diff options
| -rw-r--r-- | conf/maps.d/surbl-whitelist.inc | 2 | ||||
| -rw-r--r-- | conf/modules.d/spf.conf | 7 | ||||
| -rw-r--r-- | src/libutil/logger.c | 45 | ||||
| -rw-r--r-- | src/lua/lua_task.c | 29 | ||||
| -rw-r--r-- | src/plugins/lua/spf.lua | 14 | ||||
| -rw-r--r-- | test/functional/configs/dmarc.conf | 4 | ||||
| -rw-r--r-- | test/functional/configs/maps/external_relay_ip.list | 1 |
7 files changed, 61 insertions, 41 deletions
diff --git a/conf/maps.d/surbl-whitelist.inc b/conf/maps.d/surbl-whitelist.inc index b0efda20a..401c1cec9 100644 --- a/conf/maps.d/surbl-whitelist.inc +++ b/conf/maps.d/surbl-whitelist.inc @@ -827,4 +827,4 @@ lists.isc.org lists.roundcube.net svn.apache.org taggedmail.com -tumblr.com +tumblr.com
\ No newline at end of file diff --git a/conf/modules.d/spf.conf b/conf/modules.d/spf.conf index 5dddecf97..836fd59db 100644 --- a/conf/modules.d/spf.conf +++ b/conf/modules.d/spf.conf @@ -15,7 +15,14 @@ spf { spf_cache_size = 2k; spf_cache_expire = 1d; + #external_relay = [ + #"$LOCAL_CONFDIR/local.d/maps.d/external_relay_ip.inc.local", + #"${DBDIR}/surbl-external_relay_ip.inc.local", + #"fallback+file://${CONFDIR}/maps.d/external_relay_ip.inc" + #]; + .include(try=true,priority=5) "${DBDIR}/dynamic/spf.conf" .include(try=true,priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/spf.conf" .include(try=true,priority=10) "$LOCAL_CONFDIR/override.d/spf.conf" + } diff --git a/src/libutil/logger.c b/src/libutil/logger.c index 4fc14c550..732eabf26 100644 --- a/src/libutil/logger.c +++ b/src/libutil/logger.c @@ -303,11 +303,28 @@ rspamd_try_open_log_fd (rspamd_logger_t *rspamd_log, uid_t uid, gid_t gid) gint rspamd_log_open_priv (rspamd_logger_t *rspamd_log, uid_t uid, gid_t gid) { + gint nfd; + if (!rspamd_log->opened) { + switch (rspamd_log->log_type) { case RSPAMD_LOG_CONSOLE: /* Dup stderr fd to simplify processing */ - rspamd_log->fd = dup (STDERR_FILENO); + nfd = dup (STDERR_FILENO); + + if (nfd == -1) { + return -1; + } + if (rspamd_log->fd != -1) { + /* + * Postponed closing (e.g. when we switch from + * LOG_FILE to LOG_CONSOLE) + */ + close (rspamd_log->fd); + } + + rspamd_log->fd = nfd; + if (isatty (STDERR_FILENO)) { rspamd_log->flags |= RSPAMD_LOG_FLAG_TTY; } @@ -320,12 +337,21 @@ rspamd_log_open_priv (rspamd_logger_t *rspamd_log, uid_t uid, gid_t gid) #endif break; case RSPAMD_LOG_FILE: - rspamd_log->fd = rspamd_try_open_log_fd (rspamd_log, uid, gid); + nfd = rspamd_try_open_log_fd (rspamd_log, uid, gid); - if (rspamd_log->fd == -1) { + if (nfd == -1) { return -1; } + if (rspamd_log->fd != -1) { + /* + * Postponed closing (e.g. when we switch from + * LOG_CONSOLE to LOG_FILE) + */ + close (rspamd_log->fd); + } + + rspamd_log->fd = nfd; rspamd_log->no_lock = TRUE; break; default: @@ -405,12 +431,18 @@ rspamd_log_close_priv (rspamd_logger_t *rspamd_log, gboolean termination, uid_t } #endif close (rspamd_log->fd); + rspamd_log->fd = -1; } break; case RSPAMD_LOG_CONSOLE: - if (rspamd_log->fd != -1) { - close (rspamd_log->fd); - } + /* + * Console logging is special: it is usually a last resort when + * we have errors or something like that. + * + * Hence, we need to postpone it's closing to the moment + * when we open (in a reliable matter!) a new logging + * facility. + */ break; } @@ -496,6 +528,7 @@ rspamd_set_logger (struct rspamd_config *cfg, if (plogger == NULL || *plogger == NULL) { logger = g_malloc0 (sizeof (rspamd_logger_t)); + logger->fd = -1; if (cfg->log_error_elts > 0 && pool) { logger->errlog = rspamd_mempool_alloc0_shared (pool, diff --git a/src/lua/lua_task.c b/src/lua/lua_task.c index 774bb0120..1562962e4 100644 --- a/src/lua/lua_task.c +++ b/src/lua/lua_task.c @@ -706,9 +706,7 @@ LUA_FUNCTION_DEF (task, disable_symbol); * * * `format` - a format of date returned: * - `message` - returns a mime date as integer (unix timestamp) - * - `message_str` - returns a mime date as string (UTC format) * - `connect` - returns a unix timestamp of a connection to rspamd - * - `connect_str` - returns connection time in UTC format * * `gmt` - returns date in `GMT` timezone (normal for unix timestamps) * * By default this function returns connection time in numeric format. @@ -4746,8 +4744,7 @@ lua_task_process_ann_tokens (lua_State *L) enum lua_date_type { DATE_CONNECT = 0, DATE_MESSAGE, - DATE_CONNECT_STRING, - DATE_MESSAGE_STRING + DATE_INVALID }; static enum lua_date_type @@ -4758,7 +4755,7 @@ lua_task_detect_date_type (struct rspamd_task *task, if (lua_type (L, idx) == LUA_TNUMBER) { gint num = lua_tonumber (L, idx); - if (num >= DATE_CONNECT && num <= DATE_MESSAGE_STRING) { + if (num >= DATE_CONNECT && num < DATE_INVALID) { return num; } } @@ -4774,10 +4771,6 @@ lua_task_detect_date_type (struct rspamd_task *task, if (str) { if (g_ascii_strcasecmp (str, "message") == 0) { type = DATE_MESSAGE; - } else if (g_ascii_strcasecmp (str, "connect_str") == 0) { - type = DATE_CONNECT_STRING; - } else if (g_ascii_strcasecmp (str, "message_str") == 0) { - type = DATE_MESSAGE_STRING; } } else { @@ -4815,7 +4808,7 @@ lua_task_get_date (lua_State *L) type = lua_task_detect_date_type (task, L, 2, &gmt); } /* Get GMT date and store it to time_t */ - if (type == DATE_CONNECT || type == DATE_CONNECT_STRING) { + if (type == DATE_CONNECT) { tim = task->task_timestamp; if (!gmt) { @@ -4828,7 +4821,8 @@ lua_task_get_date (lua_State *L) t.tm_gmtoff = 0; #endif t.tm_isdst = 0; - tim = mktime (&t); + /* Preserve fractional part as Lua is aware of it */ + tim = mktime (&t) + (tim - tt); } } else { @@ -4857,18 +4851,7 @@ lua_task_get_date (lua_State *L) } } - if (type == DATE_CONNECT || type == DATE_MESSAGE) { - lua_pushnumber (L, tim); - } - else { - GTimeVal tv; - gchar *out; - - double_to_tv (tim, &tv); - out = g_time_val_to_iso8601 (&tv); - lua_pushstring (L, out); - g_free (out); - } + lua_pushnumber (L, tim); } else { return luaL_error (L, "invalid arguments"); diff --git a/src/plugins/lua/spf.lua b/src/plugins/lua/spf.lua index 10daa0d2b..d6949cd76 100644 --- a/src/plugins/lua/spf.lua +++ b/src/plugins/lua/spf.lua @@ -89,7 +89,7 @@ local function spf_check_callback(task) local found = false for i,hdr in ipairs(rh) do - if hdr.real_ip and hdr.real_ip == local_config.external_relay then + if hdr.real_ip and local_config.external_relay:get_key(hdr.real_ip) then -- We can use the next header as a source of IP address if rh[i + 1] then local nhdr = rh[i + 1] @@ -219,16 +219,10 @@ if local_config.whitelist then end if local_config.external_relay then - local rspamd_ip = require "rspamd_ip" - local ip = rspamd_ip.from_string(local_config.external_relay) + local lua_maps = require "lua_maps" - if not ip or not ip:is_valid() then - rspamd_logger.errx(rspamd_config, "invalid external relay IP: %s", - local_config.external_relay) - local_config.external_relay = nil - else - local_config.external_relay = ip - end + local_config.external_relay = lua_maps.map_add_from_ucl(local_config.external_relay, + "radix", "External IP SPF map") end for _,sym in pairs(local_config.symbols) do diff --git a/test/functional/configs/dmarc.conf b/test/functional/configs/dmarc.conf index 08a542c70..b6164f9d2 100644 --- a/test/functional/configs/dmarc.conf +++ b/test/functional/configs/dmarc.conf @@ -1,4 +1,6 @@ dmarc { } spf { - external_relay = 192.168.1.1; + external_relay = [ + "${TESTDIR}/configs/maps/external_relay_ip.list", + ]; }
\ No newline at end of file diff --git a/test/functional/configs/maps/external_relay_ip.list b/test/functional/configs/maps/external_relay_ip.list new file mode 100644 index 000000000..3fc5c1775 --- /dev/null +++ b/test/functional/configs/maps/external_relay_ip.list @@ -0,0 +1 @@ +192.168.1.1
\ No newline at end of file |