Mercurial > prosody-modules
annotate mod_s2s_never_encrypt_blacklist/mod_s2s_never_encrypt_blacklist.lua @ 4942:e7b9bc629ecc
mod_rest: Add special handling to catch MAM results from remote hosts
Makes MAM queries to remote hosts works.
As the comment says, MAM results from users' local archives or local
MUCs are returned via origin.send() which is provided in the event and
thus already worked. Results from remote hosts go via normal stanza
routing and events, which need this extra handling to catch.
This pattern of iq-set, message+, iq-result is generally limited to MAM.
Closest similar thing might be MUC join, but to really handle that you
would need the webhook callback mechanism.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 16 May 2022 19:47:09 +0200 |
parents | 7dbde05b48a9 |
children |
rev | line source |
---|---|
412
8963f4026f3a
mod_s2s_never_encrypt_blacklist: first commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
1 -- Filter out servers which gets choppy and buggy when it comes to starttls. |
930
c08b424583c3
mod_s2s_never_encrypt_blacklist: complete missing banner.
Marco Cirillo <maranda@lightwitch.org>
parents:
924
diff
changeset
|
2 -- (C) 2011-2013, Marco Cirillo (LW.Org) |
412
8963f4026f3a
mod_s2s_never_encrypt_blacklist: first commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
3 |
921
ef859c9d42c4
mod_s2s_never_encrypt_blacklist: supply an empty table as default value, fixes traceback. (Thanks Tobias)
Marco Cirillo <maranda@lightwitch.org>
parents:
531
diff
changeset
|
4 local bad_servers = module:get_option_set("tls_s2s_blacklist", {}) |
ef859c9d42c4
mod_s2s_never_encrypt_blacklist: supply an empty table as default value, fixes traceback. (Thanks Tobias)
Marco Cirillo <maranda@lightwitch.org>
parents:
531
diff
changeset
|
5 local bad_servers_ip = module:get_option_set("tls_s2s_blacklist_ip", {}) |
924
0a78ac54bd03
mod_s2s_never_encrypt_blacklist: conn objects on libev carry a metatable, perhaps have starttls set to false instead of nil.
Marco Cirillo <maranda@lightwitch.org>
parents:
923
diff
changeset
|
6 local libev = module:get_option_boolean("use_libevent") |
412
8963f4026f3a
mod_s2s_never_encrypt_blacklist: first commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
7 |
413
e4d33cdfed21
mod_s2s_never_encrypt_blacklist: filter both incoming and outgoing streams.
Marco Cirillo <maranda@lightwitch.org>
parents:
412
diff
changeset
|
8 local function disable_tls_for_baddies_in(event) |
922
661e2322b4df
mod_s2s_never_encrypt_blacklist: cleanup code, also hooks were mixed up.
Marco Cirillo <maranda@lightwitch.org>
parents:
921
diff
changeset
|
9 local session = event.origin |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
930
diff
changeset
|
10 if bad_servers:contains(session.from_host) or bad_servers_ip:contains(session.conn:ip()) then |
922
661e2322b4df
mod_s2s_never_encrypt_blacklist: cleanup code, also hooks were mixed up.
Marco Cirillo <maranda@lightwitch.org>
parents:
921
diff
changeset
|
11 module:log("debug", "disabling tls on incoming stream from %s...", tostring(session.from_host)); |
924
0a78ac54bd03
mod_s2s_never_encrypt_blacklist: conn objects on libev carry a metatable, perhaps have starttls set to false instead of nil.
Marco Cirillo <maranda@lightwitch.org>
parents:
923
diff
changeset
|
12 if libev then session.conn.starttls = false; else session.conn.starttls = nil; end |
922
661e2322b4df
mod_s2s_never_encrypt_blacklist: cleanup code, also hooks were mixed up.
Marco Cirillo <maranda@lightwitch.org>
parents:
921
diff
changeset
|
13 end |
412
8963f4026f3a
mod_s2s_never_encrypt_blacklist: first commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
14 end |
8963f4026f3a
mod_s2s_never_encrypt_blacklist: first commit.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
15 |
413
e4d33cdfed21
mod_s2s_never_encrypt_blacklist: filter both incoming and outgoing streams.
Marco Cirillo <maranda@lightwitch.org>
parents:
412
diff
changeset
|
16 local function disable_tls_for_baddies_out(event) |
922
661e2322b4df
mod_s2s_never_encrypt_blacklist: cleanup code, also hooks were mixed up.
Marco Cirillo <maranda@lightwitch.org>
parents:
921
diff
changeset
|
17 local session = event.origin |
661e2322b4df
mod_s2s_never_encrypt_blacklist: cleanup code, also hooks were mixed up.
Marco Cirillo <maranda@lightwitch.org>
parents:
921
diff
changeset
|
18 if bad_servers:contains(session.to_host) then |
661e2322b4df
mod_s2s_never_encrypt_blacklist: cleanup code, also hooks were mixed up.
Marco Cirillo <maranda@lightwitch.org>
parents:
921
diff
changeset
|
19 module:log("debug", "disabling tls on outgoing stream from %s...", tostring(session.to_host)); |
924
0a78ac54bd03
mod_s2s_never_encrypt_blacklist: conn objects on libev carry a metatable, perhaps have starttls set to false instead of nil.
Marco Cirillo <maranda@lightwitch.org>
parents:
923
diff
changeset
|
20 if libev then session.conn.starttls = false; else session.conn.starttls = nil; end |
922
661e2322b4df
mod_s2s_never_encrypt_blacklist: cleanup code, also hooks were mixed up.
Marco Cirillo <maranda@lightwitch.org>
parents:
921
diff
changeset
|
21 end |
413
e4d33cdfed21
mod_s2s_never_encrypt_blacklist: filter both incoming and outgoing streams.
Marco Cirillo <maranda@lightwitch.org>
parents:
412
diff
changeset
|
22 end |
e4d33cdfed21
mod_s2s_never_encrypt_blacklist: filter both incoming and outgoing streams.
Marco Cirillo <maranda@lightwitch.org>
parents:
412
diff
changeset
|
23 |
922
661e2322b4df
mod_s2s_never_encrypt_blacklist: cleanup code, also hooks were mixed up.
Marco Cirillo <maranda@lightwitch.org>
parents:
921
diff
changeset
|
24 module:hook("s2s-stream-features", disable_tls_for_baddies_in, 600) |
661e2322b4df
mod_s2s_never_encrypt_blacklist: cleanup code, also hooks were mixed up.
Marco Cirillo <maranda@lightwitch.org>
parents:
921
diff
changeset
|
25 module:hook("stanza/http://etherx.jabber.org/streams:features", disable_tls_for_baddies_out, 600) |