Software /
code /
prosody-modules
Comparison
mod_s2s_blackwhitelist/mod_s2s_blackwhitelist.lua @ 215:281db5eefcb4
mod_s2s_blackwhitelist: adding blacklist and whitelist plugin for s2s connections
author | Gaurav <gauravsri@gmail.com> |
---|---|
date | Fri, 16 Jul 2010 10:02:31 -0700 |
comparison
equal
deleted
inserted
replaced
214:7487f8b47662 | 215:281db5eefcb4 |
---|---|
1 | |
2 local s2smanager = require "core.s2smanager"; | |
3 local config = require "core.configmanager"; | |
4 local nameprep = require "util.encodings".stringprep.nameprep; | |
5 | |
6 local s2s_blacklist = module:get_option_array("s2s_blacklist"); | |
7 local s2s_whitelist = module:get_option_array("s2s_whitelist"); | |
8 local s2s_enable_blackwhitelist = module:get_option_string("s2s_enable_blackwhitelist"); | |
9 local is_blacklist_enabled = false; | |
10 local is_whitelist_enabled = false; | |
11 | |
12 if s2s_enable_blackwhitelist == "blacklist" then | |
13 if type(s2s_blacklist) == "table" then | |
14 is_blacklist_enabled = true; | |
15 module:log("debug", "s2s-blacklist is enabled"); | |
16 local count=#s2s_blacklist; | |
17 for i=1,count do | |
18 module:log("debug", "s2s-blacklist adding [%s]", s2s_blacklist[i]); | |
19 end | |
20 end | |
21 elseif s2s_enable_blackwhitelist == "whitelist" then | |
22 if type(s2s_whitelist) == "table" then | |
23 is_whitelist_enabled = true; | |
24 module:log("debug", "s2s-whitelist is enabled"); | |
25 local count=#s2s_whitelist; | |
26 for i=1,count do | |
27 module:log("debug", "s2s-whitelist adding [%s]", s2s_whitelist[i]); | |
28 end | |
29 end | |
30 end | |
31 | |
32 local function reload_list() | |
33 s2s_blacklist = module:get_option_array("s2s_blacklist"); | |
34 s2s_whitelist = module:get_option_array("s2s_whitelist"); | |
35 s2s_enable_blackwhitelist = module:get_option_string("s2s_enable_blackwhitelist"); | |
36 | |
37 if s2s_enable_blackwhitelist == "blacklist" then | |
38 if type(s2s_blacklist) == "table" then | |
39 is_blacklist_enabled = true; | |
40 module:log("debug", "s2s-blacklist is enabled"); | |
41 local count=#s2s_blacklist; | |
42 for i=1,count do | |
43 module:log("debug", "s2s-blacklist adding [%s]", s2s_blacklist[i]); | |
44 end | |
45 end | |
46 elseif s2s_enable_blackwhitelist == "whitelist" then | |
47 if type(s2s_whitelist) == "table" then | |
48 is_whitelist_enabled = true; | |
49 module:log("debug", "s2s-whitelist is enabled"); | |
50 local count=#s2s_whitelist; | |
51 for i=1,count do | |
52 module:log("debug", "s2s-whitelist adding [%s]", s2s_whitelist[i]); | |
53 end | |
54 end | |
55 end | |
56 end | |
57 | |
58 local _make_connect = s2smanager.make_connect; | |
59 function s2smanager.make_connect(session, connect_host, connect_port) | |
60 local host = session.to_host; | |
61 if not session.s2sValidation then | |
62 if (host and is_blacklist_enabled == true) then | |
63 local count=#s2s_blacklist; | |
64 for i=1,count do | |
65 if s2s_blacklist[i] == host then | |
66 module:log ("error", "blacklisted host received %s", s2s_blacklist[i]); | |
67 s2smanager.destroy_session(session, "This host does not serve "..host); | |
68 return false; | |
69 end | |
70 end | |
71 elseif (host and is_whitelist_enabled == true) then | |
72 local count=#s2s_whitelist; | |
73 local found=false; | |
74 for i=1,count do | |
75 if s2s_whitelist[i] == host then | |
76 found=true; | |
77 end | |
78 end | |
79 if found == false then | |
80 module:log ("error", "host %s couldn't be found in whitelist", host); | |
81 s2smanager.destroy_session(session, "This host does not serve "..host); | |
82 return false; | |
83 end | |
84 end | |
85 end | |
86 return _make_connect(session, connect_host, connect_port); | |
