diff --git a/clamscan/manager.c b/clamscan/manager.c
@@ -68,11 +68,6 @@
 dev_t procdev;
 #endif
 
-char hostid[37];
-
-int is_valid_hostid(void);
-char *get_hostid(void *cbdata);
-
 #ifdef _WIN32
 /* FIXME: If possible, handle users correctly */
 static int checkaccess(const char *path, const char *username, int mode)
@@ -1239,39 +1234,3 @@ int scanmanager(const struct optstruct *opts)
 
     return ret;
 }
-
-int is_valid_hostid(void)
-{
-    int count, i;
-
-    if (strlen(hostid) != 36)
-        return 0;
-
-    count = 0;
-    for (i = 0; i < 36; i++)
-        if (hostid[i] == '-')
-            count++;
-
-    if (count != 4)
-        return 0;
-
-    if (hostid[8] != '-' || hostid[13] != '-' || hostid[18] != '-' || hostid[23] != '-')
-        return 0;
-
-    return 1;
-}
-
-char *get_hostid(void *cbdata)
-{
-    UNUSEDPARAM(cbdata);
-
-    if (!strcmp(hostid, "none"))
-        return NULL;
-
-    if (!is_valid_hostid())
-        return strdup(STATS_ANON_UUID);
-
-    logg("HostID is valid: %s\n", hostid);
-
-    return strdup(hostid);
-}
diff --git a/clamsubmit/Makefile.in b/clamsubmit/Makefile.in
@@ -171,7 +171,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -295,6 +294,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -358,6 +360,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@

diff --git a/clamsubmit/clamsubmit.c b/clamsubmit/clamsubmit.c
@@ -1,8 +1,15 @@
 #include <stdio.h>
 #include <stdlib.h>
+#if HAVE_UNISTD_H
 #include <unistd.h>
+#endif
 #include <string.h>
 
+#ifdef _WIN32
+#include <Windows.h>
+#include <wincrypt.h>
+#endif
+
 #include <curl/curl.h>
 
 #include "libclamav/clamav.h"
@@ -27,14 +34,16 @@ typedef struct _write_data {
     char *str;
 } write_data;
 
+int g_debug = 0;
+
 void usage(char *name)
 {
     printf("\n");
-    printf("                       Clam AntiVirus: Monitoring Tool %s\n", get_version());
+    printf("                       Clam AntiVirus: Malware and False Positive Reporting Tool %s\n", get_version());
     printf("           By The ClamAV Team: https://www.clamav.net/about.html#credits\n");
     printf("           (C) 2019 Cisco Systems, Inc.\n");
     printf("\n");
-    printf("    %s -hHinpVv?\n", name);
+    printf("    %s -hHinpVvd?\n", name);
     printf("\n");
     printf("    -h or -?                  Show this help\n");
     printf("    -v                        Show version\n");
@@ -43,6 +52,7 @@ void usage(char *name)
     printf("    -N [NAME]                 Your name contained in quotation marks (required)\n");
     printf("    -p [FILE/-]               Submit a false positive (FP)\n");
     printf("    -V [VIRUS]                Detected virus name (required with -p)\n");
+    printf("    -d                        Enable debug output\n");
     printf("\n");
     printf("You must specify -n or -p. Both are mutually exclusive. Pass in - as the filename for stdin.\n\n");
     exit(0);
@@ -110,7 +120,7 @@ size_t write_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
 
 /**
  * @brief Parse a value from a JSON object, given a key.
- * 
+ *
  * @param ps_json_obj   The JSON object
  * @param key           The Key
  * @return const char*  The Value on Success, NULL on Failure.
@@ -131,6 +141,96 @@ const char *presigned_get_string(json_object *ps_json_obj, char *key)
     return json_str;
 }
 
+#ifdef _WIN32
+CURLcode sslctx_function(CURL *curl, void *ssl_ctx, void *userptr)
+{
+    CURLcode status = CURLE_BAD_FUNCTION_ARGUMENT;
+
+    uint32_t numCertificatesFound = 0;
+
+    HCERTSTORE hStore              = NULL;
+    PCCERT_CONTEXT pWinCertContext = NULL;
+    X509 *x509                     = NULL;
+    X509_STORE *store              = SSL_CTX_get_cert_store((SSL_CTX *)ssl_ctx);
+
+    hStore = CertOpenSystemStoreA(NULL, "ROOT");
+
+    if (NULL == hStore) {
+        fprintf(stderr, "ERROR: Failed to open system certificate store.\n");
+        goto done;
+    }
+
+    while (NULL != (pWinCertContext = CertEnumCertificatesInStore(hStore, pWinCertContext))) {
+        int addCertResult                 = 0;
+        const unsigned char *encoded_cert = pWinCertContext->pbCertEncoded;
+
+        x509 = NULL;
+        x509 = d2i_X509(NULL, &encoded_cert, pWinCertContext->cbCertEncoded);
+        if (NULL == x509) {
+            fprintf(stderr, "ERROR: Failed to convert system certificate to x509.\n");
+            continue;
+        }
+
+        addCertResult = X509_STORE_add_cert(store, x509);
+        if (1 != addCertResult) {
+            fprintf(stderr, "ERROR: Failed to add x509 certificate to openssl certificate store.\n");
+            continue;
+        }
+
+        if (g_debug) {
+            char *issuer     = NULL;
+            size_t issuerLen = 0;
+            issuerLen        = CertGetNameStringA(pWinCertContext, CERT_NAME_FRIENDLY_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, NULL, 0);
+
+            issuer = cli_malloc(issuerLen);
+            if (NULL == issuer) {
+                fprintf(stderr, "ERROR: Failed to allocate memory for certificate name.\n");
+                status = CURLE_OUT_OF_MEMORY;
+                goto done;
+            }
+
+            if (0 == CertGetNameStringA(pWinCertContext, CERT_NAME_FRIENDLY_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, issuer, issuerLen)) {
+                fprintf(stderr, "ERROR: Failed to get friendly display name for certificate.\n");
+            } else {
+                fprintf(stdout, "Certificate loaded from Windows certificate store: %s\n", issuer);
+            }
+
+            free(issuer);
+        }
+
+        numCertificatesFound++;
+        X509_free(x509);
+    }
+
+    DWORD lastError = GetLastError();
+    switch (lastError) {
+        case E_INVALIDARG:
+            fprintf(stderr, "ERROR: The handle in the hCertStore parameter is not the same as that in the certificate context pointed to by pPrevCertContext.\n");
+            break;
+        case CRYPT_E_NOT_FOUND:
+        case ERROR_NO_MORE_FILES:
+            if (0 == numCertificatesFound) {
+                fprintf(stderr, "ERROR: No certificates were found.\n");
+            }
+            break;
+        default:
+            fprintf(stderr, "ERROR: Unexpected error code from CertEnumCertificatesInStore()\n");
+    }
+
+done:
+
+    if (NULL != pWinCertContext) {
+        CertFreeCertificateContext(pWinCertContext);
+    }
+    if (NULL != hStore) {
+        CertCloseStore(hStore, 0);
+    }
+
+    status = CURLE_OK;
+    return status;
+}
+#endif
+
 int main(int argc, char *argv[])
 {
     int status      = 1;
@@ -146,7 +246,6 @@ int main(int argc, char *argv[])
     header_data hd_malware   = {0, NULL, NULL};
     header_data hd_presigned = {0, NULL, NULL};
     json_object *ps_json_obj = NULL;
-    json_object *json_obj    = NULL;
     int malware              = 0;
     int len                  = 0;
     char *submissionID       = NULL;
@@ -188,6 +287,9 @@ int main(int argc, char *argv[])
             case 'V':
                 fpvname = optarg;
                 break;
+            case 'd':
+                g_debug = 1;
+                break;
             case 'h':
             case '?':
             default:
@@ -211,6 +313,12 @@ int main(int argc, char *argv[])
         fromStream = 1;
     }
 
+#ifdef _WIN32
+    if (CURLE_OK != curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function)) {
+        fprintf(stderr, "ERROR: Failed to set SSL CTX function!\n");
+    }
+#endif
+
     /*** The GET malware|fp ***/
     if (malware == 1)
         urlp = "https://www.clamav.net/reports/malware";
@@ -485,7 +593,7 @@ int main(int argc, char *argv[])
     }
 
 cleanup:
-    /* 
+    /*
      * Cleanup
      */
     if (slist != NULL) {

diff --git a/configure b/configure
diff --git a/configure.ac b/configure.ac
@@ -140,7 +140,6 @@ m4_include([m4/reorganization/llvm.m4])
 m4_include([m4/reorganization/sha_collect.m4])
 m4_include([m4/reorganization/yara.m4])
 m4_include([m4/reorganization/code_checks/fts.m4])
-m4_include([m4/reorganization/libfreshclam.m4])
 m4_include([m4/reorganization/prelude.m4])
 m4_include([m4/reorganization/bsd.m4])
 
