1
0
Fork 0
mirror of git://git.psyced.org/git/psyced synced 2024-08-15 03:25:10 +00:00

web challenge redirects

This commit is contained in:
psyc://loupsycedyglgamf.onion/~lynX 2018-07-19 17:51:32 +02:00
parent 4f7fb2cebe
commit 372e704a58
6 changed files with 50 additions and 30 deletions

View file

@ -146,6 +146,12 @@
# echo Please fix your #define REGISTERED_USERS_ONLY
# define _flag_disable_unauthenticated_users
#endif
#ifdef _flag_disable_unauthenticated_users
# define _flag_disable_unauthenticated_users_XMPP
#endif
#ifdef _flag_disable_registration
# define _flag_disable_registration_XMPP
#endif
#ifdef RELAY
# define _flag_disable_authorization

View file

@ -616,12 +616,20 @@ htget(prot, query, headers, qs) {
// maybe this all belongs into archetype.gen.. chesmo!
htget(prot, query, headers, qs, data, noprocess) {
if (stringp(headers["cookie"]) && regmatch(headers["cookie"],
"challenge=complete&answer="+ md5(CHALLENGE_MATCH)))
"challenge=complete&answer="+ md5(CHALLENGE_MATCH))) {
htnotify(query, headers, "_accomplished_web",
"Challenge accomplished in [_nick_place] by [_web_on] coming from [_web_from].");
# ifdef CHALLENGE_REDIRECT
return htredirect(prot, CHALLENGE_REDIRECT);
# else
# ifdef HTGET
// you may want to output a player iframe instead of a redirect...
return HTGET;
# else
return ::htget(prot, query, headers, qs, data, noprocess);
# endif
# endif
}
string item = headers[item] || "/@"+ MYNICK;
if (stringp(query["answer"]) && headers["cookie"] &&
regmatch(headers["cookie"], "challenge=given") &&
@ -645,6 +653,8 @@ htget(prot, query, headers, qs, data, noprocess) {
"_parameters" : query["parameters"] || qs,
"_nick_place" : MYNICK ]) );
// printf("%O vs %O\n", query, headers);
htnotify(query, headers, "_challenged_web",
"[_nick_place] challenges [_web_on] coming from [_web_from].");
return 1;
}
#endif

View file

@ -18,12 +18,10 @@
disco_info_root(vars) {
string featurelist;
featurelist = "<feature var='http://jabber.org/protocol/muc'/>"
#ifndef _flag_disable_unauthenticated_users
# ifndef _flag_disable_registration
#ifndef _flag_disable_unauthenticated_users_XMPP
# ifndef _flag_disable_registration_XMPP
"<feature var='jabber:iq:register'/>"
# endif
# endif
#endif
#ifndef VOLATILE
"<feature var='msgoffline'/>"

View file

@ -187,7 +187,7 @@ jabberMsg(XMLNode node) {
case "jabber:iq:register":
if (node["@type"] == "get"){
string packet;
#if defined(_flag_disable_unauthenticated_users) || defined(_flag_disable_registration) || defined(_flag_disable_registration_XMPP)
#if defined(_flag_disable_unauthenticated_users_XMPP) || defined(_flag_disable_registration_XMPP)
// super dirty.. this should all be in textdb
packet = sprintf("<iq type='result' id='%s'>"
"<query xmlns='jabber:iq:register'/>"
@ -234,7 +234,7 @@ jabberMsg(XMLNode node) {
emit(packet);
// QUIT
} else {
#if defined(_flag_disable_unauthenticated_users) || defined(_flag_disable_registration) || defined(_flag_disable_registration_XMPP)
#if defined(_flag_disable_unauthenticated_users_XMPP) || defined(_flag_disable_registration_XMPP)
// TODO: generate some error as above
#else
user -> vSet("password", t[Cdata]);
@ -358,7 +358,7 @@ jabberMsg(XMLNode node) {
# endif
break;
#endif
#ifndef _flag_disable_unauthenticated_users
#ifndef _flag_disable_unauthenticated_users_XMPP
case "ANONYMOUS":
unless(node[Cdata]) {
SASL_ERROR("incorrect-encoding")
@ -481,7 +481,7 @@ open_stream(XMLNode node) {
"<mechanism>DIGEST-MD5</mechanism>"
#endif
"<mechanism>PLAIN</mechanism>";
#ifndef _flag_disable_unauthenticated_users
#ifndef _flag_disable_unauthenticated_users_XMPP
// sasl anonymous
"<mechanism>ANONYMOUS</mechanism>";
#endif
@ -497,7 +497,7 @@ open_stream(XMLNode node) {
#endif
features += "</mechanisms>";
features += "<auth xmlns='http://jabber.org/features/iq-auth'/>";
#ifndef _flag_disable_unauthenticated_users
#ifndef _flag_disable_registration_XMPP
features += "<register xmlns='http://jabber.org/features/iq-register'/>";
#endif
}

