commit 2b1fbf5: [Project] Add symbols for explicit enabling

Vsevolod Stakhov vsevolod at highsecure.ru
Fri Jun 14 19:00:09 UTC 2019


Author: Vsevolod Stakhov
Date: 2019-06-14 15:49:10 +0100
URL: https://github.com/rspamd/rspamd/commit/2b1fbf58f382ebd0c2b73eaf6b0e69c4bca8a69b

[Project] Add symbols for explicit enabling

---
 src/libserver/rspamd_symcache.c | 20 +++++++++++++++-----
 src/libserver/rspamd_symcache.h | 12 +++++++++++-
 src/lua/lua_config.c            |  8 ++++++++
 3 files changed, 34 insertions(+), 6 deletions(-)

diff --git a/src/libserver/rspamd_symcache.c b/src/libserver/rspamd_symcache.c
index fd9db9126..ac0b8dded 100644
--- a/src/libserver/rspamd_symcache.c
+++ b/src/libserver/rspamd_symcache.c
@@ -1423,10 +1423,18 @@ rspamd_symcache_check_id_list (const struct rspamd_symcache_id_list *ls, guint32
 	return FALSE;
 }
 
-static gboolean
+gboolean
 rspamd_symcache_is_item_allowed (struct rspamd_task *task,
 								 struct rspamd_symcache_item *item)
 {
+	/* Static checks */
+	if (!item->enabled ||
+		(RSPAMD_TASK_IS_EMPTY (task) && !(item->type & SYMBOL_TYPE_EMPTY)) ||
+		(item->type & SYMBOL_TYPE_MIME_ONLY && !RSPAMD_TASK_IS_MIME(task))) {
+		return FALSE;
+	}
+
+	/* Settings checks */
 	if (task->settings_elt != 0) {
 		guint32 id = task->settings_elt->id;
 
@@ -1458,6 +1466,11 @@ rspamd_symcache_is_item_allowed (struct rspamd_task *task,
 					id);
 		}
 	}
+	else if (item->type & SYMBOL_TYPE_EXPLICIT_ENABLE) {
+		msg_debug_cache_task ("deny execution of %s as it must be explicitly enabled",
+				item->symbol);
+		return FALSE;
+	}
 
 	/* Allow all symbols with no settings id */
 	return TRUE;
@@ -1501,10 +1514,7 @@ rspamd_symcache_check_symbol (struct rspamd_task *task,
 	/* Check has been started */
 	SET_START_BIT (checkpoint, dyn_item);
 
-	if (!item->enabled || /* Static flag */
-		!rspamd_symcache_is_item_allowed (task, item) || /* Dynamic id */
-		(RSPAMD_TASK_IS_EMPTY (task) && !(item->type & SYMBOL_TYPE_EMPTY)) ||
-		(item->type & SYMBOL_TYPE_MIME_ONLY && !RSPAMD_TASK_IS_MIME(task))) {
+	if (!rspamd_symcache_is_item_allowed (task, item)) {
 		msg_debug_cache_task ("disable execution of symbol %s", item->symbol);
 		check = FALSE;
 	}
diff --git a/src/libserver/rspamd_symcache.h b/src/libserver/rspamd_symcache.h
index a440a542b..fcf3d1c77 100644
--- a/src/libserver/rspamd_symcache.h
+++ b/src/libserver/rspamd_symcache.h
@@ -51,7 +51,8 @@ enum rspamd_symbol_type {
 	SYMBOL_TYPE_MIME_ONLY = (1u << 15u), /* Symbol is mime only */
 	SYMBOL_TYPE_EXPLICIT_DISABLE = (1u << 16u), /* Symbol should be disabled explicitly only */
 	SYMBOL_TYPE_IGNORE_PASSTHROUGH = (1u << 17u), /* Symbol ignores passthrough result */
-	SYMBOL_TYPE_USE_CORO = (1u << 18u), /* Symbol uses lua coroutines */
+	SYMBOL_TYPE_EXPLICIT_ENABLE = (1u << 18u), /* Symbol should be enabled explicitly only */
+	SYMBOL_TYPE_USE_CORO = (1u << 19u), /* Symbol uses lua coroutines */
 };
 
 /**
@@ -480,4 +481,13 @@ const guint32* rspamd_symcache_get_forbidden_settings_ids (struct rspamd_symcach
 void rspamd_symcache_process_settings_elt (struct rspamd_symcache *cache,
 										   struct rspamd_config_settings_elt *elt);
 
+/**
+ * Check if a symbol is allowed for execution/insertion
+ * @param task
+ * @param item
+ * @return
+ */
+gboolean rspamd_symcache_is_item_allowed (struct rspamd_task *task,
+										  struct rspamd_symcache_item *item);
+
 #endif
diff --git a/src/lua/lua_config.c b/src/lua/lua_config.c
index e54ecce42..802fab1a6 100644
--- a/src/lua/lua_config.c
+++ b/src/lua/lua_config.c
@@ -1607,6 +1607,9 @@ lua_parse_symbol_flags (const gchar *str)
 		if (strstr (str, "explicit_disable") != NULL) {
 			ret |= SYMBOL_TYPE_EXPLICIT_DISABLE;
 		}
+		if (strstr (str, "explicit_enable") != NULL) {
+			ret |= SYMBOL_TYPE_EXPLICIT_ENABLE;
+		}
 		if (strstr (str, "coro") != NULL) {
 			ret |= SYMBOL_TYPE_USE_CORO;
 		}
@@ -1687,6 +1690,11 @@ lua_push_symbol_flags (lua_State *L, guint flags)
 		lua_rawseti (L, -2, i++);
 	}
 
+	if (flags & SYMBOL_TYPE_EXPLICIT_ENABLE) {
+		lua_pushstring (L, "explicit_enable");
+		lua_rawseti (L, -2, i++);
+	}
+
 	if (flags & SYMBOL_TYPE_IGNORE_PASSTHROUGH) {
 		lua_pushstring (L, "ignore_passthrough");
 		lua_rawseti (L, -2, i++);


More information about the Commits mailing list