/* * Copyright 2024 Vsevolod Stakhov * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include "config.h" #include "rspamd.h" #include "message.h" #include "utlist.h" #include "libserver/http/http_private.h" #include "worker_private.h" #include "libserver/cfg_file_private.h" #include "libmime/scan_result_private.h" #include "lua/lua_common.h" #include "unix-std.h" #include "protocol_internal.h" #include "libserver/mempool_vars_internal.h" #include "libserver/worker_util.h" #include "contrib/fastutf8/fastutf8.h" #include "task.h" #include "lua/lua_classnames.h" #include #ifdef SYS_ZSTD #include "zstd.h" #else #include "contrib/zstd/zstd.h" #endif INIT_LOG_MODULE(protocol) #define msg_err_protocol(...) rspamd_default_log_function(G_LOG_LEVEL_CRITICAL, \ "protocol", task->task_pool->tag.uid, \ G_STRFUNC, \ __VA_ARGS__) #define msg_warn_protocol(...) rspamd_default_log_function(G_LOG_LEVEL_WARNING, \ "protocol", task->task_pool->tag.uid, \ G_STRFUNC, \ __VA_ARGS__) #define msg_info_protocol(...) rspamd_default_log_function(G_LOG_LEVEL_INFO, \ "protocol", task->task_pool->tag.uid, \ G_STRFUNC, \ __VA_ARGS__) #define msg_debug_protocol(...) rspamd_conditional_debug_fast(NULL, NULL, \ rspamd_protocol_log_id, "protocol", task->task_pool->tag.uid, \ G_STRFUNC, \ __VA_ARGS__) static GQuark rspamd_protocol_quark(void) { return g_quark_from_static_string("protocol-error"); } /* * Remove <> from the fixed string and copy it to the pool */ static char * rspamd_protocol_escape_braces(struct rspamd_task *task, rspamd_ftok_t *in) { unsigned int nchars = 0; const char *p; rspamd_ftok_t tok; gboolean has_obrace = FALSE; g_assert(in != NULL); g_assert(in->len > 0); p = in->begin; while ((g_ascii_isspace(*p) || *p == '<') && nchars < in->len) { if (*p == '<') { has_obrace = TRUE; } p++; nchars++; } tok.begin = p; p = in->begin + in->len - 1; tok.len = in->len - nchars; while (g_ascii_isspace(*p) && tok.len > 0) { p--; tok.len--; } if (has_obrace && *p == '>') { tok.len--; } return rspamd_mempool_ftokdup(task->task_pool, &tok); } #define COMPARE_CMD(str, cmd, len) (sizeof(cmd) - 1 == (len) && rspamd_lc_cmp((str), (cmd), (len)) == 0) static gboolean rspamd_protocol_handle_url(struct rspamd_task *task, struct rspamd_http_message *msg) { GHashTable *query_args; GHashTableIter it; struct http_parser_url u; const char *p; gsize pathlen; rspamd_ftok_t *key, *value; gpointer k, v; if (msg->url == NULL || msg->url->len == 0) { g_set_error(&task->err, rspamd_protocol_quark(), 400, "missing command"); return FALSE; } if (http_parser_parse_url(msg->url->str, msg->url->len, 0, &u) != 0) { g_set_error(&task->err, rspamd_protocol_quark(), 400, "bad request URL"); return FALSE; } if (!(u.field_set & (1 << UF_PATH))) { g_set_error(&task->err, rspamd_protocol_quark(), 400, "bad request URL: missing path"); return FALSE; } p = msg->url->str + u.field_data[UF_PATH].off; pathlen = u.field_data[UF_PATH].len; if (*p == '/') { p++; pathlen--; } switch (*p) { case 'c': case 'C': /* check */ if (COMPARE_CMD(p, MSG_CMD_CHECK_V2, pathlen)) { task->cmd = CMD_CHECK_V2; msg_debug_protocol("got checkv2 command"); } else if (COMPARE_CMD(p, MSG_CMD_CHECK, pathlen)) { task->cmd = CMD_CHECK; msg_debug_protocol("got check command"); } else { goto err; } break; case 's': case 'S': /* symbols, skip */ if (COMPARE_CMD(p, MSG_CMD_SYMBOLS, pathlen)) { task->cmd = CMD_CHECK; msg_debug_protocol("got symbols -> old check command"); } else if (COMPARE_CMD(p, MSG_CMD_SCAN, pathlen)) { task->cmd = CMD_CHECK; msg_debug_protocol("got scan -> old check command"); } else if (COMPARE_CMD(p, MSG_CMD_SKIP, pathlen)) { msg_debug_protocol("got skip command"); task->cmd = CMD_SKIP; } else { goto err; } break; case 'p': case 'P': /* ping, process */ if (COMPARE_CMD(p, MSG_CMD_PING, pathlen)) { msg_debug_protocol("got ping command"); task->cmd = CMD_PING; task->flags |= RSPAMD_TASK_FLAG_SKIP; task->processed_stages |= RSPAMD_TASK_STAGE_DONE; /* Skip all */ } else if (COMPARE_CMD(p, MSG_CMD_PROCESS, pathlen)) { msg_debug_protocol("got process -> old check command"); task->cmd = CMD_CHECK; } else { goto err; } break; case 'r': case 'R': /* report, report_ifspam */ if (COMPARE_CMD(p, MSG_CMD_REPORT, pathlen)) { msg_debug_protocol("got report -> old check command"); task->cmd = CMD_CHECK; } else if (COMPARE_CMD(p, MSG_CMD_REPORT_IFSPAM, pathlen)) { msg_debug_protocol("got reportifspam -> old check command"); task->cmd = CMD_CHECK; } else { goto err; } break; case 'M': case 'm': /* metrics, process */ if (COMPARE_CMD(p, MSG_CMD_METRICS, pathlen)) { msg_debug_protocol("got metrics command"); task->cmd = CMD_METRICS; task->flags |= RSPAMD_TASK_FLAG_SKIP; task->processed_stages |= RSPAMD_TASK_STAGE_DONE; /* Skip all */ } else { goto err; } break; default: goto err; } if (u.field_set & (1u << UF_QUERY)) { /* In case if we have a query, we need to store it somewhere */ query_args = rspamd_http_message_parse_query(msg); /* Insert the rest of query params as HTTP headers */ g_hash_table_iter_init(&it, query_args); while (g_hash_table_iter_next(&it, &k, &v)) { char *key_cpy; key = k; value = v; key_cpy = rspamd_mempool_ftokdup(task->task_pool, key); rspamd_http_message_add_header_len(msg, key_cpy, value->begin, value->len); msg_debug_protocol("added header \"%T\" -> \"%T\" from HTTP query", key, value); } g_hash_table_unref(query_args); } return TRUE; err: g_set_error(&task->err, rspamd_protocol_quark(), 400, "invalid command"); return FALSE; } static void rspamd_protocol_process_recipients(struct rspamd_task *task, const rspamd_ftok_t *hdr) { enum { skip_spaces, quoted_string, normal_string, } state = skip_spaces; const char *p, *end, *start_addr; struct rspamd_email_address *addr; p = hdr->begin; end = hdr->begin + hdr->len; start_addr = NULL; while (p < end) { switch (state) { case skip_spaces: if (g_ascii_isspace(*p)) { p++; } else if (*p == '"') { start_addr = p; p++; state = quoted_string; } else { state = normal_string; start_addr = p; } break; case quoted_string: if (*p == '"') { state = normal_string; p++; } else if (*p == '\\') { /* Quoted pair */ p += 2; } else { p++; } break; case normal_string: if (*p == '"') { state = quoted_string; p++; } else if (*p == ',' && start_addr != NULL && p > start_addr) { /* We have finished address, check what we have */ addr = rspamd_email_address_from_smtp(start_addr, p - start_addr); if (addr) { if (task->rcpt_envelope == NULL) { task->rcpt_envelope = g_ptr_array_sized_new( 2); } g_ptr_array_add(task->rcpt_envelope, addr); } else { msg_err_protocol("bad rcpt address: '%*s'", (int) (p - start_addr), start_addr); task->flags |= RSPAMD_TASK_FLAG_BROKEN_HEADERS; } start_addr = NULL; p++; state = skip_spaces; } else { p++; } break; } } /* Check remainder */ if (start_addr && p > start_addr) { switch (state) { case normal_string: addr = rspamd_email_address_from_smtp(start_addr, end - start_addr); if (addr) { if (task->rcpt_envelope == NULL) { task->rcpt_envelope = g_ptr_array_sized_new( 2); } g_ptr_array_add(task->rcpt_envelope, addr); } else { msg_err_protocol("bad rcpt address: '%*s'", (int) (end - start_addr), start_addr); task->flags |= RSPAMD_TASK_FLAG_BROKEN_HEADERS; } break; case skip_spaces: /* Do nothing */ break; case quoted_string: default: msg_err_protocol("bad state when parsing rcpt address: '%*s'", (int) (end - start_addr), start_addr); task->flags |= RSPAMD_TASK_FLAG_BROKEN_HEADERS; } } } #define COMPARE_FLAG_LIT(lit) (len == sizeof(lit) - 1 && memcmp((lit), str, len) == 0) #define CHECK_PROTOCOL_FLAG(lit, fl) \ do { \ if (!known && COMPARE_FLAG_LIT(lit)) { \ task->protocol_flags |= (fl); \ known = TRUE; \ msg_debug_protocol("add protocol flag %s", lit); \ } \ } while (0) #define CHECK_TASK_FLAG(lit, fl) \ do { \ if (!known && COMPARE_FLAG_LIT(lit)) { \ task->flags |= (fl); \ known = TRUE; \ msg_debug_protocol("add task flag %s", lit); \ } \ } while (0) static void rspamd_protocol_handle_flag(struct rspamd_task *task, const char *str, gsize len) { gboolean known = FALSE; CHECK_TASK_FLAG("pass_all", RSPAMD_TASK_FLAG_PASS_ALL); CHECK_TASK_FLAG("no_log", RSPAMD_TASK_FLAG_NO_LOG); CHECK_TASK_FLAG("skip", RSPAMD_TASK_FLAG_SKIP); CHECK_TASK_FLAG("skip_process", RSPAMD_TASK_FLAG_SKIP_PROCESS); CHECK_TASK_FLAG("no_stat", RSPAMD_TASK_FLAG_NO_STAT); CHECK_TASK_FLAG("ssl", RSPAMD_TASK_FLAG_SSL); CHECK_TASK_FLAG("profile", RSPAMD_TASK_FLAG_PROFILE); CHECK_PROTOCOL_FLAG("milter", RSPAMD_TASK_PROTOCOL_FLAG_MILTER); CHECK_PROTOCOL_FLAG("zstd", RSPAMD_TASK_PROTOCOL_FLAG_COMPRESSED); CHECK_PROTOCOL_FLAG("ext_urls", RSPAMD_TASK_PROTOCOL_FLAG_EXT_URLS); CHECK_PROTOCOL_FLAG("body_block", RSPAMD_TASK_PROTOCOL_FLAG_BODY_BLOCK); CHECK_PROTOCOL_FLAG("groups", RSPAMD_TASK_PROTOCOL_FLAG_GROUPS); if (!known) { msg_warn_protocol("unknown flag: %*s", (int) len, str); } } #undef COMPARE_FLAG #undef CHECK_PROTOCOL_FLAG static void rspamd_protocol_process_flags(struct rspamd_task *task, const rspamd_ftok_t *hdr) { enum { skip_spaces, read_flag, } state = skip_spaces; const char *p, *end, *start; p = hdr->begin; end = hdr->begin + hdr->len; start = NULL; while (p < end) { switch (state) { case skip_spaces: if (g_ascii_isspace(*p)) { p++; } else { state = read_flag; start = p; } break; case read_flag: if (*p == ',') { if (p > start) { rspamd_protocol_handle_flag(task, start, p - start); } start = NULL; state = skip_spaces; p++; } else { p++; } break; } } /* Check remainder */ if (start && end > start && state == read_flag) { rspamd_protocol_handle_flag(task, start, end - start); } } #define IF_HEADER(name) \ srch.begin = (name); \ srch.len = sizeof(name) - 1; \ if (rspamd_ftok_casecmp(hn_tok, &srch) == 0) gboolean rspamd_protocol_handle_headers(struct rspamd_task *task, struct rspamd_http_message *msg) { rspamd_ftok_t *hn_tok, *hv_tok, srch; gboolean has_ip = FALSE, seen_settings_header = FALSE; struct rspamd_http_header *header, *h; char *ntok; kh_foreach_value (msg->headers, header, { DL_FOREACH (header, h) { ntok = rspamd_mempool_ftokdup (task->task_pool, &h->name); hn_tok = rspamd_mempool_alloc (task->task_pool, sizeof (*hn_tok)); hn_tok->begin = ntok; hn_tok->len = h->name.len; ntok = rspamd_mempool_ftokdup (task->task_pool, &h->value); hv_tok = rspamd_mempool_alloc (task->task_pool, sizeof (*hv_tok)); hv_tok->begin = ntok; hv_tok->len = h->value.len; switch (*hn_tok->begin) { case 'd': case 'D': IF_HEADER(DELIVER_TO_HEADER) { task->deliver_to = rspamd_protocol_escape_braces(task, hv_tok); msg_debug_protocol("read deliver-to header, value: %s", task->deliver_to); } else { msg_debug_protocol("wrong header: %T", hn_tok); } break; case 'h': case 'H': IF_HEADER(HELO_HEADER) { task->helo = rspamd_mempool_ftokdup(task->task_pool, hv_tok); msg_debug_protocol("read helo header, value: %s", task->helo); } IF_HEADER(HOSTNAME_HEADER) { task->hostname = rspamd_mempool_ftokdup(task->task_pool, hv_tok); msg_debug_protocol("read hostname header, value: %s", task->hostname); } break; case 'f': case 'F': IF_HEADER(FROM_HEADER) { if (hv_tok->len == 0) { /* Replace '' with '<>' to fix parsing issue */ RSPAMD_FTOK_ASSIGN(hv_tok, "<>"); } task->from_envelope = rspamd_email_address_from_smtp( hv_tok->begin, hv_tok->len); msg_debug_protocol("read from header, value: %T", hv_tok); if (!task->from_envelope) { msg_err_protocol("bad from header: '%T'", hv_tok); task->flags |= RSPAMD_TASK_FLAG_BROKEN_HEADERS; } } IF_HEADER(FILENAME_HEADER) { task->msg.fpath = rspamd_mempool_ftokdup(task->task_pool, hv_tok); msg_debug_protocol("read filename header, value: %s", task->msg.fpath); } IF_HEADER(FLAGS_HEADER) { msg_debug_protocol("read flags header, value: %T", hv_tok); rspamd_protocol_process_flags(task, hv_tok); } break; case 'q': case 'Q': IF_HEADER(QUEUE_ID_HEADER) { task->queue_id = rspamd_mempool_ftokdup(task->task_pool, hv_tok); msg_debug_protocol("read queue_id header, value: %s", task->queue_id); } else { msg_debug_protocol("wrong header: %T", hn_tok); } break; case 'r': case 'R': IF_HEADER(RCPT_HEADER) { rspamd_protocol_process_recipients(task, hv_tok); msg_debug_protocol("read rcpt header, value: %T", hv_tok); } IF_HEADER(RAW_DATA_HEADER) { srch.begin = "yes"; srch.len = 3; msg_debug_protocol("read raw data header, value: %T", hv_tok); if (rspamd_ftok_casecmp(hv_tok, &srch) == 0) { task->flags &= ~RSPAMD_TASK_FLAG_MIME; msg_debug_protocol("disable mime parsing"); } } break; case 'i': case 'I': IF_HEADER(IP_ADDR_HEADER) { if (!rspamd_parse_inet_address(&task->from_addr, hv_tok->begin, hv_tok->len, RSPAMD_INET_ADDRESS_PARSE_DEFAULT)) { msg_err_protocol("bad ip header: '%T'", hv_tok); } else { msg_debug_protocol("read IP header, value: %T", hv_tok); has_ip = TRUE; } } else { msg_debug_protocol("wrong header: %T", hn_tok); } break; case 'p': case 'P': IF_HEADER(PASS_HEADER) { srch.begin = "all"; srch.len = 3; msg_debug_protocol("read pass header, value: %T", hv_tok); if (rspamd_ftok_casecmp(hv_tok, &srch) == 0) { task->flags |= RSPAMD_TASK_FLAG_PASS_ALL; msg_debug_protocol("pass all filters"); } } IF_HEADER(PROFILE_HEADER) { msg_debug_protocol("read profile header, value: %T", hv_tok); task->flags |= RSPAMD_TASK_FLAG_PROFILE; } break; case 's': case 'S': IF_HEADER(SETTINGS_ID_HEADER) { msg_debug_protocol("read settings-id header, value: %T", hv_tok); task->settings_elt = rspamd_config_find_settings_name_ref( task->cfg, hv_tok->begin, hv_tok->len); if (task->settings_elt == NULL) { GString *known_ids = g_string_new(NULL); struct rspamd_config_settings_elt *cur; DL_FOREACH(task->cfg->setting_ids, cur) { rspamd_printf_gstring(known_ids, "%s(%ud);", cur->name, cur->id); } msg_warn_protocol("unknown settings id: %T(%d); known_ids: %v", hv_tok, rspamd_config_name_to_id(hv_tok->begin, hv_tok->len), known_ids); g_string_free(known_ids, TRUE); } else { msg_debug_protocol("applied settings id %T -> %ud", hv_tok, task->settings_elt->id); } } IF_HEADER(SETTINGS_HEADER) { msg_debug_protocol("read settings header, value: %T", hv_tok); seen_settings_header = TRUE; } break; case 'u': case 'U': IF_HEADER(USER_HEADER) { /* * We must ignore User header in case of spamc, as SA has * different meaning of this header */ msg_debug_protocol("read user header, value: %T", hv_tok); if (!RSPAMD_TASK_IS_SPAMC(task)) { task->auth_user = rspamd_mempool_ftokdup(task->task_pool, hv_tok); } else { msg_info_protocol("ignore user header: legacy SA protocol"); } } IF_HEADER(URLS_HEADER) { msg_debug_protocol("read urls header, value: %T", hv_tok); srch.begin = "extended"; srch.len = 8; if (rspamd_ftok_casecmp(hv_tok, &srch) == 0) { task->protocol_flags |= RSPAMD_TASK_PROTOCOL_FLAG_EXT_URLS; msg_debug_protocol("extended urls information"); } /* TODO: add more formats there */ } IF_HEADER(USER_AGENT_HEADER) { msg_debug_protocol("read user-agent header, value: %T", hv_tok); if (hv_tok->len == 6 && rspamd_lc_cmp(hv_tok->begin, "rspamc", 6) == 0) { task->protocol_flags |= RSPAMD_TASK_PROTOCOL_FLAG_LOCAL_CLIENT; } } break; case 'l': case 'L': IF_HEADER(NO_LOG_HEADER) { msg_debug_protocol("read log header, value: %T", hv_tok); srch.begin = "no"; srch.len = 2; if (rspamd_ftok_casecmp(hv_tok, &srch) == 0) { task->flags |= RSPAMD_TASK_FLAG_NO_LOG; } } break; case 'm': case 'M': IF_HEADER(MLEN_HEADER) { msg_debug_protocol("read message length header, value: %T", hv_tok); task->protocol_flags |= RSPAMD_TASK_PROTOCOL_FLAG_HAS_CONTROL; } IF_HEADER(MTA_TAG_HEADER) { char *mta_tag; mta_tag = rspamd_mempool_ftokdup(task->task_pool, hv_tok); rspamd_mempool_set_variable(task->task_pool, RSPAMD_MEMPOOL_MTA_TAG, mta_tag, NULL); msg_debug_protocol("read MTA-Tag header, value: %s", mta_tag); } IF_HEADER(MTA_NAME_HEADER) { char *mta_name; mta_name = rspamd_mempool_ftokdup(task->task_pool, hv_tok); rspamd_mempool_set_variable(task->task_pool, RSPAMD_MEMPOOL_MTA_NAME, mta_name, NULL); msg_debug_protocol("read MTA-Name header, value: %s", mta_name); } IF_HEADER(MILTER_HEADER) { task->protocol_flags |= RSPAMD_TASK_PROTOCOL_FLAG_MILTER; msg_debug_protocol("read Milter header, value: %T", hv_tok); } break; case 't': case 'T': IF_HEADER(TLS_CIPHER_HEADER) { task->flags |= RSPAMD_TASK_FLAG_SSL; msg_debug_protocol("read TLS cipher header, value: %T", hv_tok); } break; default: msg_debug_protocol("generic header: %T", hn_tok); break; } rspamd_task_add_request_header (task, hn_tok, hv_tok); } }); /* End of kh_foreach_value */ if (seen_settings_header && task->settings_elt) { msg_warn_task("ignore settings id %s as settings header is also presented", task->settings_elt->name); REF_RELEASE(task->settings_elt); task->settings_elt = NULL; } if (!has_ip) { task->flags |= RSPAMD_TASK_FLAG_NO_IP; } return TRUE; } #define BOOL_TO_FLAG(val, flags, flag) \ do { \ if ((val)) (flags) |= (flag); \ else \ (flags) &= ~(flag); \ } while (0) gboolean rspamd_protocol_parse_task_flags(rspamd_mempool_t *pool, const ucl_object_t *obj, gpointer ud, struct rspamd_rcl_section *section, GError **err) { struct rspamd_rcl_struct_parser *pd = ud; int *target; const char *key; gboolean value; target = (int *) (((char *) pd->user_struct) + pd->offset); key = ucl_object_key(obj); value = ucl_object_toboolean(obj); if (key != NULL) { if (g_ascii_strcasecmp(key, "pass_all") == 0) { BOOL_TO_FLAG(value, *target, RSPAMD_TASK_FLAG_PASS_ALL); } else if (g_ascii_strcasecmp(key, "no_log") == 0) { BOOL_TO_FLAG(value, *target, RSPAMD_TASK_FLAG_NO_LOG); } } return TRUE; } static struct rspamd_rcl_sections_map *control_parser = NULL; RSPAMD_CONSTRUCTOR(rspamd_protocol_control_parser_ctor) { struct rspamd_rcl_section *sub = rspamd_rcl_add_section(&control_parser, NULL, "*", NULL, NULL, UCL_OBJECT, FALSE, TRUE); /* Default handlers */ rspamd_rcl_add_default_handler(sub, "ip", rspamd_rcl_parse_struct_addr, G_STRUCT_OFFSET(struct rspamd_task, from_addr), 0, NULL); rspamd_rcl_add_default_handler(sub, "from", rspamd_rcl_parse_struct_mime_addr, G_STRUCT_OFFSET(struct rspamd_task, from_envelope), 0, NULL); rspamd_rcl_add_default_handler(sub, "rcpt", rspamd_rcl_parse_struct_mime_addr, G_STRUCT_OFFSET(struct rspamd_task, rcpt_envelope), 0, NULL); rspamd_rcl_add_default_handler(sub, "helo", rspamd_rcl_parse_struct_string, G_STRUCT_OFFSET(struct rspamd_task, helo), 0, NULL); rspamd_rcl_add_default_handler(sub, "user", rspamd_rcl_parse_struct_string, G_STRUCT_OFFSET(struct rspamd_task, auth_user), 0, NULL); rspamd_rcl_add_default_handler(sub, "pass_all", rspamd_protocol_parse_task_flags, G_STRUCT_OFFSET(struct rspamd_task, flags), 0, NULL); rspamd_rcl_add_default_handler(sub, "json", rspamd_protocol_parse_task_flags, G_STRUCT_OFFSET(struct rspamd_task, flags), 0, NULL); } RSPAMD_DESTRUCTOR(rspamd_protocol_control_parser_dtor) { rspamd_rcl_sections_free(control_parser); } gboolean rspamd_protocol_handle_control(struct rspamd_task *task, const ucl_object_t *control) { GError *err = NULL; if (!rspamd_rcl_parse(control_parser, task->cfg, task, task->task_pool, control, &err)) { msg_warn_protocol("cannot