Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error disabling authentication regulation #584

Closed
ViRb3 opened this issue Jan 25, 2020 · 1 comment · Fixed by #588
Closed

Error disabling authentication regulation #584

ViRb3 opened this issue Jan 25, 2020 · 1 comment · Fixed by #588
Assignees
@james-d-elliott
Labels
priority/3/medium Medium priority items type/bug Confirmed Bugs

Comments

@ViRb3
Copy link
Contributor

ViRb3 commented Jan 25, 2020

From the template:

# Configuration of the authentication regulation mechanism.
#
# This mechanism prevents attackers from brute forcing the first factor.
# It bans the user if too many attempts are done in a short period of
# time.
regulation:
  # The number of failed login attempts before user is banned.
  # Set it to 0 to disable regulation.
  max_retries: 3

However, changing max_retries to 0 results in an error:

panic: runtime error: index out of range [0] with length 0
goroutine 35 [running]:
github.com/authelia/authelia/internal/regulation.(*Regulator).Regulate(0x400026ef40, 0x400036c338, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0)
        github.com/authelia/authelia@/internal/regulation/regulator.go:75 +0x3cc
github.com/authelia/authelia/internal/handlers.FirstFactorPost(0x400039e000)
        github.com/authelia/authelia@/internal/handlers/handler_firstfactor.go:25 +0x90
github.com/authelia/authelia/internal/middlewares.AutheliaMiddleware.func1.1(0x400037e000)
        github.com/authelia/authelia@/internal/middlewares/authelia_context.go:46 +0x114
github.com/fasthttp/router.(*Router).Handler(0x40003083c0, 0x400037e000)
        github.com/fasthttp/router@v0.5.2/router.go:326 +0xc48
github.com/authelia/authelia/internal/middlewares.LogRequestMiddleware.func1(0x400037e000)
        github.com/authelia/authelia@/internal/middlewares/log_request.go:14 +0xd4
github.com/valyala/fasthttp.(*Server).serveConn(0x4000328200, 0xf04380, 0x40002dc018, 0x0, 0x0)
        github.com/valyala/fasthttp@v1.6.0/server.go:2018 +0x4f8
github.com/valyala/fasthttp.(*workerPool).workerFunc(0x4000270aa0, 0x40002de060)
        github.com/valyala/fasthttp@v1.6.0/workerpool.go:223 +0x7c
github.com/valyala/fasthttp.(*workerPool).getCh.func1(0x4000270aa0, 0x40002de060, 0xbc3f60, 0x40002de060)
        github.com/valyala/fasthttp@v1.6.0/workerpool.go:195 +0x30
created by github.com/valyala/fasthttp.(*workerPool).getCh
        github.com/valyala/fasthttp@v1.6.0/workerpool.go:194 +0x11c
james-d-elliott added a commit that referenced this issue Jan 26, 2020
@james-d-elliott
[FIX] Disable regulation when max_retries set to 0 (#584)
fc62a52 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
james-d-elliott added a commit that referenced this issue Jan 26, 2020
@james-d-elliott
[FIX] Disable regulation when max_retries set to 0 (#584)
6080768 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
@james-d-elliott james-d-elliott mentioned this issue Jan 26, 2020
Merged
james-d-elliott added a commit that referenced this issue Jan 26, 2020
@james-d-elliott
[FIX] Disable regulation when max_retries set to 0 (#584)
9250240 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
james-d-elliott added a commit that referenced this issue Jan 26, 2020
@james-d-elliott
[FIX] Disable regulation when max_retries set to 0 (#584)
444151d 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
james-d-elliott added a commit that referenced this issue Jan 26, 2020
@james-d-elliott
[FIX] Disable regulation when max_retries set to 0 (#584)
8efa35f 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
james-d-elliott added a commit that referenced this issue Jan 26, 2020
@james-d-elliott
[FIX] Disable regulation when max_retries set to 0 (#584)
9113860 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
james-d-elliott added a commit that referenced this issue Jan 26, 2020
@james-d-elliott
[FIX] Disable regulation when max_retries set to 0 (#584)
040d7af 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
@james-d-elliott
Copy link
Member

Thanks for reporting the bug. I've confirmed the functionality in the code, and it looks like a bug. I've made a fix for it already, you are welcome to test it however consider it alpha. My docker image is: jamesdelliott/authelia:fix-584-disable-regulation

@james-d-elliott james-d-elliott self-assigned this Jan 26, 2020
@james-d-elliott james-d-elliott added type/bug Confirmed Bugs priority/3/medium Medium priority items labels Jan 26, 2020
james-d-elliott added a commit that referenced this issue Jan 27, 2020
@james-d-elliott
[FIX] Disable regulation when max_retries set to 0 (#584)
e2b3761 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
nightah pushed a commit that referenced this issue Jan 27, 2020
@james-d-elliott @nightah
[FIX] Disable regulation when max_retries set to 0 (#584)
31ca4f8 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
james-d-elliott added a commit that referenced this issue Jan 28, 2020
@james-d-elliott
[FIX] Disable regulation when max_retries set to 0 (#584)
2fa40dd 
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@james-d-elliott james-d-elliott

Labels
priority/3/medium Medium priority items type/bug Confirmed Bugs
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[FIX] Disable regulation when max_retries set to 0 (#584) authelia/authelia
2 participants
@ViRb3 @james-d-elliott