Mercurial > dropbear
diff blacklist.c @ 247:c07de41b53d7 contrib-blacklist
propagate from branch 'au.asn.ucc.matt.dropbear' (head c9347a030ac9ef5454b7a84f4915e91dc44efd6c)
to branch 'au.asn.ucc.matt.dropbear.contrib.blacklist' (head 8662c7148e4b738e2511a6fce9a4cbd959ecb6b8)
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 06 Sep 2005 04:57:14 +0000 |
| parents | f4cf0415fec1 |
| children |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/blacklist.c Tue Sep 06 04:57:14 2005 +0000 @@ -0,0 +1,55 @@ +#include "includes.h" +#include "options.h" +#include "dbutil.h" + +#define LINE_LENGTH 50 + +int is_blacklisted (char *remote_ip) { + + char sz_tmp[LINE_LENGTH]; + FILE *fp_blacklist = NULL; + + fp_blacklist = fopen(BLACKLISTFILE, "r"); + if (fp_blacklist == NULL) { + /* TODO: this could spew log messages. */ + dropbear_log(LOG_INFO, "Could not open blacklist %s for reading.", BLACKLISTFILE); + } else { + while (fgets(sz_tmp, LINE_LENGTH - 1, fp_blacklist) != NULL) { + if (strlen(sz_tmp) > 0) { + sz_tmp[strlen(sz_tmp)-1] = '\0'; + if (!strcmp(sz_tmp, remote_ip)) { + dropbear_log(LOG_INFO, "IP %s is forbidden!", remote_ip); + fclose (fp_blacklist); + return 1; + } + } + } + fclose (fp_blacklist); + } + return 0; +} + +void blacklist (char *addrstring) +{ + int i; + FILE *fp_blacklist = NULL; + char *remote_ip = NULL; + + remote_ip = m_strdup (addrstring); + i = strlen (remote_ip); + /* This may not be IPv6 safe if addrstring doesn't have a :port suffix */ + while (i--) { + if (remote_ip[i] == ':') { + remote_ip[i] = '\0'; + break; + } + } + dropbear_log (LOG_INFO, "Blacklisting %s", remote_ip); + if ((fp_blacklist = fopen (BLACKLISTFILE, "a")) == NULL) { + dropbear_log (LOG_INFO, "Could not open blacklist %s for appending", BLACKLISTFILE); + } else { + fprintf (fp_blacklist, "%s\n", remote_ip); + fclose (fp_blacklist); + } + m_free (remote_ip); +}