[packages/bopm.git] / bopm.whitelists.3.1.2.diff

? src/bopm.pid
? src/libopm
Index: src/config-lexer.l
===================================================================
RCS file: /data/cvs/bopm/src/config-lexer.l,v
retrieving revision 1.6
diff -u -6 -r1.6 config-lexer.l
--- src/config-lexer.l	19 Jun 2003 23:07:57 -0000	1.6
+++ src/config-lexer.l	26 Jun 2003 21:06:49 -0000
@@ -89,12 +89,13 @@
                                  return STRING;
                               }
                            }
              
                         }
 
+ALERT                   { return ALERT;        }
 AWAY                    { return AWAY;         }
 BAN_UNKNOWN             { return BAN_UNKNOWN;  }
 BLACKLIST               { return BLACKLIST;    }
 CHANNEL                 { return CHANNEL;      }
 CONNREGEX               { return CONNREGEX;    }
 DNS_FDLIMIT             { return DNS_FDLIMIT;  }
@@ -132,12 +133,13 @@
 TARGET_STRING           { return TARGET_STRING;}
 TIMEOUT                 { return TIMEOUT;      }
 TYPE                    { return TYPE;         }
 USER                    { return USER;         }
 USERNAME                { return USERNAME;     }
 VHOST                   { return VHOST;        }
+WHITELIST               { return WHITELIST;    }
 
 
 HTTP                    {
                           yylval.number = OPM_TYPE_HTTP;
                           return PROTOCOLTYPE;
                         }
Index: src/config-parser.y
===================================================================
RCS file: /data/cvs/bopm/src/config-parser.y,v
retrieving revision 1.7
diff -u -6 -r1.7 config-parser.y
--- src/config-parser.y	22 Jun 2003 13:19:39 -0000	1.7
+++ src/config-parser.y	26 Jun 2003 21:06:49 -0000
@@ -30,12 +30,13 @@
 
 int yydebug=0;
 void *tmp;        /* Variable to temporarily hold nodes before insertion to list */
 
 %}
 
+%token ALERT
 %token AWAY
 %token BAN_UNKNOWN
 %token BLACKLIST
 %token CHANNEL
 %token CONNREGEX
 %token DNS_FDLIMIT
@@ -74,12 +75,13 @@
 %token TARGET_STRING
 %token TIMEOUT
 %token TYPE
 %token USERNAME
 %token USER
 %token VHOST
+%token WHITELIST
 
 %union 
 {
         int number;
         char *string;
 }
@@ -526,12 +528,14 @@
 
    item = MyMalloc(sizeof *item);
 
    item->name = DupString("");
    item->kline = DupString("");
    item->ban_unknown = 0;
+   item->whitelist = 0;
+   item->alert = 1;
    item->type = A_BITMASK;
    item->reply = list_create();
 
    node = node_create(item);
    list_add(OpmItem->blacklists, node);
 
@@ -542,14 +546,16 @@
 blacklist_items: /* Empty */                 |
               blacklist_items blacklist_item |
               blacklist_item;
 
 blacklist_item: blacklist_name        |
                 blacklist_type        |
+                blacklist_whitelist   |
                 blacklist_kline       |
                 blacklist_ban_unknown |
+                blacklist_alert       |
                 blacklist_reply       |
                 error;
 
 blacklist_name: NAME '=' STRING ';' {
    struct BlacklistConf *item = tmp;
 
@@ -570,12 +576,24 @@
    if(strcmp("A record bitmask", $3) == 0)
       item->type = A_BITMASK;
    else if(strcmp("A record reply", $3) == 0)
       item->type = A_REPLY;
    else
       yyerror("Unknown blacklist type defined");
+};
+
+blacklist_whitelist: WHITELIST '=' NUMBER ';' {
+   struct BlacklistConf *item = tmp;
+
+   item->whitelist = $3;
+};
+
+blacklist_alert: ALERT '=' NUMBER ';' {
+    struct BlacklistConf *item = tmp;
+
+    item->alert = $3;
 };
 
 blacklist_ban_unknown: BAN_UNKNOWN '=' NUMBER ';' {
    struct BlacklistConf *item = tmp;
 
