Mercurial > prosody-modules
changeset 1734:d82b03e79d8b
mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 14 May 2015 00:33:32 +0200 |
parents | 9abd3dce619a |
children | c2d43b568178 |
files | mod_adhoc_blacklist/mod_adhoc_blacklist.lua |
diffstat | 1 files changed, 88 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_adhoc_blacklist/mod_adhoc_blacklist.lua Thu May 14 00:33:32 2015 +0200 @@ -0,0 +1,88 @@ +-- mod_adhoc_blacklist +-- +-- http://xmpp.org/extensions/xep-0133.html#edit-blacklist +-- +-- Copyright (C) 2015 Kim Alvefur +-- +-- This file is MIT/X11 licensed. +-- + +module:depends("adhoc"); +local adhoc = module:require "adhoc"; +local st = require"util.stanza"; +local set = require"util.set"; +local dataform = require"util.dataforms"; +local adhoc_inital_data = require "util.adhoc".new_initial_data_form; + +local blocklist_form = dataform.new { + title = "Editing the Blacklist"; + instructions = "Fill out this form to edit the list of entities with whom communications are disallowed."; + { + type = "hidden"; + name = "FORM_TYPE"; + value = "http://jabber.org/protocol/admin"; + }; + { + type = "jid-multi"; + name = "blacklistjids"; + label = "The blacklist"; + }; +} + +local blocklists = module:open_store("blocklist"); + +local blocklist_handler = adhoc_inital_data(blocklist_form, function () + local blacklistjids = {}; + local blacklist = blocklists:get(); + for jid in pairs(blacklist) do + table.insert(blacklistjids, jid); + end + return { blacklistjids = blacklistjids }; +end, function(fields, form_err) + if form_err then + return { status = "completed", error = { message = "Problem in submitted form" } }; + end + local blacklistjids = set.new(fields.blacklistjids); + local ok, err = blocklists:set(nil, blacklistjids._items); + if ok then + return { status = "completed", info = "Blacklist updated" }; + else + return { status = "completed", error = { message = "Error saving blacklist: "..err } }; + end +end); + +module:add_item("adhoc", adhoc.new("Edit Blacklist", "http://jabber.org/protocol/admin#edit-blacklist", blocklist_handler, "admin")); + +local function is_blocked(host) + local blacklistjids = blocklists:get(); + return blacklistjids and blacklistjids[host]; +end + +module:hook("route/remote", function (event) + local origin, stanza = event.origin, event.stanza; + if is_blocked(event.to_host) then + if origin and stanza then + origin.send(st.error_reply(stanza, "cancel", "not-allowed", "Communication with this domain is not allowed")); + return true; + end + return false; + end +end, 1000); + + +module:hook("s2s-stream-features", function (event) + local session = event.origin; + if is_blocked(session.from_host) then + session:close("policy-violation"); + return false; + end +end, 1000); + +module:hook("stanza/http://etherx.jabber.org/streams:features", function (event) + local session = event.origin; + if is_blocked(session.to_host) then + session:close("policy-violation"); + return true; + end +end, 1000); +