Mercurial > dropbear

view blacklist.c @ 246:f4cf0415fec1 contrib-blacklist

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
- blacklisting patch from Michael Deiters
author Matt Johnston <matt@ucc.asn.au>
date Tue, 06 Sep 2005 04:52:46 +0000
parents
children
line wrap: on
line source

#include "includes.h"
#include "options.h"
#include "dbutil.h"

#define LINE_LENGTH 50

int is_blacklisted (char *remote_ip) {

	char sz_tmp[LINE_LENGTH];
	FILE *fp_blacklist = NULL;

	fp_blacklist = fopen(BLACKLISTFILE, "r");
	if (fp_blacklist == NULL) {
		/* TODO: this could spew log messages. */
		dropbear_log(LOG_INFO, "Could not open blacklist %s for reading.", BLACKLISTFILE);
	} else {
		while (fgets(sz_tmp, LINE_LENGTH - 1, fp_blacklist) != NULL) {
			if (strlen(sz_tmp) > 0) {
				sz_tmp[strlen(sz_tmp)-1] = '\0';
				if (!strcmp(sz_tmp, remote_ip)) {
					dropbear_log(LOG_INFO, "IP %s is forbidden!", remote_ip);
					fclose (fp_blacklist);
					return 1;
				}
			}
		}
		fclose (fp_blacklist);
	}
	return 0;
}

void blacklist (char *addrstring)
{
        int     i;
        FILE    *fp_blacklist = NULL;
        char    *remote_ip = NULL;

        remote_ip = m_strdup (addrstring);
        i = strlen (remote_ip);
		/* This may not be IPv6 safe if addrstring doesn't have a :port suffix */
        while (i--) {
                if (remote_ip[i] == ':') {
                        remote_ip[i] = '\0';
                        break;
                }
        }
        dropbear_log (LOG_INFO, "Blacklisting %s", remote_ip);
        if ((fp_blacklist = fopen (BLACKLISTFILE, "a")) == NULL) {
                dropbear_log (LOG_INFO, "Could not open blacklist %s for appending", BLACKLISTFILE);
        } else {
                fprintf (fp_blacklist, "%s\n", remote_ip);
                fclose (fp_blacklist);
        }
        m_free (remote_ip);
}