author | Matthew Wild <mwild1@gmail.com> |
Sat, 03 Sep 2022 17:45:03 +0100 | |
changeset 5036 | 71a84474fcfb |
parent 4655 | 8231774f5bfd |
child 5058 | 62480053c87b |
permissions | -rw-r--r-- |
4460
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
1 |
local array = require "util.array"; |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
local base64 = require "util.encodings".base64; |
4655
8231774f5bfd
mod_cloud_notify_encrypted: Ensure body substring remains valid UTF-8
Kim Alvefur <zash@zash.se>
parents:
4654
diff
changeset
|
3 |
local valid_utf8 = require "util.encodings".utf8.valid; |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 |
local ciphers = require "openssl.cipher"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
local jid = require "util.jid"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
local json = require "util.json"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 |
local random = require "util.random"; |
4460
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
8 |
local set = require "util.set"; |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
local st = require "util.stanza"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
local xmlns_jmi = "urn:xmpp:jingle-message:0"; |
4469
2a7a76712e71
mod_cloud_notify_encrypted: Fix expected namespace of JMI description element
Matthew Wild <mwild1@gmail.com>
parents:
4461
diff
changeset
|
12 |
local xmlns_jingle_apps_rtp = "urn:xmpp:jingle:apps:rtp:1"; |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 |
local xmlns_push = "urn:xmpp:push:0"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 |
local xmlns_push_encrypt = "tigase:push:encrypt:0"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
local xmlns_push_encrypt_aes_128_gcm = "tigase:push:encrypt:aes-128-gcm"; |
4471
6d595857164a
mod_cloud_notify_encrypted: Advertise support for JMI push notifications
Matthew Wild <mwild1@gmail.com>
parents:
4470
diff
changeset
|
16 |
local xmlns_push_jingle = "tigase:push:jingle:0"; |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
|
4654
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
18 |
local function detect_stanza_encryption(stanza) |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
19 |
local eme = stanza:get_child("encryption", "urn:xmpp:eme:0"); |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
20 |
if eme then return eme.attr.namespace or ""; end |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
21 |
-- Fallback for legacy OMEMO clients without EME |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
22 |
local omemo = stanza:get_child("encrypted", "eu.siacs.conversations.axolotl"); |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
23 |
if omemo then return "eu.siacs.conversations.axolotl"; end |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
24 |
end |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
25 |
|
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 |
-- https://xeps.tigase.net//docs/push-notifications/encrypt/#41-discovering-support |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 |
local function account_disco_info(event) |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 |
event.reply:tag("feature", {var=xmlns_push_encrypt}):up(); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 |
event.reply:tag("feature", {var=xmlns_push_encrypt_aes_128_gcm}):up(); |
4471
6d595857164a
mod_cloud_notify_encrypted: Advertise support for JMI push notifications
Matthew Wild <mwild1@gmail.com>
parents:
4470
diff
changeset
|
30 |
event.reply:tag("feature", {var=xmlns_push_jingle}):up(); |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 |
end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 |
module:hook("account-disco-info", account_disco_info); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 |
function handle_register(event) |
4333
2a5164162708
mod_cloud_notify_encrypted: Fix the location of the <encrypt> element in push registrations
Matthew Wild <mwild1@gmail.com>
parents:
4331
diff
changeset
|
35 |
local encrypt = event.stanza:get_child("enable", xmlns_push):get_child("encrypt", xmlns_push_encrypt); |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 |
if not encrypt then return; end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
38 |
local algorithm = encrypt.attr.alg; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 |
if algorithm ~= "aes-128-gcm" then |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 |
event.origin.send(st.error_reply( |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 |
event.stanza, "modify", "feature-not-implemented", "Unknown encryption algorithm" |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 |
)); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 |
return false; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 |
end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 |
local key_base64 = encrypt:get_text(); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 |
local key_binary = base64.decode(key_base64); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 |
if not key_binary or #key_binary ~= 16 then |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 |
event.origin.send(st.error_reply( |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 |
event.stanza, "modify", "bad-request", "Invalid encryption key" |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 |
)); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 |
return false; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 |
end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
54 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 |
event.push_info.encryption = { |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 |
algorithm = algorithm; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 |
key_base64 = key_base64; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 |
}; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 |
end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 |
function handle_push(event) |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 |
local encryption = event.push_info.encryption; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 |
if not encryption then return; end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 |
if encryption.algorithm ~= "aes-128-gcm" then |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
66 |
event.reason = "Unsupported encryption algorithm: "..tostring(encryption.algorithm); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
67 |
return true; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
68 |
end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
69 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 |
local push_summary = event.push_summary; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 |
local original_stanza = event.original_stanza; |
4654
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
73 |
local is_encrypted_msg = detect_stanza_encryption(original_stanza); |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
74 |
local body; |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
75 |
if is_encrypted_msg then |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
76 |
-- TODO: localization |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
77 |
body = "You have received an encrypted message"; |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
78 |
else |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
79 |
body = original_stanza:get_child_text("body"); |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
80 |
if body and #body > 255 then |
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
81 |
body = body:sub(1, 255); |
4655
8231774f5bfd
mod_cloud_notify_encrypted: Ensure body substring remains valid UTF-8
Kim Alvefur <zash@zash.se>
parents:
4654
diff
changeset
|
82 |
if not valid_utf8(body) then |
8231774f5bfd
mod_cloud_notify_encrypted: Ensure body substring remains valid UTF-8
Kim Alvefur <zash@zash.se>
parents:
4654
diff
changeset
|
83 |
body = body:gsub("[\194-\244][\128-\191]*$", ""); |
8231774f5bfd
mod_cloud_notify_encrypted: Ensure body substring remains valid UTF-8
Kim Alvefur <zash@zash.se>
parents:
4654
diff
changeset
|
84 |
end |
4654
44af84178cea
mod_cloud_notify_encrypted: For encrypted messages, push a friendly message instead of fallback body
Matthew Wild <mwild1@gmail.com>
parents:
4471
diff
changeset
|
85 |
end |
4335
2e355540f8c8
mod_cloud_notify_encrypted: Truncate message body to 255 characters
Matthew Wild <mwild1@gmail.com>
parents:
4334
diff
changeset
|
86 |
end |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 |
local push_payload = { |
4334
e655581173be
mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
Matthew Wild <mwild1@gmail.com>
parents:
4333
diff
changeset
|
89 |
unread = tonumber(push_summary["message-count"]) or 1; |
e655581173be
mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
Matthew Wild <mwild1@gmail.com>
parents:
4333
diff
changeset
|
90 |
sender = jid.bare(original_stanza.attr.from); |
e655581173be
mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
Matthew Wild <mwild1@gmail.com>
parents:
4333
diff
changeset
|
91 |
message = body; |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 |
}; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 |
if original_stanza.name == "message" then |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 |
if original_stanza.attr.type == "groupchat" then |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 |
push_payload.type = "groupchat"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 |
push_payload.nickname = jid.resource(original_stanza.attr.from); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
98 |
elseif original_stanza.attr.type ~= "error" then |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 |
local jmi_propose = original_stanza:get_child("propose", xmlns_jmi); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 |
if jmi_propose then |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 |
push_payload.type = "call"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 |
push_payload.sid = jmi_propose.attr.id; |
4460
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
103 |
local media_types = set.new(); |
4469
2a7a76712e71
mod_cloud_notify_encrypted: Fix expected namespace of JMI description element
Matthew Wild <mwild1@gmail.com>
parents:
4461
diff
changeset
|
104 |
for description in jmi_propose:childtags("description", xmlns_jingle_apps_rtp) do |
4460
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
105 |
local media_type = description.attr.media; |
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
106 |
if media_type then |
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
107 |
media_types:add(media_type); |
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
108 |
end |
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
109 |
end |
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
110 |
push_payload.media = array.collect(media_types:items()); |
4470
38bd4d557413
mod_cloud_notify_encrypted: Include full JID of sender with call notifications, per spec
Matthew Wild <mwild1@gmail.com>
parents:
4469
diff
changeset
|
111 |
push_payload.sender = original_stanza.attr.from; |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
112 |
else |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
113 |
push_payload.type = "chat"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
114 |
end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
115 |
end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
116 |
elseif original_stanza.name == "presence" |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
117 |
and original_stanza.attr.type == "subscribe" then |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
118 |
push_payload.type = "subscribe"; |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
119 |
end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
120 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
121 |
local iv = random.bytes(12); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
122 |
local key_binary = base64.decode(encryption.key_base64); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
123 |
local push_json = json.encode(push_payload); |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
124 |
|
4334
e655581173be
mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
Matthew Wild <mwild1@gmail.com>
parents:
4333
diff
changeset
|
125 |
-- FIXME: luaossl does not expose the EVP_CTRL_GCM_GET_TAG API, so we append 16 NUL bytes |
e655581173be
mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
Matthew Wild <mwild1@gmail.com>
parents:
4333
diff
changeset
|
126 |
-- Siskin does not validate the tag anyway. |
e655581173be
mod_cloud_notify_encrypted: Fixes to the push notification syntax and payload
Matthew Wild <mwild1@gmail.com>
parents:
4333
diff
changeset
|
127 |
local encrypted_payload = base64.encode(ciphers.new("AES-128-GCM"):encrypt(key_binary, iv):final(push_json)..string.rep("\0", 16)); |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
128 |
local encrypted_element = st.stanza("encrypted", { xmlns = xmlns_push_encrypt, iv = base64.encode(iv) }) |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
129 |
:text(encrypted_payload); |
4460
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
130 |
if push_payload.type == "call" then |
4461
091d06c7d724
mod_cloud_notify_encrypted: Fix traceback (incorrect variable name)
Matthew Wild <mwild1@gmail.com>
parents:
4460
diff
changeset
|
131 |
encrypted_element.attr.type = "voip"; |
4460
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
132 |
event.important = true; |
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
133 |
end |
4337
97f369745ec7
mod_cloud_notify_encrypted: Use new direct access to notification element
Matthew Wild <mwild1@gmail.com>
parents:
4335
diff
changeset
|
134 |
-- Replace the unencrypted notification data with the encrypted one |
97f369745ec7
mod_cloud_notify_encrypted: Use new direct access to notification element
Matthew Wild <mwild1@gmail.com>
parents:
4335
diff
changeset
|
135 |
event.notification_payload |
97f369745ec7
mod_cloud_notify_encrypted: Use new direct access to notification element
Matthew Wild <mwild1@gmail.com>
parents:
4335
diff
changeset
|
136 |
:remove_children("x", "jabber:x:data") |
97f369745ec7
mod_cloud_notify_encrypted: Use new direct access to notification element
Matthew Wild <mwild1@gmail.com>
parents:
4335
diff
changeset
|
137 |
:add_child(encrypted_element); |
4331
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
138 |
end |
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
139 |
|
beb3342f1137
mod_cloud_notify_encrypted: New module for Encrypted Push Notifications
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
140 |
module:hook("cloud_notify/registration", handle_register); |
4460
8ed1989e99f9
mod_cloud_notify_encrypted: Update to latest spec, fixes unreliable call notifications
Matthew Wild <mwild1@gmail.com>
parents:
4377
diff
changeset
|
141 |
module:hook("cloud_notify/push", handle_push, 1); |