Mercurial > prosody-modules
annotate mod_muc_rtbl/mod_muc_rtbl.lua @ 5298:12f7d8b901e0
mod_audit: Support for adding location (GeoIP) to audit events
This can be more privacy-friendly than logging full IP addresses, and also
more informative to a user - IP addresses don't mean much to the average
person, however if they see activity from outside their expected country, they
can immediately identify suspicious activity.
As with IPs, this field is configurable for deployments that would like to
disable it. Location is also not logged when the geoip library is not
available.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sat, 01 Apr 2023 13:11:53 +0100 |
parents | 8cfbcbc0fb89 |
children | f6577cdb1d91 |
rev | line source |
---|---|
4808
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
1 local array = require "util.array"; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
2 local it = require "util.iterators"; |
4807
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 local jid = require "util.jid"; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 local sha256 = require "util.hashes".sha256; |
4808
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
5 local set = require "util.set"; |
4807
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 local st = require "util.stanza"; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 local rtbl_service_jid = assert(module:get_option_string("muc_rtbl_jid"), "No RTBL JID supplied"); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 local rtbl_node = module:get_option_string("muc_rtbl_node", "muc_bans_sha256"); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 local banned_hashes = module:shared("banned_hashes"); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 module:depends("pubsub_subscription"); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 module:add_item("pubsub-subscription", { |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 service = rtbl_service_jid; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 node = rtbl_node; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 -- Callbacks: |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 on_subscribed = function() |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 module:log("info", "RTBL active"); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 end; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 on_error = function(err) |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 module:log("error", "Failed to subscribe to RTBL: %s::%s: %s", err.type, err.condition, err.text); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 end; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 on_item = function(event) |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 local hash = event.item.attr.id; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 if not hash then return; end |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 module:log("debug", "Received new hash: %s", hash); |
4808
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
32 banned_hashes[hash] = true; |
4807
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 end; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 on_retract = function (event) |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 local hash = event.item.attr.id; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 if not hash then return; end |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
38 module:log("debug", "Retracted hash: %s", hash); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 banned_hashes[hash] = nil; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 end; |
5274
8cfbcbc0fb89
mod_muc_rtbl: Handle node purge
Kim Alvefur <zash@zash.se>
parents:
5177
diff
changeset
|
41 |
8cfbcbc0fb89
mod_muc_rtbl: Handle node purge
Kim Alvefur <zash@zash.se>
parents:
5177
diff
changeset
|
42 purge = function() |
8cfbcbc0fb89
mod_muc_rtbl: Handle node purge
Kim Alvefur <zash@zash.se>
parents:
5177
diff
changeset
|
43 module:log("debug", "Purge all hashes"); |
8cfbcbc0fb89
mod_muc_rtbl: Handle node purge
Kim Alvefur <zash@zash.se>
parents:
5177
diff
changeset
|
44 for hash in pairs(banned_hashes) do |
8cfbcbc0fb89
mod_muc_rtbl: Handle node purge
Kim Alvefur <zash@zash.se>
parents:
5177
diff
changeset
|
45 banned_hashes[hash] = nil; |
8cfbcbc0fb89
mod_muc_rtbl: Handle node purge
Kim Alvefur <zash@zash.se>
parents:
5177
diff
changeset
|
46 end |
8cfbcbc0fb89
mod_muc_rtbl: Handle node purge
Kim Alvefur <zash@zash.se>
parents:
5177
diff
changeset
|
47 end; |
4807
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 }); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 |
4808
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
50 function request_list() |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
51 local items_request = st.iq({ to = rtbl_service_jid, from = module.host, type = "get", id = "rtbl-request" }) |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
52 :tag("pubsub", { xmlns = "http://jabber.org/protocol/pubsub" }) |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
53 :tag("items", { node = rtbl_node }):up() |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
54 :up(); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
55 |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
56 module:send(items_request); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
57 end |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
58 |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
59 function update_list(event) |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
60 local from_jid = event.stanza.attr.from; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
61 if from_jid ~= rtbl_service_jid then |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
62 module:log("debug", "Ignoring RTBL response from unknown sender"); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
63 return; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
64 end |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
65 local items_el = event.stanza:find("{http://jabber.org/protocol/pubsub}pubsub/items"); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
66 if not items_el then |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
67 module:log("warn", "Invalid items response from RTBL service"); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
68 return; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
69 end |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
70 |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
71 local old_entries = set.new(array.collect(it.keys(banned_hashes))); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
72 |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
73 local n_added, n_removed, n_total = 0, 0, 0; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
74 for item in items_el:childtags("item") do |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
75 local hash = item.attr.id; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
76 if hash then |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
77 n_total = n_total + 1; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
78 if not old_entries:contains(hash) then |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
79 -- New entry |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
80 n_added = n_added + 1; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
81 banned_hashes[hash] = true; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
82 else |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
83 -- Entry already existed |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
84 old_entries:remove(hash); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
85 end |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
86 end |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
87 end |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
88 |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
89 -- Remove old entries that weren't in the received list |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
90 for hash in old_entries do |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
91 n_removed = n_removed + 1; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
92 banned_hashes[hash] = nil; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
93 end |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
94 |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
95 module:log("info", "%d RTBL entries received from %s (%d added, %d removed)", n_total, from_jid, n_added, n_removed); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
96 return true; |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
97 end |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
98 |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
99 module:hook("iq-result/host/rtbl-request", update_list); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
100 |
5173
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
101 function update_hashes(occupant) |
5174
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
102 local bare_hash, host_hash; |
5173
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
103 if not occupant.mod_muc_rtbl_bare_hash then |
5175
432587ad1642
mod_muc_rtbl: fix traceback because of scoping error
Jonas Schäfer <jonas@wielicki.name>
parents:
5174
diff
changeset
|
104 bare_hash = sha256(jid.bare(occupant.bare_jid), true); |
5173
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
105 occupant.mod_muc_rtbl_bare_hash = bare_hash; |
5174
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
106 else |
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
107 bare_hash = occupant.mod_muc_rtbl_bare_hash; |
5173
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
108 end |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
109 if not occupant.mod_muc_rtbl_host_hash then |
5175
432587ad1642
mod_muc_rtbl: fix traceback because of scoping error
Jonas Schäfer <jonas@wielicki.name>
parents:
5174
diff
changeset
|
110 host_hash = sha256(jid.host(occupant.bare_jid), true); |
5177
f6b5f04d4b28
mod_muc_rtbl: fix more incorrect more references to "event"
Jonas Schäfer <jonas@wielicki.name>
parents:
5176
diff
changeset
|
111 occupant.mod_muc_rtbl_host_hash = host_hash; |
5174
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
112 else |
5177
f6b5f04d4b28
mod_muc_rtbl: fix more incorrect more references to "event"
Jonas Schäfer <jonas@wielicki.name>
parents:
5176
diff
changeset
|
113 host_hash = occupant.mod_muc_rtbl_host_hash; |
5173
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
114 end |
5174
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
115 return bare_hash, host_hash |
5173
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
116 end |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
117 |
4807
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
118 module:hook("muc-occupant-pre-join", function (event) |
4813
0a257d1402c3
mod_muc_rtbl: Optimize case with zero hashes
Kim Alvefur <zash@zash.se>
parents:
4812
diff
changeset
|
119 if next(banned_hashes) == nil then return end |
0a257d1402c3
mod_muc_rtbl: Optimize case with zero hashes
Kim Alvefur <zash@zash.se>
parents:
4812
diff
changeset
|
120 |
4807
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
121 local from_bare = jid.bare(event.stanza.attr.from); |
4810
181738ae4117
mod_muc_rtbl: Skip check if user has any explicit affiliation with the MUC
Matthew Wild <mwild1@gmail.com>
parents:
4809
diff
changeset
|
122 |
181738ae4117
mod_muc_rtbl: Skip check if user has any explicit affiliation with the MUC
Matthew Wild <mwild1@gmail.com>
parents:
4809
diff
changeset
|
123 local affiliation = event.room:get_affiliation(from_bare); |
4811
a1fe59c06c48
mod_muc_rtbl: Fix typo in variable name in previous commit (thanks luacheck)
Matthew Wild <mwild1@gmail.com>
parents:
4810
diff
changeset
|
124 if affiliation and affiliation ~= "none" then |
4810
181738ae4117
mod_muc_rtbl: Skip check if user has any explicit affiliation with the MUC
Matthew Wild <mwild1@gmail.com>
parents:
4809
diff
changeset
|
125 -- Skip check for affiliated users |
181738ae4117
