commit 6b4f1cb: [Minor] lua_scanners - icap - add SSL support
Carsten Rosenberg
c.rosenberg at heinlein-support.de
Thu Nov 4 20:28:05 UTC 2021
Author: Carsten Rosenberg
Date: 2021-11-01 18:23:55 +0100
URL: https://github.com/rspamd/rspamd/commit/6b4f1cb5f7ba6380744915981492b89a12f350e4
[Minor] lua_scanners - icap - add SSL support
---
lualib/lua_scanners/icap.lua | 46 +++++++++++++++++++++++++-------------------
1 file changed, 26 insertions(+), 20 deletions(-)
diff --git a/lualib/lua_scanners/icap.lua b/lualib/lua_scanners/icap.lua
index eb1b3d611..93570c82f 100644
--- a/lualib/lua_scanners/icap.lua
+++ b/lualib/lua_scanners/icap.lua
@@ -87,6 +87,8 @@ local function icap_config(opts)
scan_image_mime = false,
scheme = "scan",
default_port = 1344,
+ ssl = false,
+ no_ssl_verify = false,
timeout = 10.0,
log_clean = false,
retransmits = 2,
@@ -150,6 +152,7 @@ local function icap_check(task, content, digest, rule, maybe_part)
local retransmits = rule.retransmits
local http_headers = {}
local req_headers = {}
+ local tcp_options = {}
-- Build extended User Agent
if rule.user_agent == "extended" then
@@ -202,16 +205,11 @@ local function icap_check(task, content, digest, rule, maybe_part)
lua_util.debugm(rule.name, task, '%s: retry IP: %s:%s',
rule.log_prefix, addr, addr:get_port())
- tcp.request({
- task = task,
- host = addr:to_string(),
- port = addr:get_port(),
- timeout = rule.timeout,
- stop_pattern = '\r\n',
- data = options_request,
- read = false,
- callback = icap_callback,
- })
+ tcp_options.host = addr:to_string()
+ tcp_options.port = addr:get_port()
+
+ tcp.request(tcp_options)
+
else
rspamd_logger.errx(task, '%s: failed to scan, maximum retransmits '..
'exceed - error: %s', rule.log_prefix, err_m or '')
@@ -541,16 +539,24 @@ local function icap_check(task, content, digest, rule, maybe_part)
end
end
- tcp.request({
- task = task,
- host = addr:to_string(),
- port = addr:get_port(),
- timeout = rule.timeout,
- stop_pattern = '\r\n',
- data = options_request,
- read = false,
- callback = icap_callback,
- })
+ tcp_options.task = task
+ tcp_options.stop_pattern = '\r\n'
+ tcp_options.read = false
+ tcp_options.timeout = rule.timeout
+ tcp_options.callback = icap_callback
+ tcp_options.data = options_request
+
+ if rule.ssl then
+ tcp_options.ssl = true
+ if rule.no_ssl_verify then
+ tcp_options.no_ssl_verify = true
+ end
+ end
+
+ tcp_options.host = addr:to_string()
+ tcp_options.port = addr:get_port()
+
+ tcp.request(tcp_options)
end
if common.condition_check_and_continue(task, content, rule, digest,
More information about the Commits
mailing list