eCAP

eClamav cannot initialize and crashes Squid repeatedly

Bug #1426094 reported by Yuri on 2015-02-26

This bug report is a duplicate of: Bug #1025567: ecap_clamav_adapter-0.2.1 - Segment Violation when loading. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	eCAP	New	Undecided	Unassigned

Bug Description

Squid 2.4.12 built with 64 bit on Solaris 10 kernel 150401-16 x86_64.
ClamAV 0.98.6 also built with 64 bit.
libecap 0.2.0 built with 64 bit.
ecap_clamav_adapter 0.2.1 also built with 64 bit.

This is production environment used 24x7 over 4 years.

eClamav cannot initialize and crashes Squid repeatedly with following error:

2015/02/26 17:45:40 kid1| Loading Squid module from
'/usr/local/lib/ecap_adapter_gzip.so'
2015/02/26 17:45:40 kid1| Loading Squid module from
'/usr/local/lib/ecap_clamav_adapter.so'
2015/02/26 17:45:40 kid1| Squid plugin modules loaded: 2
2015/02/26 17:45:40 kid1| Adaptation support is on
2015/02/26 17:45:40 kid1| Starting eCAP service:
ecap://www.vigos.com/ecap_gzip
2015/02/26 17:45:40 kid1| eClamAV: Initializing ClamAV engine #1.
FATAL: Received Segment Violation...dying.
2015/02/26 17:45:40 kid1| Closing HTTP port [::]:3127
2015/02/26 17:45:40 kid1| Closing HTTP port [::]:3128
2015/02/26 17:45:40 kid1| Closing HTTPS port [::]:3129
2015/02/26 17:45:40 kid1| Stop receiving ICP on [::]:3130
2015/02/26 17:45:40 kid1| assertion failed: icp_v2.cc:780:
"Comm::IsConnOpen(icpOutgoingConn)"

Note: core not produced - suid operations disabled die to security reasons.

Squid is compiled with 64 bit, ClamAV compiled with 64 bit, libecap
compiled with 64 bit, clamav ecap adapter compiled with 64 bit.

Squid config fragment related to ecap is:

ecap_enable on
acl HTTP_STATUS_OK http_status 200

loadable_modules /usr/local/lib/ecap_clamav_adapter.so
ecap_service clamav_service_req reqmod_precache
uri=ecap://e-cap.org/ecap/services/clamav?mode=REQMOD bypass=off
ecap_service clamav_service_resp respmod_precache
uri=ecap://e-cap.org/ecap/services/clamav?mode=RESPMOD bypass=on
adaptation_access clamav_service_req allow HTTP_STATUS_OK
adaptation_access clamav_service_resp allow all

Looks like ok.

All runtime 64-bit libraries is available for linker:

root @ cthulhu /patch # crle -64

Configuration file [version 4]: /var/ld/64/ld.config
  Platform: 64-bit LSB AMD64
  Default Library Path (ELF):
/lib/64:/usr/lib/64:/opt/csw/lib/64:/usr/sfw/lib/64
  Trusted Directories (ELF): /lib/secure/64:/usr/lib/secure/64
(system default)

Command line:
crle -64 -c /var/ld/64/ld.config -l
/lib/64:/usr/lib/64:/opt/csw/lib/64:/usr/sfw/lib/64

Installation prefix for all ecap related modules is /usr/local.

libecap successfully used on this installation with GZip adapter 1.3.0 and works perfectly.

When I comment out ecap_clamav_adapter lines in Squid.conf, all works perfectly.

We plan to replace c-icap + squidclamav AV checking framework with eCAP due to latency issues.

Need to solve problem.

Thank you.

Revision history for this message

Yuri (yvoinov) wrote on 2015-02-26:

Is ecal_clamav_adapter 1.0.0 compatible with libecap 0.2.0? Now I use Squid 3.4.12 because 3.5.x branch still not completely support SSL bump in interception mode, so I forced to use libecap 0.2.0.

Revision history for this message

Alex Rousskov (rousskov) wrote on 2015-02-26:

No, eCAP ClamAV adapter v1.0.0 requires libecap v1.0.0 for its support of asynchronous adapters.

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1025567 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.