Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-10-01 02:35:48 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

added early discarding of incoming connection attempt (before SSL handshake) for blacklisted IPs

Browse Source
This commit is contained in:
Cyril Soler 2016-06-02 09:36:50 -04:00
parent 617a863f12
commit 2f4f44ee48
1 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
libretroshare/src/pqi/pqissllistener.cc
View File

@ -35,6 +35,7 @@
#include "util/rsdebug.h"
#include "util/rsstring.h"
#include "retroshare/rsbanlist.h"
#include <unistd.h>
const int pqissllistenzone = 49787;
@ -373,12 +374,17 @@ int pqissllistenbase::acceptconnection()
#endif
/********************************** WINDOWS/UNIX SPECIFIC PART ******************/
{
std::string out;
out += "Accepted Connection from ";
out += sockaddr_storage_tostring(remote_addr);
pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, out);
}
if(rsBanList != NULL && !rsBanList->isAddressAccepted(remote_addr, RSBANLIST_CHECKING_FLAGS_BLACKLIST))
{
std::cerr << "(II) pqissllistenner::acceptConnection(): early denying connection attempt from blacklisted IP " << sockaddr_storage_iptostring(remote_addr) << std::endl;
return false ;
}
{
std::string out;
out += "Accepted Connection from ";
out += sockaddr_storage_tostring(remote_addr);
pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, out);
}
// Negotiate certificates. SSL stylee.
// Allow negotiations for secure transaction.