Merge branch 'lfs-token-race-condition-fix' into 'master'

Fix race condition on LFS Token ## What does this MR do? Fixes a race condition that can be triggered if the token expires right after we retrieve it, but before we can set the new expiry time. https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6551#note_16190569 Thanks for catching this so quickly @jacobvosmaer-gitlab cc @DouweM See merge request !6592
author: Patricio Cano <patricio@gitlab.com> 2016-09-29 22:21:25 +0000
committer: Patricio Cano <patricio@gitlab.com> 2016-09-29 22:21:25 +0000
commit: 80fef70bb7c9c1cab1ff80e78f94a83d6712e50d (patch)
tree: 8310777099d0668b86bafb77b4d5f6be3898dcf2
parent: c2cc5d3448b3b5fe0c08e71496ea6b8114052b39 (diff)
parent: 26678d8ea3f05b5508c0ebc80cb2bc40e0a66556 (diff)
download: gitlab-ce-80fef70bb7c9c1cab1ff80e78f94a83d6712e50d.tar.gz
1 files changed, 2 insertions, 7 deletions
diff --git a/lib/gitlab/lfs_token.rb b/lib/gitlab/lfs_token.rb
index 7b3bbcf6a32..5f67e97fa2a 100644
--- a/lib/gitlab/lfs_token.rb
+++ b/lib/gitlab/lfs_token.rb
@@ -20,13 +20,8 @@ module Gitlab
     def token
       Gitlab::Redis.with do |redis|
         token = redis.get(redis_key)
-
-        if token
-          redis.expire(redis_key, EXPIRY_TIME)
-        else
-          token = Devise.friendly_token(TOKEN_LENGTH)
-          redis.set(redis_key, token, ex: EXPIRY_TIME)
-        end
+        token ||= Devise.friendly_token(TOKEN_LENGTH)
+        redis.set(redis_key, token, ex: EXPIRY_TIME)
 
         token
       end
author	Patricio Cano <patricio@gitlab.com>	2016-09-29 22:21:25 +0000
committer	Patricio Cano <patricio@gitlab.com>	2016-09-29 22:21:25 +0000
commit	80fef70bb7c9c1cab1ff80e78f94a83d6712e50d (patch)
tree	8310777099d0668b86bafb77b4d5f6be3898dcf2
parent	c2cc5d3448b3b5fe0c08e71496ea6b8114052b39 (diff)
parent	26678d8ea3f05b5508c0ebc80cb2bc40e0a66556 (diff)
download	gitlab-ce-80fef70bb7c9c1cab1ff80e78f94a83d6712e50d.tar.gz