Mercurial > prosody-modules
comparison mod_s2s_blackwhitelist/mod_s2s_blackwhitelist.lua @ 215:281db5eefcb4
mod_s2s_blackwhitelist: adding blacklist and whitelist plugin for s2s connections
| author | Gaurav <gauravsri@gmail.com> |
|---|---|
| date | Fri, 16 Jul 2010 10:02:31 -0700 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 214:7487f8b47662 | 215:281db5eefcb4 |
|---|---|
| 1 | |
| 2 local s2smanager = require "core.s2smanager"; | |
| 3 local config = require "core.configmanager"; | |
| 4 local nameprep = require "util.encodings".stringprep.nameprep; | |
| 5 | |
| 6 local s2s_blacklist = module:get_option_array("s2s_blacklist"); | |
| 7 local s2s_whitelist = module:get_option_array("s2s_whitelist"); | |
| 8 local s2s_enable_blackwhitelist = module:get_option_string("s2s_enable_blackwhitelist"); | |
| 9 local is_blacklist_enabled = false; | |
| 10 local is_whitelist_enabled = false; | |
| 11 | |
| 12 if s2s_enable_blackwhitelist == "blacklist" then | |
| 13 if type(s2s_blacklist) == "table" then | |
| 14 is_blacklist_enabled = true; | |
| 15 module:log("debug", "s2s-blacklist is enabled"); | |
| 16 local count=#s2s_blacklist; | |
| 17 for i=1,count do | |
| 18 module:log("debug", "s2s-blacklist adding [%s]", s2s_blacklist[i]); | |
| 19 end | |
| 20 end | |
| 21 elseif s2s_enable_blackwhitelist == "whitelist" then | |
| 22 if type(s2s_whitelist) == "table" then | |
| 23 is_whitelist_enabled = true; | |
| 24 module:log("debug", "s2s-whitelist is enabled"); | |
| 25 local count=#s2s_whitelist; | |
| 26 for i=1,count do | |
| 27 module:log("debug", "s2s-whitelist adding [%s]", s2s_whitelist[i]); | |
| 28 end | |
| 29 end | |
| 30 end | |
| 31 | |
| 32 local function reload_list() | |
| 33 s2s_blacklist = module:get_option_array("s2s_blacklist"); | |
| 34 s2s_whitelist = module:get_option_array("s2s_whitelist"); | |
| 35 s2s_enable_blackwhitelist = module:get_option_string("s2s_enable_blackwhitelist"); | |
| 36 | |
| 37 if s2s_enable_blackwhitelist == "blacklist" then | |
| 38 if type(s2s_blacklist) == "table" then | |
| 39 is_blacklist_enabled = true; | |
| 40 module:log("debug", "s2s-blacklist is enabled"); | |
| 41 local count=#s2s_blacklist; | |
| 42 for i=1,count do | |
| 43 module:log("debug", "s2s-blacklist adding [%s]", s2s_blacklist[i]); | |
| 44 end | |
| 45 end | |
| 46 elseif s2s_enable_blackwhitelist == "whitelist" then | |
| 47 if type(s2s_whitelist) == "table" then | |
| 48 is_whitelist_enabled = true; | |
| 49 module:log("debug", "s2s-whitelist is enabled"); | |
| 50 local count=#s2s_whitelist; | |
| 51 for i=1,count do | |
| 52 module:log("debug", "s2s-whitelist adding [%s]", s2s_whitelist[i]); | |
| 53 end | |
| 54 end | |
| 55 end | |
| 56 end | |
| 57 | |
| 58 local _make_connect = s2smanager.make_connect; | |
| 59 function s2smanager.make_connect(session, connect_host, connect_port) | |
| 60 local host = session.to_host; | |
| 61 if not session.s2sValidation then | |
| 62 if (host and is_blacklist_enabled == true) then | |
| 63 local count=#s2s_blacklist; | |
| 64 for i=1,count do | |
| 65 if s2s_blacklist[i] == host then | |
| 66 module:log ("error", "blacklisted host received %s", s2s_blacklist[i]); | |
| 67 s2smanager.destroy_session(session, "This host does not serve "..host); | |
| 68 return false; | |
| 69 end | |
| 70 end | |
| 71 elseif (host and is_whitelist_enabled == true) then | |
| 72 local count=#s2s_whitelist; | |
| 73 local found=false; | |
| 74 for i=1,count do | |
| 75 if s2s_whitelist[i] == host then | |
| 76 found=true; | |
| 77 end | |
| 78 end | |
| 79 if found == false then | |
| 80 module:log ("error", "host %s couldn't be found in whitelist", host); | |
| 81 s2smanager.destroy_session(session, "This host does not serve "..host); | |
| 82 return false; | |
| 83 end | |
| 84 end | |
| 85 end | |
| 86 return _make_connect(session, connect_host, connect_port); | |
| 87 end | |
