rpc server: send '403 Forbidden' to rejected clients

In order to be a proper HTTP implementation clients that aren't allowed to connect to the RPC server (using -rpcallowip), should receive a proper HTTP response. So instead of closing the connection on them send a '403 Forbidden' status. Signed-off-by: Giel van Schijndel <me@mortis.eu>
13 years ago · c9e70d4c0a
1 changed files with 5 additions and 1 deletions
--- a/src/rpc.cpp
+++ b/src/rpc.cpp
@ -1532,7 +1532,7 @@ string rfc1123Time()
				@@ -1532,7 +1532,7 @@ string rfc1123Time()
    return string(buffer);
 }

-string HTTPReply(int nStatus, const string& strMsg)
+static string HTTPReply(int nStatus, const string& strMsg)
 {
    if (nStatus == 401)
        return strprintf("HTTP/1.0 401 Authorization Required\r\n"
@ -1554,6 +1554,7 @@ string HTTPReply(int nStatus, const string& strMsg)
				@@ -1554,6 +1554,7 @@ string HTTPReply(int nStatus, const string& strMsg)
    string strStatus;
         if (nStatus == 200) strStatus = "OK";
    else if (nStatus == 400) strStatus = "Bad Request";
+    else if (nStatus == 403) strStatus = "Forbidden";
    else if (nStatus == 404) strStatus = "Not Found";
    else if (nStatus == 500) strStatus = "Internal Server Error";
    return strprintf(
@ -1887,7 +1888,10 @@ void ThreadRPCServer2(void* parg)
				@@ -1887,7 +1888,10 @@ void ThreadRPCServer2(void* parg)

        // Restrict callers by IP
        if (!ClientAllowed(peer.address().to_string()))
+        {
+            stream << HTTPReply(403, "") << std::flush;
            continue;
+        }

        map<string, string> mapHeaders;
        string strRequest;