github/qBittorrent
1
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent synced 2025-07-15 01:33:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

BUGFIX: Set Web UI ban period to 1 hour

Browse source
This commit is contained in:
Christophe Dumez 2010-03-13 12:21:15 +00:00
parent 80d5c5d85c
commit 057cf3648e
4 changed files with 74 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/httpconnection.cpp
View file

@ -47,7 +47,7 @@
#include <QTemporaryFile>
HttpConnection::HttpConnection(QTcpSocket *socket, Bittorrent *BTSession, HttpServer *parent)
: QObject(parent), socket(socket), parent(parent), BTSession(BTSession)
: QObject(parent), socket(socket), parent(parent), BTSession(BTSession)
{
socket->setParent(this);
connect(socket, SIGNAL(readyRead()), this, SLOT(read()));
@ -131,8 +131,9 @@ QString HttpConnection::translateDocument(QString data) {
void HttpConnection::respond() {
//qDebug("Respond called");
int nb_fail = parent->client_failed_attempts.value(socket->peerAddress().toString(), 0);
if(nb_fail > 4) {
const QString &peer_ip = socket->peerAddress().toString();
const int nb_fail = parent->NbFailedAttemptsForIp(peer_ip);
if(nb_fail >= MAX_AUTH_FAILED_ATTEMPTS) {
generator.setStatusLine(403, "Forbidden");
generator.setMessage(tr("Your IP address has been banned after too many failed authentication attempts."));
write();
@ -142,8 +143,8 @@ void HttpConnection::respond() {
qDebug("Auth: %s", qPrintable(auth.split(" ").first()));
if (QString::compare(auth.split(" ").first(), "Digest", Qt::CaseInsensitive) != 0 || !parent->isAuthorized(auth.toLocal8Bit(), parser.method())) {
// Update failed attempt counter
parent->client_failed_attempts.insert(socket->peerAddress().toString(), nb_fail+1);
qDebug("client IP: %s (%d failed attempts)", qPrintable(socket->peerAddress().toString()), nb_fail);
parent->increaseNbFailedAttemptsForIp(peer_ip);
qDebug("client IP: %s (%d failed attempts)", qPrintable(peer_ip), nb_fail+1);
// Return unauthorized header
generator.setStatusLine(401, "Unauthorized");
generator.setValue("WWW-Authenticate", "Digest realm=\""+QString(QBT_REALM)+"\", nonce=\""+parent->generateNonce()+"\", algorithm=\"MD5\", qop=\"auth\"");
@ -151,7 +152,7 @@ void HttpConnection::respond() {
return;
}
// Client sucessfuly authenticated, reset number of failed attempts
parent->client_failed_attempts.remove(socket->peerAddress().toString());
parent->resetNbFailedAttemptsForIp(peer_ip);
QString url = parser.url();
// Favicon
if(url.endsWith("favicon.ico")) {