From d096813c814fafed831e979acf0d0b285a20d81d Mon Sep 17 00:00:00 2001
From: alex <alex@c028cbd2-c16b-5b4b-a496-9718f37d4682>
Date: Sun, 17 Feb 2008 19:27:33 +0000
Subject: [PATCH] Patch level         : 4.0 880 Files correlati     : 
 Authoriz.exe (molti programmi) Ricompilazione Demo : [ ] Commento     :
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

I programmi uguali su Terminal Server generano chiavi uguali se chiamati in sequenza e dop otto tentativi AUthoriz li rifiuta

Modificati

1) Authoriz

E' possibile definire il numero massimo di tentativi (MaxTries) prima di rifiutare una connessione

2) nei programmi

Aggiunta un chiamata srand prima di generare le password per ridurre la possibilitÃ  di password identiche


git-svn-id: svn://10.65.10.50/trunk@16188 c028cbd2-c16b-5b4b-a496-9718f37d4682
---
 include/isamrpc.cpp | 4 ++++
 server/authoriz.cpp | 7 ++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/include/isamrpc.cpp b/include/isamrpc.cpp
index 15192f138..c9ac6157f 100755
--- a/include/isamrpc.cpp
+++ b/include/isamrpc.cpp
@@ -217,6 +217,10 @@ static unsigned int CreatePassword(TString& pass)
 {
 	const int BASE = 19;
 	unsigned int num = 0;
+  time_t lt; time(&lt);
+  struct tm* t = localtime(&lt);
+
+	srand(t->tm_hour * 10000 + t->tm_min *100 + t->tm_sec);
 	do 
 	{
 		num = 883*rand();
diff --git a/server/authoriz.cpp b/server/authoriz.cpp
index fccfb4681..1b5859e68 100755
--- a/server/authoriz.cpp
+++ b/server/authoriz.cpp
@@ -150,6 +150,7 @@ private:
 	wxString m_strLastPassword;
 	wxString m_strLastApp;
   unsigned int m_nPwdCount;
+	unsigned int m_MaxTries;
 
 	TUserTable m_Users;
 
@@ -770,7 +771,7 @@ unsigned int TAuthorizationServer::DecodePassword(const wxChar* strPassword, con
     else
       m_nPwdCount++;
 
-    if (m_nPwdCount < 8)
+    if (m_nPwdCount < m_MaxTries)
     {
 		  // Creo la risposta: metà di num reso divisibile per 883
 		  num /= 2;
@@ -918,6 +919,10 @@ bool TAuthorizationServer::Initialization()
 	  ::GlobalAddAtom(ATOMIC_SEMAPHORE); // Same as old Frontend.exe
 #endif
 	const int delay =	GetConfigInt("Delay", 10);
+	m_MaxTries =	GetConfigInt("MaxTries", 8);
+
+	if (m_MaxTries < 8)
+		m_MaxTries = 8;
 
 	for (int i = 0; i < 3; i++)
 	{