@@ -96,7 +96,7 @@ int main(int argc, char **argv)

         struct passwd *user = NULL;

 #endif

 	time_t currtime;

-	struct cl_engine *engine = NULL;

+	struct cl_engine *engine;

 	const char *dbdir, *cfgfile;

 	char *pua_cats = NULL;

 	int ret, tcpsock = 0, localsock = 0, i;

@@ -223,9 +223,6 @@ int main(int argc, char **argv)

     logg_size = cfgopt(copt, "LogFileMaxSize")->numarg;

     logg_verbose = mprintf_verbose = cfgopt(copt, "LogVerbose")->enabled;

-    if(cfgopt(copt, "Debug")->enabled) /* enable debug messages in libclamav */

-	cl_debug();

-

     if((cpt = cfgopt(copt, "LogFile"))->enabled) {

 	char timestr[32];

 	logg_file = cpt->strarg;

@@ -245,6 +242,16 @@ int main(int argc, char **argv)

     } else

 	logg_file = NULL;

+    if((ret = cl_init(CL_INIT_DEFAULT))) {

+	logg("!Can't initialize libclamav: %s\n", cl_strerror(ret));

+	logg_close();

+	freecfg(copt);

+	return 1;

+    }

+

+    if(cfgopt(copt, "Debug")->enabled) /* enable debug messages in libclamav */

+	cl_debug();

+

 #if defined(USE_SYSLOG) && !defined(C_AIX)

     if(cfgopt(copt, "LogSyslog")->enabled) {

 	    int fac = LOG_LOCAL6;

@@ -302,6 +309,13 @@ int main(int argc, char **argv)

     else

 	logg("#Log file size limit disabled.\n");

+    if(!(engine = cl_engine_new(CL_ENGINE_DEFAULT))) {

+	logg("!Can't initialize antivirus engine\n");

+	logg_close();

+	freecfg(copt);

+	return 1;

+    }

+

     /* load the database(s) */

     dbdir = cfgopt(copt, "DatabaseDirectory")->strarg;

     logg("#Reading databases from %s\n", dbdir);

@@ -318,6 +332,7 @@ int main(int argc, char **argv)

 		    logg("!Can't allocate memory for pua_cats\n");

 		    logg_close();

 		    freecfg(copt);

+		    cl_engine_free(engine);

 		    return 1;

 		}

 		logg("# %s", cpt->strarg);

@@ -337,6 +352,7 @@ int main(int argc, char **argv)

 		logg_close();

 		freecfg(copt);

 		free(pua_cats);

+		cl_engine_free(engine);

 		return 1;

 	    }

 	    dboptions |= CL_DB_PUA_INCLUDE;

@@ -361,15 +377,15 @@ int main(int argc, char **argv)

 	}

 	if(pua_cats) {

-	    /* FIXME with the new API */

-	    if((ret = cli_initengine(&engine, dboptions))) {

-		logg("!cli_initengine() failed: %s\n", cl_strerror(ret));

+	    if((ret = cl_engine_set(engine, CL_ENGINE_PUA_CATEGORIES, pua_cats))) {

+		logg("!cli_engine_set(CL_ENGINE_PUA_CATEGORIES) failed: %s\n", cl_strerror(ret));

 		logg_close();

 		freecfg(copt);

 		free(pua_cats);

+		cl_engine_free(engine);

 		return 1;

 	    }

-	    engine->pua_cats = pua_cats;

+	    free(pua_cats);

 	}

     } else {

 	logg("#Not loading PUA signatures.\n");

@@ -395,25 +411,20 @@ int main(int argc, char **argv)

 	logg("#Max A-C depth set to %u\n", cpt->numarg);

     }

-    if((ret = cl_load(dbdir, &engine, &sigs, dboptions))) {

+    if((ret = cl_load(dbdir, engine, &sigs, dboptions))) {

 	logg("!%s\n", cl_strerror(ret));

 	logg_close();

 	freecfg(copt);

-	return 1;

-    }

-

-    if(!engine) {

-	logg("!Database initialization error.\n");

-	logg_close();

-	freecfg(copt);

+	cl_engine_free(engine);

 	return 1;

     }

     logg("#Loaded %u signatures.\n", sigs);

-    if((ret = cl_build(engine)) != 0) {

-	logg("!Database initialization error: %s\n", cl_strerror(ret));;

+    if((ret = cl_engine_compile(engine)) != 0) {

+	logg("!Database initialization error: %s\n", cl_strerror(ret));

 	logg_close();

 	freecfg(copt);

+	cl_engine_free(engine);

 	return 1;

     }

@@ -425,6 +436,7 @@ int main(int argc, char **argv)

 	    logg("!Error at WSAStartup(): %d\n", WSAGetLastError());

 	    logg_close();

 	    freecfg(copt);

+	    cl_engine_free(engine);

 	    return 1;

 	}

 #endif

@@ -432,6 +444,7 @@ int main(int argc, char **argv)

 	if(lsockets[nlsockets] == -1) {

 	    logg_close();

 	    freecfg(copt);

+	    cl_engine_free(engine);

 	    return 1;

