prosody-modules
1a6cd0bbb7ab
mod_delegation/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_delegation/README.md @ 6110:1a6cd0bbb7ab

mod_compliance_2023: Add 2023 Version of the compliance module, basis is the 2021 Version. diff --git a/mod_compliance_2023/README.md b/mod_compliance_2023/README.md new file mode 100644 --- /dev/null +++ b/mod_compliance_2023/README.md @@ -0,0 +1,22 @@ +--- +summary: XMPP Compliance Suites 2023 self-test +labels: +- Stage-Beta +rockspec: + dependencies: + - mod_cloud_notify + +... + +Compare the list of enabled modules with +[XEP-0479: XMPP Compliance Suites 2023] and produce basic report to the +Prosody log file. + +If installed with the Prosody plugin installer then all modules needed for a green checkmark should be included. (With prosody 0.12 only [mod_cloud_notify] is not included with prosody and we need the community module) + +# Compatibility + + Prosody-Version Status + --------------- ---------------------- + trunk Works as of 2024-12-21 + 0.12 Works diff --git a/mod_compliance_2023/mod_compliance_2023.lua b/mod_compliance_2023/mod_compliance_2023.lua new file mode 100644 --- /dev/null +++ b/mod_compliance_2023/mod_compliance_2023.lua @@ -0,0 +1,79 @@ +-- Copyright (c) 2021 Kim Alvefur +-- +-- This module is MIT licensed. + +local hostmanager = require "core.hostmanager"; + +local array = require "util.array"; +local set = require "util.set"; + +local modules_enabled = module:get_option_inherited_set("modules_enabled"); + +for host in pairs(hostmanager.get_children(module.host)) do + local component = module:context(host):get_option_string("component_module"); + if component then + modules_enabled:add(component); + modules_enabled:include(module:context(host):get_option_set("modules_enabled", {})); + end +end + +local function check(suggested, alternate, ...) + if set.intersection(modules_enabled, set.new({suggested; alternate; ...})):empty() then return suggested; end + return false; +end + +local compliance = { + array {"Server"; check("tls"); check("disco")}; + + array {"Advanced Server"; check("pep", "pep_simple")}; + + array {"Web"; check("bosh"); check("websocket")}; + + -- No Server requirements for Advanced Web + + array {"IM"; check("vcard_legacy", "vcard"); check("carbons"); check("http_file_share", "http_upload")}; + + array { + "Advanced IM"; + check("vcard_legacy", "vcard"); + check("blocklist"); + check("muc"); + check("private"); + check("smacks"); + check("mam"); + check("bookmarks"); + }; + + array {"Mobile"; check("smacks"); check("csi_simple", "csi_battery_saver")}; + + array {"Advanced Mobile"; check("cloud_notify")}; + + array {"A/V Calling"; check("turn_external", "external_services", "turncredentials", "extdisco")}; + +}; + +function check_compliance() + local compliant = true; + for _, suite in ipairs(compliance) do + local section = suite:pop(1); + if module:get_option_boolean("compliance_" .. section:lower():gsub("%A", "_"), true) then + local missing = set.new(suite:filter(function(m) return type(m) == "string" end):map(function(m) return "mod_" .. m end)); + if suite[1] then + if compliant then + compliant = false; + module:log("warn", "Missing some modules for XMPP Compliance 2023"); + end + module:log("info", "%s Compliance: %s", section, missing); + end + end + end + + if compliant then module:log("info", "XMPP Compliance 2023: Compliant ✔️"); end +end + +if prosody.start_time then + check_compliance() +else + module:hook_global("server-started", check_compliance); +end +
author Menel <menel@snikket.de>
date Sun, 22 Dec 2024 16:06:28 +0100
parent 6003:fe081789f7b5
line wrap: on
line source

---
labels:
- 'Stage-Beta'
summary: 'XEP-0355 (Namespace Delegation) implementation'
...

Introduction
============

Namespace Delegation is an extension which allows server to delegate some
features handling to an entity/component. Typical use case is an external PEP
service, but it can be used more generally when your preferred server lack one
internal feature, and you found an external component which can do it.

Details
=======

You can have all the details by reading the
[XEP-0355](http://xmpp.org/extensions/xep-0355.html). Only the admin mode is
implemented so far.

Usage
=====

To use the module, like usual add **"delegation"** to your *modules\_enabled*.
Note that if you use it with a local component, you also need to activate the
module in your component section:

    modules_enabled = {
            [...]

            "delegation";
    }

    [...]

    Component "youcomponent.yourdomain.tld"
        component_secret = "yourpassword"
        modules_enabled = {"delegation"}

then specify delegated namespaces **in your host section** like that:

    VirtualHost "yourdomain.tld"

        delegations = {
            ["urn:xmpp:mam:2"] = {
                filtering = {"node"};
                jid = "pubsub.yourdomain.tld";
            },
            ["http://jabber.org/protocol/pubsub"] = {
                jid = "pubsub.yourdomain.tld";
            },
            ["http://jabber.org/protocol/pubsub#owner"] = {
                jid = "pubsub.yourdomain.tld";
            },
            ["urn:xmpp:delegation:2:bare:disco#info:*"] = {
                jid = "pubsub.yourdomain.tld";
            },
            ["urn:xmpp:delegation:2:bare:disco#items:*"] = {
                jid = "pubsub.yourdomain.tld";
            },

        }

Here all MAM requests with a "node" attribute (i.e. all MAM pubsub request) will
be delegated to pubsub.yourdomain.tld. Similarly, all pubsub request to the host
(i.e. the PEP requests) will be delegated to pubsub.yourdomain.tld. Check the
XEP for the meaning of "urn:xmpp:delegation:2:bare:disco#info:*" and
"urn:xmpp:delegation:2:bare:disco#items:*".

**/!\ Be extra careful when you give a delegation to an entity/component, it's a
powerful access, only do it if you absolutely trust the component/entity, and
you know where the software is coming from**

Configuration
=============

The configuration is done with a table which map delegated namespace to
namespace data. Namespace data MUST have a **jid** (in the form **jid =
"delegated@domain.tld"**) and MAY have an additional **filtering** array. If
filtering is present, request with attributes in the array will be delegated,
others will be treated normally (i.e. by Prosody).

If you are not a developer, the delegated namespace(s)/attribute(s) are most
probably specified with the external component/entity you want to use.

The pseudo-namespace `http://jabber.org/protocol/disco#items:*` is used to
delegate remaining disco#items (i.e. items nodes not already handled by Prosody
itself).

Compatibility
=============

If you use it with Prosody 0.9 and a component, you need to patch
core/mod\_component.lua to fire a new signal. To do it, copy the following patch
in a, for example, /tmp/component.patch file:

    diff --git a/plugins/mod_component.lua b/plugins/mod_component.lua
    --- a/plugins/mod_component.lua
    +++ b/plugins/mod_component.lua
    @@ -85,6 +85,7 @@
                    session.type = "component";
                    module:log("info", "External component successfully authenticated");
                    session.send(st.stanza("handshake"));
    +               module:fire_event("component-authenticated", { session = session });

                    return true;
            end

Then, at the root of prosody, enter:

`patch -p1 < /tmp/component.patch`

  ----- ----------------------------------------------------
  0.11  Works
  0.10  Works
  0.9   Need a patched core/mod\_component.lua (see above)
  ----- ----------------------------------------------------

Note
====

This module is often used with mod\_privilege (c.f. XEP for more details)