projects / platform / core / security / security-manager.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 604d127)
Increase attempt count before checking max attempts.
authorLukasz Kostyra <l.kostyra@partner.samsung.com>
Tue, 3 Dec 2013 12:53:58 +0000 (13:53 +0100)
committerBartlomiej Grzelewski <b.grzelewski@samsung.com>
Thu, 6 Feb 2014 16:13:24 +0000 (17:13 +0100)
[Issue#]        N/A
[Bug]           N/A
[Cause]         N/A
[Solution]      N/A
[Verification]  Build, install, run tests. Tests which checked for correctly returned attempt count
                should return error due to incorrect attempt count. Others should pass.

Change-Id: I120e7339e3af591374ddad5207ab8c0c8894b973

src/server/service/password-file.cpp patch | blob | history
src/server/service/password-manager.cpp patch | blob | history

diff --git a/src/server/service/password-file.cpp b/src/server/service/password-file.cpp
index e6b8c44..3146e60 100644 (file)
--- a/src/server/service/password-file.cpp
+++ b/src/server/service/password-file.cpp
@@ -318,7 +318,7 @@ namespace SecurityServer
 
     bool PasswordFile::checkIfAttemptsExceeded() const
     {
-        return ((m_maxAttempt != PASSWORD_INFINITE_ATTEMPT_COUNT) && (m_attempt >= m_maxAttempt));
+        return ((m_maxAttempt != PASSWORD_INFINITE_ATTEMPT_COUNT) && (m_attempt > m_maxAttempt));
     }
 
     bool PasswordFile::isIgnorePeriod() const
diff --git a/src/server/service/password-manager.cpp b/src/server/service/password-manager.cpp
index be7fc60..6224bbe 100644 (file)
--- a/src/server/service/password-manager.cpp
+++ b/src/server/service/password-manager.cpp
@@ -97,6 +97,9 @@ namespace SecurityServer
             return SECURITY_SERVER_API_ERROR_NO_PASSWORD;
         }
 
+        m_pwdFile.incrementAttempt();
+        m_pwdFile.writeAttemptToFile();
+
         currentAttempt = m_pwdFile.getAttempt();
         maxAttempt = m_pwdFile.getMaxAttempt();
         expirationTime = m_pwdFile.getExpireTimeLeft();
@@ -106,9 +109,6 @@ namespace SecurityServer
             return SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
         }
 
-        m_pwdFile.incrementAttempt();
-        m_pwdFile.writeAttemptToFile();
-
         if (!m_pwdFile.checkPassword(challenge)) {
             LogError("Wrong password.");
             return SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH;
@@ -159,16 +159,16 @@ namespace SecurityServer
             return SECURITY_SERVER_API_ERROR_PASSWORD_EXIST;
         }
 
+        //increment attempt count before checking it against max attempt count
+        m_pwdFile.incrementAttempt();
+        m_pwdFile.writeAttemptToFile();
+
         // check attempt
         if (m_pwdFile.checkIfAttemptsExceeded()) {
             LogError("Too many attempts.");
             return SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
         }
 
-        //if we didn't exceed max attempts, increment attempt count and save it to separate file
-        m_pwdFile.incrementAttempt();
-        m_pwdFile.writeAttemptToFile();
-
         //check current password, however only when we don't send empty string as current.
         if(!currentPassword.empty()) {
             if(!m_pwdFile.checkPassword(currentPassword)) {
Domain: Security / Access Control;