Fixed bugs in the blacklist logic.

author plugd <plugd@thelambdalab.xyz>

Thu, 10 Feb 2022 11:38:09 +0000 (12:38 +0100)

committer plugd <plugd@thelambdalab.xyz>

Thu, 10 Feb 2022 11:38:09 +0000 (12:38 +0100)
author plugd <plugd@thelambdalab.xyz>
Thu, 10 Feb 2022 11:38:09 +0000 (12:38 +0100)
committer plugd <plugd@thelambdalab.xyz>
Thu, 10 Feb 2022 11:38:09 +0000 (12:38 +0100)
diff --git a/rags.scm b/rags.scm

index f5da596..febfd82 100644 (file)
--- a/rags.scm
+++ b/rags.scm
@@ -194,7 +194,14 @@
           "Port: '" (config-port config) "'\n"
           "Root directory: '" (config-root-dir config) "'\n"
           "Cert file: '" (config-certfile config) "'\n"
           "Port: '" (config-port config) "'\n"
           "Root directory: '" (config-root-dir config) "'\n"
           "Cert file: '" (config-certfile config) "'\n"
-         "Key file: '" (config-keyfile config) "'\n")
+         "Key file: '" (config-keyfile config) "'")
+
+  (if (config-blacklist config)
+      (print "Blacklist file: '" (config-blacklist config) "'"))
+  (if (config-blacklist-resp config)
+      (print "Blacklist responce file: '" (config-blacklist-resp config) "'"))
+
+  (print)
  
    (print* "Dropping privilages ... ")
    (drop-privs config)
  
    (print* "Dropping privilages ... ")
    (drop-privs config)
@@ -235,26 +242,29 @@
        (print "Accepted connection from " remote-ip
               " on " (seconds->string))
        (condition-case
        (print "Accepted connection from " remote-ip
               " on " (seconds->string))
        (condition-case
-          (if (or (config-blacklist config)
-                  (not (member remote-ip
-                               (with-input-from-file
-                                   (config-blacklist config)))))
-              (let ((request-line (read-line in-port)))
-                (print* "Serving request '" request-line "' ... ")
-                (with-output-to-port out-port
-                  (lambda ()
-                    (process-request config request-line)))
-                (print "done."))
+          (if (and (config-blacklist config)
+                   (member remote-ip
+                           (with-input-from-file
+                               (config-blacklist config)
+                             read)))
                (begin
                  (print "Connection from blacklisted IP. Closing.")
                  (with-output-to-port out-port
                    (lambda ()
                (begin
                  (print "Connection from blacklisted IP. Closing.")
                  (with-output-to-port out-port
                    (lambda ()
-                    (print* "Refusing to serve to IP " remote-ip ".\n")
+                    (serve-document-header (ext->mime "txt"))
+                    (print "Refusing to serve to IP " remote-ip ".\n")
                      (when (config-blacklist-resp config)
                      (when (config-blacklist-resp config)
+                      (print)
                        (for-each print
                                  (with-input-from-file
                                      (config-blacklist-resp config)
                        (for-each print
                                  (with-input-from-file
                                      (config-blacklist-resp config)
-                                  read-lines)))))))
+                                  read-lines))))))
+              (let ((request-line (read-line in-port)))
+                (print* "Serving request '" request-line "' ... ")
+                (with-output-to-port out-port
+                  (lambda ()
+                    (process-request config request-line)))
+                (print "done.")))
          (o (exn)
             (print-error-message o))))
      (close-input-port in-port)
          (o (exn)
             (print-error-message o))))
      (close-input-port in-port)
@@ -267,7 +277,12 @@
      (print "Usage:\n"
             progname " [-h/--help]\n"
             progname " [-p/--port PORT] [-u/--user UID] [-g/--group GID]\n"
      (print "Usage:\n"
             progname " [-h/--help]\n"
             progname " [-p/--port PORT] [-u/--user UID] [-g/--group GID]\n"
-           indent-str " server-root-dir hostname certfile keyfile")))
+           indent-str " [-b/--blacklist FILE] [-r/--blacklist-resp RESPFILE]\n"
+           indent-str " server-root-dir hostname certfile keyfile\n"
+           "\n"
+           "The -b option can be used to specify a FILE containing a list of IP addresses\n"
+           "to block from the server. If a connection from a blocked address is served,\n"
+           "the response file RESPFILE is served instead, if this is provided.")))
  
  (define (main)
    (let* ((progname (pathname-file (car (argv))))
  
  (define (main)
    (let* ((progname (pathname-file (car (argv))))
author	plugd <plugd@thelambdalab.xyz>
	Thu, 10 Feb 2022 11:38:09 +0000 (12:38 +0100)
committer	plugd <plugd@thelambdalab.xyz>
	Thu, 10 Feb 2022 11:38:09 +0000 (12:38 +0100)