Add latest changes from gitlab-org/security/gitlab@13-12-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-06-30 11:40:21 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-06-30 11:40:53 +0000
commit: ed903367e78907253ca4319a7f22cf49cbcd048d (patch)
tree: 7087a0acf790100e05f65c682d45c7f2e64e9810 /app
parent: bca6156a17d74b80aac39d8c1a39094e5f8915d6 (diff)
download: gitlab-ce-ed903367e78907253ca4319a7f22cf49cbcd048d.tar.gz
10 files changed, 17 insertions, 11 deletions
diff --git a/app/models/integrations/bamboo.rb b/app/models/integrations/bamboo.rb
index 82111c7322e..5f43eae1e8f 100644
--- a/app/models/integrations/bamboo.rb
+++ b/app/models/integrations/bamboo.rb
@@ -173,6 +173,7 @@ module Integrations
 
       query_params[:os_authType] = 'basic'
       params[:basic_auth] = basic_auth
+      params[:use_read_total_timeout] = true
       params
     end
 
diff --git a/app/models/project_services/drone_ci_service.rb b/app/models/project_services/drone_ci_service.rb
index ab1ba768a8f..581bd8077ad 100644
--- a/app/models/project_services/drone_ci_service.rb
+++ b/app/models/project_services/drone_ci_service.rb
@@ -50,9 +50,11 @@ class DroneCiService < CiService
   end
 
   def calculate_reactive_cache(sha, ref)
-    response = Gitlab::HTTP.try_get(commit_status_path(sha, ref),
+    response = Gitlab::HTTP.try_get(
+      commit_status_path(sha, ref),
       verify: enable_ssl_verification,
-      extra_log_info: { project_id: project_id })
+      extra_log_info: { project_id: project_id },
+      use_read_total_timeout: true)
 
     status =
       if response && response.code == 200 && response['status']
diff --git a/app/models/project_services/external_wiki_service.rb b/app/models/project_services/external_wiki_service.rb
index f49b008533d..6798b8fb695 100644
--- a/app/models/project_services/external_wiki_service.rb
+++ b/app/models/project_services/external_wiki_service.rb
@@ -38,7 +38,7 @@ class ExternalWikiService < Integration
   end
 
   def execute(_data)
-    response = Gitlab::HTTP.get(properties['external_wiki_url'], verify: true)
+    response = Gitlab::HTTP.get(properties['external_wiki_url'], verify: true, use_read_total_timeout: true)
     response.body if response.code == 200
   rescue StandardError
     nil
diff --git a/app/models/project_services/issue_tracker_service.rb b/app/models/project_services/issue_tracker_service.rb
index 099e3c336dd..ba78b1a8dc3 100644
--- a/app/models/project_services/issue_tracker_service.rb
+++ b/app/models/project_services/issue_tracker_service.rb
@@ -106,7 +106,7 @@ class IssueTrackerService < Integration
     result = false
 
     begin
-      response = Gitlab::HTTP.head(self.project_url, verify: true)
+      response = Gitlab::HTTP.head(self.project_url, verify: true, use_read_total_timeout: true)
 
       if response
         message = "#{self.type} received response #{response.code} when attempting to connect to #{self.project_url}"
diff --git a/app/models/project_services/mock_ci_service.rb b/app/models/project_services/mock_ci_service.rb
index bd6344c6e1a..ebe6179d742 100644
--- a/app/models/project_services/mock_ci_service.rb
+++ b/app/models/project_services/mock_ci_service.rb
@@ -56,7 +56,7 @@ class MockCiService < CiService
   #
   #
   def commit_status(sha, ref)
-    response = Gitlab::HTTP.get(commit_status_path(sha), verify: false)
+    response = Gitlab::HTTP.get(commit_status_path(sha), verify: false, use_read_total_timeout: true)
     read_commit_status(response)
   rescue Errno::ECONNREFUSED
     :error
diff --git a/app/models/project_services/slack_mattermost/notifier.rb b/app/models/project_services/slack_mattermost/notifier.rb
index 1a78cea5933..39ee5718248 100644
--- a/app/models/project_services/slack_mattermost/notifier.rb
+++ b/app/models/project_services/slack_mattermost/notifier.rb
@@ -17,7 +17,7 @@ module SlackMattermost
     class HTTPClient
       def self.post(uri, params = {})
         params.delete(:http_options) # these are internal to the client and we do not want them
-        Gitlab::HTTP.post(uri, body: params)
+        Gitlab::HTTP.post(uri, body: params, use_read_total_timeout: true)
       end
     end
   end
diff --git a/app/models/project_services/teamcity_service.rb b/app/models/project_services/teamcity_service.rb
index 6fc24a4778c..c3390dd9c25 100644
--- a/app/models/project_services/teamcity_service.rb
+++ b/app/models/project_services/teamcity_service.rb
@@ -169,7 +169,7 @@ class TeamcityService < CiService
   end
 
   def get_path(path)
-    Gitlab::HTTP.try_get(build_url(path), verify: false, basic_auth: basic_auth, extra_log_info: { project_id: project_id })
+    Gitlab::HTTP.try_get(build_url(path), verify: false, basic_auth: basic_auth, extra_log_info: { project_id: project_id }, use_read_total_timeout: true)
   end
 
   def post_to_build_queue(data, branch)
@@ -179,7 +179,8 @@ class TeamcityService < CiService
             "<buildType id=#{build_type.encode(xml: :attr)}/>"\
             '</build>',
       headers: { 'Content-type' => 'application/xml' },
-      basic_auth: basic_auth
+      basic_auth: basic_auth,
+      use_read_total_timeout: true
     )
   end
 
diff --git a/app/models/project_services/unify_circuit_service.rb b/app/models/project_services/unify_circuit_service.rb
index 5f43388e1c9..f4e93cf8448 100644
--- a/app/models/project_services/unify_circuit_service.rb
+++ b/app/models/project_services/unify_circuit_service.rb
@@ -48,7 +48,8 @@ class UnifyCircuitService < ChatNotificationService
     response = Gitlab::HTTP.post(webhook, body: {
       subject: message.project_name,
       text: message.summary,
-      markdown: true
+      markdown: true,
+      use_read_total_timeout: true
     }.to_json)
 
     response if response.success?
diff --git a/app/models/project_services/webex_teams_service.rb b/app/models/project_services/webex_teams_service.rb
index 3d92d3bb85e..37f8a1af6f1 100644
--- a/app/models/project_services/webex_teams_service.rb
+++ b/app/models/project_services/webex_teams_service.rb
@@ -43,7 +43,7 @@ class WebexTeamsService < ChatNotificationService
 
   def notify(message, opts)
     header = { 'Content-Type' => 'application/json' }
-    response = Gitlab::HTTP.post(webhook, headers: header, body: { markdown: message.summary }.to_json)
+    response = Gitlab::HTTP.post(webhook, headers: header, body: { markdown: message.summary }.to_json, use_read_total_timeout: true)
 
     response if response.success?
   end
diff --git a/app/services/web_hook_service.rb b/app/services/web_hook_service.rb
index 654d9356739..c2f12c133c1 100644
--- a/app/services/web_hook_service.rb
+++ b/app/services/web_hook_service.rb
@@ -41,6 +41,7 @@ class WebHookService
     @hook_name = hook_name.to_s
     @request_options = {
       timeout: Gitlab.config.gitlab.webhook_timeout,
+      use_read_total_timeout: true,
       allow_local_requests: hook.allow_local_requests?
     }
   end
@@ -67,7 +68,7 @@ class WebHookService
     {
       status: :success,
       http_status: response.code,
-      message: response.to_s
+      message: response.body
     }
   rescue SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH,
          Net::OpenTimeout, Net::ReadTimeout, Gitlab::HTTP::BlockedUrlError, Gitlab::HTTP::RedirectionTooDeep,
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-06-30 11:40:21 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-06-30 11:40:53 +0000
commit	ed903367e78907253ca4319a7f22cf49cbcd048d (patch)
tree	7087a0acf790100e05f65c682d45c7f2e64e9810 /app
parent	bca6156a17d74b80aac39d8c1a39094e5f8915d6 (diff)
download	gitlab-ce-ed903367e78907253ca4319a7f22cf49cbcd048d.tar.gz