Software /
code /
prosody-modules
Annotate
mod_e2e_policy/mod_e2e_policy.lua @ 2244:e0663dcd934d
mod_storage_ejabberd_readonly: Fix the key for the private store, it’s node:namespace but just namespace in Ejabberd
author | Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> |
---|---|
date | Sun, 24 Jul 2016 17:14:13 +0100 |
parent | 2212:57dcad6543c9 |
child | 2331:611a787e6d08 |
rev | line source |
---|---|
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
1 local st = require "util.stanza"; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
2 local host = module.host; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
3 local e2e_policy_chat = module:get_option_string("e2e_policy_chat", "optional"); -- possible values: none, optional and required |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
4 local e2e_policy_muc = module:get_option_string("e2e_policy_muc", "optional"); -- possible values: none, optional and required |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
5 local e2e_policy_whitelist = module:get_option_set("e2e_policy_whitelist", { }); -- make this module ignore messages sent to and from this JIDs or MUCs |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
6 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
7 local e2e_policy_message_optional_chat = module:get_option_string("e2e_policy_message_optional_chat", "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for conversations on this server."); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
8 local e2e_policy_message_required_chat = module:get_option_string("e2e_policy_message_required_chat", "For security reasons, OMEMO, OTR or PGP encryption is required for conversations on this server."); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
9 local e2e_policy_message_optional_muc = module:get_option_string("e2e_policy_message_optional_muc", "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for MUC on this server."); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
10 local e2e_policy_message_required_muc = module:get_option_string("e2e_policy_message_required_muc", "For security reasons, OMEMO, OTR or PGP encryption is required for MUC on this server."); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
11 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
12 function warn_on_plaintext_messages(event) |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
13 if e2e_policy_whitelist:contains(event.stanza.attr.from) or e2e_policy_whitelist:contains(event.stanza.attr.to) then -- check if JID is whitelisted |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
14 return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
15 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
16 local body = event.stanza:get_child_text("body"); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
17 -- do not warn for status messages |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
18 if not body then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
19 return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
20 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
21 -- check otr |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
22 if body and body:sub(1,4) == "?OTR" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
23 return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
24 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
25 -- check omemo https://xmpp.org/extensions/inbox/omemo.html |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
26 if event.stanza:get_child("encrypted", "eu.siacs.conversations.axolotl") or event.stanza:get_child("encrypted", "urn:xmpp:omemo:0") then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
27 return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
28 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
29 -- check xep27 pgp https://xmpp.org/extensions/xep-0027.html |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
30 if event.stanza:get_child("x", "jabber:x:encrypted") then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
31 return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
32 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
33 -- check xep373 pgp (OX) https://xmpp.org/extensions/xep-0373.html |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
34 if event.stanza:get_child("openpgp", "urn:xmpp:openpgp:0") then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
35 return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
36 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
37 -- no valid encryption found |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
38 if e2e_policy_chat == "optional" and event.stanza.attr.type ~= "groupchat" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
39 event.origin.send(st.message({ from = host, type = "headline" }, e2e_policy_message_optional_chat)); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
40 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
41 if e2e_policy_chat == "required" and event.stanza.attr.type ~= "groupchat" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
42 return event.origin.send(st.error_reply(event.stanza, "modify", "policy-violation", e2e_policy_message_required_chat)); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
43 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
44 if e2e_policy_muc == "optional" and event.stanza.attr.type == "groupchat" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
45 event.origin.send(st.message({ from = host, type = "headline" }, e2e_policy_message_optional_muc)); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
46 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
47 if e2e_policy_muc == "required" and event.stanza.attr.type == "groupchat" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
48 return event.origin.send(st.error_reply(event.stanza, "modify", "policy-violation", e2e_policy_message_required_muc)); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
49 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
50 end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
51 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
52 module:hook("pre-message/bare", warn_on_plaintext_messages, 300); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
53 module:hook("pre-message/full", warn_on_plaintext_messages, 300); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
54 module:hook("pre-message/host", warn_on_plaintext_messages, 300); |