// Is the certificate hash banned?
func (server *Server) IsCertHashBanned(hash string) bool {
server.banlock.RLock()
defer server.banlock.RUnlock()
for _, ban := range server.Bans {
if ban.CertHash == hash && !ban.IsExpired() {
return true
}
}
return false
}
// Is the incoming connection conn banned?
func (server *Server) IsConnectionBanned(conn net.Conn) bool {
server.banlock.RLock()
defer server.banlock.RUnlock()
for _, ban := range server.Bans {
addr := conn.RemoteAddr().(*net.TCPAddr)
if ban.Match(addr.IP) && !ban.IsExpired() {
return true
}
}
return false
}
// Remove expired bans
func (server *Server) RemoveExpiredBans() {
server.banlock.Lock()
defer server.banlock.Unlock()
newBans := []ban.Ban{}
update := false
for _, ban := range server.Bans {
if !ban.IsExpired() {
newBans = append(newBans, ban)
} else {
update = true
}
}
if update {
server.Bans = newBans
server.UpdateFrozenBans(server.Bans)
}
}