Mercurial > prosody-modules
annotate mod_s2s_whitelist/mod_s2s_whitelist.lua @ 4421:94805a7e7b30
mod_invites: rework CLI parsing to support groups
To make this sensible, the code had to move from rather simple
parsing to something which looks more like getopt or your typical
shell script.
author | Jonas Schäfer <jonas@wielicki.name> |
---|---|
date | Sun, 31 Jan 2021 19:16:36 +0100 |
parents | c1a8ce147885 |
children |
rev | line source |
---|---|
1288
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 local st = require "util.stanza"; |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 local whitelist = module:get_option_inherited_set("s2s_whitelist", {}); |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 module:hook("route/remote", function (event) |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 if not whitelist:contains(event.to_host) then |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 module:send(st.error_reply(event.stanza, "cancel", "not-allowed", "Communication with this domain is restricted")); |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 return true; |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 end |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 end, 100); |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 module:hook("s2s-stream-features", function (event) |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 if not whitelist:contains(event.origin.from_host) then |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 event.origin:close({ |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 condition = "policy-violation"; |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 text = "Communication with this domain is restricted"; |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 }); |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 end |
c1a8ce147885
mod_s2s_whitelist: The opposite of mod_s2s_blacklist
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 end, 1000); |