Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
0fd901bd
Commit
0fd901bd
authored
Jan 24, 2018
by
Tiago Botelho
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Disables Rack Attack by default
parent
40631412
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
9 additions
and
1 deletion
+9
-1
config/initializers/1_settings.rb
config/initializers/1_settings.rb
+1
-1
spec/requests/git_http_spec.rb
spec/requests/git_http_spec.rb
+8
-0
No files found.
config/initializers/1_settings.rb
View file @
0fd901bd
...
...
@@ -418,7 +418,7 @@ Settings['extra'] ||= Settingslogic.new({})
#
Settings
[
'rack_attack'
]
||=
Settingslogic
.
new
({})
Settings
.
rack_attack
[
'git_basic_auth'
]
||=
Settingslogic
.
new
({})
Settings
.
rack_attack
.
git_basic_auth
[
'enabled'
]
=
tru
e
if
Settings
.
rack_attack
.
git_basic_auth
[
'enabled'
].
nil?
Settings
.
rack_attack
.
git_basic_auth
[
'enabled'
]
=
fals
e
if
Settings
.
rack_attack
.
git_basic_auth
[
'enabled'
].
nil?
Settings
.
rack_attack
.
git_basic_auth
[
'ip_whitelist'
]
||=
%w{127.0.0.1}
Settings
.
rack_attack
.
git_basic_auth
[
'maxretry'
]
||=
10
Settings
.
rack_attack
.
git_basic_auth
[
'findtime'
]
||=
1
.
minute
...
...
spec/requests/git_http_spec.rb
View file @
0fd901bd
...
...
@@ -381,6 +381,10 @@ describe 'Git HTTP requests' do
context
"when authentication fails"
do
context
"when the user is IP banned"
do
before
do
Gitlab
.
config
.
rack_attack
.
git_basic_auth
[
'enabled'
]
=
true
end
it
"responds with status 401"
do
expect
(
Rack
::
Attack
::
Allow2Ban
).
to
receive
(
:filter
).
and_return
(
true
)
allow_any_instance_of
(
Rack
::
Request
).
to
receive
(
:ip
).
and_return
(
'1.2.3.4'
)
...
...
@@ -420,6 +424,10 @@ describe 'Git HTTP requests' do
end
context
"when the user isn't blocked"
do
before
do
Gitlab
.
config
.
rack_attack
.
git_basic_auth
[
'enabled'
]
=
true
end
it
"resets the IP in Rack Attack on download"
do
expect
(
Rack
::
Attack
::
Allow2Ban
).
to
receive
(
:reset
).
twice
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment