Chapril/xmpp.chapril.org-ejabberd
25
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-10-31 15:21:38 +01:00
Code Releases Activity

Don't process failed EXTERNAL authentication by mod_fail2ban

Browse Source 
This will only lead to confusion because it's not considered
possible to brute force client certificates.
This commit is contained in:
Evgeny Khramtsov 2019-05-15 18:13:31 +03:00
parent 3c95764d1a
commit a4c3ea0dfb
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/mod_fail2ban.erl
View File

@ -53,6 +53,9 @@
%%%=================================================================== %%%===================================================================
-spec c2s_auth_result(ejabberd_c2s:state(), true | {false, binary()}, binary()) -spec c2s_auth_result(ejabberd_c2s:state(), true | {false, binary()}, binary())
-> ejabberd_c2s:state() | {stop, ejabberd_c2s:state()}. -> ejabberd_c2s:state() | {stop, ejabberd_c2s:state()}.
c2s_auth_result(#{sasl_mech := Mech} = State, {false, _}, _User)
when Mech == <<"EXTERNAL">> ->
State;
c2s_auth_result(#{ip := {Addr, _}, lserver := LServer} = State, {false, _}, _User) -> c2s_auth_result(#{ip := {Addr, _}, lserver := LServer} = State, {false, _}, _User) ->
case is_whitelisted(LServer, Addr) of case is_whitelisted(LServer, Addr) of
true -> true ->