@@ -242,22 +241,27 @@ else
     CL_MSG_STATUS([fdpassing   ],[n/a],[])
 fi
 CL_MSG_STATUS([IPv6        ],[$have_cv_ipv6],[$want_ipv6])
+CL_MSG_STATUS([openssl     ],[$LIBSSL_HOME],[yes])
+CL_MSG_STATUS([libcurl     ],[$LIBCURL_HOME],[yes])
 
 AC_MSG_NOTICE([Summary of optional tools])
-CL_MSG_STATUS([clamdtop    ],[$CURSES_LIBS],[$enable_clamdtop])
-CL_MSG_STATUS([milter      ],[yes],[$have_milter])
-if test "X$have_curl" = "Xyes" && test "X$have_json" = "Xyes"; then
-    CL_MSG_STATUS([clamsubmit  ], [yes (libjson-c-dev found at $LIBJSON_HOME), libcurl-devel found at $LIBCURL_HOME)], [yes])
+
+if test "X$HAVE_LIBNCURSES" = "Xyes" || test "X$HAVE_LIBPDCURSES" = "Xyes"; then
+    CL_MSG_STATUS([clamdtop    ],[yes ($CURSES_LIBS)], [yes])
+else
+    CL_MSG_STATUS([clamdtop    ],[no (missing ncurses / pdcurses)], [no])
+fi
+
+if test "X$have_milter" = "Xyes"; then
+    CL_MSG_STATUS([milter      ],[yes ($CLAMAV_MILTER_LIBS)], [yes])
+else
+    CL_MSG_STATUS([milter      ],[no (missing libmilter)], [no])
+fi
+
+if test "X$have_json" = "Xyes"; then
+    CL_MSG_STATUS([clamsubmit  ], [yes (libjson-c-dev found at $LIBJSON_HOME)], [yes])
 else
-    if test "X$have_curl" != "Xyes" && test "X$have_json" != "Xyes"; then
-        CL_MSG_STATUS([clamsubmit  ], [no (missing libjson-c-dev AND libcurl-devel. Use the website to submit FPs/FNs.)], [no])
-    else
-        if test "X$have_curl" = "Xyes"; then 
-            CL_MSG_STATUS([clamsubmit  ], [no (missing libjson-c-dev. Use the website to submit FPs/FNs.)], [no])
-        else
-            CL_MSG_STATUS([clamsubmit  ], [no (missing libcurl-devel. Use the website to submit FPs/FNs.)], [no])
-        fi
-    fi
+    CL_MSG_STATUS([clamsubmit  ], [no (missing libjson-c-dev. Use the website to submit FPs/FNs.)], [no])
 fi
 
 AC_MSG_NOTICE([Summary of engine performance features])
@@ -294,7 +298,7 @@ else
     CL_MSG_STATUS([pcre        ],[$PCRE_HOME],[$have_pcre])
 fi
 CL_MSG_STATUS([libmspack   ],[yes],[$mspack_msg])
-if test "x$XML_LIBS" = "x"; then 
+if test "x$XML_LIBS" = "x"; then
     CL_MSG_STATUS([libxml2     ],[no],[])
 else
     CL_MSG_STATUS([libxml2     ],[yes, from $XML_HOME],[])

diff --git a/database/Makefile.in b/database/Makefile.in
@@ -171,7 +171,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -245,6 +244,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -308,6 +310,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@

diff --git a/docs/Makefile.in b/docs/Makefile.in
@@ -171,7 +171,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -279,6 +278,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -342,6 +344,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@

diff --git a/etc/Makefile.in b/etc/Makefile.in
@@ -172,7 +172,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -275,6 +274,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -338,6 +340,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@

diff --git a/etc/freshclam.conf.sample b/etc/freshclam.conf.sample
@@ -67,7 +67,7 @@ Example
 # Now that CloudFlare is being used as our Content Delivery Network (CDN),
 # this one domain name works world-wide to direct freshclam to the closest
 # geographic endpoint.
-DatabaseMirror database.clamav.net
+DatabaseMirror http://database.clamav.net
 
 # How many attempts to make before giving up.
 # Default: 3 (per mirror)
@@ -84,10 +84,15 @@ DatabaseMirror database.clamav.net
 # Default: no
 #CompressLocalDatabase no
 
-# With this option you can provide custom sources (http:// or file://) for
-# database files. This option can be used multiple times.
+# With this option you can provide custom sources for database files.
+# This option can be used multiple times. Support for:
+#   http(s)://, ftp(s)://, or file://
 # Default: no custom URLs
 #DatabaseCustomURL http://myserver.com/mysigs.ndb
+#DatabaseCustomURL https://myserver.com/mysigs.ndb
+#DatabaseCustomURL https://myserver.com:4567/whitelist.wdb
+#DatabaseCustomURL ftp://myserver.com/example.ldb
+#DatabaseCustomURL ftps://myserver.com:4567/example.ndb
 #DatabaseCustomURL file:///mnt/nfs/local.hdb
 
 # This option allows you to easily point freshclam to private mirrors.
@@ -108,8 +113,15 @@ DatabaseMirror database.clamav.net
 #Checks 24
 
 # Proxy settings
+# The HTTPProxyServer may be prefixed with [scheme]:// to specify which kind of proxy is used.
+#   http://     HTTP Proxy. Default when no scheme or proxy type is specified.
+#   https://    HTTPS Proxy. (Added in 7.52.0 for OpenSSL, GnuTLS and NSS)
+#   socks4://   SOCKS4 Proxy.
+#   socks4a://  SOCKS4a Proxy. Proxy resolves URL hostname.
+#   socks5://   SOCKS5 Proxy.
+#   socks5h://  SOCKS5 Proxy. Proxy resolves URL hostname.
 # Default: disabled
-#HTTPProxyServer myproxy.com
+#HTTPProxyServer https://myproxy.com
 #HTTPProxyPort 1234
 #HTTPProxyUsername myusername
 #HTTPProxyPassword mypass
@@ -184,8 +196,12 @@ DatabaseMirror database.clamav.net
 # Default: enabled
 #Bytecode yes
 
-# Download an additional 3rd party signature database distributed through
-# the ClamAV mirrors. 
+# Include an optional signature databases (opt-in).
 # This option can be used multiple times.
 #ExtraDatabase dbname1
 #ExtraDatabase dbname2
+
+# Exclude a standard signature database (opt-out).
+# This option can be used multiple times.
+#ExcludeDatabase dbname1
+#ExcludeDatabase dbname2
diff --git a/freshclam/Makefile.am b/freshclam/Makefile.am
@@ -28,37 +28,24 @@ freshclam_SOURCES = \
     $(top_srcdir)/shared/optparser.h \
     $(top_srcdir)/shared/getopt.c \
     $(top_srcdir)/shared/getopt.h \
-    $(top_srcdir)/shared/misc.c \
     $(top_srcdir)/shared/misc.h \
-    $(top_srcdir)/shared/cdiff.c \
-    $(top_srcdir)/shared/cdiff.h \
-    $(top_srcdir)/shared/tar.c \
-    $(top_srcdir)/shared/tar.h \
-    $(top_srcdir)/shared/clamdcom.c \
+    $(top_srcdir)/shared/misc.c \
     $(top_srcdir)/shared/clamdcom.h \
+    $(top_srcdir)/shared/clamdcom.c \
     freshclam.c \
-    freshclamcodes.h \
-    manager.c \
-    manager.h \
     notify.c \
     notify.h \
-    dns.c \
-    dns.h \
     execute.c \
-    execute.h \
-    nonblock.c \
-    nonblock.h \
-    mirman.c \
-    mirman.h
+    execute.h
 
 if INSTALL_SYSTEMD_UNITS
 systemdsystemunit_DATA = clamav-freshclam.service
 endif
 
 AM_CFLAGS=@WERR_CFLAGS@
 DEFS = @DEFS@ -DCL_NOTHREADS
-AM_CPPFLAGS = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav @SSL_CPPFLAGS@ @FRESHCLAM_CPPFLAGS@  @JSON_CPPFLAGS@ @PCRE_CPPFLAGS@
-LIBS = @SSL_LDFLAGS@ @SSL_LIBS@ $(top_builddir)/libclamav/libclamav.la @FRESHCLAM_LIBS@ @THREAD_LIBS@
+AM_CPPFLAGS = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav -I$(top_srcdir)/libfreshclam @CURL_CPPFLAGS@ @SSL_CPPFLAGS@ @FRESHCLAM_CPPFLAGS@ @JSON_CPPFLAGS@ @PCRE_CPPFLAGS@
+LIBS = @SSL_LDFLAGS@ @SSL_LIBS@ @CURL_LDFLAGS@ @CURL_LIBS@ $(top_builddir)/libclamav/libclamav.la $(top_builddir)/libfreshclam/libfreshclam.la @FRESHCLAM_LIBS@ @THREAD_LIBS@
 