87 end | |
88 | |
89 local _stream_opened = s2smanager.streamopened; | |
90 function s2smanager.streamopened(session, attr) | |
91 local host = attr.from and nameprep(attr.from); | |
92 if not host then | |
93 session.s2sValidation = false; | |
94 else | |
95 session.s2sValidation = true; | |
96 end | |
97 | |
98 if (host and is_blacklist_enabled == true) then | |
99 local count=#s2s_blacklist; | |
100 for i=1,count do | |
101 if s2s_blacklist[i] == host then | |
102 module:log ("error", "blacklisted host received %s", s2s_blacklist[i]); | |
103 session:close({condition = "host-unknown", text = "This host does not serve " .. host}); | |
104 return; | |
105 end | |
106 end | |
107 elseif (host and is_whitelist_enabled == true) then | |
108 local count=#s2s_whitelist; | |
109 local found=false; | |
110 for i=1,count do | |
111 if s2s_whitelist[i] == host then | |
112 found=true; | |
113 end | |
114 end | |
115 if found == false then | |
116 module:log ("error", "host %s couldn't be found in whitelist", host); | |
117 session:close({condition = "host-unknown", text = "This host does not serve " .. host}); | |
118 return; | |
119 end | |
120 end | |
121 _stream_opened(session, attr); | |
122 end | |
123 | |
124 | |
125 local function server_dialback_result_hook (event) | |
126 local origin, stanza = event.origin, event.stanza; | |
127 | |
128 if origin.type == "s2sin" or origin.type == "s2sin_unauthed" then | |
129 | |
130 local host = stanza.attr.from; | |
131 | |
132 if (host and is_blacklist_enabled == true) then | |
133 local count=#s2s_blacklist; | |
134 for i=1,count do | |
135 if s2s_blacklist[i] == host then | |
136 module:log ("error", "blacklisted host received %s", s2s_blacklist[i]); | |
137 origin:close({condition = "host-unknown", text = "This host does not serve " .. host}); | |
138 return true; | |
139 end | |
140 end | |
141 elseif (host and is_whitelist_enabled == true) then | |
142 local count=#s2s_whitelist; | |
143 local found=false; | |
144 for i=1,count do | |
145 if s2s_whitelist[i] == host then | |
146 found=true; | |
147 end | |
148 end | |
149 if found == false then | |
150 module:log ("error", "host %s couldn't be found in whitelist", host); | |
151 origin:close({condition = "host-unknown", text = "This host does not serve " .. host}); | |
152 return true; | |
153 end | |
154 end | |
155 | |
156 end | |
157 | |
158 return nil; | |
159 end | |
160 | |
161 local function handle_activated_host (host) | |
162 if (hosts[host] and hosts[host].events) then | |
163 hosts[host].events.add_handler("stanza/jabber:server:dialback:result", server_dialback_result_hook, 100); | |
164 module:log ("debug", "adding hook for %s", host); | |
165 end | |
166 end | |
167 | |
168 local function handle_deactivated_host (host) | |
169 if (hosts[host] and hosts[host].events) then | |
170 hosts[host].events.remove_handler("stanza/jabber:server:dialback:result", server_dialback_result_hook); | |
171 module:log ("debug", "removing hook for %s", host); | |
172 end | |
173 end | |
174 | |
175 prosody.events.add_handler("host-activated", handle_activated_host); | |
176 prosody.events.add_handler("component-activated", handle_activated_host); | |
177 prosody.events.add_handler("host-deactivated", handle_deactivated_host); | |
178 prosody.events.add_handler("component-deactivated", handle_deactivated_host); | |
179 prosody.events.add_handler("config-reloaded", reload_list); | |
180 | |
181 for name, host in pairs(hosts) do | |
182 if host and host.events then | |
183 host.events.add_handler("stanza/jabber:server:dialback:result", server_dialback_result_hook, 100); | |
184 module:log ("debug", "adding hook for %s", name); | |
185 end | |
186 end | |
187 |