 	}

 	nlsockets++;

@@ -444,6 +457,7 @@ int main(int argc, char **argv)

 	    freecfg(copt);

 	    if(tcpsock)

 		closesocket(lsockets[0]);

+	    cl_engine_free(engine);

 	    return 1;

 	}

 	nlsockets++;

@@ -461,6 +475,7 @@ int main(int argc, char **argv)

 	    logg("!daemonize() failed\n");

 	    logg_close();

 	    freecfg(copt);

+	    cl_engine_free(engine);

 	    return 1;

 	}

 #ifdef C_BSD

@@ -175,7 +175,7 @@ void *clamukoth(void *arg)

 		}

 	    }

-	    if(scan && cl_scanfile(acc->filename, &virname, NULL, tharg->engine, tharg->limits, tharg->options) == CL_VIRUS) {

+	    if(scan && cl_scanfile(acc->filename, &virname, NULL, tharg->engine, tharg->options) == CL_VIRUS) {

 		logg("Clamuko: %s: %s FOUND\n", acc->filename, virname);

 		virusaction(acc->filename, virname, tharg->copt);

 		acc->deny = 1;

@@ -82,7 +82,6 @@ struct multi_tag {

     const struct cfgstruct *copt;

     char *fname;

     const struct cl_engine *engine;

-    const struct cl_limits *limits;

 };

 static int checksymlink(const char *path)

@@ -101,7 +100,7 @@ static int checksymlink(const char *path)

     return 0;

 }

-static int dirscan(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, unsigned int type, threadpool_t *multi_pool)

+static int dirscan(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, unsigned int type, threadpool_t *multi_pool)

 {

 	DIR *dd;

 	struct dirent *dent;

@@ -174,7 +173,7 @@ static int dirscan(const char *dirname, const char **virname, unsigned long int

 		    /* stat the file */

 		    if(lstat(fname, &statbuf) != -1) {

 			if((S_ISDIR(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode)) || (S_ISLNK(statbuf.st_mode) && (checksymlink(fname) == 1) && cfgopt(copt, "FollowDirectorySymlinks")->enabled)) {

-			    if(dirscan(fname, virname, scanned, engine, limits, options, copt, odesc, reclev, type, multi_pool) == 1) {

+			    if(dirscan(fname, virname, scanned, engine, options, copt, odesc, reclev, type, multi_pool) == 1) {

 				free(fname);

 				closedir(dd);

 				return 1;

@@ -203,7 +202,6 @@ static int dirscan(const char *dirname, const char **virname, unsigned long int

 					scandata->copt = copt;

 					scandata->fname = fname;

 					scandata->engine = engine;

-					scandata->limits = limits;

 					if(!thrmgr_dispatch(multi_pool, scandata)) {

 					    logg("!thread dispatch failed for multi_pool (file %s)\n", fname);

 					    mdprintf(odesc, "ERROR: Can't scan file %s\n", fname);

@@ -221,7 +219,7 @@ static int dirscan(const char *dirname, const char **virname, unsigned long int

 				    } else { /* CONTSCAN, SCAN */

 					thrmgr_setactivetask(fname, NULL);

-					scanret = cl_scanfile(fname, virname, scanned, engine, limits, options);

+					scanret = cl_scanfile(fname, virname, scanned, engine, options);

 					thrmgr_setactivetask(NULL, NULL);

 					if(scanret == CL_VIRUS) {

@@ -288,7 +286,7 @@ static void multiscanfile(void *arg)

 #endif

     thrmgr_setactivetask(tag->fname, "MULTISCANFILE");

-    ret = cl_scanfile(tag->fname, &virname, NULL, tag->engine, tag->limits, tag->options);

+    ret = cl_scanfile(tag->fname, &virname, NULL, tag->engine, tag->options);

     thrmgr_setactivetask(NULL, NULL);

     if(ret == CL_VIRUS) {

@@ -307,7 +305,7 @@ static void multiscanfile(void *arg)

     return;

 }

-int scan(const char *filename, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt, int odesc, unsigned int type)

+int scan(const char *filename, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt, int odesc, unsigned int type)

 {

 	struct stat sb;

 	int ret = 0;

@@ -355,7 +353,7 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_engin

 #endif

 	    {

 		thrmgr_setactivetask(filename, NULL);

-		ret = cl_scanfile(filename, &virname, scanned, engine, limits, options);

+		ret = cl_scanfile(filename, &virname, scanned, engine, options);

 		thrmgr_setactivetask(NULL, NULL);

 	    }

@@ -384,7 +382,7 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_engin

 		}

 	    }

-	    ret = dirscan(filename, &virname, scanned, engine, limits, options, copt, odesc, &reclev, type, multi_pool);

+	    ret = dirscan(filename, &virname, scanned, engine, options, copt, odesc, &reclev, type, multi_pool);

 	    if(multi_pool)

 		thrmgr_destroy(multi_pool);

@@ -407,7 +405,7 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_engin

  * why it is so nicely formatted.