parse control block: %e", err); g_error_free(err); return FALSE; } return TRUE; } gboolean rspamd_protocol_handle_request(struct rspamd_task *task, struct rspamd_http_message *msg) { gboolean ret = TRUE; if (msg->method == HTTP_SYMBOLS) { msg_debug_protocol("got legacy SYMBOLS method, enable rspamc protocol workaround"); task->cmd = CMD_CHECK_RSPAMC; } else if (msg->method == HTTP_CHECK) { msg_debug_protocol("got legacy CHECK method, enable rspamc protocol workaround"); task->cmd = CMD_CHECK_RSPAMC; } else { ret = rspamd_protocol_handle_url(task, msg); } if (msg->flags & RSPAMD_HTTP_FLAG_SPAMC) { msg_debug_protocol("got legacy SA input, enable spamc protocol workaround"); task->cmd = CMD_CHECK_SPAMC; } return ret; } /* Structure for writing tree data */ struct tree_cb_data { ucl_object_t *top; khash_t(rspamd_url_host_hash) * seen; struct rspamd_task *task; }; static ucl_object_t * rspamd_protocol_extended_url(struct rspamd_task *task, struct rspamd_url *url, const char *encoded, gsize enclen) { ucl_object_t *obj, *elt; obj = ucl_object_typed_new(UCL_OBJECT); elt = ucl_object_fromstring_common(encoded, enclen, 0); ucl_object_insert_key(obj, elt, "url", 0, false); if (url->tldlen > 0) { elt = ucl_object_fromstring_common(rspamd_url_tld_unsafe(url), url->tldlen, 0); ucl_object_insert_key(obj, elt, "tld", 0, false); } if (url->hostlen > 0) { elt = ucl_object_fromstring_common(rspamd_url_host_unsafe(url), url->hostlen, 0); ucl_object_insert_key(obj, elt, "host", 0, false); } ucl_object_t *flags = ucl_object_typed_new(UCL_ARRAY); for (unsigned int i = 0; i < RSPAMD_URL_MAX_FLAG_SHIFT; i++) { if (url->flags & (1u << i)) { ucl_object_t *fl = ucl_object_fromstring(rspamd_url_flag_to_string(1u << i)); ucl_array_append(flags, fl); } } ucl_object_insert_key(obj, flags, "flags", 0, false); if (url->ext && url->ext->linked_url) { encoded = rspamd_url_encode(url->ext->linked_url, &enclen, task->task_pool); elt = rspamd_protocol_extended_url(task, url->ext->linked_url, encoded, enclen); ucl_object_insert_key(obj, elt, "linked_url", 0, false); } return obj; } /* * Callback for writing urls */ static void urls_protocol_cb(struct rspamd_url *url, struct tree_cb_data *cb) { ucl_object_t *obj; struct rspamd_task *task = cb->task; const char *user_field = "unknown", *encoded = NULL; gboolean has_user = FALSE; unsigned int len = 0; gsize enclen = 0; if (!(task->protocol_flags & RSPAMD_TASK_PROTOCOL_FLAG_EXT_URLS)) { if (url->hostlen > 0) { if (rspamd_url_host_set_has(cb->seen, url)) { return; } goffset err_offset; if ((err_offset = rspamd_fast_utf8_validate(rspamd_url_host_unsafe(url), url->hostlen)) == 0) { obj = ucl_object_fromstring_common(rspamd_url_host_unsafe(url), url->hostlen, 0); } else { obj = ucl_object_fromstring_common(rspamd_url_host_unsafe(url), err_offset - 1, 0); } } else { return; } rspamd_url_host_set_add(cb->seen, url); } else { encoded = rspamd_url_encode(url, &enclen, task->task_pool); obj = rspamd_protocol_extended_url(task, url, encoded, enclen); } ucl_array_append(cb->top, obj); if (cb->task->cfg->log_urls) { if (task->auth_user) { user_field = task->auth_user; len = strlen(task->auth_user); has_user = TRUE; } else if (task->from_envelope) { user_field = task->from_envelope->addr; len = task->from_envelope->addr_len; } if (!encoded) { encoded = rspamd_url_encode(url, &enclen, task->task_pool); } msg_notice_task_encrypted("<%s> %s: %*s; ip: %s; URL: %*s", MESSAGE_FIELD_CHECK(task, message_id), has_user ? "user" : "from", len, user_field, rspamd_inet_address_to_string(task->from_addr), (int) enclen, encoded); } } static ucl_object_t * rspamd_urls_tree_ucl(khash_t(rspamd_url_hash) * set, struct rspamd_task *task) { struct tree_cb_data cb; ucl_object_t *obj; struct rspamd_url *u; obj = ucl_object_typed_new(UCL_ARRAY); cb.top = obj; cb.task = task; cb.seen = kh_init(rspamd_url_host_hash); kh_foreach_key(set, u, { if (!(u->protocol & PROTOCOL_MAILTO)) { urls_protocol_cb(u, &cb); } }); kh_destroy(rspamd_url_host_hash, cb.seen); return obj; } static void emails_protocol_cb(struct rspamd_url *url, struct tree_cb_data *cb) { ucl_object_t *obj; if (url->userlen > 0 && url->hostlen > 0) { obj = ucl_object_fromlstring(rspamd_url_user_unsafe(url), url->userlen + url->hostlen + 1); ucl_array_append(cb->top, obj); } } static ucl_object_t * rspamd_emails_tree_ucl(khash_t(rspamd_url_hash) * set, struct rspamd_task *task) { struct tree_cb_data cb; ucl_object_t *obj; struct rspamd_url *u; obj = ucl_object_typed_new(UCL_ARRAY); cb.top = obj; cb.task = task; kh_foreach_key(set, u, { if ((u->protocol & PROTOCOL_MAILTO)) { emails_protocol_cb(u, &cb); } }); return obj; } /* Write new subject */ static const char * rspamd_protocol_rewrite_subject(struct rspamd_task *task) { GString *subj_buf; char *res; const char *s, *c, *p; gsize slen = 0; c = rspamd_mempool_get_variable(task->task_pool, "metric_subject"); if (c == NULL) { c = task->cfg->subject; } if (c == NULL) { c = SPAM_SUBJECT; } p = c; s = MESSAGE_FIELD_CHECK(task, subject); if (s) { slen = strlen(s); } subj_buf = g_string_sized_new(strlen(c) + slen); while (*p) { if (*p == '%') { switch (p[1]) { case 's': g_string_append_len(subj_buf, c, p - c); if (s) { g_string_append_len(subj_buf, s, slen); } c = p + 2; p += 2; break; case 'd': g_string_append_len(subj_buf, c, p - c); rspamd_printf_gstring(subj_buf, "%.2f", task->result->score); c = p + 2; p += 2; break; case '%': g_string_append_len(subj_buf, c, p - c); g_string_append_c(subj_buf, '%'); c = p + 2; p += 2; break; default: p++; /* Just % something unknown */ break; } } else { p++; } } if (p > c) { g_string_append_len(subj_buf, c, p - c); } res = rspamd_mime_header_encode(subj_buf->str, subj_buf->len); rspamd_mempool_add_destructor(task->task_pool, (rspamd_mempool_destruct_t) g_free, res); g_string_free(subj_buf, TRUE); return res; } static ucl_object_t * rspamd_metric_symbol_ucl(struct rspamd_task *task, struct rspamd_symbol_result *sym) { ucl_object_t *obj = NULL, *ar; const char *description = NULL; struct rspamd_symbol_option *opt; if (sym->sym != NULL) { description = sym->sym->description; } obj = ucl_object_typed_new(UCL_OBJECT); ucl_object_insert_key(obj, ucl_object_fromstring(sym->name), "name", 