mod_muc_rtbl: Skip check if user has any explicit affiliation with the MUC
Matthew Wild <mwild1@gmail.com>
parents:
4809
diff
changeset
|
126 return; |
181738ae4117
mod_muc_rtbl: Skip check if user has any explicit affiliation with the MUC
Matthew Wild <mwild1@gmail.com>
parents:
4809
diff
changeset
|
127 end |
181738ae4117
mod_muc_rtbl: Skip check if user has any explicit affiliation with the MUC
Matthew Wild <mwild1@gmail.com>
parents:
4809
diff
changeset
|
128 |
5174
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
129 local bare_hash, host_hash = update_hashes(event.occupant); |
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
130 if banned_hashes[bare_hash] or banned_hashes[host_hash] then |
4807
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
131 module:log("info", "Blocked user <%s> from room <%s> due to RTBL match", from_bare, event.stanza.attr.to); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
132 local error_reply = st.error_reply(event.stanza, "cancel", "forbidden", "You are banned from this service", event.room.jid); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
133 event.origin.send(error_reply); |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
134 return true; |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
135 end |
62a65c52c3f5
mod_muc_rtbl: Real-time blocklist checks for MUC services
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
136 end); |
4808
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
137 |
5173
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
138 module:hook("muc-occupant-groupchat", function(event) |
5176
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
139 local affiliation = event.room:get_affiliation(event.occupant.bare_jid); |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
140 if affiliation and affiliation ~= "none" then |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
141 -- Skip check for affiliated users |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
142 return; |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
143 end |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
144 |
5174
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
145 local bare_hash, host_hash = update_hashes(event.occupant); |
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
146 if banned_hashes[bare_hash] or banned_hashes[host_hash] then |
5173
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
147 module:log("debug", "Blocked message from user <%s> to room <%s> due to RTBL match", event.stanza.attr.from, event.stanza.attr.to); |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
148 local error_reply = st.error_reply(event.stanza, "cancel", "forbidden", "You are banned from this service", event.room.jid); |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
149 event.origin.send(error_reply); |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
150 return true; |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
151 end |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
152 end); |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
153 |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
154 module:hook("muc-private-message", function(event) |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
155 local occupant = event.room:get_occupant_by_nick(event.stanza.attr.from); |
5176
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
156 local affiliation = event.room:get_affiliation(event.occupant.bare_jid); |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
157 if affiliation and affiliation ~= "none" then |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
158 -- Skip check for affiliated users |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
159 return; |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
160 end |
4791e0412ff3
mod_muc_rtbl: ignore blocklist for affiliated users for messages
Jonas Schäfer <jonas@wielicki.name>
parents:
5175
diff
changeset
|
161 |
5174
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
162 local bare_hash, host_hash = update_hashes(occupant); |
354832098f2f
mod_muc_rtbl: move use of "private" attributes to single function
Jonas Schäfer <jonas@wielicki.name>
parents:
5173
diff
changeset
|
163 if banned_hashes[bare_hash] or banned_hashes[host_hash] then |
5173
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
164 module:log("debug", "Blocked private message from user <%s> from room <%s> due to RTBL match", occupant.bare_jid, event.stanza.attr.to); |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
165 local error_reply = st.error_reply(event.stanza, "cancel", "forbidden", "You are banned from this service", event.room.jid); |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
166 event.origin.send(error_reply); |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
167 return true; |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
168 end |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
169 end); |
460f78654864
mod_muc_rtbl: also filter messages
Jonas Schäfer <jonas@wielicki.name>
parents:
4813
diff
changeset
|
170 |
4808
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
171 if prosody.start_time then |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
172 request_list(); |
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
173 else |
4809
9e9ec0f0b128
mod_muc_rtbl: Fix to hook server-started globally, to fetch entries at startup (thanks mirux)
Matthew Wild <mwild1@gmail.com>
parents:
4808
diff
changeset
|
174 module:hook_global("server-started", function () |
9e9ec0f0b128
mod_muc_rtbl: Fix to hook server-started globally, to fetch entries at startup (thanks mirux)
Matthew Wild <mwild1@gmail.com>
parents:
4808
diff
changeset
|
175 request_list(); |
9e9ec0f0b128
mod_muc_rtbl: Fix to hook server-started globally, to fetch entries at startup (thanks mirux)
Matthew Wild <mwild1@gmail.com>
parents:
4808
diff
changeset
|
176 end); |
4808
8a63a0daf129
mod_muc_rtbl: Sync existing list entries when first loaded
Matthew Wild <mwild1@gmail.com>
parents:
4807
diff
changeset
|
177 end |