1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
|
-- Prosody IM
-- Copyright (C) 2009-2010 Matthew Wild
-- Copyright (C) 2009-2010 Waqas Hussain
-- Copyright (C) 2014-2015 Kim Alvefur
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
-- This module implements XEP-0191: Blocking Command
--
local user_exists = require"core.usermanager".user_exists;
local rostermanager = require"core.rostermanager";
local is_contact_subscribed = rostermanager.is_contact_subscribed;
local is_contact_pending_in = rostermanager.is_contact_pending_in;
local load_roster = rostermanager.load_roster;
local save_roster = rostermanager.save_roster;
local st = require"util.stanza";
local st_error_reply = st.error_reply;
local jid_prep = require"util.jid".prep;
local jid_split = require"util.jid".split;
local storage = module:open_store();
local sessions = prosody.hosts[module.host].sessions;
local full_sessions = prosody.full_sessions;
-- First level cache of blocklists by username.
-- Weak table so may randomly expire at any time.
local cache = setmetatable({}, { __mode = "v" });
-- Second level of caching, keeps a fixed number of items, also anchors
-- items in the above cache.
--
-- The size of this affects how often we will need to load a blocklist from
-- disk, which we want to avoid during routing. On the other hand, we don't
-- want to use too much memory either, so this can be tuned by advanced
-- users. TODO use science to figure out a better default, 64 is just a guess.
local cache_size = module:get_option_number("blocklist_cache_size", 64);
local cache2 = require"util.cache".new(cache_size);
local null_blocklist = {};
module:add_feature("urn:xmpp:blocking");
local function set_blocklist(username, blocklist)
local ok, err = storage:set(username, blocklist);
if not ok then
return ok, err;
end
-- Successful save, update the cache
cache2:set(username, blocklist);
cache[username] = blocklist;
return true;
end
-- Migrates from the old mod_privacy storage
local function migrate_privacy_list(username)
local legacy_data = module:open_store("privacy"):get(username);
if not legacy_data or not legacy_data.lists or not legacy_data.default then return; end
local default_list = legacy_data.lists[legacy_data.default];
if not default_list or not default_list.items then return; end
local migrated_data = { [false] = { created = os.time(); migrated = "privacy" }};
module:log("info", "Migrating blocklist from mod_privacy storage for user '%s'", username);
for _, item in ipairs(default_list.items) do
if item.type == "jid" and item.action == "deny" then
local jid = jid_prep(item.value);
if not jid then
module:log("warn", "Invalid JID in privacy store for user '%s' not migrated: %s", username, tostring(item.value));
else
migrated_data[jid] = true;
end
end
end
set_blocklist(username, migrated_data);
return migrated_data;
end
local function get_blocklist(username)
local blocklist = cache2:get(username);
if not blocklist then
if not user_exists(username, module.host) then
return null_blocklist;
end
blocklist = storage:get(username);
if not blocklist then
blocklist = migrate_privacy_list(username);
end
if not blocklist then
blocklist = { [false] = { created = os.time(); }; };
end
cache2:set(username, blocklist);
end
cache[username] = blocklist;
return blocklist;
end
module:hook("iq-get/self/urn:xmpp:blocking:blocklist", function (event)
local origin, stanza = event.origin, event.stanza;
local username = origin.username;
local reply = st.reply(stanza):tag("blocklist", { xmlns = "urn:xmpp:blocking" });
local blocklist = cache[username] or get_blocklist(username);
for jid in pairs(blocklist) do
if jid then
reply:tag("item", { jid = jid }):up();
end
end
origin.interested_blocklist = true; -- Gets notified about changes
origin.send(reply);
return true;
end, -1);
-- Add or remove some jid(s) from the blocklist
-- We want this to be atomic and not do a partial update
local function edit_blocklist(event)
local now = os.time();
local origin, stanza = event.origin, event.stanza;
local username = origin.username;
local action = stanza.tags[1]; -- "block" or "unblock"
local is_blocking = action.name == "block" and now or nil; -- nil if unblocking
local new = {}; -- JIDs to block depending or unblock on action
-- XEP-0191 sayeth:
-- > When the user blocks communications with the contact, the user's
-- > server MUST send unavailable presence information to the contact (but
-- > only if the contact is allowed to receive presence notifications [...]
-- So contacts we need to do that for are added to the set below.
