From e688107dc4b3c6ee366c659aa9be816da453af0c Mon Sep 17 00:00:00 2001
From: Brian Munro <brian.alexander.munro@gmail.com>
Date: Tue, 22 Feb 2022 16:16:32 +0200
Subject: [PATCH] Make sure only true|false is entered into the config.

---
 lib/plugins/crowdsec/config.lua | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/plugins/crowdsec/config.lua b/lib/plugins/crowdsec/config.lua
index e3b458c..236a076 100644
--- a/lib/plugins/crowdsec/config.lua
+++ b/lib/plugins/crowdsec/config.lua
@@ -38,6 +38,7 @@ function config.loadConfig(file)
     local valid_params = {'ENABLED','API_URL', 'API_KEY', 'BOUNCING_ON_TYPE', 'MODE', 'SECRET_KEY', 'SITE_KEY', 'BAN_TEMPLATE_PATH' ,'CAPTCHA_TEMPLATE_PATH', 'REDIRECT_LOCATION', 'RET_CODE', 'EXCLUDE_LOCATION', 'FALLBACK_REMEDIATION'}
     local valid_int_params = {'CACHE_EXPIRATION', 'CACHE_SIZE', 'REQUEST_TIMEOUT', 'UPDATE_FREQUENCY', 'CAPTCHA_EXPIRATION'}
     local valid_bouncing_on_type_values = {'ban', 'captcha', 'all'}
+	local valid_truefalse_values = {'false', 'true'}
     local default_values = {
         ['ENABLED'] = "true",
         ['REQUEST_TIMEOUT'] = 0.2,
@@ -58,6 +59,13 @@ function config.loadConfig(file)
             local s = split(line, "=")
             for k, v in pairs(s) do
                 if has_value(valid_params, v) then
+					if v == "ENABLED" then
+                        local value = s[2]
+                        if not has_value(valid_truefalse_values, s[2]) then
+                            ngx.log(ngx.ERR, "unsupported value '" .. s[2] .. "' for variable '" .. v .. "'. Using default value 'ban' instead")
+                            break
+                        end
+                    end
                     if v == "BOUNCING_ON_TYPE" then
                         local value = s[2]
                         if not has_value(valid_bouncing_on_type_values, s[2]) then