static void
dkim_symbol_callback (struct rspamd_task *task, void *unused)
{
GList *hlist;
rspamd_dkim_context_t *ctx;
rspamd_dkim_key_t *key;
GError *err = NULL;
struct raw_header *rh;
struct dkim_check_result *res = NULL, *cur;
/* First check if a message has its signature */
hlist = rspamd_message_get_header (task,
DKIM_SIGNHEADER,
FALSE);
if (hlist != NULL) {
/* Check whitelist */
msg_debug ("dkim signature found");
if (radix_find_compressed_addr (dkim_module_ctx->whitelist_ip,
task->from_addr) == RADIX_NO_VALUE) {
/* Parse signature */
msg_debug ("create dkim signature");
while (hlist != NULL) {
rh = (struct raw_header *)hlist->data;
if (res == NULL) {
res = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res));
res->prev = res;
res->w = rspamd_session_get_watcher (task->s);
cur = res;
}
else {
cur = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res));
}
cur->first = res;
cur->res = -1;
cur->task = task;
cur->mult_allow = 1.0;
cur->mult_deny = 1.0;
ctx = rspamd_create_dkim_context (rh->decoded,
task->task_pool,
dkim_module_ctx->time_jitter,
&err);
if (ctx == NULL) {
if (err != NULL) {
msg_info ("<%s> cannot parse DKIM context: %s",
task->message_id, err->message);
g_error_free (err);
}
else {
msg_info ("<%s> cannot parse DKIM context: unknown error",
task->message_id);
}
hlist = g_list_next (hlist);
continue;
}
else {
/* Get key */
cur->ctx = ctx;
if (dkim_module_ctx->trusted_only &&
(dkim_module_ctx->dkim_domains == NULL ||
g_hash_table_lookup (dkim_module_ctx->dkim_domains,
ctx->domain) == NULL)) {
msg_debug ("skip dkim check for %s domain", ctx->domain);
hlist = g_list_next (hlist);
continue;
}
key = rspamd_lru_hash_lookup (dkim_module_ctx->dkim_hash,
ctx->dns_key,
task->tv.tv_sec);
if (key != NULL) {
debug_task ("found key for %s in cache", ctx->dns_key);
cur->key = key;
}
else {
debug_task ("request key for %s from DNS", ctx->dns_key);
rspamd_get_dkim_key (ctx,
task,
dkim_module_key_handler,
cur);
}
}
if (res != cur) {
DL_APPEND (res, cur);
}
hlist = g_list_next (hlist);
}
}
}
if (res != NULL) {
rspamd_session_watcher_push (task->s);
dkim_module_check (res);
}
}
static void
dkim_symbol_callback (struct rspamd_task *task, void *unused)
{
GList *hlist;
rspamd_dkim_context_t *ctx;
rspamd_dkim_key_t *key;
GError *err = NULL;
struct raw_header *rh;
struct dkim_check_result *res = NULL, *cur;
guint checked = 0;
/* First check if plugin should be enabled */
if (task->user != NULL || rspamd_inet_address_is_local (task->from_addr)) {
msg_info_task ("skip DKIM checks for local networks and authorized users");
return;
}
/* Check whitelist */
if (radix_find_compressed_addr (dkim_module_ctx->whitelist_ip,
task->from_addr) != RADIX_NO_VALUE) {
msg_info_task ("skip DKIM checks for whitelisted address");
return;
}
/* Now check if a message has its signature */
hlist = rspamd_message_get_header (task,
DKIM_SIGNHEADER,
FALSE);
if (hlist != NULL) {
msg_debug_task ("dkim signature found");
while (hlist != NULL) {
rh = (struct raw_header *)hlist->data;
if (rh->decoded == NULL || rh->decoded[0] == '\0') {
msg_info_task ("<%s> cannot load empty DKIM context",
task->message_id);
hlist = g_list_next (hlist);
continue;
}
if (res == NULL) {
res = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res));
res->prev = res;
res->w = rspamd_session_get_watcher (task->s);
cur = res;
}
else {
cur = rspamd_mempool_alloc0 (task->task_pool, sizeof (*res));
}
cur->first = res;
cur->res = -1;
cur->task = task;
cur->mult_allow = 1.0;
cur->mult_deny = 1.0;
ctx = rspamd_create_dkim_context (rh->decoded,
task->task_pool,
dkim_module_ctx->time_jitter,
&err);
if (ctx == NULL) {
if (err != NULL) {
msg_info_task ("<%s> cannot parse DKIM context: %e",
task->message_id, err);
g_error_free (err);
err = NULL;
}
else {
msg_info_task ("<%s> cannot parse DKIM context: "
"unknown error",
task->message_id);
}
hlist = g_list_next (hlist);
continue;
}
else {
/* Get key */
cur->ctx = ctx;
if (dkim_module_ctx->trusted_only &&
(dkim_module_ctx->dkim_domains == NULL ||
g_hash_table_lookup (dkim_module_ctx->dkim_domains,
rspamd_dkim_get_domain (ctx)) == NULL)) {
msg_debug_task ("skip dkim check for %s domain",
rspamd_dkim_get_domain (ctx));
hlist = g_list_next (hlist);
continue;
}
key = rspamd_lru_hash_lookup (dkim_module_ctx->dkim_hash,
rspamd_dkim_get_dns_key (ctx),
task->tv.tv_sec);
if (key != NULL) {
cur->key = rspamd_dkim_key_ref (key);
/* Release key when task is processed */
rspamd_mempool_add_destructor (task->task_pool,
dkim_module_key_dtor, cur->key);
}
else {
rspamd_get_dkim_key (ctx,
task,
dkim_module_key_handler,
cur);
}
}
if (res != cur) {
DL_APPEND (res, cur);
}
if (dkim_module_ctx->skip_multi) {
if (hlist->next) {
msg_info_task ("message has multiple signatures but we"
" check only one as 'skip_multi' is set");
}
break;
}
checked ++;
if (checked > dkim_module_ctx->max_sigs) {
msg_info_task ("message has multiple signatures but we"
" stopped after %d checked signatures as limit"
" is reached", checked);
break;
}
hlist = g_list_next (hlist);
}
}
else {
rspamd_task_insert_result (task,
dkim_module_ctx->symbol_na,
1.0,
NULL);
}
if (res != NULL) {
rspamd_session_watcher_push (task->s);
dkim_module_check (res);
}
}
/***
* @function rspamd_tcp.request({params})
* This function creates and sends TCP request to the specified host and port,
* resolves hostname (if needed) and invokes continuation callback upon data received
* from the remote peer. This function accepts table of arguments with the following
* attributes
*
* - `task`: rspamd task objects (implies `pool`, `session`, `ev_base` and `resolver` arguments)
* - `ev_base`: event base (if no task specified)
* - `resolver`: DNS resolver (no task)
* - `session`: events session (no task)
* - `pool`: memory pool (no task)
* - `host`: IP or name of the peer (required)
* - `port`: remote port to use (required)
* - `data`: a table of strings or `rspamd_text` objects that contains data pieces
* - `callback`: continuation function (required)
* - `timeout`: floating point value that specifies timeout for IO operations in seconds
* - `partial`: boolean flag that specifies that callback should be called on any data portion received
* - `stop_pattern`: stop reading on finding a certain pattern (e.g. \r\n.\r\n for smtp)
* @return {boolean} true if request has been sent
*/
static gint
lua_tcp_request (lua_State *L)
{
const gchar *host;
gchar *stop_pattern = NULL;
guint port;
gint cbref, tp;
struct event_base *ev_base;
struct lua_tcp_cbdata *cbd;
struct rspamd_dns_resolver *resolver;
struct rspamd_async_session *session;
struct rspamd_task *task = NULL;
rspamd_mempool_t *pool;
struct iovec *iov = NULL;
guint niov = 0, total_out;
gdouble timeout = default_tcp_timeout;
gboolean partial = FALSE, do_shutdown = FALSE;
if (lua_type (L, 1) == LUA_TTABLE) {
lua_pushstring (L, "host");
lua_gettable (L, -2);
host = luaL_checkstring (L, -1);
lua_pop (L, 1);
lua_pushstring (L, "port");
lua_gettable (L, -2);
port = luaL_checknumber (L, -1);
lua_pop (L, 1);
lua_pushstring (L, "callback");
lua_gettable (L, -2);
if (host == NULL || lua_type (L, -1) != LUA_TFUNCTION) {
lua_pop (L, 1);
msg_err ("tcp request has bad params");
lua_pushboolean (L, FALSE);
return 1;
}
cbref = luaL_ref (L, LUA_REGISTRYINDEX);
lua_pushstring (L, "task");
lua_gettable (L, -2);
if (lua_type (L, -1) == LUA_TUSERDATA) {
task = lua_check_task (L, -1);
ev_base = task->ev_base;
resolver = task->resolver;
session = task->s;
pool = task->task_pool;
}
lua_pop (L, 1);
if (task == NULL) {
lua_pushstring (L, "ev_base");
lua_gettable (L, -2);
