def do_contscan(self, directory_argument):
directory = os.path.abspath(
directory_argument) if directory_argument else ''
if not directory or not os.path.exists(directory):
logger.error(
"Cannot handle CONTSCAN command with argument '%s' (path does not exist)",
directory)
self.send_response("ERROR: Wrong argument '%s'" % directory)
return
responses = ["AmavisVTd scan results:"]
avt = AmavisVT(self.config)
for resource, scan_result in avt.run(directory):
if scan_result is None:
responses.append("%s: Not scanned by virustotal" % resource)
elif isinstance(scan_result, Exception):
responses.append("%s: Error (%s)" % (resource, scan_result))
else:
if scan_result.infected:
matches = [
v['result'] for _, v in scan_result.scans.items()
if v['detected']
][:3]
responses.append(
"%s: Detected as %s (%s of %s)" %
(resource, ', '.join(set(matches)),
scan_result.positives, scan_result.total))
else:
responses.append("%s: Clean" % resource)
payload = '\n'.join(responses)
self.request.sendall(payload.encode('utf-8'))
def test_run_with_filename_pattern_detection_match_with_autoreport(
self, database_mock, memcached_get_mock, memcached_set_mock, requests_mock
):
memcached_get_mock.return_value = None
database_mock.filename_pattern_match = mock.MagicMock()
database_mock.filename_pattern_match.return_value = True
avt = AmavisVT(
AmavisVTConfigurationParser(
{
"database-path": ":memory:",
"api-key": "my-api-key",
"filename-pattern-detection": "true",
"auto-report": "true",
},
path="/dev/null",
)
)
avt.database = database_mock
mail = os.path.join(os.path.dirname(__file__), "samples/mail_with_attachment.eml")
result = avt.run(mail)
assert database_mock.filename_pattern_match.called
call_result = database_mock.filename_pattern_match.call_args
assert len(call_result) == 2 # resource and localpart
call_args, call_kwargs = call_result
# assert that one arg and one kwarg are passed
assert len(call_args) == 1
assert len(call_kwargs) == 1
# the first arg must be our resource
assert isinstance(call_args[0], Resource)
assert call_args[0].filename == "textfile.zip"
# the localpart kwarg should be 'alice'
assert call_kwargs["localpart"] == "alice"
assert requests_mock.called
assert requests_mock.call_count == 2 # once for scan report and once for submitting
assert len(result) == 1
resource, response = result[0]
assert resource.filename == "textfile.zip"
assert response.infected
assert not any([os.path.exists(p) for p in avt.clean_paths])
def test_run_with_filename_pattern_detection_match_with_autoreport(
self, database_mock, memcached_get_mock, memcached_set_mock,
requests_mock):
memcached_get_mock.return_value = None
database_mock.filename_pattern_match = mock.MagicMock()
database_mock.filename_pattern_match.return_value = True
avt = AmavisVT(
AmavisVTConfigurationParser(
{
'database-path': ':memory:',
'api-key': 'my-api-key',
'filename-pattern-detection': 'true',
'auto-report': 'true'
},
path='/dev/null'))
avt.database = database_mock
mail = os.path.join(os.path.dirname(__file__),
'samples/mail_with_attachment.eml')
result = avt.run(mail)
assert database_mock.filename_pattern_match.called
call_result = database_mock.filename_pattern_match.call_args
assert len(call_result) == 2 # resource and localpart
call_args, call_kwargs = call_result
# assert that one arg and one kwarg are passed
assert len(call_args) == 1
assert len(call_kwargs) == 1
# the first arg must be our resource
assert isinstance(call_args[0], Resource)
assert call_args[0].filename == 'textfile.zip'
# the localpart kwarg should be 'alice'
assert call_kwargs['localpart'] == 'alice'
assert requests_mock.called
assert requests_mock.call_count == 2 # once for scan report and once for submitting
assert len(result) == 1
resource, response = result[0]
assert resource.filename == 'textfile.zip'
assert response.infected
assert not any([os.path.exists(p) for p in avt.clean_paths])
def do_contscan(self, directory_argument):
directory = os.path.abspath(directory_argument) if directory_argument else ""
if not directory or not os.path.exists(directory):
logger.error("Cannot handle CONTSCAN command with argument '%s' (path does not exist)", directory)
self.send_response("ERROR: Wrong argument '%s'" % directory)
return
responses = ["AmavisVTd scan results:"]
avt = AmavisVT(self.config)
for resource, scan_result in avt.run(directory):
if scan_result is None:
responses.append("%s: Not scanned by virustotal" % resource)
elif isinstance(scan_result, Exception):
responses.append("%s: Error (%s)" % (resource, scan_result))
else:
if scan_result.infected:
matches = [v["result"] for _, v in scan_result.scans.items() if v["detected"]][:3]
responses.append(
"%s: Detected as %s (%s of %s)"
% (resource, ", ".join(set(matches)), scan_result.positives, scan_result.total)
)
else:
responses.append("%s: Clean" % resource)
self.request.sendall("\n".join(responses))
