Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2019-11-08 06:06:48 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2019-11-08 06:06:48 +0300
commit: 18a102a5b95198b6bc8db2589de6353997a33543 (patch)
tree: 93aac1bb58c3bfcd7421c279a6436fa50ea05537 /config
parent: 1adb4373ba840a9bc771a8c9196f7183fd98b2b8 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/config/initializers/rack_attack_git_basic_auth.rb b/config/initializers/rack_attack_git_basic_auth.rb
index 219920b2b19..71e5e2969ce 100644
--- a/config/initializers/rack_attack_git_basic_auth.rb
+++ b/config/initializers/rack_attack_git_basic_auth.rb
@@ -1,7 +1,9 @@
 # Tell the Rack::Attack Rack middleware to maintain an IP blacklist.
 # We update the blacklist in Gitlab::Auth::IpRateLimiter.
 Rack::Attack.blocklist('Git HTTP Basic Auth') do |req|
-  next false unless Gitlab.config.rack_attack.git_basic_auth.enabled
+  rate_limiter = Gitlab::Auth::IpRateLimiter.new(req.ip)
+
+  next false if !rate_limiter.enabled? || rate_limiter.trusted_ip?
 
   Rack::Attack::Allow2Ban.filter(req.ip, Gitlab.config.rack_attack.git_basic_auth) do
     # This block only gets run if the IP was not already banned.
author	GitLab Bot <gitlab-bot@gitlab.com>	2019-11-08 06:06:48 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2019-11-08 06:06:48 +0300
commit	18a102a5b95198b6bc8db2589de6353997a33543 (patch)
tree	93aac1bb58c3bfcd7421c279a6436fa50ea05537 /config
parent	1adb4373ba840a9bc771a8c9196f7183fd98b2b8 (diff)