Mercurial > prosody-modules
annotate mod_muc_ban_ip/mod_muc_ban_ip.lua @ 3571:f5ea0b886c7c
mod_storage_xmlarchive: Limit search to smallest time range in case of inexact match
This should improve performance in case the exact days in the 'start'
and 'end' range are missing from the index.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 03 May 2019 18:59:38 +0200 (2019-05-03) |
| parents | 823027110e29 |
| children | 4c9805f29f2d |
| rev | line source |
|---|---|
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 module:set_global(); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 local jid_bare = require "util.jid".bare; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 local st = require "util.stanza"; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 local xmlns_muc_user = "http://jabber.org/protocol/muc#user"; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 local ip_bans = module:shared("bans"); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 local full_sessions = prosody.full_sessions; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 local function ban_ip(session, from) |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 local ip = session.ip; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 if not ip then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 module:log("warn", "Failed to ban IP (IP unknown) for %s", session.full_jid); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 return; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 local banned_from = ip_bans[ip]; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 if not banned_from then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 banned_from = {}; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 ip_bans[ip] = banned_from; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 banned_from[from] = true; |
|
3403
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1651
diff
changeset
|
22 module:log("debug", "Added ban for IP address %s from %s", ip, from); |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 |
|
1651
933403ee07ec
mod_muc_ban_ip: Cleanup [luacheck]
Kim Alvefur <zash@zash.se>
parents:
1647
diff
changeset
|
25 local function check_for_incoming_ban(event) |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 local stanza = event.stanza; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 local to_session = full_sessions[stanza.attr.to]; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 if to_session then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 local directed = to_session.directed; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 local from = stanza.attr.from; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 if directed and directed[from] and stanza.attr.type == "unavailable" then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 -- This is a stanza from somewhere we sent directed presence to (may be a MUC) |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 local x = stanza:get_child("x", xmlns_muc_user); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 if x then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 for status in x:childtags("status") do |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 if status.attr.code == '301' then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 ban_ip(to_session, jid_bare(from)); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
38 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 |
|
1651
933403ee07ec
mod_muc_ban_ip: Cleanup [luacheck]
Kim Alvefur <zash@zash.se>
parents:
1647
diff
changeset
|
45 local function check_for_ban(event) |
|
3403
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1651
diff
changeset
|
46 local origin, stanza = event.origin, event.stanza; |
|
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1651
diff
changeset
|
47 local ip = origin.ip; |
|
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1651
diff
changeset
|
48 local to = jid_bare(stanza.attr.to); |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 if ip_bans[ip] and ip_bans[ip][to] then |
|
3403
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1651
diff
changeset
|
50 origin.log("debug", "IP banned: %s is banned from %s", ip, to) |
|
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1651
diff
changeset
|
51 origin.send(st.error_reply(stanza, "auth", "forbidden") |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 :tag("x", { xmlns = xmlns_muc_user }) |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 :tag("status", { code = '301' })); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
54 return true; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 end |
|
3403
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1651
diff
changeset
|
56 origin.log("debug", "IP not banned: %s from %s", ip, to) |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 function module.add_host(module) |
|
1647
8860405e2af6
mod_muc_ban_ip: Increase priority of hooks, fixes if eg mod_presence gets called first
Kim Alvefur <zash@zash.se>
parents:
1005
diff
changeset
|
60 module:hook("presence/full", check_for_incoming_ban, 100); |
|
8860405e2af6
mod_muc_ban_ip: Increase priority of hooks, fixes if eg mod_presence gets called first
Kim Alvefur <zash@zash.se>
parents:
1005
diff
changeset
|
61 module:hook("pre-presence/full", check_for_ban, 100); |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 end |