Mercurial > prosody-modules
annotate mod_manifesto/mod_manifesto.lua @ 5607:ad9b8f659c96
mod_http_oauth2: Namespace the various codes to minimize confusion
Both for the programmer and in OAuth flows.
While unlikely, it should not be possible to cause weirdness e.g. by
typing a client id and authorization code into the device code entry.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Wed, 19 Jul 2023 12:58:04 +0200 |
parents | 65082d91950e |
children |
rev | line source |
---|---|
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- mod_manifesto |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 local timer = require "util.timer"; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 local jid_split = require "util.jid".split; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local st = require "util.stanza"; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 local dm = require "util.datamanager"; |
1307
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
7 local dataforms_new = require "util.dataforms".new; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
8 local adhoc_initial = require "util.adhoc".new_initial_data_form; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
9 local mm_reload = require "modulemanager".reload; |
1308
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
10 local s2s_destroy_session = require "core.s2smanager".destroy_session; |
1307
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
11 local config = require "core.configmanager"; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
12 local config_get = config.get; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
13 local config_set = config.set; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
14 local t_concat = table.concat; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
15 local adhoc_new = module:require "adhoc".new; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 local time = os.time; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 local hosts = prosody.hosts; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 local host = module.host; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 local host_session = hosts[host]; |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
21 local incoming_s2s = prosody.incoming_s2s; |
1308
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
22 local s2s_sessions = module:shared"/*/s2s/sessions"; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 local default_tpl = [[ |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 Hello there. |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 This is a brief system message to let you know about some upcoming changes to the $HOST service. |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 Some of your contacts are on other Jabber/XMPP services that do not support encryption. As part of an initiative to increase the security of the Jabber/XMPP network, this service ($HOST) will be participating in a series of tests to discover the impact of our planned changes, and you may lose the ability to communicate with some of your contacts. |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 |
1305 | 31 The test days will be on the following dates: January 4, February 22, March 22 and April 19. On these days we will require that all client and server connections are encrypted. Unless they enable encryption before that, you will be unable to communicate with your contacts that use these services: |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 $SERVICES |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 Your affected contacts are: |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 $CONTACTS |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 What can you do? You may tell your contacts to inform their service administrator about their lack of encryption. Your contacts may also switch to a more secure service. A list of public services can be found at https://xmpp.net/directory.php |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 For more information about the Jabber/XMPP security initiative that we are participating in, please read the announcement at https://stpeter.im/journal/1496.html |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 If you have any questions or concerns, you may contact us via $CONTACTVIA at $CONTACT |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 ]]; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 local message = module:get_option_string("manifesto_contact_encryption_warning", default_tpl); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 local contact = module:get_option_string("admin_contact_address", module:get_option_array("admins", {})[1]); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 if not contact then |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 error("mod_manifesto needs you to set 'admin_contact_address' in your config file.", 0); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 local contact_method = "Jabber/XMPP"; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 if select(2, contact:gsub("^mailto:", "")) > 0 then |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 contact_method = "email"; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 local notified; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 module:hook("resource-bind", function (event) |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 local session = event.session; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 local now = time(); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 local last_notify = notified[session.username] or 0; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 if last_notify > ( now - 86400 * 7 ) then |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 return |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 timer.add_task(15, function () |
1300
99748c89edd4
mod_manifesto: Fix traceback when user disconnects before the timer (fixes #48)
Kim Alvefur <zash@zash.se>
parents:
1286
diff
changeset
|
68 if session.type ~= "c2s" then return end -- user quit already |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 local bad_contacts, bad_hosts = {}, {}; |
1286
9700c89f7bf6
mod_manifesto: Fix traceback when user doesn't have a roster (?)
