diff options
author | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2008-05-12 19:37:50 +0000 |
---|---|---|
committer | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2008-05-12 19:37:50 +0000 |
commit | 8f7f74cf0f297e2b8476fc4c670515f8940580ea (patch) | |
tree | 92a9b54973c46a2689a5bf69664a33c61404a24a | |
parent | b3bcd98242b8764f52bcde3259d7bc0ef72f61e3 (diff) |
Add support for blacklists and whitelists, just http password auth to go (the most complex part)
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@9711 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r-- | src/modules/m_httpd_acl.cpp | 47 |
1 files changed, 36 insertions, 11 deletions
diff --git a/src/modules/m_httpd_acl.cpp b/src/modules/m_httpd_acl.cpp index 18270507c..903e83f26 100644 --- a/src/modules/m_httpd_acl.cpp +++ b/src/modules/m_httpd_acl.cpp @@ -91,6 +91,15 @@ class ModuleHTTPAccessList : public Module ServerInstance->Modules->Attach(eventlist, this, 2); } + void BlockAccess(HTTPRequest* http, Event* event) + { + std::stringstream data("Access to this resource is denied by an access control list. Please contact your IRC administrator."); + HTTPDocument response(http->sock, &data, 403); + response.headers.SetHeader("X-Powered-By", "m_httpd_acl.so"); + Request req((char*)&response, (Module*)this, event->GetSource()); + req.Send(); + } + void OnEvent(Event* event) { std::stringstream data(""); @@ -107,27 +116,43 @@ class ModuleHTTPAccessList : public Module if (!this_acl->blacklist.empty()) { /* Blacklist */ + irc::commasepstream sep(this_acl->blacklist); + std::string entry; + + while (sep.GetToken(entry)) + { + if (match(http->GetIP(), entry)) + { + BlockAccess(http, event); + return; + } + } } if (!this_acl->whitelist.empty()) { /* Whitelist */ + irc::commasepstream sep(this_acl->whitelist); + std::string entry; + bool allow_access = false; + + while (sep.GetToken(entry)) + { + if (match(http->GetIP(), entry)) + allow_access = true; + } + + if (!allow_access) + { + BlockAccess(http, event); + return; + } } if (!this_acl->password.empty()) { - /* Password auth */ + /* Password auth, first look to see if we have a basic authentication header */ } } } - - //if ((http->GetURI() == "/stats") || (http->GetURI() == "/stats/")) - //{ - /* Send the document back to m_httpd */ - // HTTPDocument response(http->sock, &data, 200); - // response.headers.SetHeader("X-Powered-By", "m_httpd_stats.so"); - // response.headers.SetHeader("Content-Type", "text/xml"); - // Request req((char*)&response, (Module*)this, event->GetSource()); - // req.Send(); - //} } } |