prosody-modules: mod_s2s_whitelist/mod_s2s_whitelist.lua annotate

annotate mod_s2s_whitelist/mod_s2s_whitelist.lua @ 5356:959dc350f2ad

mod_http_oauth2: Declare https as required of URIs in schema If util.jsonschema happens to gain support for 'pattern' (regular expression validation) then this would be picked up. Until then, declarative annotations are nice.

author	Kim Alvefur <zash@zash.se>
date	Sat, 22 Apr 2023 14:06:41 +0200
parents	c1a8ce147885
children

rev	line source
1288 c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	1 local st = require "util.stanza";
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	2
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	3 local whitelist = module:get_option_inherited_set("s2s_whitelist", {});
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	4
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	5 module:hook("route/remote", function (event)
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	6 if not whitelist:contains(event.to_host) then
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	7 module:send(st.error_reply(event.stanza, "cancel", "not-allowed", "Communication with this domain is restricted"));
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	8 return true;
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	9 end
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	10 end, 100);
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	11
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	12 module:hook("s2s-stream-features", function (event)
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	13 if not whitelist:contains(event.origin.from_host) then
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	14 event.origin:close({
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	15 condition = "policy-violation";
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	16 text = "Communication with this domain is restricted";
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	17 });
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	18 end
c1a8ce147885 mod_s2s_whitelist: The opposite of mod_s2s_blacklist Kim Alvefur <zash@zash.se> parents: diff changeset	19 end, 1000);