gboolean
rspamd_init_filters (struct rspamd_config *cfg, bool reconfig)
{
GList *cur;
module_t *mod, **pmod;
struct module_ctx *mod_ctx;
/* Init all compiled modules */
if (!reconfig) {
for (pmod = cfg->compiled_modules; pmod != NULL && *pmod != NULL; pmod ++) {
mod = *pmod;
mod_ctx = g_slice_alloc0 (sizeof (struct module_ctx));
if (mod->module_init_func (cfg, &mod_ctx) == 0) {
g_hash_table_insert (cfg->c_modules,
(gpointer) mod->name,
mod_ctx);
mod_ctx->mod = mod;
}
}
}
cur = g_list_first (cfg->filters);
while (cur) {
/* Perform modules configuring */
mod_ctx = NULL;
mod_ctx = g_hash_table_lookup (cfg->c_modules, cur->data);
if (mod_ctx) {
mod = mod_ctx->mod;
mod_ctx->enabled = TRUE;
if (reconfig) {
(void)mod->module_reconfig_func (cfg);
msg_debug_config ("reconfig of %s", mod->name);
}
else {
(void)mod->module_config_func (cfg);
}
}
if (mod_ctx == NULL) {
msg_warn_config ("requested unknown module %s", cur->data);
}
cur = g_list_next (cur);
}
return rspamd_init_lua_filters (cfg);
}
gint
lua_config_radix_from_config (lua_State *L)
{
struct rspamd_config *cfg = lua_check_config (L, 1);
const gchar *mname, *optname;
const ucl_object_t *obj;
struct rspamd_lua_map *map, **pmap;
if (!cfg) {
return luaL_error (L, "invalid arguments");
}
mname = luaL_checkstring (L, 2);
optname = luaL_checkstring (L, 3);
if (mname && optname) {
obj = rspamd_config_get_module_opt (cfg, mname, optname);
if (obj) {
map = rspamd_mempool_alloc0 (cfg->cfg_pool, sizeof (*map));
map->data.radix = radix_create_compressed ();
map->type = RSPAMD_LUA_MAP_RADIX;
map->data.radix = radix_create_compressed ();
map->flags |= RSPAMD_LUA_MAP_FLAG_EMBEDDED;
radix_add_generic_iplist (ucl_obj_tostring (obj), &map->data.radix,
TRUE);
pmap = lua_newuserdata (L, sizeof (void *));
*pmap = map;
rspamd_lua_setclass (L, "rspamd{map}", -1);
} else {
msg_warn_config ("Couldnt find config option [%s][%s]", mname,
optname);
lua_pushnil (L);
}
}
else {
return luaL_error (L, "invalid arguments");
}
return 1;
}
gint
chartable_module_config (struct rspamd_config *cfg)
{
const ucl_object_t *value;
gint res = TRUE;
if (!rspamd_config_is_module_enabled (cfg, "chartable")) {
return TRUE;
}
if ((value =
rspamd_config_get_module_opt (cfg, "chartable", "symbol")) != NULL) {
chartable_module_ctx->symbol = ucl_obj_tostring (value);
}
else {
chartable_module_ctx->symbol = DEFAULT_SYMBOL;
}
if ((value =
rspamd_config_get_module_opt (cfg, "chartable", "threshold")) != NULL) {
if (!ucl_obj_todouble_safe (value, &chartable_module_ctx->threshold)) {
msg_warn_config ("invalid numeric value");
chartable_module_ctx->threshold = DEFAULT_THRESHOLD;
}
}
else {
chartable_module_ctx->threshold = DEFAULT_THRESHOLD;
}
rspamd_symbols_cache_add_symbol (cfg->cache,
chartable_module_ctx->symbol,
0,
chartable_symbol_callback,
NULL,
SYMBOL_TYPE_NORMAL,
-1);
msg_info_config ("init internal chartable module");
return res;
}
gint
lua_config_add_hash_map (lua_State *L)
{
struct rspamd_config *cfg = lua_check_config (L, 1);
const gchar *map_line, *description;
struct rspamd_lua_map *map, **pmap;
struct rspamd_map *m;
if (cfg) {
map_line = luaL_checkstring (L, 2);
description = lua_tostring (L, 3);
map = rspamd_mempool_alloc0 (cfg->cfg_pool, sizeof (*map));
map->data.hash = g_hash_table_new (rspamd_strcase_hash,
rspamd_strcase_equal);
map->type = RSPAMD_LUA_MAP_SET;
if ((m = rspamd_map_add (cfg, map_line, description,
rspamd_hosts_read,
rspamd_hosts_fin,
(void **)&map->data.hash)) == NULL) {
msg_warn_config ("invalid set map %s", map_line);
g_hash_table_destroy (map->data.hash);
lua_pushnil (L);
return 1;
}
map->map = m;
pmap = lua_newuserdata (L, sizeof (void *));
*pmap = map;
rspamd_lua_setclass (L, "rspamd{map}", -1);
}
else {
return luaL_error (L, "invalid arguments");
}
return 1;
}
gint
lua_config_add_radix_map (lua_State *L)
{
struct rspamd_config *cfg = lua_check_config (L, 1);
const gchar *map_line, *description;
struct rspamd_lua_map *map, **pmap;
struct rspamd_map *m;
if (cfg) {
map_line = luaL_checkstring (L, 2);
description = lua_tostring (L, 3);
map = rspamd_mempool_alloc0 (cfg->cfg_pool, sizeof (*map));
map->data.radix = radix_create_compressed ();
map->type = RSPAMD_LUA_MAP_RADIX;
if ((m = rspamd_map_add (cfg, map_line, description,
rspamd_radix_read,
rspamd_radix_fin,
(void **)&map->data.radix)) == NULL) {
msg_warn_config ("invalid radix map %s", map_line);
radix_destroy_compressed (map->data.radix);
lua_pushnil (L);
return 1;
}
map->map = m;
pmap = lua_newuserdata (L, sizeof (void *));
*pmap = map;
rspamd_lua_setclass (L, "rspamd{map}", -1);
}
else {
return luaL_error (L, "invalid arguments");
}
return 1;
}
gint
dkim_module_config (struct rspamd_config *cfg)
{
const ucl_object_t *value;
gint res = TRUE, cb_id = -1, check_id = -1;
guint cache_size;
gboolean got_trusted = FALSE;
if (!rspamd_config_is_module_enabled (cfg, "dkim")) {
return TRUE;
}
dkim_module_ctx->whitelist_ip = radix_create_compressed ();
if ((value =
rspamd_config_get_module_opt (cfg, "dkim", "symbol_reject")) != NULL) {
dkim_module_ctx->symbol_reject = ucl_obj_tostring (value);
}
else {
dkim_module_ctx->symbol_reject = DEFAULT_SYMBOL_REJECT;
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim",
"symbol_tempfail")) != NULL) {
dkim_module_ctx->symbol_tempfail = ucl_obj_tostring (value);
}
else {
dkim_module_ctx->symbol_tempfail = DEFAULT_SYMBOL_TEMPFAIL;
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim", "symbol_allow")) != NULL) {
dkim_module_ctx->symbol_allow = ucl_obj_tostring (value);
}
else {
dkim_module_ctx->symbol_allow = DEFAULT_SYMBOL_ALLOW;
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim", "symbol_na")) != NULL) {
dkim_module_ctx->symbol_na = ucl_obj_tostring (value);
}
else {
dkim_module_ctx->symbol_na = DEFAULT_SYMBOL_NA;
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim",
"dkim_cache_size")) != NULL) {
cache_size = ucl_obj_toint (value);
}
else {
cache_size = DEFAULT_CACHE_SIZE;
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim", "time_jitter")) != NULL) {
dkim_module_ctx->time_jitter = ucl_obj_todouble (value);
}
else {
dkim_module_ctx->time_jitter = DEFAULT_TIME_JITTER;
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim", "max_sigs")) != NULL) {
dkim_module_ctx->max_sigs = ucl_object_toint (value);
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim", "whitelist")) != NULL) {
rspamd_config_radix_from_ucl (cfg, value, "DKIM whitelist",
&dkim_module_ctx->whitelist_ip, NULL);
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim", "domains")) != NULL) {
if (!rspamd_map_add_from_ucl (cfg, value,
"DKIM domains", rspamd_kv_list_read, rspamd_kv_list_fin,
(void **)&dkim_module_ctx->dkim_domains)) {
msg_warn_config ("cannot load dkim domains list from %s",
ucl_obj_tostring (value));
}
else {
got_trusted = TRUE;
}
}
if (!got_trusted && (value =
rspamd_config_get_module_opt (cfg, "dkim", "trusted_domains")) != NULL) {
if (!rspamd_map_add_from_ucl (cfg, value,
"DKIM domains", rspamd_kv_list_read, rspamd_kv_list_fin,
(void **)&dkim_module_ctx->dkim_domains)) {
msg_warn_config ("cannot load dkim domains list from %s",
ucl_obj_tostring (value));
}
else {
got_trusted = TRUE;
}
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim",
"strict_multiplier")) != NULL) {
dkim_module_ctx->strict_multiplier = ucl_obj_toint (value);
}
else {
dkim_module_ctx->strict_multiplier = 1;
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim", "trusted_only")) != NULL) {
dkim_module_ctx->trusted_only = ucl_obj_toboolean (value);
}
else {
dkim_module_ctx->trusted_only = FALSE;
}
if ((value =
rspamd_config_get_module_opt (cfg, "dkim", "skip_multi")) != NULL) {
dkim_module_ctx->skip_multi = ucl_obj_toboolean (value);
}
else {
dkim_module_ctx->skip_multi = FALSE;
}
if (dkim_module_ctx->trusted_only && !got_trusted) {
msg_err_config (
"trusted_only option is set and no trusted domains are defined; disabling dkim module completely as it is useless in this case");
}
else {
cb_id = rspamd_symbols_cache_add_symbol (cfg->cache,
dkim_module_ctx->symbol_reject,
0,
dkim_symbol_callback,
NULL,
SYMBOL_TYPE_NORMAL|SYMBOL_TYPE_FINE,
-1);
rspamd_symbols_cache_add_symbol (cfg->cache,
dkim_module_ctx->symbol_na,
0,
NULL, NULL,
SYMBOL_TYPE_VIRTUAL|SYMBOL_TYPE_FINE,
cb_id);
rspamd_symbols_cache_add_symbol (cfg->cache,
dkim_module_ctx->symbol_tempfail,
0,
NULL, NULL,
SYMBOL_TYPE_VIRTUAL|SYMBOL_TYPE_FINE,
cb_id);
rspamd_symbols_cache_add_symbol (cfg->cache,
dkim_module_ctx->symbol_allow,
0,
NULL, NULL,
SYMBOL_TYPE_VIRTUAL|SYMBOL_TYPE_FINE,
cb_id);
dkim_module_ctx->dkim_hash = rspamd_lru_hash_new (
cache_size,
g_free, /* Keys are just C-strings */
dkim_module_key_dtor);
msg_info_config ("init internal dkim module");
#ifndef HAVE_OPENSSL
msg_warn_config (
"openssl is not found so dkim rsa check is disabled, only check body hash, it is NOT safe to trust these results");
#endif
}
if ((value = rspamd_config_get_module_opt (cfg, "dkim", "sign_condition"))
!= NULL) {
const gchar *lua_script;
lua_script = ucl_object_tostring (value);
if (lua_script) {
if (luaL_dostring (cfg->lua_state, lua_script) != 0) {
msg_err_config ("cannot execute lua script for fuzzy "
"learn condition: %s", lua_tostring (cfg->lua_state, -1));
}
else {
if (lua_type (cfg->lua_state, -1) == LUA_TFUNCTION) {
dkim_module_ctx->sign_condition_ref = luaL_ref (cfg->lua_state,
LUA_REGISTRYINDEX);
dkim_module_ctx->dkim_sign_hash = rspamd_lru_hash_new (
128,
g_free, /* Keys are just C-strings */
(GDestroyNotify)rspamd_dkim_sign_key_unref);
check_id = rspamd_symbols_cache_add_symbol (cfg->cache,
"DKIM_SIGN",
0,
dkim_sign_callback,
NULL,
SYMBOL_TYPE_CALLBACK|SYMBOL_TYPE_FINE,
-1);
msg_info_config ("init condition script for DKIM signing");
/*
* Allow dkim signing to be executed only after dkim check
*/
if (cb_id > 0) {
rspamd_symbols_cache_add_delayed_dependency (cfg->cache,
"DKIM_SIGN", dkim_module_ctx->symbol_reject);
}
rspamd_config_add_metric_symbol (cfg, DEFAULT_METRIC,
"DKIM_SIGN", 0.0, "DKIM signature fake symbol",
"dkim", RSPAMD_SYMBOL_FLAG_IGNORE, 1);
}
else {
msg_err_config ("lua script must return "
"function(task) and not %s",
lua_typename (cfg->lua_state,
lua_type (cfg->lua_state, -1)));
}
}
}
}
return res;
}
/*
* Perform post load actions
*/
void
rspamd_config_post_load (struct rspamd_config *cfg)
{
#ifdef HAVE_CLOCK_GETTIME
struct timespec ts;
#endif
struct metric *def_metric;
#ifdef HAVE_CLOCK_GETTIME
#ifdef HAVE_CLOCK_PROCESS_CPUTIME_ID
clock_getres (CLOCK_PROCESS_CPUTIME_ID, &ts);
# elif defined(HAVE_CLOCK_VIRTUAL)
clock_getres (CLOCK_VIRTUAL, &ts);
# else
clock_getres (CLOCK_REALTIME, &ts);
# endif
cfg->clock_res = log10 (1000000. / ts.tv_nsec);
if (cfg->clock_res < 0) {
cfg->clock_res = 0;
}
if (cfg->clock_res > 3) {
cfg->clock_res = 3;
}
#else
/* For gettimeofday */
cfg->clock_res = 1;
#endif
rspamd_regexp_library_init ();
if ((def_metric =
g_hash_table_lookup (cfg->metrics, DEFAULT_METRIC)) == NULL) {
def_metric = rspamd_config_new_metric (cfg, NULL, DEFAULT_METRIC);
def_metric->actions[METRIC_ACTION_REJECT].score = DEFAULT_SCORE;
}
if (cfg->tld_file == NULL) {
/* Try to guess tld file */
GString *fpath = g_string_new (NULL);
rspamd_printf_gstring (fpath, "%s%c%s", RSPAMD_PLUGINSDIR,
G_DIR_SEPARATOR, "effective_tld_names.dat");
if (access (fpath->str, R_OK)) {
msg_warn_config ("url_tld option is not specified but %s is available,"
" therefore this file is assumed as TLD file for URL"
" extraction", fpath->str);
cfg->tld_file = rspamd_mempool_strdup (cfg->cfg_pool, fpath->str);
}
else {
msg_err_config ("no url_tld option has been specified, URL's detection "
"will be awfully broken");
}
g_string_free (fpath, TRUE);
}
/* Lua options */
(void)rspamd_lua_post_load_config (cfg);
init_dynamic_config (cfg);
rspamd_url_init (cfg->tld_file);
/* Insert classifiers symbols */
(void)rspamd_config_insert_classify_symbols (cfg);
}
/* Process a single item in 'metrics' table */
static void
lua_process_metric (lua_State *L, const gchar *name, struct rspamd_config *cfg)
{
GList *metric_list;
gchar *symbol;
const gchar *desc;
struct metric *metric;
gdouble *score;
struct rspamd_symbol_def *s;
/* Get module opt structure */
if ((metric = g_hash_table_lookup (cfg->metrics, name)) == NULL) {
metric = rspamd_config_new_metric (cfg, metric, name);
}
/* Now iterate throught module table */
for (lua_pushnil (L); lua_next (L, -2); lua_pop (L, 1)) {
/* key - -2, value - -1 */
symbol =
rspamd_mempool_strdup (cfg->cfg_pool, luaL_checkstring (L, -2));
if (symbol != NULL) {
if (lua_istable (L, -1)) {
/* We got a table, so extract individual attributes */
lua_pushstring (L, "weight");
lua_gettable (L, -2);
if (lua_isnumber (L, -1)) {
score =
rspamd_mempool_alloc (cfg->cfg_pool, sizeof (double));
*score = lua_tonumber (L, -1);
}
else {
msg_warn_config("cannot get weight of symbol: %s", symbol);
continue;
}
lua_pop (L, 1);
lua_pushstring (L, "description");
lua_gettable (L, -2);
if (lua_isstring (L, -1)) {
desc = lua_tostring (L, -1);
s->description = rspamd_mempool_strdup (cfg->cfg_pool, desc);
}
lua_pop (L, 1);
}
else if (lua_isnumber (L, -1)) {
/* Just got weight */
score = rspamd_mempool_alloc (cfg->cfg_pool, sizeof (double));
*score = lua_tonumber (L, -1);
}
else {
msg_warn_config("cannot get weight of symbol: %s", symbol);
continue;
}
/* Insert symbol */
if ((s =
g_hash_table_lookup (metric->symbols, symbol)) != NULL) {
msg_info_config("replacing weight for symbol %s: %.2f -> %.2f",
symbol,
*s->weight_ptr,
*score);
s->weight_ptr = score;
}
else {
s = rspamd_mempool_alloc (cfg->cfg_pool, sizeof (*s));
s->name = symbol;
s->weight_ptr = score;
g_hash_table_insert (metric->symbols, symbol, s);
}
if ((metric_list =
g_hash_table_lookup (cfg->metrics_symbols, symbol)) == NULL) {
metric_list = g_list_prepend (NULL, metric);
rspamd_mempool_add_destructor (cfg->cfg_pool,
(rspamd_mempool_destruct_t)g_list_free, metric_list);
g_hash_table_insert (cfg->metrics_symbols, symbol, metric_list);
}
else {
/* Slow but keep start element of list in safe */
if (!g_list_find (metric_list, metric)) {
metric_list = g_list_append (metric_list, metric);
}
}
}
}
}
gint
regexp_module_config (struct rspamd_config *cfg)
{
struct regexp_module_item *cur_item;
const ucl_object_t *sec, *value, *elt;
ucl_object_iter_t it = NULL;
gint res = TRUE, id;
if (!rspamd_config_is_module_enabled (cfg, "regexp")) {
return TRUE;
}
sec = ucl_object_find_key (cfg->rcl_obj, "regexp");
if (sec == NULL) {
msg_err_config ("regexp module enabled, but no rules are defined");
return TRUE;
}
regexp_module_ctx->max_size = 0;
while ((value = ucl_iterate_object (sec, &it, true)) != NULL) {
if (g_ascii_strncasecmp (ucl_object_key (value), "max_size",
sizeof ("max_size") - 1) == 0) {
regexp_module_ctx->max_size = ucl_obj_toint (value);
rspamd_mime_expression_set_re_limit (regexp_module_ctx->max_size);
}
else if (g_ascii_strncasecmp (ucl_object_key (value), "max_threads",
sizeof ("max_threads") - 1) == 0) {
msg_warn_config ("regexp module is now single threaded, max_threads is ignored");
}
else if (value->type == UCL_STRING) {
cur_item = rspamd_mempool_alloc0 (regexp_module_ctx->regexp_pool,
sizeof (struct regexp_module_item));
