[srvx-commits] CVS: services/src sockcheck.c,1.80,1.81
Brought to you by:
entrope
From: Entrope <en...@us...> - 2002-10-31 03:43:49
|
Update of /cvsroot/srvx/services/src In directory usw-pr-cvs1:/tmp/cvs-serv9853/src Modified Files: sockcheck.c Log Message: only cache negative (g-line) results for as long as a g-line lasts (this prevents people from getting re-glined after they remove a trojan) Index: sockcheck.c =================================================================== RCS file: /cvsroot/srvx/services/src/sockcheck.c,v retrieving revision 1.80 retrieving revision 1.81 diff -C2 -r1.80 -r1.81 *** sockcheck.c 23 Oct 2002 12:30:26 -0000 1.80 --- sockcheck.c 31 Oct 2002 03:43:46 -0000 1.81 *************** *** 128,132 **** struct sockaddr_in *local_addr; int local_addr_len; ! time_t max_cache_age; } sockcheck_conf; --- 128,132 ---- struct sockaddr_in *local_addr; int local_addr_len; ! int max_cache_age; } sockcheck_conf; *************** *** 600,611 **** static void ! sockcheck_connected(struct io_fd *fd) { struct sockcheck_client *client = fd->data; - int rc, arglen = sizeof(rc); - if (getsockopt(fd->fd, SOL_SOCKET, SO_ERROR, &rc, &arglen) < 0) rc = errno; switch (rc) { default: ! log(PC_LOG, LOG_ERROR, "BUG: getsockopt(SO_ERROR) returned error %d (%s) for client at %s\n", rc, strerror(rc), client->addr->hostname); case EHOSTUNREACH: case ECONNREFUSED: --- 600,609 ---- static void ! sockcheck_connected(struct io_fd *fd, int rc) { struct sockcheck_client *client = fd->data; switch (rc) { default: ! log(PC_LOG, LOG_ERROR, "BUG: connect() got error %d (%s) for client at %s\n", rc, strerror(rc), client->addr->hostname); case EHOSTUNREACH: case ECONNREFUSED: *************** *** 688,692 **** sci = dict_find(checked_ip_dict, buff, NULL); if (sci) { ! if ((sci->last_touched + sockcheck_conf.max_cache_age) >= now) { if (sci->decision == REJECT) sockcheck_issue_gline(sci); return; --- 686,691 ---- sci = dict_find(checked_ip_dict, buff, NULL); if (sci) { ! int max_age = (sci->decision == REJECT) ? sockcheck_conf.gline_duration : sockcheck_conf.max_cache_age; ! if ((sci->last_touched + max_age) >= now) { if (sci->decision == REJECT) sockcheck_issue_gline(sci); return; *************** *** 929,932 **** --- 928,932 ---- sockcheck_cache_info sci; unsigned int nn; + int max_age; (void)data; *************** *** 954,958 **** next = iter_next(it); sci = iter_data(it); ! if (((sci->last_touched + sockcheck_conf.max_cache_age) < now) && !dict_find(curr_clients, sci->hostname, NULL)) { if (SOCKCHECK_DEBUG) { --- 954,959 ---- next = iter_next(it); sci = iter_data(it); ! max_age = (sci->decision == REJECT) ? sockcheck_conf.gline_duration : sockcheck_conf.max_cache_age; ! if (((sci->last_touched + max_age) < now) && !dict_find(curr_clients, sci->hostname, NULL)) { if (SOCKCHECK_DEBUG) { |