boxtec
/
yacy_search_server
mirror of https://github.com/yacy/yacy_search_server
4
1
Fork 0
Code Issues Projects Releases Wiki Activity

BF Bugfix

Browse Source 
git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@4869 6c8d7289-2bf4-0310-a012-ef5d649a1542
pull/1/head
orbiter 17 years ago
parent c5f4f518e2
commit 6f1a3fce05
6 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File

2
htroot/Blog.java
Unescape View File

@ -105,7 +105,7 @@ public class Blog {
final int num = post.getInt("num",10); //indicates how many entries should be shown final int num = post.getInt("num",10); //indicates how many entries should be shown
if(!hasRights){ if(!hasRights){
final userDB.Entry userentry = sb.userDB.proxyAuth((String)header.get("Authorization", "xxxxxx")); final userDB.Entry userentry = sb.userDB.proxyAuth((String)header.get(httpHeader.AUTHORIZATION, "xxxxxx"));
if(userentry != null && userentry.hasRight(userDB.Entry.BLOG_RIGHT)){ if(userentry != null && userentry.hasRight(userDB.Entry.BLOG_RIGHT)){
hasRights=true; hasRights=true;
} else if(post.containsKey("login")) { } else if(post.containsKey("login")) {

2
htroot/BlogComments.java
Unescape View File

@ -91,7 +91,7 @@ public class BlogComments {
} }
if(!hasRights){ if(!hasRights){
userDB.Entry userentry = sb.userDB.proxyAuth((String)header.get("Authorization", "xxxxxx")); userDB.Entry userentry = sb.userDB.proxyAuth((String)header.get(httpHeader.AUTHORIZATION, "xxxxxx"));
if(userentry != null && userentry.hasRight(userDB.Entry.BLOG_RIGHT)){ if(userentry != null && userentry.hasRight(userDB.Entry.BLOG_RIGHT)){
hasRights=true; hasRights=true;
} }

2
htroot/CrawlResults.java
Unescape View File

@ -77,7 +77,7 @@ public class CrawlResults {
if (((tabletype > 0) && (tabletype < 6)) || if (((tabletype > 0) && (tabletype < 6)) ||
(post.containsKey("clearlist")) || (post.containsKey("clearlist")) ||
(post.containsKey("deleteentry"))) { (post.containsKey("deleteentry"))) {
String authorization = ((String) header.get("Authorization", "xxxxxx")); String authorization = ((String) header.get(httpHeader.AUTHORIZATION, "xxxxxx"));
if (authorization.length() != 0) { if (authorization.length() != 0) {
if (! sb.verifyAuthentication(header, true)){ if (! sb.verifyAuthentication(header, true)){
// force log-in (again, because wrong password was given) // force log-in (again, because wrong password was given)

2
source/de/anomic/http/httpdFileHandler.java
Unescape View File

@ -303,6 +303,7 @@ public final class httpdFileHandler {
// check permission/granted access // check permission/granted access
String authorization = (String) requestHeader.get(httpHeader.AUTHORIZATION); String authorization = (String) requestHeader.get(httpHeader.AUTHORIZATION);
if (authorization != null && authorization.length() == 0) authorization = null;
String adminAccountBase64MD5 = switchboard.getConfig(httpd.ADMIN_ACCOUNT_B64MD5, ""); String adminAccountBase64MD5 = switchboard.getConfig(httpd.ADMIN_ACCOUNT_B64MD5, "");
int pos = path.lastIndexOf("."); int pos = path.lastIndexOf(".");
@ -645,7 +646,6 @@ public final class httpdFileHandler {
if (authorization != null) { if (authorization != null) {
serverLog.logInfo("HTTPD", "dynamic log-in for account 'admin' in http file handler for path '" + path + "' from host '" + clientIP + "'"); serverLog.logInfo("HTTPD", "dynamic log-in for account 'admin' in http file handler for path '" + path + "' from host '" + clientIP + "'");
Integer attempts = (Integer) serverCore.bfHost.get(clientIP); Integer attempts = (Integer) serverCore.bfHost.get(clientIP);
if (attempts != null) try {Thread.sleep(1000 * attempts.intValue());} catch (InterruptedException e) {}
if (attempts == null) if (attempts == null)
serverCore.bfHost.put(clientIP, new Integer(1)); serverCore.bfHost.put(clientIP, new Integer(1));
else else

2
source/de/anomic/server/serverCore.java
Unescape View File

@ -359,7 +359,7 @@ public final class serverCore extends serverAbstractBusyThread implements server
this.log.logWarning("SLOWING DOWN ACCESS FOR BRUTE-FORCE PREVENTION FROM " + cIP + ", ATTEMPT " + attempts.intValue()); this.log.logWarning("SLOWING DOWN ACCESS FOR BRUTE-FORCE PREVENTION FROM " + cIP + ", ATTEMPT " + attempts.intValue());
// add a delay to make brute-force harder // add a delay to make brute-force harder
announceThreadBlockApply(); announceThreadBlockApply();
try {Thread.sleep(attempts.intValue() * 2000);} catch (InterruptedException e) {} try {Thread.sleep(attempts.intValue() /*BFPATCH*/);} catch (InterruptedException e) {}
announceThreadBlockRelease(); announceThreadBlockRelease();
if ((attempts.intValue() >= 10) && (this.denyHost != null)) { if ((attempts.intValue() >= 10) && (this.denyHost != null)) {
this.denyHost.put(cIP, "deny"); this.denyHost.put(cIP, "deny");

2
source/yacy.java
Unescape View File

@ -536,7 +536,7 @@ public final class yacy {
// send 'wget' to web interface // send 'wget' to web interface
httpHeader requestHeader = new httpHeader(); httpHeader requestHeader = new httpHeader();
requestHeader.put("Authorization", "realm=" + encodedPassword); // for http-authentify requestHeader.put(httpHeader.AUTHORIZATION, "realm=" + encodedPassword); // for http-authentify
JakartaCommonsHttpClient con = new JakartaCommonsHttpClient(10000, requestHeader, null); JakartaCommonsHttpClient con = new JakartaCommonsHttpClient(10000, requestHeader, null);
JakartaCommonsHttpResponse res = null; JakartaCommonsHttpResponse res = null;
try { try {

Write Preview
Loading…
Cancel
Save