Mercurial > prosody-modules
comparison mod_admin_blocklist/mod_admin_blocklist.lua @ 1735:c2d43b568178
mod_admin_blocklist: Prevents s2s connections to/from domains blocked by a local admin using mod_blocklist (0.10+)
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 14 May 2015 00:34:00 +0200 |
| parents | |
| children | 5d05139d0555 |
comparison
equal
deleted
inserted
replaced
| 1734:d82b03e79d8b | 1735:c2d43b568178 |
|---|---|
| 1 -- mod_admin_blocklist | |
| 2 -- | |
| 3 -- If a local admin has blocked a domain, don't allow s2s to that domain | |
| 4 -- | |
| 5 -- Copyright (C) 2015 Kim Alvefur | |
| 6 -- | |
| 7 -- This file is MIT/X11 licensed. | |
| 8 -- | |
| 9 | |
| 10 module:depends("blocklist"); | |
| 11 | |
| 12 local st = require"util.stanza"; | |
| 13 local jid_split = require"util.jid".split; | |
| 14 | |
| 15 local admins = module:get_option_inherited_set("admins", {}) / | |
| 16 function (admin) -- Filter out non-local admins | |
| 17 local user, host = jid_split(admin); | |
| 18 if host == module.host then return user; end | |
| 19 end | |
| 20 | |
| 21 local blocklists = module:open_store("blocklist"); | |
| 22 | |
| 23 local function is_blocked(host) | |
| 24 for admin in admins do | |
| 25 local blocklist = blocklists:get(admin); | |
| 26 if blocklist and blocklist[host] then | |
| 27 return true; | |
| 28 end | |
| 29 end | |
| 30 end | |
| 31 | |
| 32 module:hook("route/remote", function (event) | |
| 33 local origin, stanza = event.origin, event.stanza; | |
| 34 if is_blocked(event.to_host) then | |
| 35 if origin and stanza then | |
| 36 origin.send(st.error_reply(stanza, "cancel", "not-allowed", "Communication with this domain is not allowed")); | |
| 37 return true; | |
| 38 end | |
| 39 return false; | |
| 40 end | |
| 41 end, 1000); | |
| 42 | |
| 43 | |
| 44 module:hook("s2s-stream-features", function (event) | |
| 45 local session = event.origin; | |
| 46 if is_blocked(session.from_host) then | |
| 47 session:close("policy-violation"); | |
| 48 return false; | |
| 49 end | |
| 50 end, 1000); | |
| 51 | |
| 52 module:hook("stanza/http://etherx.jabber.org/streams:features", function (event) | |
| 53 local session = event.origin; | |
| 54 if is_blocked(session.to_host) then | |
| 55 session:close("policy-violation"); | |
| 56 return true; | |
| 57 end | |
| 58 end, 1000); | |
| 59 |