[Feature] Add kaspersky antivirus support

diff --git a/src/plugins/lua/antivirus.lua b/src/plugins/lua/antivirus.lua
index d7dfa0fafba10d0b4786cb4412de63703bfc821e..875bd53e6ad1dc3fdf7e6be6e071036d74fab8ed 100644 (file)
--- a/src/plugins/lua/antivirus.lua
+++ b/src/plugins/lua/antivirus.lua
@@ -292,6 +292,41 @@ local function savapi_config(opts)
   return nil
 end
 
+local function kaspersky_config(opts)
+  local kaspersky_conf = {
+    scan_mime_parts = true;
+    scan_text_mime = false;
+    scan_image_mime = false;
+    product_id = 0,
+    log_clean = false,
+    timeout = 5.0,
+    retransmits = 1, -- use local files, retransmits are useless
+    cache_expire = 3600, -- expire redis in one hour
+    message = default_message,
+    tmpdir = '/tmp',
+    prefix = 'rs_ak',
+  }
+
+  kaspersky_conf = lua_util.override_defaults(kaspersky_conf, opts)
+
+  if not kaspersky_conf['servers'] then
+    rspamd_logger.errx(rspamd_config, 'no servers defined')
+
+    return nil
+  end
+
+  kaspersky_conf['upstreams'] = upstream_list.create(rspamd_config,
+      kaspersky_conf['servers'], 0)
+
+  if kaspersky_conf['upstreams'] then
+    return kaspersky_conf
+  end
+
+  rspamd_logger.errx(rspamd_config, 'cannot parse servers %s',
+      kaspersky_conf['servers'])
+  return nil
+end
+
 local function message_not_too_large(task, content, rule)
   local max_size = tonumber(rule['max_size'])
   if not max_size then return true end
@@ -832,6 +867,120 @@ local function savapi_check(task, content, digest, rule)
   end
 end
 
+local function kaspersky_check(task, content, digest, rule)
+  local function kaspersky_check_uncached ()
+    local upstream = rule.upstreams:get_upstream_round_robin()
+    local addr = upstream:get_addr()
+    local retransmits = rule.retransmits
+    local fname = string.format('%s/%s.tmp',
+        rule.tmpdir, rspamd_util.random_hex(32))
+    local message_fd = rspamd_util.create_file(fname)
+    local clamav_compat_cmd = string.format("nSCAN %s\n", fname)
+
+    if not message_fd then
+      rspamd_logger.errx('cannot store file for kaspersky scan: %s', fname)
+      return
+    end
+
+    if type(content) == 'string' then
+      -- Create rspamd_text
+      local rspamd_text = require "rspamd_text"
+      content = rspamd_text.fromstring(content)
+    end
+    content:save_in_file(message_fd)
+
+    -- Ensure file cleanup
+    task:get_mempool():add_destructor(function()
+      os.remove(fname)
+      rspamd_util.close_file(message_fd)
+    end)
+
+
+    local function kaspersky_callback(err, data)
+      if err then
+        -- set current upstream to fail because an error occurred
+        upstream:fail()
+
+        -- retry with another upstream until retransmits exceeds
+        if retransmits > 0 then
+
+          retransmits = retransmits - 1
+
+          -- Select a different upstream!
+          upstream = rule.upstreams:get_upstream_round_robin()
+          addr = upstream:get_addr()
+
+          lua_util.debugm(N, task,
+              '%s [%s]: retry IP: %s', rule['symbol'], rule['type'], addr)
+
+          tcp.request({
+            task = task,
+            host = addr:to_string(),
+            port = addr:get_port(),
+            timeout = rule['timeout'],
+            callback = kaspersky_callback,
+            data = { clamav_compat_cmd },
+            stop_pattern = '\n'
+          })
+        else
+          rspamd_logger.errx(task,
+              '%s [%s]: failed to scan, maximum retransmits exceed',
+              rule['symbol'], rule['type'])
+          task:insert_result(rule['symbol_fail'], 0.0,
+              'failed to scan and retransmits exceed')
+        end
+
+      else
+        upstream:ok()
+        data = tostring(data)
+        local cached
+        lua_util.debugm(N, task, '%s [%s]: got reply: %s',
+            rule['symbol'], rule['type'], data)
+        if data == 'stream: OK' then
+          cached = 'OK'
+          if rule['log_clean'] then
+            rspamd_logger.infox(task, '%s [%s]: message or mime_part is clean',
+                rule['symbol'], rule['type'])
+          else
+            lua_util.debugm(N, task, '%s [%s]: message or mime_part is clean',
+                rule['symbol'], rule['type'])
+          end
+        else
+          local vname = string.match(data, ': (.+) FOUND')
+          if vname then
+            yield_result(task, rule, vname)
+            cached = vname
+          else
+            rspamd_logger.errx(task, 'unhandled response: %s', data)
+            task:insert_result(rule['symbol_fail'], 0.0, 'unhandled response')
+          end
+        end
+        if cached then
+          save_av_cache(task, digest, rule, cached)
+        end
+      end
+    end
+
+    tcp.request({
+      task = task,
+      host = addr:to_string(),
+      port = addr:get_port(),
+      timeout = rule['timeout'],
+      callback = kaspersky_callback,
+      data = { clamav_compat_cmd },
+      stop_pattern = '\n'
+    })
+  end
+
+  if need_av_check(task, content, rule) then
+    if check_av_cache(task, digest, rule, kaspersky_check_uncached) then
+      return
+    else
+      kaspersky_check_uncached()
+    end
+  end
+end
+
 local av_types = {
   clamav = {
     configure = clamav_config,
@@ -849,6 +998,10 @@ local av_types = {
     configure = savapi_config,
     check = savapi_check
   },
+  kaspersky = {
+    configure = kaspersky_config,
+    check = kaspersky_check
+  }
 }
 
 local function add_antivirus_rule(sym, opts)
@@ -857,7 +1010,7 @@ local function add_antivirus_rule(sym, opts)
     return nil
   end
 
-  if not opts['symbol'] then opts['symbol'] = sym end
+  if not opts['symbol'] then opts['symbol'] = sym:upper() end
   local cfg = av_types[opts['type']]
 
   if not opts['symbol_fail'] then
@@ -943,8 +1096,10 @@ if opts and type(opts) == 'table' then
   redis_params = rspamd_parse_redis_server('antivirus')
   local has_valid = false
   for k, m in pairs(opts) do
-    if type(m) == 'table' and m['type'] and m['servers'] then
+    if type(m) == 'table' and m.servers then
+      if not m.type then m.type = k end
       local cb = add_antivirus_rule(k, m)
+
       if not cb then
         rspamd_logger.errx(rspamd_config, 'cannot add rule: "' .. k .. '"')
       else