X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=src%2Fngircd%2Fconn-func.c;h=72d38b8621ff559c9c93903989e7c091b018be79;hp=c72a94c40a42e9bb96016c3d6a3aca2ef3e90702;hb=456eea6f1896528dad344ed2c254fd07bdc3a4b1;hpb=b130b35f48d19450240748425e12d21f2c38350f diff --git a/src/ngircd/conn-func.c b/src/ngircd/conn-func.c index c72a94c4..72d38b86 100644 --- a/src/ngircd/conn-func.c +++ b/src/ngircd/conn-func.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2008 Alexander Barton (alex@barton.de) + * Copyright (c)2001-2018 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -26,6 +26,7 @@ #endif #include "conn.h" +#include "conf.h" #include "conn-func.h" /** @@ -85,7 +86,7 @@ Conn_LastPing( CONN_ID Idx ) * is read. This function only increases the penalty, it is not possible to * decrease the penalty time. * - * @param Idex Connection index. + * @param Idx Connection index. * @param Seconds Seconds to add. * @see Conn_ResetPenalty */ @@ -97,6 +98,14 @@ Conn_SetPenalty(CONN_ID Idx, time_t Seconds) assert(Idx > NONE); assert(Seconds >= 0); + /* Limit new penalty to maximum configured, when less than 10 seconds. * + The latter is used to limit brute force attacks, therefore we don't * + want to limit that! */ + if (Conf_MaxPenaltyTime >= 0 + && Seconds > Conf_MaxPenaltyTime + && Seconds < 10) + Seconds = Conf_MaxPenaltyTime; + t = time(NULL); if (My_Connections[Idx].delaytime < t) My_Connections[Idx].delaytime = t; @@ -138,7 +147,7 @@ GLOBAL CONN_ID Conn_First( void ) { CONN_ID i; - + for( i = 0; i < Pool_Size; i++ ) { if( My_Connections[i].sock != NONE ) return i; @@ -152,7 +161,7 @@ Conn_Next( CONN_ID Idx ) CONN_ID i = NONE; assert( Idx > NONE ); - + for( i = Idx + 1; i < Pool_Size; i++ ) { if( My_Connections[i].sock != NONE ) return i;