It's not a boolean with 0 meaning "host not authorized" and 1 meaning
"host authorized"; it's negative if we shouldn't let them connect, with
-1 meaning "not in the host list" and -2 meaning "an error occurred in
the process of checking", and non-negative if we should let them
connect, with 0 meaning "they're in the host list" and 1 meaning "the
host list is empty, so we're letting everybody in".
struct daemon_slpars pars; // service loop parameters
char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed
char errmsgbuf[PCAP_ERRBUF_SIZE + 1]; // buffer for errors to send to the client
struct daemon_slpars pars; // service loop parameters
char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed
char errmsgbuf[PCAP_ERRBUF_SIZE + 1]; // buffer for errors to send to the client
+ int host_port_check_status;
SSL *ssl = NULL;
int nrecv;
struct rpcap_header header; // RPCAP message general header
SSL *ssl = NULL;
int nrecv;
struct rpcap_header header; // RPCAP message general header
//
// Are they in the list of host/port combinations we allow?
//
//
// Are they in the list of host/port combinations we allow?
//
- host_port_ok = (sock_check_hostlist(passiveClients, RPCAP_HOSTLIST_SEP, &from, errmsgbuf, PCAP_ERRBUF_SIZE) == 0);
+ host_port_check_status = sock_check_hostlist(passiveClients, RPCAP_HOSTLIST_SEP, &from, errmsgbuf, PCAP_ERRBUF_SIZE);
free(passiveClients);
passiveClients = NULL;
free(passiveClients);
passiveClients = NULL;
+ if (host_port_check_status < 0)
- // Sorry, you're not on the guest list.
+ // Sorry, we can't let you in.
//
if (rpcap_senderror(pars.sockctrl, pars.ssl, 0, PCAP_ERR_HOSTNOAUTH, errmsgbuf, errbuf) == -1)
rpcapd_log(LOGPRIO_ERROR, "Send to client failed: %s", errbuf);
//
if (rpcap_senderror(pars.sockctrl, pars.ssl, 0, PCAP_ERR_HOSTNOAUTH, errmsgbuf, errbuf) == -1)
rpcapd_log(LOGPRIO_ERROR, "Send to client failed: %s", errbuf);
projects / libpcap / commitdiff
