]> source.dussan.org Git - rspamd.git/log
rspamd.git
4 weeks agoadd EOF to openmetrics response in proxy and server
Henry Spanka [Fri, 18 Oct 2024 08:08:56 +0000 (10:08 +0200)]
add EOF to openmetrics response in proxy and server

4 weeks ago[CritFix] Fix ARC-Seal signing
Jan Schär [Sat, 19 Oct 2024 22:08:36 +0000 (00:08 +0200)]
[CritFix] Fix ARC-Seal signing

Signing of ARC-Seal headers was recently broken; the created signatures
failed to validate. Most likely, this was caused by commit 1e661a2fc6e3,
which changed the way signatures are created in lua_rsa_sign_memory
without adding the calls to EVP_PKEY_CTX_set_rsa_padding and
EVP_PKEY_CTX_set_signature_md needed with the new interface.

After fixing this, some existing tests failed, because the test values
passed to the hash parameter did not have the correct size for a sha256
hash. I fixed these by adjusting the length of the test values.
Additionally, I extended the "RSA sign" unit test to compare the created
signature against the expected one. This is possible because RSA signing
is deterministic, and should prevent the same bug from occuring again.

Fixes: https://github.com/rspamd/rspamd/issues/5173
5 weeks agoRelease 3.10.1 3.10.1
Vsevolod Stakhov [Wed, 16 Oct 2024 10:33:53 +0000 (11:33 +0100)]
Release 3.10.1

* [Fix] Avoid null-bytes in Log-Tag header value.
* [Fix] Do not abort when OpenSSL is broken, report that to a user
* [Fix] Load "default" provider as well as "legacy"
* [Fix] Restore propagation of spam/ham learns
* [Fix] Use correct type for keylen in lua_ucl_newindex
* [Fix] Use unsigned char for ragel machines
* [Rework] Update hiredis to 1.2.0

5 weeks ago[Minor] Version 3.10.1
Vsevolod Stakhov [Wed, 16 Oct 2024 10:32:58 +0000 (11:32 +0100)]
[Minor] Version 3.10.1

5 weeks ago[Fix] Restore propagation of spam/ham learns
Vsevolod Stakhov [Wed, 16 Oct 2024 10:27:11 +0000 (11:27 +0100)]
[Fix] Restore propagation of spam/ham learns

5 weeks agoMerge pull request #5190 from rspamd/vstakhov-some-build-fixes
Vsevolod Stakhov [Tue, 15 Oct 2024 16:15:54 +0000 (22:15 +0600)]
Merge pull request #5190 from rspamd/vstakhov-some-build-fixes

Some more fixes

5 weeks agoMerge branch 'master' into vstakhov-some-build-fixes 5190/head
Vsevolod Stakhov [Tue, 15 Oct 2024 16:15:46 +0000 (22:15 +0600)]
Merge branch 'master' into vstakhov-some-build-fixes

5 weeks ago[Fix] Load "default" provider as well as "legacy"
Vsevolod Stakhov [Tue, 15 Oct 2024 16:10:55 +0000 (17:10 +0100)]
[Fix] Load "default" provider as well as "legacy"

5 weeks agoMerge pull request #5189 from rspamd/vstakhov-some-build-fixes
Vsevolod Stakhov [Tue, 15 Oct 2024 15:52:46 +0000 (21:52 +0600)]
Merge pull request #5189 from rspamd/vstakhov-some-build-fixes

Some build fixes

5 weeks ago[Minor] Use OSSL_PROVIDER_load on RHEL based distros vstakhov-some-build-fixes 5189/head
Vsevolod Stakhov [Tue, 15 Oct 2024 15:19:09 +0000 (16:19 +0100)]
[Minor] Use OSSL_PROVIDER_load on RHEL based distros

5 weeks ago[Minor] Remove bogus DEBIAN_BUILD constant
Vsevolod Stakhov [Tue, 15 Oct 2024 15:13:42 +0000 (16:13 +0100)]
[Minor] Remove bogus DEBIAN_BUILD constant

5 weeks agoMerge pull request #5188 from rspamd/vstakhov-openssl-provider-message
Vsevolod Stakhov [Tue, 15 Oct 2024 13:43:20 +0000 (19:43 +0600)]
Merge pull request #5188 from rspamd/vstakhov-openssl-provider-message

