Mercurial Mercurial > prosody > prosody / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugins/mod_mam/mamprefs.lib.lua
author Jonas Schäfer <jonas@wielicki.name>
Mon, 10 Jan 2022 18:23:54 +0100
branch0.11
changeset 12185 783056b4e448
parent 8541 3eb4cafb3b64
child 13206 173038306750
permissions -rw-r--r--
util.xml: Do not allow doctypes, comments or processing instructions Yes. This is as bad as it sounds. CVE pending. In Prosody itself, this only affects mod_websocket, which uses util.xml to parse the <open/> frame, thus allowing unauthenticated remote DoS using Billion Laughs. However, third-party modules using util.xml may also be affected by this. This commit installs handlers which disallow the use of doctype declarations and processing instructions without any escape hatch. It, by default, also introduces such a handler for comments, however, there is a way to enable comments nontheless. This is because util.xml is used to parse human-facing data, where comments are generally a desirable feature, and also because comments are generally harmless.

-- Prosody IM
-- Copyright (C) 2008-2017 Matthew Wild
-- Copyright (C) 2008-2017 Waqas Hussain
-- Copyright (C) 2011-2017 Kim Alvefur
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
-- XEP-0313: Message Archive Management for Prosody
--
-- luacheck: ignore 122/prosody

local global_default_policy = module:get_option_string("default_archive_policy", true);
if global_default_policy ~= "roster" then
	global_default_policy = module:get_option_boolean("default_archive_policy", global_default_policy);
end
local smart_enable = module:get_option_boolean("mam_smart_enable", false);

do
	-- luacheck: ignore 211/prefs_format
	local prefs_format = {
		[false] = "roster",
		-- default ::= true | false | "roster"
		-- true = always, false = never, nil = global default
		["romeo@montague.net"] = true, -- always
		["montague@montague.net"] = false, -- newer
	};
end

local sessions = prosody.hosts[module.host].sessions;
local archive_store = module:get_option_string("archive_store", "archive");
local prefs = module:open_store(archive_store .. "_prefs");

local function get_prefs(user, explicit)
	local user_sessions = sessions[user];
	local user_prefs = user_sessions and user_sessions.archive_prefs
	if not user_prefs then
		-- prefs not cached
		user_prefs = prefs:get(user);
		if not user_prefs then
			-- prefs not set
			if smart_enable and explicit then
				-- a mam-capable client was involved in this action, set defaults
				user_prefs = { [false] = global_default_policy };
				prefs:set(user, user_prefs);
			end
		end
		if user_sessions then
			-- cache settings if they originate from user action
			user_sessions.archive_prefs = user_prefs;
		end
		if not user_prefs then
			if smart_enable then
				-- not yet enabled, either explicitly or "smart"
				user_prefs = { [false] = false };
			else
				-- no explicit settings, return defaults
				user_prefs = { [false] = global_default_policy };
			end
		end
	end
	return user_prefs;
end

local function set_prefs(user, user_prefs)
	local user_sessions = sessions[user];
	if user_sessions then
		user_sessions.archive_prefs = user_prefs;
	end
	return prefs:set(user, user_prefs);
end

return {
	get = get_prefs,
	set = set_prefs,
}
prosody