From: Lukasz Kostyra <l.kostyra@partner.samsung.com>
Date: Tue, 3 Dec 2013 12:53:58 +0000 (+0100)
Subject: Increase attempt count before checking max attempts.
X-Git-Tag: submit/tizen/20140307.131547~26
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8aaf6e205c6db783a4d56d3a39fb1d06811325d6;p=platform%2Fcore%2Fsecurity%2Fsecurity-server.git

Increase attempt count before checking max attempts.

[Issue#]        N/A
[Bug]           N/A
[Cause]         N/A
[Solution]      N/A
[Verification]  Build, install, run tests. Tests which checked for correctly returned attempt count
                should return error due to incorrect attempt count. Others should pass.

Change-Id: I120e7339e3af591374ddad5207ab8c0c8894b973
---

diff --git a/src/server/service/password-file.cpp b/src/server/service/password-file.cpp
index e6b8c44..3146e60 100644
--- a/src/server/service/password-file.cpp
+++ b/src/server/service/password-file.cpp
@@ -318,7 +318,7 @@ namespace SecurityServer
 
     bool PasswordFile::checkIfAttemptsExceeded() const
     {
-        return ((m_maxAttempt != PASSWORD_INFINITE_ATTEMPT_COUNT) && (m_attempt >= m_maxAttempt));
+        return ((m_maxAttempt != PASSWORD_INFINITE_ATTEMPT_COUNT) && (m_attempt > m_maxAttempt));
     }
 
     bool PasswordFile::isIgnorePeriod() const
diff --git a/src/server/service/password-manager.cpp b/src/server/service/password-manager.cpp
index be7fc60..6224bbe 100644
--- a/src/server/service/password-manager.cpp
+++ b/src/server/service/password-manager.cpp
@@ -97,6 +97,9 @@ namespace SecurityServer
             return SECURITY_SERVER_API_ERROR_NO_PASSWORD;
         }
 
+        m_pwdFile.incrementAttempt();
+        m_pwdFile.writeAttemptToFile();
+
         currentAttempt = m_pwdFile.getAttempt();
         maxAttempt = m_pwdFile.getMaxAttempt();
         expirationTime = m_pwdFile.getExpireTimeLeft();
@@ -106,9 +109,6 @@ namespace SecurityServer
             return SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
         }
 
-        m_pwdFile.incrementAttempt();
-        m_pwdFile.writeAttemptToFile();
-
         if (!m_pwdFile.checkPassword(challenge)) {
             LogError("Wrong password.");
             return SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH;
@@ -159,16 +159,16 @@ namespace SecurityServer
             return SECURITY_SERVER_API_ERROR_PASSWORD_EXIST;
         }
 
+        //increment attempt count before checking it against max attempt count
+        m_pwdFile.incrementAttempt();
+        m_pwdFile.writeAttemptToFile();
+
         // check attempt
         if (m_pwdFile.checkIfAttemptsExceeded()) {
             LogError("Too many attempts.");
             return SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
         }
 
-        //if we didn't exceed max attempts, increment attempt count and save it to separate file
-        m_pwdFile.incrementAttempt();
-        m_pwdFile.writeAttemptToFile();
-
         //check current password, however only when we don't send empty string as current.
         if(!currentPassword.empty()) {
             if(!m_pwdFile.checkPassword(currentPassword)) {