mirrors
/
rspamd
огледало от https://github.com/vstakhov/rspamd.git
Наблюдаван 1
Харесван 0
Разклонения 0
Код Задачи 0 Версии 159 Уики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20967 Ревизии
28 Клонове
ИН на ревизия: f719e0f329
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от 'f719e0f329'
${ noResults }
rspamd/src/plugins/lua/history_redis.lua

history_redis.lua 9.3KB
Директен файл Blame История

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316 
  1. --[[

  2. Copyright (c) 2022, Vsevolod Stakhov <vsevolod@rspamd.com>

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");

  5. you may not use this file except in compliance with the License.

  6. You may obtain a copy of the License at

  7. 

  8.     http://www.apache.org/licenses/LICENSE-2.0

  9. 

  10. Unless required by applicable law or agreed to in writing, software

  11. distributed under the License is distributed on an "AS IS" BASIS,

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13. See the License for the specific language governing permissions and

  14. limitations under the License.

  15. ]]--

  16. 

  17. if confighelp then

  18.   rspamd_config:add_example(nil, 'history_redis',

  19.       "Store history of checks for WebUI using Redis",

  20.       [[

  21. redis_history {

  22.   # History key name

  23.   key_prefix = 'rs_history{{HOSTNAME}}{{COMPRESS}}';

  24.   # History expire in seconds

  25.   expire = 0;

  26.   # History rows limit

  27.   nrows = 200;

  28.   # Use zstd compression when storing data in redis

  29.   compress = true;

  30.   # Obfuscate subjects for privacy

  31.   subject_privacy = false;

  32.   # Default hash-algorithm to obfuscate subject

  33.   subject_privacy_alg = 'blake2';

  34.   # Prefix to show it's obfuscated

  35.   subject_privacy_prefix = 'obf';

  36.   # Cut the length of the hash if desired

  37.   subject_privacy_length = 16;

  38. }

  39.   ]])

  40.   return

  41. end

  42. 

  43. local rspamd_logger = require "rspamd_logger"

  44. local rspamd_util = require "rspamd_util"

  45. local lua_util = require "lua_util"

  46. local lua_redis = require "lua_redis"

  47. local fun = require "fun"

  48. local ucl = require "ucl"

  49. local ts = (require "tableshape").types

  50. local E = {}

  51. local N = "history_redis"

  52. 

  53. local template_env = {

  54.   HOSTNAME = rspamd_util.get_hostname(),

  55. }

  56. 

  57. local redis_params

  58. 

  59. local settings = {

  60.   key_prefix = 'rs_history{{HOSTNAME}}{{COMPRESS}}', -- default key name template

  61.   expire = nil, -- default no expire

  62.   nrows = 200, -- default rows limit

  63.   compress = true, -- use zstd compression when storing data in redis

  64.   subject_privacy = false, -- subject privacy is off

  65.   subject_privacy_alg = 'blake2', -- default hash-algorithm to obfuscate subject

  66.   subject_privacy_prefix = 'obf', -- prefix to show it's obfuscated

  67.   subject_privacy_length = 16, -- cut the length of the hash

  68. }

  69. 

  70. local settings_schema = lua_redis.enrich_schema({

  71.   key_prefix = ts.string,

  72.   expire = (ts.number + ts.string / lua_util.parse_time_interval):is_optional(),

  73.   nrows = ts.number,

  74.   compress = ts.boolean,

  75.   subject_privacy = ts.boolean:is_optional(),

  76.   subject_privacy_alg = ts.string:is_optional(),

  77.   subject_privacy_prefix = ts.string:is_optional(),

  78.   subject_privacy_length = ts.number:is_optional(),

  79. })

  80. 

  81. local function process_addr(addr)

  82.   if addr then

  83.     return addr.addr

  84.   end

  85. 

  86.   return 'unknown'

  87. end

  88. 

  89. local function normalise_results(tbl, task)

  90.   local metric = tbl.default

  91. 

  92.   -- Convert stupid metric object

  93.   if metric then

  94.     tbl.symbols = {}

  95.     local symbols, others = fun.partition(function(_, v)

  96.       return type(v) == 'table' and v.score

  97.     end, metric)

  98. 

  99.     fun.each(function(k, v)

  100.       v.name = nil;

  101.       tbl.symbols[k] = v;

  102.     end, symbols)

  103.     fun.each(function(k, v)

  104.       tbl[k] = v

  105.     end, others)

  106. 

  107.     -- Reset the original metric

  108.     tbl.default = nil

  109.   end

  110. 

  111.   -- Now, add recipients and senders

  112.   tbl.sender_smtp = process_addr((task:get_from('smtp') or E)[1])

  113.   tbl.sender_mime = process_addr((task:get_from('mime') or E)[1])

  114.   tbl.rcpt_smtp = fun.totable(fun.map(process_addr, task:get_recipients('smtp') or {}))

  115.   tbl.rcpt_mime = fun.totable(fun.map(process_addr, task:get_recipients('mime') or {}))

  116.   tbl.user = task:get_user() or 'unknown'

  117.   tbl.rmilter = nil

  118.   tbl.messages = nil

  119.   tbl.urls = nil

  120.   tbl.action = task:get_metric_action()

  121. 

  122.   local seconds = task:get_timeval()['tv_sec']

  123.   tbl.unix_time = seconds

  124. 

  125.   local subject = task:get_header('subject') or 'unknown'

  126.   tbl.subject = lua_util.maybe_obfuscate_string(subject, settings, 'subject')

  127.   tbl.size = task:get_size()

  128.   local ip = task:get_from_ip()

  129.   if ip and ip:is_valid() then

  130.     tbl.ip = tostring(ip)

  131.   else

  132.     tbl.ip = 'unknown'

  133.   end

  134. 

  135.   tbl.user = task:get_user() or 'unknown'

  136. end

  137. 

  138. local function history_save(task)

  139.   local function redis_llen_cb(err, _)

  140.     if err then

  141.       rspamd_logger.errx(task, 'got error %s when writing history row: %s',

  142.           err)

  143.     end

  144.   end

  145. 

  146.   -- We skip saving it to the history

  147.   if task:has_flag('no_log') then

  148.     return

  149.   end

  150. 

  151.   local data = task:get_protocol_reply { 'metrics', 'basic' }

  152.   local prefix = lua_util.jinja_template(settings.key_prefix, template_env, false, true)

  153. 

  154.   if data then

  155.     normalise_results(data, task)

  156.   else

  157.     rspamd_logger.errx('cannot get protocol reply, skip saving in history')

  158.     return

  159.   end

  160. 

  161.   local json = ucl.to_format(data, 'json-compact')

  162. 

  163.   if settings.compress then

  164.     json = rspamd_util.zstd_compress(json)

  165.   end

  166. 

  167.   local ret, conn, _ = lua_redis.rspamd_redis_make_request(task,

  168.       redis_params, -- connect params

  169.       nil, -- hash key

  170.       true, -- is write

  171.       redis_llen_cb, --callback

  172.       'LPUSH', -- command

  173.       { prefix, json } -- arguments

  174.   )

  175. 

  176.   if ret then

  177.     conn:add_cmd('LTRIM', { prefix, '0', string.format('%d', settings.nrows - 1) })

  178. 

  179.     if settings.expire and settings.expire > 0 then

  180.       conn:add_cmd('EXPIRE', { prefix, string.format('%d', settings.expire) })

  181.     end

  182.   end

  183. end

  184. 

  185. local function handle_history_request(task, conn, from, to, reset)

  186.   local prefix = lua_util.jinja_template(settings.key_prefix, template_env, false, true)

  187. 

  188.   if reset then

  189.     local function redis_ltrim_cb(err, _)

  190.       if err then

  191.         rspamd_logger.errx(task, 'got error %s when resetting history: %s',

  192.             err)

  193.         conn:send_error(504, '{"error": "' .. err .. '"}')

  194.       else

  195.         conn:send_string('{"success":true}')

  196.       end

  197.     end

  198.     lua_redis.rspamd_redis_make_request(task,

  199.         redis_params, -- connect params

  200.         nil, -- hash key

  201.         true, -- is write

  202.         redis_ltrim_cb, --callback

  203.         'LTRIM', -- command

  204.         { prefix, '0', '0' } -- arguments

  205.     )

  206.   else

  207.     local function redis_lrange_cb(err, data)

  208.       if data then

  209.         local reply = {

  210.           version = 2,

  211.         }

  212.         if settings.compress then

  213.           local t1 = rspamd_util:get_ticks()

  214. 

