author | Georg Lukas <georg@op-co.de> |
Wed, 19 Apr 2017 13:45:18 +0200 | |
changeset 2703 | dae655657a92 |
parent 2335 | 611a787e6d08 |
child 3223 | 58d61459cdb1 |
permissions | -rw-r--r-- |
2216
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
1 |
local st = require "util.stanza"; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
2 |
local host = module.host; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
3 |
local e2e_policy_chat = module:get_option_string("e2e_policy_chat", "optional"); -- possible values: none, optional and required |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
4 |
local e2e_policy_muc = module:get_option_string("e2e_policy_muc", "optional"); -- possible values: none, optional and required |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
5 |
local e2e_policy_whitelist = module:get_option_set("e2e_policy_whitelist", { }); -- make this module ignore messages sent to and from this JIDs or MUCs |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
6 |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
7 |
local e2e_policy_message_optional_chat = module:get_option_string("e2e_policy_message_optional_chat", "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for conversations on this server."); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
8 |
local e2e_policy_message_required_chat = module:get_option_string("e2e_policy_message_required_chat", "For security reasons, OMEMO, OTR or PGP encryption is required for conversations on this server."); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
9 |
local e2e_policy_message_optional_muc = module:get_option_string("e2e_policy_message_optional_muc", "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for MUC on this server."); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
10 |
local e2e_policy_message_required_muc = module:get_option_string("e2e_policy_message_required_muc", "For security reasons, OMEMO, OTR or PGP encryption is required for MUC on this server."); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
11 |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
12 |
function warn_on_plaintext_messages(event) |
2335
611a787e6d08
mod_e2e_policy: Do not reply to error stenzas
Michel Le Bihan <michel@lebihan.pl>
parents:
2216
diff
changeset
|
13 |
-- check if JID is whitelisted |
611a787e6d08
mod_e2e_policy: Do not reply to error stenzas
Michel Le Bihan <michel@lebihan.pl>
parents:
2216
diff
changeset
|
14 |
if e2e_policy_whitelist:contains(event.stanza.attr.from) or e2e_policy_whitelist:contains(event.stanza.attr.to) then |
2216
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
15 |
return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
16 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
17 |
local body = event.stanza:get_child_text("body"); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
18 |
-- do not warn for status messages |
2335
611a787e6d08
mod_e2e_policy: Do not reply to error stenzas
Michel Le Bihan <michel@lebihan.pl>
parents:
2216
diff
changeset
|
19 |
if not body or event.stanza.attr.type == "error" then |
2216
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
20 |
return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
21 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
22 |
-- check otr |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
23 |
if body and body:sub(1,4) == "?OTR" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
24 |
return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
25 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
26 |
-- check omemo https://xmpp.org/extensions/inbox/omemo.html |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
27 |
if event.stanza:get_child("encrypted", "eu.siacs.conversations.axolotl") or event.stanza:get_child("encrypted", "urn:xmpp:omemo:0") then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
28 |
return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
29 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
30 |
-- check xep27 pgp https://xmpp.org/extensions/xep-0027.html |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
31 |
if event.stanza:get_child("x", "jabber:x:encrypted") then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
32 |
return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
33 |
end |
2335
611a787e6d08
mod_e2e_policy: Do not reply to error stenzas
Michel Le Bihan <michel@lebihan.pl>
parents:
2216
diff
changeset
|
34 |
-- check xep373 pgp (OX) https://xmpp.org/extensions/xep-0373.html |
2216
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
35 |
if event.stanza:get_child("openpgp", "urn:xmpp:openpgp:0") then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
36 |
return nil; |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
37 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
38 |
-- no valid encryption found |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
39 |
if e2e_policy_chat == "optional" and event.stanza.attr.type ~= "groupchat" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
40 |
event.origin.send(st.message({ from = host, type = "headline" }, e2e_policy_message_optional_chat)); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
41 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
42 |
if e2e_policy_chat == "required" and event.stanza.attr.type ~= "groupchat" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
43 |
return event.origin.send(st.error_reply(event.stanza, "modify", "policy-violation", e2e_policy_message_required_chat)); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
44 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
45 |
if e2e_policy_muc == "optional" and event.stanza.attr.type == "groupchat" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
46 |
event.origin.send(st.message({ from = host, type = "headline" }, e2e_policy_message_optional_muc)); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
47 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
48 |
if e2e_policy_muc == "required" and event.stanza.attr.type == "groupchat" then |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
49 |
return event.origin.send(st.error_reply(event.stanza, "modify", "policy-violation", e2e_policy_message_required_muc)); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
50 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
51 |
end |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
52 |
|
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
53 |
module:hook("pre-message/bare", warn_on_plaintext_messages, 300); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
54 |
module:hook("pre-message/full", warn_on_plaintext_messages, 300); |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
55 |
module:hook("pre-message/host", warn_on_plaintext_messages, 300); |