mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL
--- a/mod_register_dnsbl/README.markdown Fri Feb 23 21:50:47 2018 +0100
+++ b/mod_register_dnsbl/README.markdown Fri Feb 23 21:56:42 2018 +0100
@@ -1,8 +1,8 @@
Introduction
============
-This module checks the IP address of newly registered users against a
-DNS block list. If a positive match is found, it gets logged.
+This module checks the IP addresses attempting to register an account
+against a DNSBL, blocking the attempt if there is a hit.
Configuration
=============
@@ -11,4 +11,8 @@
------------------- -------- ------------
registration\_rbl string *Required*
+Compatibility
+=============
+Prosody Trunk
+[1a0b76b07b7a](https://hg.prosody.im/trunk/rev/1a0b76b07b7a) or later.
--- a/mod_register_dnsbl/mod_register_dnsbl.lua Fri Feb 23 21:50:47 2018 +0100
+++ b/mod_register_dnsbl/mod_register_dnsbl.lua Fri Feb 23 21:56:42 2018 +0100
@@ -1,4 +1,6 @@
local adns = require "net.adns";
+local async = require "util.async";
+
local rbl = module:get_option_string("registration_rbl");
local function reverse(ip, suffix)
@@ -7,19 +9,27 @@
return ("%d.%d.%d.%d.%s"):format(d,c,b,a, suffix);
end
--- TODO async
--- module:hook("user-registering", function (event) end);
+module:hook("user-registering", function (event)
+ local session, ip = event.session, event.ip;
+ if not ip then
+ session.log("debug", "Unable to check DNSBL when IP is unknown");
+ return;
+ end
+ local rbl_ip, err = reverse(ip, rbl);
+ if not rbl_ip then
+ session.log("debug", "Unable to check DNSBL for ip %s: %s", ip, err);
+ return;
+ end
-module:hook("user-registered", function (event)
- local session = event.session;
- local ip = session and session.ip;
- local rbl_ip = ip and reverse(ip, rbl);
- if rbl_ip then
- local log = session.log;
- adns.lookup(function (reply)
- if reply and reply[1] then
- log("warn", "Account %s@%s registered from IP %s found in RBL (%s)", event.username, event.host or module.host, ip, reply[1].a);
- end
- end, rbl_ip);
- end
+ local wait, done = async.waiter();
+ adns.lookup(function (reply)
+ if reply and reply[1] and reply[1].a then
+ session.log("debug", "DNSBL response: %s IN A %s", rbl_ip, reply[1].a);
+ session.log("info", "Blocking %s from registering %s (dnsbl hit)", ip, event.username);
+ event.allowed = false;
+ event.reason = "Blocked by DNSBL";
+ end
+ done();
+ end, rbl_ip);
+ wait();
end);