feat: blacklist ips

Author: araujo88

blacklist.txt

@@ -21,6 +21,15 @@ namespace tpt
             return "Error - JSON parsing error";
         }
     };
+
+    class IPBlackListedException : public std::exception
+    {
+    public:
+        const char *what() const throw()
+        {
+            return "Error - IP is blacklisted";
+        }
+    };
 }
 
 #endif

include/base_exceptions.hpp

@@ -11,7 +11,10 @@
 #include <sys/socket.h>
 #include <unistd.h>
 #include <errno.h>
+#include <vector>
 #include "socket.hpp"
+#include "utils.hpp"
+#include "base_exceptions.hpp"
 
 namespace tpt
 {
@@ -24,6 +27,7 @@ namespace tpt
         unsigned int max_connections;
         std::string ip_address;
         std::string client_ip;
+        std::vector<std::string> ip_blacklist;
 
     public:
         UnixSocket();

include/unix_socket.hpp

@@ -24,6 +24,7 @@ namespace tpt
         static std::string &formatJSON(std::string &json);
         static bool isValidJSON(const std::string &str);
         static std::string sanitizePath(const std::string &path);
+        static void fillIPBlacklist(std::vector<std::string> &ip_blacklist);
     };
 }
 

include/utils.hpp

@@ -73,68 +73,76 @@ void Teapot::mainEventLoop(SOCKET client_socket)
     std::string content_type;
     unsigned int status_code = 500; // Default to internal server error in case of early failure
 
-    if (request)
+    try
     {
-        context->request = &(*request);
-        this->sanitizer_middleware.handle(context.get());
-        std::string uri = request->getUri();
-        if (uri == "/")
-            uri = "/index.html"; // Normalize root access to a specific file, e.g., index.html
-        std::string method = request->getMethod();
-        content_type = determineContentType(uri); // Determine content type early based on URI
-
-        std::cout << "[" << request->getDate() << "] " << this->socket.getClientIp() + " " << method << " " << uri << " HTTP/1.1 ";
-
-        if (method == "GET")
+        if (request)
         {
-            // Check for predefined routes or responses before attempting to read a file
-            auto routeIt = this->routes.find(uri);
-            auto jsonIt = this->json_responses.find(uri);
-            auto htmlIt = this->html_responses.find(uri);
+            context->request = &(*request);
+            this->sanitizer_middleware.handle(context.get());
+            std::string uri = request->getUri();
+            if (uri == "/")
+                uri = "/index.html"; // Normalize root access to a specific file, e.g., index.html
+            std::string method = request->getMethod();
+            content_type = determineContentType(uri); // Determine content type early based on URI
 
-            if (routeIt != this->routes.end())
-            {
-                body = Utils::readFileToBuffer(this->static_files_dir + routeIt->second);
-                status_code = 200;
-            }
-            else if (jsonIt != this->json_responses.end())
-            {
-                body = jsonIt->second;
-                status_code = 200;
-                content_type = "application/json";
-            }
-            else if (htmlIt != this->html_responses.end())
-            {
-                body = htmlIt->second;
-                status_code = 200;
-                content_type = "text/html";
-            }
-            else
+            std::cout << "[" << request->getDate() << "] " << this->socket.getClientIp() + " " << method << " " << uri << " HTTP/1.1 ";
+
+            if (method == "GET")
             {
-                try
+                // Check for predefined routes or responses before attempting to read a file
+                auto routeIt = this->routes.find(uri);
+                auto jsonIt = this->json_responses.find(uri);
+                auto htmlIt = this->html_responses.find(uri);
+
+                if (routeIt != this->routes.end())
                 {
-                    body = Utils::readFileToBuffer(this->static_files_dir + uri);
+                    body = Utils::readFileToBuffer(this->static_files_dir + routeIt->second);
                     status_code = 200;
                 }
-                catch (FileNotFoundException &)
+                else if (jsonIt != this->json_responses.end())
                 {
-                    body = Utils::readFileToBuffer(this->static_files_dir + "/404.html");
+                    body = jsonIt->second;
+                    status_code = 200;
+                    content_type = "application/json";
+                }
+                else if (htmlIt != this->html_responses.end())
+                {
+                    body = htmlIt->second;
+                    status_code = 200;
                     content_type = "text/html";
-                    status_code = 404;
+                }
+                else
+                {
+                    try
+                    {
+                        body = Utils::readFileToBuffer(this->static_files_dir + uri);
+                        status_code = 200;
+                    }
+                    catch (FileNotFoundException &)
+                    {
+                        body = Utils::readFileToBuffer(this->static_files_dir + "/404.html");
+                        content_type = "text/html";
+                        status_code = 404;
+                    }
                 }
             }
+            else
+            {
+                // If not GET, assume method not supported
+                body = Utils::readFileToBuffer(this->static_files_dir + "/405.html");
+                content_type = "text/html";
+                status_code = 405;
+            }
         }
         else
         {
-            // If not GET, assume method not supported
-            body = Utils::readFileToBuffer(this->static_files_dir + "/405.html");
+            // Handle parsing failure by responding with 500 Internal Server Error
+            body = Utils::readFileToBuffer(this->static_files_dir + "/500.html");
             content_type = "text/html";
-            status_code = 405;
         }
     }
-    else
+    catch (...)
     {
-        // Handle parsing failure by responding with 500 Internal Server Error
         body = Utils::readFileToBuffer(this->static_files_dir + "/500.html");
         content_type = "text/html";
     }
@@ -210,9 +218,16 @@ void Teapot::run()
         SOCKET client_socket;
         void *client_addr = nullptr;
 
-        socket.acceptConnection(client_socket, client_addr);
-
-        std::jthread th(&Teapot::mainEventLoop, this, client_socket);
+        try
+        {
+            socket.acceptConnection(client_socket, client_addr);
+            std::jthread th(&Teapot::mainEventLoop, this, client_socket);
+        }
+        catch (IPBlackListedException &e)
+        {
+            std::cout << e.what();
+            this->socket.closeSocket(client_socket);
+        }
     }
 }
 

src/teapot.cpp

@@ -17,10 +17,13 @@ UnixSocket::UnixSocket()
         std::cout << "Error code: " + errno << std::endl;
         exit(EXIT_FAILURE);
     }
+    std::cout << "Socket created!" << std::endl;
 
     this->server_address.sin_family = AF_INET;
     this->server_address.sin_port = htons(this->port);
     this->server_address.sin_addr.s_addr = inet_addr(this->ip_address.c_str());
+
+    Utils::fillIPBlacklist(this->ip_blacklist);
 }
 
 UnixSocket::UnixSocket(unsigned int port)
@@ -37,10 +40,13 @@ UnixSocket::UnixSocket(unsigned int port)
         std::cout << "Error code: " + errno << std::endl;
         exit(EXIT_FAILURE);
     }
+    std::cout << "Socket created!" << std::endl;
 
     this->server_address.sin_family = AF_INET;
     this->server_address.sin_port = htons(this->port);
     this->server_address.sin_addr.s_addr = inet_addr(this->ip_address.c_str());
+
+    Utils::fillIPBlacklist(this->ip_blacklist);
 }
 
 UnixSocket::UnixSocket(std::string ip_address, unsigned int port)
@@ -57,10 +63,13 @@ UnixSocket::UnixSocket(std::string ip_address, unsigned int port)
         std::cout << "Error code: " + errno << std::endl;
         exit(EXIT_FAILURE);
     }
+    std::cout << "Socket created!" << std::endl;
 
     this->server_address.sin_family = AF_INET;
     this->server_address.sin_port = htons(this->port);
     this->server_address.sin_addr.s_addr = inet_addr(this->ip_address.c_str());
+
+    Utils::fillIPBlacklist(this->ip_blacklist);
 }
 
 UnixSocket::UnixSocket(std::string ip_address, unsigned int port, unsigned int max_connections)
@@ -82,6 +91,8 @@ UnixSocket::UnixSocket(std::string ip_address, unsigned int port, unsigned int m
     this->server_address.sin_family = AF_INET;
     this->server_address.sin_port = htons(this->port);
     this->server_address.sin_addr.s_addr = inet_addr(this->ip_address.c_str());
+
+    Utils::fillIPBlacklist(this->ip_blacklist);
 }
 
 void UnixSocket::bindSocket()
@@ -141,6 +152,14 @@ void UnixSocket::acceptConnection(SOCKET &client_socket, void *client_address)
     }
 
     this->client_ip = std::string(ip_str);
+
+    for (auto it : this->ip_blacklist)
+    {
+        if (this->client_ip == it)
+        {
+            throw IPBlackListedException();
+        }
+    }
 }
 
 ssize_t UnixSocket::receiveData(SOCKET client_socket, char *buffer, unsigned int buffer_size)

src/unix_socket.cpp

@@ -126,3 +126,24 @@ std::string Utils::sanitizePath(const std::string &path)
     }
     return sanitized;
 }
+
+void Utils::fillIPBlacklist(std::vector<std::string> &ip_blacklist)
+{
+    std::ifstream file("blacklist.txt");
+    std::string ip;
+
+    if (!file)
+    {
+        std::cerr << "Unable to open blacklist.txt for reading." << std::endl;
+    }
+
+    while (std::getline(file, ip))
+    {
+        // Assuming each line in the file contains one IP address.
+        // You might want to add validation here to ensure the line actually
+        // contains an IP address or matches your criteria.
+        ip_blacklist.push_back(ip);
+    }
+
+    file.close();
+}