mirror of
https://github.com/cmur2/dyndnsd.git
synced 2024-12-22 00:54:22 +01:00
auth: fix broken password check
Guessing an existing user's name was enough to successfully authenticate.
This commit is contained in:
parent
13613643cc
commit
2edb9522f1
@ -201,7 +201,7 @@ module Dyndnsd
|
|||||||
# configure rack
|
# configure rack
|
||||||
app = Daemon.new(config, db, updater, responder)
|
app = Daemon.new(config, db, updater, responder)
|
||||||
app = Rack::Auth::Basic.new(app, "DynDNS") do |user,pass|
|
app = Rack::Auth::Basic.new(app, "DynDNS") do |user,pass|
|
||||||
allow = (config['users'].has_key? user) and (config['users'][user]['password'] == pass)
|
allow = ((config['users'].has_key? user) and (config['users'][user]['password'] == pass))
|
||||||
if not allow
|
if not allow
|
||||||
Dyndnsd.logger.warn "Login failed for #{user}"
|
Dyndnsd.logger.warn "Login failed for #{user}"
|
||||||
Metriks.meter('requests.auth_failed').mark
|
Metriks.meter('requests.auth_failed').mark
|
||||||
|
Loading…
Reference in New Issue
Block a user