 AM_INSTALLCHECK_STD_OPTIONS_EXEMPT=freshclam$(EXEEXT)
 CLEANFILES=*.gcda *.gcno
diff --git a/freshclam/Makefile.in b/freshclam/Makefile.in
@@ -176,7 +176,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -195,10 +194,8 @@ am__installdirs = "$(DESTDIR)$(bindir)" \
 	"$(DESTDIR)$(systemdsystemunitdir)"
 PROGRAMS = $(bin_PROGRAMS)
 am_freshclam_OBJECTS = output.$(OBJEXT) optparser.$(OBJEXT) \
-	getopt.$(OBJEXT) misc.$(OBJEXT) cdiff.$(OBJEXT) tar.$(OBJEXT) \
-	clamdcom.$(OBJEXT) freshclam.$(OBJEXT) manager.$(OBJEXT) \
-	notify.$(OBJEXT) dns.$(OBJEXT) execute.$(OBJEXT) \
-	nonblock.$(OBJEXT) mirman.$(OBJEXT)
+	getopt.$(OBJEXT) misc.$(OBJEXT) clamdcom.$(OBJEXT) \
+	freshclam.$(OBJEXT) notify.$(OBJEXT) execute.$(OBJEXT)
 freshclam_OBJECTS = $(am_freshclam_OBJECTS)
 freshclam_LDADD = $(LDADD)
 AM_V_lt = $(am__v_lt_@AM_V@)
@@ -332,6 +329,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -395,6 +395,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@
@@ -407,7 +408,7 @@ LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@
 LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@
 LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@
 LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@
-LIBS = @SSL_LDFLAGS@ @SSL_LIBS@ $(top_builddir)/libclamav/libclamav.la @FRESHCLAM_LIBS@ @THREAD_LIBS@
+LIBS = @SSL_LDFLAGS@ @SSL_LIBS@ @CURL_LDFLAGS@ @CURL_LIBS@ $(top_builddir)/libclamav/libclamav.la $(top_builddir)/libfreshclam/libfreshclam.la @FRESHCLAM_LIBS@ @THREAD_LIBS@
 LIBTOOL = @LIBTOOL@
 LIPO = @LIPO@
 LN_S = @LN_S@
@@ -540,32 +541,19 @@ freshclam_SOURCES = \
     $(top_srcdir)/shared/optparser.h \
     $(top_srcdir)/shared/getopt.c \
     $(top_srcdir)/shared/getopt.h \
-    $(top_srcdir)/shared/misc.c \
     $(top_srcdir)/shared/misc.h \
-    $(top_srcdir)/shared/cdiff.c \
-    $(top_srcdir)/shared/cdiff.h \
-    $(top_srcdir)/shared/tar.c \
-    $(top_srcdir)/shared/tar.h \
-    $(top_srcdir)/shared/clamdcom.c \
+    $(top_srcdir)/shared/misc.c \
     $(top_srcdir)/shared/clamdcom.h \
+    $(top_srcdir)/shared/clamdcom.c \
     freshclam.c \
-    freshclamcodes.h \
-    manager.c \
-    manager.h \
     notify.c \
     notify.h \
-    dns.c \
-    dns.h \
     execute.c \
-    execute.h \
-    nonblock.c \
-    nonblock.h \
-    mirman.c \
-    mirman.h
+    execute.h
 
 @INSTALL_SYSTEMD_UNITS_TRUE@systemdsystemunit_DATA = clamav-freshclam.service
 AM_CFLAGS = @WERR_CFLAGS@
-AM_CPPFLAGS = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav @SSL_CPPFLAGS@ @FRESHCLAM_CPPFLAGS@  @JSON_CPPFLAGS@ @PCRE_CPPFLAGS@
+AM_CPPFLAGS = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav -I$(top_srcdir)/libfreshclam @CURL_CPPFLAGS@ @SSL_CPPFLAGS@ @FRESHCLAM_CPPFLAGS@ @JSON_CPPFLAGS@ @PCRE_CPPFLAGS@
 AM_INSTALLCHECK_STD_OPTIONS_EXEMPT = freshclam$(EXEEXT)
 CLEANFILES = *.gcda *.gcno
 all: all-am
@@ -680,20 +668,14 @@ mostlyclean-compile:
 distclean-compile:
 	-rm -f *.tab.c
 
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cdiff.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/clamdcom.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dns.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execute.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/freshclam.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getopt.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/manager.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mirman.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nonblock.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/notify.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/optparser.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/output.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tar.Po@am__quote@
 
 .c.o:
 @am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -772,34 +754,6 @@ misc.obj: $(top_srcdir)/shared/misc.c
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o misc.obj `if test -f '$(top_srcdir)/shared/misc.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/misc.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/misc.c'; fi`
 
-cdiff.o: $(top_srcdir)/shared/cdiff.c
-@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cdiff.o -MD -MP -MF $(DEPDIR)/cdiff.Tpo -c -o cdiff.o `test -f '$(top_srcdir)/shared/cdiff.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/cdiff.c
-@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/cdiff.Tpo $(DEPDIR)/cdiff.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$(top_srcdir)/shared/cdiff.c' object='cdiff.o' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cdiff.o `test -f '$(top_srcdir)/shared/cdiff.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/cdiff.c
-
-cdiff.obj: $(top_srcdir)/shared/cdiff.c
-@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cdiff.obj -MD -MP -MF $(DEPDIR)/cdiff.Tpo -c -o cdiff.obj `if test -f '$(top_srcdir)/shared/cdiff.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/cdiff.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/cdiff.c'; fi`
-@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/cdiff.Tpo $(DEPDIR)/cdiff.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$(top_srcdir)/shared/cdiff.c' object='cdiff.obj' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cdiff.obj `if test -f '$(top_srcdir)/shared/cdiff.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/cdiff.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/cdiff.c'; fi`
-
-tar.o: $(top_srcdir)/shared/tar.c
-@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT tar.o -MD -MP -MF $(DEPDIR)/tar.Tpo -c -o tar.o `test -f '$(top_srcdir)/shared/tar.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/tar.c
-@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/tar.Tpo $(DEPDIR)/tar.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$(top_srcdir)/shared/tar.c' object='tar.o' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o tar.o `test -f '$(top_srcdir)/shared/tar.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/tar.c
-
-tar.obj: $(top_srcdir)/shared/tar.c
-@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT tar.obj -MD -MP -MF $(DEPDIR)/tar.Tpo -c -o tar.obj `if test -f '$(top_srcdir)/shared/tar.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/tar.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/tar.c'; fi`
-@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/tar.Tpo $(DEPDIR)/tar.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$(top_srcdir)/shared/tar.c' object='tar.obj' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o tar.obj `if test -f '$(top_srcdir)/shared/tar.c'; then $(CYGPATH_W) '$(top_srcdir)/shared/tar.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/shared/tar.c'; fi`
-
 clamdcom.o: $(top_srcdir)/shared/clamdcom.c
 @am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT clamdcom.o -MD -MP -MF $(DEPDIR)/clamdcom.Tpo -c -o clamdcom.o `test -f '$(top_srcdir)/shared/clamdcom.c' || echo '$(srcdir)/'`$(top_srcdir)/shared/clamdcom.c
 @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/clamdcom.Tpo $(DEPDIR)/clamdcom.Po

diff --git a/freshclam/execute.c b/freshclam/execute.c
@@ -35,13 +35,13 @@
 
 #define MAX_CHILDREN 5
 
-int active_children;
+int g_active_children;
 
-void execute(const char *type, const char *text, const struct optstruct *opts)
+void execute(const char *type, const char *text, int bDaemonized)
 {
     int ret;
 
-    if (!optget(opts, "daemon")->enabled) {
+    if (!bDaemonized) {
         if (sscanf(text, "EXIT_%d", &ret) == 1) {
             logg("*%s: EXIT_%d\n", type, ret);
             exit(ret);
@@ -58,7 +58,7 @@ void execute(const char *type, const char *text, const struct optstruct *opts)
         return;
     }
 #else
-    if (active_children < MAX_CHILDREN) {
+    if (g_active_children < MAX_CHILDREN) {
         pid_t pid;
         switch (pid = fork()) {
             case 0:
@@ -70,10 +70,10 @@ void execute(const char *type, const char *text, const struct optstruct *opts)
                 logg("^%s::fork() failed, %s.\n", type, strerror(errno));
                 break;
             default:
-                active_children++;
+                g_active_children++;
         }
     } else {
-        logg("^%s: already %d processes active.\n", type, active_children);
+        logg("^%s: already %d processes active.\n", type, g_active_children);
     }
 #endif
 }
diff --git a/freshclam/execute.h b/freshclam/execute.h
@@ -22,7 +22,8 @@
 
