mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20997 Commits
28 Branches
Tree: 8238dc0a23
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8238dc0a23'
${ noResults }
rspamd/src/plugins/regexp.c

regexp.c 14KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564 
  1. /*

  2.  * Copyright 2024 Vsevolod Stakhov

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *    http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. /***MODULE:regexp

  17.  * rspamd module that implements different regexp rules

  18.  */

  19. 

  20. 

  21. #include "config.h"

  22. #include "libmime/message.h"

  23. #include "expression.h"

  24. #include "mime_expressions.h"

  25. #include "libserver/maps/map.h"

  26. #include "lua/lua_common.h"

  27. 

  28. static const guint64 rspamd_regexp_cb_magic = 0xca9d9649fc3e2659ULL;

  29. 

  30. struct regexp_module_item {

  31. 	guint64 magic;

  32. 	struct rspamd_expression *expr;

  33. 	const gchar *symbol;

  34. 	struct ucl_lua_funcdata *lua_function;

  35. };

  36. 

  37. struct regexp_ctx {

  38. 	struct module_ctx ctx;

  39. 	gsize max_size;

  40. };

  41. 

  42. static void process_regexp_item(struct rspamd_task *task,

  43. 								struct rspamd_symcache_dynamic_item *item,

  44. 								void *user_data);

  45. 

  46. 

  47. /* Initialization */

  48. gint regexp_module_init(struct rspamd_config *cfg, struct module_ctx **ctx);

  49. gint regexp_module_config(struct rspamd_config *cfg, bool validate);

  50. gint regexp_module_reconfig(struct rspamd_config *cfg);

  51. 

  52. module_t regexp_module = {

  53. 	"regexp",

  54. 	regexp_module_init,

  55. 	regexp_module_config,

  56. 	regexp_module_reconfig,

  57. 	NULL,

  58. 	RSPAMD_MODULE_VER,

  59. 	(guint) -1,

  60. };

  61. 

  62. 

  63. static inline struct regexp_ctx *

  64. regexp_get_context(struct rspamd_config *cfg)

  65. {

  66. 	return (struct regexp_ctx *) g_ptr_array_index(cfg->c_modules,

  67. 												   regexp_module.ctx_offset);

  68. }

  69. 

  70. /* Process regexp expression */

  71. static gboolean

  72. read_regexp_expression(rspamd_mempool_t *pool,

  73. 					   struct regexp_module_item *chain,

  74. 					   const gchar *symbol,

  75. 					   const gchar *line,

  76. 					   struct rspamd_mime_expr_ud *ud)

  77. {

  78. 	struct rspamd_expression *e = NULL;

  79. 	GError *err = NULL;

  80. 

  81. 	if (!rspamd_parse_expression(line, 0, &mime_expr_subr, ud, pool, &err,

  82. 								 &e)) {

  83. 		msg_warn_pool("%s = \"%s\" is invalid regexp expression: %e", symbol,

  84. 					  line,

  85. 					  err);

  86. 		g_error_free(err);

  87. 

  88. 		return FALSE;

  89. 	}

  90. 

  91. 	g_assert(e != NULL);

  92. 	chain->expr = e;

  93. 

  94. 	return TRUE;

  95. }

  96. 

  97. 

  98. /* Init function */

  99. gint regexp_module_init(struct rspamd_config *cfg, struct module_ctx **ctx)

  100. {

  101. 	struct regexp_ctx *regexp_module_ctx;

  102. 

  103. 	regexp_module_ctx = rspamd_mempool_alloc0(cfg->cfg_pool,

  104. 											  sizeof(*regexp_module_ctx));

  105. 

  106. 	*ctx = (struct module_ctx *) regexp_module_ctx;

  107. 

  108. 	rspamd_rcl_add_doc_by_path(cfg,

  109. 							   NULL,

  110. 							   "Regular expressions rules plugin",

  111. 							   "regexp",

  112. 							   UCL_OBJECT,

  113. 							   NULL,

  114. 							   0,

  115. 							   NULL,

  116. 							   0);

  117. 

  118. 	rspamd_rcl_add_doc_by_path(cfg,

  119. 							   "regexp",

  120. 							   "Maximum size of data chunk scanned with any regexp (further data is truncated)",

  121. 							   "max_size",

  122. 							   UCL_INT,

  123. 							   NULL,

  124. 							   0,

  125. 							   NULL,

  126. 							   0);

  127. 

  128. 	return 0;

  129. }

  130. 

  131. gint regexp_module_config(struct rspamd_config *cfg, bool validate)

  132. {

  133. 	struct regexp_ctx *regexp_module_ctx = regexp_get_context(cfg);

  134. 	struct regexp_module_item *cur_item = NULL;

  135. 	const ucl_object_t *sec, *value, *elt;

  136. 	ucl_object_iter_t it = NULL;

  137. 	gint res = TRUE, nre = 0, nlua = 0, nshots = cfg->default_max_shots;

  138. 

  139. 	if (!rspamd_config_is_module_enabled(cfg, "regexp")) {

  140. 		return TRUE;

  141. 	}

  142. 

  143. 	sec = ucl_object_lookup(cfg->cfg_ucl_obj, "regexp");

  144. 	if (sec == NULL) {

  145. 		msg_err_config("regexp module enabled, but no rules are defined");

  146. 		return TRUE;

  147. 	}

  148. 

  149. 	regexp_module_ctx->max_size = 0;

  150. 

  151. 	while ((value = ucl_object_iterate(sec, &it, true)) != NULL) {

  152. 		if (g_ascii_strncasecmp(ucl_object_key(value), "max_size",

  153. 								sizeof("max_size") - 1) == 0) {

  154. 			regexp_module_ctx->max_size = ucl_obj_toint(value);

  155. 			rspamd_re_cache_set_limit(cfg->re_cache, regexp_module_ctx->max_size);

  156. 		}

  157. 		else if (g_ascii_strncasecmp(ucl_object_key(value), "max_threads",

  158. 									 sizeof("max_threads") - 1) == 0) {

  159. 			msg_warn_config("regexp module is now single threaded, max_threads is ignored");

  160. 		}

  161. 		else if (value->type == UCL_STRING) {

  162. 			struct rspamd_mime_expr_ud ud;

  163. 

  164. 			cur_item = rspamd_mempool_alloc0(cfg->cfg_pool,

  165. 											 sizeof(struct regexp_module_item));

  166. 			cur_item->symbol = ucl_object_key(value);

  167. 			cur_item->magic = rspamd_regexp_cb_magic;

  168. 

  169. 			ud.conf_obj = NULL;

  170. 			ud.cfg = cfg;

  171. 

  172. 			if (!read_regexp_expression(cfg->cfg_pool,

  173. 										cur_item, ucl_object_key(value),

  174. 										ucl_obj_tostring(value), &ud)) {

  175. 				if (validate) {

  176. 					return FALSE;

  177. 				}

  178. 			}

  179. 			else {

  180. 				rspamd_symcache_add_symbol(cfg->cache,

  181. 										   cur_item->symbol,

  182. 										   0,

  183. 										   process_regexp_item,

  184. 										   cur_item,

  185. 										   SYMBOL_TYPE_NORMAL, -1);

  186. 				nre++;

  187. 			}

  188. 		}

  189. 		else if (value->type == UCL_USERDATA) {

  190. 			/* Just a lua function */

  191. 			cur_item = rspamd_mempool_alloc0(cfg->cfg_pool,

  192. 											 sizeof(struct regexp_module_item));

  193. 			cur_item->magic = rspamd_regexp_cb_magic;

  194. 			cur_item->symbol = ucl_object_key(value);

  195. 			cur_item->lua_function = ucl_object_toclosure(value);

  196. 

  197. 			rspamd_symcache_add_symbol(cfg->cache,

  198. 									   cur_item->symbol,

  199. 									   0,

  200. 									   process_regexp_item,

  201. 									   cur_item,

  202. 									   SYMBOL_TYPE_NORMAL, -1);

  203. 			nlua++;

  204. 		}

  205. 		else if (value->type == UCL_OBJECT) {

  206. 			const gchar *description = NULL, *group = NULL;

  207. 			gdouble score = 0.0;

  208. 			guint flags = 0, priority = 0;

  209. 			gboolean is_lua = FALSE, valid_expression = TRUE;

  210. 			struct rspamd_mime_expr_ud ud;

  211. 

  212. 			/* We have some lua table, extract its arguments */

  213. 			elt = ucl_object_lookup(value, "callback");

  214. 

  215. 			if (elt == NULL || elt->type != UCL_USERDATA) {

  216. 

  217. 				/* Try plain regexp expression */

  218. 				elt = ucl_object_lookup_any(value, "regexp", "re", NULL);

  219. 

  220. 				if (elt != NULL && ucl_object_type(elt) == UCL_STRING) {

  221. 					cur_item = rspamd_mempool_alloc0(cfg->cfg_pool,

  222. 													 sizeof(struct regexp_module_item));

  223. 					cur_item->symbol = ucl_object_key(value);

  224. 					cur_item->magic = rspamd_regexp_cb_magic;

  225. 					ud.cfg = cfg;

  226. 					ud.conf_obj = value;

  227. 

  228. 					if (!read_regexp_expression(cfg->cfg_pool,

  229. 												cur_item, ucl_object_key(value),

  230. 												ucl_obj_tostring(elt), &ud)) {

  231. 						if (validate) {

  232. 							return FALSE;

  233. 						}

  234. 					}

  235. 					else {

  236. 						valid_expression = TRUE;

  237. 						nre++;

  238. 					}

  239. 				}

  240. 				else {

  241. 					msg_err_config(

  242. 						"no callback/expression defined for regexp symbol: "

  243. 						"%s",

  244. 						ucl_object_key(value));

  245. 				}

  246. 			}

  247. 			else {

  248. 				is_lua = TRUE;

  249. 				nlua++;

  250. 				cur_item = rspamd_mempool_alloc0(

  251. 					cfg->cfg_pool,

  252. 					sizeof(struct regexp_module_item));

  253. 				cur_item->magic = rspamd_regexp_cb_magic;

  254. 				cur_item->symbol = ucl_object_key(value);

  255. 				cur_item->lua_function = ucl_object_toclosure(value);

  256. 			}

  257. 

  258. 			if (cur_item && (is_lua || valid_expression)) {

  259. 

  260. 				flags = SYMBOL_TYPE_NORMAL;

  261. 				elt = ucl_object_lookup(value, "mime_only");

  262. 

  263. 				if (elt) {

  264. 					if (ucl_object_type(elt) != UCL_BOOLEAN) {

  265. 						msg_err_config(

  266. 							"mime_only attribute is not boolean for symbol: '%s'",

  267. 							cur_item->symbol);

  268. 

  269. 						if (validate) {

  270. 							return FALSE;

  271. 						}

  272. 					}

  273. 					else {

  274. 						if (ucl_object_toboolean(elt)) {

  275. 							flags |= SYMBOL_TYPE_MIME_ONLY;

  276. 						}

  277. 					}

  278. 				}

  279. 

  280. 				rspamd_symcache_add_symbol(cfg->cache,

  281. 										   cur_item->symbol,

  282. 										   0,

  283. 										   process_regexp_item,

  284. 										   cur_item,

  285. 										   flags, -1);

  286. 

  287. 				/* Reset flags */

  288. 				flags = 0;

  289. 

  290. 				elt = ucl_object_lookup(value, "condition");

  291. 

  292. 				if (elt != NULL && ucl_object_type(elt) == UCL_USERDATA) {

  293. 					struct ucl_lua_funcdata *conddata;

  294. 

  295. 					g_assert(cur_item->symbol != NULL);

  296. 					conddata = ucl_object_toclosure(elt);

  297. 					rspamd_symcache_add_condition_delayed(cfg->cache,

  298. 														  cur_item->symbol,

  299. 														  conddata->L, conddata->idx);

  300. 				}

  301. 

  302. 				elt = ucl_object_lookup(value, "description");

  303. 

  304. 				if (elt) {

  305. 					description = ucl_object_tostring(elt);

  306. 				}

  307. 

  308. 				elt = ucl_object_lookup(value, "group");

  309. 

  310. 				if (elt) {

  311. 					group = ucl_object_tostring(elt);

  312. 				}

  313. 

  314. 				elt = ucl_object_lookup(value, "score");

  315. 

  316. 				if (elt) {

  317. 					if (ucl_object_type(elt) != UCL_FLOAT && ucl_object_type(elt) != UCL_INT) {

  318. 						msg_err_config(

  319. 							"score attribute is not numeric for symbol: '%s'",

  320. 							cur_item->symbol);

  321. 

  322. 						if (validate) {

  323. 							return FALSE;

  324. 						}

  325. 					}

  326. 					else {

  327. 						score = ucl_object_todouble(elt);

  328. 					}

  329. 				}

  330. 

