History

Badlop 35d05f2925 Fix specs and other errores detected by Dialyzer		2022-09-06 18:02:28 +02:00
..
conf	Modules that require configuration, provide it commented (#303 )	2021-07-07 21:53:44 +02:00
src	Fix specs and other errores detected by Dialyzer	2022-09-06 18:02:28 +02:00
COPYING	Import mod_deny_omemo	2018-03-19 22:58:32 +01:00
README.md	Convert modules README.txt to markdown syntax	2022-08-12 10:45:09 +02:00
mod_deny_omemo.spec	Import mod_deny_omemo	2018-03-19 22:58:32 +01:00

README.md

mod_deny_omemo - Prevent OMEMO sessions from being established

Author: Holger Weiss holger@zedat.fu-berlin.de

Description

Unless the configured access rule (called omemo by default) returns allow, this module prevents OMEMO sessions from being established. Requests to query the devicelist from other users are rejected. Requests to publish a devicelist are also rejected, and all OMEMO nodes referenced in that devicelist are removed. Incoming devicelist updates are silently dropped. OMEMO-encrypted messages are bounced with an error message.

Configuration

In order to use this module, add configuration snippets such as the following:

access_rules:
  # [...]
  omemo:
    - deny:
      - user: "alice@example.com"
      - user: "bob@example.com"
    - allow # Permit OMEMO except for the JIDs above.

modules:
  # [...]
  mod_deny_omemo: {}

The configurable mod_deny_omemo options are:

access (default: omemo)

This option defines the access rule to control who will be able to establish OMEMO sessions. The default value is omemo. Establishing OMEMO sessions is only permitted if an access rule of that name exists and returns allow.