]> source.dussan.org Git - rspamd.git/commitdiff
projects / rspamd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 85a2fc6)
[Feature] Reiterate on gtube patterns
authorVsevolod Stakhov <vsevolod@rspamd.com>
Wed, 8 Nov 2023 14:34:33 +0000 (14:34 +0000)
committerVsevolod Stakhov <vsevolod@rspamd.com>
Wed, 8 Nov 2023 14:34:33 +0000 (14:34 +0000)
src/libmime/message.c patch | blob | history
src/libserver/cfg_file.h patch | blob | history
src/libserver/cfg_rcl.cxx patch | blob | history
src/libserver/cfg_utils.cxx patch | blob | history
test/functional/configs/milter.conf patch | blob | history

diff --git a/src/libmime/message.c b/src/libmime/message.c
index 327b546e76310d12efe8a58db0b7afcf873eee12..0c11f50757211d020213da2c53bf5c0bd421b205 100644 (file)
--- a/src/libmime/message.c
+++ b/src/libmime/message.c
@@ -1,11 +1,11 @@
-/*-
- * Copyright 2016 Vsevolod Stakhov
+/*
+ * Copyright 2023 Vsevolod Stakhov
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
- *   http://www.apache.org/licenses/LICENSE-2.0
+ *    http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
@@ -638,7 +638,7 @@ rspamd_multipattern_gtube_cb(struct rspamd_multipattern *mp,
        struct rspamd_task *task = (struct rspamd_task *) context;
 
        if (strnum > 0) {
-               if (task->cfg->enable_test_patterns) {
+               if (task->cfg->gtube_patterns_policy == RSPAMD_GTUBE_ALL) {
                        return strnum + 1;
                }
 
@@ -656,7 +656,7 @@ rspamd_check_gtube(struct rspamd_task *task, struct rspamd_mime_text_part *part)
        enum rspamd_action_type act = METRIC_ACTION_NOACTION;
        g_assert(part != NULL);
 
-       if (gtube_matcher == NULL) {
+       if (gtube_matcher == NULL && task->cfg->gtube_patterns_policy != RSPAMD_GTUBE_DISABLED) {
                gtube_matcher = rspamd_multipattern_create(RSPAMD_MULTIPATTERN_DEFAULT);
 
                rspamd_multipattern_add_pattern(gtube_matcher,
@@ -683,7 +683,8 @@ rspamd_check_gtube(struct rspamd_task *task, struct rspamd_mime_text_part *part)
        }
 
        if (part->utf_content.len >= sizeof(gtube_pattern_reject) &&
-               part->utf_content.len <= max_check_size) {
+               part->utf_content.len <= max_check_size &&
+               task->cfg->gtube_patterns_policy != RSPAMD_GTUBE_DISABLED) {
                if ((ret = rspamd_multipattern_lookup(gtube_matcher, part->utf_content.begin,
                                                                                          part->utf_content.len,
                                                                                          rspamd_multipattern_gtube_cb, task, NULL)) > 0) {
@@ -693,15 +694,12 @@ rspamd_check_gtube(struct rspamd_task *task, struct rspamd_mime_text_part *part)
                                act = METRIC_ACTION_REJECT;
                                break;
                        case 2:
-                               g_assert(task->cfg->enable_test_patterns);
                                act = METRIC_ACTION_ADD_HEADER;
                                break;
                        case 3:
-                               g_assert(task->cfg->enable_test_patterns);
                                act = METRIC_ACTION_REWRITE_SUBJECT;
                                break;
                        case 4:
-                               g_assert(task->cfg->enable_test_patterns);
                                act = METRIC_ACTION_NOACTION;
                                break;
                        }
diff --git a/src/libserver/cfg_file.h b/src/libserver/cfg_file.h
index 22f7549385f00e8cb058173f82aed89ca9ec17b5..4cb87d974ea6276a1c80324d6a49f40e67c3aa36 100644 (file)
--- a/src/libserver/cfg_file.h
+++ b/src/libserver/cfg_file.h
@@ -312,6 +312,12 @@ enum rspamd_config_settings_policy {
        RSPAMD_SETTINGS_POLICY_IMPLICIT_DENY = 2,
 };
 