 #include "shared/optparser.h"
 
-void execute(const char *type, const char *text,
-             const struct optstruct *opts);
+extern int g_active_children;
+
+void execute(const char *type, const char *text, int bDaemonized);
 
 #endif
diff --git a/freshclam/freshclam.c b/freshclam/freshclam.c
diff --git a/freshclam/freshclamcodes.h b/freshclam/freshclamcodes.h
diff --git a/freshclam/manager.c b/freshclam/manager.c
diff --git a/freshclam/manager.h b/freshclam/manager.h
diff --git a/freshclam/mirman.c b/freshclam/mirman.c
diff --git a/freshclam/mirman.h b/freshclam/mirman.h
diff --git a/freshclam/nonblock.c b/freshclam/nonblock.c
diff --git a/freshclam/nonblock.h b/freshclam/nonblock.h
diff --git a/fuzz/Makefile.in b/fuzz/Makefile.in
@@ -202,7 +202,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -728,6 +727,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -791,6 +793,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@

diff --git a/libclamav/Makefile.am b/libclamav/Makefile.am
@@ -240,7 +240,7 @@ MSPACK_CFLAGS = $(LIBMSPACK_CFLAGS)
 MSPACKLIBADD = $(LIBMSPACK_LIBS)
 MSPACKDEP =
 
-libmspack/Makefile: 
+libmspack/Makefile:
 .PHONY: distdir distclean maintainer-clean
 distdir:
 	echo "make distdir requires --with-system-libmspack=no"
@@ -273,17 +273,17 @@ endif
 include_HEADERS = clamav.h
 
 libclamav_la_SOURCES = \
-        matcher-ac.c \
-        matcher-ac.h \
-        matcher-bm.c \
-        matcher-bm.h \
-        matcher-hash.c \
-        matcher-hash.h \
-        matcher.c \
-        matcher.h \
-        others.c \
-        others.h \
-        readdb.c \
+	matcher-ac.c \
+	matcher-ac.h \
+	matcher-bm.c \
+	matcher-bm.h \
+	matcher-hash.c \
+	matcher-hash.h \
+	matcher.c \
+	matcher.h \
+	others.c \
+	others.h \
+	readdb.c \
 	readdb.h \
 	cvd.c \
 	cvd.h \

diff --git a/libclamav/Makefile.in b/libclamav/Makefile.in
@@ -201,7 +201,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -899,6 +898,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -962,6 +964,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@
@@ -4568,7 +4571,7 @@ uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES
 @ENABLE_LLVM_FALSE@	$(AM_V_at) cp $< $@
 @ENABLE_LLVM_FALSE@distclean-recursive distdir maintainer-clean-recursive: c++/Makefile
 
-@USE_INTERNAL_MSPACK_FALSE@libmspack/Makefile: 
+@USE_INTERNAL_MSPACK_FALSE@libmspack/Makefile:
 @USE_INTERNAL_MSPACK_FALSE@.PHONY: distdir distclean maintainer-clean
 @USE_INTERNAL_MSPACK_FALSE@distdir:
 @USE_INTERNAL_MSPACK_FALSE@	echo "make distdir requires --with-system-libmspack=no"

diff --git a/libclamav/blob.c b/libclamav/blob.c
@@ -83,7 +83,9 @@ void blobDestroy(blob *b)
 #endif
 
     assert(b != NULL);
+#ifdef CL_DEBUG
     assert(b->magic == BLOBCLASS);
+#endif
 
     if (b->name)
         free(b->name);
@@ -118,7 +120,9 @@ blobToMem(blob *b)
     void *ret;
 
     assert(b != NULL);
+#ifdef CL_DEBUG
     assert(b->magic == BLOBCLASS);
+#endif
 
     if (!b->isClosed)
         blobClose(b);
@@ -137,7 +141,9 @@ blobToMem(blob *b)
 void blobSetFilename(blob *b, const char *dir, const char *filename)
 {
     assert(b != NULL);
+#ifdef CL_DEBUG
     assert(b->magic == BLOBCLASS);
+#endif
     assert(filename != NULL);
 
     UNUSEDPARAM(dir);
@@ -157,7 +163,9 @@ static const char *
 blobGetFilename(const blob *b)
 {
     assert(b != NULL);
+#ifdef CL_DEBUG
     assert(b->magic == BLOBCLASS);
+#endif
 
     return b->name;
 }
@@ -173,7 +181,9 @@ int blobAddData(blob *b, const unsigned char *data, size_t len)
 #endif
 
     assert(b != NULL);
+#ifdef CL_DEBUG
     assert(b->magic == BLOBCLASS);
+#endif
     assert(data != NULL);
 
     if (len == 0)
@@ -253,7 +263,9 @@ unsigned char *
 blobGetData(const blob *b)
 {
     assert(b != NULL);
+#ifdef CL_DEBUG
     assert(b->magic == BLOBCLASS);
+#endif
 
     if (b->len == 0)
         return NULL;
@@ -264,15 +276,19 @@ size_t
 blobGetDataSize(const blob *b)
 {
     assert(b != NULL);
+#ifdef CL_DEBUG
     assert(b->magic == BLOBCLASS);
+#endif
 
     return b->len;
 }
 
 void blobClose(blob *b)
 {
     assert(b != NULL);
+#ifdef CL_DEBUG
     assert(b->magic == BLOBCLASS);
+#endif
 
     if (b->isClosed) {
         cli_warnmsg("Attempt to close a previously closed blob\n");
@@ -337,7 +353,9 @@ int blobcmp(const blob *b1, const blob *b2)
 int blobGrow(blob *b, size_t len)
 {
     assert(b != NULL);
+#ifdef CL_DEBUG
     assert(b->magic == BLOBCLASS);
+#endif
 
     if (len == 0)
         return CL_SUCCESS;
@@ -430,7 +448,9 @@ void fileblobDestructiveDestroy(fileblob *fb)
 void fileblobDestroy(fileblob *fb)
 {
     assert(fb != NULL);
+#ifdef CL_DEBUG
     assert(fb->b.magic == BLOBCLASS);
+#endif
 
     if (fb->b.name && fb->fp) {
         fclose(fb->fp);

diff --git a/libclamav/mbox.c b/libclamav/mbox.c
@@ -3,7 +3,7 @@
  *  Copyright (C) 2007-2013 Sourcefire, Inc.
  *
  *  Authors: Nigel Horne
- * 
+ *
  *  Acknowledgements: Some ideas came from Stephen White <stephen@earth.li>,
  *                    Michael Dankov <misha@btrc.ru>, Gianluigi Tiesi <sherpya@netfarm.it>,
  *                    Everton da Silva Marques, Thomas Lamy <Thomas.Lamy@in-online.net>,
@@ -67,6 +67,10 @@
 #include <pthread.h>
 #endif
 
+#if defined(_WIN32) || defined(_WIN64)
+#define strtok_r strtok_s
+#endif
+
 #include "clamav.h"
 #include "others.h"
 #include "str.h"
@@ -99,7 +103,10 @@
 
 #ifdef HAVE_BACKTRACE
 #include <execinfo.h>
+
+#ifdef USE_SYSLOG
 #include <syslog.h>
+#endif
 
 static void sigsegv(int sig);
 static void print_trace(int use_syslog);
@@ -1815,8 +1822,8 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re
 						 * must be listed here */
                             break;
                         default:
-                            /* this is a subtype that we 
-						 * don't handle anyway, 
+                            /* this is a subtype that we
+						 * don't handle anyway,
 						 * don't store */
                             if (messages[multiparts]) {
                                 messageDestroy(messages[multiparts]);
@@ -3597,7 +3604,7 @@ getline_from_mbox(char *buffer, size_t buffer_len, fmap_t *map, size_t *at)
     src = cursrc = fmap_need_off_once(map, *at, input_len);
 
     /*	we check for eof from the result of GETC()
- *	if(feof(fin)) 
+ *	if(feof(fin))
 		return NULL;*/
     if (!src) {
         cli_dbgmsg("getline_from_mbox: fmap need failed\n");

diff --git a/libclamav/str.c b/libclamav/str.c
@@ -295,9 +295,12 @@ int cli_strbcasestr(const char *haystack, const char *needle)
     return !strcasecmp(pt, needle);
 }
 
