search

owncloud / brute_force_protection

Brute-force protection app for ownCloud
GNU General Public License v2.0
6 stars 5 forks source link

Internal Server Error when entering several times a wrong password in a Protected Public link #134

Closed davitol closed 4 years ago

davitol commented 4 years ago

Steps to reproduce

  1. Have brute_force_protection app enabled from tarball located in https://github.com/owncloud/brute_force_protection/releases/download/v1.1.0RC2/brute_force_protection.tar.gz 2 . Share a file via Public Link protected with a password
  2. Copy the public link and paste it
  3. Try several attempts with a wrong password

Current Behavior

Screenshot 2020-09-09 at 10 41 20

{"reqId":"pAomff9EmOD8hjwacZX9","level":3,"time":"2020-09-09T08:41:14+00:00","remoteAddr":"172.30.0.1","user":"--","app":"index","method":"POST","url":"\/s\/ZvCrQh7XysX8PGJ\/authenticate","message":"Exception: {\"Exception\":\"OCA\\\\BruteForceProtection\\\\Exceptions\\\\LinkAuthException\",\"Message\":\"Too many failed attempts. Try again in 5 minutes.\",\"Code\":0,\"Trace\":\"#0 \\\/mnt\\\/data\\\/apps\\\/brute_force_protection\\\/lib\\\/Hooks.php(159): OCA\\\\BruteForceProtection\\\\Throttle->applyBruteForcePolicyForLinkShare()\\n#1 \\\/var\\\/www\\\/owncloud\\\/lib\\\/composer\\\/symfony\\\/event-dispatcher\\\/EventDispatcher.php(264): OCA\\\\BruteForceProtection\\\\Hooks->preLinkShareAuthCallback()\\n#2 \\\/var\\\/www\\\/owncloud\\\/lib\\\/composer\\\/symfony\\\/event-dispatcher\\\/EventDispatcher.php(239): Symfony\\\\Component\\\\EventDispatcher\\\\EventDispatcher->doDispatch()\\n#3 \\\/var\\\/www\\\/owncloud\\\/lib\\\/composer\\\/symfony\\\/event-dispatcher\\\/EventDispatcher.php(73): Symfony\\\\Component\\\\EventDispatcher\\\\EventDispatcher->callListeners()\\n#4 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/Share20\\\/Manager.php(1496): Symfony\\\\Component\\\\EventDispatcher\\\\EventDispatcher->dispatch()\\n#5 \\\/var\\\/www\\\/owncloud\\\/apps\\\/files_sharing\\\/lib\\\/Controllers\\\/ShareController.php(188): OC\\\\Share20\\\\Manager->checkPassword(*** sensitive parameters replaced ***)\\n#6 \\\/var\\\/www\\\/owncloud\\\/apps\\\/files_sharing\\\/lib\\\/Controllers\\\/ShareController.php(164): OCA\\\\Files_Sharing\\\\Controllers\\\\ShareController->linkShareAuth()\\n#7 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(153): OCA\\\\Files_Sharing\\\\Controllers\\\\ShareController->authenticate()\\n#8 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(85): OC\\\\AppFramework\\\\Http\\\\Dispatcher->executeController()\\n#9 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/App.php(100): OC\\\\AppFramework\\\\Http\\\\Dispatcher->dispatch()\\n#10 \\\/var\\\/www\\\/owncloud\\\/lib\\\/public\\\/AppFramework\\\/App.php(132): OC\\\\AppFramework\\\\App::main()\\n#11 \\\/var\\\/www\\\/owncloud\\\/core\\\/routes.php(112): OCP\\\\AppFramework\\\\App->dispatch()\\n#12 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/Route\\\/Router.php(342): OC\\\\Route\\\\Router->{closure}(*** sensitive parameters replaced ***)\\n#13 \\\/var\\\/www\\\/owncloud\\\/lib\\\/base.php(916): OC\\\\Route\\\\Router->match()\\n#14 \\\/var\\\/www\\\/owncloud\\\/index.php(54): OC::handleRequest()\\n#15 {main}\",\"File\":\"\\\/mnt\\\/data\\\/apps\\\/brute_force_protection\\\/lib\\\/Throttle.php\",\"Line\":112}"}

karakayasemi commented 4 years ago

resolved with #135