+enum rspamd_gtube_patterns_policy {
+       RSPAMD_GTUBE_DISABLED = 0, /* Disabled */
+       RSPAMD_GTUBE_REJECT,       /* Reject message with GTUBE pattern */
+       RSPAMD_GTUBE_ALL           /* Check all GTUBE like patterns */
+};
+
 struct rspamd_config_settings_elt {
        guint32 id;
        enum rspamd_config_settings_policy policy;
@@ -344,22 +350,22 @@ struct rspamd_config {
        GHashTable *groups;     /**< groups of symbols                                                          */
        void *actions;          /**< all actions of the metric (opaque type)            */
 
-       gboolean one_shot_mode;              /**< rules add only one symbol                                                     */
-       gboolean check_text_attachements;    /**< check text attachements as text                                       */
-       gboolean check_all_filters;          /**< check all filters                                                                     */
-       gboolean allow_raw_input;            /**< scan messages with invalid mime                                       */
-       gboolean disable_hyperscan;          /**< disable hyperscan usage                                                       */
-       gboolean vectorized_hyperscan;       /**< use vectorized hyperscan matching                                     */
-       gboolean enable_shutdown_workaround; /**< enable workaround for legacy SA clients (exim)                */
-       gboolean ignore_received;            /**< Ignore data from the first received header                    */
-       gboolean enable_sessions_cache;      /**< Enable session cache for debug                                                */
-       gboolean enable_experimental;        /**< Enable experimental plugins                                           */
-       gboolean disable_pcre_jit;           /**< Disable pcre JIT                                                                      */
-       gboolean own_lua_state;              /**< True if we have created lua_state internally          */
-       gboolean soft_reject_on_timeout;     /**< If true emit soft reject on task timeout (if not reject) */
-       gboolean public_groups_only;         /**< Output merely public groups everywhere                                */
-       gboolean enable_test_patterns;       /**< Enable test patterns                                                          */
-       gboolean enable_css_parser;          /**< Enable css parsing in HTML                                                    */
+       gboolean one_shot_mode;                                  /**< rules add only one symbol                                                 */
+       gboolean check_text_attachements;                        /**< check text attachements as text                                   */
+       gboolean check_all_filters;                              /**< check all filters                                                                 */
+       gboolean allow_raw_input;                                /**< scan messages with invalid mime                                   */
+       gboolean disable_hyperscan;                              /**< disable hyperscan usage                                                   */
+       gboolean vectorized_hyperscan;                           /**< use vectorized hyperscan matching                                 */
+       gboolean enable_shutdown_workaround;                     /**< enable workaround for legacy SA clients (exim)            */
+       gboolean ignore_received;                                /**< Ignore data from the first received header                        */
+       gboolean enable_sessions_cache;                          /**< Enable session cache for debug                                            */
+       gboolean enable_experimental;                            /**< Enable experimental plugins                                               */
+       gboolean disable_pcre_jit;                               /**< Disable pcre JIT                                                                  */
+       gboolean own_lua_state;                                  /**< True if we have created lua_state internally              */
+       gboolean soft_reject_on_timeout;                         /**< If true emit soft reject on task timeout (if not reject) */
+       gboolean public_groups_only;                             /**< Output merely public groups everywhere                            */
+       enum rspamd_gtube_patterns_policy gtube_patterns_policy; /**< Enable test patterns                                                              */
+       gboolean enable_css_parser;                              /**< Enable css parsing in HTML                                                        */
 
        gsize max_cores_size;       /**< maximum size occupied by rspamd core files                     */
        gsize max_cores_count;      /**< maximum number of core files                                           */
diff --git a/src/libserver/cfg_rcl.cxx b/src/libserver/cfg_rcl.cxx
index 3f6ca2c5609a393c66d8efd079f965d1f112134c..fbfcbcd34335ac074d2c993654c8759da904bbf3 100644 (file)
--- a/src/libserver/cfg_rcl.cxx
+++ b/src/libserver/cfg_rcl.cxx
@@ -347,6 +347,35 @@ rspamd_rcl_options_handler(rspamd_mempool_t *pool, const ucl_object_t *obj,
                }
        }
 
