author | Kim Alvefur <zash@zash.se> |
Sat, 25 Jan 2020 01:31:49 +0100 | |
changeset 3861 | 8752e5b5dd08 |
parent 2891 | 65082d91950e |
permissions | -rw-r--r-- |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 |
-- mod_manifesto |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 |
local timer = require "util.timer"; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
local jid_split = require "util.jid".split; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 |
local st = require "util.stanza"; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
local dm = require "util.datamanager"; |
1307
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
7 |
local dataforms_new = require "util.dataforms".new; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
8 |
local adhoc_initial = require "util.adhoc".new_initial_data_form; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
9 |
local mm_reload = require "modulemanager".reload; |
1308
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
10 |
local s2s_destroy_session = require "core.s2smanager".destroy_session; |
1307
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
11 |
local config = require "core.configmanager"; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
12 |
local config_get = config.get; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
13 |
local config_set = config.set; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
14 |
local t_concat = table.concat; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
15 |
local adhoc_new = module:require "adhoc".new; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
local time = os.time; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
local hosts = prosody.hosts; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
local host = module.host; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
local host_session = hosts[host]; |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
21 |
local incoming_s2s = prosody.incoming_s2s; |
1308
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
22 |
local s2s_sessions = module:shared"/*/s2s/sessions"; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 |
local default_tpl = [[ |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 |
Hello there. |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 |
This is a brief system message to let you know about some upcoming changes to the $HOST service. |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 |
Some of your contacts are on other Jabber/XMPP services that do not support encryption. As part of an initiative to increase the security of the Jabber/XMPP network, this service ($HOST) will be participating in a series of tests to discover the impact of our planned changes, and you may lose the ability to communicate with some of your contacts. |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 |
|
1305 | 31 |
The test days will be on the following dates: January 4, February 22, March 22 and April 19. On these days we will require that all client and server connections are encrypted. Unless they enable encryption before that, you will be unable to communicate with your contacts that use these services: |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 |
$SERVICES |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 |
Your affected contacts are: |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 |
$CONTACTS |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 |
What can you do? You may tell your contacts to inform their service administrator about their lack of encryption. Your contacts may also switch to a more secure service. A list of public services can be found at https://xmpp.net/directory.php |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 |
For more information about the Jabber/XMPP security initiative that we are participating in, please read the announcement at https://stpeter.im/journal/1496.html |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 |
If you have any questions or concerns, you may contact us via $CONTACTVIA at $CONTACT |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 |
]]; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 |
local message = module:get_option_string("manifesto_contact_encryption_warning", default_tpl); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 |
local contact = module:get_option_string("admin_contact_address", module:get_option_array("admins", {})[1]); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 |
if not contact then |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 |
error("mod_manifesto needs you to set 'admin_contact_address' in your config file.", 0); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 |
local contact_method = "Jabber/XMPP"; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 |
if select(2, contact:gsub("^mailto:", "")) > 0 then |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 |
contact_method = "email"; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 |
local notified; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 |
module:hook("resource-bind", function (event) |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 |
local session = event.session; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 |
local now = time(); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 |
local last_notify = notified[session.username] or 0; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 |
if last_notify > ( now - 86400 * 7 ) then |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 |
return |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 |
timer.add_task(15, function () |
1300
99748c89edd4
mod_manifesto: Fix traceback when user disconnects before the timer (fixes #48)
Kim Alvefur <zash@zash.se>
parents:
1286
diff
changeset
|
68 |
if session.type ~= "c2s" then return end -- user quit already |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
69 |
local bad_contacts, bad_hosts = {}, {}; |
1286
9700c89f7bf6
mod_manifesto: Fix traceback when user doesn't have a roster (?)
