Mercurial > dropbear

comparison blacklist.c @ 246:f4cf0415fec1 contrib-blacklist

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
- blacklisting patch from Michael Deiters
author Matt Johnston <matt@ucc.asn.au>
date Tue, 06 Sep 2005 04:52:46 +0000
parents
children
comparison
equal deleted inserted replaced
224:1dbd2473482f 246:f4cf0415fec1
1 #include "includes.h"
2 #include "options.h"
3 #include "dbutil.h"
4
5 #define LINE_LENGTH 50
6
7 int is_blacklisted (char *remote_ip) {
8
9 char sz_tmp[LINE_LENGTH];
10 FILE *fp_blacklist = NULL;
11
12 fp_blacklist = fopen(BLACKLISTFILE, "r");
13 if (fp_blacklist == NULL) {
14 /* TODO: this could spew log messages. */
15 dropbear_log(LOG_INFO, "Could not open blacklist %s for reading.", BLACKLISTFILE);
16 } else {
17 while (fgets(sz_tmp, LINE_LENGTH - 1, fp_blacklist) != NULL) {
18 if (strlen(sz_tmp) > 0) {
19 sz_tmp[strlen(sz_tmp)-1] = '\0';
20 if (!strcmp(sz_tmp, remote_ip)) {
21 dropbear_log(LOG_INFO, "IP %s is forbidden!", remote_ip);
22 fclose (fp_blacklist);
23 return 1;
24 }
25 }
26 }
27 fclose (fp_blacklist);
28 }
29 return 0;
30 }
31
32 void blacklist (char *addrstring)
33 {
34 int i;
35 FILE *fp_blacklist = NULL;
36 char *remote_ip = NULL;
37
38 remote_ip = m_strdup (addrstring);
39 i = strlen (remote_ip);
40 /* This may not be IPv6 safe if addrstring doesn't have a :port suffix */
41 while (i--) {
42 if (remote_ip[i] == ':') {
43 remote_ip[i] = '\0';
44 break;
45 }
46 }
47 dropbear_log (LOG_INFO, "Blacklisting %s", remote_ip);
48 if ((fp_blacklist = fopen (BLACKLISTFILE, "a")) == NULL) {
49 dropbear_log (LOG_INFO, "Could not open blacklist %s for appending", BLACKLISTFILE);
50 } else {
51 fprintf (fp_blacklist, "%s\n", remote_ip);
52 fclose (fp_blacklist);
53 }
54 m_free (remote_ip);
55 }