/// <summary>
/// Returns true if the request is for a restricted path and the address is not allowed to access it.
/// </summary>
/// <param name="requestArgs"></param>
/// <returns></returns>
private bool IsRestricted(RequestReceivedEventArgs requestArgs)
{
var result = false;
if (requestArgs.PathAndFile != null && requestArgs.Request != null && requestArgs.Request.RemoteEndPoint != null)
{
var path = requestArgs.PathAndFile.ToLower();
IAccessFilter filter = null;
_RestrictedPathSpinLock.Lock();
try {
for (var i = 0; i < _RestrictedPaths.Count; ++i)
{
var restrictedPath = _RestrictedPaths[i];
if (path.StartsWith(restrictedPath.NormalisedPath))
{
filter = restrictedPath.Filter;
break;
}
}
} finally {
_RestrictedPathSpinLock.Unlock();
}
if (filter != null)
{
result = !filter.Allow(requestArgs.Request.RemoteEndPoint.Address);
}
}
return(result);
}
/// <summary>
/// Creates a socket for an incoming connection.
/// </summary>
/// <param name="socket"></param>
private void CreateNewPassiveConnection(Socket socket)
{
if (socket != null)
{
var connection = new SocketConnection(this, socket, ConnectionStatus.Waiting);
var address = socket.RemoteEndPoint as IPEndPoint;
var abandonConnection = false;
if (address == null || address.Address == null)
{
abandonConnection = true;
}
else if (IsSingleConnection && GetConnections().Length != 0)
{
abandonConnection = true;
}
if (!abandonConnection && _AccessFilter != null && !_AccessFilter.Allow(address.Address))
{
abandonConnection = true;
RecordMiscellaneousActivity("Rejected connection from {0}, did not match access rules", address);
}
if (!abandonConnection)
{
try {
SetSocketKeepAliveAndTimeouts(socket);
} catch (Exception ex) {
abandonConnection = true;
OnExceptionCaught(new EventArgs <Exception>(ex));
RecordMiscellaneousActivity("Abandoning incoming passive connection due to previous exception");
}
}
var authentication = Authentication;
if (!abandonConnection && authentication != null)
{
var authenticationResponse = GetAuthenticationResponse(connection, authentication);
abandonConnection = !authentication.GetResponseIsValid(authenticationResponse);
if (abandonConnection)
{
RecordMiscellaneousActivity("Rejecting connection from {0}, authentication failed or was not completed within {1} seconds", address, AuthenticationTimeout / 1000);
}
}
if (abandonConnection)
{
connection.Abandon();
}
else
{
RegisterConnection(connection, raiseConnectionEstablished: true, mirrorConnectionState: false);
connection.ConnectionStatus = ConnectionStatus.Connected;
ConnectionStatus = ConnectionStatus.Connected;
}
}
}
public void AccessFilter_Allow_Throws_Exception_If_Initialise_Is_Not_Called_First()
{
_Filter.Allow(IPAddress.Parse("192.168.0.1"));
}