From 5bb477285863c09af8af3c61e705aed6b2c53901 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Fri, 15 Aug 2014 12:13:00 +0200
Subject: [PATCH] Move authentication failed logging to checkPassword
Fixes https://github.com/owncloud/core/issues/10366
---
config/config.sample.php | 3 ---
lib/base.php | 7 -------
lib/private/user/manager.php | 2 ++
3 files changed, 2 insertions(+), 10 deletions(-)
diff --git a/config/config.sample.php b/config/config.sample.php
index 1cf2c22866..402c84fe0c 100755
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -185,9 +185,6 @@ $CONFIG = array(
(watch out, this option can increase the size of your log file)*/
"log_query" => false,
-/* Enable or disable the logging of IP addresses in case of webform auth failures */
-"log_authfailip" => false,
-
/* Whether ownCloud should log the last successfull cron exec */
"cron_log" => true,
diff --git a/lib/base.php b/lib/base.php
index ab1d8e9823..219e8ab8b4 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -856,13 +856,6 @@ class OC {
} // logon via web form
elseif (OC::tryFormLogin()) {
$error[] = 'invalidpassword';
- if ( OC_Config::getValue('log_authfailip', false) ) {
- OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'],
- OC_Log::WARN);
- } else {
- OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:set log_authfailip=true in conf',
- OC_Log::WARN);
- }
}
OC_Util::displayLoginPage(array_unique($error));
diff --git a/lib/private/user/manager.php b/lib/private/user/manager.php
index d4d9116300..a897545e55 100644
--- a/lib/private/user/manager.php
+++ b/lib/private/user/manager.php
@@ -164,6 +164,8 @@ class Manager extends PublicEmitter implements IUserManager {
}
}
}
+
+ \OC::$server->getLogger()->warning('Login failed: \''. $loginname .'\' (Remote IP: \''. $_SERVER['REMOTE_ADDR'] .'\', X-Forwarded-For: \''. $_SERVER['HTTP_X_FORWARDED_FOR'] .'\')', array('app' => 'core'));
return false;
}
--
GitLab