From ad399a95dded2a0378eb410569dcac65c3c9c44a Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Thu, 09 Dec 2010 04:26:54 -0500
Subject: [PATCH] - Add username and IP address to log message on unsuccessful login (#1487626)
---
CHANGELOG | 1 +
program/include/main.inc | 42 +++++++++++++++++++++++++++---------------
program/include/rcube_imap.php | 8 ++++++--
program/include/rcube_imap_generic.php | 2 +-
4 files changed, 35 insertions(+), 18 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 1ce37f2..85b65ef 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -19,6 +19,7 @@
- Better support for READ-ONLY and NOPERM responses handling (#1487083)
- Add confirmation message on purge/expunge command response
- Fix handling of untagged responses for AUTHENTICATE command (#1487450)
+- Add username and IP address to log message on unsuccessful login (#1487626)
RELEASE 0.5-BETA
----------------
diff --git a/program/include/main.inc b/program/include/main.inc
index 160c835..a9a96a0 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -1193,21 +1193,33 @@
if (!$RCMAIL->config->get('log_logins') || !$RCMAIL->user)
return;
- $address = $_SERVER['REMOTE_ADDR'];
- // append the NGINX X-Real-IP header, if set
- if (!empty($_SERVER['HTTP_X_REAL_IP'])) {
- $remote_ip[] = 'X-Real-IP: ' . $_SERVER['HTTP_X_REAL_IP'];
- }
- // append the X-Forwarded-For header, if set
- if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
- $remote_ip[] = 'X-Forwarded-For: ' . $_SERVER['HTTP_X_FORWARDED_FOR'];
- }
-
- if (!empty($remote_ip))
- $address .= '(' . implode(',', $remote_ip) . ')';
-
write_log('userlogins', sprintf('Successful login for %s (ID: %d) from %s',
- $RCMAIL->user->get_username(), $RCMAIL->user->ID, $address));
+ $RCMAIL->user->get_username(), $RCMAIL->user->ID, rcmail_remote_ip()));
+}
+
+
+/**
+ * Returns remote IP address and forwarded addresses if found
+ *
+ * @return string Remote IP address(es)
+ */
+function rcmail_remote_ip()
+{
+ $address = $_SERVER['REMOTE_ADDR'];
+
+ // append the NGINX X-Real-IP header, if set
+ if (!empty($_SERVER['HTTP_X_REAL_IP'])) {
+ $remote_ip[] = 'X-Real-IP: ' . $_SERVER['HTTP_X_REAL_IP'];
+ }
+ // append the X-Forwarded-For header, if set
+ if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $remote_ip[] = 'X-Forwarded-For: ' . $_SERVER['HTTP_X_FORWARDED_FOR'];
+ }
+
+ if (!empty($remote_ip))
+ $address .= '(' . implode(',', $remote_ip) . ')';
+
+ return $address;
}
@@ -1219,7 +1231,7 @@
{
return microtime(true);
}
-
+
/**
* @access private
diff --git a/program/include/rcube_imap.php b/program/include/rcube_imap.php
index d1947c4..83c34bc 100644
--- a/program/include/rcube_imap.php
+++ b/program/include/rcube_imap.php
@@ -172,10 +172,14 @@
}
// write error log
else if ($this->conn->error) {
- if ($pass && $user)
+ if ($pass && $user) {
+ $message = sprintf("Login failed for %s from %s. %s",
+ $user, rcmail_remote_ip(), $this->conn->error);
+
raise_error(array('code' => 403, 'type' => 'imap',
'file' => __FILE__, 'line' => __LINE__,
- 'message' => $this->conn->error), true, false);
+ 'message' => $message), true, false);
+ }
}
return false;
diff --git a/program/include/rcube_imap_generic.php b/program/include/rcube_imap_generic.php
index e721353..be3cc7e 100644
--- a/program/include/rcube_imap_generic.php
+++ b/program/include/rcube_imap_generic.php
@@ -533,7 +533,7 @@
return $this->fp;
}
else {
- $this->setError($result, "Unable to authenticate user ($type): $line");
+ $this->setError($result, "AUTHENTICATE $type: $line");
}
return $result;
--
Gitblit v1.9.1