prosody-modules
1a6cd0bbb7ab
mod_client_proxy/README.md
Software / code / prosody-modules
File
mod_client_proxy/README.md @ 6110:1a6cd0bbb7ab
mod_compliance_2023: Add 2023 Version of the compliance module, basis is the 2021 Version.
diff --git a/mod_compliance_2023/README.md b/mod_compliance_2023/README.md
new file mode 100644
--- /dev/null
+++ b/mod_compliance_2023/README.md
@@ -0,0 +1,22 @@
+---
+summary: XMPP Compliance Suites 2023 self-test
+labels:
+- Stage-Beta
+rockspec:
+ dependencies:
+ - mod_cloud_notify
+
+...
+
+Compare the list of enabled modules with
+[XEP-0479: XMPP Compliance Suites 2023] and produce basic report to the
+Prosody log file.
+
+If installed with the Prosody plugin installer then all modules needed for a green checkmark should be included. (With prosody 0.12 only [mod_cloud_notify] is not included with prosody and we need the community module)
+
+# Compatibility
+
+ Prosody-Version Status
+ --------------- ----------------------
+ trunk Works as of 2024-12-21
+ 0.12 Works
diff --git a/mod_compliance_2023/mod_compliance_2023.lua b/mod_compliance_2023/mod_compliance_2023.lua
new file mode 100644
--- /dev/null
+++ b/mod_compliance_2023/mod_compliance_2023.lua
@@ -0,0 +1,79 @@
+-- Copyright (c) 2021 Kim Alvefur
+--
+-- This module is MIT licensed.
+
+local hostmanager = require "core.hostmanager";
+
+local array = require "util.array";
+local set = require "util.set";
+
+local modules_enabled = module:get_option_inherited_set("modules_enabled");
+
+for host in pairs(hostmanager.get_children(module.host)) do
+ local component = module:context(host):get_option_string("component_module");
+ if component then
+ modules_enabled:add(component);
+ modules_enabled:include(module:context(host):get_option_set("modules_enabled", {}));
+ end
+end
+
+local function check(suggested, alternate, ...)
+ if set.intersection(modules_enabled, set.new({suggested; alternate; ...})):empty() then return suggested; end
+ return false;
+end
+
+local compliance = {
+ array {"Server"; check("tls"); check("disco")};
+
+ array {"Advanced Server"; check("pep", "pep_simple")};
+
+ array {"Web"; check("bosh"); check("websocket")};
+
+ -- No Server requirements for Advanced Web
+
+ array {"IM"; check("vcard_legacy", "vcard"); check("carbons"); check("http_file_share", "http_upload")};
+
+ array {
+ "Advanced IM";
+ check("vcard_legacy", "vcard");
+ check("blocklist");
+ check("muc");
+ check("private");
+ check("smacks");
+ check("mam");
+ check("bookmarks");
+ };
+
+ array {"Mobile"; check("smacks"); check("csi_simple", "csi_battery_saver")};
+
+ array {"Advanced Mobile"; check("cloud_notify")};
+
+ array {"A/V Calling"; check("turn_external", "external_services", "turncredentials", "extdisco")};
+
+};
+
+function check_compliance()
+ local compliant = true;
+ for _, suite in ipairs(compliance) do
+ local section = suite:pop(1);
+ if module:get_option_boolean("compliance_" .. section:lower():gsub("%A", "_"), true) then
+ local missing = set.new(suite:filter(function(m) return type(m) == "string" end):map(function(m) return "mod_" .. m end));
+ if suite[1] then
+ if compliant then
+ compliant = false;
+ module:log("warn", "Missing some modules for XMPP Compliance 2023");
+ end
+ module:log("info", "%s Compliance: %s", section, missing);
+ end
+ end
+ end
+
+ if compliant then module:log("info", "XMPP Compliance 2023: Compliant ✔️"); end
+end
+
+if prosody.start_time then
+ check_compliance()
+else
+ module:hook_global("server-started", check_compliance);
+end
+
| author | Menel <menel@snikket.de> |
|---|---|
| date | Sun, 22 Dec 2024 16:06:28 +0100 |
| parent | 6003:fe081789f7b5 |
line wrap: on
line source
--- labels: - 'Stage-Alpha' summary: 'Proxy multiple client resources behind a single component' ... What it does ============ This module must be used as a component. For example: Component "proxy.domain.example" "client_proxy" target_address = "some-user@some-domain.example" All IQ requests against the proxy host (in the above example: proxy.domain.example) are sent to a random resource of the target address (in the above example: some-user@some-domain.example). The entity behind the target address is called the "implementing client". The IQ requests are JAT-ed (JAT: Jabber Address Translation) so that when the implementing client answers the IQ request, it is sent back to the component, which reverts the translation and routes the reply back to the user. Let us assume that user@some-domain.example sends a request. The proxy.domain.example component has the client_proxy module loaded and proxies to some-user@some-domain.example. some-user@some-domain.example has two resources, /a and /b. user -> component: <iq type='get' id='1234' to='proxy.domain.example' from='user@some-domain.example/abc'> component -> implementing client: <iq type='get' id='1234' to='some-user@some-domain.example/a' from='proxy.domain.example/encoded-from'> implementing client -> component: <iq type='result' id='1234' to='proxy.domain.example/encoded-from' from='some-user@some-domain.example/a'> component -> user: <iq type='result' id='1234' to='user@some-domain.example/abc' from='proxy.domain.example'> The encoded-from resource used in the exchange between the proxy component and the implementing client is an implementation-defined string which allows the proxy component to revert the JAT. Use cases ========= * Implementation of services within clients instead of components, thus making use of the more advanced authentication features. * Load-balancing requests to different client resources. * General evilness Configuration ============= To use this module, it needs to be loaded on a component: Component "proxy.yourdomain.example" "client_proxy" target_address = "implementation@yourdomain.example" It will then send a subscription request to implementation@yourdomain.example which MUST be accepted: this is required so that the component can detect the resources to which IQ requests can be dispatched. Limitations =========== * It does not handle presence or message stanzas. * It does not allow the implementing client to initiate IQ requests