  */

 int scanfd(const int fd, unsigned long int *scanned,

-    const struct cl_engine *engine, const struct cl_limits *limits,

+    const struct cl_engine *engine,

     unsigned int options, const struct cfgstruct *copt, int odesc)  

 {

 	int ret;

@@ -425,7 +423,7 @@ int scanfd(const int fd, unsigned long int *scanned,

 	snprintf(fdstr, sizeof(fdstr), "fd[%d]", fd);

 	thrmgr_setactivetask(fdstr, NULL);

-	ret = cl_scandesc(fd, &virname, scanned, engine, limits, options);

+	ret = cl_scandesc(fd, &virname, scanned, engine, options);

 	thrmgr_setactivetask(NULL, NULL);

 	if(ret == CL_VIRUS) {

@@ -443,7 +441,7 @@ int scanfd(const int fd, unsigned long int *scanned,

 	return ret;

 }

-int scanstream(int odesc, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt)

+int scanstream(int odesc, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt)

 {

 	int ret, sockfd, acceptd;

 	int tmpd, bread, retval, timeout, btread;

@@ -604,7 +602,7 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_engine *en

     if(retval == 1) {

 	lseek(tmpd, 0, SEEK_SET);

 	thrmgr_setactivetask(peer_addr, NULL);

-	ret = cl_scandesc(tmpd, &virname, scanned, engine, limits, options);

+	ret = cl_scandesc(tmpd, &virname, scanned, engine, options);

 	thrmgr_setactivetask(NULL, NULL);

     } else {

     	ret = -1;

@@ -26,10 +26,10 @@

 #include "libclamav/clamav.h"

 #include "shared/cfgparser.h"

-int scan(const char *filename, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt, int odesc, unsigned int type);

+int scan(const char *filename, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt, int odesc, unsigned int type);

-int scanfd(const int fd, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt, int odesc);

+int scanfd(const int fd, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt, int odesc);

-int scanstream(int odesc, unsigned long int *scanned, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt);

+int scanstream(int odesc, unsigned long int *scanned, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt);

 #endif

@@ -54,6 +54,7 @@

 #include "shared.h"

 #include "libclamav/others.h"

 #include "libclamav/readdb.h"

+#include "libclamav/cltypes.h"

 #ifndef	C_WINDOWS

 #define	closesocket(s)	close(s)

@@ -81,7 +82,6 @@ typedef struct client_conn_tag {

     const struct cfgstruct *copt;

     struct cl_engine *engine;

     time_t engine_timestamp;

-    const struct cl_limits *limits;

     int *socketds;

     int nsockets;

 } client_conn_t;

@@ -114,7 +114,7 @@ static void scanner_thread(void *arg)

     	timeout = -1;

     do {

-    	ret = command(conn->sd, conn->engine, conn->limits, conn->options, conn->copt, timeout);

+    	ret = command(conn->sd, conn->engine, conn->options, conn->copt, timeout);

 	if (ret < 0) {

 		break;

 	}

@@ -161,7 +161,7 @@ static void scanner_thread(void *arg)

     shutdown(conn->sd, 2);

     closesocket(conn->sd);

     thrmgr_setactiveengine(NULL);

-    cl_free(conn->engine);

+    cl_engine_free(conn->engine);

     free(conn);

     return;

 }

@@ -196,8 +196,9 @@ static struct cl_engine *reload_db(struct cl_engine *engine, unsigned int dbopti

 	const char *dbdir;

 	int retval;

 	unsigned int sigs = 0;

-	char *pua_cats = NULL;

+	char pua_cats[128];

+    pua_cats[0] = 0;

     *ret = 0;

     if(do_check) {

 	if(dbstat == NULL) {

@@ -237,45 +238,38 @@ static struct cl_engine *reload_db(struct cl_engine *engine, unsigned int dbopti

     /* release old structure */

     if(engine) {

-	if(engine->pua_cats)

-	    if(!(pua_cats = strdup(engine->pua_cats)))

+	if(dboptions & (CL_DB_PUA_INCLUDE | CL_DB_PUA_EXCLUDE))

+	    if(cl_engine_get(engine, CL_ENGINE_PUA_CATEGORIES, pua_cats))

 		logg("^Can't make a copy of pua_cats\n");

 	thrmgr_setactiveengine(NULL);

-	cl_free(engine);

-	engine = NULL;

+	cl_engine_free(engine);

     }

-    if(pua_cats) {

-	if((retval = cli_initengine(&engine, dboptions))) {

-	    logg("!cli_initengine() failed: %s\n", cl_strerror(retval));

-	    *ret = 1;

-	    free(pua_cats);

-	    return NULL;

-	}

-	engine->pua_cats = pua_cats;

-    }

-

-    if((retval = cl_load(dbdir, &engine, &sigs, dboptions))) {

-	logg("!reload db failed: %s\n", cl_strerror(retval));

+    if(!(engine = cl_engine_new(CL_ENGINE_DEFAULT))) {

+	logg("!Can't initialize antivirus engine\n");

 	*ret = 1;

 	return NULL;

     }

-    if(retval) {

-	logg("!reload db failed: %s\n", cl_strerror(retval));