if (luaL_checkudata (L, -1, "rspamd{ev_base}")) {
ev_base = *(struct event_base **)lua_touserdata (L, -1);
}
else {
ev_base = NULL;
}
lua_pop (L, 1);
lua_pushstring (L, "pool");
lua_gettable (L, -2);
if (luaL_checkudata (L, -1, "rspamd{mempool}")) {
pool = *(rspamd_mempool_t **)lua_touserdata (L, -1);
}
else {
pool = NULL;
}
lua_pop (L, 1);
lua_pushstring (L, "resolver");
lua_gettable (L, -2);
if (luaL_checkudata (L, -1, "rspamd{resolver}")) {
resolver = *(struct rspamd_dns_resolver **)lua_touserdata (L, -1);
}
else {
resolver = lua_tcp_global_resolver (ev_base);
}
lua_pop (L, 1);
lua_pushstring (L, "session");
lua_gettable (L, -2);
if (luaL_checkudata (L, -1, "rspamd{session}")) {
session = *(struct rspamd_async_session **)lua_touserdata (L, -1);
}
else {
session = NULL;
}
lua_pop (L, 1);
}
lua_pushstring (L, "timeout");
lua_gettable (L, -2);
if (lua_type (L, -1) == LUA_TNUMBER) {
timeout = lua_tonumber (L, -1) * 1000.;
}
lua_pop (L, 1);
lua_pushstring (L, "stop_pattern");
lua_gettable (L, -2);
if (lua_type (L, -1) == LUA_TSTRING) {
stop_pattern = rspamd_mempool_strdup (pool, lua_tostring (L, -1));
}
lua_pop (L, 1);
lua_pushstring (L, "partial");
lua_gettable (L, -2);
if (lua_type (L, -1) == LUA_TBOOLEAN) {
partial = lua_toboolean (L, -1);
}
lua_pop (L, 1);
lua_pushstring (L, "shutdown");
lua_gettable (L, -2);
if (lua_type (L, -1) == LUA_TBOOLEAN) {
do_shutdown = lua_toboolean (L, -1);
}
lua_pop (L, 1);
if (pool == NULL) {
lua_pop (L, 1);
msg_err ("tcp request has no memory pool associated");
lua_pushboolean (L, FALSE);
return 1;
}
lua_pushstring (L, "data");
lua_gettable (L, -2);
total_out = 0;
tp = lua_type (L, -1);
if (tp == LUA_TSTRING || tp == LUA_TUSERDATA) {
iov = rspamd_mempool_alloc (pool, sizeof (*iov));
niov = 1;
if (!lua_tcp_arg_toiovec (L, -1, pool, iov)) {
lua_pop (L, 1);
msg_err ("tcp request has bad data argument");
lua_pushboolean (L, FALSE);
return 1;
}
total_out = iov[0].iov_len;
}
else if (tp == LUA_TTABLE) {
/* Count parts */
lua_pushnil (L);
while (lua_next (L, -2) != 0) {
niov ++;
lua_pop (L, 1);
}
iov = rspamd_mempool_alloc (pool, sizeof (*iov) * niov);
lua_pushnil (L);
niov = 0;
while (lua_next (L, -2) != 0) {
if (!lua_tcp_arg_toiovec (L, -1, pool, &iov[niov])) {
lua_pop (L, 2);
msg_err ("tcp request has bad data argument at pos %d", niov);
lua_pushboolean (L, FALSE);
return 1;
}
total_out += iov[niov].iov_len;
niov ++;
lua_pop (L, 1);
}
}
lua_pop (L, 1);
}
else {
msg_err ("tcp request has bad params");
lua_pushboolean (L, FALSE);
return 1;
}
cbd = g_slice_alloc0 (sizeof (*cbd));
cbd->L = L;
cbd->cbref = cbref;
cbd->ev_base = ev_base;
msec_to_tv (timeout, &cbd->tv);
cbd->fd = -1;
cbd->pool = pool;
cbd->partial = partial;
cbd->do_shutdown = do_shutdown;
cbd->iov = iov;
cbd->iovlen = niov;
cbd->total = total_out;
cbd->pos = 0;
cbd->port = port;
cbd->stop_pattern = stop_pattern;
if (session) {
cbd->session = session;
rspamd_session_add_event (session,
(event_finalizer_t)lua_tcp_fin,
cbd,
g_quark_from_static_string ("lua tcp"));
cbd->w = rspamd_session_get_watcher (session);
rspamd_session_watcher_push (session);
}
if (rspamd_parse_inet_address (&cbd->addr, host, 0)) {
rspamd_inet_address_set_port (cbd->addr, port);
/* Host is numeric IP, no need to resolve */
if (!lua_tcp_make_connection (cbd)) {
lua_tcp_maybe_free (cbd);
lua_pushboolean (L, FALSE);
return 1;
}
}
else {
if (task == NULL) {
if (!make_dns_request (resolver, session, NULL, lua_tcp_dns_handler, cbd,
RDNS_REQUEST_A, host)) {
lua_tcp_push_error (cbd, "cannot resolve host: %s", host);
lua_tcp_maybe_free (cbd);
}
}
else {
if (!make_dns_request_task (task, lua_tcp_dns_handler, cbd,
RDNS_REQUEST_A, host)) {
lua_tcp_push_error (cbd, "cannot resolve host: %s", host);
lua_tcp_maybe_free (cbd);
}
}
}
lua_pushboolean (L, TRUE);
return 1;
}
