diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-08 06:06:48 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-08 06:06:48 +0300 |
commit | 18a102a5b95198b6bc8db2589de6353997a33543 (patch) | |
tree | 93aac1bb58c3bfcd7421c279a6436fa50ea05537 /lib/gitlab/auth | |
parent | 1adb4373ba840a9bc771a8c9196f7183fd98b2b8 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/auth')
-rw-r--r-- | lib/gitlab/auth/ip_rate_limiter.rb | 19 |
1 files changed, 8 insertions, 11 deletions
diff --git a/lib/gitlab/auth/ip_rate_limiter.rb b/lib/gitlab/auth/ip_rate_limiter.rb index 74d359bcd28..acb46abb6f3 100644 --- a/lib/gitlab/auth/ip_rate_limiter.rb +++ b/lib/gitlab/auth/ip_rate_limiter.rb @@ -21,11 +21,12 @@ module Gitlab end def register_fail! + return false if trusted_ip? + # Allow2Ban.filter will return false if this IP has not failed too often yet @banned = Rack::Attack::Allow2Ban.filter(ip, config) do - # If we return false here, the failure for this IP is ignored by Allow2Ban - # If we return true here, the count for the IP is incremented. - ip_can_be_banned? + # We return true to increment the count for this IP + true end end @@ -33,20 +34,16 @@ module Gitlab @banned end + def trusted_ip? + trusted_ips.any? { |netmask| netmask.include?(ip) } + end + private def config Gitlab.config.rack_attack.git_basic_auth end - def ip_can_be_banned? - !trusted_ip? - end - - def trusted_ip? - trusted_ips.any? { |netmask| netmask.include?(ip) } - end - def trusted_ips strong_memoize(:trusted_ips) do config.ip_whitelist.map do |proxy| |