From 94188021509a376fc352b7707d9a324335a97eba Mon Sep 17 00:00:00 2001
From: oy <Tom_Adams@web.de>
Date: Sun, 31 Jul 2011 13:05:12 +0200
Subject: protected econ authentication against brute force

---
 src/engine/shared/econ.cpp | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'src/engine/shared/econ.cpp')

diff --git a/src/engine/shared/econ.cpp b/src/engine/shared/econ.cpp
index 18a551e7..617cdbd6 100644
--- a/src/engine/shared/econ.cpp
+++ b/src/engine/shared/econ.cpp
@@ -16,6 +16,7 @@ int CEcon::NewClientCallback(int ClientID, void *pUser)
 
 	pThis->m_aClients[ClientID].m_State = CClient::STATE_CONNECTED;
 	pThis->m_aClients[ClientID].m_TimeConnected = time_get();
+	pThis->m_aClients[ClientID].m_AuthTries = 0;
 
 	pThis->m_NetConsole.Send(ClientID, "Enter password:");
 	return 0;
@@ -112,7 +113,22 @@ void CEcon::Update()
 				Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "econ", aBuf);
 			}
 			else
-				m_NetConsole.Send(ClientID, "Wrong password");
+			{
+				m_aClients[ClientID].m_AuthTries++;
+				char aBuf[128];
+				str_format(aBuf, sizeof(aBuf), "Wrong password %d/%d.", m_aClients[ClientID].m_AuthTries, MAX_AUTH_TRIES);
+				m_NetConsole.Send(ClientID, aBuf);
+				if(m_aClients[ClientID].m_AuthTries >= MAX_AUTH_TRIES)
+				{
+					if(!g_Config.m_EcBantime)
+						m_NetConsole.Drop(ClientID, "Too many authentication tries");
+					else
+					{
+						NETADDR Addr = m_NetConsole.ClientAddr(ClientID);
+						m_NetConsole.AddBan(Addr, g_Config.m_EcBantime*60);
+					}
+				}
+			}
 		}
 		else if(m_aClients[ClientID].m_State == CClient::STATE_AUTHED)
 		{
-- 
cgit 1.4.1