0, false); ucl_object_insert_key(obj, ucl_object_fromdouble(sym->score), "score", 0, false); if (task->cmd == CMD_CHECK_V2) { if (sym->sym) { ucl_object_insert_key(obj, ucl_object_fromdouble(sym->sym->score), "metric_score", 0, false); } else { ucl_object_insert_key(obj, ucl_object_fromdouble(0.0), "metric_score", 0, false); } } if (description) { ucl_object_insert_key(obj, ucl_object_fromstring(description), "description", 0, false); } if (sym->options != NULL) { ar = ucl_object_typed_new(UCL_ARRAY); DL_FOREACH(sym->opts_head, opt) { ucl_array_append(ar, ucl_object_fromstring_common(opt->option, opt->optlen, 0)); } ucl_object_insert_key(obj, ar, "options", 0, false); } return obj; } static ucl_object_t * rspamd_metric_group_ucl(struct rspamd_task *task, struct rspamd_symbols_group *gr, double score) { ucl_object_t *obj = NULL; obj = ucl_object_typed_new(UCL_OBJECT); ucl_object_insert_key(obj, ucl_object_fromdouble(score), "score", 0, false); if (gr->description) { ucl_object_insert_key(obj, ucl_object_fromstring(gr->description), "description", 0, false); } return obj; } static ucl_object_t * rspamd_scan_result_ucl(struct rspamd_task *task, struct rspamd_scan_result *mres, ucl_object_t *top) { struct rspamd_symbol_result *sym; gboolean is_spam; struct rspamd_action *action; ucl_object_t *obj = NULL, *sobj; const char *subject; struct rspamd_passthrough_result *pr = NULL; action = rspamd_check_action_metric(task, &pr, NULL); is_spam = !(action->flags & RSPAMD_ACTION_HAM); if (task->cmd == CMD_CHECK) { obj = ucl_object_typed_new(UCL_OBJECT); ucl_object_insert_key(obj, ucl_object_frombool(is_spam), "is_spam", 0, false); } else { obj = top; } if (pr) { if (pr->message && !(pr->flags & RSPAMD_PASSTHROUGH_NO_SMTP_MESSAGE)) { /* Add smtp message if it does not exist: see #3269 for details */ if (ucl_object_lookup(task->messages, "smtp_message") == NULL) { ucl_object_insert_key(task->messages, ucl_object_fromstring_common(pr->message, 0, UCL_STRING_RAW), "smtp_message", 0, false); } } ucl_object_insert_key(obj, ucl_object_fromstring(pr->module), "passthrough_module", 0, false); } ucl_object_insert_key(obj, ucl_object_frombool(RSPAMD_TASK_IS_SKIPPED(task)), "is_skipped", 0, false); if (!isnan(mres->score)) { ucl_object_insert_key(obj, ucl_object_fromdouble(mres->score), "score", 0, false); } else { ucl_object_insert_key(obj, ucl_object_fromdouble(0.0), "score", 0, false); } ucl_object_insert_key(obj, ucl_object_fromdouble(rspamd_task_get_required_score(task, mres)), "required_score", 0, false); ucl_object_insert_key(obj, ucl_object_fromstring(action->name), "action", 0, false); if (action->action_type == METRIC_ACTION_REWRITE_SUBJECT) { subject = rspamd_protocol_rewrite_subject(task); if (subject) { ucl_object_insert_key(obj, ucl_object_fromstring(subject), "subject", 0, false); } } if (action->flags & RSPAMD_ACTION_MILTER) { /* Treat milter action specially */ if (action->action_type == METRIC_ACTION_DISCARD) { ucl_object_insert_key(obj, ucl_object_fromstring("discard"), "reject", 0, false); } else if (action->action_type == METRIC_ACTION_QUARANTINE) { ucl_object_insert_key(obj, ucl_object_fromstring("quarantine"), "reject", 0, false); } } /* Now handle symbols */ if (task->cmd != CMD_CHECK) { /* Insert actions thresholds */ ucl_object_t *actions_obj = ucl_object_typed_new(UCL_OBJECT); for (int i = task->result->nactions - 1; i >= 0; i--) { struct rspamd_action_config *action_lim = &task->result->actions_config[i]; if (!isnan(action_lim->cur_limit) && !(action_lim->action->flags & (RSPAMD_ACTION_NO_THRESHOLD | RSPAMD_ACTION_HAM))) { ucl_object_insert_key(actions_obj, ucl_object_fromdouble(action_lim->cur_limit), action_lim->action->name, 0, true); } } ucl_object_insert_key(obj, actions_obj, "thresholds", 0, false); /* For checkv2 we insert symbols as a separate object */ obj = ucl_object_typed_new(UCL_OBJECT); } kh_foreach_value(mres->symbols, sym, { if (!(sym->flags & RSPAMD_SYMBOL_RESULT_IGNORED)) { sobj = rspamd_metric_symbol_ucl(task, sym); ucl_object_insert_key(obj, sobj, sym->name, 0, false); } }); if (task->cmd != CMD_CHECK) { /* For checkv2 we insert symbols as a separate object */ ucl_object_insert_key(top, obj, "symbols", 0, false); } else { /* For legacy check we just insert it as "default" all together */ ucl_object_insert_key(top, obj, DEFAULT_METRIC, 0, false); } /* Handle groups if needed */ if (task->protocol_flags & RSPAMD_TASK_PROTOCOL_FLAG_GROUPS) { struct rspamd_symbols_group *gr; double gr_score; obj = ucl_object_typed_new(UCL_OBJECT); ucl_object_reserve(obj, kh_size(mres->sym_groups)); kh_foreach(mres->sym_groups, gr, gr_score, { if (task->cfg->public_groups_only && !(gr->flags & RSPAMD_SYMBOL_GROUP_PUBLIC)) { continue; } sobj = rspamd_metric_group_ucl(task, gr, gr_score); ucl_object_insert_key(obj, sobj, gr->name, 0, false); }); ucl_object_insert_key(top, obj, "groups", 0, false); } return obj; } void rspamd_ucl_torspamc_output(const ucl_object_t *top, rspamd_fstring_t **out) { const ucl_object_t *symbols, *score, *required_score, *is_spam, *elt, *cur; ucl_object_iter_t iter = NULL; score = ucl_object_lookup(top, "score"); required_score = ucl_object_lookup(top, "required_score"); is_spam = ucl_object_lookup(top, "is_spam"); rspamd_printf_fstring(out, "Metric: default; %s; %.2f / %.2f / 0.0\r\n", ucl_object_toboolean(is_spam) ? "True" : "False", ucl_object_todouble(score), ucl_object_todouble(required_score)); elt = ucl_object_lookup(top, "action"); if (elt != NULL) { rspamd_printf_fstring(out, "Action: %s\r\n", ucl_object_tostring(elt)); } elt = ucl_object_lookup(top, "subject"); if (elt != NULL) { rspamd_printf_fstring(out, "Subject: %s\r\n", ucl_object_tostring(elt)); } symbols = ucl_object_lookup(top, "symbols"); if (symbols != NULL) { iter = NULL; while ((elt = ucl_object_iterate(symbols, &iter, true)) != NULL) { if (elt->type == UCL_OBJECT) { const ucl_object_t *sym_score; sym_score = ucl_object_lookup(elt, "score"); rspamd_printf_fstring(out, "Symbol: %s(%.2f)\r\n", ucl_object_key(elt), ucl_object_todouble(sym_score)); } } } elt = ucl_object_lookup(top, "messages"); if (elt != NULL) { iter = NULL; while ((cur = ucl_object_iterate(elt, &iter, true)) != NULL) { if (cur->type == UCL_STRING) { rspamd_printf_fstring(out, "Message: %s\r\n", ucl_object_tostring(cur)); } } } elt = ucl_object_lookup(top, "message-id"); if (elt != NULL) { rspamd_printf_fstring(out, "Message-ID: %s\r\n", ucl_object_tostring(elt)); } } void rspamd_ucl_tospamc_output(const ucl_object_t *top, rspamd_fstring_t **out) { const ucl_object_t *symbols, *score, *required_score, *is_spam, *elt; ucl_object_iter_t iter = NULL; rspamd_fstring_t *f; score = ucl_object_lookup(top, "score"); required_score = ucl_object_lookup(top, "required_score"); is_spam = ucl_object_lookup(top, "is_spam"); rspamd_printf_fstring(out, "Spam: %s ; %.2f / %.2f\r\n\r\n", ucl_object_toboolean(is_spam) ? "True" : "False", ucl_object_todouble(score), ucl_object_todouble(required_score)); symbols = ucl_object_lookup(top, "symbols"); if (symbols != NULL) { while ((elt = ucl_object_iterate(symbols, &iter, true)) != NULL) { if (elt->type == UCL_OBJECT) { rspamd_printf_fstring(out, "%s,", ucl_object_key(elt)); } } /* Ugly hack, but the whole spamc is ugly */ f = *out; if (f->str[f->len - 1] == ',') { f->len--; *out = rspamd_fstring_append(*out, CRLF, 2); } } } static void rspamd_protocol_output_profiling(struct rspamd_task *task, ucl_object_t *top) { GHashTable *tbl; GHashTableIter it; gpointer k, v; ucl_object_t *prof; double val; prof = ucl_object_typed_new(UCL_OBJECT); tbl = rspamd_mempool_get_variable(task->task_pool, "profile"); if (tbl) { g_hash_table_iter_init(&it, tbl); while (g_hash_table_iter_next(&it, &k, &v)) { val = *(double *) v; ucl_object_insert_key(prof, ucl_object_fromdouble(val), (const char *) k, 0, false); } } ucl_object_insert_key(top, prof, "profile", 0, false); } ucl_object_t * rspamd_protocol_write_ucl(struct rspamd_task *task, enum rspamd_protocol_flags flags) { ucl_object_t *top = NULL; GString *dkim_sig; GList *dkim_sigs; const ucl_object_t *milter_reply; rspamd_task_set_finish_time(task); top = ucl_object_typed_new(UCL_OBJECT); rspamd_mempool_add_destructor(task->task_pool, (rspamd_mempool_destruct_t) ucl_object_unref, top); if (flags & RSPAMD_PROTOCOL_METRICS) { rspamd_scan_result_ucl(task, task->result, top); } if (flags & RSPAMD_PROTOCOL_MESSAGES) { if (G_UNLIKELY(task->cfg->compat_messages)) { const ucl_object_t *cur; ucl_object_t *msg_object; ucl_object_iter_t iter = NULL; msg_object = ucl_object_typed_new(UCL_ARRAY); while ((cur = ucl_object_iterate(task->messages, &iter, true)) != NULL) { if (cur->type == UCL_STRING) { ucl_array_append(msg_object, ucl_object_ref(cur)); } } ucl_object_insert_key(top, msg_object, "messages", 0, false); } else { ucl_object_insert_key(top, ucl_object_ref(task->messages), "messages", 0, false); } } if (flags & RSPAMD_PROTOCOL_URLS && task->message) { if (kh_size(MESSAGE_FIELD(task, urls)) > 0) { ucl_object_insert_key(top, rspamd_urls_tree_ucl(MESSAGE_FIELD(task, urls), task), "urls", 0, false); ucl_object_insert_key(top, rspamd_emails_tree_ucl(MESSAGE_FIELD(task, urls), task), "emails", 0, false); } } if (flags & RSPAMD_PROTOCOL_EXTRA) { if (G_UNLIKELY(RSPAMD_TASK_IS_PROFILING(task))) { rspamd_protocol_output_profiling(task, top); } } if (flags & RSPAMD_PROTOCOL_BASIC) { ucl_object_insert_key(top, ucl_object_fromstring(MESSAGE_FIELD_CHECK(task, message_id)), "message-id", 0, false); ucl_object_insert_key(top, ucl_object_fromdouble(task->time_real_finish - task->task_timestamp), "time_real", 0, false); } if (flags & RSPAMD_PROTOCOL_DKIM) { dkim_sigs = rspamd_mempool_get_variable(task->task_pool, RSPAMD_MEMPOOL_DKIM_SIGNATURE); if (dkim_sigs) { if (dkim_sigs->next) { /* Multiple DKIM signatures */ ucl_object_t *ar = ucl_object_typed_new(UCL_ARRAY); for (; dkim_sigs != NULL; dkim_sigs = dkim_sigs->next) { GString *folded_header; dkim_sig = (GString *) dkim_sigs->data; if (task->protocol_flags & RSPAMD_TASK_PROTOCOL_FLAG_MILTER || !task->message) { folded_header = rspamd_header_value_fold( "DKIM-Signature", strlen("DKIM-Signature"), dkim_sig->str, dkim_sig->len, 80, RSPAMD_TASK_NEWLINES_LF, NULL); } else { folded_header = rspamd_header_value_fold( "DKIM-Signature", strlen("DKIM-Signature"), dkim_sig->str, dkim_sig->len, 80, MESSAGE_FIELD(task, nlines_type), NULL); } ucl_array_append(ar, ucl_object_fromstring_common(folded_header->str, folded_header->len, UCL_STRING_RAW)); g_string_free(folded_header, TRUE); } ucl_object_insert_key(top, ar, "dkim-signature", 0, false); } else { /* Single DKIM signature */ GString *folded_header; dkim_sig = (GString *) dkim_sigs->data; if (task->protocol_flags & RSPAMD_TASK_PROTOCOL_FLAG_MILTER) { folded_header = rspamd_header_value_fold( "DKIM-Signature", strlen("DKIM-Signature"), dkim_sig->str, dkim_sig->len, 80, RSPAMD_TASK_NEWLINES_LF, NULL); } else { folded_header = rspamd_header_value_fold( "DKIM-Signature", strlen("DKIM-Signature"), dkim_sig->str, dkim_sig->len, 80, MESSAGE_FIELD(task, nlines_type), NULL); } ucl_object_insert_key(top, ucl_object_fromstring_common(folded_header->str, folded_header->len, UCL_STRING_RAW), "dkim-signature", 0, false); g_string_free(folded_header, TRUE); } } } if (flags & RSPAMD_PROTOCOL_RMILTER) { milter_reply = rspamd_mempool_get_variable(task->task_pool, RSPAMD_MEMPOOL_MILTER_REPLY); if (milter_reply) { if (task->cmd != CMD_CHECK) { ucl_object_insert_key(top, ucl_object_ref(milter_reply), "milter", 0, false); } else { ucl_object_insert_key(top, ucl_object_ref(milter_reply), "rmilter", 0, false); } } } return top; } void rspamd_protocol_http_reply(struct rspamd_http_message *msg, struct rspamd_task *task, ucl_object_t **pobj, int how) { struct rspamd_scan_result *metric_res; const struct rspamd_re_cache_stat *restat; ucl_object_t *top = NULL; rspamd_fstring_t *reply; int flags = RSPAMD_PROTOCOL_DEFAULT; struct rspamd_action *action; /* Removed in 2.0 */ #if 0 GHashTableIter hiter; gpointer h, v; /* Write custom headers */ g_hash_table_iter_init (&hiter, task->reply_headers); while (g_hash_table_iter_next (&hiter, &h, &v)) { rspamd_ftok_t *hn = h, *hv = v; rspamd_http_message_add_header (msg, hn->begin, hv->begin); } #endif flags |= RSPAMD_PROTOCOL_URLS; top = rspamd_protocol_write_ucl(task, flags); if (pobj) { *pobj = top; } if (!