| 88 | |
| 89 local _stream_opened = s2smanager.streamopened; | |
| 90 function s2smanager.streamopened(session, attr) | |
| 91 local host = attr.from and nameprep(attr.from); | |
| 92 if not host then | |
| 93 session.s2sValidation = false; | |
| 94 else | |
| 95 session.s2sValidation = true; | |
| 96 end | |
| 97 | |
| 98 if (host and is_blacklist_enabled == true) then | |
| 99 local count=#s2s_blacklist; | |
| 100 for i=1,count do | |
| 101 if s2s_blacklist[i] == host then | |
| 102 module:log ("error", "blacklisted host received %s", s2s_blacklist[i]); | |
| 103 session:close({condition = "host-unknown", text = "This host does not serve " .. host}); | |
| 104 return; | |
| 105 end | |
| 106 end | |
| 107 elseif (host and is_whitelist_enabled == true) then | |
| 108 local count=#s2s_whitelist; | |
| 109 local found=false; | |
| 110 for i=1,count do | |
| 111 if s2s_whitelist[i] == host then | |
| 112 found=true; | |
| 113 end | |
| 114 end | |
| 115 if found == false then | |
| 116 module:log ("error", "host %s couldn't be found in whitelist", host); | |
| 117 session:close({condition = "host-unknown", text = "This host does not serve " .. host}); | |
| 118 return; | |
| 119 end | |
| 120 end | |
| 121 _stream_opened(session, attr); | |
| 122 end | |
| 123 | |
| 124 | |
| 125 local function server_dialback_result_hook (event) | |
| 126 local origin, stanza = event.origin, event.stanza; | |
| 127 | |
| 128 if origin.type == "s2sin" or origin.type == "s2sin_unauthed" then | |
| 129 | |
| 130 local host = stanza.attr.from; | |
| 131 | |
| 132 if (host and is_blacklist_enabled == true) then | |
| 133 local count=#s2s_blacklist; | |
| 134 for i=1,count do | |
| 135 if s2s_blacklist[i] == host then | |
| 136 module:log ("error", "blacklisted host received %s", s2s_blacklist[i]); | |
| 137 origin:close({condition = "host-unknown", text = "This host does not serve " .. host}); | |
| 138 return true; | |
| 139 end | |
| 140 end | |
| 141 elseif (host and is_whitelist_enabled == true) then | |
| 142 local count=#s2s_whitelist; | |
| 143 local found=false; | |
| 144 for i=1,count do | |
| 145 if s2s_whitelist[i] == host then | |
| 146 found=true; | |
| 147 end | |
| 148 end | |
| 149 if found == false then | |
| 150 module:log ("error", "host %s couldn't be found in whitelist", host); | |
| 151 origin:close({condition = "host-unknown", text = "This host does not serve " .. host}); | |
| 152 return true; | |
| 153 end | |
| 154 end | |
| 155 | |
| 156 end | |
| 157 | |
| 158 return nil; | |
| 159 end | |
| 160 | |
| 161 local function handle_activated_host (host) | |
| 162 if (hosts[host] and hosts[host].events) then | |
| 163 hosts[host].events.add_handler("stanza/jabber:server:dialback:result", server_dialback_result_hook, 100); | |
| 164 module:log ("debug", "adding hook for %s", host); | |
| 165 end | |
| 166 end | |
| 167 | |
| 168 local function handle_deactivated_host (host) | |
| 169 if (hosts[host] and hosts[host].events) then | |
| 170 hosts[host].events.remove_handler("stanza/jabber:server:dialback:result", server_dialback_result_hook); | |
| 171 module:log ("debug", "removing hook for %s", host); | |
| 172 end | |
| 173 end | |
| 174 | |
| 175 prosody.events.add_handler("host-activated", handle_activated_host); | |
| 176 prosody.events.add_handler("component-activated", handle_activated_host); | |
| 177 prosody.events.add_handler("host-deactivated", handle_deactivated_host); | |
| 178 prosody.events.add_handler("component-deactivated", handle_deactivated_host); | |
| 179 prosody.events.add_handler("config-reloaded", reload_list); | |
| 180 | |
| 181 for name, host in pairs(hosts) do | |
| 182 if host and host.events then | |
| 183 host.events.add_handler("stanza/jabber:server:dialback:result", server_dialback_result_hook, 100); | |
| 184 module:log ("debug", "adding hook for %s", name); | |
| 185 end | |
| 186 end | |
| 187 |