[Pkg-owncloud-commits] [owncloud] 80/121: Move authentication failed logging to checkPassword

David Prévot taffit at moszumanska.debian.org
Thu Aug 21 16:44:37 UTC 2014 

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository owncloud.

commit e7cea79ee7311c41c5f95082cba6e75e0236beac
Author: Lukas Reschke <lukas at owncloud.com>
Date:   Fri Aug 15 12:13:00 2014 +0200

    Move authentication failed logging to checkPassword
    
    Fixes https://github.com/owncloud/core/issues/10366
---
 config/config.sample.php     | 3 ---
 lib/base.php                 | 7 -------
 lib/private/user/manager.php | 2 ++
 3 files changed, 2 insertions(+), 10 deletions(-)

diff --git a/config/config.sample.php b/config/config.sample.php
index 1cf2c22..402c84f 100755
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -185,9 +185,6 @@ $CONFIG = array(
  (watch out, this option can increase the size of your log file)*/
 "log_query" => false,
 
-/* Enable or disable the logging of IP addresses in case of webform auth failures */
-"log_authfailip" => false,
-
 /* Whether ownCloud should log the last successfull cron exec */
 "cron_log" => true,
 
diff --git a/lib/base.php b/lib/base.php
index 85049bb..ed0830c 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -842,13 +842,6 @@ class OC {
 		} // logon via web form
 		elseif (OC::tryFormLogin()) {
 			$error[] = 'invalidpassword';
-			if ( OC_Config::getValue('log_authfailip', false) ) {
-				OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'],
-				OC_Log::WARN);
-			} else {
-				OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:set log_authfailip=true in conf',
-                                OC_Log::WARN);
-			}
 		}
 
 		OC_Util::displayLoginPage(array_unique($error));
diff --git a/lib/private/user/manager.php b/lib/private/user/manager.php
index d4d9116..a897545 100644
--- a/lib/private/user/manager.php
+++ b/lib/private/user/manager.php
@@ -164,6 +164,8 @@ class Manager extends PublicEmitter implements IUserManager {
 				}
 			}
 		}
+
+		\OC::$server->getLogger()->warning('Login failed: \''. $loginname .'\' (Remote IP: \''. $_SERVER['REMOTE_ADDR'] .'\', X-Forwarded-For: \''. $_SERVER['HTTP_X_FORWARDED_FOR'] .'\')', array('app' => 'core'));
 		return false;
 	}
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git

More information about the Pkg-owncloud-commits mailing list