    item->ban_unknown = $3;
Index: src/config.h
===================================================================
RCS file: /data/cvs/bopm/src/config.h,v
retrieving revision 1.9
diff -u -6 -r1.9 config.h
--- src/config.h	21 Jun 2003 00:57:28 -0000	1.9
+++ src/config.h	26 Jun 2003 21:06:49 -0000
@@ -101,13 +101,15 @@
 
 struct BlacklistConf
 {
    char   *name;
    char   *kline;
    enum BlacklistType type;
+   int     whitelist;
    int     ban_unknown;
+   int     alert;
    list_t *reply;
    unsigned int stats_recv;
 };
 
 struct BlacklistReplyConf
 {
Index: src/dnsbl.c
===================================================================
RCS file: /data/cvs/bopm/src/dnsbl.c,v
retrieving revision 1.29
diff -u -6 -r1.29 dnsbl.c
--- src/dnsbl.c	22 Jun 2003 18:03:41 -0000	1.29
+++ src/dnsbl.c	26 Jun 2003 21:06:49 -0000
@@ -96,17 +96,27 @@
 
       if(res == -1 && fdns_errno != FDNS_ERR_FDLIMIT)
       {
          log_printf("DNSBL -> Error sending dns lookup for '%s': %s", lookup, firedns_strerror(fdns_errno));
          free(ds);
       }
-      else
+      else {
          ss->scans++; /* Increase scan count - one for each blacklist */
+         if (bl->whitelist)
+            ss->dnsbl_whitelist_count++;  /* Increase whitelist count
+                                           * for each whitelist */
+      }                               
    }
 }
 
+/* This function gets called when:
+ * - a positive result was obtained from a blacklist
+ * - the last result from the whitelist has been received,
+ *   and a previous blacklist result was positive
+ */
+
 static void dnsbl_positive(struct scan_struct *ss, struct BlacklistConf *bl, 
 		unsigned char type)
 {
    char text_type[128];
    struct BlacklistReplyConf *item;
    node_t *p;
@@ -142,43 +152,66 @@
       }
    }
    
    if(text_type[0] == '\0' && bl->ban_unknown == 0)
    {
       if(OPT_DEBUG)
-         log_printf("DNSBL -> Unknown result from BL zone %s (%d)", bl->name, type);
+         log_printf("DNSBL -> Unknown result from %s zone %s (%d)",
+               (bl->whitelist ? "WL" : "BL"), bl->name, type);
       return;
    }
 
+   /* record stat */
+   stats_dnsblrecv(bl);
+
+   /* If this was a positive result from a whitelist, flag this user
+    * as whitelisted in the scan struct. This will prevent any future
+    * positive DNSBL blacklist result from klining.
+    */
+   if(bl->whitelist)
+      ss->dnsbl_whitelisted = 1; /* Mark this user as whitelisted */
+   else if(ss->dnsbl_whitelist_count > 0) /* Store data */
+   {
+      ss->dnsbl_positive_bl = bl;
+      ss->dnsbl_positive_type = type;
+      return;     /* Wait until whitelists have finished */
+   }
+
    if(ss->manual_target)
    {
-      irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s appears in BL zone %s (%s)",
-            ss->manual_target->name, ss->ip, bl->name, text_type);
+      irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s appears in %s zone %s (%s)",
+         ss->manual_target->name, ss->ip, (bl->whitelist ? "WL" : "BL"),
+         bl->name, text_type);
    }
    else if(!ss->positive)
    {
-      /* Only report it if no other scans have found positives yet. */
-      scan_positive(ss, (bl->kline[0] ? bl->kline : IRCItem->kline),
-            text_type);
-
-      irc_send_channels("DNSBL -> %s!%s@%s appears in BL zone %s (%s)",
-            ss->irc_nick, ss->irc_username, ss->irc_hostname, bl->name,
-            text_type);
-      log_printf("DNSBL -> %s!%s@%s appears in BL zone %s (%s)",
-            ss->irc_nick, ss->irc_username, ss->irc_hostname, bl->name,
-            text_type);
+      /* Only report it if no other scans have found positives yet,
+       * all whitelists are done, and the user has not been whitelisted. */
+      if(ss->dnsbl_whitelist_count == 0 && !ss->dnsbl_whitelisted)
+      {
+         scan_positive(ss, (bl->kline[0] ? bl->kline : IRCItem->kline), text_type);
+ 
+         if(bl->alert)  
+            irc_send_channels("DNSBL -> %s!%s@%s appears in %s zone %s (%s)",
+                  ss->irc_nick, ss->irc_username, ss->irc_hostname,
+                  (bl->whitelist ? "WL" : "BL"), bl->name, text_type);
+      }
+      
+      log_printf("DNSBL -> %s!%s@%s appears in %s zone %s (%s)",
+            ss->irc_nick, ss->irc_username, ss->irc_hostname,
+            (bl->whitelist ? "WL" : "BL"), bl->name, text_type);
    }
-
-   /* record stat */
-   stats_dnsblrecv(bl);
 }
 
