aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2016-08-29 16:47:15 +0100
committerGitHub <noreply@github.com>2016-08-29 16:47:15 +0100
commit80b01286082b81035386dde0c099634f78a19cf0 (patch)
tree37be5c5edb4e4f0fa3c71f738a1e0f5e5d31dc10 /src/plugins
parent126cf4c5c45135b161d41600923d25e389906c4c (diff)
parent6b590581a00517a22fb981dcffa305999fe3e4d3 (diff)
downloadrspamd-80b01286082b81035386dde0c099634f78a19cf0.tar.gz
rspamd-80b01286082b81035386dde0c099634f78a19cf0.zip
Merge pull request #903 from fatalbanana/clamav
[Feature] Antivirus: Support whitelists & pattern-matching sig names
Diffstat (limited to 'src/plugins')
-rw-r--r--src/plugins/lua/antivirus.lua38
1 files changed, 34 insertions, 4 deletions
diff --git a/src/plugins/lua/antivirus.lua b/src/plugins/lua/antivirus.lua
index 79250eeb5..96a723fe0 100644
--- a/src/plugins/lua/antivirus.lua
+++ b/src/plugins/lua/antivirus.lua
@@ -17,10 +17,31 @@ limitations under the License.
local rspamd_logger = require "rspamd_logger"
local rspamd_util = require "rspamd_util"
local rspamd_redis = require "rspamd_redis"
+local rspamd_regexp = require "rspamd_regexp"
local tcp = require "rspamd_tcp"
local upstream_list = require "rspamd_upstream_list"
local redis_params
+local function match_patterns(default_sym, found, patterns)
+ if not patterns then return default_sym end
+ for sym, pat in pairs(patterns) do
+ if pat:match(found) then
+ return sym
+ end
+ end
+ return default_sym
+end
+
+local function yield_result(task, rule, vname)
+ local symname = match_patterns(rule['symbol'], vname, rule['patterns'])
+ if rule['whitelist'] and rule['whitelist']:get_key(vname) then
+ rspamd_logger.infox(task, '%s: "%s" is in whitelist', rule['type'], vname)
+ return
+ end
+ task:insert_result(symname, 1.0, vname)
+ rspamd_logger.infox(task, '%s: virus found: "%s"', rule['type'], vname)
+end
+
local function clamav_config(opts)
local clamav_conf = {
attachments_only = true,
@@ -80,7 +101,7 @@ local function check_av_cache(task, rule, fn)
if data and type(data) == 'string' then
-- Cached
if data ~= 'OK' then
- task:insert_result(rule['symbol'], 1.0, data)
+ yield_result(task, rule, data)
end
else
fn()
@@ -176,9 +197,7 @@ local function clamav_check(task, rule)
local cached = 'OK'
if s then
local vname = string.match(data:sub(1, s - 1), 'stream: (.+)')
- task:insert_result(rule['symbol'], 1.0, vname)
- rspamd_logger.infox(task, '%s: virus found: "%s"', rule['type'],
- vname)
+ yield_result(task, rule, vname)
cached = vname
end
@@ -235,6 +254,17 @@ local function add_antivirus_rule(sym, opts)
return nil
end
+ if opts['patterns'] then
+ rule['patterns'] = {}
+ for k, v in pairs(opts['patterns']) do
+ rule['patterns'][k] = rspamd_regexp.create_cached(v)
+ end
+ end
+
+ if opts['whitelist'] then
+ rule['whitelist'] = rspamd_config:add_hash_map(opts['whitelist'])
+ end
+
return function(task)
return cfg.check(task, rule)
end