unbanip always deletes ip from database (independent of bantime, also…

… if currently not banned or persistent); merged from #716 where it works; closes gh-972, closes gh-768
fail2ban · Jul 10, 2015 · 95c2a29 · 95c2a29
1 parent 00d8779
commit 95c2a29
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 8 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -28,6 +28,8 @@ ver. 0.9.3 (2015/XX/XXX) - wanna-be-released
      locale on systems with customized LC_ALL
    * performance fix: minimizes connection overhead, close socket only at
      communication end (gh-1099)
+   * unbanip always deletes ip from database (independent of bantime, also if
+     currently not banned or persistent)
 
 - New Features:
    * New filters:

diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py
@@ -194,13 +194,14 @@ def removeBannedIP(self, ip):
 		ValueError
 			If `ip` is not banned
 		"""
+		# Always delete ip from database (also if currently not banned)
+		if self._jail.database is not None:
+			self._jail.database.delBan(self._jail, ip)
 		# Find the ticket with the IP.
 		ticket = self.__banManager.getTicketByIP(ip)
 		if ticket is not None:
 			# Unban the IP.
 			self.__unBan(ticket)
-			if self._jail.database is not None:
-				self._jail.database.delBan(self._jail, ticket)
 		else:
 			raise ValueError("IP %s is not banned" % ip)
 

diff --git a/fail2ban/server/database.py b/fail2ban/server/database.py
@@ -418,19 +418,20 @@ def addBan(self, cur, jail, ticket):
 				 "failures": ticket.getAttempt()}))
 
 	@commitandrollback
-	def delBan(self, cur, jail, ticket):
+	def delBan(self, cur, jail, ip):
 		"""Delete a ban from the database.
 
 		Parameters
 		----------
 		jail : Jail
 			Jail in which the ban has occurred.
-		ticket : BanTicket
-			Ticket of the ban to be removed.
+		ip : str
+			IP to be removed.
 		"""
+		queryArgs = (jail.name, ip);
 		cur.execute(
-			"DELETE FROM bans WHERE jail = ? AND ip = ? AND timeofban = ?",
-			(jail.name, ticket.getIP(), int(round(ticket.getTime()))))
+			"DELETE FROM bans WHERE jail = ? AND ip = ?", 
+			queryArgs);
 
 	@commitandrollback
 	def _getBans(self, cur, jail=None, bantime=None, ip=None):

diff --git a/fail2ban/tests/databasetestcase.py b/fail2ban/tests/databasetestcase.py
@@ -212,7 +212,7 @@ def testAddBanInvalidEncoded(self):
 	def testDelBan(self):
 		self.testAddBan()
 		ticket = self.db.getBans(jail=self.jail)[0]
-		self.db.delBan(self.jail, ticket)
+		self.db.delBan(self.jail, ticket.getIP())
 		self.assertEqual(len(self.db.getBans(jail=self.jail)), 0)
 
 	def testGetBansWithTime(self):