Annotate

mod_adhoc_blacklist/mod_adhoc_blacklist.lua @ 5458:813fe4f76286

mod_http_oauth2: Do minimal validation of private-use URI schemes Per draft-ietf-oauth-v2-1-08#section-2.3.1 > At a minimum, any private-use URI scheme that doesn't contain a period > character (.) SHOULD be rejected. Since this would rule out the OOB URI, which is useful for CLI tools and such without a built-in http server, it is explicitly allowed.
author Kim Alvefur <zash@zash.se>
date Tue, 16 May 2023 22:18:12 +0200
parent 1736:efbb73851af9
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1734
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- mod_adhoc_blacklist
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 --
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 -- http://xmpp.org/extensions/xep-0133.html#edit-blacklist
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 --
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 -- Copyright (C) 2015 Kim Alvefur
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6 --
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
7 -- This file is MIT/X11 licensed.
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 --
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 module:depends("adhoc");
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 local adhoc = module:require "adhoc";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 local st = require"util.stanza";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13 local set = require"util.set";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 local dataform = require"util.dataforms";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 local adhoc_inital_data = require "util.adhoc".new_initial_data_form;
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 local blocklist_form = dataform.new {
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 title = "Editing the Blacklist";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 instructions = "Fill out this form to edit the list of entities with whom communications are disallowed.";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 {
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 type = "hidden";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 name = "FORM_TYPE";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 value = "http://jabber.org/protocol/admin";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 };
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 {
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 type = "jid-multi";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27 name = "blacklistjids";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 label = "The blacklist";
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 };
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 }
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 local blocklists = module:open_store("blocklist");
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
34 local blocklist_handler = adhoc_inital_data(blocklist_form, function ()
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35 local blacklistjids = {};
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 local blacklist = blocklists:get();
1736
efbb73851af9 mod_adhoc_blacklist: Fix traceback if blacklist is empty
Kim Alvefur <zash@zash.se>
parents: 1734
diff changeset
37 if blacklist then
efbb73851af9 mod_adhoc_blacklist: Fix traceback if blacklist is empty
Kim Alvefur <zash@zash.se>
parents: 1734
diff changeset
38 for jid in pairs(blacklist) do
efbb73851af9 mod_adhoc_blacklist: Fix traceback if blacklist is empty
Kim Alvefur <zash@zash.se>
parents: 1734
diff changeset
39 table.insert(blacklistjids, jid);
efbb73851af9 mod_adhoc_blacklist: Fix traceback if blacklist is empty
Kim Alvefur <zash@zash.se>
parents: 1734
diff changeset
40 end
1734
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
41 end
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
42 return { blacklistjids = blacklistjids };
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
43 end, function(fields, form_err)
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
44 if form_err then
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
45 return { status = "completed", error = { message = "Problem in submitted form" } };
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
46 end
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
47 local blacklistjids = set.new(fields.blacklistjids);
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
48 local ok, err = blocklists:set(nil, blacklistjids._items);
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
49 if ok then
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
50 return { status = "completed", info = "Blacklist updated" };
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
51 else
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
52 return { status = "completed", error = { message = "Error saving blacklist: "..err } };
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
53 end
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
54 end);
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
55
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
56 module:add_item("adhoc", adhoc.new("Edit Blacklist", "http://jabber.org/protocol/admin#edit-blacklist", blocklist_handler, "admin"));
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
57
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
58 local function is_blocked(host)
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
59 local blacklistjids = blocklists:get();
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
60 return blacklistjids and blacklistjids[host];
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
61 end
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
62
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
63 module:hook("route/remote", function (event)
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
64 local origin, stanza = event.origin, event.stanza;
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
65 if is_blocked(event.to_host) then
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
66 if origin and stanza then
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
67 origin.send(st.error_reply(stanza, "cancel", "not-allowed", "Communication with this domain is not allowed"));
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
68 return true;
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
69 end
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
70 return false;
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
71 end
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
72 end, 1000);
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
73
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
74
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
75 module:hook("s2s-stream-features", function (event)
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
76 local session = event.origin;
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
77 if is_blocked(session.from_host) then
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
78 session:close("policy-violation");
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
79 return false;
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
80 end
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
81 end, 1000);
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
82
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
83 module:hook("stanza/http://etherx.jabber.org/streams:features", function (event)
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
84 local session = event.origin;
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
85 if is_blocked(session.to_host) then
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
86 session:close("policy-violation");
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
87 return true;
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
88 end
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
89 end, 1000);
d82b03e79d8b mod_adhoc_blacklist: Provides the Edit Blacklist command described in XEP-0133 and uses this to block s2s connections
Kim Alvefur <zash@zash.se>
parents:
diff changeset
90