From 6f1a3fce057afdfc5388199b86608d46eb100e4a Mon Sep 17 00:00:00 2001
From: orbiter <orbiter@6c8d7289-2bf4-0310-a012-ef5d649a1542>
Date: Thu, 29 May 2008 17:27:38 +0000
Subject: [PATCH] BF Bugfix

git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@4869 6c8d7289-2bf4-0310-a012-ef5d649a1542
---
 htroot/Blog.java                            | 2 +-
 htroot/BlogComments.java                    | 2 +-
 htroot/CrawlResults.java                    | 2 +-
 source/de/anomic/http/httpdFileHandler.java | 2 +-
 source/de/anomic/server/serverCore.java     | 2 +-
 source/yacy.java                            | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/htroot/Blog.java b/htroot/Blog.java
index 924b5a642..52f7bc78a 100644
--- a/htroot/Blog.java
+++ b/htroot/Blog.java
@@ -105,7 +105,7 @@ public class Blog {
         final int num   = post.getInt("num",10);  //indicates how many entries should be shown
 
         if(!hasRights){
-            final userDB.Entry userentry = sb.userDB.proxyAuth((String)header.get("Authorization", "xxxxxx"));
+            final userDB.Entry userentry = sb.userDB.proxyAuth((String)header.get(httpHeader.AUTHORIZATION, "xxxxxx"));
             if(userentry != null && userentry.hasRight(userDB.Entry.BLOG_RIGHT)){
                 hasRights=true;
             } else if(post.containsKey("login")) {
diff --git a/htroot/BlogComments.java b/htroot/BlogComments.java
index 4b4b2169d..fbe25123b 100644
--- a/htroot/BlogComments.java
+++ b/htroot/BlogComments.java
@@ -91,7 +91,7 @@ public class BlogComments {
         }
 
         if(!hasRights){
-            userDB.Entry userentry = sb.userDB.proxyAuth((String)header.get("Authorization", "xxxxxx"));
+            userDB.Entry userentry = sb.userDB.proxyAuth((String)header.get(httpHeader.AUTHORIZATION, "xxxxxx"));
             if(userentry != null && userentry.hasRight(userDB.Entry.BLOG_RIGHT)){
                 hasRights=true;
             }
diff --git a/htroot/CrawlResults.java b/htroot/CrawlResults.java
index a03fdfcb0..9ec7df05d 100644
--- a/htroot/CrawlResults.java
+++ b/htroot/CrawlResults.java
@@ -77,7 +77,7 @@ public class CrawlResults {
         if (((tabletype > 0) && (tabletype < 6)) ||
             (post.containsKey("clearlist")) ||
             (post.containsKey("deleteentry"))) {
-            String authorization = ((String) header.get("Authorization", "xxxxxx"));
+            String authorization = ((String) header.get(httpHeader.AUTHORIZATION, "xxxxxx"));
             if (authorization.length() != 0) {
                 if (! sb.verifyAuthentication(header, true)){
                     // force log-in (again, because wrong password was given)
diff --git a/source/de/anomic/http/httpdFileHandler.java b/source/de/anomic/http/httpdFileHandler.java
index f90aebbdb..15e96b83a 100644
--- a/source/de/anomic/http/httpdFileHandler.java
+++ b/source/de/anomic/http/httpdFileHandler.java
@@ -303,6 +303,7 @@ public final class httpdFileHandler {
             
             // check permission/granted access
             String authorization = (String) requestHeader.get(httpHeader.AUTHORIZATION);
+            if (authorization != null && authorization.length() == 0) authorization = null;
             String adminAccountBase64MD5 = switchboard.getConfig(httpd.ADMIN_ACCOUNT_B64MD5, "");
             
             int pos = path.lastIndexOf(".");
@@ -645,7 +646,6 @@ public final class httpdFileHandler {
                                 if (authorization != null) {
                                     serverLog.logInfo("HTTPD", "dynamic log-in for account 'admin' in http file handler for path '" + path + "' from host '" + clientIP + "'");
                                     Integer attempts = (Integer) serverCore.bfHost.get(clientIP);
-                                    if (attempts != null) try {Thread.sleep(1000 * attempts.intValue());} catch (InterruptedException e) {}
                                     if (attempts == null)
                                         serverCore.bfHost.put(clientIP, new Integer(1));
                                     else
diff --git a/source/de/anomic/server/serverCore.java b/source/de/anomic/server/serverCore.java
index 1099f5789..61f7d95ea 100644
--- a/source/de/anomic/server/serverCore.java
+++ b/source/de/anomic/server/serverCore.java
@@ -359,7 +359,7 @@ public final class serverCore extends serverAbstractBusyThread implements server
                 this.log.logWarning("SLOWING DOWN ACCESS FOR BRUTE-FORCE PREVENTION FROM " + cIP + ", ATTEMPT " + attempts.intValue());
                 // add a delay to make brute-force harder
                 announceThreadBlockApply();
-                try {Thread.sleep(attempts.intValue() * 2000);} catch (InterruptedException e) {}
+                try {Thread.sleep(attempts.intValue() /*BFPATCH*/);} catch (InterruptedException e) {}
                 announceThreadBlockRelease();
                 if ((attempts.intValue() >= 10) && (this.denyHost != null)) {
                     this.denyHost.put(cIP, "deny");
diff --git a/source/yacy.java b/source/yacy.java
index 8f48c5cbf..3a1c03647 100644
--- a/source/yacy.java
+++ b/source/yacy.java
@@ -536,7 +536,7 @@ public final class yacy {
 
         // send 'wget' to web interface
         httpHeader requestHeader = new httpHeader();
-        requestHeader.put("Authorization", "realm=" + encodedPassword); // for http-authentify
+        requestHeader.put(httpHeader.AUTHORIZATION, "realm=" + encodedPassword); // for http-authentify
         JakartaCommonsHttpClient con = new JakartaCommonsHttpClient(10000, requestHeader, null);
         JakartaCommonsHttpResponse res = null;
         try {