aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2016-03-08 15:00:56 +0000
committerVsevolod Stakhov <vsevolod@highsecure.ru>2016-03-08 15:00:56 +0000
commit7cfee52f79040695515710b1bb4b8d0c6faf7c50 (patch)
treef5173215e431b8705ecb8fc7a9ae2ef721734369
parent1538ca59eb45d7c01e4cdd25e1ae57a0255d65b3 (diff)
downloadrspamd-7cfee52f79040695515710b1bb4b8d0c6faf7c50.tar.gz
rspamd-7cfee52f79040695515710b1bb4b8d0c6faf7c50.zip
[Feature] Add more features to dynamic updates
-rw-r--r--src/lua/lua_map.c2
-rw-r--r--src/plugins/lua/rspamd_update.lua90
2 files changed, 60 insertions, 32 deletions
diff --git a/src/lua/lua_map.c b/src/lua/lua_map.c
index eba020a85..df8e60fb1 100644
--- a/src/lua/lua_map.c
+++ b/src/lua/lua_map.c
@@ -443,8 +443,8 @@ lua_map_get_key (lua_State * L)
ud = luaL_checkudata (L, 2, "rspamd{ip}");
if (ud != NULL) {
addr = *((struct rspamd_lua_ip **)ud);
+
if (addr->addr == NULL) {
- msg_err ("rspamd{ip} is not valid");
addr = NULL;
}
}
diff --git a/src/plugins/lua/rspamd_update.lua b/src/plugins/lua/rspamd_update.lua
index 85b49bb10..14f9e54b7 100644
--- a/src/plugins/lua/rspamd_update.lua
+++ b/src/plugins/lua/rspamd_update.lua
@@ -23,6 +23,7 @@ local updates_priority = 2
local rspamd_config = rspamd_config
local hash = require "rspamd_cryptobox_hash"
local rspamd_version = rspamd_version
+local maps = {}
local function process_symbols(obj)
each(function(sym, score)
@@ -33,19 +34,25 @@ local function process_symbols(obj)
})
end, obj)
end
+
local function process_actions(obj)
each(function(act, score)
rspamd_config:set_metric_action({
- name = act,
+ action = act,
score = score,
priority = updates_priority
})
end, obj)
end
-local function process_actions(obj)
+local function process_rules(obj)
each(function(key, code)
- dostring(code)
+ local f = loadstring(code)
+ if f then
+ f()
+ else
+ rspamd_logger(rspamd_config, 'cannot load rules for %s', key)
+ end
end, obj)
end
@@ -70,47 +77,68 @@ local function check_version(obj)
return ret
end
-local function process_updates(data)
- local ucl = require "ucl"
- local parser = ucl.parser()
- local res,err = parser:parse_string(data)
-
- if not res then
- rspamd_logger.warnx(rspamd_config, 'cannot parse updates map: ' .. err)
- else
- local h = hash.create()
- h:update(data)
- local obj = parser:get_object()
-
- if check_version(obj) then
- if obj['symbols'] then
- process_symbols(obj['symbols'])
- end
- if obj['actions'] then
- process_actions(obj['actions'])
- end
- if obj['rules'] then
- process_rules(obj['rules'])
- end
+local function gen_callback(map)
+
+ return function(data)
+ local ucl = require "ucl"
+ local parser = ucl.parser()
+ local res,err = parser:parse_string(data)
- rspamd_logger.infox(rspamd_config, 'loaded new rules with hash "%s"',
- h:hex())
+ if not res then
+ rspamd_logger.warnx(rspamd_config, 'cannot parse updates map: ' .. err)
+ else
+ local h = hash.create()
+ h:update(data)
+ local obj = parser:get_object()
+
+ if check_version(obj) then
+ if obj['symbols'] then
+ process_symbols(obj['symbols'])
+ end
+ if obj['actions'] then
+ process_actions(obj['actions'])
+ end
+ if obj['rules'] then
+ process_rules(obj['rules'])
+ end
+
+ rspamd_logger.infox(rspamd_config, 'loaded new rules with hash "%s"',
+ h:hex())
+ end
end
- end
- return res
+ return res
+ end
end
-- Configuration part
local section = rspamd_config:get_all_opt("rspamd_update")
if section then
+ local trusted_key
each(function(k, elt)
if k == 'priority' then
updates_priority = tonumber(elt)
+ elseif k == 'key' then
+ trusted_key = elt
else
- if not rspamd_config:add_map(elt, "rspamd updates map", process_updates) then
- rspamd_logger.errx(rspamd_config, 'cannot load settings from %1', elt)
+ local map = rspamd_config:add_map(elt, "rspamd updates map", nil)
+ if not map then
+ rspamd_logger.errx(rspamd_config, 'cannot load updates from %1', elt)
+ else
+ map:set_callback(gen_callback(map))
+ maps['elt'] = map
end
end
end, section)
+
+ each(function(k, map)
+ -- Check sanity for maps
+ if map:get_proto() == 'http' and not map:get_sign_key() then
+ if trusted_key then
+ map:set_sign_key(trusted_key)
+ else
+ rspamd_logger.warnx(rspamd_config, 'Map %s is loaded by HTTP and it is not signed', k)
+ end
+ end
+ end, maps)
end