GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'issue360' into 'master'

Browse Source 
Issue360 - Send disconnect reason with BanIP message

Closes #360

See merge request openconnect/ocserv!234
This commit is contained in:
Alan Jowett
2020-11-06 22:30:21 +00:00
parent 82fc1e4881 01a9815bdf
commit 5b9fc73fd9
5 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/ipc.proto
View File

@@ -200,6 +200,7 @@ message ban_ip_msg
required string ip = 1;
required uint32 score = 2;
optional bytes sid = 3; /* sec-mod sends it */
optional uint32 discon_reason = 4;
}
message ban_ip_reply_msg

4
src/main-worker-cmd.c
View File

@@ -299,6 +299,10 @@ int handle_worker_commands(main_server_st * s, struct proc_st *proc)
ret = add_str_ip_to_ban_list(s, remote_address, tmsg->score);
if (tmsg->has_discon_reason) {
proc->discon_reason = tmsg->discon_reason;
}
ban_ip_msg__free_unpacked(tmsg, &pa);
if (ret < 0) {

2
src/worker-kkdcp.c
View File

@@ -144,7 +144,7 @@ int post_kkdcp_handler(worker_st *ws, unsigned http_ver)
return -1;
}
ws_add_score_to_ip(ws, WSCONFIG(ws)->ban_points_kkdcp, 0);
ws_add_score_to_ip(ws, WSCONFIG(ws)->ban_points_kkdcp, 0, 0);
oclog(ws, LOG_HTTP_DEBUG, "HTTP processing kkdcp framed request: %u bytes", (unsigned)req->body_length);
length = BUF_SIZE;

8
src/worker-vpn.c
View File

@@ -442,7 +442,7 @@ static int setup_dtls_connection(struct worker_st *ws, struct dtls_st * dtls)
return -1;
}
void ws_add_score_to_ip(worker_st *ws, unsigned points, unsigned final)
void ws_add_score_to_ip(worker_st *ws, unsigned points, unsigned final, unsigned discon_reason)
{
int ret, e;
BanIpMsg msg = BAN_IP_MSG__INIT;
@@ -463,6 +463,10 @@ void ws_add_score_to_ip(worker_st *ws, unsigned points, unsigned final)
msg.ip = ws->remote_ip_str;
msg.score = points;
if (final) {
msg.has_discon_reason = 1;
msg.discon_reason = discon_reason;
}
ret = send_msg(ws, ws->cmd_fd, CMD_BAN_IP, &msg,
(pack_size_func) ban_ip_msg__get_packed_size,
@@ -557,7 +561,7 @@ void exit_worker_reason(worker_st * ws, unsigned reason)
}
if (ws->ban_points > 0)
ws_add_score_to_ip(ws, 0, 1);
ws_add_score_to_ip(ws, 0, 1, reason);
talloc_free(ws->main_pool);
closelog();

2
src/worker.h
View File

@@ -393,7 +393,7 @@ void exit_worker_reason(worker_st * ws, unsigned reason);
int ws_switch_auth_to(struct worker_st *ws, unsigned auth);
int ws_switch_auth_to_next(struct worker_st *ws);
void ws_add_score_to_ip(worker_st *ws, unsigned points, unsigned final);
void ws_add_score_to_ip(worker_st *ws, unsigned points, unsigned final, unsigned discon_reason);
int connect_to_secmod(worker_st * ws);
inline static