mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-20 13:15:14 +00:00
Merge pull request #741 from dawnbreak/docu
Add security logger to RedDAV.
This commit is contained in:
commit
082ef8b950
5 changed files with 237 additions and 233 deletions
11
boot.php
11
boot.php
|
@ -51,12 +51,21 @@ define ( 'ZOT_REVISION', 1 );
|
|||
|
||||
define ( 'DB_UPDATE_VERSION', 1131 );
|
||||
|
||||
/**
|
||||
* Constant with a HTML line break.
|
||||
*
|
||||
* Contains a HTML line break (br) element and a real carriage return with line
|
||||
* feed for the source.
|
||||
* This can be used in HTML and JavaScript where needed a line break.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
define ( 'EOL', '<br>' . "\r\n" );
|
||||
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
|
||||
//define ( 'NULL_DATE', '0000-00-00 00:00:00' );
|
||||
define ( 'TEMPLATE_BUILD_PATH', 'store/[data]/smarty3' );
|
||||
|
||||
define ( 'DIRECTORY_MODE_NORMAL', 0x0000); // This is technically DIRECTORY_MODE_TERTIARY, but it's the default, hence 0x0000
|
||||
define ( 'DIRECTORY_MODE_NORMAL', 0x0000); // This is technically DIRECTORY_MODE_TERTIARY, but it's the default, hence 0x0000
|
||||
define ( 'DIRECTORY_MODE_PRIMARY', 0x0001);
|
||||
define ( 'DIRECTORY_MODE_SECONDARY', 0x0002);
|
||||
define ( 'DIRECTORY_MODE_STANDALONE', 0x0100);
|
||||
|
|
|
@ -118,8 +118,11 @@ class RedBasicAuth extends DAV\Auth\Backend\AbstractBasic {
|
|||
}
|
||||
}
|
||||
}
|
||||
logger('password failed for ' . $username);
|
||||
// @TODO add security logger
|
||||
|
||||
$error = 'password failed for ' . $username;
|
||||
logger($error);
|
||||
log_failed_login($error);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
@ -182,10 +182,10 @@ class RedBrowser extends DAV\Browser\Plugin {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
$parentHash = "";
|
||||
|
||||
$parentHash = '';
|
||||
$owner = $this->auth->owner_id;
|
||||
$splitPath = split("/", $fullPath);
|
||||
$splitPath = split('/', $fullPath);
|
||||
if (count($splitPath) > 3) {
|
||||
for ($i = 3; $i < count($splitPath); $i++) {
|
||||
$attachName = urldecode($splitPath[$i]);
|
||||
|
@ -233,6 +233,7 @@ class RedBrowser extends DAV\Browser\Plugin {
|
|||
}
|
||||
|
||||
// prepare quota for template
|
||||
$quota = array();
|
||||
$quota['used'] = $used;
|
||||
$quota['limit'] = $limit;
|
||||
$quota['desc'] = $quotaDesc;
|
||||
|
@ -257,7 +258,7 @@ class RedBrowser extends DAV\Browser\Plugin {
|
|||
$this->server->broadcastEvent('onHTMLActionsPanel', array($parent, &$output));
|
||||
}
|
||||
$html .= $output;
|
||||
|
||||
|
||||
get_app()->page['content'] = $html;
|
||||
load_pdl(get_app());
|
||||
construct_page(get_app());
|
||||
|
|
|
@ -41,6 +41,9 @@ function nuke_session() {
|
|||
/**
|
||||
* @brief Verify login credentials.
|
||||
*
|
||||
* If system <i>authlog</i> is set a log entry will be added for failed login
|
||||
* attempts.
|
||||
*
|
||||
* @param string $email
|
||||
* The email address to verify.
|
||||
* @param string $pass
|
||||
|
@ -88,14 +91,25 @@ function account_verify_password($email, $pass) {
|
|||
if($record['account_flags'] & ACCOUNT_PENDING)
|
||||
logger('Account is pending. account_flags = ' . $record['account_flags']);
|
||||
|
||||
// Also log failed logins to a separate auth log to reduce overhead for server side intrusion prevention
|
||||
$authlog = get_config('system', 'authlog');
|
||||
if ($authlog)
|
||||
@file_put_contents($authlog, datetime_convert() . ':' . session_id() . ' ' . $error . "\n", FILE_APPEND);
|
||||
log_failed_login($error);
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Log failed logins to a separate auth log.
|
||||
*
|
||||
* Can be used to reduce overhead for server side intrusion prevention, like
|
||||
* parse the authlog file with something like fail2ban, OSSEC, etc.
|
||||
*
|
||||
* @param string $errormsg
|
||||
* Error message to display for failed login.
|
||||
*/
|
||||
function log_failed_login($errormsg) {
|
||||
$authlog = get_config('system', 'authlog');
|
||||
if ($authlog)
|
||||
@file_put_contents($authlog, datetime_convert() . ':' . session_id() . ' ' . $errormsg . PHP_EOL, FILE_APPEND);
|
||||
}
|
||||
|
||||
/**
|
||||
* Inline - not a function
|
||||
|
|
421
include/text.php
421
include/text.php
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue