Mercurial > prosody-modules
comparison mod_firewall/definitions.lib.lua @ 2586:d28e434cb5fd
mod_firewall: Support filters for normalizing items before checking for them in lists
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sun, 26 Feb 2017 11:28:56 +0000 |
| parents | 22a271641c29 |
| children | 8c879948a2cf |
comparison
equal
deleted
inserted
replaced
| 2585:02c6ae745c4f | 2586:d28e434cb5fd |
|---|---|
| 6 | 6 |
| 7 local http = require "net.http"; | 7 local http = require "net.http"; |
| 8 local timer = require "util.timer"; | 8 local timer = require "util.timer"; |
| 9 local set = require"util.set"; | 9 local set = require"util.set"; |
| 10 local new_throttle = require "util.throttle".create; | 10 local new_throttle = require "util.throttle".create; |
| 11 local hashes = require "util.hashes"; | |
| 12 local jid = require "util.jid"; | |
| 11 | 13 |
| 12 local multirate_cache_size = module:get_option_number("firewall_multirate_cache_limit", 1000); | 14 local multirate_cache_size = module:get_option_number("firewall_multirate_cache_limit", 1000); |
| 13 | 15 |
| 14 function definition_handlers.ZONE(zone_name, zone_members) | 16 function definition_handlers.ZONE(zone_name, zone_members) |
| 15 local zone_member_list = {}; | 17 local zone_member_list = {}; |
| 169 end; | 171 end; |
| 170 }; | 172 }; |
| 171 }; | 173 }; |
| 172 list_backends.https = list_backends.http; | 174 list_backends.https = list_backends.http; |
| 173 | 175 |
| 176 local normalize_functions = { | |
| 177 upper = string.upper, lower = string.lower; | |
| 178 md5 = hashes.md5, sha1 = hashes.sha1, sha256 = hashes.sha256; | |
| 179 prep = jid.prep, bare = jid.bare; | |
| 180 }; | |
| 181 | |
| 182 local function wrap_list_method(list_method, filter) | |
| 183 return function (self, item) | |
| 184 return list_method(self, filter(item)); | |
| 185 end | |
| 186 end | |
| 187 | |
| 174 local function create_list(list_backend, list_def, opts) | 188 local function create_list(list_backend, list_def, opts) |
| 175 if not list_backends[list_backend] then | 189 if not list_backends[list_backend] then |
| 176 error("Unknown list type '"..list_backend.."'", 0); | 190 error("Unknown list type '"..list_backend.."'", 0); |
| 177 end | 191 end |
| 178 local list = setmetatable({}, { __index = list_backends[list_backend] }); | 192 local list = setmetatable({}, { __index = list_backends[list_backend] }); |
| 179 if list.init then | 193 if list.init then |
| 180 list:init(list_def, opts); | 194 list:init(list_def, opts); |
| 195 end | |
| 196 if opts.filter then | |
| 197 local filters = {}; | |
| 198 for func_name in opts.filter:gmatch("[%w_]+") do | |
| 199 if func_name == "log" then | |
| 200 table.insert(filters, function (s) | |
| 201 --print("&&&&&", s); | |
| 202 module:log("debug", "Checking list <%s> for: %s", list_def, s); | |
| 203 return s; | |
| 204 end); | |
| 205 else | |
| 206 assert(normalize_functions[func_name], "Unknown list filter: "..func_name); | |
| 207 table.insert(filters, normalize_functions[func_name]); | |
| 208 end | |
| 209 end | |
| 210 | |
| 211 local filter; | |
| 212 local n = #filters; | |
| 213 if n == 1 then | |
| 214 filter = filters[1]; | |
| 215 else | |
| 216 function filter(s) | |
| 217 for i = 1, n do | |
| 218 s = filters[i](s or ""); | |
| 219 end | |
| 220 return s; | |
| 221 end | |
| 222 end | |
| 223 | |
| 224 list.add = wrap_list_method(list.add, filter); | |
| 225 list.remove = wrap_list_method(list.remove, filter); | |
| 226 list.contains = wrap_list_method(list.contains, filter); | |
| 181 end | 227 end |
| 182 return list; | 228 return list; |
| 183 end | 229 end |
| 184 | 230 |
| 185 --[[ | 231 --[[ |