[Fix] Do not abort when OpenSSL is broken, report that to a user

5 weeks ago[Minor] Thank you OpenSSL for all those new names 5188/head
Vsevolod Stakhov [Tue, 15 Oct 2024 13:32:02 +0000 (14:32 +0100)]
[Minor] Thank you OpenSSL for all those new names

5 weeks ago[Fix] Do not abort when OpenSSL is broken, report that to a user vstakhov-openssl-provider-message
Vsevolod Stakhov [Tue, 15 Oct 2024 13:22:03 +0000 (14:22 +0100)]
[Fix] Do not abort when OpenSSL is broken, report that to a user

Issue: #5181

5 weeks ago[Fix] Use unsigned char for ragel machines
Vsevolod Stakhov [Mon, 14 Oct 2024 19:23:02 +0000 (20:23 +0100)]
[Fix] Use unsigned char for ragel machines

It seems that on aarch64 Linux char is signed by default, so Ragel produces
a wrong code that is "optimized" by a compiler simply to `false`.

Issue: #5172

5 weeks agoRevert "[Minor] Remove custom ragel flags to test arm64 bug"
Vsevolod Stakhov [Mon, 14 Oct 2024 18:15:24 +0000 (19:15 +0100)]
Revert "[Minor] Remove custom ragel flags to test arm64 bug"

This reverts commit 0d962621f158e0b64693e947beecb3242a229fd2.

5 weeks ago[Minor] Fix GCC sanitizer
Vsevolod Stakhov [Mon, 14 Oct 2024 18:01:43 +0000 (19:01 +0100)]
[Minor] Fix GCC sanitizer

5 weeks ago[Minor] Remove custom ragel flags to test arm64 bug
Vsevolod Stakhov [Mon, 14 Oct 2024 17:59:25 +0000 (18:59 +0100)]
[Minor] Remove custom ragel flags to test arm64 bug

6 weeks agoMerge pull request #5179 from smarsching/issue-5178
Vsevolod Stakhov [Thu, 10 Oct 2024 16:20:34 +0000 (22:20 +0600)]
Merge pull request #5179 from smarsching/issue-5178

[Fix] Avoid null-bytes in Log-Tag header value

6 weeks agoMerge pull request #5176 from wdhdev/patch-1
Vsevolod Stakhov [Wed, 9 Oct 2024 15:31:26 +0000 (21:31 +0600)]
Merge pull request #5176 from wdhdev/patch-1

chore(publicsuffix): update effective_tld_names.dat

6 weeks ago[Fix] Avoid null-bytes in Log-Tag header value. 5179/head
Sebastian Marsching [Tue, 8 Oct 2024 19:05:35 +0000 (21:05 +0200)]
[Fix] Avoid null-bytes in Log-Tag header value.

This fixes #5178.

6 weeks agorevert IDN removal 5176/head
William Harrison [Tue, 8 Oct 2024 09:45:01 +0000 (17:45 +0800)]
revert IDN removal

6 weeks agoMerge pull request #5164 from dragoangel/patch-8
Vsevolod Stakhov [Tue, 8 Oct 2024 09:41:47 +0000 (15:41 +0600)]
Merge pull request #5164 from dragoangel/patch-8

Remove proxy from url_redirector.conf as it not the option

6 weeks agochore(publicsuffix): update effective_tld_names.dat
William Harrison [Mon, 7 Oct 2024 05:13:01 +0000 (13:13 +0800)]
chore(publicsuffix): update effective_tld_names.dat

7 weeks agoMerge pull request #5167 from rspamd/vstakhov-new-hiredis
Vsevolod Stakhov [Sat, 5 Oct 2024 11:08:50 +0000 (17:08 +0600)]
Merge pull request #5167 from rspamd/vstakhov-new-hiredis

Update hiredis library removing all hacks

7 weeks agoMerge pull request #5169 from arkamar/lua-ucl/len-type
Vsevolod Stakhov [Wed, 2 Oct 2024 15:22:37 +0000 (21:22 +0600)]
Merge pull request #5169 from arkamar/lua-ucl/len-type

[Fix] Use correct type for keylen in lua_ucl_newindex

7 weeks ago[Fix] Use correct type for keylen in lua_ucl_newindex 5169/head
Petr Vaněk [Wed, 2 Oct 2024 13:01:07 +0000 (15:01 +0200)]
[Fix] Use correct type for keylen in lua_ucl_newindex

The keylen variable used in lua_ucl_newindex function should use size_t
type instead of lua_Integer, because all functions that use keylen
expect it to be of size_t type. This mismatch leads to incompatible
pointer types, and modern versions of GCC fail to compile the code.

