diff options
| author | Kamil Trzciński <ayufan@ayufan.eu> | 2020-10-20 13:30:41 +0300 |
|---|---|---|
| committer | Kamil Trzciński <ayufan@ayufan.eu> | 2020-10-20 13:30:41 +0300 |
| commit | 05c6facd72644095ca1aeff88c564dfb411fe34f (patch) | |
| tree | 9292efadd79fff678a74f2f2b6cb38648c24e981 /app.go | |
| parent | 7f8e9bd39def730616a4c7d1d5f00ee6ca9ea76a (diff) | |
Revert "Add Host and SNI-based rate limiting"
This reverts commit 7f8e9bd39def730616a4c7d1d5f00ee6ca9ea76a.
Diffstat (limited to 'app.go')
| -rw-r--r-- | app.go | 25 |
1 files changed, 3 insertions, 22 deletions
@@ -26,10 +26,8 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/httperrors" "gitlab.com/gitlab-org/gitlab-pages/internal/logging" "gitlab.com/gitlab-org/gitlab-pages/internal/netutil" - "gitlab.com/gitlab-org/gitlab-pages/internal/rate_limiting" "gitlab.com/gitlab-org/gitlab-pages/internal/request" "gitlab.com/gitlab-org/gitlab-pages/internal/source" - "gitlab.com/gitlab-org/gitlab-pages/internal/tlsconfig" "gitlab.com/gitlab-org/gitlab-pages/metrics" ) @@ -354,23 +352,6 @@ func (a *theApp) Run() { httpHandler := a.httpInitialMiddleware(commonHandlerPipeline) - tlsGetCertificate := a.ServeTLS - - if a.appConfig.HostRateLimit > 0 { - hostRateLimiter := rate_limiting.NewRateLimiting( - a.appConfig.HostRateLimitWindow, a.appConfig.HostRateLimit) - - httpHandler = hostRateLimiter.LimitHostHandler(httpHandler) - proxyHandler = hostRateLimiter.LimitHostHandler(proxyHandler) - } - - if a.appConfig.TLSSNIRateLimit > 0 { - tlsRateLimiter := rate_limiting.NewRateLimiting( - a.appConfig.HostRateLimitWindow, a.appConfig.HostRateLimit) - - tlsGetCertificate = tlsRateLimiter.LimitServeTLS(a.ServeTLS) - } - // Listen for HTTP for _, fd := range a.ListenHTTP { a.listenHTTPFD(&wg, fd, httpHandler, limiter) @@ -378,7 +359,7 @@ func (a *theApp) Run() { // Listen for HTTPS for _, fd := range a.ListenHTTPS { - a.listenHTTPSFD(&wg, fd, httpHandler, tlsGetCertificate, limiter) + a.listenHTTPSFD(&wg, fd, httpHandler, limiter) } // Listen for HTTP proxy requests @@ -407,11 +388,11 @@ func (a *theApp) listenHTTPFD(wg *sync.WaitGroup, fd uintptr, httpHandler http.H }() } -func (a *theApp) listenHTTPSFD(wg *sync.WaitGroup, fd uintptr, httpHandler http.Handler, tlsGetCertificate tlsconfig.GetCertificateFunc, limiter *netutil.Limiter) { +func (a *theApp) listenHTTPSFD(wg *sync.WaitGroup, fd uintptr, httpHandler http.Handler, limiter *netutil.Limiter) { wg.Add(1) go func() { defer wg.Done() - err := listenAndServeTLS(fd, a.RootCertificate, a.RootKey, httpHandler, tlsGetCertificate, a.InsecureCiphers, a.TLSMinVersion, a.TLSMaxVersion, a.HTTP2, limiter) + err := listenAndServeTLS(fd, a.RootCertificate, a.RootKey, httpHandler, a.ServeTLS, a.InsecureCiphers, a.TLSMinVersion, a.TLSMaxVersion, a.HTTP2, limiter) if err != nil { capturingFatal(err, errortracking.WithField("listener", request.SchemeHTTPS)) } |