[Feature] Add more features to dynamic updates

author Vsevolod Stakhov <vsevolod@highsecure.ru>

Tue, 8 Mar 2016 15:00:56 +0000 (15:00 +0000)

committer Vsevolod Stakhov <vsevolod@highsecure.ru>

Tue, 8 Mar 2016 15:00:56 +0000 (15:00 +0000)
author Vsevolod Stakhov <vsevolod@highsecure.ru>
Tue, 8 Mar 2016 15:00:56 +0000 (15:00 +0000)
committer Vsevolod Stakhov <vsevolod@highsecure.ru>
Tue, 8 Mar 2016 15:00:56 +0000 (15:00 +0000)
diff --git a/src/lua/lua_map.c b/src/lua/lua_map.c

index eba020a85ee29d9a4cab60f1ed2895faa9b79304..df8e60fb17565488608c7d7844c18343a6ff323d 100644 (file)
--- a/src/lua/lua_map.c
+++ b/src/lua/lua_map.c
@@ -443,8 +443,8 @@ lua_map_get_key (lua_State * L)
                                 ud = luaL_checkudata (L, 2, "rspamd{ip}");
                                 if (ud != NULL) {
                                         addr = *((struct rspamd_lua_ip **)ud);
+
                                         if (addr->addr == NULL) {
-                                               msg_err ("rspamd{ip} is not valid");
                                                 addr = NULL;
                                         }
                                 }
diff --git a/src/plugins/lua/rspamd_update.lua b/src/plugins/lua/rspamd_update.lua

index 85b49bb10ffc61a80173d72c5ed44edd6bf7a011..14f9e54b746cf0c09d01df485d66e176fbc96e0f 100644 (file)
--- a/src/plugins/lua/rspamd_update.lua
+++ b/src/plugins/lua/rspamd_update.lua
@@ -23,6 +23,7 @@ local updates_priority = 2
  local rspamd_config = rspamd_config
  local hash = require "rspamd_cryptobox_hash"
  local rspamd_version = rspamd_version
+local maps = {}
  
  local function process_symbols(obj)
    each(function(sym, score)
@@ -33,19 +34,25 @@ local function process_symbols(obj)
      })
    end, obj)
  end
+
  local function process_actions(obj)
    each(function(act, score)
      rspamd_config:set_metric_action({
-      name = act,
+      action = act,
        score = score,
        priority = updates_priority
      })
    end, obj)
  end
  
-local function process_actions(obj)
+local function process_rules(obj)
    each(function(key, code)
-    dostring(code)
+    local f = loadstring(code)
+    if f then
+      f()
+    else
+      rspamd_logger(rspamd_config, 'cannot load rules for %s', key)
+    end
    end, obj)
  end
  
@@ -70,47 +77,68 @@ local function check_version(obj)
    return ret
  end
  
-local function process_updates(data)
-  local ucl = require "ucl"
-  local parser = ucl.parser()
-  local res,err = parser:parse_string(data)
-
-  if not res then
-    rspamd_logger.warnx(rspamd_config, 'cannot parse updates map: ' .. err)
-  else
-    local h = hash.create()
-    h:update(data)
-    local obj = parser:get_object()
-
-    if check_version(obj) then
-      if obj['symbols'] then
-        process_symbols(obj['symbols'])
-      end
-      if obj['actions'] then
-        process_actions(obj['actions'])
-      end
-      if obj['rules'] then
-        process_rules(obj['rules'])
-      end
+local function gen_callback(map)
+
+  return function(data)
+    local ucl = require "ucl"
+    local parser = ucl.parser()
+    local res,err = parser:parse_string(data)
  
-      rspamd_logger.infox(rspamd_config, 'loaded new rules with hash "%s"',
-        h:hex())
+    if not res then
+      rspamd_logger.warnx(rspamd_config, 'cannot parse updates map: ' .. err)
+    else
+      local h = hash.create()
+      h:update(data)
+      local obj = parser:get_object()
+
+      if check_version(obj) then
+        if obj['symbols'] then
+          process_symbols(obj['symbols'])
+        end
+        if obj['actions'] then
+          process_actions(obj['actions'])
+        end
+        if obj['rules'] then
+          process_rules(obj['rules'])
+        end
+
+        rspamd_logger.infox(rspamd_config, 'loaded new rules with hash "%s"',
+          h:hex())
+      end
      end
-  end
  
-  return res
+    return res
+  end
  end
  
  -- Configuration part
  local section = rspamd_config:get_all_opt("rspamd_update")
  if section then
+  local trusted_key
    each(function(k, elt)
      if k == 'priority' then
        updates_priority = tonumber(elt)
+    elseif k == 'key' then
+      trusted_key = elt
      else
-      if not rspamd_config:add_map(elt, "rspamd updates map", process_updates) then
-        rspamd_logger.errx(rspamd_config, 'cannot load settings from %1', elt)
+      local map = rspamd_config:add_map(elt, "rspamd updates map", nil)
+      if not map then
+        rspamd_logger.errx(rspamd_config, 'cannot load updates from %1', elt)
+      else
+        map:set_callback(gen_callback(map))
+        maps['elt'] = map
        end
      end
    end, section)
+
+  each(function(k, map)
+    -- Check sanity for maps
+    if map:get_proto() == 'http' and not map:get_sign_key() then
+      if trusted_key then
+        map:set_sign_key(trusted_key)
+      else
+        rspamd_logger.warnx(rspamd_config, 'Map %s is loaded by HTTP and it is not signed', k)
+      end
+    end
+  end, maps)
  end
author	Vsevolod Stakhov <vsevolod@highsecure.ru>
	Tue, 8 Mar 2016 15:00:56 +0000 (15:00 +0000)
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>
	Tue, 8 Mar 2016 15:00:56 +0000 (15:00 +0000)
src/lua/lua_map.c		patch \| blob \| history
src/plugins/lua/rspamd_update.lua		patch \| blob \| history