Software / code / prosody-modules
Annotate
mod_e2e_policy/mod_e2e_policy.lua @ 6251:694f8fab07d4
: mod_sasl2*** : Update Compability for all of them
diff --git a/mod_sasl2/README.md b/mod_sasl2/README.md
--- a/mod_sasl2/README.md
+++ b/mod_sasl2/README.md
@@ -31,6 +31,7 @@ This module requires Prosody **trunk** a
Prosody Version Status
----------------------- ----------------
- trunk as of 2024-11-24 Works
+ trunk as of 2025-05-25 Works
+ 0.13 Works
0.12 Does not work
----------------------- ----------------
diff --git a/mod_sasl2_bind2/README.md b/mod_sasl2_bind2/README.md
--- a/mod_sasl2_bind2/README.md
+++ b/mod_sasl2_bind2/README.md
@@ -16,5 +16,6 @@ This module depends on [mod_sasl2]. It e
Prosody-Version Status
--------------- ----------------------
- trunk Works as of 2024-12-21
+ trunk Works as of 2025-05-25
+ 0.13 Works
0.12 Does not work
diff --git a/mod_sasl2_fast/README.md b/mod_sasl2_fast/README.md
--- a/mod_sasl2_fast/README.md
+++ b/mod_sasl2_fast/README.md
@@ -33,5 +33,6 @@ clients being logged out unexpectedly.
Prosody-Version Status
--------------- ----------------------
- trunk Works as of 2024-12-21
+ trunk Works as of 2025-05-25
+ 0.13 Work
0.12 Does not work
diff --git a/mod_sasl2_sm/README.md b/mod_sasl2_sm/README.md
--- a/mod_sasl2_sm/README.md
+++ b/mod_sasl2_sm/README.md
@@ -17,5 +17,6 @@ configuration options.
Prosody-Version Status
--------------- ----------------------
- trunk Works as of 2024-12-21
+ trunk Works as of 2025-05-25
+ 0.13 Work
0.12 Does not work
diff --git a/mod_sasl_ssdp/README.md b/mod_sasl_ssdp/README.md
--- a/mod_sasl_ssdp/README.md
+++ b/mod_sasl_ssdp/README.md
@@ -18,8 +18,8 @@ There are no configuration options for t
# Compatibility
-For SASL2 (XEP-0388) clients, it is compatible with the mod_sasl2 community module.
-
-For clients using RFC 6120 SASL, it requires Prosody trunk 33e5edbd6a4a or
-later. It is not compatible with Prosody 0.12 (it will load, but simply
-won't do anything) for "legacy SASL".
+ Prosody-Version Status
+ --------------- ----------------------
+ trunk Works as of 2025-05-25
+ 0.13 Works
+ 0.12 Does not work
| author | Menel <menel@snikket.de> |
|---|---|
| date | Mon, 12 May 2025 11:07:45 +0200 |
| parent | 3386:a76c420eca61 |
| rev | line source |
|---|---|
|
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
1 local st = require "util.stanza"; |
|
3385
762c7e7ee64b
mod_e2e_policy: Verify that the bare JID of stanza to and from is not in the whitelist
Michel Le Bihan <michel@lebihan.pl>
parents:
3219
diff
changeset
|
2 local jid_bare = require "util.jid".bare; |
|
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
3 local host = module.host; |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
4 local e2e_policy_chat = module:get_option_string("e2e_policy_chat", "optional"); -- possible values: none, optional and required |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
5 local e2e_policy_muc = module:get_option_string("e2e_policy_muc", "optional"); -- possible values: none, optional and required |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
6 local e2e_policy_whitelist = module:get_option_set("e2e_policy_whitelist", { }); -- make this module ignore messages sent to and from this JIDs or MUCs |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
7 |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
8 local e2e_policy_message_optional_chat = module:get_option_string("e2e_policy_message_optional_chat", "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for conversations on this server."); |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
9 local e2e_policy_message_required_chat = module:get_option_string("e2e_policy_message_required_chat", "For security reasons, OMEMO, OTR or PGP encryption is required for conversations on this server."); |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
10 local e2e_policy_message_optional_muc = module:get_option_string("e2e_policy_message_optional_muc", "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for MUC on this server."); |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
11 local e2e_policy_message_required_muc = module:get_option_string("e2e_policy_message_required_muc", "For security reasons, OMEMO, OTR or PGP encryption is required for MUC on this server."); |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
12 |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
13 function warn_on_plaintext_messages(event) |
|
2331
611a787e6d08
mod_e2e_policy: Do not reply to error stenzas
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
14 -- check if JID is whitelisted |
|
3386
a76c420eca61
mod_e2e_policy: Fix an error with getting stanza from event