(task->flags & RSPAMD_TASK_FLAG_NO_LOG)) { if (task->worker->srv->history) { rspamd_roll_history_update(task->worker->srv->history, task); } } else { msg_debug_protocol("skip history update due to no log flag"); } rspamd_task_write_log(task); if (task->cfg->log_flags & RSPAMD_LOG_FLAG_RE_CACHE) { restat = rspamd_re_cache_get_stat(task->re_rt); g_assert(restat != NULL); msg_notice_task( "regexp statistics: %ud pcre regexps scanned, %ud regexps matched," " %ud regexps total, %ud regexps cached," " %HL scanned using pcre, %HL scanned total", restat->regexp_checked, restat->regexp_matched, restat->regexp_total, restat->regexp_fast_cached, restat->bytes_scanned_pcre, restat->bytes_scanned); } reply = rspamd_fstring_sized_new(1000); if (msg->method < HTTP_SYMBOLS && !RSPAMD_TASK_IS_SPAMC(task)) { msg_debug_protocol("writing json reply"); rspamd_ucl_emit_fstring(top, how, &reply); } else { if (RSPAMD_TASK_IS_SPAMC(task)) { msg_debug_protocol("writing spamc legacy reply to client"); rspamd_ucl_tospamc_output(top, &reply); } else { msg_debug_protocol("writing rspamc legacy reply to client"); rspamd_ucl_torspamc_output(top, &reply); } } if (task->protocol_flags & RSPAMD_TASK_PROTOCOL_FLAG_BODY_BLOCK) { /* Check if we need to insert a body block */ if (task->flags & RSPAMD_TASK_FLAG_MESSAGE_REWRITE) { GString *hdr_offset = g_string_sized_new(30); rspamd_printf_gstring(hdr_offset, "%z", RSPAMD_FSTRING_LEN(reply)); rspamd_http_message_add_header(msg, MESSAGE_OFFSET_HEADER, hdr_offset->str); msg_debug_protocol("write body block at position %s", hdr_offset->str); g_string_free(hdr_offset, TRUE); /* In case of milter, we append just body, otherwise - full message */ if (task->protocol_flags & RSPAMD_TASK_PROTOCOL_FLAG_MILTER) { const char *start; goffset len, hdr_off; start = task->msg.begin; len = task->msg.len; hdr_off = MESSAGE_FIELD(task, raw_headers_content).len; if (hdr_off < len) { start += hdr_off; len -= hdr_off; /* The problem here is that we need not end of headers, we need * start of body. * * Hence, we need to skip one \r\n till there is anything else in * a line. */ if (*start == '\r' && len > 0) { start++; len--; } if (*start == '\n' && len > 0) { start++; len--; } msg_debug_protocol("milter version of body block size %d", (int) len); reply = rspamd_fstring_append(reply, start, len); } } else { msg_debug_protocol("general version of body block size %d", (int) task->msg.len); reply = rspamd_fstring_append(reply, task->msg.begin, task->msg.len); } } } if ((task->protocol_flags & RSPAMD_TASK_PROTOCOL_FLAG_COMPRESSED) && rspamd_libs_reset_compression(task->cfg->libs_ctx)) { /* We can compress output */ ZSTD_inBuffer zin; ZSTD_outBuffer zout; ZSTD_CStream *zstream; rspamd_fstring_t *compressed_reply; gsize r; zstream = task->cfg->libs_ctx->out_zstream; compressed_reply = rspamd_fstring_sized_new(ZSTD_compressBound(reply->len)); zin.pos = 0; zin.src = reply->str; zin.size = reply->len; zout.pos = 0; zout.dst = compressed_reply->str; zout.size = compressed_reply->allocated; while (zin.pos < zin.size) { r = ZSTD_compressStream(zstream, &zout, &zin); if (ZSTD_isError(r)) { msg_err_protocol("cannot compress: %s", ZSTD_getErrorName(r)); rspamd_fstring_free(compressed_reply); rspamd_http_message_set_body_from_fstring_steal(msg, reply); goto end; } } ZSTD_flushStream(zstream, &zout); r = ZSTD_endStream(zstream, &zout); if (ZSTD_isError(r)) { msg_err_protocol("cannot finalize compress: %s", ZSTD_getErrorName(r)); rspamd_fstring_free(compressed_reply); rspamd_http_message_set_body_from_fstring_steal(msg, reply); goto end; } msg_info_protocol("writing compressed results: %z bytes before " "%z bytes after", zin.pos, zout.pos); compressed_reply->len = zout.pos; rspamd_fstring_free(reply); rspamd_http_message_set_body_from_fstring_steal(msg, compressed_reply); rspamd_http_message_add_header(msg, COMPRESSION_HEADER, "zstd"); if (task->cfg->libs_ctx->out_dict && task->cfg->libs_ctx->out_dict->id != 0) { char dict_str[32]; rspamd_snprintf(dict_str, sizeof(dict_str), "%ud", task->cfg->libs_ctx->out_dict->id); rspamd_http_message_add_header(msg, "Dictionary", dict_str); } } else { rspamd_http_message_set_body_from_fstring_steal(msg, reply); } end: if (!(task->flags & RSPAMD_TASK_FLAG_NO_STAT)) { /* Update stat for default metric */ msg_debug_protocol("skip stats update due to no_stat flag"); metric_res = task->result; if (metric_res != NULL) { action = rspamd_check_action_metric(task, NULL, NULL); /* TODO: handle custom actions in stats */ if (action->action_type == METRIC_ACTION_SOFT_REJECT && (task->flags & RSPAMD_TASK_FLAG_GREYLISTED)) { /* Set stat action to greylist to display greylisted messages */ #ifndef HAVE_ATOMIC_BUILTINS task->worker->srv->stat->actions_stat[METRIC_ACTION_GREYLIST]++; #else __atomic_add_fetch(&task->worker->srv->stat->actions_stat[METRIC_ACTION_GREYLIST], 1, __ATOMIC_RELEASE); #endif } else if (action->action_type < METRIC_ACTION_MAX) { #ifndef HAVE_ATOMIC_BUILTINS task->worker->srv->stat->actions_stat[action->action_type]++; #else __atomic_add_fetch(&task->worker->srv->stat->actions_stat[action->action_type], 1, __ATOMIC_RELEASE); #endif } } /* Increase counters */ #ifndef HAVE_ATOMIC_BUILTINS task->worker->srv->stat->messages_scanned++; #else __atomic_add_fetch(&task->worker->srv->stat->messages_scanned, 1, __ATOMIC_RELEASE); #endif /* Set average processing time */ uint32_t slot; float processing_time = task->time_real_finish - task->task_timestamp; #ifndef HAVE_ATOMIC_BUILTINS slot = task->worker->srv->stat->avg_time.cur_slot++; #else slot = __atomic_fetch_add(&task->worker->srv->stat->avg_time.cur_slot, 1, __ATOMIC_RELEASE); #endif slot = slot % MAX_AVG_TIME_SLOTS; /* TODO: this should be atomic but it is not supported in C */ task->worker->srv->stat->avg_time.avg_time[slot] = processing_time; } } void rspamd_protocol_write_log_pipe(struct rspamd_task *task) { struct rspamd_worker_log_pipe *lp; struct rspamd_protocol_log_message_sum *ls; lua_State *L = task->cfg->lua_state; struct rspamd_scan_result *mres; struct rspamd_symbol_result *sym; int id, i; uint32_t n = 0, nextra = 0; gsize sz; GArray *extra; struct rspamd_protocol_log_symbol_result er; struct rspamd_task **ptask; /* Get extra results from lua plugins */ extra = g_array_new(FALSE, FALSE, sizeof(er)); lua_getglobal(L, "rspamd_plugins"); if (lua_istable(L, -1)) { lua_pushnil(L); while (lua_next(L, -2)) { if (lua_istable(L, -1)) { lua_pushvalue(L, -2); /* stack: * -1: copy of key * -2: value (module