-/*
- * Remove trailing NL and CR characters from the end of the given string.
- * Return the new length of the string (ala strlen)
+/**
+ * @brief Remove trailing NL and CR characters from the end of the given string.
+ *
+ * @param string    string input
+ * @return int      the new length of the string (ala strlen)
+ * @return int      -1 if string was NULL.
  */
 int cli_chomp(char *string)
 {

diff --git a/libclamav/xar.c b/libclamav/xar.c
@@ -26,6 +26,7 @@
 #include <errno.h>
 #include "xar.h"
 #include "fmap.h"
+
 #if HAVE_LIBXML2
 #include <libxml/xmlreader.h>
 #include "clamav.h"

diff --git a/libfreshclam/Doxyfile b/libfreshclam/Doxyfile
@@ -0,0 +1,21 @@
+PROJECT_NAME     = ClamAV - Freshclam
+OUTPUT_DIRECTORY = ../docs/freshclam
+WARNINGS         = YES
+FILE_PATTERNS    = *.c *.h
+PERL_PATH        = /usr/bin/perl
+SEARCHENGINE     = YES
+
+GENERATE_LATEX=NO
+OPTIMIZE_OUTPUT_FOR_C=YES
+HAVE_DOT=YES
+CALL_GRAPH=YES
+CALLER_GRAPH=YES
+JAVADOC_AUTOBRIEF=YES
+GENERATE_MAN=NO
+EXAMPLE_PATH=examples
+
+DOT_CLEANUP=NO
+MAX_DOT_GRAPH_DEPTH=3
+
+EXTRACT_ALL=YES
+INPUT = . 
diff --git a/libfreshclam/Makefile.am b/libfreshclam/Makefile.am
@@ -16,6 +16,18 @@
 #  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 #  MA 02110-1301, USA.
 
+libfreshclam_la_LIBADD = $(top_builddir)/libclamav/libclamav.la @FRESHCLAM_LIBS@ @CURL_LIBS@ @SSL_LIBS@ @JSON_LIBS@ @LIBLTDL@ @THREAD_LIBS@ @LIBM@
+libfreshclam_la_DEPENDENCIES = @LTDLDEPS@
+libfreshclam_la_LDFLAGS = @CURL_LDFLAGS@ @SSL_LDFLAGS@ @TH_SAFE@ @JSON_LDFLAGS@ @ICONV_LDFLAGS@ $(XML_LIBS) -version-info @LIBFRESHCLAM_VERSION@ -no-undefined
+
+if VERSIONSCRIPT
+libfreshclam_la_LDFLAGS += -Wl,@VERSIONSCRIPTFLAG@,@top_srcdir@/libfreshclam/libfreshclam.map
+endif
+
+EXTRA_DIST = libfreshclam.map
+
+include_HEADERS = libfreshclam.h
+
 libfreshclam_la_SOURCES = \
     $(top_srcdir)/shared/output.c \
     $(top_srcdir)/shared/output.h \
@@ -29,29 +41,17 @@ libfreshclam_la_SOURCES = \
     $(top_srcdir)/shared/cdiff.h \
     $(top_srcdir)/shared/tar.c \
     $(top_srcdir)/shared/tar.h \
-    $(top_srcdir)/shared/clamdcom.c \
-    $(top_srcdir)/shared/clamdcom.h \
-	$(top_srcdir)/freshclam/freshclamcodes.h \
-	$(top_srcdir)/freshclam/manager.c \
-	$(top_srcdir)/freshclam/manager.h \
-	$(top_srcdir)/freshclam/notify.c \
-	$(top_srcdir)/freshclam/notify.h \
-	$(top_srcdir)/freshclam/dns.c \
-	$(top_srcdir)/freshclam/dns.h \
-	$(top_srcdir)/freshclam/execute.c \
-	$(top_srcdir)/freshclam/execute.h \
-	$(top_srcdir)/freshclam/nonblock.c \
-	$(top_srcdir)/freshclam/nonblock.h \
-	$(top_srcdir)/freshclam/mirman.c \
-	$(top_srcdir)/freshclam/mirman.h \
-	libfreshclam.c \
-	libfreshclam.h
+    libfreshclam.c \
+    libfreshclam_internal.c \
+    libfreshclam_internal.h \
+    dns.c \
+    dns.h
 
 lib_LTLIBRARIES = libfreshclam.la
 
 
 AM_CFLAGS=@WERR_CFLAGS@
 DEFS = @DEFS@ -DCL_NOTHREADS
-AM_CPPFLAGS = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav @SSL_CPPFLAGS@ @FRESHCLAM_CPPFLAGS@  @JSON_CPPFLAGS@
+AM_CPPFLAGS = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav @CURL_CPPFLAGS@ @SSL_CPPFLAGS@ @FRESHCLAM_CPPFLAGS@ @JSON_CPPFLAGS@ @PCRE_CPPFLAGS@
 
