prosody-modules: mod_register_dnsbl/mod_register_dnsbl.lua@84670bac7348 (annotated)

2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	1	local adns = require "net.adns";
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	2	local async = require "util.async";
2895 84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	3	local inet_pton = require "util.net".pton;
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	4
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	5	local rbl = module:get_option_string("registration_rbl");
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	6
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	7	local function reverse(ip, suffix)
2895 84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	8	local n, err = inet_pton(ip);
84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	9	if not n then return n, err end
84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	10	if #n == 4 then
84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	11	local a,b,c,d = n:byte(1,4);
84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	12	return ("%d.%d.%d.%d.%s"):format(d,c,b,a, suffix);
84670bac7348 mod_register_dnsbl: Use util.net for IP address parsing Kim Alvefur <zash@zash.se> parents: 2894 diff changeset	13	end
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	14	end
0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	15
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	16	module:hook("user-registering", function (event)
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	17	local session, ip = event.session, event.ip;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	18	if not ip then
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	19	session.log("debug", "Unable to check DNSBL when IP is unknown");
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	20	return;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	21	end
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	22	local rbl_ip, err = reverse(ip, rbl);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	23	if not rbl_ip then
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	24	session.log("debug", "Unable to check DNSBL for ip %s: %s", ip, err);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	25	return;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	26	end
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	27
2894 6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	28	local wait, done = async.waiter();
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	29	adns.lookup(function (reply)
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	30	if reply and reply[1] and reply[1].a then
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	31	session.log("debug", "DNSBL response: %s IN A %s", rbl_ip, reply[1].a);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	32	session.log("info", "Blocking %s from registering %s (dnsbl hit)", ip, event.username);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	33	event.allowed = false;
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	34	event.reason = "Blocked by DNSBL";
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	35	end
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	36	done();
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	37	end, rbl_ip);
6412595e2046 mod_register_dnsbl: Use async support in trunk to actually block registration if a positive match is found in the DNSBL Kim Alvefur <zash@zash.se> parents: 2207 diff changeset	38	wait();
2116 0890c4860f14 mod_register_dnsbl: Initial commit of module to check users registering against an DNS block list Kim Alvefur <zash@zash.se> parents: diff changeset	39	end);

author	Kim Alvefur <zash@zash.se>
	Fri, 23 Feb 2018 21:59:28 +0100
changeset 2895	84670bac7348
parent 2894	6412595e2046
child 2896	bf9fc41bf7ad
permissions	-rw-r--r--