Annotate

mod_manifesto/mod_manifesto.lua @ 5423:5b2352dda31f

mod_http_oauth2: Include all granted roles in scopes The client is allowed to request a subset of granted scopes, so it makes sense to record all granted roles so that another could be selected at access token issuance.
author Kim Alvefur <zash@zash.se>
date Sun, 07 May 2023 19:06:37 +0200
parent 2887:65082d91950e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1282
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- mod_manifesto
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 local timer = require "util.timer";
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 local jid_split = require "util.jid".split;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 local st = require "util.stanza";
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 local dm = require "util.datamanager";
1307
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
7 local dataforms_new = require "util.dataforms".new;
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
8 local adhoc_initial = require "util.adhoc".new_initial_data_form;
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
9 local mm_reload = require "modulemanager".reload;
1308
9ddfff2acddc mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents: 1307
diff changeset
10 local s2s_destroy_session = require "core.s2smanager".destroy_session;
1307
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
11 local config = require "core.configmanager";
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
12 local config_get = config.get;
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
13 local config_set = config.set;
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
14 local t_concat = table.concat;
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
15 local adhoc_new = module:require "adhoc".new;
1282
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 local time = os.time;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 local hosts = prosody.hosts;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 local host = module.host;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 local host_session = hosts[host];
1283
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
21 local incoming_s2s = prosody.incoming_s2s;
1308
9ddfff2acddc mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents: 1307
diff changeset
22 local s2s_sessions = module:shared"/*/s2s/sessions";
1282
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 local default_tpl = [[
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 Hello there.
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 This is a brief system message to let you know about some upcoming changes to the $HOST service.
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 Some of your contacts are on other Jabber/XMPP services that do not support encryption. As part of an initiative to increase the security of the Jabber/XMPP network, this service ($HOST) will be participating in a series of tests to discover the impact of our planned changes, and you may lose the ability to communicate with some of your contacts.
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30
1305
b0971d8815bf mod_manifesto: Fix typo
Kim Alvefur <zash@zash.se>
parents: 1300
diff changeset
31 The test days will be on the following dates: January 4, February 22, March 22 and April 19. On these days we will require that all client and server connections are encrypted. Unless they enable encryption before that, you will be unable to communicate with your contacts that use these services:
1282
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 $SERVICES
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35 Your affected contacts are:
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37 $CONTACTS
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
39 What can you do? You may tell your contacts to inform their service administrator about their lack of encryption. Your contacts may also switch to a more secure service. A list of public services can be found at https://xmpp.net/directory.php
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
40
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 For more information about the Jabber/XMPP security initiative that we are participating in, please read the announcement at https://stpeter.im/journal/1496.html
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43 If you have any questions or concerns, you may contact us via $CONTACTVIA at $CONTACT
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44 ]];
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46 local message = module:get_option_string("manifesto_contact_encryption_warning", default_tpl);
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 local contact = module:get_option_string("admin_contact_address", module:get_option_array("admins", {})[1]);
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48 if not contact then
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49 error("mod_manifesto needs you to set 'admin_contact_address' in your config file.", 0);
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
51 local contact_method = "Jabber/XMPP";
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 if select(2, contact:gsub("^mailto:", "")) > 0 then
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
53 contact_method = "email";
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
56 local notified;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
57
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
58 module:hook("resource-bind", function (event)
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
59 local session = event.session;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
60
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
61 local now = time();
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62 local last_notify = notified[session.username] or 0;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63 if last_notify > ( now - 86400 * 7 ) then
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
64 return
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
65 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
66
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
67 timer.add_task(15, function ()
1300
99748c89edd4 mod_manifesto: Fix traceback when user disconnects before the timer (fixes #48)
Kim Alvefur <zash@zash.se>
parents: 1286
diff changeset
68 if session.type ~= "c2s" then return end -- user quit already
1282
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69 local bad_contacts, bad_hosts = {}, {};
1286
9700c89f7bf6 mod_manifesto: Fix traceback when user doesn't have a roster (?)
