amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-05-21 03:15:25 +00:00
Code Issues Projects Releases Wiki Activity

(fix) correctly block if fail count is within interval (fixes #2850)

Browse Source
This commit is contained in:
Ludovic Marcotte
2016-12-14 21:20:29 -05:00
parent e0108088ee
commit f0085ef43e
2 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SoObjects/SOGo/SOGoCache.m
+2
View File
@@ -505,6 +505,8 @@ static memcached_st *handle = NULL;
{
[d setObject: [NSNumber numberWithUnsignedInt: [[NSCalendarDate date] timeIntervalSince1970]] forKey: @"InitialDate"];
}
[d setObject: [NSNumber numberWithUnsignedInt: [[NSCalendarDate date] timeIntervalSince1970]] forKey: @"LastRequestDate"];
[d setObject: count forKey: @"FailedCount"];
[self _cacheValues: [d jsonRepresentation]
SoObjects/SOGo/SOGoUserManager.m
+8 -6
View File
@@ -531,9 +531,9 @@ static Class NSNullK;
grace: (int *) _grace
useCache: (BOOL) useCache
{
NSString *dictPassword, *username, *jsonUser;
NSMutableDictionary *currentUser;
NSDictionary *failedCount;
NSString *dictPassword, *username, *jsonUser;
SOGoSystemDefaults *sd;
BOOL checkOK;
@@ -573,23 +573,25 @@ static Class NSNullK;
failedCount = [[SOGoCache sharedCache] failedCountForLogin: username];
if (failedCount)
{
unsigned int current_time, start_time, delta, block_time;
unsigned int current_time, last_request_time, start_time, delta_start, delta_last_request, block_time;
current_time = [[NSCalendarDate date] timeIntervalSince1970];
start_time = [[failedCount objectForKey: @"InitialDate"] unsignedIntValue];
delta = current_time - start_time;
last_request_time = [[failedCount objectForKey: @"LastRequestDate"] unsignedIntValue];
delta_start = current_time - start_time;
delta_last_request = current_time - last_request_time;
block_time = [sd failedLoginBlockInterval];
if ([[failedCount objectForKey: @"FailedCount"] intValue] >= [sd maximumFailedLoginCount] &&
delta >= [sd maximumFailedLoginInterval] &&
delta <= block_time )
delta_last_request >= [sd maximumFailedLoginInterval] &&
delta_start <= block_time )
{
*_perr = PolicyAccountLocked;
return NO;
}
if (delta > block_time)
if (delta_start > block_time)
{
[[SOGoCache sharedCache] setFailedCount: 0
forLogin: username];