]>
source.dussan.org Git - rspamd.git/log
Vsevolod Stakhov [Mon, 18 Nov 2024 18:43:03 +0000 (18:43 +0000)]
[Fix] Sigh, another fix
Vsevolod Stakhov [Mon, 18 Nov 2024 17:43:00 +0000 (17:43 +0000)]
[Test] Fix some tests again
Vsevolod Stakhov [Mon, 18 Nov 2024 17:30:51 +0000 (17:30 +0000)]
[Fix] More things to fix
Vsevolod Stakhov [Mon, 18 Nov 2024 16:51:44 +0000 (16:51 +0000)]
[Test] Test encode with decode
Vsevolod Stakhov [Mon, 18 Nov 2024 16:37:39 +0000 (16:37 +0000)]
[Test] Rework tests structure
Vsevolod Stakhov [Mon, 18 Nov 2024 16:31:15 +0000 (16:31 +0000)]
[Fix] More fixes to rfc2047 encoding
Vsevolod Stakhov [Sat, 16 Nov 2024 18:10:12 +0000 (18:10 +0000)]
[Minor] Some more fixes
Vsevolod Stakhov [Sat, 16 Nov 2024 17:46:44 +0000 (17:46 +0000)]
[Fix] Some more fixes
Vsevolod Stakhov [Sat, 16 Nov 2024 15:45:56 +0000 (15:45 +0000)]
[Rework] Rewrite rfc2047 encoding as it was totally broken
Vsevolod Stakhov [Sat, 16 Nov 2024 14:26:54 +0000 (14:26 +0000)]
[Minor] Get rid of glib utf8 functions
Vsevolod Stakhov [Fri, 15 Nov 2024 09:54:20 +0000 (09:54 +0000)]
[Fix] Dmarc: Properly encode structured headers
Issue: #5221
Vsevolod Stakhov [Fri, 15 Nov 2024 09:00:42 +0000 (09:00 +0000)]
[Fix] Milter headers: fold before encoding
Vsevolod Stakhov [Wed, 13 Nov 2024 12:10:41 +0000 (18:10 +0600)]
Merge pull request #5219 from moisseev/elastic-conf
[Conf] Fix comments in elastic.conf
Alexander Moisseev [Mon, 11 Nov 2024 15:24:27 +0000 (18:24 +0300)]
[Conf] Fix comments in elastic.conf
Vsevolod Stakhov [Mon, 11 Nov 2024 12:54:51 +0000 (18:54 +0600)]
Merge pull request #5162 from left-try/master
Store LRU cache of last filled ratelimit buckets
Vsevolod Stakhov [Mon, 11 Nov 2024 12:53:52 +0000 (18:53 +0600)]
Merge pull request #5186 from dragoangel/actualize-elastic-module
[Rework] Breaking: Actualize elastic module
Vsevolod Stakhov [Mon, 11 Nov 2024 12:06:06 +0000 (18:06 +0600)]
Merge pull request #5214 from rspamd/vstakhov-conf-reorg
[Conf] Add more ways to extend Rspamd configuration
Vsevolod Stakhov [Sun, 10 Nov 2024 12:11:46 +0000 (18:11 +0600)]
Merge branch 'master' into vstakhov-conf-reorg
Vsevolod Stakhov [Sun, 10 Nov 2024 12:11:33 +0000 (18:11 +0600)]
Merge pull request #5218 from moisseev/fa6
[WebUI] Upgrade Font Awesome to v6.6.0
Vsevolod Stakhov [Sun, 10 Nov 2024 12:11:24 +0000 (18:11 +0600)]
Merge pull request #5217 from moisseev/webui
[WebUI] Update RequireJS to address CVE-2024-38999
Alexander Moisseev [Sat, 9 Nov 2024 15:08:53 +0000 (18:08 +0300)]
[WebUI] Upgrade Font Awesome to v6.6.0
Vsevolod Stakhov [Sat, 9 Nov 2024 13:41:02 +0000 (13:41 +0000)]
[Conf] Allow to install examples conditionally
Alexander Moisseev [Sat, 9 Nov 2024 12:40:10 +0000 (15:40 +0300)]
[WebUI] Update RequireJS to address CVE-2024-38999
Upgraded RequireJS from 2.3.6 to 2.3.7
to mitigate prototype pollution vulnerability (CVE-2024-38999) in `s.contexts._.configure` function,
which could allow arbitrary code execution or Denial of Service.
Dmitriy Alekseev [Fri, 8 Nov 2024 11:30:16 +0000 (12:30 +0100)]
Fix missing non_en false due to fill_empty_strings function
Ivan Stakhov [Thu, 7 Nov 2024 07:42:47 +0000 (10:42 +0300)]
Merge branch 'master' into master
Vsevolod Stakhov [Wed, 6 Nov 2024 19:02:24 +0000 (01:02 +0600)]
Merge pull request #5213 from rspamd/vstakhov-surbl-conf-fix
[Conf] Use full hostnames for SURBL
Vsevolod Stakhov [Wed, 6 Nov 2024 13:56:56 +0000 (13:56 +0000)]
[Minor] Fix optionality
Vsevolod Stakhov [Wed, 6 Nov 2024 13:55:47 +0000 (13:55 +0000)]
[Conf] Install examples
Vsevolod Stakhov [Wed, 6 Nov 2024 13:53:35 +0000 (13:53 +0000)]
[Conf] Add lua.local.d folder
Vsevolod Stakhov [Wed, 6 Nov 2024 13:44:19 +0000 (13:44 +0000)]
[Conf] Add more ways to extend Rspamd configuration
+ Add examples of all that we can do
Vsevolod Stakhov [Wed, 6 Nov 2024 13:16:37 +0000 (13:16 +0000)]
[Conf] Use full hostnames for SURBL
Vsevolod Stakhov [Wed, 6 Nov 2024 12:56:18 +0000 (18:56 +0600)]
Merge branch 'master' into master
Vsevolod Stakhov [Mon, 4 Nov 2024 19:17:36 +0000 (01:17 +0600)]
Merge pull request #5209 from twesterhever/temp-auth-origin-helo-user
[Minor] Add "User" HELO in Received headers to ABUSE_FROM_INJECTOR
Vsevolod Stakhov [Mon, 4 Nov 2024 19:17:26 +0000 (01:17 +0600)]
Merge pull request #5208 from twesterhever/temp-composites-aff-mm-cd
[Minor] Improve FREEMAIL_AFF catch rate
Vsevolod Stakhov [Mon, 4 Nov 2024 19:14:26 +0000 (01:14 +0600)]
Merge pull request #5207 from twesterhever/temp-attachment-rdp
[Minor] Score *.rdp attachments as bad
Vsevolod Stakhov [Mon, 4 Nov 2024 16:13:27 +0000 (22:13 +0600)]
Merge pull request #5210 from rspamd/vstakhov-fix-utf8-ragel
[Fix] Another story about char sign
Vsevolod Stakhov [Mon, 4 Nov 2024 16:11:44 +0000 (16:11 +0000)]
[Test] Add more test
Vsevolod Stakhov [Mon, 4 Nov 2024 16:03:34 +0000 (16:03 +0000)]
[Fix] Another story about char sign
Ragel still produces a wrong state machine if `const char *` is used
for characters representation that are actually utf8.
This PR changes all types to `unsigned char *` for consistency.
twesterhever [Mon, 4 Nov 2024 11:59:22 +0000 (11:59 +0000)]
[Minor] Add "User" HELO in Received headers to ABUSE_FROM_INJECTOR
This pattern often surfaces in spam (frequently advance fee fraud)
disseminated via compromised accounts, adding it to ABUSE_FROM_INJECTOR
to increase the likelihood of such spam getting rejected.
twesterhever [Mon, 4 Nov 2024 11:49:34 +0000 (11:49 +0000)]
[Minor] Improve FREEMAIL_AFF catch rate
This "Mail message body" Content-Description header appears to be a
common quirk of advance fee fraud e-mails leveraging freemail services.