Matthew Wild <mwild1@gmail.com>
parents: 1284
diff changeset
70 for contact_jid, item in pairs(session.roster or {}) do
1283
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
71 local _, contact_host = jid_split(contact_jid);
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
72 local bad = false;
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
73 local remote_host_session = host_session.s2sout[contact_host];
1282
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
74 if remote_host_session and remote_host_session.type == "s2sout" then -- Only check remote hosts we have completed s2s connections to
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
75 if not remote_host_session.secure then
1283
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
76 bad = true;
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
77 end
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
78 end
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
79 for session in pairs(incoming_s2s) do
1284
e36f82d7baae mod_manifesto: Only check fully established incoming sessions
Florian Zeitz <florob@babelmonkeys.de>
parents: 1283
diff changeset
80 if session.to_host == host and session.from_host == contact_host and session.type == "s2sin" then
1283
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
81 if not session.secure then
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
82 bad = true;
1282
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
83 end
1283
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
84 end
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
85 end
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
86 if bad then
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
87 local contact_name = item.name;
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
88 if contact_name then
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
89 table.insert(bad_contacts, contact_name.." <"..contact_jid..">");
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
90 else
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
91 table.insert(bad_contacts, contact_jid);
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
92 end
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
93 if not bad_hosts[contact_host] then
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
94 bad_hosts[contact_host] = true;
3e96889c0c36 mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents: 1282
diff changeset
95 table.insert(bad_hosts, contact_host);
1282
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
96 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
97 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
98 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
99 if #bad_contacts > 0 then
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
100 local vars = {
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
101 HOST = host;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
102 CONTACTS = " "..table.concat(bad_contacts, "\n ");
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
103 SERVICES = " "..table.concat(bad_hosts, "\n ");
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
104 CONTACTVIA = contact_method, CONTACT = contact;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
105 };
2887
65082d91950e Many modules: Simplify st.message(…):tag("body"):text(…):up() into st.message(…, …)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 1325
diff changeset
106 session.send(st.message({ type = "headline", from = host }, message:gsub("$(%w+)", vars)));
1306
63e7e20a0074 mod_manifesto: Only keep track of who we sent notifications to
Kim Alvefur <zash@zash.se>
parents: 1305
diff changeset
107 notified[session.username] = now;
1282
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
108 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
109 end);
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
110 end);
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
111
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
112 function module.load()
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
113 notified = dm.load(nil, host, module.name) or {};
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
114 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
115
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
116 function module.save()
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
117 dm.store(nil, host, module.name, notified);
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
118 return { notified = notified };
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
119 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
120
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
121 function module.restore(data)
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
122 notified = data.notified;
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
123 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
124
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
125 function module.unload()
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
126 dm.store(nil, host, module.name, notified);
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
127 end
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
128
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
129 function module.uninstall()
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
130 dm.store(nil, host, module.name, nil);
17cb51496469 mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff changeset
131 end
1307
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
132
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
133 -- Ad-hoc command for switching to/from "manifesto mode"
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
134 local layout = dataforms_new {
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
135 title = "Configure manifesto mode";
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
136
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
137 { name = "FORM_TYPE", type = "hidden", value = "http://prosody.im/protocol/manifesto" };
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
138 { name = "state", type = "list-single", required = true, label = "Manifesto mode:"};
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
139 };
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
140
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
141 local adhoc_handler = adhoc_initial(layout, function()
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
142 local enabled = config_get(host, "c2s_require_encryption") and config_get(host, "s2s_require_encryption");
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
143 return { state = {
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
144 { label = "Enabled", value = "enabled", default = enabled },
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
145 { label = "Configuration settings", value = "config", default = not enabled },
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
146 }};
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
147 end, function(fields, err)
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
148 if err then
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
149 local errmsg = {};
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
150 for name, err in pairs(errors) do
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
151 errmsg[#errmsg + 1] = name .. ": " .. err;
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
152 end
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
153 return { status = "completed", error = { message = t_concat(errmsg, "\n") } };
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
154 end
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
155
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
156 local info;
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
157 if fields.state == "enabled" then
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
158 config_set(host, "c2s_require_encryption", true);
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
159 config_set(host, "s2s_require_encryption", true);
1308
9ddfff2acddc mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents: 1307
diff changeset
160
9ddfff2acddc mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents: 1307
diff changeset
161 for _, session in pairs(s2s_sessions) do
1325
b21236b6b8d8 Backed out changeset 853a382c9bd6
Kim Alvefur <zash@zash.se>
parents: 1324
diff changeset
162 if not session.secure then
1308
9ddfff2acddc mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents: 1307
diff changeset
163 (session.close or s2s_destroy_session)(session);
9ddfff2acddc mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents: 1307
diff changeset
164 end
9ddfff2acddc mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents: 1307
diff changeset
165 end
9ddfff2acddc mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents: 1307
diff changeset
166
1307
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
167 info = "Manifesto mode enabled";
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
168 else
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
169 local ok, err = prosody.reload_config();
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
170 if not ok then
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
171 return { status = "completed", error = { message = "Failed to reload config: " .. tostring(err) } };
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
172 end
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
173 info = "Reset to configuration settings";
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
174 end
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
175
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
176 local ok, err = mm_reload(host, "tls");
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
177 if not ok then return { status = "completed", error = { message = "Failed to reload mod_tls: " .. tostring(err) } }; end
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
178 ok, err = mm_reload(host, "s2s");
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
179 if not ok then return { status = "completed", error = { message = "Failed to reload mod_s2s: " .. tostring(err) } }; end
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
180 ok, err = mm_reload(host, "saslauth");
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
181 if not ok then return { status = "completed", error = { message = "Failed to reload mod_saslauth: " .. tostring(err) } }; end
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
182
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
183 return { status = "completed", info = info };
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
184 end);
71dd991c94e7 mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents: 1306
diff changeset
185 module:provides("adhoc", adhoc_new("Configure manifesto mode", "http://prosody.im/protocol/manifesto", adhoc_handler, "admin"));