Mercurial > dropbear
annotate blacklist.c @ 246:f4cf0415fec1 contrib-blacklist
- blacklisting patch from Michael Deiters
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 06 Sep 2005 04:52:46 +0000 |
parents | |
children |
rev | line source |
---|---|
246
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 #include "includes.h" |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 #include "options.h" |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 #include "dbutil.h" |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 #define LINE_LENGTH 50 |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 int is_blacklisted (char *remote_ip) { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 char sz_tmp[LINE_LENGTH]; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 FILE *fp_blacklist = NULL; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 fp_blacklist = fopen(BLACKLISTFILE, "r"); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 if (fp_blacklist == NULL) { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 /* TODO: this could spew log messages. */ |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 dropbear_log(LOG_INFO, "Could not open blacklist %s for reading.", BLACKLISTFILE); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 } else { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 while (fgets(sz_tmp, LINE_LENGTH - 1, fp_blacklist) != NULL) { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 if (strlen(sz_tmp) > 0) { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 sz_tmp[strlen(sz_tmp)-1] = '\0'; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 if (!strcmp(sz_tmp, remote_ip)) { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 dropbear_log(LOG_INFO, "IP %s is forbidden!", remote_ip); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 fclose (fp_blacklist); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 return 1; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 } |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 } |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 } |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 fclose (fp_blacklist); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 } |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 return 0; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 } |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
31 |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 void blacklist (char *addrstring) |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
33 { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 int i; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 FILE *fp_blacklist = NULL; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 char *remote_ip = NULL; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
37 |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
38 remote_ip = m_strdup (addrstring); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 i = strlen (remote_ip); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 /* This may not be IPv6 safe if addrstring doesn't have a :port suffix */ |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 while (i--) { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
42 if (remote_ip[i] == ':') { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 remote_ip[i] = '\0'; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 break; |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 } |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 } |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
47 dropbear_log (LOG_INFO, "Blacklisting %s", remote_ip); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
48 if ((fp_blacklist = fopen (BLACKLISTFILE, "a")) == NULL) { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 dropbear_log (LOG_INFO, "Could not open blacklist %s for appending", BLACKLISTFILE); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
50 } else { |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 fprintf (fp_blacklist, "%s\n", remote_ip); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
52 fclose (fp_blacklist); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
53 } |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
54 m_free (remote_ip); |
f4cf0415fec1
- blacklisting patch from Michael Deiters
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
55 } |