getcvd: Can't download daily.cvd from https://database.clamav.net/daily.cvd despite correct connection to https://database.clamav.net when symlinks are used for configuration and/or database folders
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
clamav (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Ubuntu 21.04
clamav-freshclam: 0.103.0+dfsg-3.1
/etc/clamav/
-------
DatabaseOwner clamav
UpdateLogFile /var/log/
LogVerbose false
LogSyslog false
LogFacility LOG_LOCAL6
LogFileMaxSize 0
LogRotate true
LogTime true
Foreground false
Debug true
MaxAttempts 5
DatabaseDirectory /var/lib/clamav
DNSDatabaseInfo current.
ConnectTimeout 30
ReceiveTimeout 30
TestDatabases yes
ScriptedUpdates yes
CompressLocalDa
SafeBrowsing true
Bytecode true
NotifyClamd /etc/clamav/
# Check for new database 24 times a day
Checks 24
DatabaseMirror db.fr.clamav.net
DatabaseMirror database.clamav.net
Commands executed as root:
# systemctl stop clamav-freshclam
# freshclam --debug --verbose
Sat Mar 20 16:00:21 2021 -> ClamAV update process started at Sat Mar 20 16:00:21 2021
Sat Mar 20 16:00:21 2021 -> *Current working dir is /var/lib/clamav/
Sat Mar 20 16:00:21 2021 -> *Querying current.
Sat Mar 20 16:00:21 2021 -> *TTL: 1623
Sat Mar 20 16:00:21 2021 -> *fc_dns_
Sat Mar 20 16:00:21 2021 -> *Current working dir is /var/lib/clamav/
Sat Mar 20 16:00:21 2021 -> *check_
Sat Mar 20 16:00:21 2021 -> *query_
Sat Mar 20 16:00:21 2021 -> daily database available for download (remote version: 26115)
Sat Mar 20 16:00:21 2021 -> *Retrieving https:/
Sat Mar 20 16:00:21 2021 -> *downloadFile: Download source: https:/
Sat Mar 20 16:00:21 2021 -> *downloadFile: Download destination: /var/lib/
* Trying 104.16.
* Connected to database.clamav.net (104.16.219.84) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* error setting certificate verify locations: CAfile: /etc/ssl/
* Closing connection 0
Sat Mar 20 16:00:21 2021 -> ^Download failed (77) Sat Mar 20 16:00:21 2021 -> ^ Message: Problem with the SSL CA cert (path? access rights?)
Sat Mar 20 16:00:21 2021 -> ^getcvd: Can't download daily.cvd from https:/
Sat Mar 20 16:00:21 2021 -> Trying again in 5 secs...
The alleged "error setting certificate verify locations" is false:
# sudo -u clamav -EH ls -al /etc/ssl/
-rw-r--r-- 1 root root 186336 Mar 15 08:45 /etc/ssl/
# sudo -u clamav -EH ls -al /etc/ssl/certs
total 556
drwxr-xr-x 3 root root 12288 Mar 15 08:45 .
...
Also, it is possible to contact the website as clamav user, meaning there is no CA access issue for that user:
# sudo -u clamav -EH wget https:/
--2021-03-20 16:21:12-- https:/
Resolving database.clamav.net (database.
Connecting to database.clamav.net (database.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html’
index.html [ <=> ] 1.14K --.-KB/s in 0s
2021-03-20 16:21:12 (21.3 MB/s) - ‘index.html’ saved [1166]
# more index.html
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv=
<meta content="15;url=http://
<title>ClamAV database mirror</title>
</head>
<body>
<div style="text-align: center;">
<big>
<img style="width: 125px; height: 102px;" alt="ClamAV logo"
src="/
</big>
<br>
</div>
<br>
<br>
You reached one of ClamAV virus database mirrors: <a
style="font-style: italic;" href="http://
is a round robin record that tries to equally balance the traffic
between all the database mirrors.<br>
For a complete list of our mirrors visit <a
href="http://
<br>
<br>
You'll be redirected to ClamAV home page (<a
href="http://
seconds...<br>
<br>
<br>
<hr style="width: 100%; height: 2px;"><small style="font-weight: bold;">This
mirror is sponsored by </small><br>
<br>
<img alt="Sponsor Logo" src="local_
<br>
</body>
</html>
This is a very strange issue.
Any suggestion on how to debug/workaround that issue?
description: | updated |
summary: |
getcvd: Can't download daily.cvd from https://database.clamav.net/daily.cvd despite correct connection to - https://database.clamav.net + https://database.clamav.net when symlinks are used for configuration + and/or database folders |
There is no such issue on another Ubuntu device with the **exact** same SSL and freshclam configurations and located on the same private network as the failing device sharing the same IP public address.
Is it possible that cloudflare enforces a limit on the number of devices which are allowed to download from https:/ /database. clamav. net/daily. cvd?