diff options
-rw-r--r-- | scripts/murmur.ini | 4 | ||||
-rw-r--r-- | src/murmur/Meta.cpp | 17 | ||||
-rw-r--r-- | src/murmur/Meta.h | 5 | ||||
-rw-r--r-- | src/murmur/Server.cpp | 2 |
4 files changed, 27 insertions, 1 deletions
diff --git a/scripts/murmur.ini b/scripts/murmur.ini index b18881c13..651918c37 100644 --- a/scripts/murmur.ini +++ b/scripts/murmur.ini @@ -373,9 +373,13 @@ allowping=true ; To disable, set autobanAttempts or autobanTimeframe to 0. Commenting these ; settings out will cause Murmur to use the defaults: ; +; To avoid autobanning successful connection attempts from the same IP address, +; set autobanSuccessfulConnections=False. +; ;autobanAttempts=10 ;autobanTimeframe=120 ;autobanTime=300 +;autobanSuccessfulConnections=True ; Enables logging of group changes. This means that every time a group in a ; channel changes, the server will log all groups and their members from before diff --git a/src/murmur/Meta.cpp b/src/murmur/Meta.cpp index 39c0e4ebb..8c6ab9502 100644 --- a/src/murmur/Meta.cpp +++ b/src/murmur/Meta.cpp @@ -78,6 +78,7 @@ MetaParams::MetaParams() { iBanTries = 10; iBanTimeframe = 120; iBanTime = 300; + bBanSuccessful = true; #ifdef Q_OS_UNIX uiUid = uiGid = 0; @@ -329,6 +330,7 @@ void MetaParams::read(QString fname) { iBanTries = typeCheckedFromSettings("autobanAttempts", iBanTries); iBanTimeframe = typeCheckedFromSettings("autobanTimeframe", iBanTimeframe); iBanTime = typeCheckedFromSettings("autobanTime", iBanTime); + bBanSuccessful = typeCheckedFromSettings("autobanSuccessfulConnections", bBanSuccessful); qvSuggestVersion = MumbleVersion::getRaw(qsSettings->value("suggestVersion").toString()); if (qvSuggestVersion.toUInt() == 0) @@ -747,8 +749,21 @@ void Meta::killAll() { qhServers.clear(); } +void Meta::successfulConnectionFrom(const QHostAddress &addr) { + if (!mp.bBanSuccessful) { + QList<Timer> &ql = qhAttempts[addr]; + // Seems like this is the most efficient way to clear the list, given: + // 1. ql.clear() allocates a new array + // 2. ql has less than iBanAttempts members + // 3. seems like ql.removeFirst() might actually copy elements to shift to the front + while (!ql.empty()) { + ql.removeLast(); + } + } +} + bool Meta::banCheck(const QHostAddress &addr) { - if ((mp.iBanTries == 0) || (mp.iBanTimeframe == 0)) + if ((mp.iBanTries <= 0) || (mp.iBanTimeframe <= 0)) return false; if (qhBans.contains(addr)) { diff --git a/src/murmur/Meta.h b/src/murmur/Meta.h index 470ffbdc2..9720180fb 100644 --- a/src/murmur/Meta.h +++ b/src/murmur/Meta.h @@ -59,6 +59,7 @@ public: int iBanTries; int iBanTimeframe; int iBanTime; + bool bBanSuccessful; QString qsDatabase; int iSQLiteWAL; @@ -192,6 +193,10 @@ class Meta : public QObject { void bootAll(); bool boot(int); bool banCheck(const QHostAddress &); + + /// Called whenever we get a successful connection from a client. + /// Used to reset autoban tracking for the address. + void successfulConnectionFrom(const QHostAddress &); void kill(int); void killAll(); void getOSInfo(); diff --git a/src/murmur/Server.cpp b/src/murmur/Server.cpp index bce2a2172..9a1f76099 100644 --- a/src/murmur/Server.cpp +++ b/src/murmur/Server.cpp @@ -1362,6 +1362,8 @@ void Server::newClient() { sock->setProtocol(QSsl::TlsV1_0); #endif sock->startServerEncryption(); + + meta->successfulConnectionFrom(adr); } } |