Mirrors/MalwareMultiScan
1
0
Fork 0
mirror of https://github.com/volodymyrsmirnov/MalwareMultiScan.git synced 2025-08-23 21:12:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

finalize refactoring & ready for the PR

Browse Source
This commit is contained in:
Volodymyr Smirnov 2020-10-26 21:24:40 +02:00
parent 14c9c26979
commit 62cdcdbb49
34 changed files with 229 additions and 164 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/MalwareMultiScan_Worker_Dockerfile.xml → .idea/.idea.MalwareMultiScan/.idea/runConfigurations/MalwareMultiScan_Scanner_Dockerfile.xml generated
View File

@ -1,5 +1,5 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="MalwareMultiScan.Worker/Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<configuration default="false" name="MalwareMultiScan.Scanner/Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<deployment type="dockerfile">
<settings>
<option name="imageTag" value="mindcollapse/malware-multi-scan-worker" />
@ -10,7 +10,7 @@
<option name="contextFolderPath" value="." />
<option name="entrypoint" value="" />
<option name="commandLineOptions" value="" />
<option name="sourceFilePath" value="MalwareMultiScan.Worker/Dockerfile" />
<option name="sourceFilePath" value="MalwareMultiScan.Scanner/Dockerfile" />
</settings>
</deployment>
<method v="2" />

12
MalwareMultiScan.Api/Attributes/HttpUrlValidationAttribute.cs → MalwareMultiScan.Api/Attributes/IsHttpUrlAttribute.cs
View File

@ -3,13 +3,17 @@ using System.ComponentModel.DataAnnotations;
namespace MalwareMultiScan.Api.Attributes
{
public class HttpUrlValidationAttribute : ValidationAttribute
/// <summary>
/// Validate URI to be an absolute http(s) URL.
/// </summary>
internal class IsHttpUrlAttribute : ValidationAttribute
{
/// <inheritdoc />
protected override ValidationResult IsValid(object value, ValidationContext validationContext)
{
var uri = (Uri) value;
if (uri == null || !uri.IsAbsoluteUri || uri.Scheme != "http" && uri.Scheme != "https")
if (!Uri.TryCreate((string)value, UriKind.Absolute, out var uri)
|| !uri.IsAbsoluteUri
|| uri.Scheme != "http" && uri.Scheme != "https")
return new ValidationResult("Only absolute http(s) URLs are supported");
return ValidationResult.Success;

28
MalwareMultiScan.Api/Attributes/MaxFileSizeAttribute.cs Normal file
View File

@ -0,0 +1,28 @@
using System.ComponentModel.DataAnnotations;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
namespace MalwareMultiScan.Api.Attributes
{
/// <summary>
/// Validate uploaded file size for the max file size defined in settings.
/// </summary>
public class MaxFileSizeAttribute : ValidationAttribute
{
/// <inheritdoc />
protected override ValidationResult IsValid(object value, ValidationContext validationContext)
{
var maxSize = validationContext
.GetRequiredService<IConfiguration>()
.GetValue<long>("MaxFileSize");
var formFile = (IFormFile) value;
if (formFile == null || formFile.Length > maxSize)
return new ValidationResult($"File exceeds the maximum size of {maxSize} bytes");
return ValidationResult.Success;
}
}
}

2
MalwareMultiScan.Api/Controllers/DownloadController.cs
View File

@ -5,7 +5,9 @@ using Microsoft.AspNetCore.Mvc;
namespace MalwareMultiScan.Api.Controllers
{
[ApiController]
[Route("download")]
[Produces("application/octet-stream")]
public class DownloadController : Controller
{
private readonly ScanResultService _scanResultService;