 CLEANFILES=*.gcda *.gcno
diff --git a/libfreshclam/Makefile.in b/libfreshclam/Makefile.in
diff --git a/freshclam/dns.c → libfreshclam/dns.c b/freshclam/dns.c → libfreshclam/dns.c
diff --git a/freshclam/dns.h → libfreshclam/dns.h b/freshclam/dns.h → libfreshclam/dns.h
diff --git a/libfreshclam/libfreshclam.c b/libfreshclam/libfreshclam.c
diff --git a/libfreshclam/libfreshclam.h b/libfreshclam/libfreshclam.h
@@ -1,15 +1,261 @@
-//
-//  libfreshclam.h
-//  freshclam
-//
-//  Created by msachedi on 2/3/14.
-//  Copyright (C) 2014-2019 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
-//
-
-#ifndef freshclam_libfreshclam_h
-#define freshclam_libfreshclam_h
-
-int download_with_opts(struct optstruct *opts, const char *db_path, const char *db_owner);
-struct optstruct *optadditem(const char *name, const char *arg, int verbose, int toolmask, int ignore,
-                             struct optstruct *oldopts);
-#endif
+/*
+ *  Copyright (C) 2013-2019 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
+ *  Copyright (C) 2007-2013 Sourcefire, Inc.
+ *  Copyright (C) 2002-2007 Tomasz Kojm <tkojm@clamav.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 as
+ *  published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA 02110-1301, USA.
+ */
+
+#ifndef __LIBFRESHCLAM_H
+#define __LIBFRESHCLAM_H
+
+#include "clamav-types.h"
+
+/*
+ * Freshclam configuration flag options.
+ */
+// clang-format off
+#define FC_CONFIG_MSG_DEBUG        0x1  // Enable debug messages.
+#define FC_CONFIG_MSG_VERBOSE      0x2  // Enable verbose mode.
+#define FC_CONFIG_MSG_QUIET        0x4  // Only output error messages.
+#define FC_CONFIG_MSG_NOWARN       0x8  // Don't output warning messages.
+#define FC_CONFIG_MSG_STDOUT       0x10 // Write to stdout instead of stderr.
+#define FC_CONFIG_MSG_SHOWPROGRESS 0x20 // Show download progress percentage.
+
+#define FC_CONFIG_LOG_VERBOSE 0x1  // Be verbose in log output as well.
+#define FC_CONFIG_LOG_NOWARN  0x2  // Don't log warning messages.
+#define FC_CONFIG_LOG_TIME    0x4  // Include timestamp in log messages.
+#define FC_CONFIG_LOG_ROTATE  0x8  // Rotate logs if they exceed MaxLogSize.
+#define FC_CONFIG_LOG_SYSLOG  0x10 // Enable Syslog.
+// clang-format on
+
+/* freshclam config options */
+typedef struct fc_config_ {
+    uint32_t msgFlags;               /**< FC_CONFIG_MSG bitflag field. */
+    uint32_t logFlags;               /**< FC_CONFIG_LOG bitflag field. */
+    uint64_t maxLogSize;             /**< Max size of logfile, if enabled. */
+    uint32_t maxAttempts;            /**< Max # of download attempts. Must be > 0 */
+    uint32_t connectTimeout;         /**< CURLOPT_CONNECTTIMEOUT, Timeout for the. connection phase (seconds). */
+    uint32_t requestTimeout;         /**< CURLOPT_TIMEOUT, Timeout for libcurl transfer operation (seconds). */
+    uint32_t bCompressLocalDatabase; /**< If set, will apply gz compression to CLD databases. */
+    const char *logFile;             /**< (optional) Filepath to use for log output, if desired. */
+    const char *logFacility;         /**< (optional) System logging facility (I.e. "syslog"), if desired. */
+    const char *localIP;             /**< (optional) client IP for multihomed systems. */
+    const char *userAgent;           /**< (optional) Alternative User Agent. */
+    const char *proxyServer;         /**< (optional) http(s) url for proxy server. */
+    uint16_t proxyPort;              /**< (optional) Proxy server port #. */
+    const char *proxyUsername;       /**< (optional) Username for proxy server authentication .*/
+    const char *proxyPassword;       /**< (optional) Password for proxy server authentication. */
+    const char *databaseDirectory;   /**< Filepath of database directory. */
+    const char *tempDirectory;       /**< Filepath to store temp files. */
+} fc_config;
+
+typedef enum fc_error_tag {
+    FC_SUCCESS  = 0,
+    FC_UPTODATE = 1,
+    FC_EINIT,
+    FC_EDIRECTORY,
+    FC_EFILE,
+    FC_ECONNECTION,
+    FC_EEMPTYFILE,
+    FC_EBADCVD,
+    FC_ETESTFAIL,
+    FC_ECONFIG,
+    FC_EDBDIRACCESS,
+    FC_EFAILEDGET,
+    FC_EMIRRORNOTSYNC,
+    FC_ELOGGING,
+    FC_EFAILEDUPDATE,
+    FC_EMEM,
+    FC_EARG
+} fc_error_t;
+
+/**
+ * @brief  Translate an FC_<code> to a human readable message.
+ *
+ * @param fcerror       fc_error_t code
+ * @return const char * message.
+ */
+const char *fc_strerror(fc_error_t fcerror);
+
+/**
+ * @brief Configure libfreshclam.
+ *
+ * This will initialize libcurl with `curl_global_init`.
+ * This should only be called once per application.
+ *
+ * If you are initializing libfreshclam from a Windows DLL you should not
+ * initialize it from DllMain or a static initializer because Windows holds
+ * the loader lock during that time and it could cause a deadlock.
+ *
+ * @param config        Configuration options.
+ * @return fc_error_t   FC_SUCCESS if success.
+ * @return fc_error_t   FC_ELOGGING if there is an issue writing to the log.
+ */
+fc_error_t fc_initialize(fc_config *config);
+
+/**
+ * @brief Cleanup libfreshclam features.
+ *
+ * This will call `curl_global_cleanup`.
+ * This should only be invoke once at the end of your
+ * application.
+ */
+void fc_cleanup(void);
+
+/**
+ * @brief Delete CVD & CLD files from database directory that aren't in the provided list.
+ *
+ * Will not touch files other than CLD and CVD files.
+ *
+ * @param databaseList  List of official databases to keep.
+ * @param nDatabases    Number of databses in list.
+ * @return fc_error_t   FC_SUCCESS if success.
+ * @return fc_error_t   FC_EDBDIRACCESS if database access issue occured.
+ * @return fc_error_t   FC_EARG if invalid arguments.
+ */
+fc_error_t fc_prune_database_directory(
+    char **databaseList,
+    uint32_t nDatabases);
+
+/**
+ * @brief Test if database loads without errors.
+ *
+ * @param dbFilename   Filename of database.
+ * @param bBytecodeEnabled Non-zero if database has bytecode signatures, and should be tested.
+ * @return fc_error_t  FC_SUCCESS if loaded correctly.
+ * @return fc_error_t  FC_EARG callback was passed invalid arguments.
+ */
+fc_error_t fc_test_database(
+    const char *dbFilename,
+    int bBytecodeEnabled);
+
+/**
+ * @brief Query Update Info via DNS to get database version info, and ClamAV version info.
+ *
+ * Caller must free dnsUpdateInfo.
+ *
+ * @param dnsUpdateInfoServer   (optional) The DNS server to query for Update Info. If NULL, will disable DNS update info query feature.
+ * @param dnsUpdateInfo         [out] The Update Info DNS reply string.
+ * @param newVersion            [out] New version of ClamAV available.
+ * @return fc_error_t           FC_SUCCESS if success.
+ * @return fc_error_t           FC_EARG if invalid args.
+ * @return fc_error_t           FC_EFAILEDGET if error or disabled and should fall back to HTTP mode for update info.
+ */
+fc_error_t fc_dns_query_update_info(
+    const char *dnsUpdateInfoServer,
+    char **dnsUpdateInfo,
+    char **newVersion);
+
+/**
+ * @brief Download a database directly from a URL.
+ *
+ * Whole file download.  Does not support incremental update.
+ *
+ * @param url           Database URL (http, https, file).
+ * @param context       Application context to pass to fccb_download_complete callback.
+ * @param bUpdated      [out] Non-zero if database was updated to new version or is entirely new.
+ * @return fc_error_t   FC_SUCCESS if database downloaded and callback executed successfully.
+ */
+fc_error_t fc_download_url_database(
+    const char *urlDatabase,
+    void *context,
+    int *bUpdated);
+
+/**
+ * @brief Download databases directly from a URLs.
+ *
+ * @param urlDatabaseList List of database URLs
+ * @param nUrlDatabases   Number of URLs in list.
+ * @param context         Application context to pass to fccb_download_complete callback.
+ * @param nUpdated        [out] Number of databases that were updated.
+ * @return fc_error_t     FC_SUCCESS if database downloaded and callback executed successfully.
+ */
+fc_error_t fc_download_url_databases(
+    char **urlDatabaseList,
+    uint32_t nUrlDatabases,
+    void *context,
+    uint32_t *nUpdated);
+
+/**
+ * @brief Update specific official database, given list of update servers.
+ *
+ * @param dbName                CVD/CLD database name, excluding file extension.
+ * @param serverList            String array of update servers.
+ * @param nServers              Number of servers in list.
+ * @param dnsUpdateInfoServer   DNS server for update info check. May be NULL to disable use of DNS.
+ * @param bScriptedUpdates      Enable incremental/updates (should not be enabled for PrivateMirrors).
+ * @param context               Application context to pass to fccb_download_complete callback.
+ * @param bUpdated              [out] Non-zero if database was updated to new version or is entirely new.
+ * @return fc_error_t           FC_SUCCESS if database downloaded and callback executed successfully.
+ */
+fc_error_t fc_update_database(
+    const char *database,
+    char **serverList,
+    uint32_t nServers,
+    int bPrivateMirror,
+    const char *dnsUpdateInfo,
+    int bScriptedUpdates,
+    void *context,
+    int *bUpdated);
+
+/**
+ * @brief Update list of official databases, given list of update servers.
+ *
+ * @param dbNames               String array of CVD/CLD database names, excluding file extensions.
+ * @param nDbNames              Number of names in array.
+ * @param serverList            String array of update servers.
+ * @param nServers              Number of servers in list.
+ * @param dnsUpdateInfoServer   DNS server for update info check. May be NULL to disable use of DNS.
+ * @param bScriptedUpdates      Enable incremental/updates (should not be enabled for PrivateMirrors).
+ * @param context               Application context to pass to fccb_download_complete callback.
+ * @param nUpdated              [out] Number of databases that were updated.
+ * @return fc_error_t           FC_SUCCESS if database downloaded and callback executed successfully.
+ */
+fc_error_t fc_update_databases(
+    char **databaseList,
+    uint32_t nDatabases,
+    char **serverList,
+    uint32_t nServers,
+    int bPrivateMirror,
+    const char *dnsUpdateInfo,
+    int bScriptedUpdates,
+    void *context,
+    uint32_t *nUpdated);
+
+/* ----------------------------------------------------------------------------
+ * Callback function type definitions.
+ */
+
+/**
+ * @brief Freshclam callback Download Complete
+ *
+ * Called after each database has been downloaded or updated.
+ *
+ * @param dbFilepath   Filename of the downloaded database in database directory.
+ * @param context      Opaque application provided data.
+ * @return fc_error_t  FC_SUCCESS if callback action was successful.
+ * @return fc_error_t  FC_EARG callback was passed invalid arguments.
+ * @return fc_error_t  FC_ETESTFAIL if callback action failed and libfreshclam should abort any additional updates.
+ */
+typedef fc_error_t (*fccb_download_complete)(const char *dbFilename, void *context);
+/**
+ * @brief Set a custom Download Complete callback function.
+ *
+ * @param callback  The callback function pointer.
+ */
+extern void fc_set_fccb_download_complete(fccb_download_complete callback);
+
+#endif // __LIBFRESHCLAM_H
diff --git a/libfreshclam/libfreshclam.map b/libfreshclam/libfreshclam.map
@@ -0,0 +1,19 @@
+FRESHCLAM_PUBLIC {
+  global:
+    fc_strerror;
+    fc_initialize;
+    fc_cleanup;
+    fc_prune_database_directory;
+    fc_test_database;
+    fc_dns_query_update_info;
+    fc_download_url_database;
+    fc_download_url_databases;
+    fc_update_database;
+    fc_update_databases;
+    fccb_download_complete;
+    fc_set_fccb_download_complete;
+};
+FRESHCLAM_PRIVATE {
+  local:
+    *;
+};
diff --git a/libfreshclam/libfreshclam_internal.c b/libfreshclam/libfreshclam_internal.c
diff --git a/libfreshclam/libfreshclam_internal.h b/libfreshclam/libfreshclam_internal.h
@@ -0,0 +1,78 @@
+/*
+ *  Copyright (C) 2013-2019 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
+ *  Copyright (C) 2007-2013 Sourcefire, Inc.
+ *  Copyright (C) 2002-2007 Tomasz Kojm <tkojm@clamav.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 as
+ *  published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA 02110-1301, USA.
+ */
+
+#ifndef __LIBFRESHCLAM_INTERNAL_H
+#define __LIBFRESHCLAM_INTERNAL_H
+
+#include "clamav-types.h"
+
+// clang-format off
+#define DNS_UPDATEINFO_NEWVERSION       0
+#define DNS_UPDATEINFO_RECORDTIME       3
+#define DNS_UPDATEINFO_VERSIONWARNING   4
+#define DNS_UPDATEINFO_REMOTEFLEVEL     5
+
+#define DNS_EXTRADBINFO_RECORDTIME      1
+// clang-format on
+
+/* ----------------------------------------------------------------------------
+ * Internal libfreshclam globals
+ */
+
+extern fccb_download_complete g_cb_download_complete;
+
+extern char *g_localIP;
+extern char *g_userAgent;
+
+extern char *g_proxyServer;
+extern uint16_t g_proxyPort;
+extern char *g_proxyUsername;
+extern char *g_proxyPassword;
+
+extern char *g_tempDirectory;
+extern char *g_databaseDirectory;
+
+extern uint32_t g_maxAttempts;
+extern uint32_t g_connectTimeout;
+extern uint32_t g_requestTimeout;
+
+extern uint32_t g_bCompressLocalDatabase;
+
+fc_error_t updatedb(
+    const char *database,
+    const char *dnsUpdateInfo,
+    char *server,
+    int bPrivateMirror,
+    void *context,
+    int bScriptedUpdates,
+    int logerr,
+    int *signo,
+    char **dbFilename,
+    int *bUpdated);
+
+fc_error_t updatecustomdb(
+    const char *url,
+    void *context,
+    int logerr,
+    int *signo,
+    char **dbFilename,
+    int *bUpdated);
+
+#endif // __LIBFRESHCLAM_INTERNAL_H
diff --git a/libltdl/Makefile.in b/libltdl/Makefile.in
@@ -159,7 +159,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -374,6 +373,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -437,6 +439,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@

diff --git a/m4/reorganization/libfreshclam.m4 b/m4/reorganization/libfreshclam.m4
diff --git a/m4/reorganization/libs/curl.m4 b/m4/reorganization/libs/curl.m4
@@ -33,24 +33,40 @@ fi
 if test "X$have_curl" = "Xyes"; then
     AC_MSG_RESULT([$LIBCURL_HOME])
     if test -f "$LIBCURL_HOME/bin/curl-config"; then
-        CURL_LDFLAGS=$($LIBCURL_HOME/bin/curl-config --libs)
+        CURL_LDFLAGS="$LDFLAGS"
+        CURL_LIBS=$($LIBCURL_HOME/bin/curl-config --libs)
         CURL_CPPFLAGS=$($LIBCURL_HOME/bin/curl-config --cflags)
     else
         if test "$LIBCURL_HOME" != "/usr"; then
-            CURL_LDFLAGS="-L$LIBCURL_HOME/lib -lcurl"
+            CURL_LDFLAGS="-L$LIBCURL_HOME/lib"
             CURL_CPPFLAGS="-I$LIBCURL_HOME/include"
         else
-            CURL_LDFLAGS="-lcurl"
+            CURL_LDFLAGS="$LDFLAGS"
             CURL_CPPFLAGS=""
         fi
+        CURL_LIBS="-lcurl"
     fi
     save_LDFLAGS="$LDFLAGS"
-    LDFLAGS="$CURL_LDFLAGS"
-    AC_CHECK_LIB([curl], [curl_easy_init], [curl_msg="";have_curl="yes";CLAMSUBMIT_LIBS="$CLAMSUBMIT_LIBS $CURL_LDFLAGS";CLAMSUBMIT_CFLAGS="$CLAMSUBMIT_CFLAGS $CURL_CPPFLAGS"],
-        [AC_MSG_WARN([Your libcurl is misconfigured. Please use the web interface for submitting FPs/FNs.])], [$CURL_LDFLAGS])
+    LDFLAGS="$CURL_LDFLAGS $CURL_LIBS"
+    AC_CHECK_LIB(
+        [curl],
+        [curl_easy_init],
+        [
+            curl_msg="";
+            have_curl="yes";
+            CLAMSUBMIT_LIBS="$CLAMSUBMIT_LIBS $CURL_LDFLAGS $CURL_LIBS";
+            CLAMSUBMIT_CFLAGS="$CLAMSUBMIT_CFLAGS $CURL_CPPFLAGS";
+            FRESHCLAM_LIBS="$FRESHCLAM_LIBS $CURL_LDFLAGS $CURL_LIBS";
+            FRESHCLAM_CPPFLAGS="$FRESHCLAM_CPPFLAGS $CURL_CPPFLAGS"
+        ],
+        [
+            AC_MSG_ERROR([Your libcurl is misconfigured. libcurl (e.g. libcurl-devel) is required in order to build freshclam and clamsubmit.])
+        ],
+        [$CURL_LIBS]
+    )
     LDFLAGS="$save_LDFLAGS"
 else
-    AC_MSG_WARN([libcurl not found or not requested by ./configure. Please use the web interface for submitting FPs/FNs.])
+    AC_MSG_ERROR([libcurl not found. libcurl (e.g. libcurl-devel) is required in order to build freshclam and clamsubmit.])
 fi
 
 AC_SUBST([CLAMSUBMIT_LIBS])

diff --git a/m4/reorganization/substitutions.m4 b/m4/reorganization/substitutions.m4
@@ -11,6 +11,7 @@ AC_SUBST([CLAMDTOP_CPPFLAGS])
 AC_SUBST([CLAMBC_CPPFLAGS])
 AC_SUBST([LIBCLAMSHARED_CPPFLAGS])
 AC_SUBST([SSL_CPPFLAGS])
+AC_SUBST([CURL_CPPFLAGS])
 AC_SUBST([JSON_CPPFLAGS])
 AC_SUBST([PCRE_CPPFLAGS])
 AC_SUBST([XML_CPPFLAGS])
@@ -33,4 +34,6 @@ AC_SUBST([SSL_LIBS])
 AC_SUBST([SSL_LDFLAGS])
 AC_SUBST([JSON_LIBS])
 AC_SUBST([JSON_LDFLAGS])
+AC_SUBST([CURL_LIBS])
+AC_SUBST([CURL_LDFLAGS])
 
diff --git a/m4/reorganization/version.m4 b/m4/reorganization/version.m4
@@ -2,18 +2,27 @@ dnl change this on a release
 dnl VERSION="devel-`date +%Y%m%d`"
 VERSION="0.102.0-devel-`date +%Y%m%d`"
 
+dnl libclamav version info
 LC_CURRENT=9
 LC_REVISION=1
 LC_AGE=0
 LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE"
 AC_SUBST([LIBCLAMAV_VERSION])
 
-major=`expr $LC_CURRENT - $LC_AGE`
+LC_MAJOR=`expr $LC_CURRENT - $LC_AGE`
+AC_DEFINE_UNQUOTED([LIBCLAMAV_FULLVER], "$LC_MAJOR.$LC_AGE.$LC_REVISION", ["Full clamav library version number"])
+AC_DEFINE_UNQUOTED([LIBCLAMAV_MAJORVER], $LC_MAJOR, ["Major clamav library version number"])
 
-AC_DEFINE_UNQUOTED([LIBCLAMAV_FULLVER], "$major.$LC_AGE.$LC_REVISION",
-        ["Full library version number"])
+dnl libfreshclam version info
+LFC_CURRENT=2
+LFC_REVISION=0
+LFC_AGE=0
+LIBFRESHCLAM_VERSION="$LFC_CURRENT":"$LFC_REVISION":"$LFC_AGE"
+AC_SUBST([LIBFRESHCLAM_VERSION])
 
-AC_DEFINE_UNQUOTED([LIBCLAMAV_MAJORVER], $major, ["Major library version number"])
+LFC_MAJOR=`expr $LFC_CURRENT - $LFC_AGE`
+AC_DEFINE_UNQUOTED([LIBFRESHCLAM_FULLVER], "$LFC_MAJOR.$LFC_AGE.$LFC_REVISION", ["Full freshclam library version number"])
+AC_DEFINE_UNQUOTED([LIBFRESHCLAM_MAJORVER], $LFC_MAJOR, ["Major freshclam library version number"])
 
