commit trytond for openSUSE:Factory

root Sun, 25 Feb 2018 02:47:35 -0800

Hello community,

here is the log from the commit of package trytond for openSUSE:Factory checked 
in at 2018-02-25 11:46:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/trytond (Old)
 and      /work/SRC/openSUSE:Factory/.trytond.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "trytond"

Sun Feb 25 11:46:59 2018 rev:16 rq:579761 version:4.2.9

Changes:
--------
--- /work/SRC/openSUSE:Factory/trytond/trytond.changes  2018-01-13 
21:49:30.828854105 +0100
+++ /work/SRC/openSUSE:Factory/.trytond.new/trytond.changes     2018-02-25 
11:47:01.876455098 +0100
@@ -1,0 +2,6 @@
+Sat Feb 17 06:47:27 UTC 2018 - [email protected]
+
+- user_login.patch replaced by trytond_get_login.patch 
+  see boo#1078111
+
+-------------------------------------------------------------------

Old:
----
  user_login.patch

New:
----
  trytond_get_login.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ trytond.spec ++++++
--- /var/tmp/diff_new_pack.9FsLUr/_old  2018-02-25 11:47:04.204370626 +0100
+++ /var/tmp/diff_new_pack.9FsLUr/_new  2018-02-25 11:47:04.212370335 +0100
@@ -34,7 +34,7 @@
 Source3:        %{name}.conf
 Source4:        %{name}_log.conf
 # GNU Health patch for user login
-Patch0:         user_login.patch
+Patch0:         trytond_get_login.patch
 Source20:       %{name}.service
 # List of additional build dependencies
 BuildRequires:  fdupes

++++++ trytond_get_login.patch ++++++
--- trytond/res/user.py 2018-02-15 13:09:37.735716404 +0000
+++ trytond/res/user.py 2018-02-15 22:08:51.966998130 +0000
@@ -18,6 +18,7 @@
 from sql.conditionals import Coalesce
 from sql.aggregate import Count
 from sql.operators import Concat
+from random import randint
 
 try:
     import bcrypt
@@ -495,7 +496,16 @@
         Return user id if password matches
         '''
         LoginAttempt = Pool().get('res.user.login.attempt')
-        time.sleep(2 ** LoginAttempt.count(login) - 1)
+        
+        login_max_delay = config.getint('session', 'login_max_delay')
+        
+        if (not login_max_delay) or (login_max_delay < 1):
+            login_max_delay = 3
+
+        #Use a random delay (default between 1 and login_max_delay) in login
+        #if the param is not set, it defaults to 3
+        delay = randint(1,login_max_delay)
+        time.sleep(delay)
         for method in config.get(
                 'session', 'authentications', default='password').split(','):
             try:
@@ -505,9 +515,9 @@
                 continue
             user_id = func(login, parameters)
             if user_id:
-                LoginAttempt.remove(login)
                 return user_id
-        LoginAttempt.add(login)
+            else:
+                logger.info('Invalid login from : %s', login)
 
     @classmethod
     def _login_password(cls, login, parameters):

commit trytond for openSUSE:Factory

Reply via email to