20
MalwareMultiScan.Api/Controllers/QueueController.cs
View File

@ -1,4 +1,4 @@
using System;
using System.ComponentModel.DataAnnotations;
using System.Threading.Tasks;
using MalwareMultiScan.Api.Attributes;
using MalwareMultiScan.Api.Data.Models;
@ -23,37 +23,33 @@ namespace MalwareMultiScan.Api.Controllers
[HttpPost("file")]
[ProducesResponseType(typeof(ScanResult), StatusCodes.Status201Created)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
public async Task<IActionResult> ScanFile([FromForm] IFormFile file)
public async Task<IActionResult> ScanFile(
[Required, MaxFileSize] IFormFile file)
{
var result = await _scanResultService.CreateScanResult();
string storedFileId;
await using (var uploadFileStream = file.OpenReadStream())
{
storedFileId = await _scanResultService.StoreFile(file.Name, uploadFileStream);
}
await _scanResultService.QueueUrlScan(result, Url.Action("Index", "Download", new {id = storedFileId},
Request.Scheme, Request.Host.Value));
return Created(Url.Action("Index", "ScanResults", new {id = result.Id},
Request.Scheme, Request.Host.Value), result);
return CreatedAtAction("Index", "ScanResults", new {id = result.Id}, result);
}
[HttpPost("url")]
[ProducesResponseType(typeof(ScanResult), StatusCodes.Status201Created)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
public async Task<IActionResult> ScanUrl([FromForm] [HttpUrlValidation] Uri url)
public async Task<IActionResult> ScanUrl(
[FromForm, Required, IsHttpUrl] string url)
{
var result = await _scanResultService.CreateScanResult();
var resultUrl = Url.Action("Index", "ScanResults", new {id = result.Id},
Request.Scheme, Request.Host.Value);
await _scanResultService.QueueUrlScan(result, url);
await _scanResultService.QueueUrlScan(result, url.ToString());
return Created(resultUrl, result);
return CreatedAtAction("Index", "ScanResults", new {id = result.Id}, result);
}
}
}

1
MalwareMultiScan.Api/Controllers/ScanResultsController.cs
View File

@ -20,6 +20,7 @@ namespace MalwareMultiScan.Api.Controllers
[HttpGet("{id}")]
[ProducesResponseType(typeof(ScanResult), StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
public async Task<IActionResult> Index(string id)
{
var scanResult = await _scanResultService.GetScanResult(id);

2
MalwareMultiScan.Api/Data/Configuration/ScanBackend.cs
View File

@ -3,6 +3,6 @@ namespace MalwareMultiScan.Api.Data.Configuration
public class ScanBackend
{
public string Id { get; set; }
public string Name { get; set; }
public bool Enabled { get; set; }
}
}

2
MalwareMultiScan.Api/Data/Models/ScanResultEntry.cs
View File

@ -3,7 +3,7 @@ namespace MalwareMultiScan.Api.Data.Models
public class ScanResultEntry
{
public bool Completed { get; set; }
public bool Succeeded { get; set; }
public bool? Succeeded { get; set; }
public string[] Threats { get; set; }
}
}

42
MalwareMultiScan.Api/Extensions/ServiceCollectionExtensions.cs Normal file
View File

@ -0,0 +1,42 @@
using System.Net;
using EasyNetQ;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.HttpOverrides;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using MongoDB.Driver;
namespace MalwareMultiScan.Api.Extensions
{
internal static class ServiceCollectionExtensions
{
public static void AddMongoDb(this IServiceCollection services, IConfiguration configuration)
{
services.AddSingleton(
serviceProvider =>
{
var db = new MongoClient(configuration.GetConnectionString("Mongo"));
return db.GetDatabase(
configuration.GetValue<string>("DatabaseName"));
});
}
public static void AddRabbitMq(this IServiceCollection services, IConfiguration configuration)
{
services.AddSingleton(x =>
RabbitHutch.CreateBus(configuration.GetConnectionString("RabbitMQ")));
}
public static void AddDockerForwardedHeadersOptions(this IServiceCollection services)
{
services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
options.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("::ffff:10.0.0.0"), 104));
options.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("::ffff:192.168.0.0"), 112));
options.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("::ffff:172.16.0.0"), 108));
});
}
}
}