View file

@ -627,7 +627,7 @@ iq(XMLNode node) {
break;
}
break;
#if !defined(_flag_disable_unauthenticated_users) && !defined(_flag_disable_registration) && !defined(_flag_disable_registration_XMPP)
#if !defined(_flag_disable_unauthenticated_users_XMPP) && !defined(_flag_disable_registration_XMPP)
case "jabber:iq:register":
switch(node["@type"]) {
case "get":

View file

@ -473,6 +473,27 @@ _request_set_topic(source, mc, data, vars, b) {
#endif
#if HAS_PORT(HTTP_PORT, HTTP_PATH) || HAS_PORT(HTTPS_PORT, HTTP_PATH)
// for GDPR compliance server owners are expected not to log these messages
htnotify(query, headers, mc, fmt) {
if (query["from"] == "") query["from"] = 0;
if (query["location"] == "") query["location"] = 0;
// should be renamed into _notice_examine_web_place
castmsg(ME, "_notice_place"+(mc || "_examine_web"),
fmt || "[_nick_place] viewed on [_web_on] coming from [_web_from].",
([ "_web_referrer" : query["from"] || "bookmark",
"_web_page" : query["location"] || headers["referer"] || "",
"_web_browser" : headers["user-agent"] || "",
"_web_on" : query["location"] || headers["referer"] ||
headers["user-agent"] || "",
"_web_from" : query["from"] ||
query_ip_name(this_interactive()) ||
headers["user-agent"] || "http",
"_host_name" : query_ip_name(this_interactive()) || "",
"_nick_place" : MYNICK || "This place",
]) );
}
htget(prot, query, headers, qs, data, noprocess) {
//P3((">> archetype.gen:htget(%O, %O, %O, %O, %O, %O)\n", prot, query, headers, qs, data, noprocess))
# ifdef PLACE_SCRATCHPAD
@ -629,22 +650,7 @@ htget(prot, query, headers, qs, data, noprocess) {
}
}
# ifndef _flag_disable_notice_place_examine_web
if (query["from"] == "") query["from"] = 0;
if (query["location"] == "") query["location"] = 0;
// should be renamed into _notice_examine_web_place
castmsg(ME, "_notice_place_examine_web", "[_nick_place] inspected on [_web_on] coming from [_web_from].",
([ "_web_referrer" : query["from"] || "bookmark",
"_web_page" : query["location"] || headers["referer"] || "",
"_web_browser" : headers["user-agent"] || "",
"_web_on" : query["location"] || headers["referer"] ||
headers["user-agent"] || "",
"_web_from" : query["from"] ||
// query_ip_name(this_interactive()) ||
headers["user-agent"] || "http",
"_host_name" : query_ip_name(this_interactive()) || "",
"_nick_place" : MYNICK || "This place",
]) );
htnotify(query, headers, "_examine_web");
# endif
// this is usually not very interesting really.. like: