prosody-modules
1a6cd0bbb7ab
mod_muc_ban_ip/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_muc_ban_ip/README.md @ 6110:1a6cd0bbb7ab

mod_compliance_2023: Add 2023 Version of the compliance module, basis is the 2021 Version. diff --git a/mod_compliance_2023/README.md b/mod_compliance_2023/README.md new file mode 100644 --- /dev/null +++ b/mod_compliance_2023/README.md @@ -0,0 +1,22 @@ +--- +summary: XMPP Compliance Suites 2023 self-test +labels: +- Stage-Beta +rockspec: + dependencies: + - mod_cloud_notify + +... + +Compare the list of enabled modules with +[XEP-0479: XMPP Compliance Suites 2023] and produce basic report to the +Prosody log file. + +If installed with the Prosody plugin installer then all modules needed for a green checkmark should be included. (With prosody 0.12 only [mod_cloud_notify] is not included with prosody and we need the community module) + +# Compatibility + + Prosody-Version Status + --------------- ---------------------- + trunk Works as of 2024-12-21 + 0.12 Works diff --git a/mod_compliance_2023/mod_compliance_2023.lua b/mod_compliance_2023/mod_compliance_2023.lua new file mode 100644 --- /dev/null +++ b/mod_compliance_2023/mod_compliance_2023.lua @@ -0,0 +1,79 @@ +-- Copyright (c) 2021 Kim Alvefur +-- +-- This module is MIT licensed. + +local hostmanager = require "core.hostmanager"; + +local array = require "util.array"; +local set = require "util.set"; + +local modules_enabled = module:get_option_inherited_set("modules_enabled"); + +for host in pairs(hostmanager.get_children(module.host)) do + local component = module:context(host):get_option_string("component_module"); + if component then + modules_enabled:add(component); + modules_enabled:include(module:context(host):get_option_set("modules_enabled", {})); + end +end + +local function check(suggested, alternate, ...) + if set.intersection(modules_enabled, set.new({suggested; alternate; ...})):empty() then return suggested; end + return false; +end + +local compliance = { + array {"Server"; check("tls"); check("disco")}; + + array {"Advanced Server"; check("pep", "pep_simple")}; + + array {"Web"; check("bosh"); check("websocket")}; + + -- No Server requirements for Advanced Web + + array {"IM"; check("vcard_legacy", "vcard"); check("carbons"); check("http_file_share", "http_upload")}; + + array { + "Advanced IM"; + check("vcard_legacy", "vcard"); + check("blocklist"); + check("muc"); + check("private"); + check("smacks"); + check("mam"); + check("bookmarks"); + }; + + array {"Mobile"; check("smacks"); check("csi_simple", "csi_battery_saver")}; + + array {"Advanced Mobile"; check("cloud_notify")}; + + array {"A/V Calling"; check("turn_external", "external_services", "turncredentials", "extdisco")}; + +}; + +function check_compliance() + local compliant = true; + for _, suite in ipairs(compliance) do + local section = suite:pop(1); + if module:get_option_boolean("compliance_" .. section:lower():gsub("%A", "_"), true) then + local missing = set.new(suite:filter(function(m) return type(m) == "string" end):map(function(m) return "mod_" .. m end)); + if suite[1] then + if compliant then + compliant = false; + module:log("warn", "Missing some modules for XMPP Compliance 2023"); + end + module:log("info", "%s Compliance: %s", section, missing); + end + end + end + + if compliant then module:log("info", "XMPP Compliance 2023: Compliant ✔️"); end +end + +if prosody.start_time then + check_compliance() +else + module:hook_global("server-started", check_compliance); +end +
author Menel <menel@snikket.de>
date Sun, 22 Dec 2024 16:06:28 +0100
parent 6003:fe081789f7b5
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: Ban users from chatrooms by their IP address
...

Introduction
============

One frequent complaint about XMPP chatrooms (MUCs) compared to IRC is
the inability for a room admin to ban a user based on their IP address.
This is because an XMPP user is not identified on the network by their
IP address, only their JID.

This means that it is possible to create a new account (usually quite
easily), and rejoin the room that you were banned from.

This module allows the **user's** server to enforce bans by IP address,
which is very desirable for server admins who want to prevent their
server being used for spamming and abusive behaviour.

Details
=======

An important point to note is that this module enforces the IP ban on
the banned user's server, not on the MUC server. This means that:

-   The user's server MUST have this module loaded, however -
-   The module works even when the MUC is on a different server to the
    user
-   The MUC server does not need this module (it only needs to support
    the [standard ban
    protocol](http://xmpp.org/extensions/xep-0045.html#ban))
-   The module works for effectively banning [anonymous
    users](http://prosody.im/doc/anonymous_logins)

Also note that IP bans are not saved permanently, and are reset upon a
server restart.

Configuration
=============

There is no extra configuration for this module except for loading it.
Remember... do not load it on the MUC host, simply add it to your global
`modules_enabled` list, or under a specific host like:

``` lua
VirtualHost "anon.example.com"
  authentication = "anonymous"
  modules_enabled = { "muc_ban_ip" }
```

Compatibility
=============

  ----- --------------
  0.9   Works
  0.8   Doesn't work
  ----- --------------