+    if(strlen(pua_cats)) {

+	if((retval = cl_engine_set(engine, CL_ENGINE_PUA_CATEGORIES, pua_cats)))

+	    logg("!cl_engine_set(CL_ENGINE_PUA_CATEGORIES): %s\n", cl_strerror(retval));

+	cl_engine_free(engine);

 	*ret = 1;

 	return NULL;

     }

-    if(!engine) {

+    if((retval = cl_load(dbdir, engine, &sigs, dboptions))) {

 	logg("!reload db failed: %s\n", cl_strerror(retval));

+	cl_engine_free(engine);

 	*ret = 1;

 	return NULL;

     }

-    if((retval = cl_build(engine)) != 0) {

-	logg("!Database initialization error: can't build engine: %s\n", cl_strerror(retval));

+    if((retval = cl_engine_compile(engine)) != 0) {

+	logg("!Database initialization error: can't compile engine: %s\n", cl_strerror(retval));

+	cl_engine_free(engine);

 	*ret = 1;

 	return NULL;

     }

@@ -297,7 +291,6 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne

 	struct rlimit rlim;

 #endif

 	mode_t old_umask;

-	struct cl_limits limits;

 	client_conn_t *client_conn;

 	const struct cfgstruct *cpt;

 #ifdef HAVE_STRERROR_R

@@ -307,6 +300,8 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne

 	time_t start_time, current_time;

 	pid_t mainpid;

 	int idletimeout;

+	uint32_t val32;

+	uint64_t val64;

 #ifdef CLAMUKO

 	pthread_t clamuko_pid;

@@ -318,73 +313,81 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne

 	memset(&sigact, 0, sizeof(struct sigaction));

 #endif

-    /* save the PID */

-    mainpid = getpid();

-    if((cpt = cfgopt(copt, "PidFile"))->enabled) {

-	    FILE *fd;

-	old_umask = umask(0006);

-	if((fd = fopen(cpt->strarg, "w")) == NULL) {

-	    logg("!Can't save PID in file %s\n", cpt->strarg);

-	} else {

-	    if (fprintf(fd, "%u", (unsigned int) mainpid)<0) {

-	    	logg("!Can't save PID in file %s\n", cpt->strarg);

-	    }

-	    fclose(fd);

+    /* set up limits */

+    if((cpt = cfgopt(copt, "MaxScanSize"))->enabled) {

+	val64 = cpt->numarg;

+	if((ret = cl_engine_set(engine, CL_ENGINE_MAX_SCANSIZE, &val64))) {

+	    logg("!cli_engine_set(CL_ENGINE_MAX_SCANSIZE) failed: %s\n", cl_strerror(ret));

+	    cl_engine_free(engine);

+	    return 1;

 	}

-	umask(old_umask);

     }

-

-    logg("*Listening daemon: PID: %u\n", (unsigned int) mainpid);

-    max_threads = cfgopt(copt, "MaxThreads")->numarg;

-

-

-    memset(&limits, 0, sizeof(struct cl_limits));

-

-    if((limits.maxscansize = cfgopt(copt, "MaxScanSize")->numarg)) {

-    	logg("Limits: Global size limit set to %lu bytes.\n", limits.maxscansize);

-    } else {

+    cl_engine_get(engine, CL_ENGINE_MAX_SCANSIZE, &val64);

+    if(val64)

+    	logg("Limits: Global size limit set to %llu bytes.\n", (unsigned long long) val64);

+    else

     	logg("^Limits: Global size limit protection disabled.\n");

-    }

-    if((limits.maxfilesize = cfgopt(copt, "MaxFileSize")->numarg)) {

-    	logg("Limits: File size limit set to %lu bytes.\n", limits.maxfilesize);

-    } else {

-	logg("^Limits: File size limit protection disabled.\n");

+    if((cpt = cfgopt(copt, "MaxFileSize"))->enabled) {

+	val64 = cpt->numarg;

+	if((ret = cl_engine_set(engine, CL_ENGINE_MAX_FILESIZE, &val64))) {

+	    logg("!cli_engine_set(CL_ENGINE_MAX_FILESIZE) failed: %s\n", cl_strerror(ret));

+	    cl_engine_free(engine);

+	    return 1;

+	}

     }

+    cl_engine_get(engine, CL_ENGINE_MAX_FILESIZE, &val64);

+    if(val64)

+    	logg("Limits: File size limit set to %llu bytes.\n", (unsigned long long) val64);

+    else

+    	logg("^Limits: File size limit protection disabled.\n");

 #ifndef C_WINDOWS

     if(getrlimit(RLIMIT_FSIZE, &rlim) == 0) {

-	if((rlim.rlim_max < limits.maxfilesize) || (rlim.rlim_max < limits.maxscansize))

-	    logg("^System limit for file size is lower than maxfilesize or maxscansize\n");

+	cl_engine_get(engine, CL_ENGINE_MAX_FILESIZE, &val64);

+	if(rlim.rlim_max < val64)

+	    logg("^System limit for file size is lower than engine->maxfilesize\n");

+	cl_engine_get(engine, CL_ENGINE_MAX_SCANSIZE, &val64);