8
MalwareMultiScan.Api/MalwareMultiScan.Api.csproj
View File

@ -14,18 +14,10 @@
<PackageReference Include="EasyNetQ" Version="5.6.0" />
<PackageReference Include="MongoDB.Driver" Version="2.11.3" />
<PackageReference Include="MongoDB.Driver.GridFS" Version="2.11.3" />
<PackageReference Include="Swashbuckle.AspNetCore" Version="5.6.3" />
<PackageReference Include="YamlDotNet" Version="8.1.2" />
</ItemGroup>
<ItemGroup>
<_ContentIncludedByDefault Remove="Properties\launchSettings.json" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\MalwareMultiScan.Backends\MalwareMultiScan.Backends.csproj" />
<ProjectReference Include="..\MalwareMultiScan.Shared\MalwareMultiScan.Shared.csproj" />
</ItemGroup>
</Project>

2
MalwareMultiScan.Api/Program.cs
View File

@ -13,7 +13,7 @@ namespace MalwareMultiScan.Api
private static IHostBuilder CreateHostBuilder(string[] args)
{
return Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder => { webBuilder.UseStartup<Startup>(); });
.ConfigureWebHostDefaults(webBuilder => webBuilder.UseStartup<Startup>());
}
}
}

26
MalwareMultiScan.Api/Services/ReceiverHostedService.cs
View File

@ -8,14 +8,24 @@ using Microsoft.Extensions.Logging;
namespace MalwareMultiScan.Api.Services
{
/// <summary>
/// Receiver hosted service.
/// </summary>
public class ReceiverHostedService : IHostedService
{
private readonly IBus _bus;
private readonly IConfiguration _configuration;
private readonly ScanResultService _scanResultService;
private readonly ILogger<ReceiverHostedService> _logger;
private readonly ScanResultService _scanResultService;
public ReceiverHostedService(IBus bus, IConfiguration configuration, ScanResultService scanResultService,
/// <summary>
/// Create receiver hosted service.
/// </summary>
/// <param name="bus">Service bus.</param>
/// <param name="configuration">Configuration.</param>
/// <param name="scanResultService">Scan result service.</param>
/// <param name="logger">Logger.</param>
public ReceiverHostedService(IBus bus, IConfiguration configuration, ScanResultService scanResultService,
ILogger<ReceiverHostedService> logger)
{
_bus = bus;
@ -24,6 +34,7 @@ namespace MalwareMultiScan.Api.Services
_logger = logger;
}
/// <inheritdoc />
public Task StartAsync(CancellationToken cancellationToken)
{
_bus.Receive<ScanResultMessage>(_configuration.GetValue<string>("ResultsSubscriptionId"), async message =>
@ -31,21 +42,24 @@ namespace MalwareMultiScan.Api.Services
_logger.LogInformation(
$"Received a result from {message.Backend} for {message.Id} " +
$"with threats {string.Join(",", message.Threats)}");
await _scanResultService.UpdateScanResultForBackend(
message.Id, message.Backend, true, true, message.Threats);
message.Id, message.Backend, true,
message.Succeeded, message.Threats ?? new string[] { });
});
_logger.LogInformation(
"Started hosted service for receiving scan results");
return Task.CompletedTask;
}
/// <inheritdoc />
public Task StopAsync(CancellationToken cancellationToken)
{
_bus.Dispose();
_logger.LogInformation(
"Stopped hosted service for receiving scan results");

21
MalwareMultiScan.Api/Services/ScanBackendService.cs
View File

@ -12,11 +12,21 @@ using YamlDotNet.Serialization.NamingConventions;
namespace MalwareMultiScan.Api.Services
{
/// <summary>
/// Scan backends service.
/// </summary>
public class ScanBackendService
{
private readonly IBus _bus;
private readonly ILogger<ScanBackendService> _logger;
/// <summary>
/// Create scan backend service.
/// </summary>
/// <param name="configuration">Configuration.</param>
/// <param name="bus">Service bus.</param>
/// <param name="logger">Logger.</param>
/// <exception cref="FileNotFoundException">Missing BackendsConfiguration YAML file.</exception>
public ScanBackendService(IConfiguration configuration, IBus bus, ILogger<ScanBackendService> logger)
{
_bus = bus;
@ -36,13 +46,22 @@ namespace MalwareMultiScan.Api.Services
List = deserializer.Deserialize<ScanBackend[]>(configurationContent);
}
/// <summary>
/// List of available scan backends.
/// </summary>
public ScanBackend[] List { get; }
/// <summary>
/// Queue URL scan.
/// </summary>
/// <param name="result">Scan result instance.</param>
/// <param name="backend">Scan backend.</param>
/// <param name="fileUrl">File download URL.</param>
public async Task QueueUrlScan(ScanResult result, ScanBackend backend, string fileUrl)
{
_logger.LogInformation(
$"Queueing scan for {result.Id} on {backend.Id} at {fileUrl}");
await _bus.SendAsync(backend.Id, new ScanRequestMessage
{
Id = result.Id,

71
MalwareMultiScan.Api/Services/ScanResultService.cs
View File

@ -8,29 +8,41 @@ using MongoDB.Driver.GridFS;
namespace MalwareMultiScan.Api.Services
{
/// <summary>
/// Scan results service.
/// </summary>
public class ScanResultService
{
private const string CollectionName = "ScanResults";
private readonly GridFSBucket _bucket;
private readonly IMongoCollection<ScanResult> _collection;
private readonly ScanBackendService _scanBackendService;
/// <summary>
/// Create scan result service.
/// </summary>
/// <param name="db">Mongo database.</param>
/// <param name="scanBackendService">Scan backend service.</param>
public ScanResultService(IMongoDatabase db, ScanBackendService scanBackendService)
{
_scanBackendService = scanBackendService;
_collection = db.GetCollection<ScanResult>(CollectionName);
_bucket = new GridFSBucket(db);
_collection = db.GetCollection<ScanResult>(CollectionName);
}
/// <summary>
/// Create scan result.
/// </summary>
/// <returns>Scan result.</returns>
public async Task<ScanResult> CreateScanResult()
{
var scanResult = new ScanResult
{
Results = _scanBackendService.List.ToDictionary(
k => k.Id, v => new ScanResultEntry())
Results = _scanBackendService.List
.Where(b => b.Enabled)
.ToDictionary(k => k.Id, v => new ScanResultEntry())
};
await _collection.InsertOneAsync(scanResult);
@ -38,6 +50,11 @@ namespace MalwareMultiScan.Api.Services
return scanResult;
}
/// <summary>
/// Get scan result.
/// </summary>
/// <param name="id">Scan result id.</param>
/// <returns>Scan result.</returns>
public async Task<ScanResult> GetScanResult(string id)
{
var result = await _collection.FindAsync(
@ -46,27 +63,44 @@ namespace MalwareMultiScan.Api.Services
return await result.FirstOrDefaultAsync();
}
/// <summary>
/// Update scan status for the backend.
/// </summary>
/// <param name="resultId">Result id.</param>
/// <param name="backendId">Backend id.</param>
/// <param name="completed">If the scan has been completed.</param>
/// <param name="succeeded">If the scan has been succeeded.</param>
/// <param name="threats">List of found threats.</param>
public async Task UpdateScanResultForBackend(string resultId, string backendId,
bool completed = false, bool succeeded = false, string[] threats = null)
{
var filterScanResult = Builders<ScanResult>.Filter.Where(r => r.Id == resultId);
var updateScanResult = Builders<ScanResult>.Update.Set(r => r.Results[backendId], new ScanResultEntry
{
Completed = completed,
Succeeded = succeeded,
Threats = threats
});
await _collection.UpdateOneAsync(filterScanResult, updateScanResult);
await _collection.UpdateOneAsync(
Builders<ScanResult>.Filter.Where(r => r.Id == resultId),
Builders<ScanResult>.Update.Set(r => r.Results[backendId], new ScanResultEntry
{
Completed = completed,
Succeeded = succeeded,
Threats = threats ?? new string[] { }
}));
}
/// <summary>
/// Queue URL scan.
/// </summary>
/// <param name="result">Scan result instance.</param>
/// <param name="fileUrl">File URL.</param>
public async Task QueueUrlScan(ScanResult result, string fileUrl)
{
foreach (var backend in _scanBackendService.List)
foreach (var backend in _scanBackendService.List.Where(b => b.Enabled))
await _scanBackendService.QueueUrlScan(result, backend, fileUrl);
}
/// <summary>
/// Store file.
/// </summary>
/// <param name="fileName">File name.</param>
/// <param name="fileStream">File stream.</param>
/// <returns>Stored file id.</returns>
public async Task<string> StoreFile(string fileName, Stream fileStream)
{
var objectId = await _bucket.UploadFromStreamAsync(
@ -75,6 +109,11 @@ namespace MalwareMultiScan.Api.Services
return objectId.ToString();
}
/// <summary>
/// Obtain stored file stream.
/// </summary>
/// <param name="id">File id.</param>
/// <returns>File seekable stream.</returns>
public async Task<Stream> ObtainFile(string id)
{
if (!ObjectId.TryParse(id, out var objectId))

