Mercurial > prosody-modules
annotate mod_compliance_2021/mod_compliance_2021.lua @ 5549:01a0b67a9afd
mod_http_oauth2: Add TODO about disabling password grant
Per recommendation in draft-ietf-oauth-security-topics-23 it should at
the very least be disabled by default.
However since this is used by the Snikket web portal some care needs to
be taken not to break this, unless it's already broken by other changes
to this module.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 16 Jun 2023 00:06:53 +0200 |
parents | 3a42789d7235 |
children |
rev | line source |
---|---|
4411
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- Copyright (c) 2021 Kim Alvefur |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 -- |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 -- This module is MIT licensed. |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local hostmanager = require "core.hostmanager"; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 local array = require "util.array"; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 local set = require "util.set"; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 local modules_enabled = module:get_option_inherited_set("modules_enabled"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 for host in pairs(hostmanager.get_children(module.host)) do |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 local component = module:context(host):get_option_string("component_module"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 if component then |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 modules_enabled:add(component); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 modules_enabled:include(module:context(host):get_option_set("modules_enabled", {})); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 local function check(suggested, alternate, ...) |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 if set.intersection(modules_enabled, set.new({suggested; alternate; ...})):empty() then return suggested; end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 return false; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 local compliance = { |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 array {"Core Server"; check("tls"); check("disco")}; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 array {"Advanced Server"; check("pep", "pep_simple")}; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 array {"Core Web"; check("bosh"); check("websocket")}; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 -- No Server requirements for Advanced Web |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 array {"Core IM"; check("vcard_legacy", "vcard"); check("carbons"); check("http_file_share", "http_upload")}; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 array { |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 "Advanced IM"; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 check("vcard_legacy", "vcard"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 check("blocklist"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 check("muc"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 check("private"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 check("smacks"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 check("mam"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 check("bookmarks"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 }; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 array {"Core Mobile"; check("smacks"); check("csi_simple", "csi_battery_saver")}; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 array {"Advanced Mobile"; check("cloud_notify")}; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 |
4603
3a42789d7235
mod_compliance_2021: Add mod_turn_external as satisfying A/V category
Kim Alvefur <zash@zash.se>
parents:
4411
diff
changeset
|
51 array {"Core A/V Calling"; check("turn_external", "external_services", "turncredentials", "extdisco")}; |
4411
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 }; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 function check_compliance() |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 local compliant = true; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 for _, suite in ipairs(compliance) do |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 local section = suite:pop(1); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 if module:get_option_boolean("compliance_" .. section:lower():gsub("%A", "_"), true) then |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 local missing = set.new(suite:filter(function(m) return type(m) == "string" end):map(function(m) return "mod_" .. m end)); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 if suite[1] then |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 if compliant then |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 compliant = false; |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 module:log("warn", "Missing some modules for XMPP Compliance 2021"); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 module:log("info", "%s Compliance: %s", section, missing); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
68 end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
71 if compliant then module:log("info", "XMPP Compliance 2021: Compliant ✔️"); end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
72 end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
73 |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 if prosody.start_time then |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 check_compliance() |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 else |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
77 module:hook_global("server-started", check_compliance); |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
78 end |
c3d21182ebf3
mod_compliance_2021: XEP-0443: XMPP Compliance Suites 2021 self-test
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
79 |