Merge pull request #343 from muggenhor/proper-http-server-rejection

rpc server: send '403 Forbidden' to rejected clients
This commit is contained in:
Jeff Garzik 2011-07-01 16:34:49 -07:00
commit c4286dc6ee

View File

@ -1532,7 +1532,7 @@ string rfc1123Time()
return string(buffer);
}
string HTTPReply(int nStatus, const string& strMsg)
static string HTTPReply(int nStatus, const string& strMsg)
{
if (nStatus == 401)
return strprintf("HTTP/1.0 401 Authorization Required\r\n"
@ -1554,6 +1554,7 @@ string HTTPReply(int nStatus, const string& strMsg)
string strStatus;
if (nStatus == 200) strStatus = "OK";
else if (nStatus == 400) strStatus = "Bad Request";
else if (nStatus == 403) strStatus = "Forbidden";
else if (nStatus == 404) strStatus = "Not Found";
else if (nStatus == 500) strStatus = "Internal Server Error";
return strprintf(
@ -1887,7 +1888,12 @@ void ThreadRPCServer2(void* parg)
// Restrict callers by IP
if (!ClientAllowed(peer.address().to_string()))
{
// Only send a 403 if we're not using SSL to prevent a DoS during the SSL handshake.
if (!fUseSSL)
stream << HTTPReply(403, "") << std::flush;
continue;
}
map<string, string> mapHeaders;
string strRequest;