[srvx-commits] CVS: services/src sockcheck.c,1.80,1.81

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Update of /cvsroot/srvx/services/src
In directory usw-pr-cvs1:/tmp/cvs-serv9853/src

Modified Files:
	sockcheck.c 
Log Message:
only cache negative (g-line) results for as long as a g-line lasts
(this prevents people from getting re-glined after they remove a trojan)


Index: sockcheck.c
===================================================================
RCS file: /cvsroot/srvx/services/src/sockcheck.c,v
retrieving revision 1.80
retrieving revision 1.81
diff -C2 -r1.80 -r1.81
*** sockcheck.c	23 Oct 2002 12:30:26 -0000	1.80
--- sockcheck.c	31 Oct 2002 03:43:46 -0000	1.81
***************
*** 128,132 ****
      struct sockaddr_in *local_addr;
      int local_addr_len;
!     time_t max_cache_age;
  } sockcheck_conf;
  
--- 128,132 ----
      struct sockaddr_in *local_addr;
      int local_addr_len;
!     int max_cache_age;
  } sockcheck_conf;
  
***************
*** 600,611 ****
  
  static void
! sockcheck_connected(struct io_fd *fd)
  {
      struct sockcheck_client *client = fd->data;
-     int rc, arglen = sizeof(rc);
-     if (getsockopt(fd->fd, SOL_SOCKET, SO_ERROR, &rc, &arglen) < 0) rc = errno;
      switch (rc) {
      default:
!         log(PC_LOG, LOG_ERROR, "BUG: getsockopt(SO_ERROR) returned error %d (%s) for client at %s\n", rc, strerror(rc), client->addr->hostname);
      case EHOSTUNREACH:
      case ECONNREFUSED:
--- 600,609 ----
  
  static void
! sockcheck_connected(struct io_fd *fd, int rc)
  {
      struct sockcheck_client *client = fd->data;
      switch (rc) {
      default:
!         log(PC_LOG, LOG_ERROR, "BUG: connect() got error %d (%s) for client at %s\n", rc, strerror(rc), client->addr->hostname);
      case EHOSTUNREACH:
      case ECONNREFUSED:
***************
*** 688,692 ****
      sci = dict_find(checked_ip_dict, buff, NULL);
      if (sci) {
!         if ((sci->last_touched + sockcheck_conf.max_cache_age) >= now) {
              if (sci->decision == REJECT) sockcheck_issue_gline(sci);
              return;
--- 686,691 ----
      sci = dict_find(checked_ip_dict, buff, NULL);
      if (sci) {
!         int max_age = (sci->decision == REJECT) ? sockcheck_conf.gline_duration : sockcheck_conf.max_cache_age;
!         if ((sci->last_touched + max_age) >= now) {
              if (sci->decision == REJECT) sockcheck_issue_gline(sci);
              return;
***************
*** 929,932 ****
--- 928,932 ----
      sockcheck_cache_info sci;
      unsigned int nn;
+     int max_age;
  
      (void)data;
***************
*** 954,958 ****
          next = iter_next(it);
          sci = iter_data(it);
!         if (((sci->last_touched + sockcheck_conf.max_cache_age) < now)
              && !dict_find(curr_clients, sci->hostname, NULL)) {
              if (SOCKCHECK_DEBUG) {
--- 954,959 ----
          next = iter_next(it);
          sci = iter_data(it);
!         max_age = (sci->decision == REJECT) ? sockcheck_conf.gline_duration : sockcheck_conf.max_cache_age;
!         if (((sci->last_touched + max_age) < now)
              && !dict_find(curr_clients, sci->hostname, NULL)) {
              if (SOCKCHECK_DEBUG) {