diff options
Diffstat (limited to 'lualib/lua_scanners')
| -rw-r--r-- | lualib/lua_scanners/avast.lua | 3 | ||||
| -rw-r--r-- | lualib/lua_scanners/clamav.lua | 4 | ||||
| -rw-r--r-- | lualib/lua_scanners/cloudmark.lua | 24 | ||||
| -rw-r--r-- | lualib/lua_scanners/common.lua | 59 | ||||
| -rw-r--r-- | lualib/lua_scanners/dcc.lua | 107 | ||||
| -rw-r--r-- | lualib/lua_scanners/fprot.lua | 4 | ||||
| -rw-r--r-- | lualib/lua_scanners/icap.lua | 88 | ||||
| -rw-r--r-- | lualib/lua_scanners/init.lua | 6 | ||||
| -rw-r--r-- | lualib/lua_scanners/kaspersky_av.lua | 1 | ||||
| -rw-r--r-- | lualib/lua_scanners/kaspersky_se.lua | 12 | ||||
| -rw-r--r-- | lualib/lua_scanners/oletools.lua | 22 | ||||
| -rw-r--r-- | lualib/lua_scanners/p0f.lua | 36 | ||||
| -rw-r--r-- | lualib/lua_scanners/pyzor.lua | 11 | ||||
| -rw-r--r-- | lualib/lua_scanners/razor.lua | 13 | ||||
| -rw-r--r-- | lualib/lua_scanners/savapi.lua | 14 | ||||
| -rw-r--r-- | lualib/lua_scanners/spamassassin.lua | 20 | ||||
| -rw-r--r-- | lualib/lua_scanners/vadesecure.lua | 16 | ||||
| -rw-r--r-- | lualib/lua_scanners/virustotal.lua | 2 |
18 files changed, 235 insertions, 207 deletions
diff --git a/lualib/lua_scanners/avast.lua b/lualib/lua_scanners/avast.lua index 5c54f8c40..7e778979a 100644 --- a/lualib/lua_scanners/avast.lua +++ b/lualib/lua_scanners/avast.lua @@ -189,7 +189,7 @@ local function avast_check(task, content, digest, rule, maybe_part) -- Define callbacks - avast_helo_cb = function (merr, mdata, conn) + avast_helo_cb = function(merr, mdata, conn) -- Called when we have established a connection but not read anything tcp_conn = conn @@ -204,7 +204,6 @@ local function avast_check(task, content, digest, rule, maybe_part) end end - avast_scan_cb = function(merr) -- Called when we have send request to avast and are waiting for reply if no_connection_error(merr) then diff --git a/lualib/lua_scanners/clamav.lua b/lualib/lua_scanners/clamav.lua index f984864e7..fc99ab0b9 100644 --- a/lualib/lua_scanners/clamav.lua +++ b/lualib/lua_scanners/clamav.lua @@ -137,7 +137,7 @@ local function clamav_check(task, content, digest, rule, maybe_part) local vname = string.match(data, 'stream: (.+) FOUND') if string.find(vname, '^Heuristics%.Encrypted') then rspamd_logger.errx(task, '%s: File is encrypted', rule.log_prefix) - common.yield_result(task, rule, 'File is encrypted: '.. vname, + common.yield_result(task, rule, 'File is encrypted: ' .. vname, 0.0, 'encrypted', maybe_part) cached = 'ENCRYPTED' elseif string.find(vname, '^Heuristics%.OLE2%.ContainsMacros') then @@ -146,7 +146,7 @@ local function clamav_check(task, content, digest, rule, maybe_part) cached = 'MACRO' elseif string.find(vname, '^Heuristics%.Limits%.Exceeded') then rspamd_logger.errx(task, '%s: ClamAV Limits Exceeded', rule.log_prefix) - common.yield_result(task, rule, 'Limits Exceeded: '.. vname, 0.0, + common.yield_result(task, rule, 'Limits Exceeded: ' .. vname, 0.0, 'fail', maybe_part) elseif vname then common.yield_result(task, rule, vname, 1.0, nil, maybe_part) diff --git a/lualib/lua_scanners/cloudmark.lua b/lualib/lua_scanners/cloudmark.lua index 5993c4fe2..b07f238ea 100644 --- a/lualib/lua_scanners/cloudmark.lua +++ b/lualib/lua_scanners/cloudmark.lua @@ -84,7 +84,7 @@ local function cloudmark_preload(rule, cfg, ev_base, _) http.request({ ev_base = ev_base, config = cfg, - url = cloudmark_url(rule, addr, '/score/v2/max-message-size'), + url = cloudmark_url(rule, addr, '/score/v2/max-message-size'), callback = max_message_size_cb, }) end @@ -142,8 +142,8 @@ local function cloudmark_config(opts) if cloudmark_conf.upstreams then - cloudmark_conf.symbols = {{ symbol = cloudmark_conf.symbol_spam, score = 5.0 }} - cloudmark_conf.preloads = {cloudmark_preload} + cloudmark_conf.symbols = { { symbol = cloudmark_conf.symbol_spam, score = 5.0 } } + cloudmark_conf.preloads = { cloudmark_preload } lua_util.add_debug_alias('external_services', cloudmark_conf.name) return cloudmark_conf end @@ -162,7 +162,7 @@ local function table_to_multipart_body(tbl, boundary) local seen_data = false local out = {} - for k,v in pairs(tbl) do + for k, v in pairs(tbl) do if v.data then seen_data = true table.insert(out, string.format('--%s\r\n', boundary)) @@ -229,7 +229,7 @@ local function parse_cloudmark_reply(task, rule, body) if rule.add_headers and type(obj.appendHeaders) == 'table' then local headers_add = fun.tomap(fun.map(function(h) - return h.headerField,{ + return h.headerField, { order = 1, value = h.body } end, obj.appendHeaders)) @@ -275,7 +275,9 @@ local function cloudmark_check(task, content, digest, rule, maybe_part) local rcpt_to = task:get_recipients('smtp') if rcpt_to then request['rcptTo'] = { - data = table.concat(fun.totable(fun.map(function(r) return r.addr end, rcpt_to)), ',') + data = table.concat(fun.totable(fun.map(function(r) + return r.addr + end, rcpt_to)), ',') } end @@ -325,9 +327,9 @@ local function cloudmark_check(task, content, digest, rule, maybe_part) http.request(request_data) else - rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits '.. + rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits ' .. 'exceed', rule.log_prefix) - task:insert_result(rule['symbol_fail'], 0.0, 'failed to scan and '.. + task:insert_result(rule['symbol_fail'], 0.0, 'failed to scan and ' .. 'retransmits exceed') upstream:fail() end @@ -337,7 +339,9 @@ local function cloudmark_check(task, content, digest, rule, maybe_part) cloudmark_requery() else -- Parse the response - if upstream then upstream:ok() end + if upstream then + upstream:ok() + end if code ~= 200 then rspamd_logger.errx(task, 'invalid HTTP code: %s, body: %s, headers: %s', code, body, headers) task:insert_result(rule.symbol_fail, 1.0, 'Bad HTTP code: ' .. code) @@ -360,7 +364,7 @@ local function cloudmark_check(task, content, digest, rule, maybe_part) end return { - type = {'cloudmark', 'scanner'}, + type = { 'cloudmark', 'scanner' }, description = 'Cloudmark cartridge interface', configure = cloudmark_config, check = cloudmark_check, diff --git a/lualib/lua_scanners/common.lua b/lualib/lua_scanners/common.lua index c2e314d39..11f5e1f87 100644 --- a/lualib/lua_scanners/common.lua +++ b/lualib/lua_scanners/common.lua @@ -42,7 +42,9 @@ local function log_clean(task, rule, msg) end local function match_patterns(default_sym, found, patterns, dyn_weight) - if type(patterns) ~= 'table' then return default_sym, dyn_weight end + if type(patterns) ~= 'table' then + return default_sym, dyn_weight + end if not patterns[1] then for sym, pat in pairs(patterns) do if pat:match(found) then @@ -71,7 +73,7 @@ local function yield_result(task, rule, vname, dyn_weight, is_fail, maybe_part) local flags if type(vname) == 'string' then - threat_table = {vname} + threat_table = { vname } elseif type(vname) == 'table' then threat_table = vname end @@ -82,7 +84,9 @@ local function yield_result(task, rule, vname, dyn_weight, is_fail, maybe_part) patterns = rule.patterns symbol = rule.symbol threat_info = rule.detection_category .. 'found' - if not dyn_weight then dyn_weight = 1.0 end + if not dyn_weight then + dyn_weight = 1.0 + end elseif is_fail == 'fail' then patterns = rule.patterns_fail symbol = rule.symbol_fail @@ -100,7 +104,6 @@ local function yield_result(task, rule, vname, dyn_weight, is_fail, maybe_part) dyn_weight = 1.0 end - for _, tm in ipairs(threat_table) do local symname, symscore = match_patterns(symbol, tm, patterns, dyn_weight) if rule.whitelist and rule.whitelist:get_key(tm) then @@ -136,7 +139,9 @@ end local function message_not_too_large(task, content, rule) local max_size = tonumber(rule.max_size) - if not max_size then return true end + if not max_size then + return true + end if #content > max_size then rspamd_logger.infox(task, "skip %s check as it is too large: %s (%s is allowed)", rule.log_prefix, #content, max_size) @@ -147,7 +152,9 @@ end local function message_not_too_small(task, content, rule) local min_size = tonumber(rule.min_size) - if not min_size then return true end + if not min_size then + return true + end if #content < min_size then rspamd_logger.infox(task, "skip %s check as it is too small: %s (%s is allowed)", rule.log_prefix, #content, min_size) @@ -171,7 +178,7 @@ local function message_min_words(task, rule) if not text_part_above_limit then rspamd_logger.infox(task, '%s: #words in all text parts is below text_part_min_words limit: %s', - rule.log_prefix, rule.text_part_min_words) + rule.log_prefix, rule.text_part_min_words) end return text_part_above_limit @@ -192,7 +199,7 @@ local function dynamic_scan(task, rule) -- rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, "result is already reject") -- return false --elseif metric_result[1] > metric_result[2]*2 then - if metric_result[1] > metric_result[2]*2 then + if metric_result[1] > metric_result[2] * 2 then rspamd_logger.infox(task, '%s: aborting: %s', rule.log_prefix, 'score > 2 * reject_level: ' .. metric_result[1]) return false elseif has_pre_result and metric_action == 'reject' then @@ -236,7 +243,7 @@ local function need_check(task, content, rule, digest, fn, maybe_part) else lua_util.debugm(rule.name, task, '%s: got cached negative result for %s: %s', - rule.log_prefix, key, threat_string[1]) + rule.log_prefix, key, threat_string[1]) end uncached = false else @@ -251,10 +258,10 @@ local function need_check(task, content, rule, digest, fn, maybe_part) local f_dynamic_scan = dynamic_scan(task, rule) if uncached and - f_message_not_too_large and - f_message_not_too_small and - f_message_min_words and - f_dynamic_scan then + f_message_not_too_large and + f_message_not_too_small and + f_message_min_words and + f_dynamic_scan then fn() @@ -272,7 +279,7 @@ local function need_check(task, content, rule, digest, fn, maybe_part) false, -- is write redis_av_cb, --callback 'GET', -- command - {key} -- arguments) + { key } -- arguments) ) then return true end @@ -284,7 +291,9 @@ end local function save_cache(task, digest, rule, to_save, dyn_weight, maybe_part) local key = digest - if not dyn_weight then dyn_weight = 1.0 end + if not dyn_weight then + dyn_weight = 1.0 + end local function redis_set_cb(err) -- Do nothing @@ -293,7 +302,7 @@ local function save_cache(task, digest, rule, to_save, dyn_weight, maybe_part) rule.detection_category, to_save, key, err) else lua_util.debugm(rule.name, task, '%s: saved cached result for %s: %s - score %s - ttl %s', - rule.log_prefix, key, to_save, dyn_weight, rule.cache_expire) + rule.log_prefix, key, to_save, dyn_weight, rule.cache_expire) end end @@ -301,7 +310,7 @@ local function save_cache(task, digest, rule, to_save, dyn_weight, maybe_part) to_save = table.concat(to_save, '\v') end - local value_tbl = {to_save, dyn_weight} + local value_tbl = { to_save, dyn_weight } if maybe_part and rule.show_attachments and maybe_part:get_filename() then local fname = maybe_part:get_filename() table.insert(value_tbl, fname) @@ -381,24 +390,24 @@ local function gen_extension(fname) local ext = {} for n = 1, 2 do - ext[n] = #filename_parts > n and string.lower(filename_parts[#filename_parts + 1 - n]) or nil + ext[n] = #filename_parts > n and string.lower(filename_parts[#filename_parts + 1 - n]) or nil end - return ext[1],ext[2],filename_parts + return ext[1], ext[2], filename_parts end local function check_parts_match(task, rule) local filter_func = function(p) - local mtype,msubtype = p:get_type() + local mtype, msubtype = p:get_type() local detected_ext = p:get_detected_ext() local fname = p:get_filename() local ext, ext2 if rule.scan_all_mime_parts == false then - -- check file extension and filename regex matching + -- check file extension and filename regex matching --lua_util.debugm(rule.name, task, '%s: filename: |%s|%s|', rule.log_prefix, fname) if fname ~= nil then - ext,ext2 = gen_extension(fname) + ext, ext2 = gen_extension(fname) --lua_util.debugm(rule.name, task, '%s: extension, fname: |%s|%s|%s|', rule.log_prefix, ext, ext2, fname) if match_filter(task, rule, ext, rule.mime_parts_filter_ext, 'ext') or match_filter(task, rule, ext2, rule.mime_parts_filter_ext, 'ext') then @@ -433,8 +442,8 @@ local function check_parts_match(task, rule) if p:is_archive() then local arch = p:get_archive() local filelist = arch:get_files_full(1000) - for _,f in ipairs(filelist) do - ext,ext2 = gen_extension(f.name) + for _, f in ipairs(filelist) do + ext, ext2 = gen_extension(f.name) if match_filter(task, rule, ext, rule.mime_parts_filter_ext, 'ext') or match_filter(task, rule, ext2, rule.mime_parts_filter_ext, 'ext') then lua_util.debugm(rule.name, task, '%s: extension matched in archive: |%s|%s|', rule.log_prefix, ext, ext2) @@ -488,7 +497,7 @@ local function check_metric_results(task, rule) if rule.symbol_type == 'postfilter' and metric_action == 'reject' then return true, 'result is already reject' - elseif metric_result[1] > metric_result[2]*2 then + elseif metric_result[1] > metric_result[2] * 2 then return true, 'score > 2 * reject_level: ' .. metric_result[1] elseif has_pre_result and metric_action == 'reject' then return true, 'pre_result reject is set' diff --git a/lualib/lua_scanners/dcc.lua b/lualib/lua_scanners/dcc.lua index 5cf0ef4a6..8d5e9e10a 100644 --- a/lualib/lua_scanners/dcc.lua +++ b/lualib/lua_scanners/dcc.lua @@ -90,7 +90,7 @@ local function dcc_check(task, content, digest, rule) local upstream = rule.upstreams:get_upstream_round_robin() local addr = upstream:get_addr() local retransmits = rule.retransmits - local client = rule.client + local client = rule.client local client_ip = task:get_from_ip() if client_ip and client_ip:is_valid() then @@ -116,7 +116,8 @@ local function dcc_check(task, content, digest, rule) local rcpts = task:get_recipients(); if rcpts then local dcc_recipients = table.concat(fun.totable(fun.map(function(rcpt) - return rcpt['addr'] end, + return rcpt['addr'] + end, rcpts)), '\n') if dcc_recipients then envrcpt = dcc_recipients @@ -164,8 +165,8 @@ local function dcc_check(task, content, digest, rule) fuz2_max = 999999, }) else - rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits '.. - 'exceed', rule.log_prefix) + rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits ' .. + 'exceed', rule.log_prefix) common.yield_result(task, rule, 'failed to scan and retransmits exceed', 0.0, 'fail') end end @@ -176,14 +177,14 @@ local function dcc_check(task, content, digest, rule) else -- Parse the response - local _,_,result,disposition,header = tostring(data):find("(.-)\n(.-)\n(.-)$") + local _, _, result, disposition, header = tostring(data):find("(.-)\n(.-)\n(.-)$") lua_util.debugm(rule.name, task, 'DCC result=%1 disposition=%2 header="%3"', result, disposition, header) if header then -- Unfold header header = header:gsub('\r?\n%s*', ' ') - local _,_,info = header:find("; (.-)$") + local _, _, info = header:find("; (.-)$") if (result == 'R') then -- Reject common.yield_result(task, rule, info, rule.default_score) @@ -194,63 +195,65 @@ local function dcc_check(task, content, digest, rule) dcc_requery() elseif result == 'A' then - local opts = {} - local score = 0.0 - info = info:lower() - local rep = info:match('rep=([^=%s]+)') + local opts = {} + local score = 0.0 + info = info:lower() + local rep = info:match('rep=([^=%s]+)') - -- Adjust reputation if available - if rep then rep = tonumber(rep) end - if not rep then - rep = 1.0 + -- Adjust reputation if available + if rep then + rep = tonumber(rep) + end + if not rep then + rep = 1.0 + end + + local function check_threshold(what, num, lim) + local rnum + if num == 'many' then + rnum = lim + else + rnum = tonumber(num) end - local function check_threshold(what, num, lim) - local rnum - if num == 'many' then - rnum = lim - else - rnum = tonumber(num) - end - - if rnum and rnum >= lim then - opts[#opts + 1] = string.format('%s=%s', what, num) - score = score + rep / 3.0 - end + if rnum and rnum >= lim then + opts[#opts + 1] = string.format('%s=%s', what, num) + score = score + rep / 3.0 end + end - info = info:lower() - local body = info:match('body=([^=%s]+)') + info = info:lower() + local body = info:match('body=([^=%s]+)') - if body then - check_threshold('body', body, rule.body_max) - end + if body then + check_threshold('body', body, rule.body_max) + end - local fuz1 = info:match('fuz1=([^=%s]+)') + local fuz1 = info:match('fuz1=([^=%s]+)') - if fuz1 then - check_threshold('fuz1', fuz1, rule.fuz1_max) - end + if fuz1 then + check_threshold('fuz1', fuz1, rule.fuz1_max) + end - local fuz2 = info:match('fuz2=([^=%s]+)') + local fuz2 = info:match('fuz2=([^=%s]+)') - if fuz2 then - check_threshold('fuz2', fuz2, rule.fuz2_max) - end + if fuz2 then + check_threshold('fuz2', fuz2, rule.fuz2_max) + end - if #opts > 0 and score > 0 then - task:insert_result(rule.symbol_bulk, - score, - opts) - common.save_cache(task, digest, rule, opts, score) + if #opts > 0 and score > 0 then + task:insert_result(rule.symbol_bulk, + score, + opts) + common.save_cache(task, digest, rule, opts, score) + else + common.save_cache(task, digest, rule, 'OK') + if rule.log_clean then + rspamd_logger.infox(task, '%s: clean, returned result A - info: %s', + rule.log_prefix, info) else - common.save_cache(task, digest, rule, 'OK') - if rule.log_clean then - rspamd_logger.infox(task, '%s: clean, returned result A - info: %s', - rule.log_prefix, info) - else - lua_util.debugm(rule.name, task, '%s: returned result A - info: %s', - rule.log_prefix, info) + lua_util.debugm(rule.name, task, '%s: returned result A - info: %s', + rule.log_prefix, info) end end elseif result == 'G' then @@ -302,7 +305,7 @@ local function dcc_check(task, content, digest, rule) end return { - type = {'dcc','bulk', 'hash', 'scanner'}, + type = { 'dcc', 'bulk', 'hash', 'scanner' }, description = 'dcc bulk scanner', configure = dcc_config, check = dcc_check, diff --git a/lualib/lua_scanners/fprot.lua b/lualib/lua_scanners/fprot.lua index d2153f7ac..5a469c327 100644 --- a/lualib/lua_scanners/fprot.lua +++ b/lualib/lua_scanners/fprot.lua @@ -84,7 +84,9 @@ local function fprot_check(task, content, digest, rule, maybe_part) local addr = upstream:get_addr() local retransmits = rule.retransmits local scan_id = task:get_queue_id() - if not scan_id then scan_id = task:get_uid() end + if not scan_id then + scan_id = task:get_uid() + end local header = string.format('SCAN STREAM %s SIZE %d\n', scan_id, #content) local footer = '\n' diff --git a/lualib/lua_scanners/icap.lua b/lualib/lua_scanners/icap.lua index ba571b13d..16459b06e 100644 --- a/lualib/lua_scanners/icap.lua +++ b/lualib/lua_scanners/icap.lua @@ -91,7 +91,6 @@ local common = require "lua_scanners/common" local rspamd_util = require "rspamd_util" local rspamd_version = rspamd_version - local N = 'icap' local function icap_config(opts) @@ -151,8 +150,8 @@ local function icap_config(opts) end icap_conf.upstreams = upstream_list.create(rspamd_config, - icap_conf.servers, - icap_conf.default_port) + icap_conf.servers, + icap_conf.default_port) if icap_conf.upstreams then lua_util.add_debug_alias('external_services', icap_conf.name) @@ -160,7 +159,7 @@ local function icap_config(opts) end rspamd_logger.errx(rspamd_config, 'cannot parse servers %s', - icap_conf.servers) + icap_conf.servers) return nil end @@ -180,7 +179,7 @@ local function icap_check(task, content, digest, rule, maybe_part) rspamd_version('main'), rspamd_version('id'), rspamd_util.get_hostname(), - string.sub(task:get_uid(), 1,6)) + string.sub(task:get_uid(), 1, 6)) end -- Build the icap queries @@ -196,9 +195,9 @@ local function icap_check(task, content, digest, rule, maybe_part) end local respond_headers = { - -- Add main RESPMOD header before any other - string.format('RESPMOD icap://%s/%s ICAP/1.0\r\n', addr:to_string(), rule.scheme), - string.format('Host: %s\r\n', addr:to_string()), + -- Add main RESPMOD header before any other + string.format('RESPMOD icap://%s/%s ICAP/1.0\r\n', addr:to_string(), rule.scheme), + string.format('Host: %s\r\n', addr:to_string()), } local size = tonumber(#content) @@ -221,7 +220,7 @@ local function icap_check(task, content, digest, rule, maybe_part) addr = upstream:get_addr() lua_util.debugm(rule.name, task, '%s: retry IP: %s:%s', - rule.log_prefix, addr, addr:get_port()) + rule.log_prefix, addr, addr:get_port()) tcp_options.host = addr:to_string() tcp_options.port = addr:get_port() @@ -232,8 +231,8 @@ local function icap_check(task, content, digest, rule, maybe_part) tcp.request(tcp_options) else - rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits '.. - 'exceed - error: %s', rule.log_prefix, err_m or '') + rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits ' .. + 'exceed - error: %s', rule.log_prefix, err_m or '') common.yield_result(task, rule, string.format('failed - error: %s', err_m), 0.0, 'fail', maybe_part) end @@ -309,9 +308,13 @@ local function icap_check(task, content, digest, rule, maybe_part) end table.insert(respond_headers, '\r\n') - for _,h in ipairs(resp_req_headers) do table.insert(respond_headers, h) end + for _, h in ipairs(resp_req_headers) do + table.insert(respond_headers, h) + end table.insert(respond_headers, '\r\n') - for _,h in ipairs(resp_http_headers) do table.insert(respond_headers, h) end + for _, h in ipairs(resp_http_headers) do + table.insert(respond_headers, h) + end table.insert(respond_headers, '\r\n') table.insert(respond_headers, chunked_size .. '\r\n') table.insert(respond_headers, content) @@ -333,7 +336,7 @@ local function icap_check(task, content, digest, rule, maybe_part) elseif string.find(s, '^HTTP') then icap_headers['http'] = tostring(s) elseif string.find(s, '[%a%d-+]-:') then - local _,_,key,value = tostring(s):find("([%a%d-+]-):%s?(.+)") + local _, _, key, value = tostring(s):find("([%a%d-+]-):%s?(.+)") if key ~= nil then icap_headers[key:lower()] = tostring(value) end @@ -349,7 +352,7 @@ local function icap_check(task, content, digest, rule, maybe_part) if maybe_split and string.find(icap_threat, ',') then local threats = lua_util.str_split(string.gsub(icap_threat, "%s", ""), ',') or {} - for _,v in ipairs(threats) do + for _, v in ipairs(threats) do table.insert(threat_table, v) end else @@ -421,8 +424,7 @@ local function icap_check(task, content, digest, rule, maybe_part) -- Generic ICAP Headers if headers['x-infection-found'] then - local _,_,icap_type,_,icap_threat = - headers['x-infection-found']:find("Type=(.-); Resolution=(.-); Threat=(.-);$") + local _, _, icap_type, _, icap_threat = headers['x-infection-found']:find("Type=(.-); Resolution=(.-); Threat=(.-);$") -- Type=2 is typical for scan error returns if icap_type and icap_type == '2' then @@ -435,8 +437,8 @@ local function icap_check(task, content, digest, rule, maybe_part) lua_util.debugm(rule.name, task, '%s: icap X-Infection-Found: %s', rule.log_prefix, icap_threat) threat_table_add(icap_threat, false) - -- stupid workaround for unuseable x-infection-found header - -- but also x-virus-name set (McAfee Web Gateway 9) + -- stupid workaround for unuseable x-infection-found header + -- but also x-virus-name set (McAfee Web Gateway 9) elseif not icap_threat and headers['x-virus-name'] then threat_table_add(headers['x-virus-name'], true) else @@ -450,7 +452,7 @@ local function icap_check(task, content, digest, rule, maybe_part) lua_util.debugm(rule.name, task, '%s: icap X-Virus-ID: %s', rule.log_prefix, headers['x-virus-id']) threat_table_add(headers['x-virus-id'], true) - -- FSecure X-Headers + -- FSecure X-Headers elseif headers['x-fsecure-scan-result'] and headers['x-fsecure-scan-result'] ~= "clean" then local infected_filename = "" @@ -468,23 +470,23 @@ local function icap_check(task, content, digest, rule, maybe_part) rule.log_prefix, infection_name, infected_filename) threat_table_add(infection_name, true) - -- McAfee Web Gateway manual extra headers + -- McAfee Web Gateway manual extra headers elseif headers['x-mwg-block-reason'] and headers['x-mwg-block-reason'] ~= "" then