56
MalwareMultiScan.Api/Startup.cs
View File

@ -1,12 +1,8 @@
using EasyNetQ;
using MalwareMultiScan.Api.Extensions;
using MalwareMultiScan.Api.Services;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.HttpOverrides;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.OpenApi.Models;
using MongoDB.Driver;
namespace MalwareMultiScan.Api
{
@ -21,62 +17,24 @@ namespace MalwareMultiScan.Api
public void ConfigureServices(IServiceCollection services)
{
services.AddSingleton(x =>
RabbitHutch.CreateBus(_configuration.GetConnectionString("RabbitMQ")));
services.AddDockerForwardedHeadersOptions();
services.AddMongoDb(_configuration);
services.AddRabbitMq(_configuration);
services.AddSingleton<ScanBackendService>();
services.AddSingleton<ScanResultService>();
services.AddSingleton(
serviceProvider =>
{
var db = new MongoClient(_configuration.GetConnectionString("Mongo"));
return db.GetDatabase(
_configuration.GetValue<string>("DatabaseName"));
});
services.AddControllers();
services.AddHttpClient();
services.AddSwaggerGen(options =>
{
options.SwaggerDoc("MalwareMultiScan",
new OpenApiInfo
{
Title = "MalwareMultiScan",
Version = "1.0.0"
});
});
services.AddHostedService<ReceiverHostedService>();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
public void Configure(IApplicationBuilder app)
{
app.UseRouting();
var forwardingOptions = new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
};
forwardingOptions.KnownNetworks.Clear();
forwardingOptions.KnownProxies.Clear();
app.UseForwardedHeaders(forwardingOptions);
app.UseForwardedHeaders();
app.UseEndpoints(endpoints => endpoints.MapControllers());
app.UseSwagger();
app.UseSwaggerUI(options =>
{
options.DocumentTitle = "MalwareMultiScan";
options.SwaggerEndpoint(
$"/swagger/{options.DocumentTitle}/swagger.json", options.DocumentTitle);
});
}
}
}

9
MalwareMultiScan.Api/appsettings.Development.json
View File

@ -1,9 +0,0 @@
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
}
}

3
MalwareMultiScan.Api/appsettings.json
View File

@ -14,8 +14,7 @@
},
"DatabaseName": "MalwareMultiScan",
"ResultsSubscriptionId": "mms.results",
"MaxFileSize": 1048576,
"BackendsConfiguration": "backends.yaml"
}

2
MalwareMultiScan.Api/backends.yaml
View File

@ -1,2 +1,2 @@
- id: dummy
name: Dummy Backend
enabled: true

2
MalwareMultiScan.Backends/Backends/Abstracts/AbstractLocalProcessScanBackend.cs
View File

@ -20,7 +20,7 @@ namespace MalwareMultiScan.Backends.Backends.Abstracts
protected abstract Regex MatchRegex { get; }
protected abstract string BackendPath { get; }
protected virtual bool ParseStdErr { get; }
protected virtual bool ParseStdErr { get; } = false;
protected virtual bool ThrowOnNonZeroExitCode { get; } = true;
protected abstract string GetBackendArguments(string path);

