prosody-modules: mod_muc_rtbl/mod_muc_rtbl.lua@62a65c52c3f5 (annotated)

4811 62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	1	local jid = require "util.jid";
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	2	local sha256 = require "util.hashes".sha256;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	3	local st = require "util.stanza";
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	4
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	5	local rtbl_service_jid = assert(module:get_option_string("muc_rtbl_jid"), "No RTBL JID supplied");
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	6	local rtbl_node = module:get_option_string("muc_rtbl_node", "muc_bans_sha256");
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	7
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	8	local banned_hashes = module:shared("banned_hashes");
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	9
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	10	module:depends("pubsub_subscription");
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	11
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	12	module:add_item("pubsub-subscription", {
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	13	service = rtbl_service_jid;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	14	node = rtbl_node;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	15
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	16	-- Callbacks:
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	17	on_subscribed = function()
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	18	module:log("info", "RTBL active");
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	19	end;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	20
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	21	on_error = function(err)
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	22	module:log("error", "Failed to subscribe to RTBL: %s::%s: %s", err.type, err.condition, err.text);
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	23	end;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	24
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	25	on_item = function(event)
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	26	local hash = event.item.attr.id;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	27	if not hash then return; end
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	28	module:log("debug", "Received new hash: %s", hash);
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	29	banned_hashes[hash] = hash;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	30	end;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	31
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	32	on_retract = function (event)
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	33	local hash = event.item.attr.id;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	34	if not hash then return; end
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	35	module:log("debug", "Retracted hash: %s", hash);
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	36	banned_hashes[hash] = nil;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	37	end;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	38	});
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	39
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	40	module:hook("muc-occupant-pre-join", function (event)
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	41	local from_bare = jid.bare(event.stanza.attr.from);
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	42	local hash = sha256(jid.bare(event.stanza.attr.from), true);
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	43	if banned_hashes[hash] then
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	44	module:log("info", "Blocked user <%s> from room <%s> due to RTBL match", from_bare, event.stanza.attr.to);
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	45	local error_reply = st.error_reply(event.stanza, "cancel", "forbidden", "You are banned from this service", event.room.jid);
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	46	event.origin.send(error_reply);
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	47	return true;
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	48	end
62a65c52c3f5 mod_muc_rtbl: Real-time blocklist checks for MUC services Matthew Wild <mwild1@gmail.com> parents: diff changeset	49	end);

author	Matthew Wild <mwild1@gmail.com>
	Sun, 05 Dec 2021 18:22:47 +0000
changeset 4811	62a65c52c3f5
child 4812	8a63a0daf129
permissions	-rw-r--r--