Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump stun from 1.2.14 to 1.2.15 #62

Closed
wants to merge 12 commits into from
Closed
18 changes: 18 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
version: 2

updates:

- package-ecosystem: "docker"
directory: "/.github/container/"
schedule:
interval: "weekly"

- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"

- package-ecosystem: "mix"
directory: "/"
schedule:
interval: "weekly"
86 changes: 86 additions & 0 deletions .github/workflows/codacy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
name: Codacy Security Scan

on:
push:
branches: [ "dependabot" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "dependabot" ]
schedule:
- cron: '45 13 * * 6'


jobs:
codacy-security-scan:
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@main

- name: Setup Checkov
run: |
sed -i '/PASSWORD/i #checkov:skip=CKV_SECRET_6:' .github/workflows/ci.yml
sed -i '/PASSWORD/i #checkov:skip=CKV_SECRET_6:' test/docker/docker-compose.yml

- name: Setup CSSlint
run: |
echo "{\"exclude-list\": [\"priv/css/\"]}" > .csslintrc

- name: Setup Markdownlint
run: |
sed -i '1i\<!-- markdownlint-disable -->' .github/ISSUE_TEMPLATE/bug_report.md
sed -i '1i\<!-- markdownlint-disable -->' .github/ISSUE_TEMPLATE/feature_request.md
sed -i '1i\<!-- markdownlint-disable MD013 -->' CODE_OF_CONDUCT.md
sed -i '1i\<!-- markdownlint-disable MD004 MD013 MD025 MD032 MD033 -->' CHANGELOG.md
sed -i '1i\<!-- markdownlint-disable MD012 MD013 MD033 MD040 MD041 -->' README.md
sed -i '1i\<!-- markdownlint-disable MD013 MD040 -->' test/docker/README.md
sed -i '1i\<!-- markdownlint-disable MD003 MD012 MD013 MD029 MD031 MD032 MD040 MD041 -->' CONTAINER.md
sed -i '1i\<!-- markdownlint-disable MD012 MD013 MD031 MD040 MD046 -->' COMPILE.md
sed -i '1i\<!-- markdownlint-disable MD004 MD012 MD013 MD031 MD032 MD033 -->' CONTRIBUTING.md
sed -i '1i\<!-- markdownlint-disable MD013 -->' CONTRIBUTORS.md

- name: Setup Shellcheck
run: |
sed -i '1a\# shellcheck disable=all' tools/captcha-ng.sh
sed -i '1a\# shellcheck disable=SC2013,SC3014,SC3060' tools/check_xep_versions.sh

- name: Setup Stylelint
run: |
sed -i '1i\/* stylelint-disable */' priv/css/admin.css
sed -i '1i\/* stylelint-disable */' priv/css/bosh.css
sed -i '1i\/* stylelint-disable */' priv/css/muc.css
sed -i '1i\/* stylelint-disable */' priv/css/oauth.css
sed -i '1i\/* stylelint-disable */' priv/css/register.css

- name: Setup TSQLlint
run: |
sed -i '1i\-- tsqllint-disable' sql/*.sql
sed -i '1s\disable\disable data-compression set-transaction-isolation-level\' sql/mssql*.sql

- name: Remove escript files which are not shell scripts
run: |
rm tools/extract-tr.sh
rm tools/hook_deps.sh
rm tools/opt_types.sh

- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@master
with:
output: results.sarif
format: sarif
# Adjust severity of non-security issues
gh-code-scanning-compat: true
# Force 0 exit code to allow SARIF file generation
# This will hand over control about PR rejection to the GitHub side
max-allowed-issues: 2147483647

- name: Clean duplicates
run:
jq '.runs |= unique_by({tool, invocations, results})' <results.sarif >codacy.sarif

# Upload the SARIF file generated in the previous step
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@main
with:
sarif_file: codacy.sarif
2 changes: 1 addition & 1 deletion mix.exs
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ defmodule Ejabberd.MixProject do
{:p1_utils, "~> 1.0"},
{:pkix, "~> 1.0"},
{:stringprep, ">= 1.0.26"},
{:xmpp, git: "https://github.com/processone/xmpp.git", ref: "422c107a882b6967e615ea69b33fac4897048fbb", override: true},
{:xmpp, git: "https://github.com/processone/xmpp.git", ref: "c045d4d8555e251f2212743db8af90255da2ab57", override: true},
{:yconf, "~> 1.0"}]
++ cond_deps()
end
Expand Down
6 changes: 4 additions & 2 deletions mix.lock
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,12 @@
"erlex": {:hex, :erlex, "0.2.7", "810e8725f96ab74d17aac676e748627a07bc87eb950d2b83acd29dc047a30595", [:mix], [], "hexpm", "3ed95f79d1a844c3f6bf0cea61e0d5612a42ce56da9c03f01df538685365efb0"},
"esip": {:hex, :esip, "1.0.54", "dae8fb8278fd3b2c0d38c2e832c4b8d26700eb239b9a42c8ea574fee76f5e76a", [:rebar3], [{:fast_tls, "1.1.21", [hex: :fast_tls, repo: "hexpm", optional: false]}, {:p1_utils, "1.0.26", [hex: :p1_utils, repo: "hexpm", optional: false]}, {:stun, "1.2.14", [hex: :stun, repo: "hexpm", optional: false]}], "hexpm", "8187af819d7259cdaddaf69726c239ef604c9b0b0298a5f2d3e687bf5e2237ee"},
"ex_doc": {:hex, :ex_doc, "0.34.2", "13eedf3844ccdce25cfd837b99bea9ad92c4e511233199440488d217c92571e8", [:mix], [{:earmark_parser, "~> 1.4.39", [hex: :earmark_parser, repo: "hexpm", optional: false]}, {:makeup_c, ">= 0.1.0", [hex: :makeup_c, repo: "hexpm", optional: true]}, {:makeup_elixir, "~> 0.14 or ~> 1.0", [hex: :makeup_elixir, repo: "hexpm", optional: false]}, {:makeup_erlang, "~> 0.1 or ~> 1.0", [hex: :makeup_erlang, repo: "hexpm", optional: false]}, {:makeup_html, ">= 0.1.0", [hex: :makeup_html, repo: "hexpm", optional: true]}], "hexpm", "5ce5f16b41208a50106afed3de6a2ed34f4acfd65715b82a0b84b49d995f95c1"},
"exsync": {:hex, :exsync, "0.4.1", "0a14fe4bfcb80a509d8a0856be3dd070fffe619b9ba90fec13c58b316c176594", [:mix], [{:file_system, "~> 0.2 or ~> 1.0", [hex: :file_system, repo: "hexpm", optional: false]}], "hexpm", "cefb22aa805ec97ffc5b75a4e1dc54bcaf781e8b32564bf74abbe5803d1b5178"},
"ezlib": {:hex, :ezlib, "1.0.13", "3c7f62862850a241159c10b218ecf580bce54d0890601b65144dacc2633be2b0", [:rebar3], [{:p1_utils, "1.0.26", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm", "9ee62ab3f8ed55a0fd11a9569fcb8e458683f95575417272192b069f092abfbb"},
"fast_tls": {:git, "https://github.com/processone/fast_tls.git", "75a08772f0ffddfed0441bfdc7e7f9a5adb3862f", [ref: "75a08772f0ffddfed0441bfdc7e7f9a5adb3862f"]},
"fast_xml": {:git, "https://github.com/processone/fast_xml.git", "e7dc91310046831f436a03abf029587f0c2764f4", [ref: "e7dc91310046831f436a03abf029587f0c2764f4"]},
"fast_yaml": {:hex, :fast_yaml, "1.0.37", "f71d472fbf787ccd161b914d1eb486116a0f4f2e835337a378fbd31b59d2e74b", [:rebar3], [{:p1_utils, "1.0.26", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm", "8de868721bf7e2172414f7d3148ede0f3c922b496455cd625dd5c4429515a769"},
"file_system": {:hex, :file_system, "1.0.1", "79e8ceaddb0416f8b8cd02a0127bdbababe7bf4a23d2a395b983c1f8b3f73edd", [:mix], [], "hexpm", "4414d1f38863ddf9120720cd976fce5bdde8e91d8283353f0e31850fa89feb9e"},
