mirror of https://github.com/fail2ban/fail2ban
amend after newest merge of 0.10:
- database duplicate code removed resp. merged with incr. version; - ignores expired ban ticket directly in ban manager; - don't change start of ban time for restored tickets in restoreCurrentBans (because of possible timing issues in the test-cases); - small code review;pull/1460/head
sebres
parent
cbfecea112
commit
ce2b4fe634
|
|
@ -620,43 +620,6 @@ class Fail2BanDb(object):
|
|||
self._bansMergedCache[cacheKey] = tickets if ip is None else ticket
|
||||
return tickets if ip is None else ticket
|
||||
|
||||
def _getCurrentBans(self, cur, jail = None, ip = None, forbantime=None, fromtime=None):
|
||||
if fromtime is None:
|
||||
fromtime = MyTime.time()
|
||||
queryArgs = []
|
||||
if jail is not None:
|
||||
query = "SELECT ip, timeofban, data FROM bans WHERE jail=?"
|
||||
queryArgs.append(jail.name)
|
||||
else:
|
||||
query = "SELECT ip, max(timeofban), data FROM bans WHERE 1"
|
||||
if ip is not None:
|
||||
query += " AND ip=?"
|
||||
queryArgs.append(ip)
|
||||
if forbantime is not None:
|
||||
query += " AND timeofban > ?"
|
||||
queryArgs.append(fromtime - forbantime)
|
||||
if ip is None:
|
||||
query += " GROUP BY ip ORDER BY ip, timeofban DESC"
|
||||
cur = self._db.cursor()
|
||||
return cur.execute(query, queryArgs)
|
||||
|
||||
def getCurrentBans(self, jail = None, ip = None, forbantime=None, fromtime=None):
|
||||
tickets = []
|
||||
ticket = None
|
||||
|
||||
with self._lock:
|
||||
results = list(self._getCurrentBans(self._db.cursor(),
|
||||
jail=jail, ip=ip, forbantime=forbantime, fromtime=fromtime))
|
||||
|
||||
if results:
|
||||
for banip, timeofban, data in results:
|
||||
# logSys.debug('restore ticket %r, %r, %r', banip, timeofban, data)
|
||||
ticket = FailTicket(banip, timeofban, data=data)
|
||||
# logSys.debug('restored ticket: %r', ticket)
|
||||
tickets.append(ticket)
|
||||
|
||||
return tickets if ip is None else ticket
|
||||
|
||||
@commitandrollback
|
||||
def getBan(self, cur, ip, jail=None, forbantime=None, overalljails=None, fromtime=None):
|
||||
ip = str(ip)
|
||||
|
|
@ -710,19 +673,12 @@ class Fail2BanDb(object):
|
|||
results = list(self._getCurrentBans(jail=jail, ip=ip, forbantime=forbantime, fromtime=fromtime))
|
||||
|
||||
if results:
|
||||
matches = []
|
||||
failures = 0
|
||||
for banip, timeofban, bantime, bancount, data in results:
|
||||
#TODO: Implement data parts once arbitrary match keys completed
|
||||
ticket = FailTicket(banip, timeofban, matches)
|
||||
ticket.setAttempt(failures)
|
||||
# logSys.debug('restore ticket %r, %r, %r', banip, timeofban, data)
|
||||
ticket = FailTicket(banip, timeofban, data=data)
|
||||
# logSys.debug('restored ticket: %r', ticket)
|
||||
ticket.setBanTime(bantime)
|
||||
ticket.setBanCount(bancount)
|
||||
matches = []
|
||||
failures = 0
|
||||
matches.extend(data['matches'])
|
||||
failures += data['failures']
|
||||
ticket.setAttempt(failures)
|
||||
tickets.append(ticket)
|
||||
|
||||
return tickets if ip is None else ticket
|
||||
|
|
|
|||
|
|
@ -280,15 +280,12 @@ class Jail(object):
|
|||
ticket.restored = True
|
||||
# correct start time / ban time (by the same end of ban):
|
||||
btm = ticket.getBanTime(forbantime)
|
||||
curtime = int(MyTime.time())
|
||||
diftm = curtime - ticket.getTime()
|
||||
diftm = MyTime.time() - ticket.getTime()
|
||||
if btm != -1 and diftm > 0:
|
||||
btm -= diftm
|
||||
# ignore obsolete tickets:
|
||||
if btm != -1 and btm <= 0:
|
||||
continue
|
||||
ticket.setTime(curtime)
|
||||
ticket.setBanTime(btm)
|
||||
self.putFailTicket(ticket)
|
||||
except Exception as e: # pragma: no cover
|
||||
logSys.error('%s', e, exc_info=logSys.getEffectiveLevel()<=logging.DEBUG)
|
||||
|
|
|
|||
|
|
@ -156,6 +156,7 @@ class StatusExtendedCymruInfo(unittest.TestCase):
|
|||
def setUp(self):
|
||||
"""Call before every test case."""
|
||||
unittest.F2B.SkipIfNoNetwork()
|
||||
setUpMyTime()
|
||||
self.__ban_ip = "93.184.216.34"
|
||||
self.__asn = "15133"
|
||||
self.__country = "EU"
|
||||
|
|
@ -166,7 +167,7 @@ class StatusExtendedCymruInfo(unittest.TestCase):
|
|||
|
||||
def tearDown(self):
|
||||
"""Call after every test case."""
|
||||
pass
|
||||
tearDownMyTime()
|
||||
|
||||
available = True, None
|
||||
|
||||
|
|
|
|||
|
|
@ -493,16 +493,9 @@ class BanTimeIncrDB(unittest.TestCase):
|
|||
obs.add('failureFound', failManager, self.jail, ticket)
|
||||
obs.wait_empty(5)
|
||||
# wait until ticket transfered from failmanager into jail:
|
||||
to = int(MyTime.time())+30
|
||||
while True:
|
||||
ticket2 = jail.getFailTicket()
|
||||
if ticket2:
|
||||
break
|
||||
time.sleep(Utils.DEFAULT_SLEEP_INTERVAL)
|
||||
if MyTime.time() > to: # pragma: no cover
|
||||
raise RuntimeError('unexpected timeout: wait 30 seconds instead of few ms.')
|
||||
ticket2 = Utils.wait_for(jail.getFailTicket, 10)
|
||||
# check ticket and failure count:
|
||||
self.assertFalse(not ticket2)
|
||||
self.assertTrue(ticket2)
|
||||
self.assertEqual(ticket2.getRetry(), failManager.getMaxRetry())
|
||||
|
||||
# wrap FailTicket to BanTicket:
|
||||
|
|
|
|||
Loading…
Reference in New Issue