yara-sys
Native bindings for the Yara library from VirusTotal. Only works with Yara v4.
More documentation can be found on the Yara's documentation.
Features
By default, this crate uses bindgen to generate bindings on-the-fly, but you can also use the following features to use pre-built bindings file for different version of Yara. Just make sure the version you specify is the same that the version on your system!
bindgen: recommended: this is the default feature, to use generated bindings.bundled-4_1_3: use pre-generated bindings for Yara 4.1.3. Useful if you do not want to install LLVM to run bindgen. However, you'll have to make sure you use a version of Yara with the same major and minor version number.vendored: automatically compile and link libyara v4.1.3.
You can specify the location of Yara:
- The path of the Yara library by setting the
YARA_LIBRARY_PATHenvironment variable. - The path of the Yara headers by setting the
YARA_INCLUDE_DIRenvironment variable, if you use thebindgenfeature.
You can specify compile options for libyara v4.1.3 if choice vendored (0 - disable, 1 - enable):
- YARA_ENABLE_PROFILING - enable rules profiling support (default: Disable)
- YARA_ENABLE_NDEBUG - enable NDEBUG (default: Enable)
- YARA_ENABLE_HASH - enable hash module (default: Disable)
- YARA_ENABLE_MAGIC - enable magic module (depends on libmagic) (default: Disable)
- YARA_ENABLE_CUCKOO - enable cuckoo module (depends on Jansson for parsing JSON) (default: Disable)
- YARA_ENABLE_DOTNET - enable dotnet module (default: Enable)
- YARA_ENABLE_DEX - enable dex module (default: Enable)
- YARA_ENABLE_DEX_DEBUG - enable dex module debugging (default: Disable)
- YARA_ENABLE_MACHO - enable macho module (default: Enable)
- YARA_ENABLE_CRYPTO - enable OpenSSL (default: Enable)
- YARA_DEBUG_VERBOSITY - Set debug level information on runtime (default: 0)
- OPENSSL_LIB_DIR - path to OpenSSL library directory
License
Licensed under either of
- Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.