 void dnsbl_result(struct firedns_result *res)
 {
 	struct dnsbl_scan *ds = res->info;
 
+   if(ds->bl->whitelist)
+      ds->ss->dnsbl_whitelist_count--; /* one less whitelist to wait for */
+    
    if(OPT_DEBUG)
       log_printf("DNSBL -> Lookup result for %s!%s@%s (%s) %d.%d.%d.%d (error: %d)",
           ds->ss->irc_nick,
           ds->ss->irc_username,
           ds->ss->irc_hostname,
           res->lookup,
@@ -187,15 +220,21 @@
           (unsigned char)res->text[2],
           (unsigned char)res->text[3], fdns_errno);
 
    /* Everything is OK */
    if(res->text[0] == '\0' && fdns_errno == FDNS_ERR_NXDOMAIN)
    {
+      /* If any previous positive blacklist result was blocked, waiting
+       * for whitelists, handle it now
+       */
+      if(ds->bl->whitelist && ds->ss->dnsbl_whitelist_count == 0 && ds->ss->dnsbl_positive_bl != NULL)
+         dnsbl_positive(ds->ss, ds->ss->dnsbl_positive_bl, ds->ss->dnsbl_positive_type);
+      
       if(ds->ss->manual_target != NULL)
-         irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s does not appear in BL zone %s", 
-                   ds->ss->manual_target->name, ds->ss->ip,
+         irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s does not appear in %s zone %s", 
+                   ds->ss->manual_target->name, ds->ss->ip, (ds->bl->whitelist ? "WL" : "BL"),
                     (strlen(ds->ss->ip) < strlen(res->lookup))
 						   ? (res->lookup + strlen(ds->ss->ip) + 1)
 							: res->lookup);
 
 
       ds->ss->scans--;            /* we are done with ss here */
@@ -207,12 +246,18 @@
    /* Either an error, or a positive lookup */
 
    if(fdns_errno == FDNS_ERR_NONE)
       dnsbl_positive(ds->ss, ds->bl, (unsigned char)res->text[3]);
    else
 	{
+      /* If any previous positive blacklist result was blocked, waiting
+       * for whitelists, handle it now
+       */
+      if(ds->bl->whitelist && ds->ss->dnsbl_whitelist_count == 0 && ds->ss->dnsbl_positive_bl != NULL)
+         dnsbl_positive(ds->ss, ds->ss->dnsbl_positive_bl, ds->ss->dnsbl_positive_type);
+       
       log_printf("DNSBL -> Lookup error on %s: %s", res->lookup,
 	      firedns_strerror(fdns_errno));
 		if(fdns_errno != FDNS_ERR_TIMEOUT)
 			irc_send_channels("DNSBL -> Lookup error on %s: %s", res->lookup,
 				firedns_strerror(fdns_errno));
 	}
Index: src/scan.c
===================================================================
RCS file: /data/cvs/bopm/src/scan.c,v
retrieving revision 1.33
diff -u -6 -r1.33 scan.c
--- src/scan.c	22 Jun 2003 17:05:30 -0000	1.33
+++ src/scan.c	26 Jun 2003 21:06:49 -0000
@@ -477,13 +477,18 @@
    ss->ip = (char *) DupString(user[3]);
    ss->proof = (char *) DupString(msg);
 
    ss->remote = opm_remote_create(ss->ip);
    ss->scans = 0;
    ss->positive = 0;
-
+   
+   ss->dnsbl_whitelist_count = 0;
+   ss->dnsbl_whitelisted = 0;
+   ss->dnsbl_positive_bl = NULL;
+   ss->dnsbl_positive_type = '\0';
+   
    ss->manual_target = NULL;
 
    assert(ss->remote);
    return ss;
 }
 
Index: src/scan.h
===================================================================
RCS file: /data/cvs/bopm/src/scan.h,v
retrieving revision 1.7
diff -u -6 -r1.7 scan.h
--- src/scan.h	20 Jun 2003 04:18:38 -0000	1.7
+++ src/scan.h	26 Jun 2003 21:06:49 -0000
@@ -12,13 +12,17 @@
    char *ip;
    char *proof;
    OPM_REMOTE_T *remote;
 
    unsigned short scans;
    unsigned short positive;
-
+   unsigned short dnsbl_whitelisted;
+   unsigned short dnsbl_whitelist_count;
+   unsigned char dnsbl_positive_type;
+   struct BlacklistConf *dnsbl_positive_bl;
+   
    struct ChannelConf *manual_target;
 };
 
 
 struct scanner_struct
 {
Commit	Line	Data
24377f10 ER	1	? src/bopm.pid
	2	? src/libopm
	3	Index: src/config-lexer.l
	4	===================================================================
	5	RCS file: /data/cvs/bopm/src/config-lexer.l,v
	6	retrieving revision 1.6
	7	diff -u -6 -r1.6 config-lexer.l
	8	--- src/config-lexer.l 19 Jun 2003 23:07:57 -0000 1.6
	9	+++ src/config-lexer.l 26 Jun 2003 21:06:49 -0000
	10	@@ -89,12 +89,13 @@
	11	return STRING;
	12	}
	13	}
	14
	15	}
	16
	17	+ALERT { return ALERT; }
	18	AWAY { return AWAY; }
	19	BAN_UNKNOWN { return BAN_UNKNOWN; }
	20	BLACKLIST { return BLACKLIST; }
	21	CHANNEL { return CHANNEL; }
	22	CONNREGEX { return CONNREGEX; }
	23	DNS_FDLIMIT { return DNS_FDLIMIT; }
	24	@@ -132,12 +133,13 @@
	25	TARGET_STRING { return TARGET_STRING;}
	26	TIMEOUT { return TIMEOUT; }
	27	TYPE { return TYPE; }
	28	USER { return USER; }
	29	USERNAME { return USERNAME; }
	30	VHOST { return VHOST; }
	31	+WHITELIST { return WHITELIST; }
	32
	33
	34	HTTP {
	35	yylval.number = OPM_TYPE_HTTP;
	36	return PROTOCOLTYPE;
	37	}
	38	Index: src/config-parser.y
	39	===================================================================
	40	RCS file: /data/cvs/bopm/src/config-parser.y,v
	41	retrieving revision 1.7
	42	diff -u -6 -r1.7 config-parser.y
	43	--- src/config-parser.y 22 Jun 2003 13:19:39 -0000 1.7
	44	+++ src/config-parser.y 26 Jun 2003 21:06:49 -0000
	45	@@ -30,12 +30,13 @@
	46
	47	int yydebug=0;
	48	void tmp; / Variable to temporarily hold nodes before insertion to list */
	49
	50	%}
	51
	52	+%token ALERT
	53	%token AWAY
	54	%token BAN_UNKNOWN
	55	%token BLACKLIST
	56	%token CHANNEL
	57	%token CONNREGEX
	58	%token DNS_FDLIMIT
	59	@@ -74,12 +75,13 @@
	60	%token TARGET_STRING
	61	%token TIMEOUT
	62	%token TYPE
	63	%token USERNAME
	64	%token USER
65	%token VHOST
66	+%token WHITELIST
67
68	%union
69	{
70	int number;
71	char *string;
72	}
73	@@ -526,12 +528,14 @@
74
75	item = MyMalloc(sizeof *item);
76
77	item->name = DupString("");
78	item->kline = DupString("");
79	item->ban_unknown = 0;
80	+ item->whitelist = 0;
81	+ item->alert = 1;
82	item->type = A_BITMASK;
83	item->reply = list_create();
84
85	node = node_create(item);
86	list_add(OpmItem->blacklists, node);
87
88	@@ -542,14 +546,16 @@
89	blacklist_items: /* Empty */ \|
90	blacklist_items blacklist_item \|
91	blacklist_item;
92
93	blacklist_item: blacklist_name \|
94	blacklist_type \|
95	+ blacklist_whitelist \|
96	blacklist_kline \|
97	blacklist_ban_unknown \|
98	+ blacklist_alert \|
99	blacklist_reply \|
100	error;
101
102	blacklist_name: NAME '=' STRING ';' {
103	struct BlacklistConf *item = tmp;
104
105	@@ -570,12 +576,24 @@
106	if(strcmp("A record bitmask", $3) == 0)
107	item->type = A_BITMASK;
108	else if(strcmp("A record reply", $3) == 0)
109	item->type = A_REPLY;
110	else
111	yyerror("Unknown blacklist type defined");
112	+};
113	+
114	+blacklist_whitelist: WHITELIST '=' NUMBER ';' {
115	+ struct BlacklistConf *item = tmp;
116	+
117	+ item->whitelist = $3;
118	+};
119	+
120	+blacklist_alert: ALERT '=' NUMBER ';' {
121	+ struct BlacklistConf *item = tmp;
122	+
123	+ item->alert = $3;
124	};
125
126	blacklist_ban_unknown: BAN_UNKNOWN '=' NUMBER ';' {
127	struct BlacklistConf *item = tmp;
128
129	item->ban_unknown = $3;
130	Index: src/config.h
131	===================================================================
132	RCS file: /data/cvs/bopm/src/config.h,v
133	retrieving revision 1.9
134	diff -u -6 -r1.9 config.h
135	--- src/config.h 21 Jun 2003 00:57:28 -0000 1.9
136	+++ src/config.h 26 Jun 2003 21:06:49 -0000
137	@@ -101,13 +101,15 @@
138
139	struct BlacklistConf
140	{
141	char *name;
142	char *kline;
143	enum BlacklistType type;
144	+ int whitelist;
145	int ban_unknown;
146	+ int alert;
147	list_t *reply;
148	unsigned int stats_recv;
149	};
150
151	struct BlacklistReplyConf
152	{
153	Index: src/dnsbl.c
154	===================================================================
155	RCS file: /data/cvs/bopm/src/dnsbl.c,v
156	retrieving revision 1.29
157	diff -u -6 -r1.29 dnsbl.c
158	--- src/dnsbl.c 22 Jun 2003 18:03:41 -0000 1.29
159	+++ src/dnsbl.c 26 Jun 2003 21:06:49 -0000
160	@@ -96,17 +96,27 @@
161
162	if(res == -1 && fdns_errno != FDNS_ERR_FDLIMIT)
163	{
164	log_printf("DNSBL -> Error sending dns lookup for '%s': %s", lookup, firedns_strerror(fdns_errno));
165	free(ds);
166	}
167	- else
168	+ else {
169	ss->scans++; /* Increase scan count - one for each blacklist */
170	+ if (bl->whitelist)
171	+ ss->dnsbl_whitelist_count++; /* Increase whitelist count
172	+ * for each whitelist */
173	+ }
174	}
175	}
176
177	+/* This function gets called when:
178	+ * - a positive result was obtained from a blacklist
179	+ * - the last result from the whitelist has been received,
180	+ * and a previous blacklist result was positive
181	+ */
182	+
183	static void dnsbl_positive(struct scan_struct ss, struct BlacklistConf bl,
184	unsigned char type)
185	{
186	char text_type[128];
187	struct BlacklistReplyConf *item;
188	node_t *p;
189	@@ -142,43 +152,66 @@
190	}
191	}
192
193	if(text_type[0] == '\0' && bl->ban_unknown == 0)
194	{
195	if(OPT_DEBUG)
