1
0
mirror of https://github.com/anope/anope.git synced 2026-07-01 09:46:40 +02:00

Apply bad password logic to SASL too.

This commit is contained in:
Sadie Powell
2025-02-20 21:20:00 +00:00
parent 8da52bf121
commit ff8aca1db4
+31
View File
@@ -165,6 +165,7 @@ class SASLService final
, public Timer
{
private:
Anope::map<std::pair<time_t, unsigned short>> badpasswords;
Anope::map<SASL::Session *> sessions;
public:
@@ -324,6 +325,27 @@ public:
void Fail(Session *session) override
{
this->SendMessage(session, "D", "F");
const auto badpasslimit = Config->GetBlock("options")->Get<int>("badpasslimit");
if (!badpasslimit)
return;
auto it = badpasswords.find(session->uid);
if (it == badpasswords.end())
it = badpasswords.emplace(session->uid, std::make_pair(Anope::CurTime, 0)).first;
auto &[invalid_pw_time, invalid_pw_count] = it->second;
const auto badpasstimeout = Config->GetBlock("options")->Get<time_t>("badpasstimeout");
if (badpasstimeout > 0 && invalid_pw_time > 0 && invalid_pw_time < Anope::CurTime - badpasstimeout)
badpasswords.erase(it);
invalid_pw_count++;
invalid_pw_time = Anope::CurTime;
if (invalid_pw_count >= badpasslimit)
{
IRCD->SendKill(BotInfo::Find(GetAgent()), session->uid, "Too many invalid passwords");
badpasswords.erase(it);
}
}
void SendMechs(Session *session) override
@@ -338,6 +360,15 @@ public:
void Tick() override
{
const auto badpasstimeout = Config->GetBlock("options")->Get<time_t>("badpasstimeout");
for (auto it = badpasswords.begin(); it != badpasswords.end(); )
{
if (it->second.first + badpasstimeout < Anope::CurTime)
it = badpasswords.erase(it);
else
it++;
}
for (auto it = sessions.begin(); it != sessions.end(); )
{
const auto *sess = it->second;