[geeklog-cvs] Geeklog-1.x/system lib-webservices.php,1.30,1.31
Dirk Haun
dhaun at qs1489.pair.com
Sun Jan 6 03:32:55 EST 2008
Update of /cvsroot/geeklog/Geeklog-1.x/system
In directory qs1489.pair.com:/tmp/cvs-serv42206/system
Modified Files:
lib-webservices.php
Log Message:
Need to use a separate counter for the webservices authentication so that you can't use it to reset the login counter for dictionary attacks
Index: lib-webservices.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/lib-webservices.php,v
retrieving revision 1.30
retrieving revision 1.31
diff -C2 -d -r1.30 -r1.31
*** lib-webservices.php 4 Jan 2008 18:36:31 -0000 1.30
--- lib-webservices.php 6 Jan 2008 08:32:53 -0000 1.31
***************
*** 753,758 ****
}
! COM_clearSpeedlimit($_CONF['login_speedlimit'], 'login');
! if (COM_checkSpeedlimit('login', $_CONF['login_attempts']) > 0) {
WS_error(PLG_RET_PERMISSION_DENIED, 'Speed Limit exceeded');
}
--- 753,758 ----
}
! COM_clearSpeedlimit($_CONF['login_speedlimit'], 'wsauth');
! if (COM_checkSpeedlimit('wsauth', $_CONF['login_attempts']) > 0) {
WS_error(PLG_RET_PERMISSION_DENIED, 'Speed Limit exceeded');
}
***************
*** 771,784 ****
// if there were less than 2 failed login attempts, reset speedlimit
! if (COM_checkSpeedlimit('login', 2) == 0) {
if ($WS_VERBOSE) {
COM_errorLog("WS: Successful login - resetting speedlimit");
}
! COM_resetSpeedlimit('login');
}
} else {
! COM_updateSpeedlimit('login');
if (!empty($username) && !empty($password)) {
! COM_updateSpeedlimit('login');
if ($WS_VERBOSE) {
--- 771,784 ----
// if there were less than 2 failed login attempts, reset speedlimit
! if (COM_checkSpeedlimit('wsauth', 2) == 0) {
if ($WS_VERBOSE) {
COM_errorLog("WS: Successful login - resetting speedlimit");
}
! COM_resetSpeedlimit('wsauth');
}
} else {
! COM_updateSpeedlimit('wsauth');
if (!empty($username) && !empty($password)) {
! COM_updateSpeedlimit('wsauth');
if ($WS_VERBOSE) {
More information about the geeklog-cvs
mailing list