Cvdupdate

➕ CVD-Update can now get the DNS nameserver IP from an environment variable.

Specify the IP address of the nameserver in the environment variable
`CVDUPDATE_NAMESERVER` to ensure said nameserver is used when querying the
TXT record containing the current database definition version available.

Using this environment variable will take precedence over any option specified
in the config file.

Feature courtesy of Philippe Ballandras.

➕ CVD-Update can now accept multiple DNS nameservers from the `nameserver`
config option, or from the `CVDUPDATE_NAMESERVER` environment variable.

To set multiple DNS nameservers, specify the `nameserver` config option or the
`CVDUPDATE_NAMESERVER` environment variable as a comma separated list.

E.g.:
bash
CVDUPDATE_NAMESERVER=1.1.1.1,8.8.8.8 cvd update


Feature courtesy of Michael Callahan.

🐛 In prior versions, CVD-Update would assume that a CVD file exists because it
is listed in the `config.json` "dbs" record. So if you delete that file by
accident and try to update, it would not notice and would instead claim that
it is up-to-date. In this release, CVD-Update will detect that a deleted file
is missing from the database directory and will re-download it.

Fix courtesy of Brent Clark.

🌌 CVD-Update will no longer remove extra files from the database directory
when you run `cvd clean dbs`. It will only remove those file managed by the
CVD-Update tool.

This means that you can now store third-party extra signature databases in the
CVD-Update database directory and CVD-Update will not delete them if you run
the clean command.

Improvement courtesy of Brent Clark.

🌌 CVD-Update now stores the database state information separately from the
configuration information. If you're upgrading from CVD-Update version 1.0.2,
your `config.json` file will be migrated automatatically when you run
`cvd update` to split it into `config.json` + `state.json`.

This change allows you to administrate the CVD-Update config files with a
config management tool.

Improvement courtesy of Bill Sanders.

Special thanks to:
- Bill Sanders
- Brent Clark
- Michael Callahan
- Philippe Ballandras

🐛 Fixed a Python 3.6 compatibility issue in the package version check.

🐛 Fixed a bug where the CVD-Update PyPI package version check prints an
error message on some systems where `pip` doesn't return the available
package versions.

➕ Added a check to make sure that version check for the daily, main, and
bytecode databases are done using DNS when downloading from
`database.clamav.net`.

CVD-Update, like FreshClam, is capable of checking with an HTTP Range request
which only downloads the CVD header to check the version. This doesn't use
much data, but the CDN does not appear to differentiate between whole and
partial downloads for tracking download activity.

The requirement to use DNS for the version check is to reduce CDN costs and
should reduce the chance that the user is rate-limited or blocked by the CDN
for downloading these files too frequently.

➕ Added a PyPI package version check when running `cvd update` to encourage
users to update when there is a new version.

🐛 CVD-Update now requires dnspython version 2.1.0 or newer. This fixes
compatibility issues with older dnspython versions.
Special thanks to Byron Collins for this fix.

🐛 Added explicit timeout for the DNS resolver. This fixes a DNS query issue
on some systems.
Special thanks to Colin Tilley for this fix.

🐛 Fixed a bug when pruning older CDIFFs where the CDIFF files were already
removed by the user.

➕ `cvd update` will now retry up to 3x if the downloaded content length is
less than the content-length in the response header. This is to resolve
issues with flakey connections.

➕ `cvd update` now has a `--debug-mode` (`-D`) option to print out the HTTP
headers to debug issues with the update process.

➕ The update process will now save the DNS TXT record containing version
metadata as `dns.txt` in the database directory so it may be served by the
private mirror.

Some common check scripts (on clients) use `dns.txt` to check if ClamAV is up
to date instead of using DNS or the HTTP CVD-header check.

🌌 CVDUpdate will now have a unique User-Agent: `CVDUPDATE/<version> (<UUID>)`

The UUID is randomly generated, and will help with anonymous usage metrics.

🐛 Fixed a couple issues with the `cvd update <specific database>` option.

Added

➕ Two ways to set a custom DNS nameserver.
DNS queries are required to check the latest available database versions.

1. Set the nameserver in the config. Eg:

bash
cvd config set --nameserver 208.67.222.222
cvd update


2. Set the environment variable `CVDUPDATE_NAMESERVER`. Eg:

bash
CVDUPDATE_NAMESERVER="208.67.222.222" cvd update


🐛 Error handling so `dns update` fails if a DNS query fails.

Acknowledgements

Special thanks to Michael Callahan for adding the custom nameserver feature.