Changeset View
Changeset View
Standalone View
Standalone View
src/httprpc.cpp
Show First 20 Lines • Show All 314 Lines • ▼ Show 20 Lines | if (!RPCAuthorized(authHeader.second, jreq.authUser)) { | ||||
LogPrintf("ThreadRPCServer incorrect password attempt from %s\n", | LogPrintf("ThreadRPCServer incorrect password attempt from %s\n", | ||||
jreq.peerAddr); | jreq.peerAddr); | ||||
/** | /** | ||||
* Deter brute-forcing. | * Deter brute-forcing. | ||||
* If this results in a DoS the user really shouldn't have their RPC | * If this results in a DoS the user really shouldn't have their RPC | ||||
* port exposed. | * port exposed. | ||||
*/ | */ | ||||
MilliSleep(RPC_AUTH_BRUTE_FORCE_DELAY); | UninterruptibleSleep( | ||||
std::chrono::milliseconds{RPC_AUTH_BRUTE_FORCE_DELAY}); | |||||
req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA); | req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA); | ||||
req->WriteReply(HTTP_UNAUTHORIZED); | req->WriteReply(HTTP_UNAUTHORIZED); | ||||
return false; | return false; | ||||
} | } | ||||
try { | try { | ||||
// Parse request | // Parse request | ||||
▲ Show 20 Lines • Show All 161 Lines • Show Last 20 Lines |