local send_unavailable = is_blocking and {};
local send_available = not is_blocking and {};
-- Because blocking someone currently also blocks the ability to reject
-- subscription requests, we'll preemptively reject such
local remove_pending = is_blocking and {};
for item in action:childtags("item") do
local jid = jid_prep(item.attr.jid);
if not jid then
origin.send(st_error_reply(stanza, "modify", "jid-malformed"));
return true;
end
item.attr.jid = jid; -- echo back prepped
new[jid] = true;
if is_blocking then
if is_contact_subscribed(username, module.host, jid) then
send_unavailable[jid] = true;
elseif is_contact_pending_in(username, module.host, jid) then
remove_pending[jid] = true;
end
elseif is_contact_subscribed(username, module.host, jid) then
send_available[jid] = true;
end
end
if is_blocking and not next(new) then
-- <block/> element does not contain at least one <item/> child element
origin.send(st_error_reply(stanza, "modify", "bad-request"));
return true;
end
local blocklist = cache[username] or get_blocklist(username);
local new_blocklist = {
-- We set the [false] key to something as a signal not to migrate privacy lists
[false] = blocklist[false] or { created = now; };
};
if type(blocklist[false]) == "table" then
new_blocklist[false].modified = now;
end
if is_blocking or next(new) then
for jid, t in pairs(blocklist) do
if jid then new_blocklist[jid] = t; end
end
for jid in pairs(new) do
new_blocklist[jid] = is_blocking;
end
-- else empty the blocklist
end
local ok, err = set_blocklist(username, new_blocklist);
if ok then
origin.send(st.reply(stanza));
else
origin.send(st_error_reply(stanza, "wait", "internal-server-error", err));
return true;
end
if is_blocking then
for jid in pairs(send_unavailable) do
-- Check that this JID isn't already blocked, i.e. this is not a change
if not blocklist[jid] then
for _, session in pairs(sessions[username].sessions) do
if session.presence then
module:send(st.presence({ type = "unavailable", to = jid, from = session.full_jid }));
end
end
end
end
if next(remove_pending) then
local roster = load_roster(username, module.host);
for jid in pairs(remove_pending) do
roster[false].pending[jid] = nil;
end
save_roster(username, module.host, roster);
-- Not much we can do about save failing here
end
else
local user_bare = username .. "@" .. module.host;
for jid in pairs(send_available) do
module:send(st.presence({ type = "probe", to = user_bare, from = jid }));
end
end
local blocklist_push = st.iq({ type = "set", id = "blocklist-push" })
:add_child(action); -- I am lazy
for _, session in pairs(sessions[username].sessions) do
if session.interested_blocklist then
blocklist_push.attr.to = session.full_jid;
session.send(blocklist_push);
end
end
return true;
end
module:hook("iq-set/self/urn:xmpp:blocking:block", edit_blocklist, -1);
module:hook("iq-set/self/urn:xmpp:blocking:unblock", edit_blocklist, -1);
-- Cache invalidation, solved!
module:hook_global("user-deleted", function (event)
if event.host == module.host then
cache2:set(event.username, nil);
cache[event.username] = nil;
end
end);
-- Buggy clients
module:hook("iq-error/self/blocklist-push", function (event)
local origin, stanza = event.origin, event.stanza;
local _, condition, text = stanza:get_error();
local log = (origin.log or module._log);
log("warn", "Client returned an error in response to notification from mod_%s: %s%s%s",
module.name, condition, text and ": " or "", text or "");
return true;
end);
local function is_blocked(user, jid)
local blocklist = cache[user] or get_blocklist(user);
if blocklist[jid] then return true; end
local node, host = jid_split(jid);
return blocklist[host] or node and blocklist[node..'@'..host];
end
-- Event handlers for bouncing or dropping stanzas
local function drop_stanza(event)
local stanza = event.stanza;
local attr = stanza.attr;
local to, from = attr.to, attr.from;
to = to and jid_split(to);
if to and from then
return is_blocked(to, from);
end
end
local function bounce_stanza(event)
local origin, stanza = event.origin, event.stanza;
if drop_stanza(event) then
origin.send(st_error_reply(stanza, "cancel", "service-unavailable"));
return true;
end
end
local function bounce_iq(event)
local type = event.stanza.attr.type;
if type == "set" or type == "get" then
return bounce_stanza(event);
end
return drop_stanza(event); -- result or error
end
local function bounce_message(event)
local stanza = event.stanza;
local type = stanza.attr.type;
if type == "chat" or not type or type == "normal" then
if full_sessions[stanza.attr.to] then
-- See #690
return drop_stanza(event);
end
return bounce_stanza(event);
end
return drop_stanza(event); -- drop headlines, groupchats etc
end
local function drop_outgoing(event)
local origin, stanza = event.origin, event.stanza;
local username = origin.username or jid_split(stanza.attr.from);
if not username then return end
local to = stanza.attr.to;
if to then return is_blocked(username, to); end
-- nil 'to' means a self event, don't bock those
end
local function bounce_outgoing(event)
local origin, stanza = event.origin, event.stanza;
local type = stanza.attr.type;
if type == "error" or stanza.name == "iq" and type == "result" then
return drop_outgoing(event);
end
if drop_outgoing(event) then
origin.send(st_error_reply(stanza, "cancel", "not-acceptable", "You have blocked this JID")
:tag("blocked", { xmlns = "urn:xmpp:blocking:errors" }));
return true;
end
end
-- Hook all the events!
local prio_in, prio_out = 100, 100;
module:hook("presence/bare", drop_stanza, prio_in);
module:hook("presence/full", drop_stanza, prio_in);
module:hook("message/bare", bounce_message, prio_in);
module:hook("message/full", bounce_message, prio_in);
module:hook("iq/bare", bounce_iq, prio_in);
module:hook("iq/full", bounce_iq, prio_in);
module:hook("pre-message/bare", bounce_outgoing, prio_out);
module:hook("pre-message/full", bounce_outgoing, prio_out);
module:hook("pre-message/host", bounce_outgoing, prio_out);
module:hook("pre-presence/bare", bounce_outgoing, -1);
module:hook("pre-presence/host", bounce_outgoing, -1);
module:hook("pre-presence/full", bounce_outgoing, prio_out);
module:hook("pre-iq/bare", bounce_outgoing, prio_out);
module:hook("pre-iq/full", bounce_outgoing, prio_out);
module:hook("pre-iq/host", bounce_outgoing, prio_out);
|