diff options
-rw-r--r-- | src/worker.c | 29 | ||||
-rw-r--r-- | src/worker_private.h | 8 |
2 files changed, 10 insertions, 27 deletions
diff --git a/src/worker.c b/src/worker.c index 544f05cbd..9778cee08 100644 --- a/src/worker.c +++ b/src/worker.c @@ -342,7 +342,7 @@ accept_socket (gint fd, short what, void *arg) struct rspamd_worker_ctx *ctx; struct rspamd_task *task; rspamd_inet_addr_t *addr; - gint nfd; + gint nfd, http_opts = 0; ctx = worker->ctx; @@ -386,10 +386,14 @@ accept_socket (gint fd, short what, void *arg) /* TODO: allow to disable autolearn in protocol */ task->flags |= RSPAMD_TASK_FLAG_LEARN_AUTO; + if (ctx->encrypted_only && !rspamd_inet_address_is_local (addr, FALSE)) { + http_opts = RSPAMD_HTTP_REQUIRE_ENCRYPTION; + } + task->http_conn = rspamd_http_connection_new (rspamd_worker_body_handler, rspamd_worker_error_handler, rspamd_worker_finish_handler, - 0, + http_opts, RSPAMD_HTTP_SERVER, ctx->keys_cache, NULL); @@ -547,30 +551,13 @@ init_worker (struct rspamd_config *cfg) rspamd_rcl_register_worker_option (cfg, type, - "http", + "encrypted_only", rspamd_rcl_parse_struct_boolean, ctx, - G_STRUCT_OFFSET (struct rspamd_worker_ctx, is_http), + G_STRUCT_OFFSET (struct rspamd_worker_ctx, encrypted_only), 0, "Deprecated: always true now"); - rspamd_rcl_register_worker_option (cfg, - type, - "json", - rspamd_rcl_parse_struct_boolean, - ctx, - G_STRUCT_OFFSET (struct rspamd_worker_ctx, is_json), - 0, - "Deprecated: always true now"); - - rspamd_rcl_register_worker_option (cfg, - type, - "allow_learn", - rspamd_rcl_parse_struct_boolean, - ctx, - G_STRUCT_OFFSET (struct rspamd_worker_ctx, allow_learn), - 0, - "Deprecated: disabled and forgotten"); rspamd_rcl_register_worker_option (cfg, type, diff --git a/src/worker_private.h b/src/worker_private.h index fe4a6c4b3..f07a95b41 100644 --- a/src/worker_private.h +++ b/src/worker_private.h @@ -40,12 +40,8 @@ struct rspamd_worker_ctx { struct timeval io_tv; /* Detect whether this worker is mime worker */ gboolean is_mime; - /* HTTP worker */ - gboolean is_http; - /* JSON output */ - gboolean is_json; - /* Allow learning through worker */ - gboolean allow_learn; + /* Allow encrypted requests only using network */ + gboolean encrypted_only; /* Limit of tasks */ guint32 max_tasks; /* Maximum time for task processing */ |