diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2021-08-06 12:42:06 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2021-08-06 12:42:06 +0100 |
| commit | a3b5ad3d3be5f44996d247e7b1486fcc9f8ba7e3 (patch) | |
| tree | 996e39b86863fafa2d80fb0753d6469e86a0eafb /lualib/lua_scanners/clamav.lua | |
| parent | 0f57c944b0338b51a3cb6c37b8fa84508f75f8a9 (diff) | |
| download | rspamd-a3b5ad3d3be5f44996d247e7b1486fcc9f8ba7e3.tar.gz rspamd-a3b5ad3d3be5f44996d247e7b1486fcc9f8ba7e3.zip | |
[Feature] Allow to save and show attachment name when inserting AV scan results
Diffstat (limited to 'lualib/lua_scanners/clamav.lua')
| -rw-r--r-- | lualib/lua_scanners/clamav.lua | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/lualib/lua_scanners/clamav.lua b/lualib/lua_scanners/clamav.lua index 7c56f5798..bc090036c 100644 --- a/lualib/lua_scanners/clamav.lua +++ b/lualib/lua_scanners/clamav.lua @@ -79,7 +79,7 @@ local function clamav_config(opts) return nil end -local function clamav_check(task, content, digest, rule) +local function clamav_check(task, content, digest, rule, maybe_part) local function clamav_check_uncached () local upstream = rule.upstreams:get_upstream_round_robin() local addr = upstream:get_addr() @@ -117,7 +117,9 @@ local function clamav_check(task, content, digest, rule) }) else rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits exceed', rule.log_prefix) - common.yield_result(task, rule, 'failed to scan and retransmits exceed', 0.0, 'fail') + common.yield_result(task, rule, + 'failed to scan and retransmits exceed', 0.0, 'fail', + maybe_part) end else @@ -138,25 +140,28 @@ local function clamav_check(task, content, digest, rule) local vname = string.match(data, 'stream: (.+) FOUND') if string.find(vname, '^Heuristics%.Encrypted') then rspamd_logger.errx(task, '%s: File is encrypted', rule.log_prefix) - common.yield_result(task, rule, 'File is encrypted: '.. vname, 0.0, 'encrypted') + common.yield_result(task, rule, 'File is encrypted: '.. vname, + 0.0, 'encrypted', maybe_part) cached = 'ENCRYPTED' elseif string.find(vname, '^Heuristics%.OLE2%.ContainsMacros') then rspamd_logger.errx(task, '%s: ClamAV Found an OLE2 Office Macro', rule.log_prefix) - common.yield_result(task, rule, vname, 0.0, 'macro') + common.yield_result(task, rule, vname, 0.0, 'macro', maybe_part) cached = 'MACRO' elseif string.find(vname, '^Heuristics%.Limits%.Exceeded') then rspamd_logger.errx(task, '%s: ClamAV Limits Exceeded', rule.log_prefix) - common.yield_result(task, rule, 'Limits Exceeded: '.. vname, 0.0, 'fail') + common.yield_result(task, rule, 'Limits Exceeded: '.. vname, 0.0, + 'fail', maybe_part) elseif vname then - common.yield_result(task, rule, vname) + common.yield_result(task, rule, vname, 1.0, nil, maybe_part) cached = vname else rspamd_logger.errx(task, '%s: unhandled response: %s', rule.log_prefix, data) - common.yield_result(task, rule, 'unhandled response:' .. vname, 0.0, 'fail') + common.yield_result(task, rule, 'unhandled response:' .. vname, 0.0, + 'fail', maybe_part) end end if cached then - common.save_cache(task, digest, rule, cached) + common.save_cache(task, digest, rule, cached, 1.0, maybe_part) end end end @@ -172,7 +177,8 @@ local function clamav_check(task, content, digest, rule) }) end - if common.condition_check_and_continue(task, content, rule, digest, clamav_check_uncached) then + if common.condition_check_and_continue(task, content, rule, digest, + clamav_check_uncached, maybe_part) then return else clamav_check_uncached() |