aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeff Garzik <jgarzik@exmulti.com>2011-07-01 16:34:49 -0700
committerJeff Garzik <jgarzik@exmulti.com>2011-07-01 16:34:49 -0700
commitc4286dc6eeea90c9ddb509a2019423d032cbad38 (patch)
treee080c453cad7661172408e209656037302dbf4d1
parentb73ab2d885011a3a9434de59c27eaf9cce7a4dc5 (diff)
parente913574e027d7d75783b9ffc56375b2edc0418f3 (diff)
Merge pull request #343 from muggenhor/proper-http-server-rejection
rpc server: send '403 Forbidden' to rejected clients
Diffstat
-rw-r--r--src/rpc.cpp8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/rpc.cpp b/src/rpc.cpp
index dabd99d075..780209920e 100644
--- a/src/rpc.cpp
+++ b/src/rpc.cpp
@@ -1532,7 +1532,7 @@ string rfc1123Time()
return string(buffer);
}
-string HTTPReply(int nStatus, const string& strMsg)
+static string HTTPReply(int nStatus, const string& strMsg)
{
if (nStatus == 401)
return strprintf("HTTP/1.0 401 Authorization Required\r\n"
@@ -1554,6 +1554,7 @@ string HTTPReply(int nStatus, const string& strMsg)
string strStatus;
if (nStatus == 200) strStatus = "OK";
else if (nStatus == 400) strStatus = "Bad Request";
+ else if (nStatus == 403) strStatus = "Forbidden";
else if (nStatus == 404) strStatus = "Not Found";
else if (nStatus == 500) strStatus = "Internal Server Error";
return strprintf(
@@ -1887,7 +1888,12 @@ void ThreadRPCServer2(void* parg)
// Restrict callers by IP
if (!ClientAllowed(peer.address().to_string()))
+ {
+ // Only send a 403 if we're not using SSL to prevent a DoS during the SSL handshake.
+ if (!fUseSSL)
+ stream << HTTPReply(403, "") << std::flush;
continue;
+ }
map<string, string> mapHeaders;
string strRequest;
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-02 03:08:42 +0000