static gboolean rspamd_map_check_file_sig (const char *fname, struct rspamd_map *map, struct rspamd_map_backend *bk, const guchar *input, gsize inlen) { gchar fpath[PATH_MAX]; guchar *data; struct rspamd_cryptobox_pubkey *pk = NULL; GString *b32_key; gboolean ret; gsize len = 0; if (bk->trusted_pubkey == NULL) { /* Try to load and check pubkey */ rspamd_snprintf (fpath, sizeof (fpath), "%s.pub", fname); data = rspamd_file_xmap (fpath, PROT_READ, &len); if (data == NULL) { msg_err_map ("can't open pubkey %s: %s", fpath, strerror (errno)); return FALSE; } pk = rspamd_pubkey_from_base32 (data, len, RSPAMD_KEYPAIR_SIGN, RSPAMD_CRYPTOBOX_MODE_25519); munmap (data, len); if (pk == NULL) { msg_err_map ("can't load pubkey %s", fpath); return FALSE; } /* We just check pk against the trusted db of keys */ b32_key = rspamd_pubkey_print (pk, RSPAMD_KEYPAIR_BASE32|RSPAMD_KEYPAIR_PUBKEY); g_assert (b32_key != NULL); if (g_hash_table_lookup (map->cfg->trusted_keys, b32_key->str) == NULL) { msg_err_map ("pubkey loaded from %s is untrusted: %v", fpath, b32_key); g_string_free (b32_key, TRUE); rspamd_pubkey_unref (pk); return FALSE; } g_string_free (b32_key, TRUE); } else { pk = rspamd_pubkey_ref (bk->trusted_pubkey); } ret = rspamd_map_check_sig_pk (fname, map, input, inlen, pk); rspamd_pubkey_unref (pk); return ret; }
static gint lua_cryptobox_pubkey_gc (lua_State *L) { struct rspamd_cryptobox_pubkey *pkey = lua_check_cryptobox_pubkey (L, 1); if (pkey != NULL) { rspamd_pubkey_unref (pkey); } return 0; }
/** * Callback for destroying HTTP callback data */ static void free_http_cbdata_common (struct http_callback_data *cbd, gboolean plan_new) { char fpath[PATH_MAX]; struct stat st; struct map_periodic_cbdata *periodic = cbd->periodic; if (cbd->out_fd != -1) { close (cbd->out_fd); } rspamd_snprintf (fpath, sizeof (fpath), "%s", cbd->tmpfile); if (stat (fpath, &st) != -1 && S_ISREG (st.st_mode)) { (void)unlink (fpath); } rspamd_snprintf (fpath, sizeof (fpath), "%s.pub", cbd->tmpfile); if (stat (fpath, &st) != -1 && S_ISREG (st.st_mode)) { (void)unlink (fpath); } rspamd_snprintf (fpath, sizeof (fpath), "%s.sig", cbd->tmpfile); if (stat (fpath, &st) != -1 && S_ISREG (st.st_mode)) { (void)unlink (fpath); } if (cbd->pk) { rspamd_pubkey_unref (cbd->pk); } if (cbd->conn) { rspamd_http_connection_unref (cbd->conn); cbd->conn = NULL; } if (cbd->fd != -1) { close (cbd->fd); } if (cbd->addr) { rspamd_inet_address_destroy (cbd->addr); } MAP_RELEASE (cbd->bk); MAP_RELEASE (periodic); g_slice_free1 (sizeof (struct http_callback_data), cbd); }
/** * Callback for destroying HTTP callback data */ static void free_http_cbdata_common (struct http_callback_data *cbd) { char fpath[PATH_MAX]; struct stat st; if (cbd->out_fd != -1) { close (cbd->out_fd); } rspamd_snprintf (fpath, sizeof (fpath), "%s", cbd->tmpfile); if (stat (fpath, &st) != -1 && S_ISREG (st.st_mode)) { (void)unlink (fpath); } rspamd_snprintf (fpath, sizeof (fpath), "%s.pub", cbd->tmpfile); if (stat (fpath, &st) != -1 && S_ISREG (st.st_mode)) { (void)unlink (fpath); } rspamd_snprintf (fpath, sizeof (fpath), "%s.sig", cbd->tmpfile); if (stat (fpath, &st) != -1 && S_ISREG (st.st_mode)) { (void)unlink (fpath); } if (cbd->pk) { rspamd_pubkey_unref (cbd->pk); } if (cbd->conn) { rspamd_http_connection_unref (cbd->conn); cbd->conn = NULL; } if (cbd->fd != -1) { close (cbd->fd); } if (cbd->addr) { rspamd_inet_address_destroy (cbd->addr); } g_atomic_int_set (cbd->map->locked, 0); g_slice_free1 (sizeof (struct http_callback_data), cbd); }