Fixes: 9e87597ceb05 ("[Project] Allow manipulations with opaque UCL objects")
Issue: https://github.com/rspamd/rspamd/issues/5163

7 weeks ago[Minor] Update dependencies info vstakhov-new-hiredis 5167/head
Vsevolod Stakhov [Tue, 1 Oct 2024 11:24:56 +0000 (12:24 +0100)]
[Minor] Update dependencies info

7 weeks ago[Rework] Update hiredis to 1.2.0
Vsevolod Stakhov [Tue, 1 Oct 2024 11:20:08 +0000 (12:20 +0100)]
[Rework] Update hiredis to 1.2.0

7 weeks agoRemove proxy from url_redirector.conf as it not the option 5164/head
Dmitriy Alekseev [Mon, 30 Sep 2024 20:16:24 +0000 (22:16 +0200)]
Remove proxy from url_redirector.conf as it not the option

7 weeks ago[Minor] Update version
Vsevolod Stakhov [Mon, 30 Sep 2024 17:45:16 +0000 (18:45 +0100)]
[Minor] Update version

7 weeks agoRelease 3.10.0 3.10.0
Vsevolod Stakhov [Mon, 30 Sep 2024 17:43:02 +0000 (18:43 +0100)]
Release 3.10.0

* [Conf] Add SenderScore RPBL return codes
* [Conf] Add SenderScore Reputationlist RBL
* [Conf] Increase scores for strange things in the archives
* [CritFix] The max size for signing key is actually 65 bytes for p256
* [Feature] Add rspamadm secretbox command
* [Feature] Add rspamd_cxx_unit_cryptobox for unit testing
* [Feature] Add support for OpenSSL 3.0
* [Feature] Add support for OpenSSL 3.0 for DKIM
* [Feature] Add tests for rspamd_cryptobox
* [Feature] Add tooling to encrypt strings in Lua
* [Feature] Allow differen modes for fuzzy rules
* [Feature] Allow to set negative group score limit via `min_score`
* [Feature] DMARC: Implement reporting.only_domains setting
* [Fix] Add workaround for the bug in OpenSSL < 3.0.8
* [Fix] Another fix for Redis schema
* [Fix] Another safe-guards for learning/classifying an empty message
* [Fix] Apply the same workaround for signing keys
* [Fix] Check message before trying to dereference pointer
* [Fix] Do not install doctest stuff
* [Fix] Encode headers that we send to milter add header
* [Fix] Fix DCC `rep` handling
* [Fix] Fix Redis scripts uploading when Redis is not ready
* [Fix] Fix and rework various parts
* [Fix] Fix compatibility with OSSL 1.0
* [Fix] Fix glib internals by setting locale in `rspamc`
* [Fix] GPT: Fix bug in condition check
* [Fix] Get rid of EVP_PKEY_CTX_set1_rsa_keygen_pubexp
* [Fix] Iterate over dynamic keys in fuzzy storage
* [Fix] Make tostring in UCL a bit less brain-damaged
* [Fix] More bogus sizes fix
* [Fix] Preserve the previous behaviour of RDNS_* checks
* [Fix] Rework DMARC to correctly handle spaces in DMARC records Issue: #4906
* [Fix] Sign key != encryption key, omg
* [Fix] Unify lua symbols registration
* [Fix] Use proper keys when doing asymmetric encryption
* [Project] Add API method to push unwrapped UCL object
* [Project] Add more stuff to transparent UCL
* [Project] Add parsing of key limits and expire date
* [Project] Add ratelimit parsing for fuzzy keys
* [Project] Allow manipulations with opaque UCL objects
* [Project] Allow to change log tag from HTTP request
* [Project] Implement expiration
* [Project] Implement per-key ratelimit
* [Project] Move ratelimit parsing stuff to a common library
* [Project] Remove NIST (OpenSSL) mode from cryptobox
* [Project] Remove NIST mode from everywhere
* [Project] Rework ratelimits check
* [Project] Some more fixes
* [Project] Start support of MIME UTF8
* [Project] Try to allow more transparent access of ucl elements
* [Rework] Allow more flexible keypair encoding
* [Rework] Breaking: Rewrite cfg transform and remove legacy
* [Rework] Change fuzzy error symbols
* [Rework] Change the logic of skipping symbols
* [Rework] Clean up legacy code
* [Rework] Implement new replies logic on the server's side
* [Rework] Remove control block support
* [Rework] Resolve rdns in a separate function
* [Rework] Use __builtin_cpu_supports where possible
* [Rework] Use a more straight structure for DKIM keys
* [Rules] Fix some old rules

