matty/peertube-plugin-livechat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

New setting to listen C2S connection on non-localhost interfaces (#377).

Browse Source
This commit is contained in:
John Livingston 2024-05-27 16:32:40 +02:00
parent 345ec0ba56
commit 5a14e3f755
No known key found for this signature in database
GPG Key ID: B17B5640CE66CDBC
7 changed files with 50 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGELOG.md
View File

@ -6,6 +6,12 @@ SPDX-License-Identifier: AGPL-3.0-only
# Changelog # Changelog
## ??? (Not Released Yet)
### New features
* #377: new setting to listen C2S connection on non-localhost interfaces.
## 10.0.2 ## 10.0.2
### Minor changes and fixes ### Minor changes and fixes

1
client/admin-plugin-client-plugin.ts
View File

@ -254,6 +254,7 @@ function register (clientOptions: RegisterClientOptions): void {
const name = options.setting.name const name = options.setting.name
switch (name) { switch (name) {
case 'prosody-c2s-port': case 'prosody-c2s-port':
case 'prosody-c2s-interfaces':
return options.formValues['prosody-c2s'] !== true return options.formValues['prosody-c2s'] !== true
case 'prosody-s2s-port': case 'prosody-s2s-port':
case 'prosody-s2s-interfaces': case 'prosody-s2s-interfaces':

15
languages/en.yml
View File

@ -301,6 +301,21 @@ prosody_c2s_port_description: |
You can keep this port closed on your firewall for now, it will not be accessed from the outer world.<br> You can keep this port closed on your firewall for now, it will not be accessed from the outer world.<br>
Note: this might change in a near future, as it is planned to add a feature to activate external connections. Note: this might change in a near future, as it is planned to add a feature to activate external connections.
prosody_c2s_interfaces_label: "Client to server network interfaces"
prosody_c2s_interfaces_description: |
The network interfaces to listen on for client to server connections.<br>
This settings is provided for advanced users. Don't change this settings if you don't fully understand what it means.<br>
List of IP to listen on, coma separated (spaces will be stripped).<br>
You can use «*» to listen on all IPv4 interfaces, and «::» for all IPv6.<br>
Examples:
<ul>
<li>*, ::</li>
<li>*</li>
<li>127.0.0.1, ::1</li>
<li>127.0.0.1, ::1, 172.18.0.42</li>
</ul>
prosody_components_label: "Enable custom Prosody external components" prosody_components_label: "Enable custom Prosody external components"
prosody_components_description: | prosody_components_description: |
Enable the use of external XMPP components.<br> Enable the use of external XMPP components.<br>

14
server/lib/prosody/config.ts
View File

@ -161,6 +161,7 @@ async function getProsodyConfig (options: RegisterServerOptionsV5): Promise<Pros
'prosody-muc-expiration', 'prosody-muc-expiration',
'prosody-c2s', 'prosody-c2s',
'prosody-c2s-port', 'prosody-c2s-port',
'prosody-c2s-interfaces',
'prosody-room-allow-s2s', 'prosody-room-allow-s2s',
'prosody-s2s-port', 'prosody-s2s-port',
'prosody-s2s-interfaces', 'prosody-s2s-interfaces',
@ -278,7 +279,18 @@ async function getProsodyConfig (options: RegisterServerOptionsV5): Promise<Pros
if (!/^\d+$/.test(c2sPort)) { if (!/^\d+$/.test(c2sPort)) {
throw new Error('Invalid c2s port') throw new Error('Invalid c2s port')
} }
config.useC2S(c2sPort) const c2sInterfaces = ((settings['prosody-c2s-interfaces'] as string) || '127.0.0.1, ::1')
.split(',')
.map(s => s.trim())
// Check that there is no invalid values (to avoid injections):
c2sInterfaces.forEach(networkInterface => {
if (networkInterface === '*') return
if (networkInterface === '::') return
if (networkInterface.match(/^\d+\.\d+\.\d+\.\d+$/)) return
if (networkInterface.match(/^[a-f0-9:]+$/)) return
throw new Error('Invalid c2s interfaces')
})
config.useC2S(c2sPort, c2sInterfaces)
} }
if (enableComponents) { if (enableComponents) {

3
server/lib/prosody/config/content.ts
View File

@ -337,8 +337,9 @@ class ProsodyConfigContent {
} }
} }
useC2S (c2sPort: string): void { useC2S (c2sPort: string, c2sInterfaces: string[]): void {
this.global.set('c2s_ports', [c2sPort]) this.global.set('c2s_ports', [c2sPort])
this.global.set('c2s_interfaces', c2sInterfaces)
} }
useS2S ( useS2S (

9
server/lib/settings.ts
View File

@ -632,6 +632,15 @@ function initChatServerAdvancedSettings ({ registerSetting }: RegisterServerOpti
descriptionHTML: loc('prosody_c2s_port_description') descriptionHTML: loc('prosody_c2s_port_description')
}) })
registerSetting({
name: 'prosody-c2s-interfaces',
label: loc('prosody_c2s_interfaces_label'),
type: 'input',
default: '127.0.0.1, ::1',
private: true,
descriptionHTML: loc('prosody_c2s_interfaces_description')
})
registerSetting({ registerSetting({
name: 'prosody-components', name: 'prosody-components',
label: loc('prosody_components_label'), label: loc('prosody_components_label'),

4
support/documentation/content/en/documentation/admin/settings.md
View File

@ -209,6 +209,10 @@ As example, this option can allow an instance of Matterbridge (once it could use
{{% livechat_label prosody_c2s_port_description %}} {{% livechat_label prosody_c2s_port_description %}}
### {{% livechat_label prosody_c2s_interfaces_label %}}
{{% livechat_label prosody_c2s_interfaces_description %}}
### {{% livechat_label prosody_components_label %}} ### {{% livechat_label prosody_components_label %}}
This settings enable XMPP external components to connect to the server. This settings enable XMPP external components to connect to the server.