.net left intact
LibClamAV debug: Initialized 1.0.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 66662314e2576ce0f21b040490bdb5d6
LibClamAV debug: cli_versig: Decoded signature:
00000000000000000000000000000000
LibClamAV debug: cli_versig: Signature doesn't match.
LibClamAV debug: cli_cvdverify: Digital signature verification error
LibClamAV debug: Cleaning up phishcheck
LibClamAV debug: Phishcheck cleaned up
ERROR: Verification: Can't verify database integrity
Trying again in 5 secs...
check_for_new_database_version: No local copy of "daily" database.
query_remote_database_version: daily.cvd version from DNS: 26739
daily database available for download (remote version: 26739)
Retrieving https://database.clamav.net/daily.cvd
downloadFile: Download source: https://database.clamav.net/daily.cvd
downloadFile: Download destination:
/var/db/clamav/tmp.165ecb003d/clamav-fa17a57360dfb00dfa46cc38c9d74899.tmp
* Trying 104.16.218.84:443...
* Trying 2606:4700::6810:da54:443...
* Immediate connect fail for 2606:4700::6810:da54: No route to host
* Trying 2606:4700::6810:db54:443...
* Immediate connect fail for 2606:4700::6810:db54: No route to host
* Connected to database.clamav.net (104.16.218.84) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
* CAfile: /usr/local/share/certs/ca-root-nss.crt
* CApath: none
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.;
CN=sni.cloudflaressl.com
* start date: Jun 14 00:00:00 2022 GMT
* expire date: Jun 14 23:59:59 2023 GMT
* subjectAltName: host "database.clamav.net" matched cert's
"database.clamav.net"
* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade:
len=0
* h2h3 [:method: GET]
* h2h3 [:path: /daily.cvd]
* h2h3 [:scheme: https]
* h2h3 [:authority: database.clamav.net]
* h2h3 [user-agent: ClamAV/1.0.0 (OS: FreeBSD, ARCH: amd64, CPU: amd64, UUID:
2aeb987e-bdbd-4d28-97a6-e8c686158415)]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x801fd9000)
> GET /daily.cvd HTTP/2
Host: database.clamav.net
user-agent: ClamAV/1.0.0 (OS: FreeBSD, ARCH: amd64, CPU: amd64, UUID:
2aeb987e-bdbd-4d28-97a6-e8c686158415)
accept: */*
connection: close
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 200
< date: Sat, 03 Dec 2022 10:50:09 GMT
< content-type: application/octet-stream
< content-length: 60333814
< last-modified: Sat, 03 Dec 2022 08:16:00 GMT
< etag: "638b05c0-3989ef6"
< expires: Sat, 03 Dec 2022 22:50:09 GMT
< cache-control: public, max-age=43200
< cf-cache-status: HIT
< age: 9016
< accept-ranges: bytes
< server-timing: cf-q-config;dur=5.0000016926788e-06
< strict-transport-security: max-age=15552000
< x-content-type-options: nosniff
< server: cloudflare
< cf-ray: 773bbd61ec01bfad-WAW
<
Time: 6.3s, ETA: 0.0s [========================>] 57.54MiB/57.54MiB
* Connection #0 to host database.clamav.net left intact
LibClamAV debug: Initialized 1.0.0 engine
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = 66662314e2576ce0f21b040490bdb5d6
LibClamAV debug: cli_versig: Decoded signature:
00000000000000000000000000000000
LibClamAV debug: cli_versig: Signature doesn't match.
LibClamAV debug: cli_cvdverify: Digital signature verification error
LibClamAV debug: Cleaning up phishcheck
LibClamAV debug: Phishcheck cleaned up
ERROR: Verification: Can't verify database integrity
Giving up on https://database.clamav.net...
ERROR: Update failed for database: daily
ERROR: Database update process failed: Invalid or corrupted CVD/CLD database
ERROR: Update failed.
--
You are receiving this mail because:
You are the assignee for the bug.