prosody-modules: mod_register_dnsbl/mod_register_dnsbl.lua@adc6241e5d16 (annotated)

2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	1	local adns = require "net.adns";
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	2	local async = require "util.async";
2895 84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	3	local inet_pton = require "util.net".pton;
2896 bf9fc41bf7ad mod_register_dnsbl: Add support for IPv6 DNSBL Kim Alvefur <zash@zash.se> parents: 2895 diff changeset	4	local to_hex = require "util.hex".to;
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	5
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	6	local rbl = module:get_option_string("registration_rbl");
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	7
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	8	local function reverse(ip, suffix)
2895 84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	9	local n, err = inet_pton(ip);
84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	10	if not n then return n, err end
84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	11	if #n == 4 then
84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	12	local a,b,c,d = n:byte(1,4);
84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	13	return ("%d.%d.%d.%d.%s"):format(d,c,b,a, suffix);
2896 bf9fc41bf7ad mod_register_dnsbl: Add support for IPv6 DNSBL Kim Alvefur <zash@zash.se> parents: 2895 diff changeset	14	elseif #n == 16 then
bf9fc41bf7ad mod_register_dnsbl: Add support for IPv6 DNSBL Kim Alvefur <zash@zash.se> parents: 2895 diff changeset	15	return to_hex(n):reverse():gsub("%x", "%1.") .. suffix;
2895 84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	16	end
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	17	end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	18
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	19	module:hook("user-registering", function (event)
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	20	local session, ip = event.session, event.ip;
4122 82482e7e92cb mod_register_dnsbl: Handle missing session in user-registering event (thanks meaz) Matthew Wild <mwild1@gmail.com> parents: 2896 diff changeset	21	local log = (session and session.log) or module._log;
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	22	if not ip then
4122 82482e7e92cb mod_register_dnsbl: Handle missing session in user-registering event (thanks meaz) Matthew Wild <mwild1@gmail.com> parents: 2896 diff changeset	23	log("debug", "Unable to check DNSBL when IP is unknown");
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	24	return;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	25	end
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	26	local rbl_ip, err = reverse(ip, rbl);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	27	if not rbl_ip then
4122 82482e7e92cb mod_register_dnsbl: Handle missing session in user-registering event (thanks meaz) Matthew Wild <mwild1@gmail.com> parents: 2896 diff changeset	28	log("debug", "Unable to check DNSBL for ip %s: %s", ip, err);
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	29	return;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	30	end
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	31
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	32	local wait, done = async.waiter();
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	33	adns.lookup(function (reply)
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	34	if reply and reply[1] and reply[1].a then
4122 82482e7e92cb mod_register_dnsbl: Handle missing session in user-registering event (thanks meaz) Matthew Wild <mwild1@gmail.com> parents: 2896 diff changeset	35	log("debug", "DNSBL response: %s IN A %s", rbl_ip, reply[1].a);
82482e7e92cb mod_register_dnsbl: Handle missing session in user-registering event (thanks meaz) Matthew Wild <mwild1@gmail.com> parents: 2896 diff changeset	36	log("info", "Blocking %s from registering %s (dnsbl hit)", ip, event.username);
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	37	event.allowed = false;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	38	event.reason = "Blocked by DNSBL";
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	39	end
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	40	done();
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	41	end, rbl_ip);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	42	wait();
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	43	end);

author	Kim Alvefur <zash@zash.se>
	Tue, 18 Jan 2022 18:55:20 +0100
changeset 4881	adc6241e5d16
parent 4122	82482e7e92cb
permissions	-rw-r--r--