# HG changeset patch # User Jonas Schäfer # Date 1677011847 -3600 # Node ID 460f786548646143076ce84d9df3d6ab801577d7 # Parent dc6a10629670f84e316e75b6c1bd3230f6245807 mod_muc_rtbl: also filter messages This was a bit tricky because we don't want to run the JIDs through SHA256 on each message. Took a while to come up with this simple plan of just caching the SHA256 of the JIDs on the occupants. This will leave some dirt in the occupants after unloading the module, but that should be ok; once they cycle the room, the hashes will be gone. This is direly needed, otherwise, there is a tight race between the moderation activities and the actors joining the room. diff -r dc6a10629670 -r 460f78654864 mod_muc_rtbl/mod_muc_rtbl.lua --- a/mod_muc_rtbl/mod_muc_rtbl.lua Mon Feb 20 13:42:13 2023 -0500 +++ b/mod_muc_rtbl/mod_muc_rtbl.lua Tue Feb 21 21:37:27 2023 +0100 @@ -91,6 +91,17 @@ module:hook("iq-result/host/rtbl-request", update_list); +function update_hashes(occupant) + if not occupant.mod_muc_rtbl_bare_hash then + local bare_hash = sha256(jid.bare(event.stanza.attr.from), true); + occupant.mod_muc_rtbl_bare_hash = bare_hash; + end + if not occupant.mod_muc_rtbl_host_hash then + local host_hash = sha256(jid.host(event.stanza.attr.from), true); + event.occupant.mod_muc_rtbl_host_hash = host_hash; + end +end + module:hook("muc-occupant-pre-join", function (event) if next(banned_hashes) == nil then return end @@ -102,9 +113,8 @@ return; end - local bare_hash = sha256(jid.bare(event.stanza.attr.from), true); - local host_hash = sha256(jid.host(event.stanza.attr.from), true); - if banned_hashes[bare_hash] or banned_hashes[host_hash] then + update_hashes(event.occupant); + if banned_hashes[event.occupant.mod_muc_rtbl_bare_hash] or banned_hashes[event.occupant.mod_muc_rtbl_host_hash] then module:log("info", "Blocked user <%s> from room <%s> due to RTBL match", from_bare, event.stanza.attr.to); local error_reply = st.error_reply(event.stanza, "cancel", "forbidden", "You are banned from this service", event.room.jid); event.origin.send(error_reply); @@ -112,6 +122,27 @@ end end); +module:hook("muc-occupant-groupchat", function(event) + update_hashes(event.occupant); + if banned_hashes[event.occupant.mod_muc_rtbl_bare_hash] or banned_hashes[event.occupant.mod_muc_rtbl_host_hash] then + module:log("debug", "Blocked message from user <%s> to room <%s> due to RTBL match", event.stanza.attr.from, event.stanza.attr.to); + local error_reply = st.error_reply(event.stanza, "cancel", "forbidden", "You are banned from this service", event.room.jid); + event.origin.send(error_reply); + return true; + end +end); + +module:hook("muc-private-message", function(event) + local occupant = event.room:get_occupant_by_nick(event.stanza.attr.from); + update_hashes(occupant); + if banned_hashes[occupant.mod_muc_rtbl_bare_hash] or banned_hashes[occupant.mod_muc_rtbl_host_hash] then + module:log("debug", "Blocked private message from user <%s> from room <%s> due to RTBL match", occupant.bare_jid, event.stanza.attr.to); + local error_reply = st.error_reply(event.stanza, "cancel", "forbidden", "You are banned from this service", event.room.jid); + event.origin.send(error_reply); + return true; + end +end); + if prosody.start_time then request_list(); else