7 weeks agoMerge pull request #5161 from rspamd/vstakhov-fix-dcc
Vsevolod Stakhov [Mon, 30 Sep 2024 15:18:32 +0000 (21:18 +0600)]
Merge pull request #5161 from rspamd/vstakhov-fix-dcc

[Fix] Fix DCC `rep` handling

8 weeks ago[Fix] Fix DCC `rep` handling vstakhov-fix-dcc 5161/head
Vsevolod Stakhov [Fri, 27 Sep 2024 11:51:38 +0000 (12:51 +0100)]
[Fix] Fix DCC `rep` handling

Issue: #5158

8 weeks ago[Minor] Make API consistent
Vsevolod Stakhov [Fri, 27 Sep 2024 11:58:01 +0000 (12:58 +0100)]
[Minor] Make API consistent

8 weeks ago[Test] Trying to understand what's up with robot
Vsevolod Stakhov [Fri, 27 Sep 2024 11:32:37 +0000 (12:32 +0100)]
[Test] Trying to understand what's up with robot

8 weeks agoMerge pull request #5056 from rspamd/vstakhov-utf8-mime
Vsevolod Stakhov [Fri, 27 Sep 2024 10:53:57 +0000 (16:53 +0600)]
Merge pull request #5056 from rspamd/vstakhov-utf8-mime

[Feature] MIME UTF8 support

8 weeks agoMerge pull request #5160 from rspamd/vstakhov-remove-control-block
Vsevolod Stakhov [Thu, 26 Sep 2024 15:26:31 +0000 (21:26 +0600)]
Merge pull request #5160 from rspamd/vstakhov-remove-control-block

[Rework] Remove control block support

8 weeks ago[Rework] Remove control block support vstakhov-remove-control-block 5160/head
Vsevolod Stakhov [Thu, 26 Sep 2024 14:21:41 +0000 (15:21 +0100)]
[Rework] Remove control block support

It has been buggy and never really used by anyone I suppose.

8 weeks ago[Fix] Fix glib internals by setting locale in `rspamc`
Vsevolod Stakhov [Wed, 25 Sep 2024 11:43:27 +0000 (12:43 +0100)]
[Fix] Fix glib internals by setting locale in `rspamc`

8 weeks agoMerge branch 'master' into vstakhov-utf8-mime vstakhov-utf8-mime 5056/head
Vsevolod Stakhov [Tue, 24 Sep 2024 16:09:51 +0000 (22:09 +0600)]
Merge branch 'master' into vstakhov-utf8-mime

8 weeks agoMerge pull request #5156 from rspamd/vstakhov-dynamic-fuzzy-keys-iter
Vsevolod Stakhov [Tue, 24 Sep 2024 14:24:16 +0000 (20:24 +0600)]
Merge pull request #5156 from rspamd/vstakhov-dynamic-fuzzy-keys-iter

[Fix] Iterate over dynamic keys in fuzzy storage

8 weeks ago[Fix] Iterate over dynamic keys in fuzzy storage 5156/head
Vsevolod Stakhov [Tue, 24 Sep 2024 14:13:39 +0000 (15:13 +0100)]
[Fix] Iterate over dynamic keys in fuzzy storage

8 weeks agoMerge pull request #5154 from rspamd/vstakhov-ssl-fixes
Vsevolod Stakhov [Tue, 24 Sep 2024 08:55:26 +0000 (14:55 +0600)]
Merge pull request #5154 from rspamd/vstakhov-ssl-fixes

Fixes for OpenSSL

8 weeks ago[CI] Learning what ci can 5154/head
Vsevolod Stakhov [Tue, 24 Sep 2024 08:44:32 +0000 (09:44 +0100)]
[CI] Learning what ci can

8 weeks ago[CI] Maybe enable devtoolset if possible
Vsevolod Stakhov [Tue, 24 Sep 2024 08:38:59 +0000 (09:38 +0100)]
[CI] Maybe enable devtoolset if possible