threat_table_add(headers['x-mwg-block-reason'], false) - -- Sophos SAVDI special http headers + -- Sophos SAVDI special http headers elseif headers['x-blocked'] and headers['x-blocked'] ~= "" then threat_table_add(headers['x-blocked'], false) elseif headers['x-block-reason'] and headers['x-block-reason'] ~= "" then threat_table_add(headers['x-block-reason'], false) - -- last try HTTP [4]xx return + -- last try HTTP [4]xx return elseif headers.http and string.find(headers.http, '^HTTP%/[12]%.. [4]%d%d') then threat_table_add( - string.format("pseudo-virus (blocked): %s", string.gsub(headers.http, 'HTTP%/[12]%.. ', '')), false) + string.format("pseudo-virus (blocked): %s", string.gsub(headers.http, 'HTTP%/[12]%.. ', '')), false) elseif rule.use_http_3xx_as_threat and headers.http and string.find(headers.http, '^HTTP%/[12]%.. [3]%d%d') - then + then threat_table_add( - string.format("pseudo-virus (redirect): %s", string.gsub(headers.http, 'HTTP%/[12]%.. ', '')), false) + string.format("pseudo-virus (redirect): %s", string.gsub(headers.http, 'HTTP%/[12]%.. ', '')), false) end if #threat_table > 0 then @@ -515,7 +517,7 @@ local function icap_check(task, content, digest, rule, maybe_part) end else rspamd_logger.errx(task, '%s: unhandled response |%s|', - rule.log_prefix, string.gsub(result, "\r\n", ", ")) + rule.log_prefix, string.gsub(result, "\r\n", ", ")) common.yield_result(task, rule, string.format('unhandled icap response: %s', icap_http_headers.icap), 0.0, 'fail', maybe_part) end @@ -536,13 +538,13 @@ local function icap_check(task, content, digest, rule, maybe_part) -- Threat found - close connection connection:close() elseif not icap_header_result - and rule.use_http_result_header - and icap_headers.encapsulated - and not string.find(icap_headers.encapsulated, 'null%-body=0') - then + and rule.use_http_result_header + and icap_headers.encapsulated + and not string.find(icap_headers.encapsulated, 'null%-body=0') + then -- Try to read encapsulated HTTP Headers lua_util.debugm(rule.name, task, '%s: no ICAP virus header found - try HTTP headers', - rule.log_prefix) + rule.log_prefix) connection:add_read(icap_r_respond_http_cb, '\r\n\r\n') else connection:close() @@ -569,7 +571,7 @@ local function icap_check(task, content, digest, rule, maybe_part) return false else rspamd_logger.errx(task, '%s: unhandled response |%s|', - rule.log_prefix, string.gsub(result, "\r\n", ", ")) + rule.log_prefix, string.gsub(result, "\r\n", ", ")) common.yield_result(task, rule, string.format('unhandled icap response: %s', icap_headers.icap), 0.0, 'fail', maybe_part) end @@ -600,7 +602,9 @@ local function icap_check(task, content, digest, rule, maybe_part) if rule.x_client_header then local client = task:get_from_ip() - if client then add_respond_header('X-Client-IP', client:to_string()) end + if client then + add_respond_header('X-Client-IP', client:to_string()) + end end -- F-Secure extra headers @@ -608,19 +612,23 @@ local function icap_check(task, content, digest, rule, maybe_part) if rule.x_rcpt_header then local rcpt_to = task:get_principal_recipient() - if rcpt_to then add_respond_header('X-Rcpt-To', rcpt_to) end + if rcpt_to then + add_respond_header('X-Rcpt-To', rcpt_to) + end end if rule.x_from_header then local mail_from = task:get_principal_recipient() - if mail_from and mail_from[1] then add_respond_header('X-Rcpt-To', mail_from[1].addr) end + if mail_from and mail_from[1] then + add_respond_header('X-Rcpt-To', mail_from[1].addr) + end end end if icap_headers.connection and icap_headers.connection:lower() == 'close' then lua_util.debugm(rule.name, task, '%s: OPTIONS request Connection: %s - using new connection', - rule.log_prefix, icap_headers.connection) + rule.log_prefix, icap_headers.connection) connection:close() tcp_options.callback = icap_w_respond_cb tcp_options.data = get_respond_query() @@ -631,13 +639,13 @@ local function icap_check(task, content, digest, rule, maybe_part) else rspamd_logger.errx(task, '%s: RESPMOD method not advertised: Methods: %s', - rule.log_prefix, icap_headers['methods']) + rule.log_prefix, icap_headers['methods']) common.yield_result(task, rule, 'NO RESPMOD', 0.0, 'fail', maybe_part) end else rspamd_logger.errx(task, '%s: OPTIONS query failed: %s', - rule.log_prefix, icap_headers.icap or "-") + rule.log_prefix, icap_headers.icap or "-") common.yield_result(task, rule, 'OPTIONS query failed', 0.0, 'fail', maybe_part) end @@ -682,7 +690,7 @@ local function icap_check(task, content, digest, rule, maybe_part) end return { - type = {N, 'virus', 'virus', 'scanner'}, + type = { N, 'virus', 'virus', 'scanner' }, description = 'generic icap antivirus', configure = icap_config, check = icap_check, diff --git a/lualib/lua_scanners/init.lua b/lualib/lua_scanners/init.lua index 20bea7a47..e47cebeec 100644 --- a/lualib/lua_scanners/init.lua +++ b/lualib/lua_scanners/init.lua @@ -25,7 +25,7 @@ local exports = { } local function require_scanner(name) - local sc = require ("lua_scanners/" .. name) + local sc = require("lua_scanners/" .. name) exports[sc.name or name] = sc end @@ -65,7 +65,9 @@ exports.filter = function(t) return fun.tomap(fun.filter(function(_, elt) return type(elt) == 'table' and elt.type and ( (type(elt.type) == 'string' and elt.type == t) or - (type(elt.type) == 'table' and fun.any(function(tt) return tt == t end, elt.type)) + (type(elt.type) == 'table' and fun.any(function(tt) + return tt == t + end, elt.type)) ) end, exports)) end diff --git a/lualib/lua_scanners/kaspersky_av.lua b/lualib/lua_scanners/kaspersky_av.lua index 69aaad7e5..d52cef041 100644 --- a/lualib/lua_scanners/kaspersky_av.lua +++ b/lualib/lua_scanners/kaspersky_av.lua @@ -107,7 +107,6 @@ local function kaspersky_check(task, content, digest, rule, maybe_part) rspamd_util.close_file(message_fd) end) - local function kaspersky_callback(err, data) if err then diff --git a/lualib/lua_scanners/kaspersky_se.lua b/lualib/lua_scanners/kaspersky_se.lua index b0031ad69..5e0f2eaad 100644 --- a/lualib/lua_scanners/kaspersky_se.lua +++ b/lualib/lua_scanners/kaspersky_se.lua @@ -125,7 +125,7 @@ local function kaspersky_se_check(task, content, digest, rule, maybe_part) local req_body if rule.use_files then - local fname = string.format('%s/%s.tmp', + local fname = string.format('%s/%s.tmp', rule.tmpdir, rspamd_util.random_hex(32)) local message_fd = rspamd_util.create_file(fname) @@ -187,9 +187,9 @@ local function kaspersky_se_check(task, content, digest, rule, maybe_part) http.request(request_data) else - rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits '.. + rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits ' .. 