File

mod_host_blacklist/mod_host_blacklist.lua @ 4270:243f7b0dbf35

mod_http_oauth2: Reduce authorization code validity time to 2 minutes RFC 6749 states > A maximum authorization code lifetime of 10 minutes is RECOMMENDED. So 15 minutes was way too long. I was thinking 5 minutes at first but since this should generally be instant, I settled on 2 minutes as a large guesstimate on how slow it might be on slow links.
author Kim Alvefur <zash@zash.se>
date Sun, 22 Nov 2020 18:46:25 +0100
parent 1182:547b3c05cc06
line wrap: on
line source

local jid_split = require "util.jid".split;
local st = require "util.stanza";
local set = require "util.set";
local select = select;

local blacklist = module:get_option_inherited_set("host_blacklist", {});

local function stanza_checker(attr)
	return function (event)
		local host = select(2, jid_split(event.stanza.attr[attr]));
		if blacklist:contains(host) then
			module:send(st.error_reply(event.stanza, "cancel", "not-allowed", "Communication with this domain is restricted"));
			return true;
		end
	end
end

check_incoming_stanza = stanza_checker("from");
check_outgoing_stanza = stanza_checker("to");

for stanza_type in set.new{"presence","message","iq"}:items() do
	for jid_type in set.new{"bare", "full", "host"}:items() do
		module:hook("pre-"..stanza_type.."/"..jid_type, check_outgoing_stanza, 500);
		module:hook(stanza_type.."/"..jid_type, check_incoming_stanza, 500);
	end
end