8 weeks ago[Minor] Another compatibility fix
Vsevolod Stakhov [Tue, 24 Sep 2024 08:30:22 +0000 (09:30 +0100)]
[Minor] Another compatibility fix

8 weeks ago[Minor] Use portable macro for old OpenSSL vstakhov-ssl-fixes
Vsevolod Stakhov [Tue, 24 Sep 2024 08:25:16 +0000 (09:25 +0100)]
[Minor] Use portable macro for old OpenSSL

8 weeks ago[Minor] Another compatibility fix
Vsevolod Stakhov [Tue, 24 Sep 2024 08:23:37 +0000 (09:23 +0100)]
[Minor] Another compatibility fix

2 months agoMerge branch 'master' into vstakhov-ssl-fixes
Vsevolod Stakhov [Mon, 23 Sep 2024 21:47:55 +0000 (03:47 +0600)]
Merge branch 'master' into vstakhov-ssl-fixes

2 months agoMerge pull request #5153 from rspamd/vstakhov-ci-try
Vsevolod Stakhov [Mon, 23 Sep 2024 21:47:43 +0000 (03:47 +0600)]
Merge pull request #5153 from rspamd/vstakhov-ci-try

Add more build targets

2 months ago[Fix] Get rid of EVP_PKEY_CTX_set1_rsa_keygen_pubexp
Vsevolod Stakhov [Mon, 23 Sep 2024 18:15:44 +0000 (19:15 +0100)]
[Fix] Get rid of EVP_PKEY_CTX_set1_rsa_keygen_pubexp

OpenSSL uses 65537 by default, no need in explicit set.

2 months agoUpdate ci_rspamd_build.yml vstakhov-ci-try 5153/head
Vsevolod Stakhov [Mon, 23 Sep 2024 17:48:03 +0000 (18:48 +0100)]
Update ci_rspamd_build.yml

2 months agoUpdate ci.yml
Vsevolod Stakhov [Mon, 23 Sep 2024 17:43:21 +0000 (18:43 +0100)]
Update ci.yml

2 months agoCreate ci_rspamd_build.yml
Vsevolod Stakhov [Mon, 23 Sep 2024 17:42:54 +0000 (18:42 +0100)]
Create ci_rspamd_build.yml

2 months agoAdd more build targets
Vsevolod Stakhov [Mon, 23 Sep 2024 17:37:31 +0000 (18:37 +0100)]
Add more build targets

Issue: #5152

2 months ago[Minor] Our version should be 3.10
Vsevolod Stakhov [Mon, 23 Sep 2024 14:28:05 +0000 (15:28 +0100)]
[Minor] Our version should be 3.10

2 months agoMerge pull request #5144 from rspamd/vstakhov-keypair-encoding
Vsevolod Stakhov [Sun, 22 Sep 2024 13:32:40 +0000 (19:32 +0600)]
Merge pull request #5144 from rspamd/vstakhov-keypair-encoding

[Rework] Allow more flexible keypair encoding

2 months ago[Rework] Allow more flexible keypair encoding vstakhov-keypair-encoding 5144/head
Vsevolod Stakhov [Sat, 21 Sep 2024 13:59:12 +0000 (14:59 +0100)]
[Rework] Allow more flexible keypair encoding

2 months agoMerge pull request #5140 from rspamd/vstakhov-cpu-detection
Vsevolod Stakhov [Fri, 20 Sep 2024 13:02:18 +0000 (19:02 +0600)]
Merge pull request #5140 from rspamd/vstakhov-cpu-detection

[Feature] Detect CPU using __builtin_cpu_supports where it's possible

2 months agoMerge branch 'master' into vstakhov-cpu-detection vstakhov-cpu-detection 5140/head
Vsevolod Stakhov [Fri, 20 Sep 2024 13:00:05 +0000 (19:00 +0600)]
Merge branch 'master' into vstakhov-cpu-detection

2 months ago[Feature] Add rspamadm secretbox command
Ivan Stakhov [Wed, 18 Sep 2024 16:10:59 +0000 (19:10 +0300)]
[Feature] Add rspamadm secretbox command

* [Minor] Small fix for error messages

* [Feature] Create rspamadm util to decrypt header

* [Feature] Create python example to encrypt/decrypt header

* [Minor] Small clean up

* [Minor] Change c-rspamadm util to lua-rspamadm util

* [Minor] Small clean up

* [Minor] Add some debug

* [Feature] Add secretbox command

* [Minor] Debug

* [Minor] Add additional return for encrypted string(noce + encrypted string

* [Minor] Small debug

* [Minor] Add a way to provide encrypted text concatenated with nonce

* [Minor] Add nonce to encrypt text

* [Minor] Clean up

* [Minor] Clean up unused variable

* [Minor] Small fix

* [Minor] Fix return issue

* [Minor] Add blake2b for key derivation

* [Minor] Small upgrade to debug

* [Minor] Small clean up

* [Minor] Change return to more convenient form

* [Minor] Change print to test form

* [Test] Provide tests for encrypt/decrypt with rspamadm util and python script

* [Minor] Change python to python3

* [Minor] Add stderr check

* [Minor] Make the function return nonce+text

* [Minor] Change unit tests to new return format

* [Minor] Add flag to manage encodings

* [Minor] Add --encoding argument to manage encodings

* [Minor] Change tests for new input format

* [Minor] Fix lua format

* [Minor] Small fix

* [Minor] Provide full support for new return format of maybe_encrypt_header

* [Test] Test small fix

* [Test] Small fix

* [Minor] Clean up

* [Minor] Small fix for name of variable

* [Minor] Small clean up

* [Minor] Change format of command to a mre convenient

* [Minor] Change tests to be same as a format of a command

* [Minor] Change description of flags

* [Minor] Small fix

---------

Co-authored-by: Ivan Stakhov <50211739+LeftTry@users.noreply.github.com>
2 months agoMerge pull request #5142 from fatalbanana/dmarc_only_domains
Vsevolod Stakhov [Wed, 18 Sep 2024 16:10:20 +0000 (22:10 +0600)]
Merge pull request #5142 from fatalbanana/dmarc_only_domains

[Feature] DMARC: Implement reporting.only_domains setting

2 months ago[Feature] DMARC: Implement reporting.only_domains setting 5142/head
Andrew Lewis [Wed, 18 Sep 2024 10:57:49 +0000 (12:57 +0200)]
[Feature] DMARC: Implement reporting.only_domains setting

2 months agoMerge branch 'master' into vstakhov-utf8-mime
Vsevolod Stakhov [Tue, 17 Sep 2024 13:17:14 +0000 (19:17 +0600)]
Merge branch 'master' into vstakhov-utf8-mime

2 months ago[Rework] Use __builtin_cpu_supports where possible
Vsevolod Stakhov [Mon, 16 Sep 2024 13:31:24 +0000 (14:31 +0100)]
[Rework] Use __builtin_cpu_supports where possible

2 months ago[Minor] Detect __builtin_cpu_supports
Vsevolod Stakhov [Mon, 16 Sep 2024 13:22:42 +0000 (14:22 +0100)]
[Minor] Detect __builtin_cpu_supports

2 months ago[Minor] Do not autolearn messages without queue id
Vsevolod Stakhov [Sat, 14 Sep 2024 13:41:36 +0000 (14:41 +0100)]
[Minor] Do not autolearn messages without queue id

Suggested by: @moisseev

2 months agoMerge pull request #5133 from moisseev/test
Vsevolod Stakhov [Sat, 14 Sep 2024 12:22:21 +0000 (18:22 +0600)]
Merge pull request #5133 from moisseev/test

 [Test] Upgrade linters

2 months agoMerge pull request #5139 from spacefreak86/fix-dmarc-grammar
Vsevolod Stakhov [Fri, 13 Sep 2024 12:50:23 +0000 (18:50 +0600)]
Merge pull request #5139 from spacefreak86/fix-dmarc-grammar

[Fix] Rework DMARC grammar to correctly handle spaces in values

2 months ago[Minor] remove unnecessary calls of lpeg.P in DMARC grammar 5139/head
Thomas Oettli [Fri, 13 Sep 2024 09:40:13 +0000 (11:40 +0200)]
[Minor] remove unnecessary calls of lpeg.P in DMARC grammar
Just to make to code more readable.

