diff --git a/src/freedombone-app-xmpp b/src/freedombone-app-xmpp
index 0e1f3528fa4be235e3324eddb43d4fd442cde895..f5d63dc8094f2215c23da852d9bd319ff9a7591d 100755
--- a/src/freedombone-app-xmpp
+++ b/src/freedombone-app-xmpp
@@ -500,6 +500,7 @@ function upgrade_xmpp {
xmpp_onion_addresses /etc/prosody/prosody.cfg.lua
xmpp_contact_info /etc/prosody/prosody.cfg.lua
xmpp_broadcast /etc/prosody/prosody.cfg.lua
+ xmpp_server_blacklist /etc/prosody/prosody.cfg.lua
if grep -q "/etc/ssl/certs/xmpp.dhparam" /etc/prosody/prosody.cfg.lua; then
cp /etc/ssl/certs/xmpp.dhparam /etc/prosody/xmpp.dhparam
@@ -775,10 +776,10 @@ function xmpp_modules {
echo ' "pep"; -- Personal Eventing Protocol (to support OMEMO)';
echo ' "omemo_all_access"; -- Fix for PEP with OMEMO';
echo ' "vcard"; -- Personal Eventing Protocol (to support OMEMO)';
- echo ' "vcard_muc"; -- Avatars for chat rooms';
echo ' "e2e_policy"; -- To support OMEMO';
echo ' "pep_vcard_avatar"; -- Personal Eventing Protocol (to support OMEMO)';
echo ' "blocklist"; -- Privacy lists';
+ echo ' "s2s_blacklist"; -- Blacklist particular servers';
echo ' "privacy_lists"; -- Privacy lists';
echo ' "blocking"; -- Blocking command';
echo ' "block_strangers"; -- Dont allow messages from strangers';
@@ -850,6 +851,30 @@ function xmpp_broadcast {
fi
}
+function xmpp_server_blacklist {
+ filename="$1"
+
+ blacklisted_domains=
+
+ while read -r blocked; do
+ if [[ "$blocked" == *"."* && "$blocked" != *"@"* ]]; then
+ if [ ${#blocked} -gt 4 ]; then
+ if [ "$blacklisted_domains" ]; then
+ blacklisted_domains="${blacklisted_domains}, \"$blocked\""
+ else
+ blacklisted_domains="\"$blocked\""
+ fi
+ fi
+ fi
+ done <"$FIREWALL_DOMAINS"
+
+ if ! grep -q "s2s_blacklist" "$filename"; then
+ echo "s2s_blacklist = { $blacklisted_domains }" >> "$filename"
+ else
+ sed -i "s|s2s_blacklist =.*|s2s_blacklist = { $blacklisted_domains }|g" "$filename"
+ fi
+}
+
function xmpp_create_config {
echo "admins = { \"$MY_USERNAME@$DEFAULT_DOMAIN_NAME\", \"notification@$DEFAULT_DOMAIN_NAME\" }" > /etc/prosody/prosody.cfg.lua
echo 'plugin_paths = { "/var/lib/prosody/prosody-modules" }' >> /etc/prosody/prosody.cfg.lua
@@ -858,7 +883,8 @@ function xmpp_create_config {
echo '' >> /etc/prosody/prosody.cfg.lua
xmpp_onion_addresses /etc/prosody/prosody.cfg.lua
xmpp_contact_info /etc/prosody/prosody.cfg.lua
- xmpp_broadcast /etc/prosody/prosody.cfg.lua
+ xmpp_broadcast /etc/prosody/prosody.cfg.lua
+ xmpp_server_blacklist /etc/prosody/prosody.cfg.lua
{ echo '';
echo 'allow_registration = false;';
echo '';
@@ -967,6 +993,7 @@ function xmpp_create_config {
echo ' "muc_log";';
echo ' "mam_muc";';
echo ' "vcard_muc";';
+ echo ' "s2s_blacklist";';
echo ' "muc_log_http";';
echo ' }';
echo 'storage = { muc_log = "sql"; }';
diff --git a/src/freedombone-controlpanel b/src/freedombone-controlpanel
index 95295b613001181a89a92deb4f8dc96ed005268c..5f6efcab9ff1e2033fea4a3d3232fb8648451e4f 100755
--- a/src/freedombone-controlpanel
+++ b/src/freedombone-controlpanel
@@ -1665,6 +1665,10 @@ function domain_blocking_add {
if [ ${#blocked_domain} -gt 2 ]; then
if [[ "${blocked_domain}" == *'.'* ]]; then
firewall_block_domain "$blocked_domain"
+ if [ -d /etc/prosody ]; then
+ xmpp_server_blacklist /etc/prosody/prosody.cfg.lua
+ systemctl restart prosody
+ fi
if [[ "${blocked_domain}" != *'@'* ]]; then
dialog --title $"Block a domain" \
--msgbox $"The domain $blocked_domain has been blocked" 6 40
@@ -1714,6 +1718,10 @@ function domain_blocking_remove {
if [ ${#unblocked_domain} -gt 2 ]; then
if [[ "${unblocked_domain}" == *'.'* ]]; then
firewall_unblock_domain "$unblocked_domain"
+ if [ -d /etc/prosody ]; then
+ xmpp_server_blacklist /etc/prosody/prosody.cfg.lua
+ systemctl restart prosody
+ fi
if [[ "${unblocked_domain}" != *'@'* ]]; then
dialog --title $"Unblock a domain" \
--msgbox $"The domain $unblocked_domain has been unblocked" 6 40