From: <no...@so...> - 2007-12-16 18:32:43
|
Update of /cvsroot/ijbswa/current In directory sc8-pr-cvs2.sourceforge.net:/tmp/cvs-serv18824 Modified Files: jcc.c Log Message: Prevent the log messages for CONNECT requests to unacceptable ports from printing the limit-connect argument as [null] if limit-connect hasn't been explicitly enabled. Index: jcc.c =================================================================== RCS file: /cvsroot/ijbswa/current/jcc.c,v retrieving revision 1.163 retrieving revision 1.164 diff -u -d -r1.163 -r1.164 --- jcc.c 13 Dec 2007 01:47:11 -0000 1.163 +++ jcc.c 16 Dec 2007 18:32:46 -0000 1.164 @@ -33,6 +33,11 @@ * * Revisions : * $Log$ + * Revision 1.164 2007/12/16 18:32:46 fabiankeil + * Prevent the log messages for CONNECT requests to unacceptable + * ports from printing the limit-connect argument as [null] if + * limit-connect hasn't been explicitly enabled. + * * Revision 1.163 2007/12/13 01:47:11 david__schmidt * Make sure all console-mode apps get a usage() instance * @@ -2184,6 +2189,10 @@ || (csp->action->flags & ACTION_LIMIT_CONNECT && !match_portlist(csp->action->string[ACTION_STRING_LIMIT_CONNECT], csp->http->port)) ) { + const char *acceptable_connect_ports = + csp->action->string[ACTION_STRING_LIMIT_CONNECT] ? + csp->action->string[ACTION_STRING_LIMIT_CONNECT] : + "443 (implied default)"; if (csp->action->flags & ACTION_TREAT_FORBIDDEN_CONNECTS_LIKE_BLOCKS) { /* @@ -2195,8 +2204,7 @@ */ log_error(LOG_LEVEL_INFO, "Request from %s marked for blocking. " "limit-connect{%s} doesn't allow CONNECT requests to port %d.", - csp->ip_addr_str, csp->action->string[ACTION_STRING_LIMIT_CONNECT], - csp->http->port); + csp->ip_addr_str, acceptable_connect_ports, csp->http->port); csp->action->flags |= ACTION_BLOCK; http->ssl = 0; } @@ -2205,8 +2213,7 @@ write_socket(csp->cfd, CFORBIDDEN, strlen(CFORBIDDEN)); log_error(LOG_LEVEL_INFO, "Request from %s denied. " "limit-connect{%s} doesn't allow CONNECT requests to port %d.", - csp->ip_addr_str, csp->action->string[ACTION_STRING_LIMIT_CONNECT], - csp->http->port); + csp->ip_addr_str, acceptable_connect_ports, csp->http->port); assert(NULL != csp->http->ocmd); log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 403 0", csp->ip_addr_str, csp->http->ocmd); |