twesterhever [Mon, 4 Nov 2024 11:22:56 +0000 (11:22 +0000)]
[Minor] Score *.rdp attachments as bad
Rationale: https://www.microsoft.com/en-us/security/blog/2024/10/29/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files/
Dmitriy Alekseev [Mon, 4 Nov 2024 10:07:19 +0000 (11:07 +0100)]
Merge branch 'master' into actualize-elastic-module
Dmitriy Alekseev [Sun, 3 Nov 2024 15:00:11 +0000 (16:00 +0100)]
* add more validation on empty strings, required to not face errors in saving logs to elastic
* remove max_size as it was looking to rows elements count, not strings size in total, such check will be too much compute intensive
* increase default errors max_fail as usually elastic not recover so quickly and needs a bit more time
Vsevolod Stakhov [Fri, 1 Nov 2024 09:38:11 +0000 (09:38 +0000)]
[Fix] Fix memory leak in `lua_new_text` invocations
Vsevolod Stakhov [Thu, 31 Oct 2024 13:29:12 +0000 (13:29 +0000)]
[Test] A workaround for brain-damaged libstdc++ from prehistoric ages
Ivan Stakhov [Thu, 31 Oct 2024 13:13:41 +0000 (16:13 +0300)]
Merge branch 'master' into master
Vsevolod Stakhov [Thu, 31 Oct 2024 13:04:49 +0000 (13:04 +0000)]
[Test] Add some specific unit tests for Rspamd x25519 DH
Ivan Stakhov [Wed, 30 Oct 2024 08:08:24 +0000 (11:08 +0300)]
Merge branch 'rspamd:master' into master
Vsevolod Stakhov [Thu, 24 Oct 2024 09:06:09 +0000 (15:06 +0600)]
Merge pull request #5195 from Cloud-Cauldron/update-changelog
[Project] Keep Changelog updated
Chris Funderburg [Thu, 24 Oct 2024 09:00:43 +0000 (10:00 +0100)]
[Project] Keep Changelog updated
Ivan Stakhov [Wed, 23 Oct 2024 14:09:53 +0000 (17:09 +0300)]
Merge branch 'rspamd:master' into master
Dmitriy Alekseev [Tue, 22 Oct 2024 10:02:45 +0000 (12:02 +0200)]
better check from to exclude cases when its empty
Dmitriy Alekseev [Mon, 21 Oct 2024 16:35:03 +0000 (18:35 +0200)]
use rspamd_ip object in sender_ip to avoid posting ipv4:port
Dmitriy Alekseev [Mon, 21 Oct 2024 15:44:49 +0000 (17:44 +0200)]
Merge branch 'master' into actualize-elastic-module
Dmitriy Alekseev [Mon, 21 Oct 2024 15:22:28 +0000 (17:22 +0200)]
strip also port from sender_ip
Dmitriy Alekseev [Mon, 21 Oct 2024 13:36:03 +0000 (15:36 +0200)]
do not allow empty headers, fix stripping of headers by limit of symbols count and add headers count limit
Dmitriy Alekseev [Mon, 21 Oct 2024 11:33:48 +0000 (13:33 +0200)]
do not allow empty from
Vsevolod Stakhov [Sun, 20 Oct 2024 09:04:20 +0000 (15:04 +0600)]
Merge pull request #5193 from jscissr/fix_arc
[CritFix] Fix ARC-Seal signing
Jan Schär [Sat, 19 Oct 2024 22:08:36 +0000 (00:08 +0200)]
[CritFix] Fix ARC-Seal signing
Signing of ARC-Seal headers was recently broken; the created signatures
failed to validate. Most likely, this was caused by commit
1e661a2fc6e3 ,
which changed the way signatures are created in lua_rsa_sign_memory
without adding the calls to EVP_PKEY_CTX_set_rsa_padding and
EVP_PKEY_CTX_set_signature_md needed with the new interface.
After fixing this, some existing tests failed, because the test values
passed to the hash parameter did not have the correct size for a sha256
hash. I fixed these by adjusting the length of the test values.
Additionally, I extended the "RSA sign" unit test to compare the created
signature against the expected one. This is possible because RSA signing
is deterministic, and should prevent the same bug from occuring again.
