From d83aa880ccf1840a78d356702cb84175c43366ef Mon Sep 17 00:00:00 2001 From: aler9 <46489434+aler9@users.noreply.github.com> Date: Sun, 13 Dec 2020 18:59:46 +0100 Subject: [PATCH] add anti-brute force mechanism --- internal/client/client.go | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/internal/client/client.go b/internal/client/client.go index 0b6e59f4..9748a403 100644 --- a/internal/client/client.go +++ b/internal/client/client.go @@ -28,6 +28,7 @@ const ( checkStreamInterval = 5 * time.Second receiverReportInterval = 10 * time.Second sessionID = "12345678" + pauseAfterAuthError = 2 * time.Second ) type streamTrack struct { @@ -234,6 +235,14 @@ func (c *Client) run() { return terr.Response, nil case errAuthCritical: + // wait some seconds to stop brute force attacks + t := time.NewTimer(pauseAfterAuthError) + defer t.Stop() + select { + case <-t.C: + case <-c.terminate: + } + return terr.Response, errTerminated default: @@ -317,6 +326,14 @@ func (c *Client) run() { return terr.Response, nil case errAuthCritical: + // wait some seconds to stop brute force attacks + t := time.NewTimer(pauseAfterAuthError) + defer t.Stop() + select { + case <-t.C: + case <-c.terminate: + } + return terr.Response, errTerminated default: @@ -415,6 +432,14 @@ func (c *Client) run() { return terr.Response, nil case errAuthCritical: + // wait some seconds to stop brute force attacks + t := time.NewTimer(pauseAfterAuthError) + defer t.Stop() + select { + case <-t.C: + case <-c.terminate: + } + return terr.Response, errTerminated default: @@ -473,6 +498,14 @@ func (c *Client) run() { return terr.Response, nil case errAuthCritical: + // wait some seconds to stop brute force attacks + t := time.NewTimer(pauseAfterAuthError) + defer t.Stop() + select { + case <-t.C: + case <-c.terminate: + } + return terr.Response, errTerminated default: