annotate mod_seclabels/mod_seclabels.lua @ 407:41feaf7fd8ac

mod_auth_log: New module (currently) to log failed auth attempts and their IP address, requires trunk
author Matthew Wild <mwild1@gmail.com>
date Tue, 30 Aug 2011 13:34:39 -0400
parents e7296274f48c
children 08ffbbdafeea
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local st = require "util.stanza";
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local xmlns_label = "urn:xmpp:sec-label:0";
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 local xmlns_label_catalog = "urn:xmpp:sec-label:catalog:0";
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 module:add_feature(xmlns_label);
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7
266
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
8 module:hook("account-disco-info", function(event)
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
9 local stanza = event.stanza;
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
10 stanza:tag('feature', {var=xmlns_label}):up();
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
11 stanza:tag('feature', {var=xmlns_label_catalog}):up();
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
12 end);
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
13
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 local labels = {
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 Classified = {
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 SECRET = { color = "black", bgcolor = "aqua", label = "THISISSECRET" };
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 PUBLIC = { label = "THISISPUBLIC" };
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 };
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 };
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 module:hook("iq/self/"..xmlns_label_catalog..":catalog", function (request)
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 local catalog_request = request.stanza.tags[1];
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 local reply = st.reply(request.stanza)
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 :tag("catalog", {
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 xmlns = xmlns_label_catalog,
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 to = catalog_request.attr.to,
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 name = "Default",
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 desc = "My labels"
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 });
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 local function add_labels(catalog, labels, selector)
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 for name, value in pairs(labels) do
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 if value.label then
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 catalog:tag("securitylabel", { xmlns = xmlns_label, selector = selector..name })
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 :tag("displaymarking", {
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 fgcolor = value.color or "black",
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 bgcolor = value.bgcolor or "white",
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 }):text(value.name or name):up()
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 :tag("label");
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 if type(value.label) == "string" then
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 catalog:text(value.label);
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 else
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 catalog:add_child(value.label);
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 end
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 catalog:up():up();
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 else
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 add_labels(catalog, value, (selector or "")..name.."|");
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 end
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 end
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 end
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 add_labels(reply, labels);
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 request.origin.send(reply);
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 return true;
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 end);