Signed-off-by: Joas Schilling <coding@schilljs.com>tags/v28.0.0beta1
@@ -0,0 +1,87 @@ | |||
<?php | |||
declare(strict_types=1); | |||
/** | |||
* @copyright Copyright (c) 2023 Joas Schilling <coding@schilljs.com> | |||
* | |||
* @author Joas Schilling <coding@schilljs.com> | |||
* | |||
* @license GNU AGPL version 3 or any later version | |||
* | |||
* This program is free software: you can redistribute it and/or modify | |||
* it under the terms of the GNU Affero General Public License as | |||
* published by the Free Software Foundation, either version 3 of the | |||
* License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
* GNU Affero General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Affero General Public License | |||
* along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
* | |||
*/ | |||
namespace OC\Core\Command\Security; | |||
use OC\Core\Command\Base; | |||
use OC\Security\Bruteforce\Throttler; | |||
use OCP\Security\Bruteforce\IThrottler; | |||
use Symfony\Component\Console\Input\InputArgument; | |||
use Symfony\Component\Console\Input\InputInterface; | |||
use Symfony\Component\Console\Output\OutputInterface; | |||
class BruteforceAttempts extends Base { | |||
/** @var Throttler */ | |||
protected IThrottler $throttler; | |||
public function __construct( | |||
IThrottler $throttler, | |||
) { | |||
parent::__construct(); | |||
$this->throttler = $throttler; | |||
} | |||
protected function configure(): void { | |||
parent::configure(); | |||
$this | |||
->setName('security:bruteforce:attempts') | |||
->setDescription('resets bruteforce attempts for given IP address') | |||
->addArgument( | |||
'ipaddress', | |||
InputArgument::REQUIRED, | |||
'IP address for which the attempts are to be reset', | |||
) | |||
->addArgument( | |||
'action', | |||
InputArgument::OPTIONAL, | |||
'Only count attempts for the given action', | |||
) | |||
; | |||
} | |||
protected function execute(InputInterface $input, OutputInterface $output): int { | |||
$ip = $input->getArgument('ipaddress'); | |||
if (!filter_var($ip, FILTER_VALIDATE_IP)) { | |||
$output->writeln('<error>"' . $ip . '" is not a valid IP address</error>'); | |||
return 1; | |||
} | |||
$data = [ | |||
'allow-listed' => $this->throttler->isIPWhitelisted($ip), | |||
'attempts' => $this->throttler->getAttempts( | |||
$ip, | |||
(string) $input->getArgument('action'), | |||
), | |||
'delay' => $this->throttler->getDelay( | |||
$ip, | |||
(string) $input->getArgument('action'), | |||
), | |||
]; | |||
$this->writeArrayInOutputFormat($input, $output, $data); | |||
return 0; | |||
} | |||
} |
@@ -1,4 +1,6 @@ | |||
<?php | |||
declare(strict_types=1); | |||
/** | |||
* @copyright Copyright (c) 2020, Johannes Riedel (johannes@johannes-riedel.de) | |||
* | |||
@@ -24,22 +26,22 @@ | |||
namespace OC\Core\Command\Security; | |||
use OC\Core\Command\Base; | |||
use OC\Security\Bruteforce\Throttler; | |||
use OCP\Security\Bruteforce\IThrottler; | |||
use Symfony\Component\Console\Input\InputArgument; | |||
use Symfony\Component\Console\Input\InputInterface; | |||
use Symfony\Component\Console\Output\OutputInterface; | |||
class ResetBruteforceAttempts extends Base { | |||
class BruteforceResetAttempts extends Base { | |||
public function __construct( | |||
protected Throttler $throttler, | |||
protected IThrottler $throttler, | |||
) { | |||
parent::__construct(); | |||
} | |||
protected function configure() { | |||
protected function configure(): void { | |||
$this | |||
->setName('security:bruteforce:reset') | |||
->setDescription('resets bruteforce attemps for given IP address') | |||
->setDescription('resets bruteforce attempts for given IP address') | |||
->addArgument( | |||
'ipaddress', | |||
InputArgument::REQUIRED, |
@@ -209,7 +209,8 @@ if (\OC::$server->getConfig()->getSystemValue('installed', false)) { | |||
$application->add(new OC\Core\Command\Security\ListCertificates(\OC::$server->getCertificateManager(), \OC::$server->getL10N('core'))); | |||
$application->add(new OC\Core\Command\Security\ImportCertificate(\OC::$server->getCertificateManager())); | |||
$application->add(new OC\Core\Command\Security\RemoveCertificate(\OC::$server->getCertificateManager())); | |||
$application->add(new OC\Core\Command\Security\ResetBruteforceAttempts(\OC::$server->getBruteForceThrottler())); | |||
$application->add(\OC::$server->get(\OC\Core\Command\Security\BruteforceAttempts::class)); | |||
$application->add(\OC::$server->get(\OC\Core\Command\Security\BruteforceResetAttempts::class)); | |||
} else { | |||
$application->add(\OC::$server->get(\OC\Core\Command\Maintenance\Install::class)); | |||
} |
@@ -1021,10 +1021,11 @@ return array( | |||
'OC\\Core\\Command\\Preview\\Generate' => $baseDir . '/core/Command/Preview/Generate.php', | |||
'OC\\Core\\Command\\Preview\\Repair' => $baseDir . '/core/Command/Preview/Repair.php', | |||
'OC\\Core\\Command\\Preview\\ResetRenderedTexts' => $baseDir . '/core/Command/Preview/ResetRenderedTexts.php', | |||
'OC\\Core\\Command\\Security\\BruteforceAttempts' => $baseDir . '/core/Command/Security/BruteforceAttempts.php', | |||
'OC\\Core\\Command\\Security\\BruteforceResetAttempts' => $baseDir . '/core/Command/Security/BruteforceResetAttempts.php', | |||
'OC\\Core\\Command\\Security\\ImportCertificate' => $baseDir . '/core/Command/Security/ImportCertificate.php', | |||
'OC\\Core\\Command\\Security\\ListCertificates' => $baseDir . '/core/Command/Security/ListCertificates.php', | |||
'OC\\Core\\Command\\Security\\RemoveCertificate' => $baseDir . '/core/Command/Security/RemoveCertificate.php', | |||
'OC\\Core\\Command\\Security\\ResetBruteforceAttempts' => $baseDir . '/core/Command/Security/ResetBruteforceAttempts.php', | |||
'OC\\Core\\Command\\Status' => $baseDir . '/core/Command/Status.php', | |||
'OC\\Core\\Command\\SystemTag\\Add' => $baseDir . '/core/Command/SystemTag/Add.php', | |||
'OC\\Core\\Command\\SystemTag\\Delete' => $baseDir . '/core/Command/SystemTag/Delete.php', |
@@ -1054,10 +1054,11 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2 | |||
'OC\\Core\\Command\\Preview\\Generate' => __DIR__ . '/../../..' . '/core/Command/Preview/Generate.php', | |||
'OC\\Core\\Command\\Preview\\Repair' => __DIR__ . '/../../..' . '/core/Command/Preview/Repair.php', | |||
'OC\\Core\\Command\\Preview\\ResetRenderedTexts' => __DIR__ . '/../../..' . '/core/Command/Preview/ResetRenderedTexts.php', | |||
'OC\\Core\\Command\\Security\\BruteforceAttempts' => __DIR__ . '/../../..' . '/core/Command/Security/BruteforceAttempts.php', | |||
'OC\\Core\\Command\\Security\\BruteforceResetAttempts' => __DIR__ . '/../../..' . '/core/Command/Security/BruteforceResetAttempts.php', | |||
'OC\\Core\\Command\\Security\\ImportCertificate' => __DIR__ . '/../../..' . '/core/Command/Security/ImportCertificate.php', | |||
'OC\\Core\\Command\\Security\\ListCertificates' => __DIR__ . '/../../..' . '/core/Command/Security/ListCertificates.php', | |||
'OC\\Core\\Command\\Security\\RemoveCertificate' => __DIR__ . '/../../..' . '/core/Command/Security/RemoveCertificate.php', | |||
'OC\\Core\\Command\\Security\\ResetBruteforceAttempts' => __DIR__ . '/../../..' . '/core/Command/Security/ResetBruteforceAttempts.php', | |||
'OC\\Core\\Command\\Status' => __DIR__ . '/../../..' . '/core/Command/Status.php', | |||
'OC\\Core\\Command\\SystemTag\\Add' => __DIR__ . '/../../..' . '/core/Command/SystemTag/Add.php', | |||
'OC\\Core\\Command\\SystemTag\\Delete' => __DIR__ . '/../../..' . '/core/Command/SystemTag/Delete.php', |