cur_item->symbol = ucl_object_key (value);
if (!read_regexp_expression (regexp_module_ctx->regexp_pool,
cur_item, ucl_object_key (value),
ucl_obj_tostring (value), cfg)) {
res = FALSE;
}
else {
rspamd_symbols_cache_add_symbol (cfg->cache,
cur_item->symbol,
0,
process_regexp_item,
cur_item,
SYMBOL_TYPE_NORMAL, -1);
}
}
else if (value->type == UCL_USERDATA) {
/* Just a lua function */
cur_item = rspamd_mempool_alloc0 (regexp_module_ctx->regexp_pool,
sizeof (struct regexp_module_item));
cur_item->symbol = ucl_object_key (value);
cur_item->lua_function = ucl_object_toclosure (value);
rspamd_symbols_cache_add_symbol (cfg->cache,
cur_item->symbol,
0,
process_regexp_item,
cur_item,
SYMBOL_TYPE_NORMAL, -1);
}
else if (value->type == UCL_OBJECT) {
const gchar *description = NULL, *group = NULL,
*metric = DEFAULT_METRIC;
gdouble score = 0.0;
gboolean one_shot = FALSE, is_lua = FALSE, valid_expression = TRUE;
/* We have some lua table, extract its arguments */
elt = ucl_object_find_key (value, "callback");
if (elt == NULL || elt->type != UCL_USERDATA) {
/* Try plain regexp expression */
elt = ucl_object_find_any_key (value, "regexp", "re", NULL);
if (elt != NULL && ucl_object_type (elt) == UCL_STRING) {
cur_item = rspamd_mempool_alloc0 (regexp_module_ctx->regexp_pool,
sizeof (struct regexp_module_item));
cur_item->symbol = ucl_object_key (value);
if (!read_regexp_expression (regexp_module_ctx->regexp_pool,
cur_item, ucl_object_key (value),
ucl_obj_tostring (elt), cfg)) {
res = FALSE;
}
else {
valid_expression = TRUE;
}
}
else {
msg_err_config (
"no callback/expression defined for regexp symbol: "
"%s", ucl_object_key (value));
}
}
else {
is_lua = TRUE;
cur_item = rspamd_mempool_alloc0 (
regexp_module_ctx->regexp_pool,
sizeof (struct regexp_module_item));
cur_item->symbol = ucl_object_key (value);
cur_item->lua_function = ucl_object_toclosure (value);
}
if (cur_item && (is_lua || valid_expression)) {
id = rspamd_symbols_cache_add_symbol (cfg->cache,
cur_item->symbol,
0,
process_regexp_item,
cur_item,
SYMBOL_TYPE_NORMAL, -1);
elt = ucl_object_find_key (value, "condition");
if (elt != NULL && ucl_object_type (elt) == UCL_USERDATA) {
struct ucl_lua_funcdata *conddata;
conddata = ucl_object_toclosure (elt);
rspamd_symbols_cache_add_condition (cfg->cache, id,
conddata->L, conddata->idx);
}
elt = ucl_object_find_key (value, "metric");
if (elt) {
metric = ucl_object_tostring (elt);
}
elt = ucl_object_find_key (value, "description");
if (elt) {
description = ucl_object_tostring (elt);
}
elt = ucl_object_find_key (value, "group");
if (elt) {
group = ucl_object_tostring (elt);
}
elt = ucl_object_find_key (value, "score");
if (elt) {
score = ucl_object_todouble (elt);
}
elt = ucl_object_find_key (value, "one_shot");
if (elt) {
one_shot = ucl_object_toboolean (elt);
}
rspamd_config_add_metric_symbol (cfg, metric, cur_item->symbol,
score, description, group, one_shot, FALSE);
}
}
else {
msg_warn_config ("unknown type of attribute %s for regexp module",
ucl_object_key (value));
}
}
return res;
}
