comparison mod_manifesto/mod_manifesto.lua @ 1282:17cb51496469

mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
author Kim Alvefur <zash@zash.se>
date Thu, 23 Jan 2014 17:23:04 +0100
parents
children 3e96889c0c36
comparison
equal deleted inserted replaced
1281:f78661861e98 1282:17cb51496469
1 -- mod_manifesto
2
3 local timer = require "util.timer";
4 local jid_split = require "util.jid".split;
5 local st = require "util.stanza";
6 local dm = require "util.datamanager";
7 local time = os.time;
8
9 local hosts = prosody.hosts;
10 local host = module.host;
11 local host_session = hosts[host];
12
13 local default_tpl = [[
14 Hello there.
15
16 This is a brief system message to let you know about some upcoming changes to the $HOST service.
17
18 Some of your contacts are on other Jabber/XMPP services that do not support encryption. As part of an initiative to increase the security of the Jabber/XMPP network, this service ($HOST) will be participating in a series of tests to discover the impact of our planned changes, and you may lose the ability to communicate with some of your contacts.
19
20 The test days well be on the following dates: January 4, February 22, March 22 and April 19. On these days we will require that all client and server connections are encrypted. Unless they enable encryption before that, you will be unable to communicate with your contacts that use these services:
21
22 $SERVICES
23
24 Your affected contacts are:
25
26 $CONTACTS
27
28 What can you do? You may tell your contacts to inform their service administrator about their lack of encryption. Your contacts may also switch to a more secure service. A list of public services can be found at https://xmpp.net/directory.php
29
30 For more information about the Jabber/XMPP security initiative that we are participating in, please read the announcement at https://stpeter.im/journal/1496.html
31
32 If you have any questions or concerns, you may contact us via $CONTACTVIA at $CONTACT
33 ]];
34
35 local message = module:get_option_string("manifesto_contact_encryption_warning", default_tpl);
36 local contact = module:get_option_string("admin_contact_address", module:get_option_array("admins", {})[1]);
37 if not contact then
38 error("mod_manifesto needs you to set 'admin_contact_address' in your config file.", 0);
39 end
40 local contact_method = "Jabber/XMPP";
41 if select(2, contact:gsub("^mailto:", "")) > 0 then
42 contact_method = "email";
43 end
44
45 local notified;
46
47 module:hook("resource-bind", function (event)
48 local session = event.session;
49
50 local now = time();
51 local last_notify = notified[session.username] or 0;
52 if last_notify > ( now - 86400 * 7 ) then
53 return
54 end
55
56 notified[session.username] = now;
57 timer.add_task(15, function ()
58 local bad_contacts, bad_hosts = {}, {};
59 for contact_jid, item in pairs(session.roster) do
60 local _, host = jid_split(contact_jid);
61 local remote_host_session = host_session.s2sout[host];
62 if remote_host_session and remote_host_session.type == "s2sout" then -- Only check remote hosts we have completed s2s connections to
63 if not remote_host_session.secure then
64 local contact_name = item.name;
65 if contact_name then
66 table.insert(bad_contacts, contact_name.." <"..contact_jid..">");
67 else
68 table.insert(bad_contacts, contact_jid);
69 end
70 if not bad_hosts[host] then
71 bad_hosts[host] = true;
72 table.insert(bad_hosts, host);
73 end
74 end
75 end
76 end
77 if #bad_contacts > 0 then
78 local vars = {
79 HOST = host;
80 CONTACTS = " "..table.concat(bad_contacts, "\n ");
81 SERVICES = " "..table.concat(bad_hosts, "\n ");
82 CONTACTVIA = contact_method, CONTACT = contact;
83 };
84 session.send(st.message({ type = "headline", from = host }):tag("body"):text(message:gsub("$(%w+)", vars)));
85 end
86 end);
87 end);
88
89 function module.load()
90 notified = dm.load(nil, host, module.name) or {};
91 end
92
93 function module.save()
94 dm.store(nil, host, module.name, notified);
95 return { notified = notified };
96 end
97
98 function module.restore(data)
99 notified = data.notified;
100 end
101
102 function module.unload()
103 dm.store(nil, host, module.name, notified);
104 end
105
106 function module.uninstall()
107 dm.store(nil, host, module.name, nil);
108 end