yetangitu/ejabberd
1
0
Fork 0
mirror of https://github.com/processone/ejabberd synced 2025-10-03 09:49:18 +02:00
Code Issues Releases Wiki Activity

Don't process failed EXTERNAL authentication by mod_fail2ban

Browse source 
This will only lead to confusion because it's not considered
possible to brute force client certificates.
This commit is contained in:
Evgeny Khramtsov 2019-05-15 18:13:31 +03:00
parent 3c95764d1a
commit a4c3ea0dfb
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/mod_fail2ban.erl
View file

@ -53,6 +53,9 @@
%%%===================================================================
-spec c2s_auth_result(ejabberd_c2s:state(), true | {false, binary()}, binary())
-> ejabberd_c2s:state() | {stop, ejabberd_c2s:state()}.
c2s_auth_result(#{sasl_mech := Mech} = State, {false, _}, _User)
when Mech == <<"EXTERNAL">> ->
State;
c2s_auth_result(#{ip := {Addr, _}, lserver := LServer} = State, {false, _}, _User) ->
case is_whitelisted(LServer, Addr) of
true ->