8
MalwareMultiScan.Backends/Backends/Abstracts/AbstractScanBackend.cs
View File

@ -4,7 +4,6 @@ using System.Net.Http;
using System.Threading;
using System.Threading.Tasks;
using MalwareMultiScan.Backends.Interfaces;
using Microsoft.AspNetCore.Http;
namespace MalwareMultiScan.Backends.Backends.Abstracts
{
@ -23,13 +22,6 @@ namespace MalwareMultiScan.Backends.Backends.Abstracts
return await ScanAsync(uriStream, cancellationToken);
}
public async Task<string[]> ScanAsync(IFormFile file, CancellationToken cancellationToken)
{
await using var fileStream = file.OpenReadStream();
return await ScanAsync(fileStream, cancellationToken);
}
public async Task<string[]> ScanAsync(Stream stream, CancellationToken cancellationToken)
{
var tempFile = Path.GetTempFileName();

6
MalwareMultiScan.Backends/Backends/Implementations/DummyScanBackend.cs
View File

@ -3,7 +3,6 @@ using System.IO;
using System.Threading;
using System.Threading.Tasks;
using MalwareMultiScan.Backends.Interfaces;
using Microsoft.AspNetCore.Http;
namespace MalwareMultiScan.Backends.Backends.Implementations
{
@ -21,11 +20,6 @@ namespace MalwareMultiScan.Backends.Backends.Implementations
return Scan();
}
public Task<string[]> ScanAsync(IFormFile file, CancellationToken cancellationToken)
{
return Scan();
}
public Task<string[]> ScanAsync(Stream stream, CancellationToken cancellationToken)
{
return Scan();

2
MalwareMultiScan.Backends/Dockerfiles/Clamav.Dockerfile
View File

@ -1,4 +1,4 @@
FROM mindcollapse/malware-multi-scan-worker:latest
FROM mindcollapse/malware-multi-scan-scanner:latest
ENV DEBIAN_FRONTEND noninteractive

2
MalwareMultiScan.Backends/Dockerfiles/Comodo.Dockerfile
View File

@ -1,4 +1,4 @@
FROM mindcollapse/malware-multi-scan-worker:latest
FROM mindcollapse/malware-multi-scan-scanner:latest
RUN apt-get update && apt-get install wget -y

2
MalwareMultiScan.Backends/Dockerfiles/DrWeb.Dockerfile
View File

@ -1,4 +1,4 @@
FROM mindcollapse/malware-multi-scan-worker:latest
FROM mindcollapse/malware-multi-scan-scanner:latest
ARG DRWEB_KEY
ENV DRWEB_KEY=$DRWEB_KEY

2
MalwareMultiScan.Backends/Dockerfiles/KES.Dockerfile
View File

@ -1,4 +1,4 @@
FROM mindcollapse/malware-multi-scan-worker:latest
FROM mindcollapse/malware-multi-scan-scanner:latest
ARG KES_KEY
ENV KES_KEY=$KES_KEY

2
MalwareMultiScan.Backends/Dockerfiles/McAfee.Dockerfile
View File

@ -1,4 +1,4 @@
FROM mindcollapse/malware-multi-scan-worker:latest
FROM mindcollapse/malware-multi-scan-scanner:latest
RUN apt-get update && apt-get install unzip wget -y

2
MalwareMultiScan.Backends/Dockerfiles/Sophos.Dockerfile
View File

@ -1,4 +1,4 @@
FROM mindcollapse/malware-multi-scan-worker:latest
FROM mindcollapse/malware-multi-scan-scanner:latest
RUN apt-get update && apt-get install wget -y

2
MalwareMultiScan.Backends/Dockerfiles/WindowsDefender.Dockerfile
View File

@ -11,7 +11,7 @@ WORKDIR /opt/loadlibrary/engine
RUN curl -L "https://go.microsoft.com/fwlink/?LinkID=121721&arch=x86" --output mpan-fe.exe
RUN cabextract mpan-fe.exe && rm mpan-fe.exe
FROM mindcollapse/malware-multi-scan-worker:latest
FROM mindcollapse/malware-multi-scan-scanner:latest
RUN apt-get update && apt-get install -y libc6-i386

3
MalwareMultiScan.Backends/Interfaces/IScanBackend.cs
View File

@ -2,17 +2,14 @@ using System;
using System.IO;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
namespace MalwareMultiScan.Backends.Interfaces
{
public interface IScanBackend
{
public string Id { get; }
public Task<string[]> ScanAsync(string path, CancellationToken cancellationToken);
public Task<string[]> ScanAsync(Uri uri, CancellationToken cancellationToken);
public Task<string[]> ScanAsync(IFormFile file, CancellationToken cancellationToken);
public Task<string[]> ScanAsync(Stream stream, CancellationToken cancellationToken);
}
}

