diff options
author | Yorhel <git@yorhel.nl> | 2014-08-29 11:50:41 +0200 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2014-08-29 11:50:41 +0200 |
commit | 1cf4252f2d313bc1e3f460a1d379a49b751d1170 (patch) | |
tree | 4385788e5553fe7376e4063961e8c7a9cbce7663 /lib/VNDB | |
parent | 9a1bd46a568094ff62cfc85bc488b116042718b8 (diff) |
API: Make sure to honor the new login throttle
Diffstat (limited to 'lib/VNDB')
-rw-r--r-- | lib/VNDB/Handler/Users.pm | 4 | ||||
-rw-r--r-- | lib/VNDB/Util/Auth.pm | 2 | ||||
-rw-r--r-- | lib/VNDB/Util/Misc.pm | 23 |
3 files changed, 4 insertions, 25 deletions
diff --git a/lib/VNDB/Handler/Users.pm b/lib/VNDB/Handler/Users.pm index 78c4103d..680e50a0 100644 --- a/lib/VNDB/Handler/Users.pm +++ b/lib/VNDB/Handler/Users.pm @@ -140,7 +140,7 @@ sub login { return $self->resRedirect('/') if $self->authInfo->{id}; - my $tm = $self->dbThrottleGet($self->normIP); + my $tm = $self->dbThrottleGet(norm_ip($self->reqIP)); if($tm-time() > $self->{login_throttle}[1]) { $self->htmlHeader(title => mt '_login_title'); div class => 'mainbox'; @@ -167,7 +167,7 @@ sub login { if(!$frm->{_err}) { return if $self->authLogin($frm->{usrname}, $frm->{usrpass}, $ref); $frm->{_err} = [ 'login_failed' ]; - $self->dbThrottleSet($self->normIP, $tm+$self->{login_throttle}[0]); + $self->dbThrottleSet(norm_ip($self->reqIP), $tm+$self->{login_throttle}[0]); } } diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm index a1fa9b4d..89cbd215 100644 --- a/lib/VNDB/Util/Auth.pm +++ b/lib/VNDB/Util/Auth.pm @@ -165,7 +165,7 @@ sub authGetCode { my $self = shift; my $id = shift; my $time = (shift || time)/3600; # accuracy of an hour - my $uid = encode_utf8($self->{_auth} ? $self->{_auth}{id} : $self->normIP()); + my $uid = encode_utf8($self->{_auth} ? $self->{_auth}{id} : norm_ip($self->reqIP())); return lc substr sha1_hex($self->{form_salt} . $uid . encode_utf8($id||'') . pack('N', int $time)), 0, 16; } diff --git a/lib/VNDB/Util/Misc.pm b/lib/VNDB/Util/Misc.pm index 7ee0701b..b7503c24 100644 --- a/lib/VNDB/Util/Misc.pm +++ b/lib/VNDB/Util/Misc.pm @@ -6,9 +6,8 @@ use warnings; use Exporter 'import'; use TUWF ':html'; use VNDB::Func; -use Socket 'inet_pton', 'inet_ntop', 'AF_INET6'; -our @EXPORT = qw|filFetchDB ieCheck normIP|; +our @EXPORT = qw|filFetchDB ieCheck|; my %filfields = ( @@ -143,25 +142,5 @@ sub ieCheck { return 0; } - -# Normalized IP address to use for duplicate detection/throttling. For IPv4 -# this is just the normal address, but for IPv6 this is the /48 subnet, with -# the rest of the address zero'd. -sub normIP { - my $s = shift; - my $ip = $s->reqIP(); - return $ip if $ip !~ /:/; - - # There's a whole bunch of IPv6 manipulation modules on CPAN, but many seem - # quite bloated and still don't offer the functionality to return an IP - # with its mask applied (admittedly not a common operation). The libc - # socket functions will do fine in parsing and formatting IPv6 addresses, - # and the actual masking is quite trivial in binary form. - $ip = inet_pton AF_INET6, $ip; - return '::' if !$ip; - $ip =~ s/^(.{6}).+$/$1 . "\0"x10/e; - return inet_ntop AF_INET6, $ip; -} - 1; |