From 13e8767da0679e0d13ff247efa3aa6d07f829176 Mon Sep 17 00:00:00 2001 From: Phillip Wirth Date: Mon, 9 Sep 2024 18:59:59 +0200 Subject: [PATCH] BC-8023 remove virustotal entirely --- README.md | 49 ++-------------------------------- antivirus_service/service.py | 8 ------ antivirus_service/webserver.py | 37 ------------------------- docker-compose.yml | 38 -------------------------- 4 files changed, 2 insertions(+), 130 deletions(-) delete mode 100644 docker-compose.yml diff --git a/README.md b/README.md index 957abde..2f27e85 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Antivirus Check Service -The __Antivirus Check Service__ provides the ability to scan files with a locally installed clamav daemon. In addition, the service offers a URL scan using [virustotal](https://www.virustotal.com). +The __Antivirus Check Service__ provides the ability to scan files with a locally installed clamav daemon. The __Antivirus Check Service__ processes incoming scan requests and sends the scan result to a specified web hook. ## Usage @@ -27,21 +27,6 @@ A GET request to `https:///` gives a detailed usage api }, } }, -"scan url request": { - "description": "Scan Url (using virustotal), report back to given webhook Uri", - "path": "/scan/url", - "method": "POST", - "params": { - "url": { - "type": "string", - "description": "Url to scan using virustotal" - }, - "callback_uri": { - "type": "string", - "description": "Complete Uri to the callback uri" - }, - } -}, "clamav daemon version": { "description": "Get clamav daemon version and last database update", "path": "/antivirus-version", @@ -71,16 +56,6 @@ Authenticate and publish a message to the regarding queue using the routing_key: } ~~~ -#### scan url: - - routing key: `scan_url` - - message: - ~~~json - { - "url": "https://", - "callback_uri": "https://" - } - ~~~ - ### Reports The reports are PUT requests to the given webhook Uri. The payload differs reagrding the scan type. @@ -89,11 +64,6 @@ The reports are PUT requests to the given webhook Uri. The payload differs reagr {"virus_detected": "", "virus_signature": ""} ~~~ -#### scan url payload -~~~json -{"blacklisted": "", "full_report": ""} -~~~ - ### Error If an error occures the __Antivirus Check Service__ will try to send an error page (500) with the error message as json: ~~~json @@ -102,21 +72,6 @@ If an error occures the __Antivirus Check Service__ will try to send an error pa ## CONFIGURATION - The configurate is taken via env vars. - -### VirusTotal -An API-Key is needed to use virustotal. To get this, an account on virustotal has to be created. The API-Key can be found in the account's settings. +The configurate is taken via env vars. -### Docker-Compose -- To start all services, you only have to to run `docker-compose up -d` - This will start all docker container: - - clamav - - rabbitmq - - webserver - - scanfile - - scanurl - - The last three container will restart until rabbitmq is running properly (ca. 10 seconds) -- __BE PATIENT!__ At the first run, freshclam has to download all signatures, which can take a - while and prevent clamav-daemon from working. diff --git a/antivirus_service/service.py b/antivirus_service/service.py index 226fc46..680a3a2 100644 --- a/antivirus_service/service.py +++ b/antivirus_service/service.py @@ -31,10 +31,6 @@ def __init__(self, env, debug): with env.prefixed(param.upper() + "_"): self.config[self.env][param] = {} self.config[self.env][param]['auth_users'] = env.list("AUTH_USERS") - param = "virustotal" - with env.prefixed(param.upper() + "_"): - self.config[self.env][param] = {} - self.config[self.env][param]['api_key'] = env.list("API_KEY") param = "amqp" with env.prefixed(param.upper() + "_"): self.config[self.env][param] = {} @@ -44,10 +40,6 @@ def __init__(self, env, debug): self.config[self.env][param]['scan_file'] = {} self.config[self.env][param]['scan_file']['queue'] = env("QUEUE", "scan_file_v2") self.config[self.env][param]['scan_file']['routing_key'] = env("ROUTING_KEY", "scan_file_v2") - with env.prefixed("SCAN_URL_"): - self.config[self.env][param]['scan_url'] = {} - self.config[self.env][param]['scan_url']['queue'] = env("QUEUE", "scan_url") - self.config[self.env][param]['scan_url']['routing_key'] = env("ROUTING_KEY", "scan_url") loglevel = logging.INFO if debug else logging.ERROR logging.basicConfig(level=loglevel) diff --git a/antivirus_service/webserver.py b/antivirus_service/webserver.py index 74d054a..9bd2f2b 100644 --- a/antivirus_service/webserver.py +++ b/antivirus_service/webserver.py @@ -37,7 +37,6 @@ def __init__(self, settings): app = web.Application() app.router.add_get('/', self.index) app.router.add_post('/scan/file', self.handle_file) - app.router.add_post('/scan/url', self.handle_uri) app.router.add_get('/antivirus-version', self.handle_version) self.app = app @@ -64,21 +63,6 @@ async def index(self, request): }, } }, - "scan url request": { - "description": "Scan Url (using virustotal), report back to given webhook Uri", - "path": "/scan/url", - "method": "POST", - "params": { - "url": { - "type": "string", - "description": "Url to scan using virustotal" - }, - "callback_uri": { - "type": "string", - "description": "Complete Uri to the callback uri" - }, - } - }, "clamav daemon version": { "description": "Get clamav daemon version and last database update", "path": "/antivirus-version", @@ -105,30 +89,9 @@ async def handle_file(self, request): logging.error('error', exc_info=True) return web.Response(status=500, text=str(e)) - @auth_required - async def handle_uri(self, request): - body = await request.read() - try: - payload = json.loads(bytes(body).decode('utf-8')) - assert 'url' in payload - assert 'callback_uri' in payload - - self.enqueue_scan_url_request(body) - return web.Response(status=202, - text='The request has been accepted for processing, but the processing has not been completed.') - - except AssertionError: - return web.Response(status=422, text='Unprocessable Entity: missing parameter') - except Exception as e: - logging.error('error', exc_info=True) - return web.Response(status=500, text=str(e)) - def enqueue_scan_file_request(self, body): self.send(body, self.amqp_config['scan_file']['routing_key']) - def enqueue_scan_url_request(self, body): - self.send(body, routing_key=self.amqp_config['scan_url']['routing_key']) - def send(self, body, routing_key): params = pika.URLParameters(self.amqp_config['url']) with pika.BlockingConnection(params) as con: diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index 0ef10f6..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -version: '3' -services: - clamav: - image: mkodockx/docker-clamav - volumes: - - ./shared:/shared - - rabbitmq: - image: rabbitmq:3.7-rc-management - restart: always - volumes: - - ./resources/rabbitmq.config:/etc/rabbitmq/rabbitmq.config - - ./secrets/rabbitmq-definitions.json:/run/secrets/rabbitmq-definitions.json - ports: - - 5673:5672 - - 15673:15672 - - webserver: - image: schulcloud/antivirus_check_service.webserver - volumes: - - ./secrets/config.yml:/run/secrets/config.yml - ports: - - 8081:8080 - restart: always - - scanfile: - image: schulcloud/antivirus_check_service.scanfile - volumes: - - ./shared:/shared - - ./secrets/config.yml:/run/secrets/config.yml - restart: always - - scanurl: - image: schulcloud/antivirus_check_service.scanurl - volumes: - - ./secrets/config.yml:/run/secrets/config.yml - restart: always