 AC_DEFINE_UNQUOTED([VERSION],"$VERSION",[Version number of package])
 AC_DEFINE_UNQUOTED([VERSION_SUFFIX],"$VERSION_SUFFIX",[Version suffix for package])
diff --git a/shared/hostid.c b/shared/hostid.c
@@ -0,0 +1,61 @@
+/*
+ *  Copyright (C) 2014-2019 Cisco and/or its affiliates. All rights reserved.
+ *
+ *  Author: Shawn Webb
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 as
+ *  published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA 02110-1301, USA.
+ */
+
+#include <string.h>
+
+#include "others.h"
+
+char hostid[37];
+
+int is_valid_hostid(void)
+{
+    int count, i;
+
+    if (strlen(hostid) != 36)
+        return 0;
+
+    count = 0;
+    for (i = 0; i < 36; i++)
+        if (hostid[i] == '-')
+            count++;
+
+    if (count != 4)
+        return 0;
+
+    if (hostid[8] != '-' || hostid[13] != '-' || hostid[18] != '-' || hostid[23] != '-')
+        return 0;
+
+    return 1;
+}
+
+char *get_hostid(void *cbdata)
+{
+    UNUSEDPARAM(cbdata);
+
+    if (!strcmp(hostid, "none"))
+        return NULL;
+
+    if (!is_valid_hostid())
+        return strdup(STATS_ANON_UUID);
+
+    logg("HostID is valid: %s\n", hostid);
+
+    return strdup(hostid);
+}
diff --git a/shared/hostid.h b/shared/hostid.h
@@ -0,0 +1,41 @@
+/*
+ *  Copyright (C) 2014-2019 Cisco and/or its affiliates. All rights reserved.
+ *
+ *  Author: Shawn Webb
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 as
+ *  published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA 02110-1301, USA.
+ */
+
+#ifndef __LIBFRESHCLAM_H
+#define __LIBFRESHCLAM_H
+
+extern char hostid[37];
+
+/**
+ * @brief 
+ * 
+ * @return int 
+ */
+int is_valid_hostid(void);
+
+/**
+ * @brief Get the hostid object
+ * 
+ * @param cbdata 
+ * @return char* 
+ */
+char *get_hostid(void *cbdata);
+
+#endif //__LIBFRESHCLAM_H
diff --git a/shared/optparser.c b/shared/optparser.c
@@ -442,7 +442,7 @@ const struct clam_option __clam_options[] = {
 
     {"DNSDatabaseInfo", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, "current.cvd.clamav.net", FLAG_REQUIRED, OPT_FRESHCLAM, "Use DNS to verify the virus database version. Freshclam uses DNS TXT records\nto verify the versions of the database and software itself. With this\ndirective you can change the database verification domain.\nWARNING: Please don't change it unless you're configuring freshclam to use\nyour own database verification domain.", "current.cvd.clamav.net"},
 
-    {"DatabaseMirror", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "DatabaseMirror specifies to which mirror(s) freshclam should connect.\nYou should have at least two entries: db.XY.clamav.net (or db.XY.ipv6.clamav.net\nfor IPv6) and database.clamav.net (in this order). Please replace XY with your\ncountry code (see https://www.iana.org/domains/root/db).\ndatabase.clamav.net is a round-robin record which points to our most reliable\nmirrors. It's used as a fall back in case db.XY.clamav.net is not working.", "db.XY.clamav.net\ndatabase.clamav.net"},
+    {"DatabaseMirror", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "DatabaseMirror specifies to which mirror(s) freshclam should connect.\nYou should have at least one entry: ddatabase.clamav.net.", "database.clamav.net"},
 
     {"PrivateMirror", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "This option allows you to easily point freshclam to private mirrors.\nIf PrivateMirror is set, freshclam does not attempt to use DNS\nto determine whether its databases are out-of-date, instead it will\nuse the If-Modified-Since request or directly check the headers of the\nremote database files. For each database, freshclam first attempts\nto download the CLD file. If that fails, it tries to download the\nCVD file. This option overrides DatabaseMirror, DNSDatabaseInfo\nand Scripted Updates. It can be used multiple times to provide\nfall-back mirrors.", "mirror1.mynetwork.com\nmirror2.mynetwork.com"},
 
@@ -454,7 +454,9 @@ const struct clam_option __clam_options[] = {
 
     {"CompressLocalDatabase", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_FRESHCLAM, "By default freshclam will keep the local databases (.cld) uncompressed to\nmake their handling faster. With this option you can enable the compression.\nThe change will take effect with the next database update.", ""},
 
-    {"ExtraDatabase", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "Download an additional 3rd party signature database distributed through\nthe ClamAV mirrors. This option can be used multiple times.", "dbname1\ndbname2"},
+    {"ExtraDatabase", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "Include an optional signature databases (opt-in). This option can be used multiple times.", "dbname1\ndbname2"},
+
+    {"ExcludeDatabase", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "Exclude a standard signature database (opt-out). This option can be used multiple times.", "dbname1\ndbname2"},
 
     {"DatabaseCustomURL", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "With this option you can provide custom sources (http:// or file://) for database files.\nThis option can be used multiple times.", "http://myserver.com/mysigs.ndb\nfile:///mnt/nfs/local.hdb"},
 

diff --git a/shared/output.c b/shared/output.c
@@ -232,7 +232,12 @@ static int rename_logg(STATBUF *sb)
     }
 
     t = time(NULL);
+
+#ifdef _WIN32
+    if (0 != localtime_s(&t, &tmp)) {
+#else
     if (!localtime_r(&t, &tmp)) {
+#endif
         if (logg_fp)
             fprintf(logg_fp, "Need to rotate log file due to size but could not get local time.\n");
 

diff --git a/sigtool/Makefile.in b/sigtool/Makefile.in
@@ -173,7 +173,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -298,6 +297,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -361,6 +363,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@

diff --git a/sigtool/sigtool.c b/sigtool/sigtool.c
@@ -3667,6 +3667,6 @@ int main(int argc, char **argv)
         help();
 
     optfree(opts);
-    cl_cleanup_crypto();
+
     return ret ? 1 : 0;
 }
diff --git a/test/Makefile.in b/test/Makefile.in
@@ -152,7 +152,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -226,6 +225,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -289,6 +291,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@

diff --git a/unit_tests/Makefile.in b/unit_tests/Makefile.in
@@ -154,7 +154,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/acinclude.m4 \
 	$(top_srcdir)/m4/reorganization/sha_collect.m4 \
 	$(top_srcdir)/m4/reorganization/yara.m4 \
 	$(top_srcdir)/m4/reorganization/code_checks/fts.m4 \
-	$(top_srcdir)/m4/reorganization/libfreshclam.m4 \
 	$(top_srcdir)/m4/reorganization/prelude.m4 \
 	$(top_srcdir)/m4/reorganization/bsd.m4 \
 	$(top_srcdir)/m4/reorganization/libs/curl.m4 \
@@ -516,6 +515,9 @@ CLAMSUBMIT_CFLAGS = @CLAMSUBMIT_CFLAGS@
 CLAMSUBMIT_LIBS = @CLAMSUBMIT_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
+CURL_CPPFLAGS = @CURL_CPPFLAGS@
+CURL_LDFLAGS = @CURL_LDFLAGS@
+CURL_LIBS = @CURL_LIBS@
 CURSES_CPPFLAGS = @CURSES_CPPFLAGS@
 CURSES_LIBS = @CURSES_LIBS@
 CXX = @CXX@
@@ -579,6 +581,7 @@ LIBCLAMAV_CPPFLAGS = @LIBCLAMAV_CPPFLAGS@
 LIBCLAMAV_LIBS = @LIBCLAMAV_LIBS@
 LIBCLAMAV_VERSION = @LIBCLAMAV_VERSION@
 LIBCLAMSHARED_CPPFLAGS = @LIBCLAMSHARED_CPPFLAGS@
+LIBFRESHCLAM_VERSION = @LIBFRESHCLAM_VERSION@
 LIBLTDL = @LIBLTDL@
 LIBM = @LIBM@
 LIBMSPACK_CFLAGS = @LIBMSPACK_CFLAGS@

diff --git a/unit_tests/check_clamav.c b/unit_tests/check_clamav.c
@@ -1164,7 +1164,6 @@ int main(void)
 #if HAVE_LIBXML2
     xmlCleanupParser();
 #endif
-    cl_cleanup_crypto();
 
     return (nf == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
 }