prosody-modules: mod_s2s_blacklist/mod_s2s

annotate mod_s2s_blacklist/mod_s2s_blacklist.lua @ 5416:2393dbae51ed

mod_http_oauth2: Add option for specifying TTL of registered clients Meant to simplify configuration, since TTL vs ignoring expiration is expected to be the main thing one would want to configure. Unsure what the implications of having unlimited lifetime of clients are, given no way to revoke them currently, short of rotating the signing secret. On one hand, it would be annoying to have the client expire. On the other hand, it is trivial to re-register it.

author	Kim Alvefur <zash@zash.se>
date	Thu, 04 May 2023 18:41:33 +0200
parents	d958558e0058
children

rev	line source
1179 27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	1 local st = require "util.stanza";
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	2
1325 b21236b6b8d8 Backed out changeset 853a382c9bd6 Kim Alvefur <zash@zash.se> parents: 1324 diff changeset	3 local blacklist = module:get_option_inherited_set("s2s_blacklist", {});
1179 27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	4
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	5 module:hook("route/remote", function (event)
1325 b21236b6b8d8 Backed out changeset 853a382c9bd6 Kim Alvefur <zash@zash.se> parents: 1324 diff changeset	6 if blacklist:contains(event.to_host) then
2893 d958558e0058 mod_s2s_blacklist: Don't send error replies for error stanzas Kim Alvefur <zash@zash.se> parents: 1325 diff changeset	7 if event.stanza.attr.type ~= "error" then
d958558e0058 mod_s2s_blacklist: Don't send error replies for error stanzas Kim Alvefur <zash@zash.se> parents: 1325 diff changeset	8 module:send(st.error_reply(event.stanza, "cancel", "not-allowed", "Communication with this domain is restricted"));
d958558e0058 mod_s2s_blacklist: Don't send error replies for error stanzas Kim Alvefur <zash@zash.se> parents: 1325 diff changeset	9 end
1179 27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	10 return true;
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	11 end
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	12 end, 100);
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	13
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	14 module:hook("s2s-stream-features", function (event)
1325 b21236b6b8d8 Backed out changeset 853a382c9bd6 Kim Alvefur <zash@zash.se> parents: 1324 diff changeset	15 if blacklist:contains(event.origin.from_host) then
1179 27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	16 event.origin:close({
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	17 condition = "policy-violation";
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	18 text = "Communication with this domain is restricted";
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	19 });
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	20 end
27b4e01ddbc4 mod_s2s_blacklist: A new _simple_ s2s blacklist module Matthew Wild <mwild1@gmail.com> parents: diff changeset	21 end, 1000);

Mercurial > prosody-modules

annotate mod_s2s_blacklist/mod_s2s_blacklist.lua @ 5416:2393dbae51ed