const size_t MAX_PASSWORD_LEN = 32;
const unsigned int MAX_PASSWORD_HISTORY = 50;
+const unsigned int PASSWORD_INFINITE_EXPIRATION_DAYS = 0;
+const time_t PASSWORD_INFINITE_EXPIRATION_TIME = 0xFFFFFFFF;
+const unsigned int PASSWORD_INFINITE_ATTEMPT_COUNT = 0;
-const int SECURITY_SERVER_MAX_OBJ_NAME = 30;
+const int SECURITY_SERVER_MAX_OBJ_NAME = 30;
} // namespace SecurityServer
#define _SECURITY_SERVER_PROTOCOLS_
#include <cstddef>
+#include <time.h>
namespace SecurityServer {
extern const size_t MAX_PASSWORD_LEN;
extern const unsigned int MAX_PASSWORD_HISTORY;
+extern const unsigned int PASSWORD_INFINITE_EXPIRATION_DAYS;
+extern const time_t PASSWORD_INFINITE_EXPIRATION_TIME;
+extern const unsigned int PASSWORD_INFINITE_ATTEMPT_COUNT;
extern const int SECURITY_SERVER_MAX_OBJ_NAME;
#include <dpl/log/log.h>
#include <security-server.h>
+#include <protocols.h>
#include <password-exception.h>
#include <password-file-buffer.h>
Serialization::Serialize(stream, m_password);
}
- PasswordFile::PasswordFile(): m_maxAttempt(0), m_historySize(0), m_expireTime(0), m_attempt(0)
+ PasswordFile::PasswordFile(): m_maxAttempt(PASSWORD_INFINITE_ATTEMPT_COUNT), m_historySize(0),
+ m_expireTime(PASSWORD_INFINITE_EXPIRATION_TIME), m_attempt(0)
{
// check if data directory exists
// if not create it
time_t PasswordFile::getExpireTimeLeft() const
{
- if(m_expireTime > 0)
+ if(m_expireTime != PASSWORD_INFINITE_EXPIRATION_TIME)
return (m_expireTime - time(NULL));
else
return m_expireTime;
bool PasswordFile::checkExpiration() const
{
//return true if expired, else false
- return ((m_expireTime != 0) && (time(NULL) > m_expireTime));
+ return ((m_expireTime != PASSWORD_INFINITE_EXPIRATION_TIME) && (time(NULL) > m_expireTime));
+ }
+
+ bool PasswordFile::checkIfAttemptsExceeded() const
+ {
+ return ((m_maxAttempt != PASSWORD_INFINITE_ATTEMPT_COUNT) && (m_attempt >= m_maxAttempt));
}
bool PasswordFile::isIgnorePeriod() const
bool isPasswordReused(const std::string &password) const;
bool checkExpiration() const;
+ bool checkIfAttemptsExceeded() const;
bool isIgnorePeriod() const;
private:
namespace {
bool calculateExpiredTime(unsigned int receivedDays, unsigned int &validSecs)
{
- validSecs = 0;
+ validSecs = SecurityServer::PASSWORD_INFINITE_EXPIRATION_TIME;
- if(receivedDays == 0)
+ //when receivedDays means infinite expiration, return default validSecs value.
+ if(receivedDays == SecurityServer::PASSWORD_INFINITE_EXPIRATION_DAYS)
return true;
time_t curTime = time(NULL);
validSecs = (curTime + (receivedDays * 86400));
return true;
}
-
- //when receivedDays equal to zero, it means infinite password valid time
- //if receivedDays is 0 return true, else return false (that is, an error)
- return false;
}
} //namespace
maxAttempt = m_pwdFile.getMaxAttempt();
expirationTime = m_pwdFile.getExpireTimeLeft();
- if ((maxAttempt != 0) && (currentAttempt >= maxAttempt)) {
+ if (m_pwdFile.checkIfAttemptsExceeded()) {
LogError("Too many tries.");
return SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
}
}
// check attempt
- unsigned int maxAttempt = m_pwdFile.getMaxAttempt();
- if ((maxAttempt != 0) && (m_pwdFile.getAttempt() >= maxAttempt)) {
+ if (m_pwdFile.checkIfAttemptsExceeded()) {
LogError("Too many attempts.");
return SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED;
}