Mercurial > prosody-modules
comparison mod_e2e_policy/mod_e2e_policy.lua @ 2212:57dcad6543c9
mod_e2e_policy: Initial commit
| author | Michel Le Bihan <michel@lebihan.pl> |
|---|---|
| date | Tue, 14 Jun 2016 18:03:05 +0200 |
| parents | |
| children | 611a787e6d08 |
comparison
equal
deleted
inserted
replaced
| 2211:9aecf7c953ba | 2212:57dcad6543c9 |
|---|---|
| 1 local st = require "util.stanza"; | |
| 2 local host = module.host; | |
| 3 local e2e_policy_chat = module:get_option_string("e2e_policy_chat", "optional"); -- possible values: none, optional and required | |
| 4 local e2e_policy_muc = module:get_option_string("e2e_policy_muc", "optional"); -- possible values: none, optional and required | |
| 5 local e2e_policy_whitelist = module:get_option_set("e2e_policy_whitelist", { }); -- make this module ignore messages sent to and from this JIDs or MUCs | |
| 6 | |
| 7 local e2e_policy_message_optional_chat = module:get_option_string("e2e_policy_message_optional_chat", "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for conversations on this server."); | |
| 8 local e2e_policy_message_required_chat = module:get_option_string("e2e_policy_message_required_chat", "For security reasons, OMEMO, OTR or PGP encryption is required for conversations on this server."); | |
| 9 local e2e_policy_message_optional_muc = module:get_option_string("e2e_policy_message_optional_muc", "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for MUC on this server."); | |
| 10 local e2e_policy_message_required_muc = module:get_option_string("e2e_policy_message_required_muc", "For security reasons, OMEMO, OTR or PGP encryption is required for MUC on this server."); | |
| 11 | |
| 12 function warn_on_plaintext_messages(event) | |
| 13 if e2e_policy_whitelist:contains(event.stanza.attr.from) or e2e_policy_whitelist:contains(event.stanza.attr.to) then -- check if JID is whitelisted | |
| 14 return nil; | |
| 15 end | |
| 16 local body = event.stanza:get_child_text("body"); | |
| 17 -- do not warn for status messages | |
| 18 if not body then | |
| 19 return nil; | |
| 20 end | |
| 21 -- check otr | |
| 22 if body and body:sub(1,4) == "?OTR" then | |
| 23 return nil; | |
| 24 end | |
| 25 -- check omemo https://xmpp.org/extensions/inbox/omemo.html | |
| 26 if event.stanza:get_child("encrypted", "eu.siacs.conversations.axolotl") or event.stanza:get_child("encrypted", "urn:xmpp:omemo:0") then | |
| 27 return nil; | |
| 28 end | |
| 29 -- check xep27 pgp https://xmpp.org/extensions/xep-0027.html | |
| 30 if event.stanza:get_child("x", "jabber:x:encrypted") then | |
| 31 return nil; | |
| 32 end | |
| 33 -- check xep373 pgp (OX) https://xmpp.org/extensions/xep-0373.html | |
| 34 if event.stanza:get_child("openpgp", "urn:xmpp:openpgp:0") then | |
| 35 return nil; | |
| 36 end | |
| 37 -- no valid encryption found | |
| 38 if e2e_policy_chat == "optional" and event.stanza.attr.type ~= "groupchat" then | |
| 39 event.origin.send(st.message({ from = host, type = "headline" }, e2e_policy_message_optional_chat)); | |
| 40 end | |
| 41 if e2e_policy_chat == "required" and event.stanza.attr.type ~= "groupchat" then | |
| 42 return event.origin.send(st.error_reply(event.stanza, "modify", "policy-violation", e2e_policy_message_required_chat)); | |
| 43 end | |
| 44 if e2e_policy_muc == "optional" and event.stanza.attr.type == "groupchat" then | |
| 45 event.origin.send(st.message({ from = host, type = "headline" }, e2e_policy_message_optional_muc)); | |
| 46 end | |
| 47 if e2e_policy_muc == "required" and event.stanza.attr.type == "groupchat" then | |
| 48 return event.origin.send(st.error_reply(event.stanza, "modify", "policy-violation", e2e_policy_message_required_muc)); | |
| 49 end | |
| 50 end | |
| 51 | |
| 52 module:hook("pre-message/bare", warn_on_plaintext_messages, 300); | |
| 53 module:hook("pre-message/full", warn_on_plaintext_messages, 300); | |
| 54 module:hook("pre-message/host", warn_on_plaintext_messages, 300); |