Mercurial > prosody-modules
annotate mod_adhoc_blacklist/mod_adhoc_blacklist.lua @ 5296:0f5657db1cfc
mod_isolate_host: handle server-generated stanzas
The hook for setting the no_host_isolation is only called for c2s
sessions. This does not work for stanzas generated by the server,
such as PEP notifications or presence probe answers.
To handle that, we do per-stanza checks for the case that the origin
is local.
| author | Jonas Schäfer <jonas@wielicki.name> |
|---|---|
| date | Sat, 01 Apr 2023 12:03:08 +0200 |
| parents | efbb73851af9 |
| children |
| rev | line source |
|---|---|
|
1734
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- mod_adhoc_blacklist |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 -- |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 -- http://xmpp.org/extensions/xep-0133.html#edit-blacklist |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 -- |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 -- Copyright (C) 2015 Kim Alvefur |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 -- |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 -- This file is MIT/X11 licensed. |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 -- |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 module:depends("adhoc"); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 local adhoc = module:require "adhoc"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 local st = require"util.stanza"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 local set = require"util.set"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 local dataform = require"util.dataforms"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 local adhoc_inital_data = require "util.adhoc".new_initial_data_form; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 local blocklist_form = dataform.new { |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 title = "Editing the Blacklist"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 instructions = "Fill out this form to edit the list of entities with whom communications are disallowed."; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 { |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 type = "hidden"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 name = "FORM_TYPE"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 value = "http://jabber.org/protocol/admin"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 }; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 { |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 type = "jid-multi"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 name = "blacklistjids"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 label = "The blacklist"; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 }; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 } |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 local blocklists = module:open_store("blocklist"); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 local blocklist_handler = adhoc_inital_data(blocklist_form, function () |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 local blacklistjids = {}; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 local blacklist = blocklists:get(); |
|
1736
efbb73851af9
mod_adhoc_blacklist: Fix traceback if blacklist is empty
Kim Alvefur <zash@zash.se>
parents:
1734
diff
changeset
|
37 if blacklist then |
|
efbb73851af9
mod_adhoc_blacklist: Fix traceback if blacklist is empty
Kim Alvefur <zash@zash.se>
parents:
1734
diff
changeset
|
38 for jid in pairs(blacklist) do |
|
efbb73851af9
mod_adhoc_blacklist: Fix traceback if blacklist is empty
Kim Alvefur <zash@zash.se>
parents:
1734
diff
changeset
|
39 table.insert(blacklistjids, jid); |
|
efbb73851af9
mod_adhoc_blacklist: Fix traceback if blacklist is empty
Kim Alvefur <zash@zash.se>
parents:
1734
diff
changeset
|
40 end |
|
1734
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 end |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 return { blacklistjids = blacklistjids }; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 end, function(fields, form_err) |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 if form_err then |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 return { status = "completed", error = { message = "Problem in submitted form" } }; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 end |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 local blacklistjids = set.new(fields.blacklistjids); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 local ok, err = blocklists:set(nil, blacklistjids._items); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 if ok then |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 return { status = "completed", info = "Blacklist updated" }; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 else |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 return { status = "completed", error = { message = "Error saving blacklist: "..err } }; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 end |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 end); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 module:add_item("adhoc", adhoc.new("Edit Blacklist", "http://jabber.org/protocol/admin#edit-blacklist", blocklist_handler, "admin")); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 local function is_blocked(host) |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 local blacklistjids = blocklists:get(); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 return blacklistjids and blacklistjids[host]; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 end |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 module:hook("route/remote", function (event) |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 local origin, stanza = event.origin, event.stanza; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 if is_blocked(event.to_host) then |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 if origin and stanza then |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 origin.send(st.error_reply(stanza, "cancel", "not-allowed", "Communication with this domain is not allowed")); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
68 return true; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 end |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 return false; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
71 end |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
72 end, 1000); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
73 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 module:hook("s2s-stream-features", function (event) |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 local session = event.origin; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
77 if is_blocked(session.from_host) then |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
78 session:close("policy-violation"); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
79 return false; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
80 end |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
81 end, 1000); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
82 |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 module:hook("stanza/http://etherx.jabber.org/streams:features", function (event) |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
84 local session = event.origin; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
85 if is_blocked(session.to_host) then |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
86 session:close("policy-violation"); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
87 return true; |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
88 end |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
89 end, 1000); |
|
d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
90 |