changed: when a client doesn't send a session cookie we can instead of ban just use a temporary session

added: config option:
	// the way we behave when no_session_cookie_treshold limit is exceeded
 	// 0 - if a client doesn't send a session cookie again then use a temporary session
 	//     (other sessions from this IP address are not affected)
 	// 1 - add this IP address to ban list and create a temporary session
 	//     (this will block other sessions from this IP address too)
 	// default: 0
 	int no_session_cookie_ban_mode;




git-svn-id: svn://ttmath.org/publicrep/winix/trunk@996 e52654a7-88a9-db11-a3e9-0013d4bc506e

core/sessionmanager.cpp

@@ -302,6 +302,7 @@ void SessionManager::IncorrectSessionCheckBan()
 }
 
 
+
 void SessionManager::NoSessionCookieCheckBan()
 {
 	if( !current_ip_ban )
@@ -315,7 +316,10 @@ void SessionManager::NoSessionCookieCheckBan()
 	else
 	{
 		log << log2 << "SM: too many times you have not sent a session cookie" << logend;
-		IncrementBanLevel(current_ip_ban);
+
+		if( config->no_session_cookie_ban_mode == 1 )
+			IncrementBanLevel(current_ip_ban);
+
 		SetTemporarySession();
 	}
 }
@@ -429,6 +433,8 @@ bool SessionManager::IsIPBanned()
 
 	if( current_ip_ban  )
 	{
+		current_ip_ban->last_used = cur->request->start_time;
+
 		if( current_ip_ban->expires != 0 && cur->request->start_time >= current_ip_ban->expires )
 		{
 			log << log2 << "SM: resetting events counters for this IP" << logend;
@@ -699,10 +705,10 @@ IPBan & SessionManager::AddIPToBanList(int ip)
 }
 
 
-IPBan & SessionManager::AddIPToBanList(int ip, time_t cur_time)
+IPBan & SessionManager::AddIPToBanList(int ip, time_t last_used)
 {
 	IPBan & ban = ban_tab.AddIP(ip);
-	ban.last_used = cur_time;
+	ban.last_used = last_used;
 
 return ban;
 }