table) * -3: key (module name) * -4: global */ lua_pushstring(L, "log_callback"); lua_gettable(L, -3); /* stack: * -1: func * -2: copy of key * -3: value (module table) * -3: key (module name) * -4: global */ if (lua_isfunction(L, -1)) { ptask = lua_newuserdata(L, sizeof(*ptask)); *ptask = task; rspamd_lua_setclass(L, rspamd_task_classname, -1); /* stack: * -1: task * -2: func * -3: key copy * -4: value (module table) * -5: key (module name) * -6: global */ msg_debug_protocol("calling for %s", lua_tostring(L, -3)); if (lua_pcall(L, 1, 1, 0) != 0) { msg_info_protocol("call to log callback %s failed: %s", lua_tostring(L, -2), lua_tostring(L, -1)); lua_pop(L, 1); /* stack: * -1: key copy * -2: value * -3: key */ } else { /* stack: * -1: result * -2: key copy * -3: value * -4: key */ if (lua_istable(L, -1)) { /* Another iteration */ lua_pushnil(L); while (lua_next(L, -2)) { /* stack: * -1: value * -2: key * -3: result table (pcall) * -4: key copy (parent) * -5: value (parent) * -6: key (parent) */ if (lua_istable(L, -1)) { er.id = 0; er.score = 0.0; lua_rawgeti(L, -1, 1); if (lua_isnumber(L, -1)) { er.id = lua_tonumber(L, -1); } lua_rawgeti(L, -2, 2); if (lua_isnumber(L, -1)) { er.score = lua_tonumber(L, -1); } /* stack: * -1: value[2] * -2: value[1] * -3: values * -4: key * -5: result table (pcall) * -6: key copy (parent) * -7: value (parent) * -8: key (parent) */ lua_pop(L, 2); /* Values */ g_array_append_val(extra, er); } lua_pop(L, 1); /* Value for lua_next */ } lua_pop(L, 1); /* Table result of pcall */ } else { msg_info_protocol("call to log callback %s returned " "wrong type: %s", lua_tostring(L, -2), lua_typename(L, lua_type(L, -1))); lua_pop(L, 1); /* Returned error */ } } } else { lua_pop(L, 1); /* stack: * -1: key copy * -2: value * -3: key */ } } lua_pop(L, 2); /* Top table + key copy */ } lua_pop(L, 1); /* rspamd_plugins global */ } else { lua_pop(L, 1); } nextra = extra->len; LL_FOREACH(task->cfg->log_pipes, lp) { if (lp->fd != -1) { switch (lp->type) { case RSPAMD_LOG_PIPE_SYMBOLS: mres = task->result; if (mres) { n = kh_size(mres->symbols); sz = sizeof(*ls) + sizeof(struct rspamd_protocol_log_symbol_result) * (n + nextra); ls = g_malloc0(sz); /* Handle settings id */ if (task->settings_elt) { ls->settings_id = task->settings_elt->id; } else { ls->settings_id = 0; } ls->score = mres->score; ls->required_score = rspamd_task_get_required_score(task, mres); ls->nresults = n; ls->nextra = nextra; i = 0; kh_foreach_value(mres->symbols, sym, { id = rspamd_symcache_find_symbol(task->cfg->cache, sym->name); if (id >= 0) { ls->results[i].id = id; ls->results[i].score = sym->score; } else { ls->results[i].id = -1; ls->results[i].score = 0.0; } i++; }); memcpy(&ls->results[n], extra->data, nextra * sizeof(er)); } else { sz = sizeof(*ls); ls = g_malloc0(sz); ls->nresults = 0; } /* We don't really care about return value here */ if (write(lp->fd, ls, sz) == -1) { msg_info_protocol("cannot write to log pipe: %s", strerror(errno)); } g_free(ls); break; default: msg_err_protocol("unknown log format %d", lp->type); break; } } } g_array_free(extra, TRUE); } void rspamd_protocol_write_reply(struct rspamd_task *task, ev_tstamp timeout, struct rspamd_main *srv) { struct rspamd_http_message *msg; const char *ctype = "application/json"; rspamd_fstring_t *reply; ev_tstamp now = ev_time(); msg = rspamd_http_new_message(HTTP_RESPONSE); if (rspamd_http_connection_is_encrypted(task->http_conn)) { msg_info_protocol("<%s> writing encrypted reply", MESSAGE_FIELD_CHECK(task, message_id)); } const rspamd_ftok_t *accept_hdr; int out_type = UCL_EMIT_JSON_COMPACT; accept_hdr = rspamd_task_get_request_header(task, "Accept"); if (accept_hdr && rspamd_substring_search(accept_hdr->begin, accept_hdr->len, "application/msgpack", sizeof("application/msgpack") - 1) != -1) { ctype = "application/msgpack"; out_type = UCL_EMIT_MSGPACK; } /* Compatibility */ if (task->cmd == CMD_CHECK_RSPAMC) { msg->method = HTTP_SYMBOLS; } else if (task->cmd == CMD_CHECK_SPAMC) { msg->method = HTTP_SYMBOLS; msg->flags |= RSPAMD_HTTP_FLAG_SPAMC; } if (task->err != NULL) { msg_debug_protocol("writing error reply to client"); ucl_object_t *top = NULL; top = ucl_object_typed_new(UCL_OBJECT); msg->code = 500 + task->err->code % 100; msg->status = rspamd_fstring_new_init(task->err->message, strlen(task->err->message)); ucl_object_insert_key(top, ucl_object_fromstring(task->err->message), "error", 0, false); ucl_object_insert_key(top, ucl_object_fromstring(g_quark_to_string(task->err->domain)), "error_domain", 0, false); reply = rspamd_fstring_sized_new(256); rspamd_ucl_emit_fstring(top, out_type, &reply); ucl_object_unref(top); /* We also need to validate utf8 */ if (out_type != UCL_EMIT_MSGPACK && rspamd_fast_utf8_validate(reply->str, reply->len) != 0) { gsize valid_len; char *validated; /* We copy reply several times here, but it should be a rare case */ validated = rspamd_str_make_utf_valid(reply->str, reply->len, &valid_len, task->task_pool); rspamd_http_message_set_body(msg, validated, valid_len); rspamd_fstring_free(reply); } else { rspamd_http_message_set_body_from_fstring_steal(msg, reply); } } else { rspamd_fstring_t *output; struct rspamd_stat stat_copy; msg->status = rspamd_fstring_new_init("OK", 2); switch (task->cmd) { case CMD_CHECK: case CMD_CHECK_RSPAMC: case CMD_CHECK_SPAMC: case CMD_SKIP: case CMD_CHECK_V2: rspamd_protocol_http_reply(msg, task, NULL, out_type); rspamd_protocol_write_log_pipe(task); break; case CMD_PING: msg_debug_protocol("writing pong to client"); rspamd_http_message_set_body(msg, "pong" CRLF, 6); ctype = "text/plain"; break; case CMD_METRICS: msg_debug_protocol("writing metrics to client"); memcpy(&stat_copy, srv->stat, sizeof(stat_copy)); output = rspamd_metrics_to_prometheus_string( rspamd_worker_metrics_object(srv->cfg, &stat_copy, now - srv->start_time)); rspamd_http_message_set_body_from_fstring_steal(msg, output); ctype = "application/openmetrics-text; version=1.0.0; charset=utf-8"; break; default: msg_err_protocol("BROKEN"); break; } } ev_now_update(task->event_loop); msg->date = now; rspamd_http_connection_reset(task->http_conn); rspamd_http_connection_write_message(task->http_conn, msg, NULL, ctype, task, timeout); task->processed_stages |= RSPAMD_TASK_STAGE_REPLIED; }