diff options
author | Jeff Garzik <jgarzik@exmulti.com> | 2011-07-01 16:34:49 -0700 |
---|---|---|
committer | Jeff Garzik <jgarzik@exmulti.com> | 2011-07-01 16:34:49 -0700 |
commit | c4286dc6eeea90c9ddb509a2019423d032cbad38 (patch) | |
tree | e080c453cad7661172408e209656037302dbf4d1 /src/rpc.cpp | |
parent | b73ab2d885011a3a9434de59c27eaf9cce7a4dc5 (diff) | |
parent | e913574e027d7d75783b9ffc56375b2edc0418f3 (diff) |
Merge pull request #343 from muggenhor/proper-http-server-rejection
rpc server: send '403 Forbidden' to rejected clients
Diffstat (limited to 'src/rpc.cpp')
-rw-r--r-- | src/rpc.cpp | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/rpc.cpp b/src/rpc.cpp index dabd99d075..780209920e 100644 --- a/src/rpc.cpp +++ b/src/rpc.cpp @@ -1532,7 +1532,7 @@ string rfc1123Time() return string(buffer); } -string HTTPReply(int nStatus, const string& strMsg) +static string HTTPReply(int nStatus, const string& strMsg) { if (nStatus == 401) return strprintf("HTTP/1.0 401 Authorization Required\r\n" @@ -1554,6 +1554,7 @@ string HTTPReply(int nStatus, const string& strMsg) string strStatus; if (nStatus == 200) strStatus = "OK"; else if (nStatus == 400) strStatus = "Bad Request"; + else if (nStatus == 403) strStatus = "Forbidden"; else if (nStatus == 404) strStatus = "Not Found"; else if (nStatus == 500) strStatus = "Internal Server Error"; return strprintf( @@ -1887,7 +1888,12 @@ void ThreadRPCServer2(void* parg) // Restrict callers by IP if (!ClientAllowed(peer.address().to_string())) + { + // Only send a 403 if we're not using SSL to prevent a DoS during the SSL handshake. + if (!fUseSSL) + stream << HTTPReply(403, "") << std::flush; continue; + } map<string, string> mapHeaders; string strRequest; |