diff options
| author | Klaus Umbach <klaus-github@uxix.de> | 2018-03-19 21:36:47 +0100 |
|---|---|---|
| committer | Klaus Umbach <klaus-github@uxix.de> | 2018-03-19 21:36:47 +0100 |
| commit | 704872625696f84bdd8f8371763b919f4e927895 (patch) | |
| tree | 7014afd44ed298c10f8f4b6f547a161391d0505e | |
| parent | e93878382153797c447335875fd82a90f587be97 (diff) | |
| download | rspamd-704872625696f84bdd8f8371763b919f4e927895.tar.gz rspamd-704872625696f84bdd8f8371763b919f4e927895.zip | |
implemented suggestions
* changed: default hashing-algorithm to blake2
* added: length-limit (default 16)
* changed: prefix to show it's obfuscated (obf)
| -rw-r--r-- | conf/modules.d/history_redis.conf | 1 | ||||
| -rw-r--r-- | src/plugins/lua/history_redis.lua | 6 |
2 files changed, 4 insertions, 3 deletions
diff --git a/conf/modules.d/history_redis.conf b/conf/modules.d/history_redis.conf index 0b85f3e01..1e170213e 100644 --- a/conf/modules.d/history_redis.conf +++ b/conf/modules.d/history_redis.conf @@ -19,7 +19,6 @@ history_redis { nrows = 200; # Default rows limit compress = true; # Use zstd compression when storing data in redis subject_privacy = false; # subject privacy is off - subject_privacy_alg = 'md5'; # default hash-algorithm to obfuscate subject .include(try=true,priority=5) "${DBDIR}/dynamic/history_redis.conf" .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/history_redis.conf" diff --git a/src/plugins/lua/history_redis.lua b/src/plugins/lua/history_redis.lua index af0511b91..44283fbb8 100644 --- a/src/plugins/lua/history_redis.lua +++ b/src/plugins/lua/history_redis.lua @@ -26,7 +26,9 @@ local settings = { nrows = 200, -- default rows limit compress = true, -- use zstd compression when storing data in redis subject_privacy = false, -- subject privacy is off - subject_privacy_alg = 'md5', -- default hash-algorithm to obfuscate subject + subject_privacy_alg = 'blake2', -- default hash-algorithm to obfuscate subject + subject_privacy_prefix = 'obf', -- prefix to show it's obfuscated + subject_privacy_length = 16, -- cut the length of the hash } local rspamd_logger = require "rspamd_logger" @@ -201,7 +203,7 @@ local function handle_history_request(task, conn, from, to, reset) elseif settings.subject_privacy then local hash_alg = settings.subject_privacy_alg local subject_hash = hash.create_specific(hash_alg, e.subject) - e.subject = hash_alg..':'..subject_hash:hex() + e.subject = settings.subject_privacy_prefix .. ':' .. subject_hash:hex():sub(1,settings.subject_privacy_length) end end, data) reply.rows = data |