'exceed', rule.log_prefix) - task:insert_result(rule['symbol_fail'], 0.0, 'failed to scan and '.. + task:insert_result(rule['symbol_fail'], 0.0, 'failed to scan and ' .. 'retransmits exceed') end end @@ -198,7 +198,9 @@ local function kaspersky_se_check(task, content, digest, rule, maybe_part) requery() else -- Parse the response - if upstream then upstream:ok() end + if upstream then + upstream:ok() + end if code ~= 200 then rspamd_logger.errx(task, 'invalid HTTP code: %s, body: %s, headers: %s', code, body, headers) task:insert_result(rule.symbol_fail, 1.0, 'Bad HTTP code: ' .. code) @@ -242,7 +244,7 @@ local function kaspersky_se_check(task, content, digest, rule, maybe_part) if why == 'PASSWORD PROTECTED' then rspamd_logger.errx(task, '%s: File is encrypted', rule.log_prefix) - common.yield_result(task, rule, 'File is encrypted: '.. why, + common.yield_result(task, rule, 'File is encrypted: ' .. why, 0.0, 'encrypted', maybe_part) cached = 'ENCRYPTED' else diff --git a/lualib/lua_scanners/oletools.lua b/lualib/lua_scanners/oletools.lua index 8513699a0..378e09467 100644 --- a/lualib/lua_scanners/oletools.lua +++ b/lualib/lua_scanners/oletools.lua @@ -122,7 +122,7 @@ local function oletools_check(task, content, digest, rule, maybe_part) callback = oletools_callback, }) else - rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits '.. + rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits ' .. 'exceed - err: %s', rule.log_prefix, error) common.yield_result(task, rule, 'failed to scan, maximum retransmits exceed - err: ' .. error, @@ -137,9 +137,9 @@ local function oletools_check(task, content, digest, rule, maybe_part) else json_response = json_response .. tostring(data) - if not string.find(json_response, '\t\n\n\t') and #data == 8192 then + if not string.find(json_response, '\t\n\n\t') and #data == 8192 then lua_util.debugm(rule.name, task, '%s: no stop word: add_read - #json: %s / current packet: %s', - rule.log_prefix, #json_response, #data) + rule.log_prefix, #json_response, #data) conn:add_read(oletools_callback) else @@ -243,7 +243,7 @@ local function oletools_check(task, content, digest, rule, maybe_part) rule.log_prefix, v.message) --common.yield_result(task, rule, 'failed - err: ' .. v.error, 0.0, 'fail') - elseif type(v.analysis) == 'table' and type(v.macros) == 'table' then + elseif type(v.analysis) == 'table' and type(v.macros) == 'table' then -- analysis + macro found - evaluate response if type(v.analysis) == 'table' and #v.analysis == 0 and #v.macros == 0 then @@ -259,20 +259,20 @@ local function oletools_check(task, content, digest, rule, maybe_part) lua_util.debugm(rule.name, task, '%s: type: %s', rule.log_prefix, result[2]['type']) - for _,m in ipairs(v.macros) do - lua_util.debugm(rule.name, task, '%s: macros found - code: %s, ole_stream: %s, '.. + for _, m in ipairs(v.macros) do + lua_util.debugm(rule.name, task, '%s: macros found - code: %s, ole_stream: %s, ' .. 'vba_filename: %s', rule.log_prefix, m.code, m.ole_stream, m.vba_filename) end - for _,a in ipairs(v.analysis) do - lua_util.debugm(rule.name, task, '%s: threat found - type: %s, keyword: %s, '.. + for _, a in ipairs(v.analysis) do + lua_util.debugm(rule.name, task, '%s: threat found - type: %s, keyword: %s, ' .. 'description: %s', rule.log_prefix, a.type, a.keyword, a.description) if a.type == 'AutoExec' then analysis_cat_table.autoexec = 'A' table.insert(analysis_keyword_table, a.keyword) elseif a.type == 'Suspicious' then if rule.extended == true or - (a.keyword ~= 'Base64 Strings' and a.keyword ~= 'Hex Strings') + (a.keyword ~= 'Base64 Strings' and a.keyword ~= 'Hex Strings') then analysis_cat_table.suspicious = 'S' table.insert(analysis_keyword_table, a.keyword) @@ -312,7 +312,7 @@ local function oletools_check(task, content, digest, rule, maybe_part) local analysis_cat_table_keys_sorted = lua_util.keys(analysis_cat_table) table.sort(analysis_cat_table_keys_sorted) - for _,v in ipairs(analysis_cat_table_keys_sorted) do + for _, v in ipairs(analysis_cat_table_keys_sorted) do table.insert(analysis_cat_table_values_sorted, analysis_cat_table[v]) end @@ -361,7 +361,7 @@ local function oletools_check(task, content, digest, rule, maybe_part) end return { - type = {N, 'attachment scanner', 'hash', 'scanner'}, + type = { N, 'attachment scanner', 'hash', 'scanner' }, description = 'oletools office macro scanner', configure = oletools_config, check = oletools_check, diff --git a/lualib/lua_scanners/p0f.lua b/lualib/lua_scanners/p0f.lua index c5ccea1fe..7785f83ce 100644 --- a/lualib/lua_scanners/p0f.lua +++ b/lualib/lua_scanners/p0f.lua @@ -30,8 +30,8 @@ local common = require "lua_scanners/common" -- SEE: https://github.com/p0f/p0f/blob/v3.06b/docs/README#L317 local S = { BAD_QUERY = 0x0, - OK = 0x10, - NO_MATCH = 0x20 + OK = 0x10, + NO_MATCH = 0x20 } local N = 'p0f' @@ -49,7 +49,7 @@ local function p0f_check(task, ip, rule) end local function trim(...) - local vars = {...} + local vars = { ... } for k, v in ipairs(vars) do -- skip numbers, trim only strings @@ -73,22 +73,22 @@ local function p0f_check(task, ip, rule) -- API response must be 232 bytes long if #data ~= 232 then rspamd_logger.errx(task, 'malformed response from p0f on %s, %s bytes', - rule.socket, #data) + rule.socket, #data) common.yield_result(task, rule, 'Malformed Response: ' .. rule.socket, - 0.0, 'fail') + 0.0, 'fail') return end local _, status, _, _, _, uptime_min, _, _, _, distance, _, _, os_name, - os_flavor, _, _, link_type, _ = trim(rspamd_util.unpack( + os_flavor, _, _, link_type, _ = trim(rspamd_util.unpack( 'I4I4I4I4I4I4I4I4I4hbbc32c32c32c32c32c32', data)) if status ~= S.OK then if status == S.BAD_QUERY then rspamd_logger.errx(task, 'malformed p0f query on %s', rule.socket) common.yield_result(task, rule, 'Malformed Query: ' .. rule.socket, - 0.0, 'fail') + 0.0, 'fail') end return @@ -97,19 +97,19 @@ local function p0f_check(task, ip, rule) local os_string = #os_name == 0 and 'unknown' or os_name .. ' ' .. os_flavor task:get_mempool():set_variable('os_fingerprint', os_string, link_type, - uptime_min, distance) + uptime_min, distance) if link_type and #link_type > 0 then common.yield_result(task, rule, { os_string, 'link=' .. link_type, - 'distance=' .. distance}, + 'distance=' .. distance }, 0.0) else common.yield_result(task, rule, { os_string, 'link=unknown', - 'distance=' .. distance}, + 'distance=' .. distance }, 0.0) end @@ -153,7 +153,7 @@ local function p0f_check(task, ip, rule) end local query = rspamd_util.pack('I4 I1 c16', 0x50304601, - ip:get_version(), ip2bin(ip)) + ip:get_version(), ip2bin(ip)) tcp.request({ host = rule.socket, @@ -176,12 +176,12 @@ local function p0f_check(task, ip, rule) if rule.redis_params then local key = rule.prefix .. ip:to_string() ret = lua_redis.redis_make_request(task, - rule.redis_params, - key, - false, - redis_get_cb, - 'GET', - { key } + rule.redis_params, + key, + false, + redis_get_cb, + 'GET', + { key } ) end @@ -219,7 +219,7 @@ local function p0f_config(opts) end return { - type = {N, 'fingerprint', 'scanner'}, + type = { N, 'fingerprint', 'scanner' }, description = 'passive OS fingerprinter', configure = p0f_config, check = p0f_check, diff --git a/lualib/lua_scanners/pyzor.lua b/lualib/lua_scanners/pyzor.lua index 78250a3ad..75c1b4a15 100644 --- a/lualib/lua_scanners/pyzor.lua +++ b/lualib/lua_scanners/pyzor.lua @@ -28,7 +28,7 @@ local rspamd_logger = require "rspamd_logger" local common = require "lua_scanners/common" local N = 'pyzor' -local categories = {'pyzor','bulk', 'hash', 'scanner'} +local categories = { 'pyzor', 'bulk', 'hash', 'scanner' } local function pyzor_config(opts) @@ -174,10 +174,10 @@ local function pyzor_check(task, content, digest, rule) end end - if digest == 'da39a3ee5e6b4b0d3255bfef95601890afd80709' then - rspamd_logger.infox(task, '%s: not checking default digest', rule.log_prefix) - return - end + if digest == 'da39a3ee5e6b4b0d3255bfef95601890afd80709' then + rspamd_logger.infox(task, '%s: not checking default digest', rule.log_prefix) + return + end tcp.request({ task = task, @@ -197,7 +197,6 @@ local function pyzor_check(task, content, digest, rule) end end - return { type = categories, description = 'pyzor bulk scanner', diff --git a/lualib/lua_scanners/razor.lua b/lualib/lua_scanners/razor.lua index 7de4c84eb..fcc0a8e3a 100644 --- a/lualib/lua_scanners/razor.lua +++ b/lualib/lua_scanners/razor.lua @@ -80,7 +80,6 @@ local function razor_config(opts) return nil end - local function razor_check(task, content, digest, rule) local function razor_check_uncached () local upstream = rule.upstreams:get_upstream_round_robin() @@ -96,14 +95,14 @@ local function razor_check(task, content, digest, rule) retransmits = retransmits - 1 lua_util.debugm(rule.name, task, '%s: Request Error: %s - retries left: %s', - rule.log_prefix, err, retransmits) + rule.log_prefix, err, retransmits) -- Select a different upstream! upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() lua_util.debugm(rule.name, task, '%s: retry IP: %s:%s', - rule.log_prefix, addr, addr:get_port()) + rule.log_prefix, addr, addr:get_port()) tcp.request({ task = task, @@ -116,8 +115,8 @@ local function razor_check(task, content, digest, rule) callback = razor_callback, }) else - rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits '.. - 'exceed', rule.log_prefix) + rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits ' .. + 'exceed', rule.log_prefix) common.yield_result(task, rule, 'failed to scan and retransmits exceed', 0.0, 'fail') end end @@ -148,7 +147,7 @@ local function razor_check(task, content, digest, rule) end common.save_cache(task, digest, rule, 'OK', rule.default_score) else - rspamd_logger.errx(task,"%s - unknown response from razorfy: %s", addr:to_string(), threat_string) + rspamd_logger.errx(task, "%s - unknown response from razorfy: %s", addr:to_string(), threat_string) end end @@ -174,7 +173,7 @@ local function razor_check(task, content, digest, rule) end return { - type = {'razor','spam', 'hash', 'scanner'}, + type = { 'razor', 'spam', 'hash', 'scanner' }, description = 'razor bulk scanner', configure = razor_config, check = razor_check, diff --git a/lualib/lua_scanners/savapi.lua b/lualib/lua_scanners/savapi.lua index 430009df3..08f7b6682 100644 --- a/lualib/lua_scanners/savapi.lua +++ b/lualib/lua_scanners/savapi.lua @@ -116,13 +116,13 @@ local function savapi_check(task, content, digest, rule) local function savapi_fin_cb(err, conn) local vnames_reordered = {} -- Swap table - for virus,_ in pairs(vnames) do + for virus, _ in pairs(vnames) do table.insert(vnames_reordered, virus) end lua_util.debugm(rule.name, task, "%s: number of virus names found %s", rule['type'], #vnames_reordered) if #vnames_reordered > 0 then local vname = {} - for _,virus in ipairs(vnames_reordered) do + for _, virus in ipairs(vnames_reordered) do table.insert(vname, virus) end @@ -181,8 +181,8 @@ local function savapi_check(task, content, digest, rule) if string.find(result, '100 PRODUCT') then lua_util.debugm(rule.name, task, "%s: scanning file: %s", rule['type'], fname) - conn:add_write(savapi_scan1_cb, {string.format('SCAN %s\n', - fname)}) + conn:add_write(savapi_scan1_cb, { string.format('SCAN %s\n', + fname) }) else rspamd_logger.errx(task, '%s: invalid product id %s', rule['type'], rule['product_id']) @@ -217,7 +217,7 @@ local function savapi_check(task, content, digest, rule) upstream = upstream, timeout = rule['timeout'], callback = savapi_callback_init, - stop_pattern = {'\n'}, + stop_pattern = { '\n' }, }) else rspamd_logger.errx(task, '%s [%s]: failed to scan, maximum retransmits exceed', rule['symbol'], rule['type']) @@ -228,7 +228,7 @@ local function savapi_check(task, content, digest, rule) -- 100 SAVAPI:4.0 greeting if string.find(result, '100') then - conn:add_write(savapi_greet1_cb, {string.format('SET PRODUCT %s\n', rule['product_id'])}) + conn:add_write(savapi_greet1_cb, { string.format('SET PRODUCT %s\n', rule['product_id']) }) end end end @@ -240,7 +240,7 @@ local function savapi_check(task, content, digest, rule) upstream = upstream, timeout = rule['timeout'], callback = savapi_callback_init, - stop_pattern = {'\n'}, + stop_pattern = { '\n' }, }) end diff --git a/lualib/lua_scanners/spamassassin.lua b/lualib/lua_scanners/spamassassin.lua index c4fd0d2e5..f425924d5 100644 --- a/lualib/lua_scanners/spamassassin.lua +++ b/lualib/lua_scanners/spamassassin.lua @@ -71,8 +71,8 @@ local function spamassassin_config(opts) end spamassassin_conf.upstreams = upstream_list.create(rspamd_config, - spamassassin_conf.servers, - spamassassin_conf.default_port) + spamassassin_conf.servers, + spamassassin_conf.default_port) if spamassassin_conf.upstreams then lua_util.add_debug_alias('external_services', spamassassin_conf.N) @@ -80,7 +80,7 @@ local function spamassassin_config(opts) end rspamd_logger.errx(rspamd_config, 'cannot parse servers %s', - spamassassin_conf.servers) + spamassassin_conf.servers) return nil end @@ -95,7 +95,7 @@ local function spamassassin_check(task, content, digest, rule) local request_data = { "HEADERS SPAMC/1.5\r\n", "User: root\r\n", - "Content-length: ".. #content .. "\r\n", + "Content-length: " .. #content .. "\r\n", "\r\n", content, } @@ -110,14 +110,14 @@ local function spamassassin_check(task, content, digest, rule) retransmits = retransmits - 1 lua_util.debugm(rule.N, task, '%s: Request Error: %s - retries left: %s', - rule.log_prefix, error, retransmits) + rule.log_prefix, error, retransmits) -- Select a different upstream! upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() lua_util.debugm(rule.N, task, '%s: retry IP: %s:%s', - rule.log_prefix, addr, addr:get_port()) + rule.log_prefix, addr, addr:get_port()) tcp.request({ task = task, @@ -129,8 +129,8 @@ local function spamassassin_check(task, content, digest, rule) callback = spamassassin_callback, }) else - rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits '.. - 'exceed - err: %s', rule.log_prefix, error) + rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits ' .. + 'exceed - err: %s', rule.log_prefix, error) common.yield_result(task, rule, 'failed to scan and retransmits exceed: ' .. error, 0.0, 'fail') end end @@ -164,7 +164,7 @@ local function spamassassin_check(task, content, digest, rule) end lua_util.debugm(rule.N, task, '%s: spam_score: %s, symbols: %s, int spam_score: |%s|, type spam_score: |%s|', - rule.log_prefix, spam_score, symbols, tonumber(spam_score), type(spam_score)) + rule.log_prefix, spam_score, symbols, tonumber(spam_score), type(spam_score)) if tonumber(spam_score) > 0 and #symbols > 0 and symbols ~= "none" then @@ -205,7 +205,7 @@ local function spamassassin_check(task, content, digest, rule) end return { - type = {N,'spam', 'scanner'}, + type = { N, 'spam', 'scanner' }, description = 'spamassassin spam scanner', configure = spamassassin_config, check = spamassassin_check, diff --git a/lualib/lua_scanners/vadesecure.lua b/lualib/lua_scanners/vadesecure.lua index b912eb46f..826573a89 100644 --- a/lualib/lua_scanners/vadesecure.lua +++ b/lualib/lua_scanners/vadesecure.lua @@ -85,17 +85,17 @@ local function vade_config(opts) score = 8.0, description = 'VadeSecure decided message to be phishing' }, - commercial = { + commercial = { symbol = 'VADE_COMMERCIAL', score = 0.0, description = 'VadeSecure decided message to be commercial message' }, - community = { + community = { symbol = 'VADE_COMMUNITY', score = 0.0, description = 'VadeSecure decided message to be community message' }, - transactional = { + transactional = { symbol = 'VADE_TRANSACTIONAL', score = 0.0, description = 'VadeSecure decided message to be transactional message' @@ -250,9 +250,9 @@ local function vade_check(task, content, digest, rule, maybe_part) http.request(request_data) else - rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits '.. + rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits ' .. 'exceed', rule.log_prefix) - task:insert_result(rule['symbol_fail'], 0.0, 'failed to scan and '.. + task:insert_result(rule['symbol_fail'], 0.0, 'failed to scan and ' .. 'retransmits exceed') end end @@ -261,7 +261,9 @@ local function vade_check(task, content, digest, rule, maybe_part) vade_requery() else -- Parse the response - if upstream then upstream:ok() end + if upstream then + upstream:ok() + end if code ~= 200 then rspamd_logger.errx(task, 'invalid HTTP code: %s, body: %s, headers: %s', code, body, headers) task:insert_result(rule.symbol_fail, 1.0, 'Bad HTTP code: ' .. code) @@ -341,7 +343,7 @@ local function vade_check(task, content, digest, rule, maybe_part) end return { - type = {'vadesecure', 'scanner'}, + type = { 'vadesecure', 'scanner' }, description = 'VadeSecure Filterd interface', configure = vade_config, check = vade_check, diff --git a/lualib/lua_scanners/virustotal.lua b/lualib/lua_scanners/virustotal.lua index e53795b84..d937c4128 100644 --- a/lualib/lua_scanners/virustotal.lua +++ b/lualib/lua_scanners/virustotal.lua @@ -123,7 +123,7 @@ local function virustotal_check(task, content, digest, rule, maybe_part) else local ucl = require "ucl" local parser = ucl.parser() - local res,json_err = parser:parse_string(body) + local res, json_err = parser:parse_string(body) lua_util.debugm(rule.name, task, '%s: got reply data: "%s"', rule.log_prefix, body) |