+       const auto *gtube_patterns = ucl_object_lookup(obj, "gtube_patterns");
+       if (gtube_patterns != nullptr && ucl_object_type(gtube_patterns) == UCL_STRING) {
+               const auto *gtube_st = ucl_object_tostring(gtube_patterns);
+
+               if (g_ascii_strcasecmp(gtube_st, "all") == 0) {
+                       cfg->gtube_patterns_policy = RSPAMD_GTUBE_ALL;
+               }
+               else if (g_ascii_strcasecmp(gtube_st, "reject") == 0) {
+                       cfg->gtube_patterns_policy = RSPAMD_GTUBE_REJECT;
+               }
+               else if (g_ascii_strcasecmp(gtube_st, "disable") == 0) {
+                       cfg->gtube_patterns_policy = RSPAMD_GTUBE_DISABLED;
+               }
+               else {
+                       g_set_error(err,
+                                               CFG_RCL_ERROR,
+                                               EINVAL,
+                                               "invalid GTUBE patterns policy: %s",
+                                               gtube_st);
+                       return FALSE;
+               }
+       }
+       else if (auto *enable_test_patterns = ucl_object_lookup(obj, "enable_test_patterns"); enable_test_patterns != nullptr) {
+               /* Legacy setting */
+               if (!!ucl_object_toboolean(enable_test_patterns)) {
+                       cfg->gtube_patterns_policy = RSPAMD_GTUBE_ALL;
+               }
+       }
+
        if (rspamd_rcl_section_parse_defaults(cfg,
                                                                                  *section, cfg->cfg_pool, obj,
                                                                                  cfg, err)) {
@@ -1876,12 +1905,6 @@ rspamd_rcl_config_init(struct rspamd_config *cfg, GHashTable *skip_sections)
                                                                           G_STRUCT_OFFSET(struct rspamd_config, public_groups_only),
                                                                           0,
                                                                           "Output merely public groups everywhere");
-               rspamd_rcl_add_default_handler(sub,
-                                                                          "enable_test_patterns",
-                                                                          rspamd_rcl_parse_struct_boolean,
-                                                                          G_STRUCT_OFFSET(struct rspamd_config, enable_test_patterns),
-                                                                          0,
-                                                                          "Enable test GTUBE like patterns (not for production!)");
                rspamd_rcl_add_default_handler(sub,
                                                                           "enable_css_parser",
                                                                           rspamd_rcl_parse_struct_boolean,
diff --git a/src/libserver/cfg_utils.cxx b/src/libserver/cfg_utils.cxx
index 416d52e056b94a05358dca4bb9103f03cbc82d98..e22cbe9e3784092351b0ec9a078b2cf5ba9278af 100644 (file)
--- a/src/libserver/cfg_utils.cxx
+++ b/src/libserver/cfg_utils.cxx
@@ -286,6 +286,7 @@ rspamd_config_new(enum rspamd_config_init_flags flags)
        cfg->max_recipients = 1024;
        cfg->max_blas_threads = 1;
        cfg->max_opts_len = 4096;
+       cfg->gtube_patterns_policy = RSPAMD_GTUBE_REJECT;
 
        /* Default log line */
        cfg->log_format_str = rspamd_mempool_strdup(cfg->cfg_pool,
diff --git a/test/functional/configs/milter.conf b/test/functional/configs/milter.conf
index aaf148c12c763fff09c76d0d1011f999077a5130..dc623c82db81d87169c49a45e48dff9212521de1 100644 (file)
--- a/test/functional/configs/milter.conf
+++ b/test/functional/configs/milter.conf
@@ -3,7 +3,7 @@ options = {
        url_tld = "{= env.URL_TLD =}"
        pidfile = "{= env.TMPDIR =}/rspamd.pid"
        lua_path = "{= env.INSTALLROOT =}/share/rspamd/lib/?.lua";
-       enable_test_patterns = true;
+       gtube_patterns = "all";
        dns {
                nameserver = ["8.8.8.8", "8.8.4.4"];
                retransmits = 10;
Rapid spam filtering system: https://github.com/rspamd/rspamd