mod_pubsub_serverinfo should check before publishing domains

[guusdk]

mod_pubsub_serverinfo implements XEP-0485: PubSub Server Information. The mod publishes the names of domains with which it federates.

The XEP contains this privacy consideration:

When multiple domains publish their connections to named remote domains, an information leak occurs: by collecting these public statistics, behavioral data of those remote domains can be deduced. To prevent undesired privacy-sensitive information leaks, a domain MUST NOT publish the name of a remote domain, unless that domain advertises support for this XEP (...)

The implementation of mod_pubsub_serverinfo does not perform this check: it always publish the name of a the remote domains.

A modification should be made so that the name attribute of a remote-domain element is added only after support the XEP has been detected. Support can be detected by performing a disco/info query to the remote domain, and check for the presence of the feature urn:xmpp:serverinfo:0 (as specified here)

[prefiks]

This should be fixed by a3265f5

[guusdk]

Hi @prefiks - apologies for the late response. It took me a while to test this. I believe that this change is over-doing it. The pub/sub data published by this version of the module now excludes domains that do not support the feature completely. That's undesired. Instead, we'd like to still have remote-domain elements for every connection, but those elements should only have a name attribute when the remote supports our protocol.

With your changes, this is logged on a server that has many server-to-server connections (note that it shows only one connection, to a remote domain that supports the feature):

<message to="xmppnetwork.goodbytes.im/networkinfocrawler" from="pubsub.example.org" type="headline">
    <event xmlns="http://jabber.org/protocol/pubsub#event">
        <items node="serverinfo">
            <item id="current">
                <serverinfo xmlns="urn:xmpp:serverinfo:0">
                    <domain name="example.org">
                        <federation>
                            <remote-domain name="igniterealtime.org">
                                <connection type="incoming"/>
                            </remote-domain>
                        </federation>
                    </domain>
                </serverinfo>
            </item>
        </items>
    </event>
</message>

Instead, we expect to see something like this (manually crafted example, excuse any error):

<message to="xmppnetwork.goodbytes.im/networkinfocrawler" from="pubsub.example.org" type="headline">
    <event xmlns="http://jabber.org/protocol/pubsub#event">
        <items node="serverinfo">
            <item id="current">
                <serverinfo xmlns="urn:xmpp:serverinfo:0">
                    <domain name="example.org">
                        <federation>
                            <remote-domain name="igniterealtime.org">
                                <connection type="incoming"/>
                            </remote-domain>
                            <remote-domain>
                                <connection type="incoming"/>
                            </remote-domain>
                            <remote-domain>
                                <connection type="incoming"/>
                            </remote-domain>
                            <remote-domain>
                                <connection type="incoming"/>
                            </remote-domain>
                            <remote-domain>
                                <connection type="incoming"/>
                            </remote-domain>
                            <remote-domain>
                                <connection type="incoming"/>
                            </remote-domain>
                        </federation>
                    </domain>
                </serverinfo>
            </item>
        </items>
    </event>
</message>