Used the service permission flag "Require white list clearance" in pqissl

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8351 b45a01b8-16f6-495d-af2f-9b41ad6348cc

libretroshare/src/pqi/pqissl.cc

@@ -1314,8 +1314,11 @@ int 	pqissl::Authorise_SSL_Connection()
 	bool certCorrect = true; /* WE know it okay already! */
 
     uint32_t check_result ;
+    uint32_t checking_flags = RSBANLIST_CHECKING_FLAGS_BLACKLIST;
+    if (rsPeers->servicePermissionFlags(PeerId()) & RS_NODE_PERM_REQUIRE_WL)
+        checking_flags |= RSBANLIST_CHECKING_FLAGS_WHITELIST;
 
-    if(!rsBanList->isAddressAccepted(remote_addr,RSBANLIST_CHECKING_FLAGS_BLACKLIST,&check_result))
+    if(!rsBanList->isAddressAccepted(remote_addr,checking_flags,&check_result))
     {
         std::cerr << "(SS) connection attempt from banned IP address. Refusing it. Reason: " << check_result << ". Attack??" << std::endl;
         RsServer::notify()->AddFeedItem(RS_FEED_ITEM_SEC_IP_BLACKLISTED, PeerId().toStdString(), sockaddr_storage_iptostring(remote_addr), "", "", check_result);
@@ -1357,8 +1360,11 @@ int	pqissl::accept(SSL *ssl, int fd, const struct sockaddr_storage &foreign_addr
 int	pqissl::accept_locked(SSL *ssl, int fd, const struct sockaddr_storage &foreign_addr) // initiate incoming connection.
 {
     uint32_t check_result;
+    uint32_t checking_flags = RSBANLIST_CHECKING_FLAGS_BLACKLIST;
+    if (rsPeers->servicePermissionFlags(PeerId()) & RS_NODE_PERM_REQUIRE_WL)
+        checking_flags |= RSBANLIST_CHECKING_FLAGS_WHITELIST;
 
-    if(!rsBanList->isAddressAccepted(foreign_addr,RSBANLIST_CHECKING_FLAGS_BLACKLIST,&check_result))
+    if(!rsBanList->isAddressAccepted(foreign_addr,checking_flags,&check_result))
     {
         std::cerr << "(SS) refusing incoming SSL connection from blacklisted foreign address " << sockaddr_storage_iptostring(foreign_addr)
               << ". Reason: " << check_result << "." << std::endl;