summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2008-05-12 19:37:50 +0000
committerbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2008-05-12 19:37:50 +0000
commit8f7f74cf0f297e2b8476fc4c670515f8940580ea (patch)
tree92a9b54973c46a2689a5bf69664a33c61404a24a
parentb3bcd98242b8764f52bcde3259d7bc0ef72f61e3 (diff)
Add support for blacklists and whitelists, just http password auth to go (the most complex part)
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@9711 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r--src/modules/m_httpd_acl.cpp47
1 files changed, 36 insertions, 11 deletions
diff --git a/src/modules/m_httpd_acl.cpp b/src/modules/m_httpd_acl.cpp
index 18270507c..903e83f26 100644
--- a/src/modules/m_httpd_acl.cpp
+++ b/src/modules/m_httpd_acl.cpp
@@ -91,6 +91,15 @@ class ModuleHTTPAccessList : public Module
ServerInstance->Modules->Attach(eventlist, this, 2);
}
+ void BlockAccess(HTTPRequest* http, Event* event)
+ {
+ std::stringstream data("Access to this resource is denied by an access control list. Please contact your IRC administrator.");
+ HTTPDocument response(http->sock, &data, 403);
+ response.headers.SetHeader("X-Powered-By", "m_httpd_acl.so");
+ Request req((char*)&response, (Module*)this, event->GetSource());
+ req.Send();
+ }
+
void OnEvent(Event* event)
{
std::stringstream data("");
@@ -107,27 +116,43 @@ class ModuleHTTPAccessList : public Module
if (!this_acl->blacklist.empty())
{
/* Blacklist */
+ irc::commasepstream sep(this_acl->blacklist);
+ std::string entry;
+
+ while (sep.GetToken(entry))
+ {
+ if (match(http->GetIP(), entry))
+ {
+ BlockAccess(http, event);
+ return;
+ }
+ }
}
if (!this_acl->whitelist.empty())
{
/* Whitelist */
+ irc::commasepstream sep(this_acl->whitelist);
+ std::string entry;
+ bool allow_access = false;
+
+ while (sep.GetToken(entry))
+ {
+ if (match(http->GetIP(), entry))
+ allow_access = true;
+ }
+
+ if (!allow_access)
+ {
+ BlockAccess(http, event);
+ return;
+ }
}
if (!this_acl->password.empty())
{
- /* Password auth */
+ /* Password auth, first look to see if we have a basic authentication header */
}
}
}
-
- //if ((http->GetURI() == "/stats") || (http->GetURI() == "/stats/"))
- //{
- /* Send the document back to m_httpd */
- // HTTPDocument response(http->sock, &data, 200);
- // response.headers.SetHeader("X-Powered-By", "m_httpd_stats.so");
- // response.headers.SetHeader("Content-Type", "text/xml");
- // Request req((char*)&response, (Module*)this, event->GetSource());
- // req.Send();
- //}
}
}