2 months ago[Fix] Rework DMARC to correctly handle spaces in DMARC records
Thomas Oettli [Thu, 12 Sep 2024 16:43:10 +0000 (18:43 +0200)]
[Fix] Rework DMARC to correctly handle spaces in DMARC records
Issue: #4906

2 months agoMerge pull request #5135 from rspamd/vstakhov-fuzzy-keys-limits
Vsevolod Stakhov [Thu, 12 Sep 2024 13:14:42 +0000 (19:14 +0600)]
Merge pull request #5135 from rspamd/vstakhov-fuzzy-keys-limits

Implement individual limits for fuzzy keys

2 months ago[Minor] Sigh, so hard to fix it 5135/head
Vsevolod Stakhov [Thu, 12 Sep 2024 12:33:18 +0000 (13:33 +0100)]
[Minor] Sigh, so hard to fix it

2 months ago[Minor] C varargs suck
Vsevolod Stakhov [Thu, 12 Sep 2024 11:30:29 +0000 (12:30 +0100)]
[Minor] C varargs suck

2 months ago[Minor] Slight explanations of the decision made
Vsevolod Stakhov [Thu, 12 Sep 2024 09:55:54 +0000 (10:55 +0100)]
[Minor] Slight explanations of the decision made

2 months ago[Project] Implement expiration
Vsevolod Stakhov [Wed, 11 Sep 2024 20:40:12 +0000 (21:40 +0100)]
[Project] Implement expiration

2 months ago[Project] Implement per-key ratelimit
Vsevolod Stakhov [Wed, 11 Sep 2024 20:33:30 +0000 (21:33 +0100)]
[Project] Implement per-key ratelimit

2 months ago [Test] Upgrade linters 5133/head
Alexander Moisseev [Wed, 11 Sep 2024 14:13:13 +0000 (17:13 +0300)]
 [Test] Upgrade linters

- Upgraded `eslint` from 9.7.0 to 9.10.0
- Upgraded `@stylistic/eslint-plugin` from 2.3.0 to 2.8.0
- Upgraded `stylelint` from 16.7.0 to 16.9.0

2 months ago[Project] Add parsing of key limits and expire date
Vsevolod Stakhov [Wed, 11 Sep 2024 14:00:48 +0000 (15:00 +0100)]
[Project] Add parsing of key limits and expire date

2 months ago[Project] Add ratelimit parsing for fuzzy keys
Vsevolod Stakhov [Wed, 11 Sep 2024 13:43:22 +0000 (14:43 +0100)]
[Project] Add ratelimit parsing for fuzzy keys

2 months ago[Project] Move ratelimit parsing stuff to a common library
Vsevolod Stakhov [Wed, 11 Sep 2024 13:16:23 +0000 (14:16 +0100)]
[Project] Move ratelimit parsing stuff to a common library

2 months ago[Project] Rework ratelimits check
Vsevolod Stakhov [Tue, 10 Sep 2024 16:01:52 +0000 (17:01 +0100)]
[Project] Rework ratelimits check

2 months ago[Minor] Fix some unsafe chmod
Vsevolod Stakhov [Tue, 10 Sep 2024 10:14:26 +0000 (11:14 +0100)]
[Minor] Fix some unsafe chmod

2 months ago[Minor] Fix some SSL issues
Vsevolod Stakhov [Tue, 10 Sep 2024 09:28:00 +0000 (10:28 +0100)]
[Minor] Fix some SSL issues

2 months agoMerge pull request #5131 from rspamd/vstakhov-fuzzy-mode
Vsevolod Stakhov [Tue, 10 Sep 2024 08:43:06 +0000 (14:43 +0600)]
Merge pull request #5131 from rspamd/vstakhov-fuzzy-mode

[Feature] Allow different modes for fuzzy rules

2 months ago[Feature] Allow differen modes for fuzzy rules 5131/head
Vsevolod Stakhov [Mon, 9 Sep 2024 17:55:55 +0000 (18:55 +0100)]
[Feature] Allow differen modes for fuzzy rules

2 months agoMerge pull request #5129 from rspamd/vstakhov-redis-schema
Vsevolod Stakhov [Sun, 8 Sep 2024 15:50:38 +0000 (21:50 +0600)]
Merge pull request #5129 from rspamd/vstakhov-redis-schema

[Fix] Another fix for Redis schema

2 months ago[Fix] Another fix for Redis schema 5129/head
Vsevolod Stakhov [Sat, 7 Sep 2024 13:42:15 +0000 (14:42 +0100)]
[Fix] Another fix for Redis schema

Issue: #5112

2 months agoMerge pull request #5127 from rspamd/vstakhov-fuzzy-symbols
Vsevolod Stakhov [Thu, 5 Sep 2024 15:34:49 +0000 (21:34 +0600)]
Merge pull request #5127 from rspamd/vstakhov-fuzzy-symbols

