From 3f0ea7079a4d368480989e302ab197c68ba9e6ef Mon Sep 17 00:00:00 2001
From: Steve Allison <github.commit@stalks.nooblet.org>
Date: Thu, 21 Feb 2013 18:24:46 +0000
Subject: [PATCH] Reduce check time for recently banned IPs

Reduces the effect of getting the password wrong immediately after being
unbanned gets you instantly banned again.
---
 defense.php | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/defense.php b/defense.php
index a2ab99f..512c046 100644
--- a/defense.php
+++ b/defense.php
@@ -331,6 +331,16 @@ class defense extends rcube_plugin {
 
         // Check if banned now that above record has been updated
         $rTime = (time() - $this->fail_reset); // How far to look back for failed logins
+        // Check if last ban lifted was within rTime
+        $row = $this->getPreviousBanData($this->ipaddr);
+        if ($row) {
+            $data = unserialize($row['data']);
+            $banLifted = $row['epoch'] + $data['duration'];
+            if ($rTime < $banLifted) {
+                // If IP was unbanned recently, only check since it was unbanned
+                $rTime = $banLifted;
+            }
+        }
         $query = sprintf("SELECT count(*) AS n FROM %s WHERE ipaddr = '%s' AND epoch >= %d", $this->db_table, $this->ipaddr, $rTime);
         $result = $this->rc->db->query($query);
         if (!$result) { $this->dbError($query); return false; }
@@ -368,9 +378,7 @@ class defense extends rcube_plugin {
             $this->debug($query . " [" . $result->rowCount() . "]");
             return $args;
         }
-
-
-        
+  
     }
     
   /**
@@ -403,7 +411,7 @@ class defense extends rcube_plugin {
             $this->rc->output->set_env('task', 'login');
             $this->rc->output->send('login');
             die();
-        }   
+        }
         $this->debug("Login form submitted, username: " . $args['user']);
         return $args;
     }