annotate mod_query_client_ver/mod_query_client_ver.lua @ 5401:c8d04ac200fc

mod_http_oauth2: Reject loopback URIs as client_uri This really should be a proper website with info, https://localhost is not good enough. Ideally we'd validate that it's got proper DNS and is actually reachable, but triggering HTTP or even DNS lookups seems like it would carry abuse potential that would best to avoid.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:20:55 +0200
parents 1f8220f0c8bf
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1588
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- Query and log client software
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 local st = require"util.stanza";
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 local uuid = require"util.uuid".generate;
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 local xmlns_iq_version = "jabber:iq:version";
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 local version_id = uuid();
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 local xmlns_disco_info = "http://jabber.org/protocol/disco#info";
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 local disco_id = uuid();
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 module:hook("presence/bare", function(event)
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 local origin, stanza = event.origin, event.stanza;
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 if origin.type == "c2s" and not origin.presence and not stanza.attr.to then
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 module:add_timer(1, function()
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 if origin.type ~= "c2s" then return end
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 origin.log("debug", "Sending version query");
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 origin.send(st.iq({ id = version_id, type = "get", from = module.host, to = origin.full_jid }):query(xmlns_iq_version));
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 end);
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 end
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 end, 1);
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 module:hook("iq-result/host/"..version_id, function(event)
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 local origin, stanza = event.origin, event.stanza;
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 local query = stanza:get_child("query", xmlns_iq_version);
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 if query then
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 local client = query:get_child_text("name");
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 if client then
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 local version = query:get_child_text("version");
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 if version then
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 client = client .. " version " .. version;
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 end
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 origin.log("info", "Running %s", client);
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 end
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34 end
2653
96eabf8591a6 mod_query_client_ver: Handle IQ errors (see #876)
Kim Alvefur <zash@zash.se>
parents: 2652
diff changeset
35 return true;
96eabf8591a6 mod_query_client_ver: Handle IQ errors (see #876)
Kim Alvefur <zash@zash.se>
parents: 2652
diff changeset
36 end);
96eabf8591a6 mod_query_client_ver: Handle IQ errors (see #876)
Kim Alvefur <zash@zash.se>
parents: 2652
diff changeset
37
96eabf8591a6 mod_query_client_ver: Handle IQ errors (see #876)
Kim Alvefur <zash@zash.se>
parents: 2652
diff changeset
38 module:hook("iq-error/host/"..version_id, function(event)
96eabf8591a6 mod_query_client_ver: Handle IQ errors (see #876)
Kim Alvefur <zash@zash.se>
parents: 2652
diff changeset
39 local origin, stanza = event.origin, event.stanza;
1588
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40 origin.send(st.iq({ id = disco_id, type = "get", from = module.host, to = origin.full_jid }):query(xmlns_disco_info));
2652
20ebfa4ad7f4 mod_query_client_ver: Signal that events are handled even when no response is returned (see #876)
Kim Alvefur <zash@zash.se>
parents: 1588
diff changeset
41 return true;
1588
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42 end);
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44 module:hook("iq-result/host/"..disco_id, function(event)
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45 local origin, stanza = event.origin, event.stanza;
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46 local query = stanza:get_child("query", xmlns_disco_info);
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 if query then
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48 local ident = query:get_child("identity");
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49 if ident and ident.attr.name then
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50 origin.log("info", "Running %s", ident.attr.name);
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
51 end
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 end
2652
20ebfa4ad7f4 mod_query_client_ver: Signal that events are handled even when no response is returned (see #876)
Kim Alvefur <zash@zash.se>
parents: 1588
diff changeset
53 return true;
1588
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54 end);
b5f9f1111a8b mod_query_client_ver: Query and log client software
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55
2653
96eabf8591a6 mod_query_client_ver: Handle IQ errors (see #876)
Kim Alvefur <zash@zash.se>
parents: 2652
diff changeset
56 module:hook("iq-error/host/"..disco_id, function()
96eabf8591a6 mod_query_client_ver: Handle IQ errors (see #876)
Kim Alvefur <zash@zash.se>
parents: 2652
diff changeset
57 return true; -- Doesn't reply to disco#info? Weird, but ignore for now.
96eabf8591a6 mod_query_client_ver: Handle IQ errors (see #876)
Kim Alvefur <zash@zash.se>
parents: 2652
diff changeset
58 end);
2990
cb8d65b40fb4 mod_query_client_ver: Add a simple adhoc command that queries all currently connected clients
Kim Alvefur <zash@zash.se>
parents: 2653
diff changeset
59
cb8d65b40fb4 mod_query_client_ver: Add a simple adhoc command that queries all currently connected clients
Kim Alvefur <zash@zash.se>
parents: 2653
diff changeset
60 module:add_item("adhoc",
2993
1f8220f0c8bf mod_query_client_ver: Use the module name as adhoc command node (mistakenly not changed after copying from mod_ping)
Kim Alvefur <zash@zash.se>
parents: 2992
diff changeset
61 module:require "adhoc".new("Query all currently connected clients", module.name,
2990
cb8d65b40fb4 mod_query_client_ver: Add a simple adhoc command that queries all currently connected clients
Kim Alvefur <zash@zash.se>
parents: 2653
diff changeset
62 function (self, data, state)
cb8d65b40fb4 mod_query_client_ver: Add a simple adhoc command that queries all currently connected clients
Kim Alvefur <zash@zash.se>
parents: 2653
diff changeset
63 for jid, session in pairs(prosody.full_sessions) do
2991
9d205ec1fa00 mod_query_client_ver: Fix check for sessions on the current host
Kim Alvefur <zash@zash.se>
parents: 2990
diff changeset
64 if session.host == module.host then
2990
cb8d65b40fb4 mod_query_client_ver: Add a simple adhoc command that queries all currently connected clients
Kim Alvefur <zash@zash.se>
parents: 2653
diff changeset
65 session.send(st.iq({ id = version_id, type = "get", from = module.host, to = session.full_jid }):query(xmlns_iq_version));
cb8d65b40fb4 mod_query_client_ver: Add a simple adhoc command that queries all currently connected clients
Kim Alvefur <zash@zash.se>
parents: 2653
diff changeset
66 end
cb8d65b40fb4 mod_query_client_ver: Add a simple adhoc command that queries all currently connected clients
Kim Alvefur <zash@zash.se>
parents: 2653
diff changeset
67 end
cb8d65b40fb4 mod_query_client_ver: Add a simple adhoc command that queries all currently connected clients
Kim Alvefur <zash@zash.se>
parents: 2653
diff changeset
68 return { info = "Ok, check your logs for results", status = "completed" }
2992
5fd9462117cd mod_query_client_ver: Restrict adhoc command to local admins
Kim Alvefur <zash@zash.se>
parents: 2991
diff changeset
69 end, "admin"));
2990
cb8d65b40fb4 mod_query_client_ver: Add a simple adhoc command that queries all currently connected clients
Kim Alvefur <zash@zash.se>
parents: 2653
diff changeset
70