diff mod_adhoc_blacklist/mod_adhoc_blacklist.lua @ 1734:d82b03e79d8b

mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
author Kim Alvefur <zash@zash.se>
date Thu, 14 May 2015 00:33:32 +0200
parents
children efbb73851af9
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_adhoc_blacklist/mod_adhoc_blacklist.lua	Thu May 14 00:33:32 2015 +0200
@@ -0,0 +1,88 @@
+-- mod_adhoc_blacklist
+--
+-- http://xmpp.org/extensions/xep-0133.html#edit-blacklist
+--
+-- Copyright (C) 2015 Kim Alvefur
+--
+-- This file is MIT/X11 licensed.
+--
+
+module:depends("adhoc");
+local adhoc = module:require "adhoc";
+local st = require"util.stanza";
+local set = require"util.set";
+local dataform = require"util.dataforms";
+local adhoc_inital_data = require "util.adhoc".new_initial_data_form;
+
+local blocklist_form = dataform.new {
+	title = "Editing the Blacklist";
+	instructions = "Fill out this form to edit the list of entities with whom communications are disallowed.";
+	{
+		type = "hidden";
+		name = "FORM_TYPE";
+		value = "http://jabber.org/protocol/admin";
+	};
+	{
+		type = "jid-multi";
+		name = "blacklistjids";
+		label = "The blacklist";
+	};
+}
+
+local blocklists = module:open_store("blocklist");
+
+local blocklist_handler = adhoc_inital_data(blocklist_form, function ()
+	local blacklistjids = {};
+	local blacklist = blocklists:get();
+	for jid in pairs(blacklist) do
+		table.insert(blacklistjids, jid);
+	end
+	return { blacklistjids = blacklistjids };
+end, function(fields, form_err)
+	if form_err then
+		return { status = "completed", error = { message = "Problem in submitted form" } };
+	end
+	local blacklistjids = set.new(fields.blacklistjids);
+	local ok, err = blocklists:set(nil, blacklistjids._items);
+	if ok then
+		return { status = "completed", info = "Blacklist updated" };
+	else
+		return { status = "completed", error = { message = "Error saving blacklist: "..err } };
+	end
+end);
+
+module:add_item("adhoc", adhoc.new("Edit Blacklist", "http://jabber.org/protocol/admin#edit-blacklist", blocklist_handler, "admin"));
+
+local function is_blocked(host)
+	local blacklistjids = blocklists:get();
+	return blacklistjids and blacklistjids[host];
+end
+
+module:hook("route/remote", function (event)
+	local origin, stanza = event.origin, event.stanza;
+	if is_blocked(event.to_host) then
+		if origin and stanza then
+			origin.send(st.error_reply(stanza, "cancel", "not-allowed", "Communication with this domain is not allowed"));
+			return true;
+		end
+		return false;
+	end
+end, 1000);
+
+
+module:hook("s2s-stream-features", function (event)
+	local session = event.origin;
+	if is_blocked(session.from_host) then
+		session:close("policy-violation");
+		return false;
+	end
+end, 1000);
+
+module:hook("stanza/http://etherx.jabber.org/streams:features", function (event)
+	local session = event.origin;
+	if is_blocked(session.to_host) then
+		session:close("policy-violation");
+		return true;
+	end
+end, 1000);
+