  215.           data = fun.totable(fun.filter(function(e)

  216.             return e ~= nil

  217.           end,

  218.               fun.map(function(e)

  219.                 local _, dec = rspamd_util.zstd_decompress(e)

  220.                 if dec then

  221.                   return dec

  222.                 end

  223.                 return nil

  224.               end, data)))

  225.           lua_util.debugm(N, task, 'decompress took %s ms',

  226.               (rspamd_util:get_ticks() - t1) * 1000.0)

  227.           collectgarbage()

  228.         end

  229.         -- Parse elements using ucl

  230.         local t1 = rspamd_util:get_ticks()

  231.         data = fun.totable(

  232.             fun.map(function(_, obj)

  233.               return obj

  234.             end,

  235.                 fun.filter(function(res, obj)

  236.                   if res then

  237.                     return true

  238.                   end

  239.                   return false

  240.                 end,

  241.                     fun.map(function(elt)

  242.                       local parser = ucl.parser()

  243.                       local res, _ = parser:parse_text(elt)

  244. 

  245.                       if res then

  246.                         return true, parser:get_object()

  247.                       else

  248.                         return false, nil

  249.                       end

  250.                     end, data))))

  251.         lua_util.debugm(N, task, 'parse took %s ms',

  252.             (rspamd_util:get_ticks() - t1) * 1000.0)

  253.         collectgarbage()

  254.         t1 = rspamd_util:get_ticks()

  255.         reply.rows = data

  256.         conn:send_ucl(reply)

  257.         lua_util.debugm(N, task, 'process + sending took %s ms',

  258.             (rspamd_util:get_ticks() - t1) * 1000.0)

  259.         collectgarbage()

  260.       else

  261.         rspamd_logger.errx(task, 'got error %s when getting history: %s',

  262.             err)

  263.         conn:send_error(504, '{"error": "' .. err .. '"}')

  264.       end

  265.     end

  266.     lua_redis.rspamd_redis_make_request(task,

  267.         redis_params, -- connect params

  268.         nil, -- hash key

  269.         false, -- is write

  270.         redis_lrange_cb, --callback

  271.         'LRANGE', -- command

  272.         { prefix, string.format('%d', from), string.format('%d', to) }, -- arguments

  273.         { opaque_data = true }

  274.     )

  275.   end

  276. end

  277. 

  278. local opts = rspamd_config:get_all_opt('history_redis')

  279. if opts then

  280.   settings = lua_util.override_defaults(settings, opts)

  281.   local res, err = settings_schema:transform(settings)

  282. 

  283.   if not res then

  284.     rspamd_logger.warnx(rspamd_config, '%s: plugin is misconfigured: %s', N, err)

  285.     lua_util.disable_module(N, "config")

  286.     return

  287.   end

  288.   settings = res

  289. 

  290.   if settings.compress then

  291.     template_env.COMPRESS = '_zst'

  292.   else

  293.     template_env.COMPRESS = ''

  294.   end

  295. 

  296.   redis_params = lua_redis.parse_redis_server('history_redis')

  297.   if not redis_params then

  298.     rspamd_logger.infox(rspamd_config, 'no servers are specified, disabling module')

  299.     lua_util.disable_module(N, "redis")

  300.   else

  301.     rspamd_config:register_symbol({

  302.       name = 'HISTORY_SAVE',

  303.       type = 'idempotent',

  304.       callback = history_save,

  305.       flags = 'empty,explicit_disable,ignore_passthrough',

  306.       augmentations = { string.format("timeout=%f", redis_params.timeout or 0.0) }

  307.     })

  308.     lua_redis.register_prefix(lua_util.jinja_template(settings.key_prefix, template_env, false, true), N,

  309.         "Redis history", {

  310.           type = 'list',

  311.         })

  312.     rspamd_plugins['history'] = {

  313.       handler = handle_history_request

  314.     }

  315.   end

  316. end