Fixes: https://github.com/rspamd/rspamd/issues/5173
Vsevolod Stakhov [Sat, 19 Oct 2024 20:42:24 +0000 (02:42 +0600)]
Merge pull request #5192 from henry-spanka/add-eof-to-openmetrics
add EOF to openmetrics response in proxy and server
Ivan Stakhov [Sat, 19 Oct 2024 15:23:18 +0000 (18:23 +0300)]
Merge branch 'rspamd:master' into master
Vsevolod Stakhov [Sat, 19 Oct 2024 14:45:52 +0000 (20:45 +0600)]
Merge pull request #5191 from rspamd/vstakhov-zstd-headers
[Rework] Allow `Content-Encoding` standard header for zstd compression
Henry Spanka [Fri, 18 Oct 2024 08:08:56 +0000 (10:08 +0200)]
add EOF to openmetrics response in proxy and server
Dmitriy Alekseev [Thu, 17 Oct 2024 13:35:02 +0000 (15:35 +0200)]
round scores and weight
Vsevolod Stakhov [Thu, 17 Oct 2024 13:33:45 +0000 (14:33 +0100)]
[Rework] Allow `Content-Encoding` standard header for zstd compression
Dmitriy Alekseev [Thu, 17 Oct 2024 12:59:29 +0000 (14:59 +0200)]
Merge branch 'master' into actualize-elastic-module
Dmitriy Alekseev [Thu, 17 Oct 2024 12:42:02 +0000 (14:42 +0200)]
fix variables for ucl errors
Vsevolod Stakhov [Wed, 16 Oct 2024 10:27:11 +0000 (11:27 +0100)]
[Fix] Restore propagation of spam/ham learns
Dmitriy Alekseev [Tue, 15 Oct 2024 21:50:48 +0000 (23:50 +0200)]
return item status and reasons on bulk push error
Dmitriy Alekseev [Tue, 15 Oct 2024 19:40:52 +0000 (21:40 +0200)]
Fix from and rcpt
Dmitriy Alekseev [Tue, 15 Oct 2024 19:31:02 +0000 (21:31 +0200)]
do not retry on errors in body as it will create duplicated logs
Vsevolod Stakhov [Tue, 15 Oct 2024 16:15:54 +0000 (22:15 +0600)]
Merge pull request #5190 from rspamd/vstakhov-some-build-fixes
Some more fixes
Vsevolod Stakhov [Tue, 15 Oct 2024 16:15:46 +0000 (22:15 +0600)]
Merge branch 'master' into vstakhov-some-build-fixes
Vsevolod Stakhov [Tue, 15 Oct 2024 16:10:55 +0000 (17:10 +0100)]
[Fix] Load "default" provider as well as "legacy"
Vsevolod Stakhov [Tue, 15 Oct 2024 15:52:46 +0000 (21:52 +0600)]
Merge pull request #5189 from rspamd/vstakhov-some-build-fixes
Some build fixes
Vsevolod Stakhov [Tue, 15 Oct 2024 15:19:09 +0000 (16:19 +0100)]
[Minor] Use OSSL_PROVIDER_load on RHEL based distros
Vsevolod Stakhov [Tue, 15 Oct 2024 15:13:42 +0000 (16:13 +0100)]
[Minor] Remove bogus DEBIAN_BUILD constant
Vsevolod Stakhov [Tue, 15 Oct 2024 13:43:20 +0000 (19:43 +0600)]
Merge pull request #5188 from rspamd/vstakhov-openssl-provider-message
[Fix] Do not abort when OpenSSL is broken, report that to a user
Vsevolod Stakhov [Tue, 15 Oct 2024 13:32:02 +0000 (14:32 +0100)]
[Minor] Thank you OpenSSL for all those new names
Vsevolod Stakhov [Tue, 15 Oct 2024 13:22:03 +0000 (14:22 +0100)]
[Fix] Do not abort when OpenSSL is broken, report that to a user
Issue: #5181
Dmitriy Alekseev [Tue, 15 Oct 2024 06:42:37 +0000 (08:42 +0200)]
Merge branch 'master' into actualize-elastic-module
Vsevolod Stakhov [Mon, 14 Oct 2024 19:23:02 +0000 (20:23 +0100)]
[Fix] Use unsigned char for ragel machines
It seems that on aarch64 Linux char is signed by default, so Ragel produces
a wrong code that is "optimized" by a compiler simply to `false`.
Issue: #5172
Vsevolod Stakhov [Mon, 14 Oct 2024 18:15:24 +0000 (19:15 +0100)]
Revert "[Minor] Remove custom ragel flags to test arm64 bug"
This reverts commit
0d962621f158e0b64693e947beecb3242a229fd2 .
Vsevolod Stakhov [Mon, 14 Oct 2024 18:01:43 +0000 (19:01 +0100)]
[Minor] Fix GCC sanitizer
Vsevolod Stakhov [Mon, 14 Oct 2024 17:59:25 +0000 (18:59 +0100)]
[Minor] Remove custom ragel flags to test arm64 bug
Dmitriy Alekseev [Mon, 14 Oct 2024 17:42:00 +0000 (19:42 +0200)]
We need take 2nd hop
Dmitriy Alekseev [Mon, 14 Oct 2024 15:32:16 +0000 (17:32 +0200)]
Use received for all logs, fix direction
Dmitriy Alekseev [Mon, 14 Oct 2024 14:16:44 +0000 (16:16 +0200)]
round time_diff to seconds on interval check, improve log message readability
Dmitriy Alekseev [Mon, 14 Oct 2024 14:01:35 +0000 (16:01 +0200)]
reuse http_request data
Dmitriy Alekseev [Mon, 14 Oct 2024 13:23:36 +0000 (15:23 +0200)]
fix tabulation
Dmitriy Alekseev [Mon, 14 Oct 2024 12:49:31 +0000 (14:49 +0200)]
align conf and module settings in lua
Dmitriy Alekseev [Mon, 14 Oct 2024 12:35:24 +0000 (14:35 +0200)]
add missing change in configured state when no update is needed on index_policy
Dmitriy Alekseev [Mon, 14 Oct 2024 12:34:37 +0000 (14:34 +0200)]
resolve linter issues and remove custom deep_compare function in favor of lua_util.table_cmp
Dmitriy Alekseev [Mon, 14 Oct 2024 12:09:12 +0000 (14:09 +0200)]
Update src/plugins/lua/elastic.lua
Co-authored-by: Vsevolod Stakhov <vsevolod@rspamd.com>
Dmitriy Alekseev [Mon, 14 Oct 2024 12:09:05 +0000 (14:09 +0200)]
Update src/plugins/lua/elastic.lua
Co-authored-by: Vsevolod Stakhov <vsevolod@rspamd.com>
Dmitriy Alekseev [Mon, 14 Oct 2024 12:08:52 +0000 (14:08 +0200)]
Update src/plugins/lua/elastic.lua
Co-authored-by: Vsevolod Stakhov <vsevolod@rspamd.com>
Dmitriy Alekseev [Fri, 11 Oct 2024 16:49:58 +0000 (18:49 +0200)]
[Rework] Breaking: Actualize elastic module, support Elastic 8 & OpenSearch 2, add index policy with logs retention and many more
Signed-off-by: Dmytro Alieksieiev <1865999+dragoangel@users.noreply.github.com>
Vsevolod Stakhov [Thu, 10 Oct 2024 16:20:34 +0000 (22:20 +0600)]
Merge pull request #5179 from smarsching/issue-5178
[Fix] Avoid null-bytes in Log-Tag header value
Vsevolod Stakhov [Wed, 9 Oct 2024 15:31:26 +0000 (21:31 +0600)]
Merge pull request #5176 from wdhdev/patch-1
chore(publicsuffix): update effective_tld_names.dat
Sebastian Marsching [Tue, 8 Oct 2024 19:05:35 +0000 (21:05 +0200)]
[Fix] Avoid null-bytes in Log-Tag header value.
This fixes #5178.