From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 8 Nov 2010 17:51:11 +0000 (+0000)
Subject: Let block_acl() work as advertised. If the last matching acl directive denies access... 
X-Git-Tag: v_3_0_17~41
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/@default-cgi@/developer-manual/static/diff?a=commitdiff_plain;h=e9a5ad6d641da0da0aafe50b0cc6cd3901a04c67;p=privoxy.git

Let block_acl() work as advertised. If the last matching acl directive denies access, the game is over, too.

Otherwise it's impossible to say: grant everyone but those
explicitly-mentioned suckers access (blacklist).

Usually it's done the other way around (whitelist), which worked
as expected, but blacklisting is still useful for a public proxy
where one only needs to deny known abusers access.
---

diff --git a/filters.c b/filters.c
index 014c0f69..b047a023 100644
--- a/filters.c
+++ b/filters.c
@@ -1,4 +1,4 @@
-const char filters_rcs[] = "$Id: filters.c,v 1.134 2010/09/14 07:17:01 fabiankeil Exp $";
+const char filters_rcs[] = "$Id: filters.c,v 1.135 2010/10/10 09:58:12 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/filters.c,v $
@@ -289,6 +289,10 @@ int block_acl(const struct access_control_addr *dst, const struct client_state *
             {
                return(0);
             }
+            else
+            {
+               return(1);
+            }
          }
          else if (
 #ifdef HAVE_RFC2553