Mirrors/MalwareMultiScan
1
0
Fork 0
mirror of https://github.com/volodymyrsmirnov/MalwareMultiScan.git synced 2025-08-24 13:32:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Mirrors:master
Branches Tags
Mirrors:master
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/core-js-3.12.1
Mirrors:dependabot/nuget/MongoDB.Driver-2.12.3
Mirrors:dependabot/nuget/MongoDB.Driver.GridFS-2.12.3
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/nuxt/typescript-runtime-2.1.0
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/nuxt/typescript-build-2.1.0
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/bootstrap-4.6.0
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/nuxtjs/axios-5.13.1
Mirrors:dependabot/nuget/Hangfire.AspNetCore-1.7.22
Mirrors:dependabot/nuget/Moq-4.16.1
Mirrors:dependabot/nuget/Microsoft.NET.Test.Sdk-16.9.4
Mirrors:v1.5
Mirrors:v1.1
Mirrors:v1.0
..
compare: Mirrors:v1.1
Branches Tags
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/core-js-3.12.1
Mirrors:dependabot/nuget/MongoDB.Driver-2.12.3
Mirrors:dependabot/nuget/MongoDB.Driver.GridFS-2.12.3
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/nuxt/typescript-runtime-2.1.0
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/nuxt/typescript-build-2.1.0
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/bootstrap-4.6.0
Mirrors:dependabot/npm_and_yarn/MalwareMultiScan.Ui/nuxtjs/axios-5.13.1
Mirrors:dependabot/nuget/Hangfire.AspNetCore-1.7.22
Mirrors:dependabot/nuget/Moq-4.16.1
Mirrors:dependabot/nuget/Microsoft.NET.Test.Sdk-16.9.4
Mirrors:master
Mirrors:v1.5
Mirrors:v1.1
Mirrors:v1.0

No commits in common. "master" and "v1.1" have entirely different histories.
master ... v1.1

87 changed files with 2239 additions and 1699 deletions
Show Stats Expand all files Collapse all files

16
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_Clamav_Dockerfile.xml generated Normal file
View File

@ -0,0 +1,16 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Dockerfiles/Clamav.Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<deployment type="dockerfile">
<settings>
<option name="imageTag" value="mindcollapse/malware-multi-scan-worker-clamav" />
<option name="buildCliOptions" value="" />
<option name="command" value="" />
<option name="containerName" value="malware-multi-scan-worker-clamav" />
<option name="entrypoint" value="" />
<option name="commandLineOptions" value="" />
<option name="sourceFilePath" value="MalwareMultiScan.Backends/Dockerfiles/Clamav.Dockerfile" />
</settings>
</deployment>
<method v="2" />
</configuration>
</component>

16
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_Comodo_Dockerfile.xml generated Normal file
View File

@ -0,0 +1,16 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Dockerfiles/Comodo.Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<deployment type="dockerfile">
<settings>
<option name="imageTag" value="mindcollapse/malware-multi-scan-worker-comodo" />
<option name="buildCliOptions" value="" />
<option name="command" value="" />
<option name="containerName" value="malware-multi-scan-worker-comodo" />
<option name="entrypoint" value="" />
<option name="commandLineOptions" value="" />
<option name="sourceFilePath" value="MalwareMultiScan.Backends/Dockerfiles/Comodo.Dockerfile" />
</settings>
</deployment>
<method v="2" />
</configuration>
</component>

16
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_DrWeb_Dockerfile.xml generated Normal file
View File

@ -0,0 +1,16 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Dockerfiles/DrWeb.Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<deployment type="dockerfile">
<settings>
<option name="imageTag" value="mindcollapse/malware-multi-scan-worker-drweb" />
<option name="buildCliOptions" value="" />
<option name="command" value="" />
<option name="containerName" value="malware-multi-scan-worker-drweb" />
<option name="entrypoint" value="" />
<option name="commandLineOptions" value="" />
<option name="sourceFilePath" value="MalwareMultiScan.Backends/Dockerfiles/DrWeb.Dockerfile" />
</settings>
</deployment>
<method v="2" />
</configuration>
</component>

16
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_KES_Dockerfile.xml generated Normal file
View File

@ -0,0 +1,16 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Dockerfiles/KES.Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<deployment type="dockerfile">
<settings>
<option name="imageTag" value="mindcollapse/malware-multi-scan-worker-kes" />
<option name="buildCliOptions" value="" />
<option name="command" value="" />
<option name="containerName" value="malware-multi-scan-worker-kes" />
<option name="entrypoint" value="" />
<option name="commandLineOptions" value="" />
<option name="sourceFilePath" value="MalwareMultiScan.Backends/Dockerfiles/KES.Dockerfile" />
</settings>
</deployment>
<method v="2" />
</configuration>
</component>

16
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_McAfee_Dockerfile.xml generated Normal file
View File

@ -0,0 +1,16 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Dockerfiles/McAfee.Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<deployment type="dockerfile">
<settings>
<option name="imageTag" value="mindcollapse/malware-multi-scan-worker-mcafee" />
<option name="buildCliOptions" value="" />
<option name="command" value="" />
<option name="containerName" value="malware-multi-scan-worker-mcafee" />
<option name="entrypoint" value="" />
<option name="commandLineOptions" value="" />
<option name="sourceFilePath" value="MalwareMultiScan.Backends/Dockerfiles/McAfee.Dockerfile" />
</settings>
</deployment>
<method v="2" />
</configuration>
</component>

16
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_Sophos_Dockerfile.xml generated Normal file
View File

@ -0,0 +1,16 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Dockerfiles/Sophos.Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<deployment type="dockerfile">
<settings>
<option name="imageTag" value="mindcollapse/malware-multi-scan-worker-sophos" />
<option name="buildCliOptions" value="" />
<option name="command" value="" />
<option name="containerName" value="malware-multi-scan-worker-sophos" />
<option name="entrypoint" value="" />
<option name="commandLineOptions" value="" />
<option name="sourceFilePath" value="MalwareMultiScan.Backends/Dockerfiles/Sophos.Dockerfile" />
</settings>
</deployment>
<method v="2" />
</configuration>
</component>

16
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_WindowsDefender_Dockerfile.xml generated Normal file
View File

@ -0,0 +1,16 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Dockerfiles/WindowsDefender.Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<deployment type="dockerfile">
<settings>
<option name="imageTag" value="mindcollapse/malware-multi-scan-worker-windows-defender" />
<option name="buildCliOptions" value="" />
<option name="command" value="" />
<option name="containerName" value="malware-multi-scan-worker-windows-defender" />
<option name="entrypoint" value="" />
<option name="commandLineOptions" value="" />
<option name="sourceFilePath" value="MalwareMultiScan.Backends/Dockerfiles/WindowsDefender.Dockerfile" />
</settings>
</deployment>
<method v="2" />
</configuration>
</component>

7
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dummy_API.xml generated Normal file
View File

@ -0,0 +1,7 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Dummy API" type="CompoundRunConfigurationType">
<toRun name="MalwareMultiScan.Scanner" type="DotNetProject" />
<toRun name="MalwareMultiScan.Api" type="DotNetProject" />
<method v="2" />
</configuration>
</component>

18
.idea/.idea.MalwareMultiScan/.idea/runConfigurations/MalwareMultiScan_Scanner_Dockerfile.xml generated Normal file
View File

@ -0,0 +1,18 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="MalwareMultiScan.Scanner/Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
<deployment type="dockerfile">
<settings>
<option name="imageTag" value="mindcollapse/malware-multi-scan-scanner" />
<option name="buildCliOptions" value="" />
<option name="buildOnly" value="true" />
<option name="command" value="" />
<option name="containerName" value="" />
<option name="contextFolderPath" value="." />
<option name="entrypoint" value="" />
<option name="commandLineOptions" value="" />
<option name="sourceFilePath" value="MalwareMultiScan.Scanner/Dockerfile" />
</settings>
</deployment>
<method v="2" />
</configuration>
</component>

5
MalwareMultiScan.Api/Attributes/MaxFileSizeAttribute.cs
View File

@ -15,10 +15,7 @@ namespace MalwareMultiScan.Api.Attributes
{
var maxSize = validationContext
.GetRequiredService<IConfiguration>()
.GetValue<long>("FILE_SIZE_LIMIT");
if (maxSize == 0)
return ValidationResult.Success;
.GetValue<long>("MaxFileSize");
var formFile = (IFormFile) value;

2
MalwareMultiScan.Api/Controllers/QueueController.cs
View File

@ -2,7 +2,7 @@ using System;
using System.ComponentModel.DataAnnotations;
using System.Threading.Tasks;
using MalwareMultiScan.Api.Attributes;
using MalwareMultiScan.Api.Data;
using MalwareMultiScan.Api.Data.Models;
using MalwareMultiScan.Api.Services.Interfaces;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;

2
MalwareMultiScan.Api/Controllers/ScanResultsController.cs
View File

@ -1,5 +1,5 @@
using System.Threading.Tasks;
using MalwareMultiScan.Api.Data;
using MalwareMultiScan.Api.Data.Models;
using MalwareMultiScan.Api.Services.Interfaces;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;

18
MalwareMultiScan.Api/Data/Configuration/ScanBackend.cs Normal file
View File

@ -0,0 +1,18 @@
namespace MalwareMultiScan.Api.Data.Configuration
{
/// <summary>
/// Scan backend.
/// </summary>
public class ScanBackend
{
/// <summary>
/// Backend id.
/// </summary>
public string Id { get; set; }
/// <summary>
/// Backend state.
/// </summary>
public bool Enabled { get; set; }
}
}

9
MalwareMultiScan.Api/Data/ScanResult.cs → MalwareMultiScan.Api/Data/Models/ScanResult.cs
View File

@ -1,10 +1,9 @@
using System;
using System.Collections.Generic;
using MalwareMultiScan.Shared.Message;
using MongoDB.Bson;
using MongoDB.Bson.Serialization.Attributes;
namespace MalwareMultiScan.Api.Data
namespace MalwareMultiScan.Api.Data.Models
{
/// <summary>
/// Scan result.
@ -24,9 +23,9 @@ namespace MalwareMultiScan.Api.Data
public Uri CallbackUrl { get; set; }
/// <summary>
/// Result entries where key is backend id and value is <see cref="ScanResultMessage" />.
/// Result entries where key is backend id and value is <see cref="ScanResultEntry" />.
/// </summary>
public Dictionary<string, ScanResultMessage> Results { get; set; } =
new Dictionary<string, ScanResultMessage>();
public Dictionary<string, ScanResultEntry> Results { get; set; } =
new Dictionary<string, ScanResultEntry>();
}
}

28
MalwareMultiScan.Api/Data/Models/ScanResultEntry.cs Normal file
View File

@ -0,0 +1,28 @@
namespace MalwareMultiScan.Api.Data.Models
{
/// <summary>
/// Scan result entry.
/// </summary>
public class ScanResultEntry
{
/// <summary>
/// Completion status.
/// </summary>
public bool Completed { get; set; }
/// <summary>
/// Indicates that scanning completed without error.
/// </summary>
public bool? Succeeded { get; set; }
/// <summary>
/// Scanning duration in seconds.
/// </summary>
public long Duration { get; set; }
/// <summary>
/// Detected names of threats.
/// </summary>
public string[] Threats { get; set; }
}
}

1
MalwareMultiScan.Api/Dockerfile
View File

@ -4,7 +4,6 @@ WORKDIR /src
COPY MalwareMultiScan.Api /src/MalwareMultiScan.Api
COPY MalwareMultiScan.Backends /src/MalwareMultiScan.Backends
COPY MalwareMultiScan.Shared /src/MalwareMultiScan.Shared
RUN dotnet publish -c Release -r linux-x64 -o ./publish MalwareMultiScan.Api/MalwareMultiScan.Api.csproj

4
MalwareMultiScan.Api/Extensions/ServiceCollectionExtensions.cs
View File

@ -14,8 +14,8 @@ namespace MalwareMultiScan.Api.Extensions
{
internal static void AddMongoDb(this IServiceCollection services, IConfiguration configuration)
{
var client = new MongoClient(configuration.GetValue<string>("MONGO_ADDRESS"));
var db = client.GetDatabase(configuration.GetValue<string>("MONGO_DATABASE"));
var client = new MongoClient(configuration.GetConnectionString("Mongo"));
var db = client.GetDatabase(configuration.GetValue<string>("DatabaseName"));
services.AddSingleton(client);
services.AddSingleton(db);