7
MalwareMultiScan.Backends/MalwareMultiScan.Backends.csproj
View File

@ -3,13 +3,10 @@
<PropertyGroup>
<TargetFramework>netcoreapp3.1</TargetFramework>
</PropertyGroup>
<ItemGroup>
<ProjectReference Include="..\MalwareMultiScan.Shared\MalwareMultiScan.Shared.csproj" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="3.1.9" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="3.1.9" />
</ItemGroup>
</Project>

2
MalwareMultiScan.Backends/Messages/ScanResultMessage.cs
View File

@ -4,6 +4,8 @@ namespace MalwareMultiScan.Backends.Messages
{
public string Id { get; set; }
public string Backend { get; set; }
public bool Succeeded { get; set; }
public string[] Threats { get; set; }
}
}

10
MalwareMultiScan.Scanner/Dockerfile
View File

@ -2,11 +2,10 @@ FROM mcr.microsoft.com/dotnet/core/sdk:3.1 AS builder
WORKDIR /src
COPY MalwareMultiScan.Worker /src/MalwareMultiScan.Worker
COPY MalwareMultiScan.Shared /src/MalwareMultiScan.Shared
COPY MalwareMultiScan.Worker /src/MalwareMultiScan.Scanner
COPY MalwareMultiScan.Backends /src/MalwareMultiScan.Backends
RUN dotnet publish -c Release -r linux-x64 -o ./publish MalwareMultiScan.Worker/MalwareMultiScan.Worker.csproj
RUN dotnet publish -c Release -r linux-x64 -o ./publish MalwareMultiScan.Scanner/MalwareMultiScan.Scanner.csproj
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1
@ -14,7 +13,4 @@ WORKDIR /worker
COPY --from=builder /src/publish /worker
ENV ASPNETCORE_ENVIRONMENT=Production
ENV ASPNETCORE_URLS=http://+:9901
ENTRYPOINT ["/worker/MalwareMultiScan.Worker"]
ENTRYPOINT ["/worker/MalwareMultiScan.Scanner"]

5
MalwareMultiScan.Scanner/MalwareMultiScan.Scanner.csproj
View File

@ -11,10 +11,5 @@
<ItemGroup>
<ProjectReference Include="..\MalwareMultiScan.Backends\MalwareMultiScan.Backends.csproj" />
<ProjectReference Include="..\MalwareMultiScan.Shared\MalwareMultiScan.Shared.csproj" />
</ItemGroup>
<ItemGroup>
<_ContentIncludedByDefault Remove="Properties\launchSettings.json" />
</ItemGroup>
</Project>

25
MalwareMultiScan.Scanner/Services/ScanHostedService.cs
View File

@ -56,28 +56,35 @@ namespace MalwareMultiScan.Scanner.Services
var cancellationTokenSource = new CancellationTokenSource(
TimeSpan.FromSeconds(_configuration.GetValue<int>("MaxScanningTime")));
var result = new ScanResultMessage
{
Id = message.Id,
Backend = _backend.Id
};
try
{
var result = new ScanResultMessage
{
Id = message.Id,
Backend = _backend.Id,
result.Threats = await _backend.ScanAsync(
message.Uri, cancellationTokenSource.Token);
Threats = await _backend.ScanAsync(
message.Uri, cancellationTokenSource.Token)
};
result.Succeeded = true;
_logger.LogInformation(
$"Backend {_backend.Id} completed a scan of {message.Id} " +
$"with result '{string.Join(", ", result.Threats)}'");
await _bus.SendAsync(_configuration.GetValue<string>("ResultsSubscriptionId"), result);
}
catch (Exception exception)
{
result.Succeeded = false;
_logger.LogError(
exception, "Scanning failed with exception");
}
finally
{
await _bus.SendAsync(
_configuration.GetValue<string>("ResultsSubscriptionId"), result);
}
}
}
}