void rspamd_client_destroy (struct rspamd_client_connection *conn) { if (conn != NULL) { rspamd_http_connection_unref (conn->http_conn); if (conn->req != NULL) { rspamd_client_request_free (conn->req); } close (conn->fd); if (conn->key) { rspamd_pubkey_unref (conn->key); } if (conn->keypair) { rspamd_keypair_unref (conn->keypair); } g_string_free (conn->server_name, TRUE); g_slice_free1 (sizeof (struct rspamd_client_connection), conn); } }
/** * Callback for destroying HTTP callback data */ static void free_http_cbdata_common (struct http_callback_data *cbd, gboolean plan_new) { struct map_periodic_cbdata *periodic = cbd->periodic; if (cbd->shmem_sig) { rspamd_http_message_shmem_unref (cbd->shmem_sig); } if (cbd->shmem_pubkey) { rspamd_http_message_shmem_unref (cbd->shmem_pubkey); } if (cbd->shmem_data) { rspamd_http_message_shmem_unref (cbd->shmem_data); } if (cbd->pk) { rspamd_pubkey_unref (cbd->pk); } if (cbd->conn) { rspamd_http_connection_unref (cbd->conn); cbd->conn = NULL; } if (cbd->fd != -1) { close (cbd->fd); } if (cbd->addr) { rspamd_inet_address_destroy (cbd->addr); } MAP_RELEASE (cbd->bk, "rspamd_map_backend"); MAP_RELEASE (periodic, "periodic"); g_slice_free1 (sizeof (struct http_callback_data), cbd); }
/* * Setup logger */ void rspamd_set_logger (struct rspamd_config *cfg, GQuark ptype, struct rspamd_main *rspamd) { rspamd_logger_t *logger; if (rspamd->logger == NULL) { rspamd->logger = g_slice_alloc0 (sizeof (rspamd_logger_t)); } logger = rspamd->logger; logger->type = cfg->log_type; logger->pid = getpid (); logger->process_type = ptype; switch (cfg->log_type) { case RSPAMD_LOG_CONSOLE: logger->log_func = file_log_function; logger->fd = STDERR_FILENO; break; case RSPAMD_LOG_SYSLOG: logger->log_func = syslog_log_function; break; case RSPAMD_LOG_FILE: logger->log_func = file_log_function; break; } logger->cfg = cfg; /* Set up buffer */ if (cfg->log_buffered) { if (cfg->log_buf_size != 0) { logger->io_buf.size = cfg->log_buf_size; } else { logger->io_buf.size = BUFSIZ; } logger->is_buffered = TRUE; logger->io_buf.buf = g_malloc (logger->io_buf.size); } /* Set up conditional logging */ if (cfg->debug_ip_map != NULL) { /* Try to add it as map first of all */ if (logger->debug_ip) { radix_destroy_compressed (logger->debug_ip); } logger->debug_ip = NULL; rspamd_config_radix_from_ucl (cfg, cfg->debug_ip_map, "IP addresses for which debug logs are enabled", &logger->debug_ip, NULL); } else if (logger->debug_ip) { radix_destroy_compressed (logger->debug_ip); logger->debug_ip = NULL; } if (logger->pk) { rspamd_pubkey_unref (logger->pk); } logger->pk = NULL; if (logger->keypair) { rspamd_keypair_unref (logger->keypair); } logger->keypair = NULL; if (cfg->log_encryption_key) { logger->pk = rspamd_pubkey_ref (cfg->log_encryption_key); logger->keypair = rspamd_keypair_new (RSPAMD_KEYPAIR_KEX, RSPAMD_CRYPTOBOX_MODE_25519); rspamd_pubkey_calculate_nm (logger->pk, logger->keypair); } default_logger = logger; }