23
MalwareMultiScan.Api/MalwareMultiScan.Api.csproj
View File

@ -4,27 +4,24 @@
<TargetFramework>netcoreapp3.1</TargetFramework>
<Company>Volodymyr Smirnov</Company>
<Product>MalwareMultiScan Api</Product>
<AssemblyVersion>1.5.0</AssemblyVersion>
<FileVersion>1.5.0</FileVersion>
<AssemblyVersion>1.0.1</AssemblyVersion>
<FileVersion>1.0.1</FileVersion>
<GenerateDocumentationFile>true</GenerateDocumentationFile>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Hangfire.AspNetCore" Version="1.7.18" />
<PackageReference Include="Hangfire.Redis.StackExchange" Version="1.8.4" />
<PackageReference Include="MongoDB.Driver" Version="2.11.5" />
<PackageReference Include="MongoDB.Driver.GridFS" Version="2.11.5" />
<None Update="backends.yaml">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</None>
</ItemGroup>
<ItemGroup>
<PackageReference Include="MongoDB.Driver" Version="2.11.3" />
<PackageReference Include="MongoDB.Driver.GridFS" Version="2.11.3" />
<PackageReference Include="YamlDotNet" Version="8.1.2" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\MalwareMultiScan.Backends\MalwareMultiScan.Backends.csproj" />
</ItemGroup>
<ItemGroup>
<Content Update="Properties\launchSettings.json">
<CopyToOutputDirectory>Never</CopyToOutputDirectory>
<CopyToPublishDirectory>Never</CopyToPublishDirectory>
</Content>
</ItemGroup>
</Project>

21
MalwareMultiScan.Api/Program.cs
View File

@ -1,5 +1,4 @@
using System.Diagnostics.CodeAnalysis;
using System.Threading.Tasks;
using EasyNetQ.LightInject;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Hosting;
@ -8,19 +7,15 @@ namespace MalwareMultiScan.Api
[ExcludeFromCodeCoverage]
internal static class Program
{
public static async Task Main(string[] args)
public static void Main(string[] args)
{
await Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(builder =>
{
builder.ConfigureKestrel(
options => options.Limits.MaxRequestBodySize = long.MaxValue);
CreateHostBuilder(args).Build().Run();
}
builder.UseStartup<Startup>();
})
.UseConsoleLifetime()
.Build()
.RunAsync();
private static IHostBuilder CreateHostBuilder(string[] args)
{
return Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder => webBuilder.UseStartup<Startup>());
}
}
}

8
MalwareMultiScan.Api/Properties/launchSettings.json
View File

@ -1,8 +0,0 @@
{
"$schema": "http://json.schemastore.org/launchsettings.json",
"profiles": {
"MalwareMultiScan.Api": {
"commandName": "Project"
}
}
}

103
MalwareMultiScan.Api/Services/Implementations/ReceiverHostedService.cs Normal file
View File

@ -0,0 +1,103 @@
using System;
using System.Net.Http;
using System.Text;
using System.Threading;
using System.Threading.Tasks;
using EasyNetQ;
using MalwareMultiScan.Api.Services.Interfaces;
using MalwareMultiScan.Backends.Messages;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Logging;
using Newtonsoft.Json;
namespace MalwareMultiScan.Api.Services.Implementations
{
/// <inheritdoc />
public class ReceiverHostedService : IReceiverHostedService
{
private readonly IBus _bus;
private readonly IConfiguration _configuration;
private readonly IHttpClientFactory _httpClientFactory;
private readonly ILogger<ReceiverHostedService> _logger;
private readonly IScanResultService _scanResultService;
/// <summary>
/// Initialize receiver hosted service.
/// </summary>
/// <param name="bus">EasyNetQ bus.</param>
/// <param name="configuration">Configuration.</param>
/// <param name="scanResultService">Scan result service.</param>
/// <param name="logger">Logger.</param>
/// <param name="httpClientFactory">HTTP client factory.</param>
public ReceiverHostedService(IBus bus, IConfiguration configuration, IScanResultService scanResultService,
ILogger<ReceiverHostedService> logger, IHttpClientFactory httpClientFactory)
{
_bus = bus;
_configuration = configuration;
_scanResultService = scanResultService;
_logger = logger;
_httpClientFactory = httpClientFactory;
}
/// <inheritdoc />
public Task StartAsync(CancellationToken cancellationToken)
{
_bus.Receive<ScanResultMessage>(
_configuration.GetValue<string>("ResultsSubscriptionId"), StoreScanResult);
_logger.LogInformation(
"Started hosted service for receiving scan results");
return Task.CompletedTask;
}
/// <inheritdoc />
public Task StopAsync(CancellationToken cancellationToken)
{
_bus?.Dispose();
_logger.LogInformation(
"Stopped hosted service for receiving scan results");
return Task.CompletedTask;
}
private async Task StoreScanResult(ScanResultMessage message)
{
message.Threats ??= new string[] { };
_logger.LogInformation(
$"Received a result from {message.Backend} for {message.Id} " +
$"with threats {string.Join(",", message.Threats)}");
await _scanResultService.UpdateScanResultForBackend(
message.Id, message.Backend, message.Duration, true,
message.Succeeded, message.Threats);
var result = await _scanResultService.GetScanResult(message.Id);
if (result?.CallbackUrl == null)
return;
var cancellationTokenSource = new CancellationTokenSource(
TimeSpan.FromSeconds(3));
using var httpClient = _httpClientFactory.CreateClient();
try
{
var response = await httpClient.PostAsync(
result.CallbackUrl,
new StringContent(JsonConvert.SerializeObject(result), Encoding.UTF8, "application/json"),
cancellationTokenSource.Token);
response.EnsureSuccessStatusCode();
}
catch (Exception exception)
{
_logger.LogError(exception, $"Failed to POST to callback URL {result.CallbackUrl}");
}
}
}
}

64
MalwareMultiScan.Api/Services/Implementations/ScanBackendService.cs Normal file
View File

@ -0,0 +1,64 @@
using System;
using System.IO;
using System.Threading.Tasks;
using EasyNetQ;
using MalwareMultiScan.Api.Data.Configuration;
using MalwareMultiScan.Api.Data.Models;
using MalwareMultiScan.Api.Services.Interfaces;
using MalwareMultiScan.Backends.Messages;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Logging;
using YamlDotNet.Serialization;
using YamlDotNet.Serialization.NamingConventions;
namespace MalwareMultiScan.Api.Services.Implementations
{
/// <inheritdoc />
public class ScanBackendService : IScanBackendService
{
private readonly IBus _bus;
private readonly ILogger<ScanBackendService> _logger;
/// <summary>
/// Initialise scan backend service.
/// </summary>
/// <param name="configuration">Configuration.</param>
/// <param name="bus">EasyNetQ bus.</param>
/// <param name="logger">Logger.</param>
/// <exception cref="FileNotFoundException">Missing backends.yaml configuration.</exception>
public ScanBackendService(IConfiguration configuration, IBus bus, ILogger<ScanBackendService> logger)
{
_bus = bus;
_logger = logger;
var configurationPath = configuration.GetValue<string>("BackendsConfiguration");
if (!File.Exists(configurationPath))
throw new FileNotFoundException("Missing BackendsConfiguration YAML file", configurationPath);
var configurationContent = File.ReadAllText(configurationPath);
var deserializer = new DeserializerBuilder()
.WithNamingConvention(CamelCaseNamingConvention.Instance)
.Build();
List = deserializer.Deserialize<ScanBackend[]>(configurationContent);
}
/// <inheritdoc />
public ScanBackend[] List { get; }
/// <inheritdoc />
public async Task QueueUrlScan(ScanResult result, ScanBackend backend, string fileUrl)
{
_logger.LogInformation(
$"Queueing scan for {result.Id} on {backend.Id} at {fileUrl}");
await _bus.SendAsync(backend.Id, new ScanRequestMessage
{
Id = result.Id,
Uri = new Uri(fileUrl)
});
}
}
}

71
MalwareMultiScan.Api/Services/ScanResultService.cs → MalwareMultiScan.Api/Services/Implementations/ScanResultService.cs
View File

@ -2,46 +2,33 @@ using System;
using System.IO;
using System.Linq;
using System.Threading.Tasks;
using Consul;
using Hangfire;
using Hangfire.States;
using MalwareMultiScan.Api.Data;
using MalwareMultiScan.Api.Data.Models;
using MalwareMultiScan.Api.Services.Interfaces;
using MalwareMultiScan.Shared.Enums;
using MalwareMultiScan.Shared.Message;
using MalwareMultiScan.Shared.Services.Interfaces;
using MongoDB.Bson;
using MongoDB.Driver;
using MongoDB.Driver.GridFS;
namespace MalwareMultiScan.Api.Services
namespace MalwareMultiScan.Api.Services.Implementations
{
/// <inheritdoc />
public class ScanResultService : IScanResultService
{
private const string CollectionName = "ScanResults";
private readonly IBackgroundJobClient _backgroundJobClient;
private readonly IGridFSBucket _bucket;
private readonly IMongoCollection<ScanResult> _collection;
private readonly IConsulClient _consulClient;
private readonly IScanBackendService _scanBackendService;
/// <summary>
/// Initialize scan result service.
/// </summary>
/// <param name="db">Mongo database.</param>
/// <param name="bucket">GridFS bucket.</param>
/// <param name="consulClient">Consul client.</param>
/// <param name="backgroundJobClient">Background job client.</param>
public ScanResultService(
IMongoDatabase db,
IGridFSBucket bucket,
IConsulClient consulClient,
IBackgroundJobClient backgroundJobClient)
/// <param name="scanBackendService">Scan backend service.</param>
public ScanResultService(IMongoDatabase db, IGridFSBucket bucket, IScanBackendService scanBackendService)
{
_bucket = bucket;
_consulClient = consulClient;
_backgroundJobClient = backgroundJobClient;
_scanBackendService = scanBackendService;
_collection = db.GetCollection<ScanResult>(CollectionName);
}
@ -51,7 +38,11 @@ namespace MalwareMultiScan.Api.Services
{
var scanResult = new ScanResult
{
CallbackUrl = callbackUrl
CallbackUrl = callbackUrl,
Results = _scanBackendService.List
.Where(b => b.Enabled)
.ToDictionary(k => k.Id, v => new ScanResultEntry())
};
await _collection.InsertOneAsync(scanResult);
@ -69,43 +60,25 @@ namespace MalwareMultiScan.Api.Services
}
/// <inheritdoc />
public async Task UpdateScanResultForBackend(string resultId, string backendId,
ScanResultMessage result = null)
public async Task UpdateScanResultForBackend(string resultId, string backendId, long duration,
bool completed = false, bool succeeded = false, string[] threats = null)
{
result ??= new ScanResultMessage
{
Status = ScanResultStatus.Queued
};
await _collection.UpdateOneAsync(
Builders<ScanResult>.Filter.Where(r => r.Id == resultId),
Builders<ScanResult>.Update.Set(r => r.Results[backendId], result));
Builders<ScanResult>.Update.Set(r => r.Results[backendId], new ScanResultEntry
{
Completed = completed,
Succeeded = succeeded,
Duration = duration,
Threats = threats ?? new string[] { }
}));
}
/// <inheritdoc />
public async Task QueueUrlScan(ScanResult result, string fileUrl)
{
var message = new ScanQueueMessage
{
Id = result.Id,
Uri = new Uri(fileUrl)
};
var scanners = await _consulClient.Health.Service("scanner", null, true);
var backends = scanners.Response
.Select(s => s.Service.Meta.TryGetValue("BackendId", out var backendId) ? backendId : null)
.Where(q => q != null)
.Distinct()
.ToArray();
foreach (var backend in backends)
{
await UpdateScanResultForBackend(result.Id, backend);
_backgroundJobClient.Create<IScanBackgroundJob>(
j => j.Process(message), new EnqueuedState(backend));
}
foreach (var backend in _scanBackendService.List.Where(b => b.Enabled))
await _scanBackendService.QueueUrlScan(result, backend, fileUrl);
}
/// <inheritdoc />

11
MalwareMultiScan.Api/Services/Interfaces/IReceiverHostedService.cs Normal file
View File

@ -0,0 +1,11 @@
using Microsoft.Extensions.Hosting;
namespace MalwareMultiScan.Api.Services.Interfaces
{
/// <summary>
/// Receiver hosted service.
/// </summary>
public interface IReceiverHostedService : IHostedService
{
}
}

25
MalwareMultiScan.Api/Services/Interfaces/IScanBackendService.cs Normal file
View File

@ -0,0 +1,25 @@
using System.Threading.Tasks;
using MalwareMultiScan.Api.Data.Configuration;
using MalwareMultiScan.Api.Data.Models;
namespace MalwareMultiScan.Api.Services.Interfaces
{
/// <summary>
/// Scan backend service.
/// </summary>
public interface IScanBackendService
{
/// <summary>
/// Get list of parsed backends.
/// </summary>
ScanBackend[] List { get; }
/// <summary>
/// Queue URL for scan.
/// </summary>
/// <param name="result">Result entry.</param>
/// <param name="backend">Backend entry.</param>
/// <param name="fileUrl">Remote URL.</param>
Task QueueUrlScan(ScanResult result, ScanBackend backend, string fileUrl);
}
}

11
MalwareMultiScan.Api/Services/Interfaces/IScanResultService.cs
View File

@ -1,8 +1,7 @@
using System;
using System.IO;
using System.Threading.Tasks;
using MalwareMultiScan.Api.Data;
using MalwareMultiScan.Shared.Message;
using MalwareMultiScan.Api.Data.Models;
namespace MalwareMultiScan.Api.Services.Interfaces
{
@ -30,8 +29,12 @@ namespace MalwareMultiScan.Api.Services.Interfaces
/// </summary>
/// <param name="resultId">Result id.</param>
/// <param name="backendId">Backend id.</param>
/// <param name="result">Scan result.</param>
Task UpdateScanResultForBackend(string resultId, string backendId, ScanResultMessage result = null);
/// <param name="duration">Duration.</param>
/// <param name="completed">Completion status.</param>
/// <param name="succeeded">Indicates that scanning completed without error.</param>
/// <param name="threats">Detected names of threats.</param>
Task UpdateScanResultForBackend(string resultId, string backendId, long duration,
bool completed = false, bool succeeded = false, string[] threats = null);
/// <summary>
/// Queue URL for scanning.

94
MalwareMultiScan.Api/Services/ScanResultJob.cs
View File

@ -1,94 +0,0 @@
using System;
using System.Net.Http;
using System.Text;
using System.Text.Json;
using System.Threading;
using System.Threading.Tasks;
using Hangfire;
using Hangfire.States;
using MalwareMultiScan.Api.Services.Interfaces;
using MalwareMultiScan.Shared.Message;
using MalwareMultiScan.Shared.Services.Interfaces;
using Microsoft.Extensions.Logging;
namespace MalwareMultiScan.Api.Services
{
/// <summary>
/// Job for storing scan results.
/// </summary>
public class ScanResultJob : IScanResultJob
{
private readonly IBackgroundJobClient _backgroundJobClient;
private readonly IHttpClientFactory _httpClientFactory;
private readonly ILogger<ScanResultJob> _logger;
private readonly IScanResultService _scanResultService;
/// <summary>
/// Initialize scan result storing job.
/// </summary>
/// <param name="logger">Logger.</param>
/// <param name="httpClientFactory">HTTP client factory.</param>
/// <param name="scanResultService">Scan result service.</param>
/// <param name="backgroundJobClient">Background job client.</param>
public ScanResultJob(
ILogger<ScanResultJob> logger,
IHttpClientFactory httpClientFactory,
IScanResultService scanResultService,
IBackgroundJobClient backgroundJobClient)
{
_logger = logger;
_httpClientFactory = httpClientFactory;
_scanResultService = scanResultService;
_backgroundJobClient = backgroundJobClient;
}
/// <inheritdoc />
public async Task Report(string resultId, string backendId, ScanResultMessage result)
{
_logger.LogInformation(
$"Received a result from {backendId} for {result} with status {result.Status} " +
$"and threats {string.Join(",", result.Threats)}");
await _scanResultService.UpdateScanResultForBackend(resultId, backendId, result);
var scanResult = await _scanResultService.GetScanResult(resultId);
if (scanResult?.CallbackUrl == null)
return;
_backgroundJobClient.Create<IScanResultJob>(
x => x.Notify(scanResult.CallbackUrl, resultId, backendId, result),
new EnqueuedState("default"));
}
/// <inheritdoc />
public async Task Notify(Uri uri, string resultId, string backendId, ScanResultMessage result)
{
var cancellationTokenSource = new CancellationTokenSource(
TimeSpan.FromSeconds(5));
using var httpClient = _httpClientFactory.CreateClient();
try
{
var builder = new UriBuilder(uri)
{
Query = $"?id={resultId}" +
$"&backend={backendId}"
};
var response = await httpClient.PostAsync(builder.Uri,
new StringContent(JsonSerializer.Serialize(result), Encoding.UTF8, "application/json"),
cancellationTokenSource.Token);
response.EnsureSuccessStatusCode();
_logger.LogInformation($"Sent POST to callback URL {uri}");
}
catch (Exception exception)
{
_logger.LogError(exception, $"Failed to POST to callback URL {uri}");
}
}
}
}

31
MalwareMultiScan.Api/Startup.cs
View File

@ -1,14 +1,12 @@
using System.Diagnostics.CodeAnalysis;
using Hangfire;
using MalwareMultiScan.Api.Extensions;
using MalwareMultiScan.Api.Services;
using MalwareMultiScan.Api.Services.Implementations;
using MalwareMultiScan.Api.Services.Interfaces;
using MalwareMultiScan.Shared.Extensions;
using MalwareMultiScan.Shared.Services.Interfaces;
using MalwareMultiScan.Backends.Extensions;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Server.Kestrel.Core;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
namespace MalwareMultiScan.Api
{
@ -26,26 +24,29 @@ namespace MalwareMultiScan.Api
{
services.AddDockerForwardedHeadersOptions();
services.AddConsul(_configuration);
services.AddMongoDb(_configuration);
services.AddHangfire(_configuration);
services.Configure<KestrelServerOptions>(options =>
{
options.Limits.MaxRequestBodySize = _configuration.GetValue<int>("MaxFileSize");
});
services.AddMongoDb(_configuration);
services.AddRabbitMq(_configuration);
services.AddSingleton<IScanBackendService, ScanBackendService>();
services.AddSingleton<IScanResultService, ScanResultService>();
services.AddSingleton<IScanResultJob, ScanResultJob>();
services.AddControllers();
services.AddHostedService<ReceiverHostedService>();
services.AddHttpClient();
}
public void Configure(IApplicationBuilder app, IHostEnvironment hostEnvironment)
public void Configure(IApplicationBuilder app)
{
app.UseRouting();
app.UseEndpoints(endpoints => endpoints.MapControllers());
app.UseForwardedHeaders();
if (hostEnvironment.IsDevelopment())
app.UseHangfireDashboard();
app.UseEndpoints(endpoints => endpoints.MapControllers());
}
}
}

17
MalwareMultiScan.Api/appsettings.json
View File

@ -7,12 +7,15 @@
}
},
"MONGO_ADDRESS": "mongodb://localhost:27017",
"MONGO_DATABASE": "MalwareMultiScan",
"AllowedHosts": "*",
"ConnectionStrings": {
"Mongo": "mongodb://localhost:27017",
"RabbitMQ": "host=localhost"
},
"REDIS_ADDRESS": "localhost:6379",
"CONSUL_ADDRESS": "http://localhost:8500",
"FILE_SIZE_LIMIT": 52428800
"DatabaseName": "MalwareMultiScan",
"ResultsSubscriptionId": "mms.results",
"MaxFileSize": 52428800,
"BackendsConfiguration": "backends.yaml"
}

23
MalwareMultiScan.Api/backends.yaml Normal file
View File

@ -0,0 +1,23 @@
- id: dummy
enabled: true
- id: clamav
enabled: true
- id: windows-defender
enabled: true
- id: comodo
enabled: false
- id: drweb
enabled: false
- id: kes
enabled: false
- id: mcafee
enabled: false
- id: sophos
enabled: false

2
MalwareMultiScan.Backends/Backends/Abstracts/AbstractScanBackend.cs
View File

@ -4,7 +4,7 @@ using System.IO;
using System.Net.Http;
using System.Threading;
using System.Threading.Tasks;
using MalwareMultiScan.Backends.Backends.Interfaces;
using MalwareMultiScan.Backends.Interfaces;
namespace MalwareMultiScan.Backends.Backends.Abstracts
{

2
MalwareMultiScan.Backends/Backends/ClamavScanBackend.cs → MalwareMultiScan.Backends/Backends/Implementations/ClamavScanBackend.cs
View File

@ -2,7 +2,7 @@ using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class ClamavScanBackend : AbstractLocalProcessScanBackend

2
MalwareMultiScan.Backends/Backends/ComodoScanBackend.cs → MalwareMultiScan.Backends/Backends/Implementations/ComodoScanBackend.cs
View File

@ -2,7 +2,7 @@ using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class ComodoScanBackend : AbstractLocalProcessScanBackend

2
MalwareMultiScan.Backends/Backends/DrWebScanBackend.cs → MalwareMultiScan.Backends/Backends/Implementations/DrWebScanBackend.cs
View File

@ -2,7 +2,7 @@ using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class DrWebScanBackend : AbstractLocalProcessScanBackend

4
MalwareMultiScan.Backends/Backends/DummyScanBackend.cs → MalwareMultiScan.Backends/Backends/Implementations/DummyScanBackend.cs
View File

@ -2,9 +2,9 @@ using System;
using System.IO;
using System.Threading;
using System.Threading.Tasks;
using MalwareMultiScan.Backends.Backends.Interfaces;
using MalwareMultiScan.Backends.Interfaces;
namespace MalwareMultiScan.Backends.Backends
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class DummyScanBackend : IScanBackend

2
MalwareMultiScan.Backends/Backends/KesScanBackend.cs → MalwareMultiScan.Backends/Backends/Implementations/KesScanBackend.cs
View File

@ -2,7 +2,7 @@ using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class KesScanBackend : AbstractLocalProcessScanBackend

2
MalwareMultiScan.Backends/Backends/McAfeeScanBackend.cs → MalwareMultiScan.Backends/Backends/Implementations/McAfeeScanBackend.cs
View File

@ -2,7 +2,7 @@ using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class McAfeeScanBackend : AbstractLocalProcessScanBackend

2
MalwareMultiScan.Backends/Backends/SophosScanBackend.cs → MalwareMultiScan.Backends/Backends/Implementations/SophosScanBackend.cs
View File

@ -2,7 +2,7 @@ using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class SophosScanBackend : AbstractLocalProcessScanBackend

2
MalwareMultiScan.Backends/Backends/WindowsDefenderScanBackend.cs → MalwareMultiScan.Backends/Backends/Implementations/WindowsDefenderScanBackend.cs
View File

@ -2,7 +2,7 @@ using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class WindowsDefenderScanBackend : AbstractLocalProcessScanBackend

2
MalwareMultiScan.Backends/Dockerfiles/Clamav.Dockerfile
View File

@ -5,6 +5,6 @@ ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && apt-get install -y clamav clamav-daemon
RUN freshclam --quiet
ENV BACKEND_ID=clamav
ENV BackendType=Clamav
ENTRYPOINT /etc/init.d/clamav-daemon start && /worker/MalwareMultiScan.Scanner

2
MalwareMultiScan.Backends/Dockerfiles/Comodo.Dockerfile
View File

@ -7,4 +7,4 @@ RUN wget -q https://cdn.download.comodo.com/cis/download/installs/linux/cav-linu
RUN wget -q http://download.comodo.com/av/updates58/sigs/bases/bases.cav -O /opt/COMODO/scanners/bases.cav
ENV BACKEND_ID=comodo
ENV BackendType=Comodo

2
MalwareMultiScan.Backends/Dockerfiles/DrWeb.Dockerfile
View File

@ -23,6 +23,6 @@ RUN /opt/drweb.com/bin/drweb-configd -d -p /var/run/drweb-configd.pid && \
drweb-ctl update && \
kill $(cat /var/run/drweb-configd.pid)
ENV BACKEND_ID=drweb
ENV BackendType=DrWeb
ENTRYPOINT /opt/drweb.com/bin/drweb-configd -d -p /var/run/drweb-configd.pid && /worker/MalwareMultiScan.Scanner

2
MalwareMultiScan.Backends/Dockerfiles/KES.Dockerfile
View File

@ -30,6 +30,6 @@ kesl-control -B --query "FileName == \"$1\"" 2> /dev/null \n\
exit $? \
' > /usr/bin/kesl-scan && chmod +x /usr/bin/kesl-scan
ENV BACKEND_ID=kes
ENV BackendType=Kes
ENTRYPOINT /etc/init.d/kesl-supervisor start && /worker/MalwareMultiScan.Scanner

2
MalwareMultiScan.Backends/Dockerfiles/McAfee.Dockerfile
View File

@ -16,4 +16,4 @@ RUN wget -q -Nc -r -nd -l1 -A "avvepo????dat.zip" http://download.nai.com/produc
WORKDIR /worker
ENV BACKEND_ID=mcafee
ENV BackendType=McAfee

2
MalwareMultiScan.Backends/Dockerfiles/Sophos.Dockerfile
View File

@ -9,5 +9,5 @@ RUN wget -q $SOPHOS_URL -O /tmp/SophosInstall.sh && \
chmod +x /tmp/SophosInstall.sh && \
/tmp/SophosInstall.sh --automatic --acceptlicence || exit 0
ENV BACKEND_ID=sophos
ENV BackendType=Sophos

2
MalwareMultiScan.Backends/Dockerfiles/WindowsDefender.Dockerfile
View File

@ -18,4 +18,4 @@ RUN apt-get update && apt-get install -y libc6-i386
COPY --from=backend /opt/loadlibrary/engine /opt/engine
COPY --from=backend /opt/loadlibrary/mpclient /opt/mpclient
ENV BACKEND_ID=windows-defender
ENV BackendType=Defender

48
MalwareMultiScan.Backends/Enums/BackendType.cs Normal file
View File

@ -0,0 +1,48 @@
namespace MalwareMultiScan.Backends.Enums
{
/// <summary>
/// Backend type.
/// </summary>
public enum BackendType
{
/// <summary>
/// Dummy
/// </summary>
Dummy,
/// <summary>
/// Windows Defender.
/// </summary>
Defender,
/// <summary>
/// ClamAV.
/// </summary>
Clamav,
/// <summary>
/// DrWeb.
/// </summary>
DrWeb,
/// <summary>
/// KES.
/// </summary>
Kes,
/// <summary>
/// Comodo.
/// </summary>
Comodo,
/// <summary>
/// Sophos.
/// </summary>
Sophos,
/// <summary>
/// McAfee.
/// </summary>
McAfee
}
}

67
MalwareMultiScan.Backends/Extensions/ServiceCollectionExtensions.cs
View File

@ -1,7 +1,9 @@
using System;
using System.Diagnostics.CodeAnalysis;
using MalwareMultiScan.Backends.Backends;
using MalwareMultiScan.Backends.Backends.Interfaces;
using EasyNetQ;
using MalwareMultiScan.Backends.Backends.Implementations;
using MalwareMultiScan.Backends.Enums;
using MalwareMultiScan.Backends.Interfaces;
using MalwareMultiScan.Backends.Services.Implementations;
using MalwareMultiScan.Backends.Services.Interfaces;
using Microsoft.Extensions.Configuration;
@ -15,42 +17,55 @@ namespace MalwareMultiScan.Backends.Extensions
[ExcludeFromCodeCoverage]
public static class ServiceCollectionExtensions
{
/// <summary>
/// Add RabbitMQ service.
/// </summary>
/// <param name="services">Service collection.</param>
/// <param name="configuration">Configuration.</param>
public static void AddRabbitMq(this IServiceCollection services, IConfiguration configuration)
{
services.AddSingleton(x =>
RabbitHutch.CreateBus(configuration.GetConnectionString("RabbitMQ")));
}
/// <summary>
/// Add scanning backend.
/// </summary>
/// <param name="services">Service collection.</param>
/// <param name="configuration">Configuration.</param>
/// <exception cref="ArgumentOutOfRangeException">Unknown backend.</exception>
public static void AddScanBackend(this IServiceCollection services, IConfiguration configuration)
public static void AddScanningBackend(this IServiceCollection services, IConfiguration configuration)
{
services.AddSingleton<IProcessRunner, ProcessRunner>();
switch (configuration.GetValue<string>("BACKEND_ID"))
switch (configuration.GetValue<BackendType>("BackendType"))
{
case "clamav":
services.AddSingleton<IScanBackend, ClamavScanBackend>();
break;
case "drweb":
services.AddSingleton<IScanBackend, DrWebScanBackend>();
break;
case "kes":
services.AddSingleton<IScanBackend, KesScanBackend>();
break;
case "comodo":
services.AddSingleton<IScanBackend, ComodoScanBackend>();
break;
case "sophos":
services.AddSingleton<IScanBackend, SophosScanBackend>();
break;
case "mcafee":
services.AddSingleton<IScanBackend, McAfeeScanBackend>();
break;
case "windows-defender":
services.AddSingleton<IScanBackend, WindowsDefenderScanBackend>();
break;
default:
case BackendType.Dummy:
services.AddSingleton<IScanBackend, DummyScanBackend>();
break;
case BackendType.Defender:
services.AddSingleton<IScanBackend, WindowsDefenderScanBackend>();
break;
case BackendType.Clamav:
services.AddSingleton<IScanBackend, ClamavScanBackend>();
break;
case BackendType.DrWeb:
services.AddSingleton<IScanBackend, DrWebScanBackend>();
break;
case BackendType.Kes:
services.AddSingleton<IScanBackend, KesScanBackend>();
break;
case BackendType.Comodo:
services.AddSingleton<IScanBackend, ComodoScanBackend>();
break;
case BackendType.Sophos:
services.AddSingleton<IScanBackend, SophosScanBackend>();
break;
case BackendType.McAfee:
services.AddSingleton<IScanBackend, McAfeeScanBackend>();
break;
default:
throw new ArgumentOutOfRangeException();
}
}
}

2
MalwareMultiScan.Backends/Backends/Interfaces/IScanBackend.cs → MalwareMultiScan.Backends/Interfaces/IScanBackend.cs
View File

@ -3,7 +3,7 @@ using System.IO;
using System.Threading;
using System.Threading.Tasks;
namespace MalwareMultiScan.Backends.Backends.Interfaces
namespace MalwareMultiScan.Backends.Interfaces
{
/// <summary>
/// Scan backend.

10
MalwareMultiScan.Backends/MalwareMultiScan.Backends.csproj
View File

@ -4,13 +4,17 @@
<TargetFramework>netcoreapp3.1</TargetFramework>
<Company>Volodymyr Smirnov</Company>
<Product>MalwareMultiScan Backends</Product>
<AssemblyVersion>1.5.0</AssemblyVersion>
<FileVersion>1.5.0</FileVersion>
<AssemblyVersion>1.0.0</AssemblyVersion>
<FileVersion>1.0.0</FileVersion>
<GenerateDocumentationFile>true</GenerateDocumentationFile>
</PropertyGroup>
<ItemGroup>
<ProjectReference Include="..\MalwareMultiScan.Shared\MalwareMultiScan.Shared.csproj" />
<PackageReference Include="EasyNetQ" Version="5.6.0" />
<PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="3.1.9" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="3.1.9" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="3.1.9" />
<PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="3.1.9" />
</ItemGroup>
</Project>

10
MalwareMultiScan.Shared/Message/ScanQueueMessage.cs → MalwareMultiScan.Backends/Messages/ScanRequestMessage.cs
View File

@ -1,19 +1,19 @@
using System;
namespace MalwareMultiScan.Shared.Message
namespace MalwareMultiScan.Backends.Messages
{
/// <summary>
/// Scan queue message.
/// Scan request message.
/// </summary>
public class ScanQueueMessage
public class ScanRequestMessage
{
/// <summary>
/// Scan result id.
/// Result id.
/// </summary>
public string Id { get; set; }
/// <summary>
/// Scan file URL.
/// Remote URL.
/// </summary>
public Uri Uri { get; set; }
}

33
MalwareMultiScan.Backends/Messages/ScanResultMessage.cs Normal file
View File

@ -0,0 +1,33 @@
namespace MalwareMultiScan.Backends.Messages
{
/// <summary>
/// Scan result message.
/// </summary>
public class ScanResultMessage
{
/// <summary>
/// Result id.
/// </summary>
public string Id { get; set; }
/// <summary>
/// Backend.
/// </summary>
public string Backend { get; set; }
/// <summary>
/// Status.
/// </summary>
public bool Succeeded { get; set; }
/// <summary>
/// List of detected threats.
/// </summary>
public string[] Threats { get; set; }
/// <summary>
/// Duration.
/// </summary>
public long Duration { get; set; }
}
}

0
MalwareMultiScan.Backends/Services/ProcessRunner.cs → MalwareMultiScan.Backends/Services/Implementations/ProcessRunner.cs
View File

1
MalwareMultiScan.Scanner/Dockerfile
View File

@ -4,7 +4,6 @@ WORKDIR /src
COPY MalwareMultiScan.Scanner /src/MalwareMultiScan.Scanner
COPY MalwareMultiScan.Backends /src/MalwareMultiScan.Backends
COPY MalwareMultiScan.Shared /src/MalwareMultiScan.Shared
RUN dotnet publish -c Release -r linux-x64 -o ./publish MalwareMultiScan.Scanner/MalwareMultiScan.Scanner.csproj

11
MalwareMultiScan.Scanner/MalwareMultiScan.Scanner.csproj
View File

@ -1,13 +1,20 @@
<Project Sdk="Microsoft.NET.Sdk.Worker">
<PropertyGroup>
<TargetFramework>netcoreapp3.1</TargetFramework>
<Company>Volodymyr Smirnov</Company>
<Product>MalwareMultiScan Scanner</Product>
<AssemblyVersion>1.5.0</AssemblyVersion>
<FileVersion>1.5.0</FileVersion>
<AssemblyVersion>1.0.1</AssemblyVersion>
<FileVersion>1.0.1</FileVersion>
<GenerateDocumentationFile>true</GenerateDocumentationFile>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Hangfire.AspNetCore" Version="1.7.17" />
<PackageReference Include="Hangfire.MemoryStorage" Version="1.7.0" />
<PackageReference Include="Microsoft.Extensions.Hosting" Version="3.1.9" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\MalwareMultiScan.Backends\MalwareMultiScan.Backends.csproj" />
</ItemGroup>

43
MalwareMultiScan.Scanner/Program.cs
View File

@ -1,15 +1,13 @@
using System.Diagnostics.CodeAnalysis;
using System.Threading.Tasks;
using Hangfire;
using Hangfire.MemoryStorage;
using MalwareMultiScan.Backends.Extensions;
using MalwareMultiScan.Backends.Services.Implementations;
using MalwareMultiScan.Backends.Services.Interfaces;
using MalwareMultiScan.Scanner.Services;
using MalwareMultiScan.Shared.Extensions;
using MalwareMultiScan.Shared.Services.Interfaces;
using MalwareMultiScan.Scanner.Services.Implementations;
using MalwareMultiScan.Scanner.Services.Interfaces;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;
namespace MalwareMultiScan.Scanner
{
@ -19,32 +17,29 @@ namespace MalwareMultiScan.Scanner
public static async Task Main(string[] args)
{
await Host.CreateDefaultBuilder(args)
.ConfigureLogging((context, builder) =>
.ConfigureAppConfiguration(configure =>
{
builder.AddConsole();
builder.AddConfiguration(context.Configuration);
})
.ConfigureAppConfiguration(builder =>
{
builder.AddJsonFile("appsettings.json");
builder.AddEnvironmentVariables();
configure.AddJsonFile("appsettings.json");
configure.AddEnvironmentVariables();
})
.ConfigureServices((context, services) =>
{
services.AddConsul(context.Configuration);
services.AddScanBackend(context.Configuration);
services.AddLogging();
services.AddHangfire(context.Configuration,
context.Configuration.GetValue<string>("BACKEND_ID"));
services.AddRabbitMq(context.Configuration);
services.AddScanningBackend(context.Configuration);
services.AddSingleton<IProcessRunner, ProcessRunner>();
services.AddSingleton<IScanBackgroundJob, ScanBackgroundJob>();
services.AddHostedService<ScanHostedService>();
services.AddHostedService<ConsulHostedService>();
})
.UseConsoleLifetime()
.Build()
.RunAsync();
services.AddHangfire(
configuration => configuration.UseMemoryStorage());
services.AddHangfireServer(options =>
{
options.WorkerCount = context.Configuration.GetValue<int>("WorkerCount");
});
}).RunConsoleAsync();
}
}
}

8
MalwareMultiScan.Scanner/Properties/launchSettings.json
View File

@ -1,8 +0,0 @@
{
"$schema": "http://json.schemastore.org/launchsettings.json",
"profiles": {
"MalwareMultiScan.Scanner": {
"commandName": "Project"
}
}
}

91
MalwareMultiScan.Scanner/Services/ConsulHostedService.cs
View File

@ -1,91 +0,0 @@
using System;
using System.Collections.Generic;
using System.Net;
using System.Threading;
using System.Threading.Tasks;
using Consul;
using MalwareMultiScan.Backends.Backends.Interfaces;
using Microsoft.Extensions.Hosting;
namespace MalwareMultiScan.Scanner.Services
{
/// <summary>
/// Consul registration hosted service.
/// </summary>
public class ConsulHostedService : BackgroundService
{
private static readonly string ServiceId = Dns.GetHostName();
private static readonly string CheckId = $"ttl-{ServiceId}";
private readonly IConsulClient _consulClient;
private readonly AgentServiceRegistration _registration;
/// <summary>
/// Initialize consul hosted service.
/// </summary>
/// <param name="consulClient">Consul client.</param>
/// <param name="scanBackend">Scan backend.</param>
public ConsulHostedService(
IConsulClient consulClient,
IScanBackend scanBackend)
{
_consulClient = consulClient;
_registration = new AgentServiceRegistration
{
ID = ServiceId,
Name = "scanner",
Meta = new Dictionary<string, string>
{
{"BackendId", scanBackend.Id}
}
};
}
/// <inheritdoc />
protected override async Task ExecuteAsync(CancellationToken stoppingToken)
{
while (!stoppingToken.IsCancellationRequested)
{
await _consulClient.Agent.PassTTL(
CheckId, string.Empty, stoppingToken);
await Task.Delay(TimeSpan.FromSeconds(5), stoppingToken);
}
}
/// <inheritdoc />
public override async Task StartAsync(CancellationToken cancellationToken)
{
await _consulClient.Agent.ServiceDeregister(
_registration.ID, cancellationToken);
await _consulClient.Agent.ServiceRegister(
_registration, cancellationToken);
await _consulClient.Agent.CheckRegister(new AgentCheckRegistration
{
ID = CheckId,
Name = "TTL",
ServiceID = ServiceId,
TTL = TimeSpan.FromSeconds(15),
DeregisterCriticalServiceAfter = TimeSpan.FromSeconds(60)
}, cancellationToken);
await base.StartAsync(cancellationToken);
}
/// <inheritdoc />
public override async Task StopAsync(CancellationToken cancellationToken)
{
await _consulClient.Agent.ServiceDeregister(
_registration.ID, cancellationToken);
await _consulClient.Agent.CheckDeregister(
CheckId, cancellationToken);
await base.StopAsync(cancellationToken);
}
}
}

59
MalwareMultiScan.Scanner/Services/ScanBackgroundJob.cs → MalwareMultiScan.Scanner/Services/Implementations/ScanBackgroundJob.cs
View File

@ -2,58 +2,52 @@ using System;
using System.Diagnostics;
using System.Threading;
using System.Threading.Tasks;
using Hangfire;
using Hangfire.States;
using MalwareMultiScan.Backends.Backends.Interfaces;
using MalwareMultiScan.Shared.Enums;
using MalwareMultiScan.Shared.Message;
using MalwareMultiScan.Shared.Services.Interfaces;
using EasyNetQ;
using MalwareMultiScan.Backends.Interfaces;
using MalwareMultiScan.Backends.Messages;
using MalwareMultiScan.Scanner.Services.Interfaces;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Logging;
namespace MalwareMultiScan.Scanner.Services
namespace MalwareMultiScan.Scanner.Services.Implementations
{
/// <inheritdoc />
public class ScanBackgroundJob : IScanBackgroundJob
{
private readonly IScanBackend _backend;
private readonly IBus _bus;
private readonly IConfiguration _configuration;
private readonly IBackgroundJobClient _jobClient;
private readonly ILogger<ScanBackgroundJob> _logger;
/// <summary>
/// Initialize scan background job.
/// </summary>
/// <param name="configuration">Configuration.</param>
/// <param name="bus">Bus.</param>
/// <param name="logger">Logger.</param>
/// <param name="backend">Scan backend.</param>
/// <param name="jobClient">Background job client.</param>
public ScanBackgroundJob(
IScanBackend backend,
IConfiguration configuration,
ILogger<ScanBackgroundJob> logger,
IBackgroundJobClient jobClient)
public ScanBackgroundJob(IConfiguration configuration, IBus bus,
ILogger<ScanBackgroundJob> logger, IScanBackend backend)
{
_backend = backend;
_configuration = configuration;
_bus = bus;
_logger = logger;
_jobClient = jobClient;
_backend = backend;
}
/// <inheritdoc />
public async Task Process(ScanQueueMessage message)
public async Task Process(ScanRequestMessage message)
{
_logger.LogInformation(
$"Starting scan of {message.Uri} via backend {_backend.Id} from {message.Id}");
var cancellationTokenSource = new CancellationTokenSource(
TimeSpan.FromSeconds(_configuration.GetValue<int>("MAX_SCANNING_TIME")));
var cancellationToken = cancellationTokenSource.Token;
TimeSpan.FromSeconds(_configuration.GetValue<int>("MaxScanningTime")));
var result = new ScanResultMessage
{
Status = ScanResultStatus.Queued
Id = message.Id,
Backend = _backend.Id
};
var stopwatch = new Stopwatch();
@ -62,9 +56,10 @@ namespace MalwareMultiScan.Scanner.Services
try
{
result.Threats = await _backend.ScanAsync(message.Uri, cancellationToken);
result.Threats = await _backend.ScanAsync(
message.Uri, cancellationTokenSource.Token);
result.Status = ScanResultStatus.Succeeded;
result.Succeeded = true;
_logger.LogInformation(
$"Backend {_backend.Id} completed a scan of {message.Id} " +
@ -72,7 +67,7 @@ namespace MalwareMultiScan.Scanner.Services
}
catch (Exception exception)
{
result.Status = ScanResultStatus.Failed;
result.Succeeded = false;
_logger.LogError(
exception, "Scanning failed with exception");
@ -84,19 +79,11 @@ namespace MalwareMultiScan.Scanner.Services
result.Duration = stopwatch.ElapsedMilliseconds / 1000;
try
{
_logger.LogInformation(
$"Sending scan results with status {result.Status}");
_logger.LogInformation(
$"Sending scan results with status {result.Succeeded}");
_jobClient.Create<IScanResultJob>(
x => x.Report(message.Id, _backend.Id, result),
new EnqueuedState("default"));
}
catch (Exception exception)
{
_logger.LogError(exception, "Failed to send scan results");
}
await _bus.SendAsync(
_configuration.GetValue<string>("ResultsSubscriptionId"), result);
}
}
}

57
MalwareMultiScan.Scanner/Services/Implementations/ScanHostedService.cs Normal file
View File

@ -0,0 +1,57 @@
using System.Threading;
using System.Threading.Tasks;
using EasyNetQ;
using Hangfire;
using MalwareMultiScan.Backends.Interfaces;
using MalwareMultiScan.Backends.Messages;
using MalwareMultiScan.Scanner.Services.Interfaces;
using Microsoft.Extensions.Logging;
namespace MalwareMultiScan.Scanner.Services.Implementations
{
/// <inheritdoc />
public class ScanHostedService : IScanHostedService
{
private readonly IScanBackend _backend;
private readonly IBus _bus;
private readonly ILogger<ScanHostedService> _logger;
/// <summary>
/// Initialise scan hosted service.
/// </summary>
/// <param name="logger">Logger.</param>
/// <param name="backend">Scan backend.</param>
/// <param name="bus">EasyNetQ bus.</param>
public ScanHostedService(
ILogger<ScanHostedService> logger,
IScanBackend backend, IBus bus)
{
_logger = logger;
_bus = bus;
_backend = backend;
}
/// <inheritdoc />
public Task StartAsync(CancellationToken cancellationToken)
{
_bus.Receive<ScanRequestMessage>(_backend.Id, message =>
BackgroundJob.Enqueue<IScanBackgroundJob>(j => j.Process(message)));
_logger.LogInformation(
$"Started scan hosting service for the backend {_backend.Id}");
return Task.CompletedTask;
}
/// <inheritdoc />
public Task StopAsync(CancellationToken cancellationToken)
{
_bus.Dispose();
_logger.LogInformation(
$"Stopped scan hosting service for the backend {_backend.Id}");
return Task.CompletedTask;
}
}
}

17
MalwareMultiScan.Scanner/Services/Interfaces/IScanBackgroundJob.cs Normal file
View File

@ -0,0 +1,17 @@
using System.Threading.Tasks;
using MalwareMultiScan.Backends.Messages;
namespace MalwareMultiScan.Scanner.Services.Interfaces
{
/// <summary>
/// Background scanning job.
/// </summary>
public interface IScanBackgroundJob
{
/// <summary>
/// Process scan request in the background worker.
/// </summary>
/// <param name="requestMessage">Request message.</param>
Task Process(ScanRequestMessage requestMessage);
}
}

11
MalwareMultiScan.Scanner/Services/Interfaces/IScanHostedService.cs Normal file
View File

@ -0,0 +1,11 @@
using Microsoft.Extensions.Hosting;
namespace MalwareMultiScan.Scanner.Services.Interfaces
{
/// <summary>
/// Scan hosted service.
/// </summary>
public interface IScanHostedService : IHostedService
{
}
}

20
MalwareMultiScan.Scanner/appsettings.json
View File

@ -1,9 +1,19 @@
{
"REDIS_ADDRESS": "localhost:6379",
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"BackendType": "Dummy",
"CONSUL_ADDRESS": "http://localhost:8500",
"MaxScanningTime": 60,
"ResultsSubscriptionId": "mms.results",
"WorkerCount": 4,
"BACKEND_ID": "dummy",
"MAX_SCANNING_TIME": 60,
"WORKER_COUNT": 4
"ConnectionStrings": {
"RabbitMQ": "host=localhost;prefetchcount=1"
}
}

23
MalwareMultiScan.Shared/Enums/ScanResultStatus.cs
View File

@ -1,23 +0,0 @@
namespace MalwareMultiScan.Shared.Enums
{
/// <summary>
/// Scan result status.
/// </summary>
public enum ScanResultStatus
{
/// <summary>
/// Scan is queued.
/// </summary>
Queued,
/// <summary>
/// Scan succeeded.
/// </summary>
Succeeded,
/// <summary>
/// Scan failed.
/// </summary>
Failed
}
}

60
MalwareMultiScan.Shared/Extensions/ServiceCollectionExtensions.cs
View File

@ -1,60 +0,0 @@
using System;
using System.Diagnostics.CodeAnalysis;
using Consul;
using Hangfire;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
namespace MalwareMultiScan.Shared.Extensions
{
/// <summary>
/// Extensions for IServiceCollection.
/// </summary>
[ExcludeFromCodeCoverage]
public static class ServiceCollectionExtensions
{
/// <summary>
/// Add consul to the service collection and register the node on start.
/// </summary>
/// <param name="services">Service collection.</param>
/// <param name="configuration">Configuration.</param>
public static void AddConsul(this IServiceCollection services, IConfiguration configuration)
{
services.AddSingleton<IConsulClient>(new ConsulClient(config =>
{
config.Address = configuration.GetValue<Uri>("CONSUL_ADDRESS");
config.WaitTime = TimeSpan.FromSeconds(120);
}));
}
/// <summary>
/// Add Hangfire with Redis storage.
/// </summary>
/// <param name="services">Service collection.</param>
/// <param name="configuration">Configuration.</param>
/// <param name="queues">Queue names.</param>
public static void AddHangfire(this IServiceCollection services,
IConfiguration configuration, params string[] queues)
{
if (queues.Length == 0)
queues = new[] {"default"};
services.AddHangfire(options =>
options.UseRedisStorage(configuration.GetValue<string>("REDIS_ADDRESS")));
services.AddHangfireServer(options =>
{
options.Queues = queues;
options.ServerTimeout = TimeSpan.FromSeconds(30);
options.HeartbeatInterval = TimeSpan.FromSeconds(5);
options.ServerCheckInterval = TimeSpan.FromSeconds(15);
var workerCount = configuration.GetValue<int>("WORKER_COUNT");
if (workerCount > 0)
options.WorkerCount = workerCount;
});
}
}
}

19
MalwareMultiScan.Shared/MalwareMultiScan.Shared.csproj
View File

@ -1,19 +0,0 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>netcoreapp3.1</TargetFramework>
<Company>Volodymyr Smirnov</Company>
<Product>MalwareMultiScan Shared</Product>
<AssemblyVersion>1.5.0</AssemblyVersion>
<FileVersion>1.5.0</FileVersion>
<GenerateDocumentationFile>true</GenerateDocumentationFile>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Consul" Version="1.6.1.1" />
<PackageReference Include="Hangfire.AspNetCore" Version="1.7.18" />
<PackageReference Include="Hangfire.Redis.StackExchange" Version="1.8.4" />
<PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="3.1.10" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="3.1.10" />
<PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="3.1.10" />
</ItemGroup>
</Project>

25
MalwareMultiScan.Shared/Message/ScanResultMessage.cs
View File

@ -1,25 +0,0 @@
using MalwareMultiScan.Shared.Enums;
namespace MalwareMultiScan.Shared.Message
{
/// <summary>
/// Scan result message.
/// </summary>
public class ScanResultMessage
{
/// <summary>
/// Scan status.
/// </summary>
public ScanResultStatus Status { get; set; }
/// <summary>
/// Scan duration in seconds.
/// </summary>
public long Duration { get; set; }
/// <summary>
/// Detected threats.
/// </summary>
public string[] Threats { get; set; }
}
}

19
MalwareMultiScan.Shared/Services/Interfaces/IScanBackgroundJob.cs
View File

@ -1,19 +0,0 @@
using System.Threading.Tasks;
using Hangfire;
using MalwareMultiScan.Shared.Message;
namespace MalwareMultiScan.Shared.Services.Interfaces
{
/// <summary>
/// Scan background job.
/// </summary>
[AutomaticRetry(Attempts = 0, OnAttemptsExceeded = AttemptsExceededAction.Delete)]
public interface IScanBackgroundJob
{
/// <summary>
/// Start scan.
/// </summary>
/// <param name="message">Scan queue message.</param>
Task Process(ScanQueueMessage message);
}
}

32
MalwareMultiScan.Shared/Services/Interfaces/IScanResultJob.cs
View File

@ -1,32 +0,0 @@
using System;
using System.Threading.Tasks;
using Hangfire;
using MalwareMultiScan.Shared.Message;
namespace MalwareMultiScan.Shared.Services.Interfaces
{
/// <summary>
/// Scan background result job.
/// </summary>
public interface IScanResultJob
{
/// <summary>
/// Report job status.
/// </summary>
/// <param name="resultId">Result id.</param>
/// <param name="backendId">Backend id.</param>
/// <param name="result">Scan result.</param>
[AutomaticRetry(Attempts = 0, OnAttemptsExceeded = AttemptsExceededAction.Delete)]
Task Report(string resultId, string backendId, ScanResultMessage result);
/// <summary>
/// Notify remote URL on scan result.
/// </summary>
/// <param name="uri">Base URL.</param>
/// <param name="resultId">Result id.</param>
/// <param name="backendId">Backend id.</param>
/// <param name="result">Scan result.</param>
[AutomaticRetry(Attempts = 0, OnAttemptsExceeded = AttemptsExceededAction.Delete)]
Task Notify(Uri uri, string resultId, string backendId, ScanResultMessage result);
}
}

2
MalwareMultiScan.Tests/Api/AttributesTests.cs
View File

@ -36,7 +36,7 @@ namespace MalwareMultiScan.Tests.Api
new MemoryConfigurationProvider(new MemoryConfigurationSource())
})
{
["FILE_SIZE_LIMIT"] = "100"
["MaxFileSize"] = "100"
};
var context = new ValidationContext(

2
MalwareMultiScan.Tests/Api/ControllersTests.cs
View File

@ -1,7 +1,7 @@
using System.IO;
using System.Threading.Tasks;
using MalwareMultiScan.Api.Controllers;
using MalwareMultiScan.Api.Data;
using MalwareMultiScan.Api.Data.Models;
using MalwareMultiScan.Api.Services.Interfaces;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;

81
MalwareMultiScan.Tests/Api/ReceiverHostedServiceTests.cs Normal file
View File

@ -0,0 +1,81 @@
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Threading.Tasks;
using EasyNetQ;
using MalwareMultiScan.Api.Services.Implementations;
using MalwareMultiScan.Api.Services.Interfaces;
using MalwareMultiScan.Backends.Messages;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Configuration.Memory;
using Microsoft.Extensions.Logging;
using Moq;
using NUnit.Framework;
namespace MalwareMultiScan.Tests.Api
{
public class ReceiverHostedServiceTests
{
private Mock<IBus> _busMock;
private IReceiverHostedService _receiverHostedService;
private Mock<IScanResultService> _scanResultServiceMock;
[SetUp]
public void SetUp()
{
_busMock = new Mock<IBus>();
_busMock
.Setup(x => x.Receive("mms.results", It.IsAny<Func<ScanResultMessage, Task>>()))
.Callback<string, Func<ScanResultMessage, Task>>((s, func) =>
{
var task = func.Invoke(new ScanResultMessage
{
Id = "test",
Backend = "dummy",
Duration = 100,
Succeeded = true,
Threats = new[] {"Test"}
});
task.Wait();
});
_scanResultServiceMock = new Mock<IScanResultService>();
var configuration = new ConfigurationRoot(new List<IConfigurationProvider>
{
new MemoryConfigurationProvider(new MemoryConfigurationSource())
})
{
["ResultsSubscriptionId"] = "mms.results"
};
var httpClientFactoryMock = new Mock<IHttpClientFactory>();
_receiverHostedService = new ReceiverHostedService(
_busMock.Object,
configuration,
_scanResultServiceMock.Object,
Mock.Of<ILogger<ReceiverHostedService>>(),
httpClientFactoryMock.Object);
}
[Test]
public async Task TestBusReceiveScanResultMessage()
{
await _receiverHostedService.StartAsync(default);
_scanResultServiceMock.Verify(x => x.UpdateScanResultForBackend(
"test", "dummy", 100, true, true, new[] {"Test"}), Times.Once);
}
[Test]
public async Task TestBusIsDisposedOnStop()
{
await _receiverHostedService.StopAsync(default);
_busMock.Verify(x => x.Dispose(), Times.Once);
}
}
}

63
MalwareMultiScan.Tests/Api/ScanBackendServiceTests.cs Normal file
View File

@ -0,0 +1,63 @@
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using EasyNetQ;
using MalwareMultiScan.Api.Data.Configuration;
using MalwareMultiScan.Api.Data.Models;
using MalwareMultiScan.Api.Services.Implementations;
using MalwareMultiScan.Api.Services.Interfaces;
using MalwareMultiScan.Backends.Messages;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Configuration.Memory;
using Microsoft.Extensions.Logging;
using Moq;
using NUnit.Framework;
namespace MalwareMultiScan.Tests.Api
{
public class ScanBackendServiceTests
{
private Mock<IBus> _busMock;
private IScanBackendService _scanBackendService;
[SetUp]
public void SetUp()
{
var configuration = new ConfigurationRoot(new List<IConfigurationProvider>
{
new MemoryConfigurationProvider(new MemoryConfigurationSource())
})
{
["BackendsConfiguration"] = "backends.yaml"
};
_busMock = new Mock<IBus>();
_scanBackendService = new ScanBackendService(
configuration,
_busMock.Object,
Mock.Of<ILogger<ScanBackendService>>());
}
[Test]
public void TestBackendsAreNotEmpty()
{
Assert.IsNotEmpty(_scanBackendService.List);
}
[Test]
public async Task TestQueueUrlScan()
{
await _scanBackendService.QueueUrlScan(
new ScanResult {Id = "test"},
new ScanBackend {Id = "dummy"},
"http://test.com"
);
_busMock.Verify(x => x.SendAsync(
"dummy", It.Is<ScanRequestMessage>(r =>
r.Id == "test" &&
r.Uri == new Uri("http://test.com"))), Times.Once);
}
}
}

49
MalwareMultiScan.Tests/Api/ScanResultServiceTests.cs
View File

@ -1,11 +1,9 @@
using System.IO;
using System.Threading.Tasks;
using Consul;
using Hangfire;
using MalwareMultiScan.Api.Services;
using MalwareMultiScan.Api.Data.Configuration;
using MalwareMultiScan.Api.Data.Models;
using MalwareMultiScan.Api.Services.Implementations;
using MalwareMultiScan.Api.Services.Interfaces;
using MalwareMultiScan.Shared.Enums;
using MalwareMultiScan.Shared.Message;
using Mongo2Go;
using MongoDB.Bson;
using MongoDB.Driver;
@ -19,6 +17,7 @@ namespace MalwareMultiScan.Tests.Api
{
private MongoDbRunner _mongoDbRunner;
private IScanResultService _resultService;
private Mock<IScanBackendService> _scanBackendService;
[SetUp]
public void SetUp()
@ -29,10 +28,19 @@ namespace MalwareMultiScan.Tests.Api
var database = connection.GetDatabase("Test");
var gridFsBucket = new GridFSBucket(database);
_scanBackendService = new Mock<IScanBackendService>();
_scanBackendService
.SetupGet(x => x.List)
.Returns(() => new[]
{
new ScanBackend {Id = "dummy", Enabled = true},
new ScanBackend {Id = "clamav", Enabled = true},
new ScanBackend {Id = "disabled", Enabled = false}
});
_resultService = new ScanResultService(
database, gridFsBucket,
Mock.Of<IConsulClient>(),
Mock.Of<IBackgroundJobClient>());
database, gridFsBucket, _scanBackendService.Object);
}
[TearDown]
@ -77,14 +85,10 @@ namespace MalwareMultiScan.Tests.Api
var result = await _resultService.CreateScanResult(null);
Assert.NotNull(result.Id);
Assert.That(result.Results, Contains.Key("dummy"));
await _resultService.UpdateScanResultForBackend(
result.Id, "dummy", new ScanResultMessage
{
Duration = 100,
Status = ScanResultStatus.Succeeded,
Threats = new[] {"Test"}
});
result.Id, "dummy", 100, true, true, new[] {"Test"});
result = await _resultService.GetScanResult(result.Id);
@ -93,10 +97,25 @@ namespace MalwareMultiScan.Tests.Api
var dummyResult = result.Results["dummy"];
Assert.IsTrue(dummyResult.Status == ScanResultStatus.Succeeded);
Assert.IsTrue(dummyResult.Completed);
Assert.IsTrue(dummyResult.Succeeded);
Assert.AreEqual(dummyResult.Duration, 100);
Assert.IsNotEmpty(dummyResult.Threats);
Assert.That(dummyResult.Threats, Is.EquivalentTo(new[] {"Test"}));
}
[Test]
public async Task TestQueueUrlScan()
{
var result = await _resultService.CreateScanResult(null);
await _resultService.QueueUrlScan(
result, "http://url.com");
_scanBackendService.Verify(x => x.QueueUrlScan(
It.IsAny<ScanResult>(),
It.IsAny<ScanBackend>(),
"http://url.com"), Times.Exactly(2));
}
}
}

4
MalwareMultiScan.Tests/Backends/BackendsTests.cs
View File

@ -1,7 +1,7 @@
using System.Threading;
using System.Threading.Tasks;
using MalwareMultiScan.Backends.Backends;
using MalwareMultiScan.Backends.Backends.Interfaces;
using MalwareMultiScan.Backends.Backends.Implementations;
using MalwareMultiScan.Backends.Interfaces;
using MalwareMultiScan.Backends.Services.Interfaces;
using Moq;
using NUnit.Framework;

4
MalwareMultiScan.Tests/MalwareMultiScan.Tests.csproj
View File

@ -8,10 +8,10 @@
<ItemGroup>
<PackageReference Include="Mongo2Go" Version="2.2.14" />
<PackageReference Include="Moq" Version="4.15.2" />
<PackageReference Include="Moq" Version="4.14.7" />
<PackageReference Include="nunit" Version="3.12.0" />
<PackageReference Include="NUnit3TestAdapter" Version="3.17.0" />
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.8.3" />
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.7.1" />
</ItemGroup>
<ItemGroup>

68
MalwareMultiScan.Tests/Scanner/ScanBackgroundJobTests.cs Normal file
View File

@ -0,0 +1,68 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using EasyNetQ;
using MalwareMultiScan.Backends.Interfaces;
using MalwareMultiScan.Backends.Messages;
using MalwareMultiScan.Scanner.Services.Implementations;
using MalwareMultiScan.Scanner.Services.Interfaces;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Configuration.Memory;
using Microsoft.Extensions.Logging;
using Moq;
using NUnit.Framework;
namespace MalwareMultiScan.Tests.Scanner
{
public class ScanBackgroundJobTests
{
private Mock<IBus> _busMock;
private Mock<IScanBackend> _scanBackendMock;
private IScanBackgroundJob _scanBackgroundJob;
[SetUp]
public void SetUp()
{
var configuration = new ConfigurationRoot(new List<IConfigurationProvider>
{
new MemoryConfigurationProvider(new MemoryConfigurationSource())
})
{
["ResultsSubscriptionId"] = "mms.results"
};
_busMock = new Mock<IBus>();
_scanBackendMock = new Mock<IScanBackend>();
_scanBackendMock
.SetupGet(x => x.Id)
.Returns("dummy");
_scanBackendMock
.Setup(x => x.ScanAsync(It.IsAny<Uri>(), It.IsAny<CancellationToken>()))
.Returns(Task.FromResult(new[] {"Test"}));
_scanBackgroundJob = new ScanBackgroundJob(configuration, _busMock.Object,
Mock.Of<ILogger<ScanBackgroundJob>>(), _scanBackendMock.Object);
}
[Test]
public async Task TestMessageProcessing()
{
await _scanBackgroundJob.Process(new ScanRequestMessage
{
Id = "test",
Uri = new Uri("http://test.com")
});
_scanBackendMock.Verify(
x => x.ScanAsync(It.IsAny<Uri>(), It.IsAny<CancellationToken>()));
_busMock.Verify(x => x.SendAsync("mms.results", It.Is<ScanResultMessage>(m =>
m.Succeeded && m.Backend == "dummy" && m.Id == "test" && m.Threats.Contains("Test"))));
}
}
}

54
MalwareMultiScan.Tests/Scanner/ScanHostedServiceTests.cs Normal file
View File

@ -0,0 +1,54 @@
using System;
using System.Threading.Tasks;
using EasyNetQ;
using MalwareMultiScan.Backends.Interfaces;
using MalwareMultiScan.Backends.Messages;
using MalwareMultiScan.Scanner.Services.Implementations;
using MalwareMultiScan.Scanner.Services.Interfaces;
using Microsoft.Extensions.Logging;
using Moq;
using NUnit.Framework;
namespace MalwareMultiScan.Tests.Scanner
{
public class ScanHostedServiceTests
{
private Mock<IBus> _busMock;
private Mock<IScanBackend> _scanBackendMock;
private IScanHostedService _scanHostedService;
[SetUp]
public void SetUp()
{
_busMock = new Mock<IBus>();
_scanBackendMock = new Mock<IScanBackend>();
_scanBackendMock
.SetupGet(x => x.Id)
.Returns("dummy");
_scanHostedService = new ScanHostedService(
Mock.Of<ILogger<ScanHostedService>>(),
_scanBackendMock.Object,
_busMock.Object);
}
[Test]
public async Task TestBusReceiveScanResultMessage()
{
await _scanHostedService.StartAsync(default);
_busMock.Verify(
x => x.Receive("dummy", It.IsAny<Action<ScanRequestMessage>>()));
}
[Test]
public async Task TestBusIsDisposedOnStop()
{
await _scanHostedService.StopAsync(default);
_busMock.Verify(x => x.Dispose(), Times.Once);
}
}
}

22
MalwareMultiScan.Ui/models/scan-result-entry-flattened.ts
View File

@ -1,31 +1,19 @@
import ScanResultEntry from '~/models/scan-result-entry';
import {ScanResultStatus} from '~/models/scan-result-status';
export default class ScanResultEntryFlattened implements ScanResultEntry {
readonly id: string;
readonly status: ScanResultStatus;
readonly completed: boolean;
readonly succeeded: boolean | null;
readonly duration: number;
readonly threats: string[];
constructor(id: string, status: ScanResultStatus, duration: number, threats: string[]) {
constructor(id: string, completed: boolean, succeeded: boolean | null, duration: number, threats: string[]) {
this.id = id;
this.status = status;
this.completed = completed;
this.succeeded = succeeded;
this.duration = duration;
this.threats = threats;
}
get completed()
{
return this.status != ScanResultStatus.Queued
}
get succeeded()
{
return this.status === ScanResultStatus.Succeeded;
}
get failed()
{
return this.status === ScanResultStatus.Failed;
}
}

5
MalwareMultiScan.Ui/models/scan-result-entry.ts
View File

@ -1,7 +1,6 @@
import { ScanResultStatus } from '~/models/scan-result-status';
export default interface ScanResultEntry {
readonly status: ScanResultStatus,
readonly completed: boolean,
readonly succeeded: boolean | null,
readonly duration: number,
readonly threats: string[]
}

6
MalwareMultiScan.Ui/models/scan-result-status.ts
View File

@ -1,6 +0,0 @@
export enum ScanResultStatus
{
Queued,
Succeeded,
Failed
}

1978
MalwareMultiScan.Ui/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

16
MalwareMultiScan.Ui/package.json
View File

@ -1,6 +1,6 @@
{
"name": "malware-multi-scan-ui",
"version": "1.5.0",
"version": "1.0.2",
"private": true,
"scripts": {
"dev": "nuxt-ts",
@ -10,17 +10,17 @@
},
"dependencies": {
"@nuxt/typescript-runtime": "^2.0.0",
"@nuxtjs/axios": "^5.12.3",
"@nuxtjs/axios": "^5.12.2",
"@nuxtjs/proxy": "^2.0.1",
"bootstrap": "^4.5.2",
"bootstrap-vue": "^2.20.1",
"core-js": "^3.8.1",
"nuxt": "^2.14.10"
"bootstrap-vue": "^2.17.3",
"core-js": "^3.6.5",
"nuxt": "^2.14.6"
},
"devDependencies": {
"@nuxt/types": "^2.14.10",
"@nuxt/types": "^2.14.6",
"@nuxt/typescript-build": "^2.0.3",
"node-sass": "^5.0.0",
"sass-loader": "^10.1.0"
"node-sass": "^4.14.1",
"sass-loader": "^10.0.4"
}
}

11
MalwareMultiScan.Ui/pages/_id/index.vue
View File

@ -1,9 +1,9 @@
<template>
<b-table :fields="fields" :items="flattenedData" :responsive="true" class="m-0" striped>
<b-table :fields="fields" :items="flattenedData" responsive class="m-0" striped>
<template #cell(completed)="data">
<div class="h5 m-0">
<b-icon-check-circle-fill v-if="data.item.succeeded" variant="success"/>
<b-icon-exclamation-circle-fill v-if="data.item.completed && !data.item.succeeded" variant="danger"/>
<b-icon-check-circle-fill v-if="data.item.succeeded === true" variant="success"/>
<b-icon-exclamation-circle-fill v-if="data.item.succeeded === false" variant="danger"/>
<b-icon-bug-fill v-if="!data.item.completed" animation="spin-pulse"
class="rounded-circle bg-primary text-white" scale="0.7"/>
@ -17,7 +17,7 @@
<template #cell(threats)="data">
<div class="text-success" v-if="data.item.succeeded && !data.item.threats.length">No threats have been detected</div>
<div class="text-danger" v-if="data.item.completed && !data.item.succeeded">Scan failed to complete due to the error or timeout</div>
<div class="text-danger" v-if="data.item.succeeded === false">Scan failed to complete due to the error or timeout</div>
<div v-if="!data.item.completed">Scan is in progress</div>
<ul v-if="data.item.completed && data.item.threats.length" class="list-inline m-0">
@ -57,7 +57,8 @@ export default Vue.extend({
flattenedData(): ScanResultEntryFlattened[] {
return Object
.entries((this.data as ScanResult).results)
.map(([k, v]) => new ScanResultEntryFlattened(k, v.status, v.duration, v.threats))
.map(([k, v]) => new ScanResultEntryFlattened(
k, v.completed, v.succeeded, v.duration, v.threats))
}
},

18
MalwareMultiScan.sln
View File

@ -4,6 +4,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MalwareMultiScan.Backends",
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MalwareMultiScan.Api", "MalwareMultiScan.Api\MalwareMultiScan.Api.csproj", "{7B63B897-D390-4617-821F-F96799CBA2F4}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MalwareMultiScan.Scanner", "MalwareMultiScan.Scanner\MalwareMultiScan.Scanner.csproj", "{8A16A3C4-2AE3-4F63-8280-635FF7878080}"
EndProject
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Misc", "Misc", "{A248B5B7-7CBB-4242-98BD-51A9E915E485}"
ProjectSection(SolutionItems) = preProject
.dockerignore = .dockerignore
@ -15,10 +17,6 @@ EndProjectSection
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MalwareMultiScan.Tests", "MalwareMultiScan.Tests\MalwareMultiScan.Tests.csproj", "{9896162D-8FC7-4911-933F-A78C94128923}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MalwareMultiScan.Scanner", "MalwareMultiScan.Scanner\MalwareMultiScan.Scanner.csproj", "{D36ED4DD-4EEA-4609-8AED-B2FD496E4C90}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MalwareMultiScan.Shared", "MalwareMultiScan.Shared\MalwareMultiScan.Shared.csproj", "{534E3C92-FD6D-401C-99D4-792DB11B57AE}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
@ -33,17 +31,13 @@ Global
{7B63B897-D390-4617-821F-F96799CBA2F4}.Debug|Any CPU.Build.0 = Debug|Any CPU
{7B63B897-D390-4617-821F-F96799CBA2F4}.Release|Any CPU.ActiveCfg = Release|Any CPU
{7B63B897-D390-4617-821F-F96799CBA2F4}.Release|Any CPU.Build.0 = Release|Any CPU
{8A16A3C4-2AE3-4F63-8280-635FF7878080}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{8A16A3C4-2AE3-4F63-8280-635FF7878080}.Debug|Any CPU.Build.0 = Debug|Any CPU
{8A16A3C4-2AE3-4F63-8280-635FF7878080}.Release|Any CPU.ActiveCfg = Release|Any CPU
{8A16A3C4-2AE3-4F63-8280-635FF7878080}.Release|Any CPU.Build.0 = Release|Any CPU
{9896162D-8FC7-4911-933F-A78C94128923}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{9896162D-8FC7-4911-933F-A78C94128923}.Debug|Any CPU.Build.0 = Debug|Any CPU
{9896162D-8FC7-4911-933F-A78C94128923}.Release|Any CPU.ActiveCfg = Release|Any CPU
{9896162D-8FC7-4911-933F-A78C94128923}.Release|Any CPU.Build.0 = Release|Any CPU
{D36ED4DD-4EEA-4609-8AED-B2FD496E4C90}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{D36ED4DD-4EEA-4609-8AED-B2FD496E4C90}.Debug|Any CPU.Build.0 = Debug|Any CPU
{D36ED4DD-4EEA-4609-8AED-B2FD496E4C90}.Release|Any CPU.ActiveCfg = Release|Any CPU
{D36ED4DD-4EEA-4609-8AED-B2FD496E4C90}.Release|Any CPU.Build.0 = Release|Any CPU
{534E3C92-FD6D-401C-99D4-792DB11B57AE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{534E3C92-FD6D-401C-99D4-792DB11B57AE}.Debug|Any CPU.Build.0 = Debug|Any CPU
{534E3C92-FD6D-401C-99D4-792DB11B57AE}.Release|Any CPU.ActiveCfg = Release|Any CPU
{534E3C92-FD6D-401C-99D4-792DB11B57AE}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
EndGlobal