+	if(rlim.rlim_max < val64)

+	    logg("^System limit for file size is lower than engine->maxscansize\n");

     } else {

 	logg("^Cannot obtain resource limits for file size\n");

     }

 #endif

-    if((limits.maxreclevel = cfgopt(copt, "MaxRecursion")->numarg)) {

-        logg("Limits: Recursion level limit set to %u.\n", limits.maxreclevel);

-    } else {

-        logg("^Limits: Recursion level limit protection disabled.\n");

+    if((cpt = cfgopt(copt, "MaxRecursion"))->enabled) {

+	val32 = cpt->numarg;

+	if((ret = cl_engine_set(engine, CL_ENGINE_MAX_RECURSION, &val32))) {

+	    logg("!cli_engine_set(CL_ENGINE_MAX_RECURSION) failed: %s\n", cl_strerror(ret));

+	    cl_engine_free(engine);

+	    return 1;

+	}

     }

-

-    if((limits.maxfiles = cfgopt(copt, "MaxFiles")->numarg)) {

-        logg("Limits: Files limit set to %u.\n", limits.maxfiles);

-    } else {

-        logg("^Limits: Files limit protection disabled.\n");

+    cl_engine_get(engine, CL_ENGINE_MAX_RECURSION, &val32);

+    if(val32)

+    	logg("Limits: Recursion level limit set to %u.\n", (unsigned int) val32);

+    else

+    	logg("^Limits: Recursion level limit protection disabled.\n");

+

+    if((cpt = cfgopt(copt, "MaxFiles"))->enabled) {

+	val32 = cpt->numarg;

+	if((ret = cl_engine_set(engine, CL_ENGINE_MAX_FILES, &val32))) {

+	    logg("!cli_engine_set(CL_ENGINE_MAX_FILES) failed: %s\n", cl_strerror(ret));

+	    cl_engine_free(engine);

+	    return 1;

+	}

     }

+    cl_engine_get(engine, CL_ENGINE_MAX_FILES, &val32);

+    if(val32)

+    	logg("Limits: Files limit set to %u.\n", (unsigned int) val32);

+    else

+    	logg("^Limits: Files limit protection disabled.\n");

-    if(cfgopt(copt, "ScanArchive")->enabled) {

+    if(cfgopt(copt, "ScanArchive")->enabled) {

 	logg("Archive support enabled.\n");

 	options |= CL_SCAN_ARCHIVE;

-	if(cfgopt(copt, "ArchiveLimitMemoryUsage")->enabled) {

-	    limits.archivememlim = 1;

-	    logg("Archive: Limited memory usage.\n");

-	} else {

-	    limits.archivememlim = 0;

-	}

-

 	if(cfgopt(copt, "ArchiveBlockEncrypted")->enabled) {

 	    logg("Archive: Blocking encrypted archives.\n");

 	    options |= CL_SCAN_BLOCKENCRYPTED;

@@ -482,11 +485,27 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne

     if(cfgopt(copt, "StructuredDataDetection")->enabled) {

         options |= CL_SCAN_STRUCTURED;

-        limits.min_cc_count = cfgopt(copt, "StructuredMinCreditCardCount")->numarg;

-        logg("Structured: Minimum Credit Card Number Count set to %u\n", limits.min_cc_count);

-

-        limits.min_ssn_count = cfgopt(copt, "StructuredMinSSNCount")->numarg;

-        logg("Structured: Minimum Social Security Number Count set to %u\n", limits.min_ssn_count);

+	if((cpt = cfgopt(copt, "StructuredMinCreditCardCount"))->enabled) {

+	    val32 = cpt->numarg;

+	    if((ret = cl_engine_set(engine, CL_ENGINE_MIN_CC_COUNT, &val32))) {

+		logg("!cli_engine_set(CL_ENGINE_MIN_CC_COUNT) failed: %s\n", cl_strerror(ret));

+		cl_engine_free(engine);

+		return 1;

+	    }

+	}

+	cl_engine_get(engine, CL_ENGINE_MIN_CC_COUNT, &val32);

+	logg("Structured: Minimum Credit Card Number Count set to %u\n", (unsigned int) val32);

+

+	if((cpt = cfgopt(copt, "StructuredMinSSNCount"))->enabled) {

+	    val32 = cpt->numarg;

+	    if((ret = cl_engine_set(engine, CL_ENGINE_MIN_SSN_COUNT, &val32))) {

+		logg("!cli_engine_set(CL_ENGINE_MIN_SSN_COUNT) failed: %s\n", cl_strerror(ret));

+		cl_engine_free(engine);

+		return 1;

+	    }

+	}

+	cl_engine_get(engine, CL_ENGINE_MIN_SSN_COUNT, &val32);

+        logg("Structured: Minimum Social Security Number Count set to %u\n", (unsigned int) val32);

         if(cfgopt(copt, "StructuredSSNFormatNormal")->enabled)

             options |= CL_SCAN_STRUCTURED_SSN_NORMAL;

@@ -502,6 +521,25 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne

 	logg("Self checking every %u seconds.\n", selfchk);

     }

+    /* save the PID */

+    mainpid = getpid();