  331. 				elt = ucl_object_lookup(value, "one_shot");

  332. 

  333. 				if (elt) {

  334. 					if (ucl_object_type(elt) != UCL_BOOLEAN) {

  335. 						msg_err_config(

  336. 							"one_shot attribute is not boolean for symbol: '%s'",

  337. 							cur_item->symbol);

  338. 

  339. 						if (validate) {

  340. 							return FALSE;

  341. 						}

  342. 					}

  343. 					else {

  344. 						if (ucl_object_toboolean(elt)) {

  345. 							nshots = 1;

  346. 						}

  347. 					}

  348. 				}

  349. 

  350. 				if ((elt = ucl_object_lookup(value, "any_shot")) != NULL) {

  351. 					if (ucl_object_type(elt) != UCL_BOOLEAN) {

  352. 						msg_err_config(

  353. 							"any_shot attribute is not boolean for symbol: '%s'",

  354. 							cur_item->symbol);

  355. 

  356. 						if (validate) {

  357. 							return FALSE;

  358. 						}

  359. 					}

  360. 					else {

  361. 						if (ucl_object_toboolean(elt)) {

  362. 							nshots = -1;

  363. 						}

  364. 					}

  365. 				}

  366. 

  367. 				if ((elt = ucl_object_lookup(value, "nshots")) != NULL) {

  368. 					if (ucl_object_type(elt) != UCL_FLOAT && ucl_object_type(elt) != UCL_INT) {

  369. 						msg_err_config(

  370. 							"nshots attribute is not numeric for symbol: '%s'",

  371. 							cur_item->symbol);

  372. 

  373. 						if (validate) {

  374. 							return FALSE;

  375. 						}

  376. 					}

  377. 					else {

  378. 						nshots = ucl_object_toint(elt);

  379. 					}

  380. 				}

  381. 

  382. 				elt = ucl_object_lookup(value, "one_param");

  383. 

  384. 				if (elt) {

  385. 					if (ucl_object_type(elt) != UCL_BOOLEAN) {

  386. 						msg_err_config(

  387. 							"one_param attribute is not boolean for symbol: '%s'",

  388. 							cur_item->symbol);

  389. 

  390. 						if (validate) {

  391. 							return FALSE;

  392. 						}

  393. 					}

  394. 					else {

  395. 						if (ucl_object_toboolean(elt)) {

  396. 							flags |= RSPAMD_SYMBOL_FLAG_ONEPARAM;

  397. 						}

  398. 					}

  399. 				}

  400. 

  401. 				elt = ucl_object_lookup(value, "priority");

  402. 

  403. 				if (elt) {

  404. 					if (ucl_object_type(elt) != UCL_FLOAT && ucl_object_type(elt) != UCL_INT) {

  405. 						msg_err_config(

  406. 							"priority attribute is not numeric for symbol: '%s'",

  407. 							cur_item->symbol);

  408. 

  409. 						if (validate) {

  410. 							return FALSE;

  411. 						}

  412. 					}

  413. 					else {

  414. 						priority = ucl_object_toint(elt);

  415. 					}

  416. 				}

  417. 				else {

  418. 					priority = 0;

  419. 				}

  420. 

  421. 				rspamd_config_add_symbol(cfg, cur_item->symbol,

  422. 										 score, description, group, flags, priority, nshots);

  423. 

  424. 				elt = ucl_object_lookup(value, "groups");

  425. 

  426. 				if (elt) {

  427. 					ucl_object_iter_t gr_it;

  428. 					const ucl_object_t *cur_gr;

  429. 

  430. 					gr_it = ucl_object_iterate_new(elt);

  431. 

  432. 					while ((cur_gr = ucl_object_iterate_safe(gr_it, true)) != NULL) {

  433. 						rspamd_config_add_symbol_group(cfg, cur_item->symbol,

  434. 													   ucl_object_tostring(cur_gr));

  435. 					}

  436. 

  437. 					ucl_object_iterate_free(gr_it);

  438. 				}

  439. 			}

  440. 		}

  441. 		else {

  442. 			msg_warn_config("unknown type of attribute %s for regexp module",

  443. 							ucl_object_key(value));

  444. 		}

  445. 	}

  446. 

  447. 	if (res) {

  448. 		msg_info_config("init internal regexp module, %d regexp rules and %d "

  449. 						"lua rules are loaded",

  450. 						nre, nlua);

  451. 	}

  452. 	else {

  453. 		msg_err_config("fatal regexp module error");

  454. 	}

  455. 

