From 68d9c3265f981c35791151777e78e2c2d70c393c Mon Sep 17 00:00:00 2001
From: "Rob Swindell (on Windows 11)" <rob@synchro.net>
Date: Thu, 14 Dec 2023 22:03:19 -0800
Subject: [PATCH] Truncate attempted user-name at '@' before comparing against
 name.can file

'@' is in the name.can by default and the mail server recognizes user@addr
formatted logins/attempts, so truncate at the '@' before comparing against
the name.can file to prevent false !TEMPORARY BAN (1 login attempts, ...
occurences.
---
 src/sbbs3/userdat.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/sbbs3/userdat.c b/src/sbbs3/userdat.c
index ae7a53a04c..4df32b5b18 100644
--- a/src/sbbs3/userdat.c
+++ b/src/sbbs3/userdat.c
@@ -3872,6 +3872,7 @@ ulong loginBanned(scfg_t* cfg, link_list_t* list, SOCKET sock, const char* host_
 	,struct login_attempt_settings settings, login_attempt_t* details)
 {
 	char				ip_addr[128];
+	char				name[(LEN_ALIAS * 2) + 1];
 	list_node_t*		node;
 	login_attempt_t*	attempt;
 	BOOL				result = FALSE;
@@ -3912,8 +3913,10 @@ ulong loginBanned(scfg_t* cfg, link_list_t* list, SOCKET sock, const char* host_
 	if(node == NULL)
 		return 0;
 	attempt = node->data;
+	SAFECOPY(name, attempt->user);
+	truncstr(name, "@");
 	if(((settings.tempban_threshold && (attempt->count - attempt->dupes) >= settings.tempban_threshold)
-		|| trashcan(cfg, attempt->user, "name")) && now < (time32_t)(attempt->time + settings.tempban_duration)) {
+		|| trashcan(cfg, name, "name")) && now < (time32_t)(attempt->time + settings.tempban_duration)) {
 		if(details != NULL)
 			*details = *attempt;
 		return settings.tempban_duration - (now - attempt->time);
-- 
GitLab