196	- log_printf("DNSBL -> Unknown result from BL zone %s (%d)", bl->name, type);
197	+ log_printf("DNSBL -> Unknown result from %s zone %s (%d)",
198	+ (bl->whitelist ? "WL" : "BL"), bl->name, type);
199	return;
200	}
201
202	+ /* record stat */
203	+ stats_dnsblrecv(bl);
204	+
205	+ /* If this was a positive result from a whitelist, flag this user
206	+ * as whitelisted in the scan struct. This will prevent any future
207	+ * positive DNSBL blacklist result from klining.
208	+ */
209	+ if(bl->whitelist)
210	+ ss->dnsbl_whitelisted = 1; /* Mark this user as whitelisted */
211	+ else if(ss->dnsbl_whitelist_count > 0) /* Store data */
212	+ {
213	+ ss->dnsbl_positive_bl = bl;
214	+ ss->dnsbl_positive_type = type;
215	+ return; /* Wait until whitelists have finished */
216	+ }
217	+
218	if(ss->manual_target)
219	{
220	- irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s appears in BL zone %s (%s)",
221	- ss->manual_target->name, ss->ip, bl->name, text_type);
222	+ irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s appears in %s zone %s (%s)",
223	+ ss->manual_target->name, ss->ip, (bl->whitelist ? "WL" : "BL"),
224	+ bl->name, text_type);
225	}
226	else if(!ss->positive)
227	{
228	- /* Only report it if no other scans have found positives yet. */
229	- scan_positive(ss, (bl->kline[0] ? bl->kline : IRCItem->kline),
230	- text_type);
231	-
232	- irc_send_channels("DNSBL -> %s!%s@%s appears in BL zone %s (%s)",
233	- ss->irc_nick, ss->irc_username, ss->irc_hostname, bl->name,
234	- text_type);
235	- log_printf("DNSBL -> %s!%s@%s appears in BL zone %s (%s)",
236	- ss->irc_nick, ss->irc_username, ss->irc_hostname, bl->name,
237	- text_type);
238	+ /* Only report it if no other scans have found positives yet,
239	+ * all whitelists are done, and the user has not been whitelisted. */
240	+ if(ss->dnsbl_whitelist_count == 0 && !ss->dnsbl_whitelisted)
241	+ {
242	+ scan_positive(ss, (bl->kline[0] ? bl->kline : IRCItem->kline), text_type);
243	+
244	+ if(bl->alert)
245	+ irc_send_channels("DNSBL -> %s!%s@%s appears in %s zone %s (%s)",
246	+ ss->irc_nick, ss->irc_username, ss->irc_hostname,
247	+ (bl->whitelist ? "WL" : "BL"), bl->name, text_type);
248	+ }
249	+
250	+ log_printf("DNSBL -> %s!%s@%s appears in %s zone %s (%s)",
251	+ ss->irc_nick, ss->irc_username, ss->irc_hostname,
252	+ (bl->whitelist ? "WL" : "BL"), bl->name, text_type);
253	}
254	-
255	- /* record stat */
256	- stats_dnsblrecv(bl);
257	}
258
259	void dnsbl_result(struct firedns_result *res)
260	{
261	struct dnsbl_scan *ds = res->info;
262
263	+ if(ds->bl->whitelist)
264	+ ds->ss->dnsbl_whitelist_count--; /* one less whitelist to wait for */
265	+
266	if(OPT_DEBUG)
267	log_printf("DNSBL -> Lookup result for %s!%s@%s (%s) %d.%d.%d.%d (error: %d)",
268	ds->ss->irc_nick,
269	ds->ss->irc_username,
270	ds->ss->irc_hostname,
271	res->lookup,
272	@@ -187,15 +220,21 @@
273	(unsigned char)res->text[2],
274	(unsigned char)res->text[3], fdns_errno);
275
276	/* Everything is OK */
277	if(res->text[0] == '\0' && fdns_errno == FDNS_ERR_NXDOMAIN)
278	{
279	+ /* If any previous positive blacklist result was blocked, waiting
280	+ * for whitelists, handle it now
281	+ */
282	+ if(ds->bl->whitelist && ds->ss->dnsbl_whitelist_count == 0 && ds->ss->dnsbl_positive_bl != NULL)
283	+ dnsbl_positive(ds->ss, ds->ss->dnsbl_positive_bl, ds->ss->dnsbl_positive_type);
284	+
285	if(ds->ss->manual_target != NULL)
286	- irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s does not appear in BL zone %s",
287	- ds->ss->manual_target->name, ds->ss->ip,
288	+ irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s does not appear in %s zone %s",
289	+ ds->ss->manual_target->name, ds->ss->ip, (ds->bl->whitelist ? "WL" : "BL"),
290	(strlen(ds->ss->ip) < strlen(res->lookup))
291	? (res->lookup + strlen(ds->ss->ip) + 1)
292	: res->lookup);
293
294
295	ds->ss->scans--; /* we are done with ss here */
296	@@ -207,12 +246,18 @@
297	/* Either an error, or a positive lookup */
298
299	if(fdns_errno == FDNS_ERR_NONE)
300	dnsbl_positive(ds->ss, ds->bl, (unsigned char)res->text[3]);
301	else
302	{
303	+ /* If any previous positive blacklist result was blocked, waiting
304	+ * for whitelists, handle it now
305	+ */
306	+ if(ds->bl->whitelist && ds->ss->dnsbl_whitelist_count == 0 && ds->ss->dnsbl_positive_bl != NULL)
307	+ dnsbl_positive(ds->ss, ds->ss->dnsbl_positive_bl, ds->ss->dnsbl_positive_type);
308	+
309	log_printf("DNSBL -> Lookup error on %s: %s", res->lookup,
310	firedns_strerror(fdns_errno));
311	if(fdns_errno != FDNS_ERR_TIMEOUT)
312	irc_send_channels("DNSBL -> Lookup error on %s: %s", res->lookup,
313	firedns_strerror(fdns_errno));
314	}
315	Index: src/scan.c
316	===================================================================
317	RCS file: /data/cvs/bopm/src/scan.c,v
318	retrieving revision 1.33
319	diff -u -6 -r1.33 scan.c
320	--- src/scan.c 22 Jun 2003 17:05:30 -0000 1.33
321	+++ src/scan.c 26 Jun 2003 21:06:49 -0000
322	@@ -477,13 +477,18 @@
323	ss->ip = (char *) DupString(user[3]);
324	ss->proof = (char *) DupString(msg);
325
326	ss->remote = opm_remote_create(ss->ip);
327	ss->scans = 0;
328	ss->positive = 0;
329	-
330	+
331	+ ss->dnsbl_whitelist_count = 0;
332	+ ss->dnsbl_whitelisted = 0;
333	+ ss->dnsbl_positive_bl = NULL;
334	+ ss->dnsbl_positive_type = '\0';
335	+
336	ss->manual_target = NULL;
337
338	assert(ss->remote);
339	return ss;
340	}
341
342	Index: src/scan.h
343	===================================================================
344	RCS file: /data/cvs/bopm/src/scan.h,v
345	retrieving revision 1.7
346	diff -u -6 -r1.7 scan.h
347	--- src/scan.h 20 Jun 2003 04:18:38 -0000 1.7
348	+++ src/scan.h 26 Jun 2003 21:06:49 -0000
349	@@ -12,13 +12,17 @@
350	char *ip;
351	char *proof;
352	OPM_REMOTE_T *remote;
353
354	unsigned short scans;
355	unsigned short positive;
356	-
357	+ unsigned short dnsbl_whitelisted;
358	+ unsigned short dnsbl_whitelist_count;
359	+ unsigned char dnsbl_positive_type;
360	+ struct BlacklistConf *dnsbl_positive_bl;
361	+
362	struct ChannelConf *manual_target;
363	};
364
365
366	struct scanner_struct
367	{