From 44de7f58793a846a36b9eaf4c459c035e7d9cfb2 Mon Sep 17 00:00:00 2001 From: Carsten Rosenberg Date: Wed, 16 Jan 2019 20:44:01 +0100 Subject: [FIX] lua_scanners - using N is much smarter ;) --- lualib/lua_scanners/clamav.lua | 14 +++++++------- lualib/lua_scanners/dcc.lua | 20 ++++++++++---------- lualib/lua_scanners/fprot.lua | 10 +++++----- lualib/lua_scanners/icap.lua | 22 +++++++++++----------- lualib/lua_scanners/kaspersky_av.lua | 12 ++++++------ lualib/lua_scanners/oletools.lua | 26 +++++++++++++------------- lualib/lua_scanners/savapi.lua | 16 ++++++++-------- lualib/lua_scanners/sophos.lua | 14 +++++++------- 8 files changed, 67 insertions(+), 67 deletions(-) (limited to 'lualib') diff --git a/lualib/lua_scanners/clamav.lua b/lualib/lua_scanners/clamav.lua index 2e7ecb25c..4ca3e8a8b 100644 --- a/lualib/lua_scanners/clamav.lua +++ b/lualib/lua_scanners/clamav.lua @@ -26,13 +26,13 @@ local rspamd_util = require "rspamd_util" local rspamd_logger = require "rspamd_logger" local common = require "lua_scanners/common" -local module_name = "clamav" +local N = "clamav" local default_message = '${SCANNER}: virus found: "${VIRUS}"' local function clamav_config(opts) local clamav_conf = { - module_name = module_name, + N = N, scan_mime_parts = true, scan_text_mime = false, scan_image_mime = false, @@ -70,7 +70,7 @@ local function clamav_config(opts) clamav_conf.default_port) if clamav_conf['upstreams'] then - lua_util.add_debug_alias('antivirus', clamav_conf.module_name) + lua_util.add_debug_alias('antivirus', clamav_conf.N) return clamav_conf end @@ -103,7 +103,7 @@ local function clamav_check(task, content, digest, rule) upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() - lua_util.debugm(rule.module_name, task, '%s: retry IP: %s', rule.log_prefix, addr) + lua_util.debugm(rule.N, task, '%s: retry IP: %s', rule.log_prefix, addr) tcp.request({ task = task, @@ -123,13 +123,13 @@ local function clamav_check(task, content, digest, rule) upstream:ok() data = tostring(data) local cached - lua_util.debugm(rule.module_name, task, '%s: got reply: %s', rule.log_prefix, data) + lua_util.debugm(rule.N, task, '%s: got reply: %s', rule.log_prefix, data) if data == 'stream: OK' then cached = 'OK' if rule['log_clean'] then rspamd_logger.infox(task, '%s: message or mime_part is clean', rule.log_prefix) else - lua_util.debugm(rule.module_name, task, '%s: message or mime_part is clean', rule.log_prefix) + lua_util.debugm(rule.N, task, '%s: message or mime_part is clean', rule.log_prefix) end else local vname = string.match(data, 'stream: (.+) FOUND') @@ -172,5 +172,5 @@ return { description = 'clamav antivirus', configure = clamav_config, check = clamav_check, - name = module_name + name = N } diff --git a/lualib/lua_scanners/dcc.lua b/lualib/lua_scanners/dcc.lua index 5b3bbaf50..e5c0a1964 100644 --- a/lualib/lua_scanners/dcc.lua +++ b/lualib/lua_scanners/dcc.lua @@ -27,7 +27,7 @@ local rspamd_logger = require "rspamd_logger" local common = require "lua_scanners/common" local fun = require "fun" -local module_name = 'dcc' +local N = 'dcc' local function dcc_check(task, content, digest, rule) local function dcc_check_uncached () @@ -90,14 +90,14 @@ local function dcc_check(task, content, digest, rule) retransmits = retransmits - 1 - lua_util.debugm(rule.module_name, task, '%s: Request Error: %s - retries left: %s', + lua_util.debugm(rule.N, task, '%s: Request Error: %s - retries left: %s', rule.log_prefix, err, retransmits) -- Select a different upstream! upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() - lua_util.debugm(rule.module_name, task, '%s: retry IP: %s:%s', + lua_util.debugm(rule.N, task, '%s: retry IP: %s:%s', rule.log_prefix, addr, addr:get_port()) tcp.request({ @@ -128,7 +128,7 @@ local function dcc_check(task, content, digest, rule) -- Parse the response if upstream then upstream:ok() end local _,_,result,disposition,header = tostring(data):find("(.-)\n(.-)\n(.-)\n") - lua_util.debugm(rule.module_name, task, 'DCC result=%1 disposition=%2 header="%3"', + lua_util.debugm(rule.N, task, 'DCC result=%1 disposition=%2 header="%3"', result, disposition, header) if header then @@ -198,7 +198,7 @@ local function dcc_check(task, content, digest, rule) rspamd_logger.infox(task, '%s: clean, returned result A - info: %s', rule.log_prefix, info) else - lua_util.debugm(rule.module_name, task, '%s: returned result A - info: %s', + lua_util.debugm(rule.N, task, '%s: returned result A - info: %s', rule.log_prefix, info) end end @@ -208,7 +208,7 @@ local function dcc_check(task, content, digest, rule) if rule.log_clean then rspamd_logger.infox(task, '%s: clean, returned result G - info: %s', rule.log_prefix, info) else - lua_util.debugm(rule.module_name, task, '%s: returned result G - info: %s', rule.log_prefix, info) + lua_util.debugm(rule.N, task, '%s: returned result G - info: %s', rule.log_prefix, info) end elseif result == 'S' then -- do nothing @@ -216,7 +216,7 @@ local function dcc_check(task, content, digest, rule) if rule.log_clean then rspamd_logger.infox(task, '%s: clean, returned result S - info: %s', rule.log_prefix, info) else - lua_util.debugm(rule.module_name, task, '%s: returned result S - info: %s', rule.log_prefix, info) + lua_util.debugm(rule.N, task, '%s: returned result S - info: %s', rule.log_prefix, info) end else -- Unknown result @@ -254,7 +254,7 @@ end local function dcc_config(opts) local dcc_conf = { - module_name = module_name, + N = N, default_port = 10045, timeout = 5.0, log_clean = false, @@ -302,7 +302,7 @@ local function dcc_config(opts) dcc_conf.default_port) if dcc_conf.upstreams then - lua_util.add_debug_alias('external_services', dcc_conf.module_name) + lua_util.add_debug_alias('external_services', dcc_conf.N) return dcc_conf end @@ -316,5 +316,5 @@ return { description = 'dcc bulk scanner', configure = dcc_config, check = dcc_check, - name = module_name + name = N } diff --git a/lualib/lua_scanners/fprot.lua b/lualib/lua_scanners/fprot.lua index b56187c8c..2004d8aa0 100644 --- a/lualib/lua_scanners/fprot.lua +++ b/lualib/lua_scanners/fprot.lua @@ -25,13 +25,13 @@ local upstream_list = require "rspamd_upstream_list" local rspamd_logger = require "rspamd_logger" local common = require "lua_scanners/common" -local module_name = "fprot" +local N = "fprot" local default_message = '${SCANNER}: virus found: "${VIRUS}"' local function fprot_config(opts) local fprot_conf = { - module_name = module_name, + N = N, scan_mime_parts = true, scan_text_mime = false, scan_image_mime = false, @@ -69,7 +69,7 @@ local function fprot_config(opts) fprot_conf.default_port) if fprot_conf['upstreams'] then - lua_util.add_debug_alias('antivirus', fprot_conf.module_name) + lua_util.add_debug_alias('antivirus', fprot_conf.N) return fprot_conf end @@ -103,7 +103,7 @@ local function fprot_check(task, content, digest, rule) upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() - lua_util.debugm(rule.module_name, task, '%s [%s]: retry IP: %s', rule['symbol'], rule['type'], addr) + lua_util.debugm(rule.N, task, '%s [%s]: retry IP: %s', rule['symbol'], rule['type'], addr) tcp.request({ task = task, @@ -175,5 +175,5 @@ return { description = 'fprot antivirus', configure = fprot_config, check = fprot_check, - name = module_name + name = N } diff --git a/lualib/lua_scanners/icap.lua b/lualib/lua_scanners/icap.lua index 81c6190f6..8810681f9 100644 --- a/lualib/lua_scanners/icap.lua +++ b/lualib/lua_scanners/icap.lua @@ -27,7 +27,7 @@ local upstream_list = require "rspamd_upstream_list" local rspamd_logger = require "rspamd_logger" local common = require "lua_scanners/common" -local module_name = 'icap' +local N = 'icap' local function icap_check(task, content, digest, rule) local function icap_check_uncached () @@ -44,7 +44,7 @@ local function icap_check(task, content, digest, rule) "Encapsulated: null-body=0\r\n\r\n", } local size = string.format("%x", tonumber(#content)) - lua_util.debugm(rule.module_name, task, '%s: size: %s', rule.log_prefix, size) + lua_util.debugm(rule.N, task, '%s: size: %s', rule.log_prefix, size) local function get_respond_query() table.insert(respond_headers, 1, 'RESPMOD icap://' .. addr:to_string() .. ':' .. addr:get_port() .. '/' @@ -72,7 +72,7 @@ local function icap_check(task, content, digest, rule) icap_headers[key] = value end end - lua_util.debugm(rule.module_name, task, '%s: icap_headers: %s', rule.log_prefix, icap_headers) + lua_util.debugm(rule.N, task, '%s: icap_headers: %s', rule.log_prefix, icap_headers) return icap_headers end @@ -99,10 +99,10 @@ local function icap_check(task, content, digest, rule) if icap_headers['X-Infection-Found'] ~= nil then pattern_symbols = "(Type%=%d; .* Threat%=)(.*)([;]+)" match = string.gsub(icap_headers['X-Infection-Found'], pattern_symbols, "%2") - lua_util.debugm(rule.module_name, task, '%s: icap X-Infection-Found: %s', rule.log_prefix, match) + lua_util.debugm(rule.N, task, '%s: icap X-Infection-Found: %s', rule.log_prefix, match) table.insert(threat_string, match) elseif icap_headers['X-Virus-ID'] ~= nil then - lua_util.debugm(rule.module_name, task, '%s: icap X-Virus-ID: %s', rule.log_prefix, icap_headers['X-Virus-ID']) + lua_util.debugm(rule.N, task, '%s: icap X-Virus-ID: %s', rule.log_prefix, icap_headers['X-Virus-ID']) table.insert(threat_string, icap_headers['X-Virus-ID']) end @@ -177,14 +177,14 @@ local function icap_check(task, content, digest, rule) retransmits = retransmits - 1 - lua_util.debugm(rule.module_name, task, '%s: Request Error: %s - retries left: %s', + lua_util.debugm(rule.N, task, '%s: Request Error: %s - retries left: %s', rule.log_prefix, error, retransmits) -- Select a different upstream! upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() - lua_util.debugm(rule.module_name, task, '%s: retry IP: %s:%s', + lua_util.debugm(rule.N, task, '%s: retry IP: %s:%s', rule.log_prefix, addr, addr:get_port()) tcp.request({ @@ -237,7 +237,7 @@ end local function icap_config(opts) local icap_conf = { - module_name = module_name, + N = N, scan_mime_parts = true, scan_all_mime_parts = true, scan_text_mime = false, @@ -283,7 +283,7 @@ local function icap_config(opts) icap_conf.default_port) if icap_conf.upstreams then - lua_util.add_debug_alias('external_services', icap_conf.module_name) + lua_util.add_debug_alias('external_services', icap_conf.N) return icap_conf end @@ -293,9 +293,9 @@ local function icap_config(opts) end return { - type = {module_name,'virus', 'virus', 'scanner'}, + type = {N,'virus', 'virus', 'scanner'}, description = 'generic icap antivirus', configure = icap_config, check = icap_check, - name = module_name + name = N } diff --git a/lualib/lua_scanners/kaspersky_av.lua b/lualib/lua_scanners/kaspersky_av.lua index 243459345..f06e59cd7 100644 --- a/lualib/lua_scanners/kaspersky_av.lua +++ b/lualib/lua_scanners/kaspersky_av.lua @@ -26,13 +26,13 @@ local rspamd_util = require "rspamd_util" local rspamd_logger = require "rspamd_logger" local common = require "lua_scanners/common" -local module_name = "kaspersky" +local N = "kaspersky" local default_message = '${SCANNER}: virus found: "${VIRUS}"' local function kaspersky_config(opts) local kaspersky_conf = { - module_name = module_name, + N = N, scan_mime_parts = true, scan_text_mime = false, scan_image_mime = false, @@ -70,7 +70,7 @@ local function kaspersky_config(opts) kaspersky_conf['servers'], 0) if kaspersky_conf['upstreams'] then - lua_util.add_debug_alias('antivirus', kaspersky_conf.module_name) + lua_util.add_debug_alias('antivirus', kaspersky_conf.N) return kaspersky_conf end @@ -122,7 +122,7 @@ local function kaspersky_check(task, content, digest, rule) upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() - lua_util.debugm(rule.module_name, task, + lua_util.debugm(rule.N, task, '%s [%s]: retry IP: %s', rule['symbol'], rule['type'], addr) tcp.request({ @@ -146,7 +146,7 @@ local function kaspersky_check(task, content, digest, rule) upstream:ok() data = tostring(data) local cached - lua_util.debugm(rule.module_name, task, '%s [%s]: got reply: %s', + lua_util.debugm(rule.N, task, '%s [%s]: got reply: %s', rule['symbol'], rule['type'], data) if data == 'stream: OK' or data == fname .. ': OK' then cached = 'OK' @@ -192,5 +192,5 @@ return { description = 'kaspersky antivirus', configure = kaspersky_config, check = kaspersky_check, - name = module_name + name = N } diff --git a/lualib/lua_scanners/oletools.lua b/lualib/lua_scanners/oletools.lua index 139d1259e..4ee5f040b 100644 --- a/lualib/lua_scanners/oletools.lua +++ b/lualib/lua_scanners/oletools.lua @@ -28,7 +28,7 @@ local rspamd_logger = require "rspamd_logger" local ucl = require "ucl" local common = require "lua_scanners/common" -local module_name = 'oletools' +local N = 'oletools' local function oletools_check(task, content, digest, rule) local function oletools_check_uncached () @@ -48,14 +48,14 @@ local function oletools_check(task, content, digest, rule) retransmits = retransmits - 1 - lua_util.debugm(rule.module_name, task, '%s: Request Error: %s - retries left: %s', + lua_util.debugm(rule.N, task, '%s: Request Error: %s - retries left: %s', rule.log_prefix, error, retransmits) -- Select a different upstream! upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() - lua_util.debugm(rule.module_name, task, '%s: retry IP: %s:%s', + lua_util.debugm(rule.N, task, '%s: retry IP: %s:%s', rule.log_prefix, addr, addr:get_port()) tcp.request({ @@ -146,18 +146,18 @@ local function oletools_check(task, content, digest, rule) local m_dridex = '-' local m_vba = '-' - lua_util.debugm(rule.module_name, task, '%s: filename: %s', rule.log_prefix, result[2]['file']) - lua_util.debugm(rule.module_name, task, '%s: type: %s', rule.log_prefix, result[2]['type']) + lua_util.debugm(rule.N, task, '%s: filename: %s', rule.log_prefix, result[2]['file']) + lua_util.debugm(rule.N, task, '%s: type: %s', rule.log_prefix, result[2]['type']) for _,m in ipairs(result[2]['macros']) do - lua_util.debugm(rule.module_name, task, '%s: macros found - code: %s, ole_stream: %s, '.. + lua_util.debugm(rule.N, task, '%s: macros found - code: %s, ole_stream: %s, '.. 'vba_filename: %s', rule.log_prefix, m.code, m.ole_stream, m.vba_filename) end local analysis_keyword_table = {} for _,a in ipairs(result[2]['analysis']) do - lua_util.debugm(rule.module_name, task, '%s: threat found - type: %s, keyword: %s, '.. + lua_util.debugm(rule.N, task, '%s: threat found - type: %s, keyword: %s, '.. 'description: %s', rule.log_prefix, a.type, a.keyword, a.description) if a.type == 'AutoExec' then m_autoexec = 'A' @@ -186,7 +186,7 @@ local function oletools_check(task, content, digest, rule) if rule.extended == false and m_autoexec == 'A' and m_suspicious == 'S' then -- use single string as virus name local threat = 'AutoExec + Suspicious (' .. table.concat(analysis_keyword_table, ',') .. ')' - lua_util.debugm(rule.module_name, task, '%s: threat result: %s', rule.log_prefix, threat) + lua_util.debugm(rule.N, task, '%s: threat result: %s', rule.log_prefix, threat) common.yield_result(task, rule, threat, rule.default_score) common.save_av_cache(task, digest, rule, threat, rule.default_score) @@ -203,7 +203,7 @@ local function oletools_check(task, content, digest, rule) m_vba table.insert(analysis_keyword_table, 1, flags) - lua_util.debugm(rule.module_name, task, '%s: extended threat result: %s', + lua_util.debugm(rule.N, task, '%s: extended threat result: %s', rule.log_prefix, table.concat(analysis_keyword_table, ',')) common.yield_result(task, rule, analysis_keyword_table, rule.default_score) @@ -243,7 +243,7 @@ end local function oletools_config(opts) local oletools_conf = { - module_name = module_name, + N = N, scan_mime_parts = false, scan_text_mime = false, scan_image_mime = false, @@ -284,7 +284,7 @@ local function oletools_config(opts) oletools_conf.default_port) if oletools_conf.upstreams then - lua_util.add_debug_alias('external_services', oletools_conf.module_name) + lua_util.add_debug_alias('external_services', oletools_conf.N) return oletools_conf end @@ -294,9 +294,9 @@ local function oletools_config(opts) end return { - type = {module_name,'attachment scanner', 'hash', 'scanner'}, + type = {N,'attachment scanner', 'hash', 'scanner'}, description = 'oletools office macro scanner', configure = oletools_config, check = oletools_check, - name = module_name + name = N } diff --git a/lualib/lua_scanners/savapi.lua b/lualib/lua_scanners/savapi.lua index 29161a0e7..1393cd027 100644 --- a/lualib/lua_scanners/savapi.lua +++ b/lualib/lua_scanners/savapi.lua @@ -26,13 +26,13 @@ local rspamd_util = require "rspamd_util" local rspamd_logger = require "rspamd_logger" local common = require "lua_scanners/common" -local module_name = "savapi" +local N = "savapi" local default_message = '${SCANNER}: virus found: "${VIRUS}"' local function savapi_config(opts) local savapi_conf = { - module_name = module_name, + N = N, scan_mime_parts = true, scan_text_mime = false, scan_image_mime = false, @@ -72,7 +72,7 @@ local function savapi_config(opts) savapi_conf.default_port) if savapi_conf['upstreams'] then - lua_util.add_debug_alias('antivirus', savapi_conf.module_name) + lua_util.add_debug_alias('antivirus', savapi_conf.N) return savapi_conf end @@ -119,7 +119,7 @@ local function savapi_check(task, content, digest, rule) for virus,_ in pairs(vnames) do table.insert(vnames_reordered, virus) end - lua_util.debugm(rule.module_name, task, "%s: number of virus names found %s", rule['type'], #vnames_reordered) + lua_util.debugm(rule.N, task, "%s: number of virus names found %s", rule['type'], #vnames_reordered) if #vnames_reordered > 0 then local vname = {} for _,virus in ipairs(vnames_reordered) do @@ -136,7 +136,7 @@ local function savapi_check(task, content, digest, rule) local function savapi_scan2_cb(err, data, conn) local result = tostring(data) - lua_util.debugm(rule.module_name, task, "%s: got reply: %s", + lua_util.debugm(rule.N, task, "%s: got reply: %s", rule['type'], result) -- Terminal response - clean @@ -178,7 +178,7 @@ local function savapi_check(task, content, digest, rule) local function savapi_greet2_cb(err, data, conn) local result = tostring(data) if string.find(result, '100 PRODUCT') then - lua_util.debugm(rule.module_name, task, "%s: scanning file: %s", + lua_util.debugm(rule.N, task, "%s: scanning file: %s", rule['type'], fname) conn:add_write(savapi_scan1_cb, {string.format('SCAN %s\n', fname)}) @@ -208,7 +208,7 @@ local function savapi_check(task, content, digest, rule) upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() - lua_util.debugm(rule.module_name, task, '%s [%s]: retry IP: %s', rule['symbol'], rule['type'], addr) + lua_util.debugm(rule.N, task, '%s [%s]: retry IP: %s', rule['symbol'], rule['type'], addr) tcp.request({ task = task, @@ -257,5 +257,5 @@ return { description = 'savapi avira antivirus', configure = savapi_config, check = savapi_check, - name = module_name + name = N } diff --git a/lualib/lua_scanners/sophos.lua b/lualib/lua_scanners/sophos.lua index d0297fa97..3919d9449 100644 --- a/lualib/lua_scanners/sophos.lua +++ b/lualib/lua_scanners/sophos.lua @@ -25,13 +25,13 @@ local upstream_list = require "rspamd_upstream_list" local rspamd_logger = require "rspamd_logger" local common = require "lua_scanners/common" -local module_name = "sophos" +local N = "sophos" local default_message = '${SCANNER}: virus found: "${VIRUS}"' local function sophos_config(opts) local sophos_conf = { - module_name = module_name, + N = N, scan_mime_parts = true, scan_text_mime = false, scan_image_mime = false, @@ -71,7 +71,7 @@ local function sophos_config(opts) sophos_conf.default_port) if sophos_conf['upstreams'] then - lua_util.add_debug_alias('antivirus', sophos_conf.module_name) + lua_util.add_debug_alias('antivirus', sophos_conf.N) return sophos_conf end @@ -104,7 +104,7 @@ local function sophos_check(task, content, digest, rule) upstream = rule.upstreams:get_upstream_round_robin() addr = upstream:get_addr() - lua_util.debugm(rule.module_name, task, '%s [%s]: retry IP: %s', rule['symbol'], rule['type'], addr) + lua_util.debugm(rule.N, task, '%s [%s]: retry IP: %s', rule['symbol'], rule['type'], addr) tcp.request({ task = task, @@ -121,7 +121,7 @@ local function sophos_check(task, content, digest, rule) else upstream:ok() data = tostring(data) - lua_util.debugm(rule.module_name, task, '%s [%s]: got reply: %s', rule['symbol'], rule['type'], data) + lua_util.debugm(rule.N, task, '%s [%s]: got reply: %s', rule['symbol'], rule['type'], data) local vname = string.match(data, 'VIRUS (%S+) ') if vname then common.yield_result(task, rule, vname) @@ -131,7 +131,7 @@ local function sophos_check(task, content, digest, rule) if rule['log_clean'] then rspamd_logger.infox(task, '%s: message or mime_part is clean', rule.log_prefix) else - lua_util.debugm(rule.module_name, task, '%s: message or mime_part is clean', rule.log_prefix) + lua_util.debugm(rule.N, task, '%s: message or mime_part is clean', rule.log_prefix) end common.save_av_cache(task, digest, rule, 'OK') -- not finished - continue @@ -191,5 +191,5 @@ return { description = 'sophos antivirus', configure = sophos_config, check = sophos_check, - name = module_name + name = N } -- cgit v1.2.3