Software /
code /
prosody
Annotate
plugins/mod_s2s_bidi.lua @ 10794:4585fe53e21f
MUC: Enforce strict resourceprep when registering room nicknames
If nickname enforcement is enabled this would otherwise let you bypass
the join check in muc.lib by registering an invalid nickname and then
joining with any nickname, letting register.lib change it to the invalid
registered nick.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 02 May 2020 20:12:41 +0200 |
parent | 10458:602dd1e2f399 |
child | 12330:38b5b05407be |
rev | line source |
---|---|
10250
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- Prosody IM |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 -- Copyright (C) 2019 Kim Alvefur |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 -- |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 -- This project is MIT/X11 licensed. Please see the |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 -- COPYING file in the source package for more information. |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 -- |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 local st = require "util.stanza"; |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 local xmlns_bidi_feature = "urn:xmpp:features:bidi" |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 local xmlns_bidi = "urn:xmpp:bidi"; |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
10458
602dd1e2f399
mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Kim Alvefur <zash@zash.se>
parents:
10250
diff
changeset
|
13 local require_encryption = module:get_option_boolean("s2s_require_encryption", false); |
602dd1e2f399
mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Kim Alvefur <zash@zash.se>
parents:
10250
diff
changeset
|
14 |
10250
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 module:hook("s2s-stream-features", function(event) |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 local origin, features = event.origin, event.features; |
10458
602dd1e2f399
mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Kim Alvefur <zash@zash.se>
parents:
10250
diff
changeset
|
17 if origin.type == "s2sin_unauthed" and (not require_encryption or origin.secure) then |
10250
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 features:tag("bidi", { xmlns = xmlns_bidi_feature }):up(); |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 end |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 end); |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 module:hook_tag("http://etherx.jabber.org/streams", "features", function (session, stanza) |
10458
602dd1e2f399
mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Kim Alvefur <zash@zash.se>
parents:
10250
diff
changeset
|
23 if session.type == "s2sout_unauthed" and (not require_encryption or session.secure) then |
10250
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 local bidi = stanza:get_child("bidi", xmlns_bidi_feature); |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 if bidi then |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 session.incoming = true; |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 session.log("debug", "Requesting bidirectional stream"); |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 session.sends2s(st.stanza("bidi", { xmlns = xmlns_bidi })); |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 end |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 end |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 end, 200); |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 module:hook_tag("urn:xmpp:bidi", "bidi", function(session) |
10458
602dd1e2f399
mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Kim Alvefur <zash@zash.se>
parents:
10250
diff
changeset
|
34 if session.type == "s2sin_unauthed" and (not require_encryption or session.secure) then |
10250
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 session.log("debug", "Requested bidirectional stream"); |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 session.outgoing = true; |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 return true; |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 end |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 end); |
1006739de449
mod_s2s_bidi: Enables bi-directional streams via XEP-0288
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 |