Rework fuzzy symbols

2 months ago[Rework] Implement new replies logic on the server's side 5127/head
Vsevolod Stakhov [Thu, 5 Sep 2024 12:46:12 +0000 (13:46 +0100)]
[Rework] Implement new replies logic on the server's side

2 months ago[Minor] Add `encryption_required` symbol
Vsevolod Stakhov [Thu, 5 Sep 2024 12:42:08 +0000 (13:42 +0100)]
[Minor] Add `encryption_required` symbol

2 months ago[Minor] s/BLOCKED/FORBIDDEN/
Vsevolod Stakhov [Thu, 5 Sep 2024 12:36:40 +0000 (13:36 +0100)]
[Minor] s/BLOCKED/FORBIDDEN/

We want it to be more informative and to distinguish from FUZZY_DENIED

2 months ago[Rework] Change fuzzy error symbols
Vsevolod Stakhov [Thu, 5 Sep 2024 12:35:12 +0000 (13:35 +0100)]
[Rework] Change fuzzy error symbols

FUZZY_BLOCKED -> FUZZY_RATELIMITED
FUZZY_BLOCKED - new symbol for permanent bans

2 months agoMerge branch 'master' into vstakhov-utf8-mime
Vsevolod Stakhov [Thu, 5 Sep 2024 11:48:47 +0000 (17:48 +0600)]
Merge branch 'master' into vstakhov-utf8-mime

2 months ago[Feature] Add tooling to encrypt strings in Lua
Ivan Stakhov [Thu, 5 Sep 2024 10:48:22 +0000 (13:48 +0300)]
[Feature] Add tooling to encrypt strings in Lua

* [Fix] Provide support for OpenSSL 3.0

* [Feature] Provide function to encode header with configured public key

* [Feature] Provide function to decode header with configured public key

* [Test] Add tests for maybe encode/decode header

* [Minor] Fix tests for encode/decode header

* [Minor] Small clean up

* [Minor] Small clean up

* [Minor] Small fix for OpenSSL 3.0 support

* [Minor] Provide logging

* [Minor] Small fix

* [Fix] Fix typo error

* [Fix] Another typo

* [Minor] Little clean up

* [Minor] Little fix

* [Minor] Small fix

* [Minor] Small fix

* [Minor] Rewrite the arguments of secretbox:encrypt/decrypt functions to a more understandable format

* [Fix] Fix problem with nonce was not provided

* [Test] Add test for nonce

* [Minor] Little clean up

* [Minor] Little clean up

* [Test] Test

* [Test] Test

* [Test] Test

* [Minor] Little fix

* [Minor] Small fix

* [Minor] Small fix

* [Test] Small fix

* [Test] Test

* [Test] Test

* [Test] Test

* [Test] Test

* [Minor] Small fix for fips provider

* [Minor] Change provider apply logic

* [Test] Little fix for provider

* [Minor] Provide OpenSSL <3.0 support

* [Test] Possible provider fix

* [Test] Possible provider fix

* [Test] Little fix

* [Minor] Fix provider issue

* [Minor] Small clean up

* [Minor] Change logging errors

* Update lualib/lua_util.lua

---------

Co-authored-by: Vsevolod Stakhov <vsevolod@rspamd.com>
2 months agoMerge branch 'master' into vstakhov-utf8-mime
Vsevolod Stakhov [Thu, 5 Sep 2024 10:20:46 +0000 (16:20 +0600)]
Merge branch 'master' into vstakhov-utf8-mime

2 months agoMerge pull request #5126 from rspamd/vstakhov-change-passthrough
Vsevolod Stakhov [Thu, 5 Sep 2024 10:20:00 +0000 (16:20 +0600)]
Merge pull request #5126 from rspamd/vstakhov-change-passthrough

[Rework] Change the logic of skipping symbols

2 months ago[Rework] Change the logic of skipping symbols 5126/head
Vsevolod Stakhov [Wed, 4 Sep 2024 09:53:55 +0000 (10:53 +0100)]
[Rework] Change the logic of skipping symbols

We now do not skip pre/post filters even if the task result has reached
threshold.

2 months agoMerge pull request #5111 from oliyks/fix-icap-url-encode
Vsevolod Stakhov [Wed, 4 Sep 2024 09:26:31 +0000 (15:26 +0600)]
Merge pull request #5111 from oliyks/fix-icap-url-encode

[Fix] ICAP: encode constructed  path to be URL safe.