Michel Le Bihan <michel@lebihan.pl>
parents:
3385
diff
changeset
|
15 if e2e_policy_whitelist:contains(jid_bare(event.stanza.attr.from)) or e2e_policy_whitelist:contains(jid_bare(event.stanza.attr.to)) then |
|
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
16 return nil; |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
17 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
18 local body = event.stanza:get_child_text("body"); |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
19 -- do not warn for status messages |
|
2331
611a787e6d08
mod_e2e_policy: Do not reply to error stenzas
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
20 if not body or event.stanza.attr.type == "error" then |
|
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
21 return nil; |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
22 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
23 -- check otr |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
24 if body and body:sub(1,4) == "?OTR" then |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
25 return nil; |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
26 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
27 -- check omemo https://xmpp.org/extensions/inbox/omemo.html |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
28 if event.stanza:get_child("encrypted", "eu.siacs.conversations.axolotl") or event.stanza:get_child("encrypted", "urn:xmpp:omemo:0") then |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
29 return nil; |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
30 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
31 -- check xep27 pgp https://xmpp.org/extensions/xep-0027.html |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
32 if event.stanza:get_child("x", "jabber:x:encrypted") then |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
33 return nil; |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
34 end |
|
2331
611a787e6d08
mod_e2e_policy: Do not reply to error stenzas
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
35 -- check xep373 pgp (OX) https://xmpp.org/extensions/xep-0373.html |
|
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
36 if event.stanza:get_child("openpgp", "urn:xmpp:openpgp:0") then |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
37 return nil; |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
38 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
39 -- no valid encryption found |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
40 if e2e_policy_chat == "optional" and event.stanza.attr.type ~= "groupchat" then |
|
3219
58d61459cdb1
mod_e2e_policy: Always add the 'to' in warning stanzas
Michel Le Bihan <michel@lebihan.pl>
parents:
2331
diff
changeset
|
41 event.origin.send(st.message({ from = host, to = event.stanza.attr.from, type = "headline" }, e2e_policy_message_optional_chat)); |
|
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
42 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
43 if e2e_policy_chat == "required" and event.stanza.attr.type ~= "groupchat" then |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
44 return event.origin.send(st.error_reply(event.stanza, "modify", "policy-violation", e2e_policy_message_required_chat)); |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
45 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
46 if e2e_policy_muc == "optional" and event.stanza.attr.type == "groupchat" then |
|
3219
58d61459cdb1
mod_e2e_policy: Always add the 'to' in warning stanzas
Michel Le Bihan <michel@lebihan.pl>
parents:
2331
diff
changeset
|
47 event.origin.send(st.message({ from = host, to = event.stanza.attr.from, type = "headline" }, e2e_policy_message_optional_muc)); |
|
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
48 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
49 if e2e_policy_muc == "required" and event.stanza.attr.type == "groupchat" then |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
50 return event.origin.send(st.error_reply(event.stanza, "modify", "policy-violation", e2e_policy_message_required_muc)); |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
51 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
52 end |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
53 |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
54 module:hook("pre-message/bare", warn_on_plaintext_messages, 300); |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
55 module:hook("pre-message/full", warn_on_plaintext_messages, 300); |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
56 module:hook("pre-message/host", warn_on_plaintext_messages, 300); |