  456. 	return res;

  457. }

  458. 

  459. gint regexp_module_reconfig(struct rspamd_config *cfg)

  460. {

  461. 	return regexp_module_config(cfg, false);

  462. }

  463. 

  464. static gboolean

  465. rspamd_lua_call_expression_func(struct ucl_lua_funcdata *lua_data,

  466. 								struct rspamd_task *task,

  467. 								GArray *args, gdouble *res,

  468. 								const gchar *symbol)

  469. {

  470. 	lua_State *L = lua_data->L;

  471. 	struct rspamd_task **ptask;

  472. 	struct expression_argument *arg;

  473. 	gint pop = 0, i, nargs = 0;

  474. 

  475. 	lua_rawgeti(L, LUA_REGISTRYINDEX, lua_data->idx);

  476. 	/* Now we got function in top of stack */

  477. 	ptask = lua_newuserdata(L, sizeof(struct rspamd_task *));

  478. 	rspamd_lua_setclass(L, rspamd_task_classname, -1);

  479. 	*ptask = task;

  480. 

  481. 	/* Now push all arguments */

  482. 	if (args) {

  483. 		for (i = 0; i < (gint) args->len; i++) {

  484. 			arg = &g_array_index(args, struct expression_argument, i);

  485. 			if (arg) {

  486. 				switch (arg->type) {

  487. 				case EXPRESSION_ARGUMENT_NORMAL:

  488. 					lua_pushstring(L, (const gchar *) arg->data);

  489. 					break;

  490. 				case EXPRESSION_ARGUMENT_BOOL:

  491. 					lua_pushboolean(L, (gboolean) GPOINTER_TO_SIZE(arg->data));

  492. 					break;

  493. 				default:

  494. 					msg_err_task("%s: cannot pass custom params to lua function",

  495. 								 symbol);

  496. 					return FALSE;

  497. 				}

  498. 			}

  499. 		}

  500. 		nargs = args->len;

  501. 	}

  502. 

  503. 	if (lua_pcall(L, nargs + 1, 1, 0) != 0) {

  504. 		msg_info_task("%s: call to lua function failed: %s", symbol,

  505. 					  lua_tostring(L, -1));

  506. 		lua_pop(L, 1);

  507. 

  508. 		return FALSE;

  509. 	}

  510. 

  511. 	pop++;

  512. 

  513. 	if (lua_type(L, -1) == LUA_TNUMBER) {

  514. 		*res = lua_tonumber(L, -1);

  515. 	}

  516. 	else if (lua_type(L, -1) == LUA_TBOOLEAN) {

  517. 		*res = lua_toboolean(L, -1);

  518. 	}

  519. 	else {

  520. 		msg_info_task("%s: lua function must return a boolean", symbol);

  521. 		*res = FALSE;

  522. 	}

  523. 

  524. 	lua_pop(L, pop);

  525. 

  526. 	return TRUE;

  527. }

  528. 

  529. 

  530. static void

  531. process_regexp_item(struct rspamd_task *task,

  532. 					struct rspamd_symcache_dynamic_item *symcache_item,

  533. 					void *user_data)

  534. {

  535. 	struct regexp_module_item *item = user_data;

  536. 	gdouble res = FALSE;

  537. 

  538. 	/* Non-threaded version */

  539. 	if (item->lua_function) {

  540. 		/* Just call function */

  541. 		res = FALSE;

  542. 		if (!rspamd_lua_call_expression_func(item->lua_function, task, NULL,

  543. 											 &res, item->symbol)) {

  544. 			msg_err_task("error occurred when checking symbol %s",

  545. 						 item->symbol);

  546. 		}

  547. 	}

  548. 	else {

  549. 		/* Process expression */

  550. 		if (item->expr) {

  551. 			res = rspamd_process_expression(item->expr, 0, task);

  552. 		}

  553. 		else {

  554. 			msg_warn_task("FIXME: %s symbol is broken with new expressions",

  555. 						  item->symbol);

  556. 		}

  557. 	}

  558. 

  559. 	if (res != 0) {

  560. 		rspamd_task_insert_result(task, item->symbol, res, NULL);

  561. 	}

  562. 

  563. 	rspamd_symcache_finalize_item(task, symcache_item);

  564. }