Accepting request 579761 from Application:ERP:GNUHealth:Factory

Automatic submission by obs-autosubmit OBS-URL: https://build.opensuse.org/request/show/579761 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trytond?expand=0&rev=16
2018-02-25 10:46:59 +00:00 · 2018-02-25 10:46:59 +00:00 · ad00605e43
commit ad00605e43
parent 4d68aa6efc
4 changed files with 47 additions and 26 deletions
--- a/trytond.changes
+++ b/trytond.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Sat Feb 17 06:47:27 UTC 2018 - axel.braun@gmx.de
+
+- user_login.patch replaced by trytond_get_login.patch 
+  see boo#1078111
+
 -------------------------------------------------------------------
 Fri Jan  5 19:59:52 UTC 2018 - axel.braun@gmx.de

--- a/trytond.spec
+++ b/trytond.spec
@ -34,7 +34,7 @@ Source2:        trytond.conf.example
 Source3:        %{name}.conf
 Source4:        %{name}_log.conf
 # GNU Health patch for user login
-Patch0:         user_login.patch
+Patch0:         trytond_get_login.patch
 Source20:       %{name}.service
 # List of additional build dependencies
 BuildRequires:  fdupes
--- a/trytond_get_login.patch
+++ b/trytond_get_login.patch
@ -0,0 +1,40 @@
+--- trytond/res/user.py	2018-02-15 13:09:37.735716404 +0000
+++ trytond/res/user.py	2018-02-15 22:08:51.966998130 +0000
+@@ -18,6 +18,7 @@
+ from sql.conditionals import Coalesce
+ from sql.aggregate import Count
+ from sql.operators import Concat
+from random import randint
+ 
+ try:
+     import bcrypt
+@@ -495,7 +496,16 @@
+         Return user id if password matches
+         '''
+         LoginAttempt = Pool().get('res.user.login.attempt')
+-        time.sleep(2 ** LoginAttempt.count(login) - 1)
+        
+        login_max_delay = config.getint('session', 'login_max_delay')
+        
+        if (not login_max_delay) or (login_max_delay < 1):
+            login_max_delay = 3
+
+        #Use a random delay (default between 1 and login_max_delay) in login
+        #if the param is not set, it defaults to 3
+        delay = randint(1,login_max_delay)
+        time.sleep(delay)
+         for method in config.get(
+                 'session', 'authentications', default='password').split(','):
+             try:
+@@ -505,9 +515,9 @@
+                 continue
+             user_id = func(login, parameters)
+             if user_id:
+-                LoginAttempt.remove(login)
+                 return user_id
+-        LoginAttempt.add(login)
+            else:
+                logger.info('Invalid login from : %s', login)
+ 
+     @classmethod
+     def _login_password(cls, login, parameters):
--- a/user_login.patch
+++ b/user_login.patch
@ -1,25 +0,0 @@
-diff -ruN a/user.py b/user.py
--- trytond/res/user.py	2017-06-07 11:24:56.101578719 +0100
-+++ trytond/res/user.py	2017-06-07 11:24:15.136154818 +0100
-@@ -495,7 +495,6 @@
-         Return user id if password matches
-         '''
-         LoginAttempt = Pool().get('res.user.login.attempt')
-        time.sleep(2 ** LoginAttempt.count(login) - 1)
-         for method in config.get(
-                 'session', 'authentications', default='password').split(','):
-             try:
-@@ -505,9 +504,11 @@
-                 continue
-             user_id = func(login, parameters)
-             if user_id:
-                LoginAttempt.remove(login)
-                 return user_id
-        LoginAttempt.add(login)
-+            else:
-+                logger.info('Invalid login from : %s', login)
-+                time.sleep(3)
-+
- 
-     @classmethod
-     def _login_password(cls, login, parameters):