Matthew Wild <mwild1@gmail.com>
parents:
1284
diff
changeset
|
70 for contact_jid, item in pairs(session.roster or {}) do |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
71 local _, contact_host = jid_split(contact_jid); |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
72 local bad = false; |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
73 local remote_host_session = host_session.s2sout[contact_host]; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 if remote_host_session and remote_host_session.type == "s2sout" then -- Only check remote hosts we have completed s2s connections to |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 if not remote_host_session.secure then |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
76 bad = true; |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
77 end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
78 end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
79 for session in pairs(incoming_s2s) do |
1284
e36f82d7baae
mod_manifesto: Only check fully established incoming sessions
Florian Zeitz <florob@babelmonkeys.de>
parents:
1283
diff
changeset
|
80 if session.to_host == host and session.from_host == contact_host and session.type == "s2sin" then |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
81 if not session.secure then |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
82 bad = true; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 end |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
84 end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
85 end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
86 if bad then |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
87 local contact_name = item.name; |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
88 if contact_name then |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
89 table.insert(bad_contacts, contact_name.." <"..contact_jid..">"); |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
90 else |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
91 table.insert(bad_contacts, contact_jid); |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
92 end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
93 if not bad_hosts[contact_host] then |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
94 bad_hosts[contact_host] = true; |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
95 table.insert(bad_hosts, contact_host); |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
96 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
97 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
98 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
99 if #bad_contacts > 0 then |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
100 local vars = { |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
101 HOST = host; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
102 CONTACTS = " "..table.concat(bad_contacts, "\n "); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
103 SERVICES = " "..table.concat(bad_hosts, "\n "); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
104 CONTACTVIA = contact_method, CONTACT = contact; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
105 }; |
2887
65082d91950e
Many modules: Simplify st.message(…):tag("body"):text(…):up() into st.message(…, …)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
1325
diff
changeset
|
106 session.send(st.message({ type = "headline", from = host }, message:gsub("$(%w+)", vars))); |
1306
63e7e20a0074
mod_manifesto: Only keep track of who we sent notifications to
Kim Alvefur <zash@zash.se>
parents:
1305
diff
changeset
|
107 notified[session.username] = now; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
108 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
109 end); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
110 end); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
111 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
112 function module.load() |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
113 notified = dm.load(nil, host, module.name) or {}; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
114 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
115 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
116 function module.save() |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
117 dm.store(nil, host, module.name, notified); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
118 return { notified = notified }; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
119 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
120 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
121 function module.restore(data) |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
122 notified = data.notified; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
123 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
124 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
125 function module.unload() |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
126 dm.store(nil, host, module.name, notified); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
127 end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
128 |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
129 function module.uninstall() |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
130 dm.store(nil, host, module.name, nil); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
131 end |
1307
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
132 |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
133 -- Ad-hoc command for switching to/from "manifesto mode" |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
134 local layout = dataforms_new { |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
135 title = "Configure manifesto mode"; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
136 |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
137 { name = "FORM_TYPE", type = "hidden", value = "http://prosody.im/protocol/manifesto" }; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
138 { name = "state", type = "list-single", required = true, label = "Manifesto mode:"}; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
139 }; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
140 |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
141 local adhoc_handler = adhoc_initial(layout, function() |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
142 local enabled = config_get(host, "c2s_require_encryption") and config_get(host, "s2s_require_encryption"); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
143 return { state = { |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
144 { label = "Enabled", value = "enabled", default = enabled }, |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
145 { label = "Configuration settings", value = "config", default = not enabled }, |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
146 }}; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
147 end, function(fields, err) |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
148 if err then |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
149 local errmsg = {}; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
150 for name, err in pairs(errors) do |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
151 errmsg[#errmsg + 1] = name .. ": " .. err; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
152 end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
153 return { status = "completed", error = { message = t_concat(errmsg, "\n") } }; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
154 end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
155 |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
156 local info; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
157 if fields.state == "enabled" then |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
158 config_set(host, "c2s_require_encryption", true); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
159 config_set(host, "s2s_require_encryption", true); |
1308
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
160 |
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
161 for _, session in pairs(s2s_sessions) do |
1325
b21236b6b8d8
Backed out changeset 853a382c9bd6
Kim Alvefur <zash@zash.se>
parents:
1324
diff
changeset
|
162 if not session.secure then |
1308
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
163 (session.close or s2s_destroy_session)(session); |
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
164 end |
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
165 end |
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
166 |
1307
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
167 info = "Manifesto mode enabled"; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
168 else |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
169 local ok, err = prosody.reload_config(); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
170 if not ok then |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
171 return { status = "completed", error = { message = "Failed to reload config: " .. tostring(err) } }; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
172 end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
173 info = "Reset to configuration settings"; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
174 end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
175 |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
176 local ok, err = mm_reload(host, "tls"); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
177 if not ok then return { status = "completed", error = { message = "Failed to reload mod_tls: " .. tostring(err) } }; end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
178 ok, err = mm_reload(host, "s2s"); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
179 if not ok then return { status = "completed", error = { message = "Failed to reload mod_s2s: " .. tostring(err) } }; end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
180 ok, err = mm_reload(host, "saslauth"); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
181 if not ok then return { status = "completed", error = { message = "Failed to reload mod_saslauth: " .. tostring(err) } }; end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
182 |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
183 return { status = "completed", info = info }; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
184 end); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
185 module:provides("adhoc", adhoc_new("Configure manifesto mode", "http://prosody.im/protocol/manifesto", adhoc_handler, "admin")); |