Copied user blocking and block clearing to Usermin

diff --git a/usermin/CHANGELOG b/usermin/CHANGELOG
index a42e7f5..fd0f2b5 100644 (file)
--- a/usermin/CHANGELOG
+++ b/usermin/CHANGELOG
@@ -29,3 +29,6 @@ Added a form to the Usermin Themes page for exporting a theme to a file.
 Added support for installing and upgrading the Debian package version of Usermin.
 Added a page for overriding module titles.
 Added the Advanced Options page, which can be used to change the temporary files directory, Umask and stack trace display.
+---- Changes since 1.350 ----
+Added an option to the Authentication page to block users with too many failed logins, as well as hosts.
+Created the new Blocked Hosts and Users page to show blocks currently in force, and allow them to be cleared.

diff --git a/usermin/acl_security.pl b/usermin/acl_security.pl
index 7a28aca..d5e4964 100644 (file)
--- a/usermin/acl_security.pl
+++ b/usermin/acl_security.pl
@@ -54,6 +54,6 @@ $_[0]->{'bootup'} = $in{'bootup'};
 
 sub get_icons
 {
-return ( "access" ,"bind" ,"ui" ,"umods" ,"os" ,"lang" ,"upgrade" ,"session" ,"assignment" ,"categories" ,"themes", "referers", "anon", "ssl" ,"configs" ,"acl" ,"restrict" ,"users" ,"defacl", "sessions", "advanced" );
+return ( "access" ,"bind" ,"ui" ,"umods" ,"os" ,"lang" ,"upgrade" ,"session" ,"assignment" ,"categories" ,"themes", "referers", "anon", "ssl" ,"configs" ,"acl" ,"restrict" ,"users" ,"defacl", "sessions", "blocked", "advanced" );
 }
 

diff --git a/usermin/change_session.cgi b/usermin/change_session.cgi
index 8eaa6c2..6a513cc 100755 (executable)
--- a/usermin/change_session.cgi
+++ b/usermin/change_session.cgi
@@ -11,6 +11,8 @@ $ver = &get_usermin_version();
 &lock_file($usermin_miniserv_config);
 &get_usermin_miniserv_config(\%miniserv);
 $miniserv{'passdelay'} = $in{'passdelay'};
+
+# Save blocked hosts
 if ($in{'blockhost_on'}) {
        $in{'blockhost_time'} =~ /^\d+$/ && $in{'blockhost_time'} > 0 ||
                &error($webmin::text{'session_eblockhost_time'});
@@ -22,6 +24,20 @@ if ($in{'blockhost_on'}) {
 else {
        $miniserv{'blockhost_time'} = $miniserv{'blockhost_failures'} = undef;
        }
+
+# Save blocked users
+if ($in{'blockuser_on'}) {
+       $in{'blockuser_time'} =~ /^\d+$/ && $in{'blockuser_time'} > 0 ||
+               &error($webmin::text{'session_eblockuser_time'});
+       $in{'blockuser_failures'} =~ /^\d+$/ && $in{'blockuser_failures'} > 0 ||
+               &error($webmin::text{'session_eblockuser_failures'});
+       $miniserv{'blockuser_time'} = $in{'blockuser_time'};
+       $miniserv{'blockuser_failures'} = $in{'blockuser_failures'};
+       }
+else {
+       $miniserv{'blockuser_time'} = $miniserv{'blockuser_failures'} = undef;
+       }
+
 $miniserv{'syslog'} = $in{'syslog'};
 if ($in{'session'} && $ENV{'HTTP_COOKIE'} !~ /sessiontest=1/i) {
        &error($webmin::text{'session_ecookie'});

diff --git a/usermin/clear_blocked.cgi b/usermin/clear_blocked.cgi
new file mode 100755 (executable)
index 0000000..f39b303
--- /dev/null
+++ b/usermin/clear_blocked.cgi
@@ -0,0 +1,8 @@
+#!/usr/local/bin/perl
+# Re-start Usermin to clear blocks
+
+require './usermin-lib.pl';
+&restart_usermin_miniserv();
+&redirect("");
+
+

diff --git a/usermin/defaultacl b/usermin/defaultacl
index 3d3e8fd..2eb5a46 100644 (file)
--- a/usermin/defaultacl
+++ b/usermin/defaultacl
@@ -24,4 +24,5 @@ anon=1
 logout=1
 dav=1
 descs=1
+blocked=1
 advanced=1

diff --git a/usermin/edit_blocked.cgi b/usermin/edit_blocked.cgi
new file mode 100644 (file)
index 0000000..3fb3b61
--- /dev/null
+++ b/usermin/edit_blocked.cgi
@@ -0,0 +1,35 @@
+#!/usr/local/bin/perl
+# Show a list of blocked users and hosts
+
+require './usermin-lib.pl';
+&ui_print_header(undef, $text{'blocked_title'}, "");
+&get_usermin_miniserv_config(\%miniserv);
+@blocked = &webmin::get_blocked_users_hosts(\%miniserv);
+
+if (@blocked) {
+       print &ui_columns_start([ $webmin::text{'blocked_type'},
+                                 $text{'blocked_who'},
+                                 $webmin::text{'blocked_fails'},
+                                 $webmin::text{'blocked_when'},
+                               ]);
+       foreach $b (@blocked) {
+               print &ui_columns_row([
+                       $text{'blocked_'.$b->{'type'}},
+                       $b->{'user'} || $b->{'host'},
+                       $b->{'fails'},
+                       &make_date($b->{'when'}),
+                       ]);
+               }
+       print &ui_columns_end();
+       print "<hr>\n";
+       print &ui_buttons_start();
+       print &ui_buttons_row("clear_blocked.cgi",
+                             $webmin::text{'blocked_clear'},
+                             $text{'blocked_cleardesc'});
+       print &ui_buttons_end();
+       }
+else {
+       print "<b>$text{'blocked_none'}</b><p>\n";
+       }
+
+&ui_print_footer("", $text{'index_return'});

diff --git a/usermin/edit_session.cgi b/usermin/edit_session.cgi
index a6efcaa..2ffab12 100755 (executable)
--- a/usermin/edit_session.cgi
+++ b/usermin/edit_session.cgi
@@ -18,15 +18,27 @@ print "<table border>\n";
 print "<tr $tb> <td><b>$webmin::text{'session_header'}</b></td> </tr>\n";
 print "<tr $cb> <td nowrap>\n";
 
+# Bad password delay
 printf "<input type=radio name=passdelay value=0 %s> %s<br>\n",
        $miniserv{'passdelay'} ? '' : 'checked', $webmin::text{'session_pdisable'};
 printf "<input type=radio name=passdelay value=1 %s> %s<br>\n",
        $miniserv{'passdelay'} ? 'checked' : '', $webmin::text{'session_penable'};
+
+# Block hosts
 printf "&nbsp;&nbsp;&nbsp;<input type=checkbox name=blockhost_on value=1 %s>\n",
        $miniserv{'blockhost_failures'} ? "checked" : "";
 print &webmin::text('session_blockhost',
-           "<input name=blockhost_failures size=4 value='$miniserv{'blockhost_failures'}'>",
-           "<input name=blockhost_time size=4 value='$miniserv{'blockhost_time'}'>"),"<br>\n";
+    &ui_textbox("blockhost_failures", $miniserv{'blockhost_failures'}, 4),
+    &ui_textbox("blockhost_time", $miniserv{'blockhost_time'}, 4)),"<br>\n";
+
+# Block users
+printf "&nbsp;&nbsp;&nbsp;<input type=checkbox name=blockuser_on value=1 %s>\n",
+       $miniserv{'blockuser_failures'} ? "checked" : "";
+print &webmin::text('session_blockuser',
+    &ui_textbox("blockuser_failures", $miniserv{'blockuser_failures'}, 4),
+    &ui_textbox("blockuser_time", $miniserv{'blockuser_time'}, 4)),"<br>\n";
+
+# Log to syslog
 eval "use Sys::Syslog qw(:DEFAULT setlogsock)";
 if (!$@) {
        printf "<input type=checkbox name=syslog value=1 %s> %s\n",

diff --git a/usermin/images/blocked.gif b/usermin/images/blocked.gif
new file mode 100644 (file)
index 0000000..0cbd21e
Binary files /dev/null and b/usermin/images/blocked.gif differ

diff --git a/usermin/index.cgi b/usermin/index.cgi
index 4c2bad5..3faeba4 100755 (executable)
--- a/usermin/index.cgi
+++ b/usermin/index.cgi
@@ -66,6 +66,7 @@ $ver = &get_usermin_version();
           $ver < 1.164 ? ( ) : ( "edit_logout.cgi" ),
           $ver < 1.181 ? ( ) : ( "edit_dav.cgi" ),
           "list_sessions.cgi",
+          "edit_blocked.cgi",
           "edit_advanced.cgi" );
 @titles = map { /_(\S+).cgi/; $text{"${1}_title"} } @links;
 @icons = map { /_(\S+).cgi/; "images/$1.gif" } @links;

diff --git a/usermin/lang/en b/usermin/lang/en
index 1ff6b12..06c80a8 100644 (file)
--- a/usermin/lang/en
+++ b/usermin/lang/en
@@ -474,3 +474,8 @@ descs_info=This page allows you to specify alternate titles for Usermin modules,
 
 advanced_title=Advanced Options
 advanced_pass=Make password available to Usermin programs?<br><font size=-1>(Does not work when session authentication is enabled)</font>
+
+blocked_title=Blocked Hosts and Users
+blocked_none=No hosts or users are currently blocked by Usermin.
+blocked_user=Usermin user
+blocked_cleardesc=Click this button to clear all current host and user blocks, by restarting the Usermin server process.