Build: #2988 was successful Changes by Guus der Kinderen
Code commits
Openfire (master)
-
Guus der Kinderen efa090634a0b0c6934c4957d47a713db7c0a9869
OF-3262: Failed login tracking to use IP/Username combination
This improves failed-login tracking in the admin console by using a combination of username and IP address instead of relying solely on IP-based tracking alone. This primarily fixes an issue where a single user, behind a reverse proxy or NAT, can lock out all other users.
The old IP-only restriction is still left in place. Its default maximum attempts has been increased to a number higher than the IP/Username combination attempt maximum.- i18n/src/main/resources/openfire_i18n.properties (version efa090634a0b0c6934c4957d47a713db7c0a9869)
- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version efa090634a0b0c6934c4957d47a713db7c0a9869)
- xmppserver/src/test/java/org/jivesoftware/admin/LoginLimitManagerTest.java (version efa090634a0b0c6934c4957d47a713db7c0a9869)
-
Guus der Kinderen f1b3780d127f01d73eea68225b236661e47176e2
fixes small typo
- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version f1b3780d127f01d73eea68225b236661e47176e2)
-
Guus der Kinderen 636566809dc4d867616677736a317935c58ae211
(code review): fixed typo in log statement
- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 636566809dc4d867616677736a317935c58ae211)
-
Guus der Kinderen 1f7a8df02bb55422265fe44ea34188c3cacc8b41
OF-3262 (code review): Improve concurrency
Make modifications to the maps that store attemps atomic to reduce potential concurrency issues.- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 1f7a8df02bb55422265fe44ea34188c3cacc8b41)
-
Guus der Kinderen 042333964e57964bb3bd55a5be7f821cf2b69798
OF-3262 (code review): trivial improvements (spelling etc)
- i18n/src/main/resources/openfire_i18n.properties (version 042333964e57964bb3bd55a5be7f821cf2b69798)
- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 042333964e57964bb3bd55a5be7f821cf2b69798)
-
Guus der Kinderen 0e6053a10645f8769e1e52e292b388247cf95345
OF-3262 (code review) Do not unlock IP-only gate based on username success
Do not let a successful login from one IP also reduce the shared IP-only counter for other IPs that this user previously used. That weakens the secondary per-IP gate.- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 0e6053a10645f8769e1e52e292b388247cf95345)
- xmppserver/src/test/java/org/jivesoftware/admin/LoginLimitManagerTest.java (version 0e6053a10645f8769e1e52e292b388247cf95345)
-
Guus der Kinderen 46b4888c393cca228616a5fccd5cc9de0c788ffd
OF-3262 (code review): Improve unit test coverage for LoginLimitManager
This refactors the unit tests, adding explicit coverage for checking single gates.- xmppserver/src/main/java/org/jivesoftware/admin/LoginLimitManager.java (version 46b4888c393cca228616a5fccd5cc9de0c788ffd)
- xmppserver/src/test/java/org/jivesoftware/admin/LoginLimitManagerTest.java (version 46b4888c393cca228616a5fccd5cc9de0c788ffd)
-
Guus der Kinderen b13400071eb5fdbb84afe7e2b0b3946d8fd4116b
OF-3262: Improve unit test coverage (more off-by-one checks)
Also refactored some of the existing tests for robustness/consistency.- xmppserver/src/test/java/org/jivesoftware/admin/LoginLimitManagerTest.java (version b13400071eb5fdbb84afe7e2b0b3946d8fd4116b)