| author | Matthew Wild <mwild1@gmail.com> |
| Thu, 13 Dec 2018 10:35:26 +0000 | |
| changeset 3407 | 823027110e29 |
| parent 1655 | 933403ee07ec |
| child 3999 | 4c9805f29f2d |
| permissions | -rw-r--r-- |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 |
module:set_global(); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
|
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
local jid_bare = require "util.jid".bare; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 |
local st = require "util.stanza"; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
local xmlns_muc_user = "http://jabber.org/protocol/muc#user"; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
|
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 |
local ip_bans = module:shared("bans"); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 |
local full_sessions = prosody.full_sessions; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
|
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
local function ban_ip(session, from) |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
local ip = session.ip; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
if not ip then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 |
module:log("warn", "Failed to ban IP (IP unknown) for %s", session.full_jid); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 |
return; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 |
local banned_from = ip_bans[ip]; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
if not banned_from then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 |
banned_from = {}; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 |
ip_bans[ip] = banned_from; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 |
banned_from[from] = true; |
|
3407
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1655
diff
changeset
|
22 |
module:log("debug", "Added ban for IP address %s from %s", ip, from); |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 |
|
|
1655
933403ee07ec
mod_muc_ban_ip: Cleanup [luacheck]
Kim Alvefur <zash@zash.se>
parents:
1651
diff
changeset
|
25 |
local function check_for_incoming_ban(event) |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 |
local stanza = event.stanza; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 |
local to_session = full_sessions[stanza.attr.to]; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 |
if to_session then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 |
local directed = to_session.directed; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 |
local from = stanza.attr.from; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 |
if directed and directed[from] and stanza.attr.type == "unavailable" then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 |
-- This is a stanza from somewhere we sent directed presence to (may be a MUC) |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 |
local x = stanza:get_child("x", xmlns_muc_user); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 |
if x then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 |
for status in x:childtags("status") do |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 |
if status.attr.code == '301' then |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 |
ban_ip(to_session, jid_bare(from)); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
38 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 |
|
|
1655
933403ee07ec
mod_muc_ban_ip: Cleanup [luacheck]
Kim Alvefur <zash@zash.se>
parents:
1651
diff
changeset
|
45 |
local function check_for_ban(event) |
|
3407
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1655
diff
changeset
|
46 |
local origin, stanza = event.origin, event.stanza; |
|
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1655
diff
changeset
|
47 |
local ip = origin.ip; |
|
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1655
diff
changeset
|
48 |
local to = jid_bare(stanza.attr.to); |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 |
if ip_bans[ip] and ip_bans[ip][to] then |
|
3407
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1655
diff
changeset
|
50 |
origin.log("debug", "IP banned: %s is banned from %s", ip, to) |
|
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1655
diff
changeset
|
51 |
origin.send(st.error_reply(stanza, "auth", "forbidden") |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 |
:tag("x", { xmlns = xmlns_muc_user }) |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 |
:tag("status", { code = '301' })); |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
54 |
return true; |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 |
end |
|
3407
823027110e29
mod_muc_ban_ip: Improve logging to use session, and log when a ban is enforced
Matthew Wild <mwild1@gmail.com>
parents:
1655
diff
changeset
|
56 |
origin.log("debug", "IP not banned: %s from %s", ip, to) |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 |
end |
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 |
|
|
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 |
function module.add_host(module) |
|
1651
8860405e2af6
mod_muc_ban_ip: Increase priority of hooks, fixes if eg mod_presence gets called first
Kim Alvefur <zash@zash.se>
parents:
1005
diff
changeset
|
60 |
module:hook("presence/full", check_for_incoming_ban, 100); |
|
8860405e2af6
mod_muc_ban_ip: Increase priority of hooks, fixes if eg mod_presence gets called first
Kim Alvefur <zash@zash.se>
parents:
1005
diff
changeset
|
61 |
module:hook("pre-presence/full", check_for_ban, 100); |
|
1005
591590de34ef
mod_muc_ban_ip: When a user is banned from a MUC, ban their IP from the MUC also (works for remote rooms too)
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 |
end |