Revision cd6a8ef9
Added by Marc Dequènes about 14 years ago
- ID cd6a8ef9fb85a846361a6bf5408b51f8a666b9e0
| lib/cyborghood/mail.rb | ||
|---|---|---|
|
include ActionMailer::Utils
|
||
|
include I18nTranslation
|
||
|
|
||
|
MAX_DRIFT_TIME = 3600
|
||
|
DEFAULT_MAX_DRIFT_TIME = 3600
|
||
|
|
||
|
attr_accessor :user, :signature_timestamp
|
||
|
|
||
| ... | ... | |
|
|
||
|
drift = Time.new.to_i - sig_check.timestamp.to_i
|
||
|
logger.debug "Signature drift time: #{drift}"
|
||
|
unless drift.abs < MAX_DRIFT_TIME
|
||
|
unless drift.abs < (@config.mail.max_drift_time || DEFAULT_MAX_DRIFT_TIME)
|
||
|
if drift > 0
|
||
|
return MailReport.new(:error => _("The signature was made too long ago (check your system clock). Rejected message to avoid replay attacks."), :user => user)
|
||
|
else
|
||
Also available in: Unified diff
[evol] allow setting the mail max drift time