Log a message when an IP is blacklisted

b56a4a0c · ale · e66c091d · b56a4a0c · b56a4a0c · b56a4a0c
Commit b56a4a0c authored 7 years ago by ale
--- a/authserv/app_common.py
+++ b/authserv/app_common.py
@@ -95,6 +95,7 @@ def _do_auth(mc, username, service, shard, password, otp_token, source_ip,
            bl.auth_failure('u', username)
        if (source_ip
            and not whitelisted(source_ip, current_app.config.get('SOURCE_IP_WHITELIST'))):
-            bl.auth_failure('ip', source_ip)
+            if bl.auth_failure('ip', source_ip):
+                current_app.logger.info('blacklisted IP %s', source_ip)

    return (retval, errmsg, out_shard)
--- a/authserv/ratelimit.py
+++ b/authserv/ratelimit.py
@@ -63,7 +63,7 @@ class RateLimit(object):
                except:
                    result = None
                if result is None:
-                    # Memcache is failing.
+                    # Memcache is failing. Fail open.
                    return True
        return result <= self.count

@@ -98,6 +98,8 @@ class BlackList(object):
        key = _tostr(self.prefix + key)
        if not self.rl.check(mc, key):
            mc.set(key, 'true', time=self.ttl)
+            return True
+        return False


 class AuthBlackList(object):
@@ -116,4 +118,4 @@ class AuthBlackList(object):
        if not value:
            return
        key = key_sep.join([tag, value])
-        self.blacklist.incr(self.mc, key)
+        return self.blacklist.incr(self.mc, key)
--- a/debian/changelog
+++ b/debian/changelog
+authserv (0.1.2) unstable; urgency=medium
+
+  * Fixed memcache connection errors.
+
+ -- Autistici/Inventati <debian@autistici.org>  Thu, 06 Jul 2017 22:16:55 +0100
+
 authserv (0.1.1) unstable; urgency=medium

  * Systemd support.