78
README.md
View File

@ -2,11 +2,13 @@
![Tests](https://github.com/mindcollapse/MalwareMultiScan/workflows/Tests/badge.svg?event=push) ![API](https://github.com/mindcollapse/MalwareMultiScan/workflows/API/badge.svg) ![UI](https://github.com/mindcollapse/MalwareMultiScan/workflows/UI/badge.svg) ![Scanners](https://github.com/mindcollapse/MalwareMultiScan/workflows/Scanners/badge.svg?event=push)
Self-hosted [VirusTotal](https://www.virustotal.com/) / [OPSWAT MetaDefender](https://metadefender.opswat.com/) wannabe API for scanning URLs and files by multiple antivirus solutions.
Self-hosted [VirusTotal](https://www.virustotal.com/) wannabe API for scanning URLs and files by multiple antivirus solutions.
![MalwareMultiScan UI](.github/img/malware-multi-scan-ui.gif)
**IMPORTANT**: version 1.5 introduces breaking changes in containers configuration and docker-compose.yaml layout. Please see [releases](https://github.com/mindcollapse/MalwareMultiScan/releases) page and changelog of [docker-compose.yaml](https://github.com/mindcollapse/MalwareMultiScan/commits/master/docker-compose.yaml) and [README.md](https://github.com/mindcollapse/MalwareMultiScan/commits/master/README.md) for the additional details.
**[Check out the demo UI](http://199.247.24.56:8888/) with ClamAV, Dummy, and Windows Defender scan backends**.
The demo is running on a cheap Vultr node, so it might get slow or unavailable occasionally.
## Introduction
@ -34,27 +36,29 @@ Configuration of API and Scanners is performed by passing the environment variab
#### MalwareMultiScan.Api
* `MONGO_ADDRESS=mongodb://localhost:27017` - MongoDB connection string.
* `ConnectionStrings__Mongo=mongodb://localhost:27017` - MongoDB connection string.
* `MONGO_DATABASE=MalwareMultiScan` - MongoDB collection name.
* `DatabaseName=MalwareMultiScan` - MongoDB collection name.
* `REDIS_ADDRESS=localhost:6379` - Redis address for the distributed task queue.
* `ConnectionStrings__RabbitMQ=host=localhost` - RabbitMQ connection string. See [EasyNetQ Wiki](https://github.com/EasyNetQ/EasyNetQ/wiki/Connecting-to-RabbitMQ) for details.
* `CONSUL_ADDRESS=http://localhost:8500` - Consul address for the service registration.
* `ResultsSubscriptionId=mms.results` - RabbitMQ subscription id for scan results. Should match with values defined for scanners.
* `FILE_SIZE_LIMIT=52428800` - Maximum size of a file that can be handled for the file scanning. The size of the URL content is not verified. Set to 0 to disable the validation.
* `MaxFileSize=52428800` - Maximum size of a file that can be handled for the file scanning. The size of the URL content is not verified.
* `BackendsConfiguration=backends.yaml` - Path to the [backends.yaml](MalwareMultiScan.Api/backends.yaml) file.
#### MalwareMultiScan.Scanner
* `BACKEND_ID=dummy` - Id of a backend.
* `ConnectionStrings__RabbitMQ=host=localhost` - RabbitMQ connection string. See [EasyNetQ Wiki](https://github.com/EasyNetQ/EasyNetQ/wiki/Connecting-to-RabbitMQ) for details.
* `REDIS_ADDRESS=localhost:6379` - Redis address for the distributed task queue.
* `ResultsSubscriptionId=mms.results` - RabbitMQ subscription id for scan results. Should match with values defined for scanners.
* `CONSUL_ADDRESS=http://localhost:8500` - Consul address for the service registration.
* `BackendType=Dummy` - A type of scanner backend used by the running instance. Should correspond to the [BackendType](MalwareMultiScan.Backends/Enums/BackendType.cs) enum.
* `MAX_SCANNING_TIME=60` - Scan time limit. It is used not just for actual scanning but also for getting the file.
* `MaxScanningTime=60` - Scan time limit. It is used not just for actual scanning but also for getting the file.
* `WORKER_COUNT=4` - Number of workers for parallel scanning.
* `WorkerCount=4` - Number of workers for parallel scanning.
#### MalwareMultiScan.Ui
@ -62,25 +66,13 @@ Configuration of API and Scanners is performed by passing the environment variab
### API Endpoints
* POST `/api/queue/url` with a `url` parameter passed via the form data.. Returns `201 Accepted` response with a [ScanResult](MalwareMultiScan.Api/Data/ScanResult.cs) or `400 Bad Request` error.
* POST `/api/queue/url` with a `url` parameter passed via the form data.. Returns `201 Accepted` response with a [ScanResult](MalwareMultiScan.Api/Data/Models/ScanResult.cs) or `400 Bad Request` error.
* POST `/api/queue/file` with a `file` parameter passed via the form data. Returns `201 Accepted` response with a [ScanResult](MalwareMultiScan.Api/Data/ScanResult.cs) or `400 Bad Request` error.
* POST `/api/queue/file` with a `file` parameter passed via the form data. Returns `201 Accepted` response with a [ScanResult](MalwareMultiScan.Api/Data/Models/ScanResult.cs) or `400 Bad Request` error.
* GET `/api/results/{result-id}` where `{result-id}` corresponds to the id value of a [ScanResult](MalwareMultiScan.Api/Data/ScanResult.cs). Returns `200 OK` response with a [ScanResult](MalwareMultiScan.Api/Data/ScanResult.cs) or `404 Not Found` error.
* GET `/api/results/{result-id}` where `{result-id}` corresponds to the id value of a [ScanResult](MalwareMultiScan.Api/Data/Models/ScanResult.cs). Returns `200 OK` response with a [ScanResult](MalwareMultiScan.Api/Data/Models/ScanResult.cs) or `404 Not Found` error.
#### Callback URL
Both `/api/queue/url` and `/api/queue/file` also accept an optional `callbackUrl` parameter with the http(s) URL in it. This URL will be requested by the POST method with JSON serialized [ScanResultMessage](MalwareMultiScan.Shared/Message/ScanResultMessage.cs) in a body on every update from scan backends. Query string will contain `id` parameter that corresponds to the id of the scan result and `backend` parameter with the id of backend which completed the scan.
I.e. when you define `callbackUrl=http://localhost:1234/scan-results`, the POST request will be made to `http://localhost:1234/scan-results?id=123&backend=dummy` with a body
```json
{
"Status": 1,
"Duration": 5,
"Threats": ["Malware.Dummy.Result"]
}
```
Both `/api/queue/url` and `/api/queue/file` also accept an optional `callbackUrl` parameter with the http(s) URL in it. This URL will be requested by the POST method with JSON serialized [ScanResult](MalwareMultiScan.Api/Data/Models/ScanResult.cs) in a body on every update from scan backends.
## Supported Scan Engines
@ -99,29 +91,11 @@ More scan backends can be added in the future. Some of the popular ones do not h
## Components
### Workflow
1. On startup all [Scanners](MalwareMultiScan.Scanner) register themselves in [Consul](https://www.consul.io/) with a service name equal to `scanner` and the `BackendId` metadata field equal to the value of `BACKEND_ID` environment variable. They also register a TTL check and listen for [Hangfire](https://www.hangfire.io/) background job in a queue named under the `BackendId` metadata field.
2. Third-party client triggers `/api/queue/url` or `/api/queue/file` of the [MalwareMultiScan.Api](MalwareMultiScan.Api).
3. [MalwareMultiScan.Api](MalwareMultiScan.Api) sends a query to [Consul](https://www.consul.io/) and receives the list of alive scan backends with the service name `scanner`.
4. [MalwareMultiScan.Api](MalwareMultiScan.Api) schedules a [Hangfire](https://www.hangfire.io/) background job in a queue named under the `BackendId` metadata field.
5. [Scanners](MalwareMultiScan.Scanner) picks up a job from queue, starts the scan and sends result back to the `default` queue of [Hangfire](https://www.hangfire.io/).
6. [MalwareMultiScan.Api](MalwareMultiScan.Api) picks a job from the default` queue of [Hangfire](https://www.hangfire.io/) and updates the state of the scan.
7. If callback URL was specified during the step #2, [MalwareMultiScan.Api](MalwareMultiScan.Api) triggers a HTTP POST request to the specified URL. See [Callback URL](#callback-url) for details.
### Prerequisites
* **MongoDB** of version 3.x or above. Used for storing scan results and files in GridFS. The communication is happening through the [official C#/.NET driver](https://docs.mongodb.com/drivers/csharp).
* **MongoDB** of version 3.x. Used for storing scan results and files in GridFS. The communication is happening through the [official C#/.NET driver](https://docs.mongodb.com/drivers/csharp).
* **Redis** of version 5.x or above. Used for tasks queueing. The communication is happening through the [Hangfire](https://www.hangfire.io/) library.
* **Consul** of version 1.8.x or above. Used for service registration of scan backends.
* **RabbitMQ** of version 3.x. Used for IPC and scan tasks queueing. The communication is happening through the [EasyNetQ](https://github.com/EasyNetQ/EasyNetQ) library.
* **Docker** and **docker-compose** running under Windows (in Linux containers mode), Linux, or OSX. Docker Compose is needed only for test / local deployments.
@ -129,11 +103,9 @@ More scan backends can be added in the future. Some of the popular ones do not h
### Parts
* [MalwareMultiScan.Api](MalwareMultiScan.Api) - Simple ASP.NET Core WebApi for queueing files & urls for the scan and returning the result. Also acts as a receiver of scan results from the scanning backend nodes. See [Dockerfile](MalwareMultiScan.Api/Dockerfile).
* [MalwareMultiScan.Api](MalwareMultiScan.Api) - Simple ASP.NET Core WebApi for queueing files & urls for the scan and returning the result. Also acts as a receiver of scan results from the scanning backend nodes. See [Dockerfile](MalwareMultiScan.Api/Dockerfile). Configuration of available backends is performed via the [backends.yaml](MalwareMultiScan.Api/backends.yaml) location passed via the `BackendsConfiguration` environment variable.
* [MalwareMultiScan.Backends](MalwareMultiScan.Backends) - Scan backends logic. Includes Dockerfiles and implementation classes for third-party vendor scan backends.
* [MalwareMultiScan.Shared](MalwareMultiScan.Shared) - Shared components.
* [MalwareMultiScan.Backends](MalwareMultiScan.Backends) - Shared components between API and Worker. Includes Dockerfiles and implementation classes for third-party vendor scan backends.
* [MalwareMultiScan.Scanner](MalwareMultiScan.Scanner) - .NET Core Worker service subscribes to messages corresponding to the backend id, then fires up scanning command-line utility, and parses the output. See [Dockerfile](MalwareMultiScan.Scanner/Dockerfile). The image of MalwareMultiScan.Scanner acts as a base image for the rest of the scan backends. Check Dockerfiles from the [table above](#supported-scan-engines) for details.
@ -141,4 +113,4 @@ More scan backends can be added in the future. Some of the popular ones do not h
## Plans
See [issues](https://github.com/mindcollapse/MalwareMultiScan/issues) for the list of planned features, bug-fixes, and improvements.
See [issues](https://github.com/mindcollapse/MalwareMultiScan/issues) for the list of planned features, bug-fixes, and improvements.

69
docker-compose.yaml
View File

@ -1,30 +1,31 @@
version: "3.3"
version: "3.8"
services:
redis:
image: redis:6
rabbitmq:
image: rabbitmq:3
restart: on-failure
expose:
- "5672"
volumes:
- redis:/data
- rabbitmq_etc/:/etc/rabbitmq/
- rabbitmq_data:/var/lib/rabbitmq/
- rabbitmq_logs/:/var/log/rabbitmq/
mongodb:
image: mongo:4
restart: on-failure
expose:
- "27019"
volumes:
- mongodb:/data
# See https://github.com/hashicorp/consul/blob/master/demo/docker-compose-cluster/docker-compose.yml
# for a production-ready config.
consul:
image: consul:1.8
restart: on-failure
command: consul agent -dev -log-level=info -client=0.0.0.0
ui:
image: mindcollapse/malware-multi-scan-ui
restart: on-failure
ports:
- "8888:8888"
expose:
- "8888"
depends_on:
- api
environment:
@ -38,14 +39,17 @@ services:
api:
image: mindcollapse/malware-multi-scan-api
restart: on-failure
expose:
- "5000"
depends_on:
- consul
- redis
- rabbitmq
- mongodb
environment:
- "REDIS_ADDRESS=redis:6379"
- "CONSUL_ADDRESS=http://consul:8500"
- "MONGO_ADDRESS=mongodb://mongodb:27017?connectTimeoutMS=120000"
- "ConnectionStrings__RabbitMQ=host=rabbitmq;timeout=120"
- "ConnectionStrings__Mongo=mongodb://mongodb:27017?connectTimeoutMS=120000"
- "BackendsConfiguration=/etc/backends.yaml"
volumes:
- "./MalwareMultiScan.Api/backends.yaml:/etc/backends.yaml:ro"
build:
context: .
dockerfile: MalwareMultiScan.Api/Dockerfile
@ -54,11 +58,9 @@ services:
image: mindcollapse/malware-multi-scan-scanner
restart: on-failure
depends_on:
- consul
- redis
- rabbitmq
environment:
- "REDIS_ADDRESS=redis:6379"
- "CONSUL_ADDRESS=http://consul:8500"
- "ConnectionStrings__RabbitMQ=host=rabbitmq;prefetchcount=1;timeout=120"
build:
context: .
dockerfile: MalwareMultiScan.Scanner/Dockerfile
@ -69,8 +71,7 @@ services:
depends_on:
- dummy-scanner
environment:
- "REDIS_ADDRESS=redis:6379"
- "CONSUL_ADDRESS=http://consul:8500"
- "ConnectionStrings__RabbitMQ=host=rabbitmq;prefetchcount=1;timeout=120"
build:
context: MalwareMultiScan.Backends/Dockerfiles
dockerfile: Clamav.Dockerfile
@ -81,8 +82,7 @@ services:
depends_on:
- dummy-scanner
environment:
- "REDIS_ADDRESS=redis:6379"
- "CONSUL_ADDRESS=http://consul:8500"
- "ConnectionStrings__RabbitMQ=host=rabbitmq;prefetchcount=1;timeout=120"
build:
context: MalwareMultiScan.Backends/Dockerfiles
dockerfile: WindowsDefender.Dockerfile
@ -95,8 +95,7 @@ services:
# depends_on:
# - dummy-scanner
# environment:
# - "REDIS_ADDRESS=redis:6379"
# - "CONSUL_ADDRESS=http://consul:8500"
# - "ConnectionStrings__RabbitMQ=host=rabbitmq;prefetchcount=1;timeout=120"
# build:
# context: MalwareMultiScan.Backends/Dockerfiles
# dockerfile: Comodo.Dockerfile
@ -107,8 +106,7 @@ services:
# depends_on:
# - dummy-scanner
# environment:
# - "REDIS_ADDRESS=redis:6379"
# - "CONSUL_ADDRESS=http://consul:8500"
# - "ConnectionStrings__RabbitMQ=host=rabbitmq;prefetchcount=1;timeout=120"
# build:
# context: MalwareMultiScan.Backends/Dockerfiles
# dockerfile: DrWeb.Dockerfile
@ -119,8 +117,7 @@ services:
# depends_on:
# - dummy-scanner
# environment:
# - "REDIS_ADDRESS=redis:6379"
# - "CONSUL_ADDRESS=http://consul:8500"
# - "ConnectionStrings__RabbitMQ=host=rabbitmq;prefetchcount=1;timeout=120"
# build:
# context: MalwareMultiScan.Backends/Dockerfiles
# dockerfile: KES.Dockerfile
@ -131,8 +128,7 @@ services:
# depends_on:
# - dummy-scanner
# environment:
# - "REDIS_ADDRESS=redis:6379"
# - "CONSUL_ADDRESS=http://consul:8500"
# - "ConnectionStrings__RabbitMQ=host=rabbitmq;prefetchcount=1;timeout=120"
# build:
# context: MalwareMultiScan.Backends/Dockerfiles
# dockerfile: McAfee.Dockerfile
@ -143,12 +139,13 @@ services:
# depends_on:
# - dummy-scanner
# environment:
# - "REDIS_ADDRESS=redis:6379"
# - "CONSUL_ADDRESS=http://consul:8500"
# - "ConnectionStrings__RabbitMQ=host=rabbitmq;prefetchcount=1;timeout=120"
# build:
# context: MalwareMultiScan.Backends/Dockerfiles
# dockerfile: Sophos.Dockerfile
volumes:
mongodb:
redis:
rabbitmq_etc:
rabbitmq_data:
rabbitmq_logs: