Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-29 15:52:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1631835 - Remove the limit of 3 attempts for authenticating with the OS account to allow for environments where more than three invalid auth attempts are allowed. r=MattN

Browse Source 
One attempt will still be used by the blank password auth attempt. This does not completely fix the problem in this case but will allow a user to continue attempting until their account is locked out now.

Differential Revision: https://phabricator.services.mozilla.com/D71811
This commit is contained in:
Jared Wein 2020-04-21 19:32:18 +00:00
parent 3c5318412d
commit 0adaedd78b
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
security/manager/ssl/OSReauthenticator.cpp
View File

@ -113,7 +113,6 @@ static nsresult ReauthenticateUserWindows(const nsAString& aMessageText,
// Is used in next iteration if the previous login failed.
DWORD err = 0;
uint8_t numAttempts = 3;
std::unique_ptr<char[]> userTokenInfo = GetUserTokenInfo();
// CredUI prompt.
@ -126,9 +125,7 @@ static nsresult ReauthenticateUserWindows(const nsAString& aMessageText,
credui.pszCaptionText = captionText.get();
credui.hbmBanner = nullptr; // ignored
while (!reauthenticated && numAttempts > 0) {
--numAttempts;
while (!reauthenticated) {
HANDLE lsa;
// Get authentication handle for future user authentications.
// https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/nf-ntsecapi-lsaconnectuntrusted