"idna": {:hex, :idna, "6.1.1", "8a63070e9f7d0c62eb9d9fcb360a7de382448200fbbd1b106cc96d3d8099df8d", [:rebar3], [{:unicode_util_compat, "~> 0.7.0", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "92376eb7894412ed19ac475e4a86f7b413c1b9fbb5bd16dccd57934157944cea"},
"jiffy": {:hex, :jiffy, "1.1.2", "a9b6c9a7ec268e7cf493d028f0a4c9144f59ccb878b1afe42841597800840a1b", [:rebar3], [], "hexpm", "bb61bc42a720bbd33cb09a410e48bb79a61012c74cb8b3e75f26d988485cf381"},
"jose": {:hex, :jose, "1.11.10", "a903f5227417bd2a08c8a00a0cbcc458118be84480955e8d251297a425723f83", [:mix, :rebar3], [], "hexpm", "0d6cd36ff8ba174db29148fc112b5842186b68a90ce9fc2b3ec3afe76593e614"},
Expand All @@ -30,8 +32,8 @@
"pkix": {:hex, :pkix, "1.0.10", "d3bfadf7b7cfe2a3636f1b256c9cce5f646a07ce31e57ee527668502850765a0", [:rebar3], [], "hexpm", "e02164f83094cb124c41b1ab28988a615d54b9adc38575f00f19a597a3ac5d0e"},
"sqlite3": {:hex, :sqlite3, "1.1.15", "e819defd280145c328457d7af897d2e45e8e5270e18812ee30b607c99cdd21af", [:rebar3], [], "hexpm", "3c0ba4e13322c2ad49de4e2ddd28311366adde54beae8dba9d9e3888f69d2857"},
"stringprep": {:hex, :stringprep, "1.0.30", "46cf0ff631b3e7328f61f20b454d59428d87738f25d709798b5dcbb9b83c23f1", [:rebar3], [{:p1_utils, "1.0.26", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm", "f6fc9b3384a03877830f89b2f38580caf3f4a27448a4a333d6a8c3975c220b9a"},
"stun": {:hex, :stun, "1.2.14", "6f538ac80c842131dbd149055570d116bfabc9b5ebff4bd6af2e7888958c660c", [:rebar3], [{:fast_tls, "1.1.21", [hex: :fast_tls, repo: "hexpm", optional: false]}, {:p1_utils, "1.0.26", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm", "e134807b1b7a8dffd94e64eefee00e65c7b4042f3d14e16f8f43566d20371583"},
"stun": {:hex, :stun, "1.2.15", "eec510af6509201ff97f1f2c87b7977c833bf29c04e985383370ec21f04e4ccf", [:rebar3], [{:fast_tls, "1.1.22", [hex: :fast_tls, repo: "hexpm", optional: false]}, {:p1_utils, "1.0.26", [hex: :p1_utils, repo: "hexpm", optional: false]}], "hexpm", "f6d8a541a29fd13f2ce658b676c0cc661262b96e045b52def1644b75ebc0edef"},
"unicode_util_compat": {:hex, :unicode_util_compat, "0.7.0", "bc84380c9ab48177092f43ac89e4dfa2c6d62b40b8bd132b1059ecc7232f9a78", [:rebar3], [], "hexpm", "25eee6d67df61960cf6a794239566599b09e17e668d3700247bc498638152521"},
"xmpp": {:git, "https://github.com/processone/xmpp.git", "422c107a882b6967e615ea69b33fac4897048fbb", [ref: "422c107a882b6967e615ea69b33fac4897048fbb"]},
"xmpp": {:git, "https://github.com/processone/xmpp.git", "c045d4d8555e251f2212743db8af90255da2ab57", [ref: "c045d4d8555e251f2212743db8af90255da2ab57"]},
"yconf": {:hex, :yconf, "1.0.16", "d59521d66ff89f219411b6e9277cd6feec7cc6fce11554e67de02a8d0a470479", [:rebar3], [{:fast_yaml, "1.0.37", [hex: :fast_yaml, repo: "hexpm", optional: false]}], "hexpm", "e947813273f38711c7b2e5a8e4acc9a51c7bbe854f744a345f60300b38586c89"},
}
2 changes: 1 addition & 1 deletion rebar.config
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@
{stringprep, "~> 1.0.29", {git, "https://github.com/processone/stringprep", {tag, "1.0.30"}}},
{if_var_true, stun,
{stun, "~> 1.2.12", {git, "https://github.com/processone/stun", {tag, "1.2.14"}}}},
{xmpp, "~> 1.8.3", {git, "https://github.com/processone/xmpp", "422c107a882b6967e615ea69b33fac4897048fbb"}},
{xmpp, "~> 1.8.3", {git, "https://github.com/processone/xmpp", "c045d4d8555e251f2212743db8af90255da2ab57"}},
{yconf, "~> 1.0.15", {git, "https://github.com/processone/yconf", {tag, "1.0.16"}}}
]}.

Expand Down
2 changes: 1 addition & 1 deletion rebar.lock
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
{<<"unicode_util_compat">>,{pkg,<<"unicode_util_compat">>,<<"0.7.0">>},1},
{<<"xmpp">>,
{git,"https://github.com/processone/xmpp",
{ref,"422c107a882b6967e615ea69b33fac4897048fbb"}},
{ref,"c045d4d8555e251f2212743db8af90255da2ab57"}},
0},
{<<"yconf">>,{pkg,<<"yconf">>,<<"1.0.16">>},0}]}.
[
Expand Down
21 changes: 19 additions & 2 deletions src/ejabberd_router.erl
Original file line number Diff line number Diff line change
Expand Up @@ -380,8 +380,9 @@ code_change(_OldVsn, State, _Extra) ->
%%% Internal functions
%%--------------------------------------------------------------------
-spec do_route(stanza()) -> ok.
do_route(OrigPacket) ->
?DEBUG("Route:~n~ts", [xmpp:pp(OrigPacket)]),
do_route(OrigPacket1) ->
?DEBUG("Route:~n~ts", [xmpp:pp(OrigPacket1)]),
OrigPacket = process_privilege_iq(OrigPacket1),
case ejabberd_hooks:run_fold(filter_packet, OrigPacket, []) of
drop ->
ok;
Expand All @@ -405,6 +406,22 @@ do_route(OrigPacket) ->
end
end.

%% @format-begin
process_privilege_iq(Packet) ->
To = xmpp:get_to(Packet),
case xmpp:get_meta(Packet, privilege_iq, none) of
{OriginalId, OriginalHost, ReplacedJid} when ReplacedJid == To ->
Privilege = #privilege{forwarded = #forwarded{sub_els = [Packet]}},
#iq{type = xmpp:get_type(Packet),
id = OriginalId,
to = jid:make(OriginalHost),
from = ReplacedJid,
sub_els = [Privilege]};
_ ->
Packet
end.
%% @format-end

-spec do_route(stanza(), #route{}) -> any().
do_route(Pkt, #route{local_hint = LocalHint,
pid = Pid}) when is_pid(Pid) ->
Expand Down
19 changes: 17 additions & 2 deletions src/mod_block_strangers.erl
Original file line number Diff line number Diff line change
Expand Up @@ -32,21 +32,26 @@
-export([start/2, stop/1, reload/3, mod_doc/0,
depends/2, mod_opt_type/1, mod_options/1]).

-export([filter_packet/1, filter_offline_msg/1, filter_subscription/2]).
-export([filter_packet/1, filter_offline_msg/1, filter_subscription/2,
get_sm_features/5]).

-include_lib("xmpp/include/xmpp.hrl").
-include("logger.hrl").
-include("translate.hrl").

-define(SETS, gb_sets).

-define(NS_BLOCK_STRANGERS, <<"urn:ejabberd:block-strangers">>).

-type c2s_state() :: ejabberd_c2s:state().

%%%===================================================================
%%% Callbacks and hooks
%%%===================================================================
start(_Host, _Opts) ->
{ok, [{hook, user_receive_packet, filter_packet, 25},
{ok, [{hook, disco_local_features, get_sm_features, 50},
{hook, disco_sm_features, get_sm_features, 50},
{hook, user_receive_packet, filter_packet, 25},
{hook, roster_in_subscription, filter_subscription, 25},
{hook, offline_message_hook, filter_offline_msg, 25}]}.

Expand All @@ -56,6 +61,16 @@ stop(_Host) ->
reload(_Host, _NewOpts, _OldOpts) ->
ok.

get_sm_features(Acc, _From, _To, <<"">>, _Lang) ->
Features = case Acc of
{result, I} -> I;
_ -> []
end,
{result, [?NS_BLOCK_STRANGERS | Features]};

get_sm_features(Acc, _From, _To, _Node, _Lang) ->
Acc.

-spec filter_packet({stanza(), c2s_state()}) -> {stanza(), c2s_state()} |
{stop, {drop, c2s_state()}}.
filter_packet({#message{from = From} = Msg, State} = Acc) ->
Expand Down
19 changes: 19 additions & 0 deletions src/mod_mam.erl
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@

-export([sm_receive_packet/1, user_receive_packet/1, user_send_packet/1,
user_send_packet_strip_tag/1, process_iq_v0_2/1, process_iq_v0_3/1,
disco_local_features/5,
disco_sm_features/5, remove_user/2, remove_room/3, mod_opt_type/1,
muc_process_iq/2, muc_filter_message/3, message_is_archived/3,
delete_old_messages/2, get_commands_spec/0, msg_to_el/4,
Expand Down Expand Up @@ -147,6 +148,8 @@ start(Host, Opts) ->
muc_filter_message, 50),
ejabberd_hooks:add(muc_process_iq, Host, ?MODULE,
muc_process_iq, 50),
ejabberd_hooks:add(disco_local_features, Host, ?MODULE,
disco_local_features, 50),
ejabberd_hooks:add(disco_sm_features, Host, ?MODULE,
disco_sm_features, 50),
ejabberd_hooks:add(remove_user, Host, ?MODULE,
Expand Down Expand Up @@ -226,6 +229,8 @@ stop(Host) ->
muc_filter_message, 50),
ejabberd_hooks:delete(muc_process_iq, Host, ?MODULE,
muc_process_iq, 50),
ejabberd_hooks:delete(disco_local_features, Host, ?MODULE,
disco_local_features, 50),
ejabberd_hooks:delete(disco_sm_features, Host, ?MODULE,
disco_sm_features, 50),
ejabberd_hooks:delete(remove_user, Host, ?MODULE,
Expand Down Expand Up @@ -612,6 +617,20 @@ parse_query(#mam_query{xdata = #xdata{}} = Query, Lang) ->
parse_query(#mam_query{}, _Lang) ->
{ok, []}.

disco_local_features({error, _Error} = Acc, _From, _To, _Node, _Lang) ->
Acc;
disco_local_features(Acc, _From, _To, <<"">>, _Lang) ->
Features = case Acc of
{result, Fs} -> Fs;
empty -> []
end,
{result, [?NS_MESSAGE_RETRACT | Features]};
disco_local_features(empty, _From, _To, _Node, Lang) ->
Txt = ?T("No features available"),
{error, xmpp:err_item_not_found(Txt, Lang)};
disco_local_features(Acc, _From, _To, _Node, _Lang) ->
Acc.

disco_sm_features(empty, From, To, Node, Lang) ->
disco_sm_features({result, []}, From, To, Node, Lang);
disco_sm_features({result, OtherFeatures},
Expand Down
Loading
Loading