+    if((cpt = cfgopt(copt, "PidFile"))->enabled) {

+	    FILE *fd;

+	old_umask = umask(0006);

+	if((fd = fopen(cpt->strarg, "w")) == NULL) {

+	    logg("!Can't save PID in file %s\n", cpt->strarg);

+	} else {

+	    if (fprintf(fd, "%u", (unsigned int) mainpid)<0) {

+	    	logg("!Can't save PID in file %s\n", cpt->strarg);

+	    }

+	    fclose(fd);

+	}

+	umask(old_umask);

+    }

+

+    logg("*Listening daemon: PID: %u\n", (unsigned int) mainpid);

+    max_threads = cfgopt(copt, "MaxThreads")->numarg;

+

     if(cfgopt(copt, "ClamukoScanOnAccess")->enabled)

 #ifdef CLAMUKO

     {

@@ -511,7 +549,6 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne

 	    if(!(tharg = (struct thrarg *) malloc(sizeof(struct thrarg)))) break;

 	    tharg->copt = copt;

 	    tharg->engine = engine;

-	    tharg->limits = &limits;

 	    tharg->options = options;

 	    if(!pthread_create(&clamuko_pid, &clamuko_attr, clamukoth, tharg)) break;

 	    free(tharg);

@@ -625,9 +662,8 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne

 		    client_conn->sd = new_sd;

 		    client_conn->options = options;

 		    client_conn->copt = copt;

-		    client_conn->engine = cl_dup(engine);

+		    client_conn->engine = cl_engine_dup(engine);

 		    client_conn->engine_timestamp = reloaded_time;

-		    client_conn->limits = &limits;

 		    client_conn->socketds = socketds;

 		    client_conn->nsockets = nsockets;

 		    if(!thrmgr_dispatch(thr_pool, client_conn)) {

@@ -717,7 +753,7 @@ int acceptloop_th(int *socketds, int nsockets, struct cl_engine *engine, unsigne

 #endif

     if(engine) {

 	thrmgr_setactiveengine(NULL);

-	cl_free(engine);

+	cl_engine_free(engine);

     }

     if(dbstat)

@@ -68,7 +68,7 @@

 #include "thrmgr.h"

 #ifdef HAVE_FD_PASSING

-static int recvfd_and_scan(int desc, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt)

+static int recvfd_and_scan(int desc, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt)

 {

 	struct msghdr msg;

 	struct cmsghdr *cmsg;

@@ -99,7 +99,7 @@ static int recvfd_and_scan(int desc, const struct cl_engine *engine, const struc

 		    cmsg->cmsg_level == SOL_SOCKET &&

 		    cmsg->cmsg_type == SCM_RIGHTS) {

 			int fd = *(int *)CMSG_DATA(cmsg);

-			ret = scanfd(fd, NULL, engine, limits, options, copt, desc);

+			ret = scanfd(fd, NULL, engine, options, copt, desc);

 			close(fd);

 		}

 	}

@@ -107,14 +107,14 @@ static int recvfd_and_scan(int desc, const struct cl_engine *engine, const struc

 }

 #else

-static int recvfd_and_scan(int desc, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt)

+static int recvfd_and_scan(int desc, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt)

 {

 	mdprintf(desc, "ERROR: FILDES support not compiled in\n");

 	return -1;

 }

 #endif

-int command(int desc, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt, int timeout)

+int command(int desc, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt, int timeout)

 {

 	char buff[1025];

 	int bread;

@@ -136,7 +136,7 @@ int command(int desc, const struct cl_engine *engine, const struct cl_limits *li

     if(!strncmp(buff, CMD1, strlen(CMD1))) { /* SCAN */

 	thrmgr_setactivetask(NULL, CMD1);

-	if(scan(buff + strlen(CMD1) + 1, NULL, engine, limits, options, copt, desc, TYPE_SCAN) == -2)

+	if(scan(buff + strlen(CMD1) + 1, NULL, engine, options, copt, desc, TYPE_SCAN) == -2)

 	    if(cfgopt(copt, "ExitOnOOM")->enabled)

 		return COMMAND_SHUTDOWN;

@@ -159,24 +159,28 @@ int command(int desc, const struct cl_engine *engine, const struct cl_limits *li

     } else if(!strncmp(buff, CMD6, strlen(CMD6))) { /* CONTSCAN */

 	thrmgr_setactivetask(NULL, CMD6);

-	if(scan(buff + strlen(CMD6) + 1, NULL, engine, limits, options, copt, desc, TYPE_CONTSCAN) == -2)

+	if(scan(buff + strlen(CMD6) + 1, NULL, engine, options, copt, desc, TYPE_CONTSCAN) == -2)

 	    if(cfgopt(copt, "ExitOnOOM")->enabled)

 		return COMMAND_SHUTDOWN;

     } else if(!strncmp(buff, CMD7, strlen(CMD7))) { /* VERSION */

+	    uint32_t ver;

+

 	thrmgr_setactivetask(NULL, CMD7);

-	if(engine->dbversion[0]) {

+	cl_engine_get(engine, CL_ENGINE_DB_VERSION, &ver);

+	if(ver) {

 		char timestr[32];

-		time_t t = (time_t) engine->dbversion[1];

+		time_t t;

-	    mdprintf(desc, "ClamAV %s/%d/%s", get_version(), engine->dbversion[0], cli_ctime(&t, timestr, sizeof(timestr)));

+	    cl_engine_get(engine, CL_ENGINE_DB_TIME, &t);

+	    mdprintf(desc, "ClamAV %s/%u/%s", get_version(), (unsigned int) ver, cli_ctime(&t, timestr, sizeof(timestr)));

 	} else {

 	    mdprintf(desc, "ClamAV %s\n", get_version());

 	}

     } else if(!strncmp(buff, CMD8, strlen(CMD8))) { /* STREAM */

 	thrmgr_setactivetask(NULL, CMD8);

-	if(scanstream(desc, NULL, engine, limits, options, copt) == CL_EMEM)

+	if(scanstream(desc, NULL, engine, options, copt) == CL_EMEM)

 	    if(cfgopt(copt, "ExitOnOOM")->enabled)

 		return COMMAND_SHUTDOWN;

@@ -194,13 +198,13 @@ int command(int desc, const struct cl_engine *engine, const struct cl_limits *li

     } else if(!strncmp(buff, CMD13, strlen(CMD13))) { /* MULTISCAN */

 	thrmgr_setactivetask(buff+strlen(CMD13)+1, CMD13);

-	if(scan(buff + strlen(CMD13) + 1, NULL, engine, limits, options, copt, desc, TYPE_MULTISCAN) == -2)

+	if(scan(buff + strlen(CMD13) + 1, NULL, engine, options, copt, desc, TYPE_MULTISCAN) == -2)

 	    if(cfgopt(copt, "ExitOnOOM")->enabled)

 		return COMMAND_SHUTDOWN;

     } else if(!strncmp(buff, CMD14, strlen(CMD14))) { /* FILDES */

 	thrmgr_setactivetask(NULL, CMD14);

-	if(recvfd_and_scan(desc, engine, limits, options, copt) == -2)

+	if(recvfd_and_scan(desc, engine, options, copt) == -2)

 	    if(cfgopt(copt, "ExitOnOOM")->enabled)

 		return COMMAND_SHUTDOWN;

     } else if(!strncmp(buff, CMD15, strlen(CMD15))) { /* STATS */

@@ -43,6 +43,6 @@

 #include "libclamav/clamav.h"

 #include "shared/cfgparser.h"

-int command(int desc, const struct cl_engine *engine, const struct cl_limits *limits, unsigned int options, const struct cfgstruct *copt, int timeout);

+int command(int desc, const struct cl_engine *engine, unsigned int options, const struct cfgstruct *copt, int timeout);

 #endif

@@ -60,6 +60,7 @@

 #include "libclamav/matcher-ac.h"

 #include "libclamav/str.h"

 #include "libclamav/readdb.h"

+#include "libclamav/cltypes.h"

 #ifdef C_LINUX

 dev_t procdev;

@@ -76,7 +77,7 @@ dev_t procdev;

 static void move_infected(const char *filename, const struct optstruct *opt);

-static int scanfile(const char *filename, struct cl_engine *engine, const struct optstruct *opt, const struct cl_limits *limits, unsigned int options)

+static int scanfile(const char *filename, struct cl_engine *engine, const struct optstruct *opt, unsigned int options)

 {

 	int ret = 0, fd, included, printclean = 1;

 	const struct optnode *optnode;

@@ -149,7 +150,7 @@ static int scanfile(const char *filename, struct cl_engine *engine, const struct

     info.files++;

-    if((ret = cl_scandesc(fd, &virname, &info.blocks, engine, limits, options)) == CL_VIRUS) {

+    if((ret = cl_scandesc(fd, &virname, &info.blocks, engine, options)) == CL_VIRUS) {

 	logg("~%s: %s FOUND\n", filename, virname);

 	info.ifiles++;

@@ -180,7 +181,7 @@ static int scanfile(const char *filename, struct cl_engine *engine, const struct

     return ret;

 }

-static int scandirs(const char *dirname, struct cl_engine *engine, const struct optstruct *opt, const struct cl_limits *limits, unsigned int options, unsigned int depth)

+static int scandirs(const char *dirname, struct cl_engine *engine, const struct optstruct *opt, unsigned int options, unsigned int depth)

 {

 	DIR *dd;

 	struct dirent *dent;

@@ -250,11 +251,11 @@ static int scandirs(const char *dirname, struct cl_engine *engine, const struct

 		    /* stat the file */

 		    if(lstat(fname, &statbuf) != -1) {

 			if(S_ISDIR(statbuf.st_mode) && !S_ISLNK(statbuf.st_mode) && recursion) {

-			    if(scandirs(fname, engine, opt, limits, options, depth) == 1)

+			    if(scandirs(fname, engine, opt, options, depth) == 1)

 				scanret++;

 			} else {

 			    if(S_ISREG(statbuf.st_mode))

-				scanret += scanfile(fname, engine, opt, limits, options);

+				scanret += scanfile(fname, engine, opt, options);

 			}

 		    }

 		    free(fname);

@@ -277,7 +278,7 @@ static int scandirs(const char *dirname, struct cl_engine *engine, const struct

 }

-static int scanstdin(const struct cl_engine *engine, const struct cl_limits *limits, int options)

+static int scanstdin(const struct cl_engine *engine, int options)

 {

 	int ret;

 	const char *virname, *tmpdir;

@@ -321,7 +322,7 @@ static int scanstdin(const struct cl_engine *engine, const struct cl_limits *lim

     logg("*Checking %s\n", file);

     info.files++;

-    if((ret = cl_scanfile(file, &virname, &info.blocks, engine, limits, options)) == CL_VIRUS) {

+    if((ret = cl_scanfile(file, &virname, &info.blocks, engine, options)) == CL_VIRUS) {

 	logg("stdin: %s FOUND\n", virname);

 	info.ifiles++;

@@ -345,15 +346,15 @@ int scanmanager(const struct optstruct *opt)

 	mode_t fmode;

 	int ret = 0, fmodeint, i, x;

 	unsigned int options = 0, dboptions = 0;

-	struct cl_engine *engine = NULL;

-	struct cl_limits limits;

+	struct cl_engine *engine;

 	struct stat sb;

 	char *file, cwd[1024], *pua_cats = NULL, *argument;

 	const struct optnode *optnode;

 #ifndef C_WINDOWS

 	struct rlimit rlim;

 #endif

-

+	uint64_t val64;

+	uint32_t val32;

     if(!opt_check(opt, "no-phishing-sigs"))

 	dboptions |= CL_DB_PHISHING;

@@ -376,6 +377,16 @@ int scanmanager(const struct optstruct *opt)

     if(opt_check(opt, "dev-ac-depth"))

 	cli_ac_setdepth(AC_DEFAULT_MIN_DEPTH, atoi(opt_arg(opt, "dev-ac-depth")));

+    if((ret = cl_init(CL_INIT_DEFAULT))) {

+	logg("!Can't initialize libclamav: %s\n", cl_strerror(ret));

+	return 50;

+    }

+

+    if(!(engine = cl_engine_new(CL_ENGINE_DEFAULT))) {

+	logg("!Can't initialize antivirus engine\n");

+	return 50;

+    }

+

     if(opt_check(opt, "detect-pua")) {

 	dboptions |= CL_DB_PUA;

@@ -386,6 +397,7 @@ int scanmanager(const struct optstruct *opt)

 	    while(argument) {

 		if(!(pua_cats = realloc(pua_cats, i + strlen(argument) + 3))) {

 		    logg("!Can't allocate memory for pua_cats\n");

+		    cl_engine_free(engine);

 		    return 70;

 		}

 		sprintf(pua_cats + i, ".%s", argument);

@@ -400,6 +412,7 @@ int scanmanager(const struct optstruct *opt)

 	if(opt_check(opt, "include-pua")) {

 	    if(pua_cats) {

 		logg("!--exclude-pua and --include-pua cannot be used at the same time\n");

+		cl_engine_free(engine);

 		free(pua_cats);

 		return 40;

 	    }

@@ -421,45 +434,42 @@ int scanmanager(const struct optstruct *opt)

 	}

 	if(pua_cats) {

-	    /* FIXME with the new API */

-	    if((ret = cli_initengine(&engine, dboptions))) {

-		logg("!cli_initengine() failed: %s\n", cl_strerror(ret));

+	    if((ret = cl_engine_set(engine, CL_ENGINE_PUA_CATEGORIES, pua_cats))) {

+		logg("!cli_engine_set(CL_ENGINE_PUA_CATEGORIES) failed: %s\n", cl_strerror(ret));

 		free(pua_cats);

+		cl_engine_free(engine);

 		return 50;

 	    }

-	    engine->pua_cats = pua_cats;

+	    free(pua_cats);

 	}

     }

     if(opt_check(opt, "database")) {

-	if((ret = cl_load(opt_arg(opt, "database"), &engine, &info.sigs, dboptions))) {

+	if((ret = cl_load(opt_arg(opt, "database"), engine, &info.sigs, dboptions))) {

 	    logg("!%s\n", cl_strerror(ret));

+	    cl_engine_free(engine);

 	    return 50;

 	}

     } else {

 	    char *dbdir = freshdbdir();

-	if((ret = cl_load(dbdir, &engine, &info.sigs, dboptions))) {

+	if((ret = cl_load(dbdir, engine, &info.sigs, dboptions))) {

 	    logg("!%s\n", cl_strerror(ret));

 	    free(dbdir);

+	    cl_engine_free(engine);

 	    return 50;

 	}

 	free(dbdir);

     }

-    if(!engine) {

-	logg("!Can't initialize the virus database\n");

-	return 50;

-    }

-

-    if((ret = cl_build(engine)) != 0) {

+    if((ret = cl_engine_compile(engine)) != 0) {

 	logg("!Database initialization error: %s\n", cl_strerror(ret));;

+	cl_engine_free(engine);