aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2017-07-23 11:16:29 +0100
committerVsevolod Stakhov <vsevolod@highsecure.ru>2017-07-23 11:16:29 +0100
commit0c4562ba035ffc79591f1ed54e562678bfca53ac (patch)
tree6d279be0b366e7e65a67ab3076e488edfd50549c
parenta60c4fc67d4253f3af20f131e5af50eed82aa13e (diff)
downloadrspamd-0c4562ba035ffc79591f1ed54e562678bfca53ac.tar.gz
rspamd-0c4562ba035ffc79591f1ed54e562678bfca53ac.zip
[Feature] Allow to skip specific hashes in fuzzy storage
-rw-r--r--src/fuzzy_storage.c34
1 files changed, 33 insertions, 1 deletions
diff --git a/src/fuzzy_storage.c b/src/fuzzy_storage.c
index 66599d1f4..41f734593 100644
--- a/src/fuzzy_storage.c
+++ b/src/fuzzy_storage.c
@@ -168,6 +168,8 @@ struct rspamd_fuzzy_storage_ctx {
guint32 collection_id;
struct rspamd_worker *worker;
struct rspamd_http_connection_router *collection_rt;
+ const ucl_object_t *skip_map;
+ GHashTable *skip_hashes;
guchar cookie[COOKIE_SIZE];
};
@@ -784,6 +786,7 @@ rspamd_fuzzy_process_command (struct fuzzy_session *session)
struct fuzzy_peer_cmd *up_cmd;
struct fuzzy_peer_request *up_req;
struct fuzzy_key_stat *ip_stat = NULL;
+ gchar hexbuf[rspamd_cryptobox_HASHBYTES * 2 + 1];
rspamd_inet_addr_t *naddr;
gpointer ptr;
gsize up_len = 0;
@@ -871,6 +874,19 @@ rspamd_fuzzy_process_command (struct fuzzy_session *session)
}
else {
if (rspamd_fuzzy_check_client (session)) {
+ /* Check whitelist */
+ if (session->ctx->skip_hashes) {
+ rspamd_encode_hex_buf (cmd->digest, sizeof (cmd->cmd),
+ hexbuf, sizeof (hexbuf) - 1);
+ hexbuf[sizeof (hexbuf) - 1] = '\0';
+
+ if (g_hash_table_lookup (session->ctx->skip_hashes, hexbuf)) {
+ result.value = 401;
+ result.prob = 0.0;
+
+ goto reply;
+ }
+ }
if (session->worker->index == 0 || session->ctx->peer_fd == -1) {
/* Just add to the queue */
@@ -903,7 +919,7 @@ rspamd_fuzzy_process_command (struct fuzzy_session *session)
result.value = 403;
result.prob = 0.0;
}
-
+reply:
rspamd_fuzzy_make_reply (cmd, &result, session, encrypted, is_shingle);
}
}
@@ -2581,6 +2597,14 @@ init_fuzzy (struct rspamd_config *cfg)
G_STRUCT_OFFSET (struct rspamd_fuzzy_storage_ctx, collection_id_file),
RSPAMD_CL_FLAG_STRING_PATH,
"Store collection epoch in the desired file");
+ rspamd_rcl_register_worker_option (cfg,
+ type,
+ "skip_hashes",
+ rspamd_rcl_parse_struct_ucl,
+ ctx,
+ G_STRUCT_OFFSET (struct rspamd_fuzzy_storage_ctx, skip_map),
+ 0,
+ "Skip specific hashes from the map");
return ctx;
}
@@ -2828,6 +2852,14 @@ start_fuzzy (struct rspamd_worker *worker)
"Allow fuzzy master/slave updates from specified addresses",
&ctx->master_ips, NULL);
}
+ if (ctx->skip_map != NULL) {
+ if (!rspamd_map_add_from_ucl (cfg, ctx->skip_map,
+ "Skip hashes", rspamd_kv_list_read, rspamd_kv_list_fin,
+ (void **)&ctx->skip_hashes)) {
+ msg_warn_config ("cannot load hashes list from %s",
+ ucl_object_tostring (ctx->skip_map));
+ }
+ }
/* Maps events */
ctx->resolver = dns_resolver_init (worker->srv->logger,