diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-16 06:09:14 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-16 06:09:14 +0300 |
commit | 78fe72d153260c355fdfd533b125026cce310da7 (patch) | |
tree | 0d90106443bea87cc24e2834273ae6c8dcac0260 /lib/gitlab/url_blockers | |
parent | 88797b994a7dfd9bfab2a5d5431f088f17078b9f (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/url_blockers')
-rw-r--r-- | lib/gitlab/url_blockers/domain_whitelist_entry.rb | 21 | ||||
-rw-r--r-- | lib/gitlab/url_blockers/ip_whitelist_entry.rb | 22 | ||||
-rw-r--r-- | lib/gitlab/url_blockers/url_whitelist.rb | 12 |
3 files changed, 51 insertions, 4 deletions
diff --git a/lib/gitlab/url_blockers/domain_whitelist_entry.rb b/lib/gitlab/url_blockers/domain_whitelist_entry.rb new file mode 100644 index 00000000000..b94e8ee3f69 --- /dev/null +++ b/lib/gitlab/url_blockers/domain_whitelist_entry.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +module Gitlab + module UrlBlockers + class DomainWhitelistEntry + attr_reader :domain, :port + + def initialize(domain, port: nil) + @domain = domain + @port = port + end + + def match?(requested_domain, requested_port = nil) + return false unless domain == requested_domain + return true if port.nil? + + port == requested_port + end + end + end +end diff --git a/lib/gitlab/url_blockers/ip_whitelist_entry.rb b/lib/gitlab/url_blockers/ip_whitelist_entry.rb new file mode 100644 index 00000000000..88c76574d3d --- /dev/null +++ b/lib/gitlab/url_blockers/ip_whitelist_entry.rb @@ -0,0 +1,22 @@ +# frozen_string_literal: true + +module Gitlab + module UrlBlockers + class IpWhitelistEntry + attr_reader :ip, :port + + # Argument ip should be an IPAddr object + def initialize(ip, port: nil) + @ip = ip + @port = port + end + + def match?(requested_ip, requested_port = nil) + return false unless ip.include?(requested_ip) + return true if port.nil? + + port == requested_port + end + end + end +end diff --git a/lib/gitlab/url_blockers/url_whitelist.rb b/lib/gitlab/url_blockers/url_whitelist.rb index 7622de4fdbe..59f74dde7fc 100644 --- a/lib/gitlab/url_blockers/url_whitelist.rb +++ b/lib/gitlab/url_blockers/url_whitelist.rb @@ -4,21 +4,25 @@ module Gitlab module UrlBlockers class UrlWhitelist class << self - def ip_whitelisted?(ip_string) + def ip_whitelisted?(ip_string, port: nil) return false if ip_string.blank? ip_whitelist, _ = outbound_local_requests_whitelist_arrays ip_obj = Gitlab::Utils.string_to_ip_object(ip_string) - ip_whitelist.any? { |ip| ip.include?(ip_obj) } + ip_whitelist.any? do |ip_whitelist_entry| + ip_whitelist_entry.match?(ip_obj, port) + end end - def domain_whitelisted?(domain_string) + def domain_whitelisted?(domain_string, port: nil) return false if domain_string.blank? _, domain_whitelist = outbound_local_requests_whitelist_arrays - domain_whitelist.include?(domain_string) + domain_whitelist.any? do |domain_whitelist_entry| + domain_whitelist_entry.match?(domain_string, port) + end end private |