Matthew Wild <mwild1@gmail.com>
parents:
1284
diff
changeset
|
70 |
for contact_jid, item in pairs(session.roster or {}) do |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
71 |
local _, contact_host = jid_split(contact_jid); |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
72 |
local bad = false; |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
73 |
local remote_host_session = host_session.s2sout[contact_host]; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 |
if remote_host_session and remote_host_session.type == "s2sout" then -- Only check remote hosts we have completed s2s connections to |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 |
if not remote_host_session.secure then |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
76 |
bad = true; |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
77 |
end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
78 |
end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
79 |
for session in pairs(incoming_s2s) do |
1284
e36f82d7baae
mod_manifesto: Only check fully established incoming sessions
Florian Zeitz <florob@babelmonkeys.de>
parents:
1283
diff
changeset
|
80 |
if session.to_host == host and session.from_host == contact_host and session.type == "s2sin" then |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
81 |
if not session.secure then |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
82 |
bad = true; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 |
end |
1283
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
84 |
end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
85 |
end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
86 |
if bad then |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
87 |
local contact_name = item.name; |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
88 |
if contact_name then |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
89 |
table.insert(bad_contacts, contact_name.." <"..contact_jid..">"); |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
90 |
else |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
91 |
table.insert(bad_contacts, contact_jid); |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
92 |
end |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
93 |
if not bad_hosts[contact_host] then |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
94 |
bad_hosts[contact_host] = true; |
3e96889c0c36
mod_manifesto: Check state of incoming connections
Florian Zeitz <florob@babelmonkeys.de>
parents:
1282
diff
changeset
|
95 |
table.insert(bad_hosts, contact_host); |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
96 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
97 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
98 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
99 |
if #bad_contacts > 0 then |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
100 |
local vars = { |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
101 |
HOST = host; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
102 |
CONTACTS = " "..table.concat(bad_contacts, "\n "); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
103 |
SERVICES = " "..table.concat(bad_hosts, "\n "); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
104 |
CONTACTVIA = contact_method, CONTACT = contact; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
105 |
}; |
2891
65082d91950e
Many modules: Simplify st.message(…):tag("body"):text(…):up() into st.message(…, …)
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
1325
diff
changeset
|
106 |
session.send(st.message({ type = "headline", from = host }, message:gsub("$(%w+)", vars))); |
1306
63e7e20a0074
mod_manifesto: Only keep track of who we sent notifications to
Kim Alvefur <zash@zash.se>
parents:
1305
diff
changeset
|
107 |
notified[session.username] = now; |
1282
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
108 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
109 |
end); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
110 |
end); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
111 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
112 |
function module.load() |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
113 |
notified = dm.load(nil, host, module.name) or {}; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
114 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
115 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
116 |
function module.save() |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
117 |
dm.store(nil, host, module.name, notified); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
118 |
return { notified = notified }; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
119 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
120 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
121 |
function module.restore(data) |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
122 |
notified = data.notified; |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
123 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
124 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
125 |
function module.unload() |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
126 |
dm.store(nil, host, module.name, notified); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
127 |
end |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
128 |
|
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
129 |
function module.uninstall() |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
130 |
dm.store(nil, host, module.name, nil); |
17cb51496469
mod_manifesto: Module that informs users about the Security Test Days and which contacts it will affect (Thanks to MattJ, who wrote most of it)
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
131 |
end |
1307
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
132 |
|
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
133 |
-- Ad-hoc command for switching to/from "manifesto mode" |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
134 |
local layout = dataforms_new { |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
135 |
title = "Configure manifesto mode"; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
136 |
|
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
137 |
{ name = "FORM_TYPE", type = "hidden", value = "http://prosody.im/protocol/manifesto" }; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
138 |
{ name = "state", type = "list-single", required = true, label = "Manifesto mode:"}; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
139 |
}; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
140 |
|
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
141 |
local adhoc_handler = adhoc_initial(layout, function() |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
142 |
local enabled = config_get(host, "c2s_require_encryption") and config_get(host, "s2s_require_encryption"); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
143 |
return { state = { |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
144 |
{ label = "Enabled", value = "enabled", default = enabled }, |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
145 |
{ label = "Configuration settings", value = "config", default = not enabled }, |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
146 |
}}; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
147 |
end, function(fields, err) |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
148 |
if err then |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
149 |
local errmsg = {}; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
150 |
for name, err in pairs(errors) do |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
151 |
errmsg[#errmsg + 1] = name .. ": " .. err; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
152 |
end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
153 |
return { status = "completed", error = { message = t_concat(errmsg, "\n") } }; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
154 |
end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
155 |
|
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
156 |
local info; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
157 |
if fields.state == "enabled" then |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
158 |
config_set(host, "c2s_require_encryption", true); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
159 |
config_set(host, "s2s_require_encryption", true); |
1308
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
160 |
|
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
161 |
for _, session in pairs(s2s_sessions) do |
1325
b21236b6b8d8
Backed out changeset 853a382c9bd6
Kim Alvefur <zash@zash.se>
parents:
1324
diff
changeset
|
162 |
if not session.secure then |
1308
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
163 |
(session.close or s2s_destroy_session)(session); |
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
164 |
end |
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
165 |
end |
9ddfff2acddc
mod_manifest: Close unencrypted connections when entering manifesto mode
Florian Zeitz <florob@babelmonkeys.de>
parents:
1307
diff
changeset
|
166 |
|
1307
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
167 |
info = "Manifesto mode enabled"; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
168 |
else |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
169 |
local ok, err = prosody.reload_config(); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
170 |
if not ok then |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
171 |
return { status = "completed", error = { message = "Failed to reload config: " .. tostring(err) } }; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
172 |
end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
173 |
info = "Reset to configuration settings"; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
174 |
end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
175 |
|
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
176 |
local ok, err = mm_reload(host, "tls"); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
177 |
if not ok then return { status = "completed", error = { message = "Failed to reload mod_tls: " .. tostring(err) } }; end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
178 |
ok, err = mm_reload(host, "s2s"); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
179 |
if not ok then return { status = "completed", error = { message = "Failed to reload mod_s2s: " .. tostring(err) } }; end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
180 |
ok, err = mm_reload(host, "saslauth"); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
181 |
if not ok then return { status = "completed", error = { message = "Failed to reload mod_saslauth: " .. tostring(err) } }; end |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
182 |
|
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
183 |
return { status = "completed", info = info }; |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
184 |
end); |
71dd991c94e7
mod_manifesto: Add ad-hoc command to enable "manifesto mode"
Florian Zeitz <florob@babelmonkeys.de>
parents:
1306
diff
changeset
|
185 |
module:provides("adhoc", adhoc_new("Configure manifesto mode", "http://prosody.im/protocol/manifesto", adhoc_handler, "admin")); |