Igor Gariev (gariev) wrote in changelog,
Igor Gariev
gariev
changelog

[livejournal] r18891: LJSUP-8602: IP sysban conflict w/ whitel...

Committer: gariev
LJSUP-8602: IP sysban conflict w/ whitelist

U   trunk/bin/ljsysban.pl
U   trunk/cgi-bin/sysban.pl
Modified: trunk/bin/ljsysban.pl
===================================================================
--- trunk/bin/ljsysban.pl	2011-04-18 02:47:36 UTC (rev 18890)
+++ trunk/bin/ljsysban.pl	2011-04-18 02:53:11 UTC (rev 18891)
@@ -145,7 +145,7 @@
     die $dbh->errstr if $dbh->err;
 
     if ($what || $value) {
-        my $err = LJ::sysban_validate($what || $ban->{'what'}, $value || $ban->{'value'});
+        my $err = LJ::sysban_validate($what || $ban->{'what'}, $value || $ban->{'value'}, {skipexisting => 1});
         die $err if $err;
     }
 

Modified: trunk/cgi-bin/sysban.pl
===================================================================
--- trunk/cgi-bin/sysban.pl	2011-04-18 02:47:36 UTC (rev 18890)
+++ trunk/cgi-bin/sysban.pl	2011-04-18 02:53:11 UTC (rev 18891)
@@ -425,44 +425,48 @@
                 ",
                 {Slice => {}}
             );
-            
-            my $matched_wl;
-            foreach my $wl (@$whitelist) {
-                my $mask = $wl->{value}; ## see ip_whitelist below for possible formats
-                if ($mask =~ /^$ip_regexp$/) {
-                    if ($mask eq $ip) {
-                        $matched_wl = $wl;
-                        last;
-                    } 
-                } elsif (my ($start_ip, $end_ip) = $mask =~ /^($ip_regexp)-($ip_regexp)$/) {
-                    if (    $ip_to_str->($start_ip) le $ip_to_str->($ip) && 
-                            $ip_to_str->($ip) le $ip_to_str->($end_ip)) 
-                    {
-                        $matched_wl = $wl;
-                        last;
+           
+            ## if creting a new ban, check IP whitelist
+            ## TODO: when modifying an existing ban, give a warning
+            if (!$opts->{'skipexisting'}) { 
+                my $matched_wl;
+                foreach my $wl (@$whitelist) {
+                    my $mask = $wl->{value}; ## see ip_whitelist below for possible formats
+                    if ($mask =~ /^$ip_regexp$/) {
+                        if ($mask eq $ip) {
+                            $matched_wl = $wl;
+                            last;
+                        } 
+                    } elsif (my ($start_ip, $end_ip) = $mask =~ /^($ip_regexp)-($ip_regexp)$/) {
+                        if (    $ip_to_str->($start_ip) le $ip_to_str->($ip) && 
+                                $ip_to_str->($ip) le $ip_to_str->($end_ip)) 
+                        {
+                            $matched_wl = $wl;
+                            last;
+                        }
+                    } elsif ($mask =~ m!^$ip_regexp/(\d+)!) {
+                        my $netmask = Net::Netmask->new($mask);
+                        if ($netmask->match($ip)) {
+                            $matched_wl = $wl;
+                            last;
+                        }
+                    } elsif ($mask =~ /^(\d+\.){1,3}\*$/) {
+                        $mask =~ s/\./\\./g;
+                        $mask =~ s/\*/\.\*/;
+                        if ($ip =~ /^$mask$/) {
+                            $matched_wl = $wl;
+                            last;
+                        }
+                    } else {
+                        # hm...
                     }
-                } elsif ($mask =~ m!^$ip_regexp/(\d+)!) {
-                    my $netmask = Net::Netmask->new($mask);
-                    if ($netmask->match($ip)) {
-                        $matched_wl = $wl;
-                        last;
-                    }
-                } elsif ($mask =~ /^(\d+\.){1,3}\*$/) {
-                    $mask =~ s/\./\\./g;
-                    $mask =~ s/\*/\.\*/;
-                    if ($ip =~ /^$mask$/) {
-                        $matched_wl = $wl;
-                        last;
-                    }
-                } else {
-                    # hm...
                 }
-            }
 
-            if ($matched_wl) {
-                return "Can't bap ip address $ip: ip_whitelist #$matched_wl->{banid} matched ($matched_wl->{note})";
+                if ($matched_wl) {
+                    return "Can't ban ip address $ip: ip_whitelist #$matched_wl->{banid} matched ($matched_wl->{note})";
+                }
             }     
-            
+                
             ## everything is ok
             return 0;
         },

Tags: gariev, livejournal, pl
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments