Commit graph

3503 commits

Author SHA1 Message Date
zeripath
3aba72c613
Add more checks in migration code (#21011) (#21050)
Backport #21011

When migrating add several more important sanity checks:

* SHAs must be SHAs
* Refs must be valid Refs
* URLs must be reasonable

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-09-04 08:41:21 -05:00
Lunny Xiao
04105dbb7c
Fix download archiver of a commit (#20962) (#20971) 2022-08-28 13:29:34 +02:00
silverwind
85f829fb3c
Enable contenthash in filename for dynamic assets (#20813) (#20932)
This should solve the main problem of dynamic assets getting stale after
a version upgrade. Everything not affected will use query-string based
cache busting, which includes files loaded via HTML or worker scripts.
2022-08-25 07:16:20 +01:00
zeripath
bc7a4375be
Disable doctor logging on panic (#20847) (#20898)
Backport #20847

If permissions are incorrect for writing to the doctor log simply disable the log file
instead of panicing.

Related #20570

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
2022-08-24 15:04:41 +01:00
zeripath
fbcb42488f
Set no-tags in git fetch on compare (#20893) (#20936)
Backport #20893

In the compare endpoint the git fetch is restricted to a certain branch however,
this does not completely prevent tag acquisition/pollution as git fetch will collect
any tags on that branch.

This causes pollution of the tag namespace and could cause confusion by users.

This PR adds `--no-tags` to the `git fetch` call.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-08-23 16:42:55 -04:00
Gusted
c0754e9d19
Don't open new page for ext wiki on same repository (#20725) (#20910)
* Don't open new page for ext wiki on same repository (#20725)

- Backport of #20725
  - When the external wiki has been set to a file on the repository, don't open the page on a tab.
  - Resolves #20657

* Gofmt

* Fix line

Co-authored-by: zeripath <art27@cantab.net>
2022-08-22 19:58:11 -04:00
zeripath
ebc8801fb2
Fix push mirror address backend get error Address cause setting page display error (#20593) (#20901) 2022-08-22 02:14:48 -04:00
JonRB
eee51d8366
Ensure that graceful start-up is informed of unused SSH listener (#20877)
The graceful manager waits for 4 listeners to be created or to be told that they are not needed. If it is not told about them it will indefinitely and timeout. 

This leads to SVC hosts not being told of being in the readyState but on Unix would lead to the termination of the process.

There was an unfortunate regression in #20299 which missed this subtly and in the case whereby SSH is disabled the `builtinUnused()` is not called.

This PR adds a call to `builtinUnused()` when not using the builtin ssh to allow `createServerWaitGroup.Done()` to be called. 

In addition it was noted that the if/else clauses for timeout informing of the SVC host were in the wrong order. These have been swapped.

Fix #20609
2022-08-21 20:18:22 +08:00
Lunny Xiao
7a9b01a2dd
Add migrate repo archiver and packages storage support on command line (#20757) (#20806)
* Add migrate repo archiver and packages storage support on command line (#20757)

* Add migrate repo archiver and packages storage support on command line

* Fix typo

* Use stdCtx

* Use packageblob and fix command description

* Add migrate packages unit tests

* Fix comment year

* Fix the migrate storage command line description

* Update cmd/migrate_storage.go

Co-authored-by: zeripath <art27@cantab.net>

* Update cmd/migrate_storage.go

Co-authored-by: zeripath <art27@cantab.net>

* Update cmd/migrate_storage.go

Co-authored-by: zeripath <art27@cantab.net>

* Fix test

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>

* bug fix

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2022-08-18 09:27:56 +08:00
zeripath
987798a3a9
Executable check always returns true for windows (#20637) (#20835)
Backport #20637

Windows doesn't have the concept of "executable" POSIX bits so for now always return true to minimise doctor and logging noise. Addresses #20636

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: JonRB <4564448+eeyrjmr@users.noreply.github.com>
Co-authored-by: silverwind <me@silverwind.io>
2022-08-17 23:34:29 +01:00
Lunny Xiao
78dabdd9ae
fix merge (#20819) 2022-08-17 11:33:26 -04:00
wxiaoguang
9bccfe9856
Fix git.Init for doctor sub-command (#20782) (#20783) 2022-08-14 00:32:44 +08:00
Lunny Xiao
eacab6b10d
Add disable download source configuration (#20548) (#20579)
* Add disable download source configuration (#20548)

Add configuration to enable/disable download source from UI.

Co-authored-by: zeripath <art27@cantab.net>

* Fix BaseVars not used in renderering

* Fix disabled open in vscode menu when disabling download source from UI

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-08-12 23:53:10 +08:00
Gusted
e1e43333cf
Fix SecToTime edge-cases (#20610) (#20611) 2022-08-08 13:09:12 +08:00
parnic
a04fc567b4
Use request timeout for git service rpc (#20689) (#20693)
This enables git.Command's Run to optionally use the given context directly so its deadline will be respected. Otherwise, it falls back to the previous behavior of using the supplied timeout or a default timeout value of 360 seconds.

repo's serviceRPC() calls now use the context's deadline (which is unset/unlimited) instead of the default 6-minute timeout. This means that large repo clones will no longer arbitrarily time out on the upload-pack step, and pushes can take longer than 6 minutes on the receive-pack step.

Fixes #20680
2022-08-07 10:37:48 +08:00
John Olheiser
aac905dcfb
Add username check to doctor (#20140) (#20671)
* Add username check to doctor

- Add a new breaking change detector to Gitea's doctor, which checks if
all users still have a valid username according to Gitea. Given from
time-to-time we need to make changes, either due to new routes or due to
security, it's for a instance's admin to check if all users still have a
valid username.

* Fix extra argument

* Apply suggestions from code review

* Apply suggestions from code review
2022-08-04 11:07:07 -05:00
KN4CK3R
bd2218e14c
Fix package upload for files >32mb (#20622) (#20635)
* Rewind file before first read.
* Added tests.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-03 01:45:38 +03:00
wxiaoguang
0747592865
Adjust line detection in highlight.go (#20612)
The code for detection of lines in highlight.go is somewhat too complex
and doesn't take account of how Chroma is actually splitting things into
lines for us.

Remove both the .line and .cl classes from Chroma's HTML which made
the old conditional work again. This fixed Copy of YAML files while also 
reducing the amount of rendered HTML nodes.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-08-03 01:37:28 +08:00
Gusted
a6c2a1a117
Enable Wire 2 for Internal SSH Server (#20616) (#20617)
- Backport of #20616
  - Git only decides to use the Wire 2 protocol when `git {receive,upload}-pack` receive the `GIT_PROTOCOL` environment with as value `version=2`. Currently the internal SSH Server wasn't passing this environment through. The `gitea serv` code already passed all received environments to the git command, so no code changes there.
  - This is mentioned in Git manual, https://git-scm.com/docs/git#Documentation/git.txt-codeGITPROTOCOLcode
2022-08-02 15:58:57 +08:00
silverwind
eeb490c7ab
Rework raw file http header logic (#20484) (#20542)
- Always respect the user's configured mime type map
- Allow more types like image/pdf/video/audio to serve with correct content-type
- Shorten cache duration of raw files to 5 minutes, matching GitHub
- Don't set `content-disposition: attachment`, let the browser decide whether it wants to download or display a file directly
- Implement rfc5987 for filenames, remove previous hack. Confirmed it working in Safari.
- Make PDF attachment work in Safari by removing `sandbox` attribute.

This change will make a lot more file types open directly in browser now. Logic should generally be more readable than before with less `if` nesting and such.

Replaces: https://github.com/go-gitea/gitea/pull/20460
Replaces: https://github.com/go-gitea/gitea/pull/20455
Fixes: https://github.com/go-gitea/gitea/issues/20404
2022-07-30 18:37:02 +02:00
6543
97a8c96c5b
Add Docker /v2/_catalog endpoint (#20469) (#20556)
* Added properties for packages.
* Fixed authenticate header format.
* Added _catalog endpoint.
* Check owner visibility.
* Extracted condition.
* Added test for _catalog.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-07-30 17:52:04 +02:00
zeripath
6986e56791
Stop logging EOFs and exit(1)s in ssh handler (#20476) (#20529)
Backport #20476

The code in modules/ssh/ssh.go:sessionHandler() currently cause an error to be
logged if `gitea serv` exits with a exit(1). This logging is useless because the
accompanying stderr is not provided and in any case the exit(1) is most likely due
to permissions errors.

Further it then causes the EOF to be logged - even though this is not helpful.

This PR simply checks the errors returned and stops logging them.

In the case of misconfigurations causing `gitea serv` to fail with exit(1)
the current logging is not helpful at determining this and users should simply
review the message passed over the ssh connection.

Fix #20473

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-29 02:10:42 +02:00
6543
da10ce8b07
Allow non-semver packages in the Conan package registry (#20412) (#20523)
Backport #20412

A lot of existing packages do not conform to SemVer, yet, they should be allowed
in the Conan package registry as-is. To achieve this, remove the SemVer check
from `NewRecipeReference`, and replace it with a simple empty string check.

A unit test with a non-semver version is also included.

Fixes #20405.

Signed-off-by: Gergely Nagy <me@gergo.csillger.hu>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Gergely Nagy <algernon@users.noreply.github.com>
2022-07-28 21:19:56 +01:00
6543
fa46d66835
Fix Ruby package parsing by removed unused email field (#20470) (#20525)
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2022-07-28 20:41:57 +02:00
KN4CK3R
a9a440e600
Fix package permission checks for organizations (#20517) (#20520) 2022-07-28 22:05:59 +08:00
silverwind
2fe0dab2d5
Add Cache-Control header to html and api responses, add no-transform (#20432) (#20459)
`no-transform` allegedly disables CloudFlare auto-minify and we did not
set caching headers on html or api requests, which seems good to have
regardless.

Transformation is still allowed for asset requests.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-07-23 11:58:58 +01:00
6543
e930d66a9c
Dismiss prior pull reviews if done via web in review dismiss (#20197) (#20407) 2022-07-19 17:46:33 +02:00
zeripath
90b4a9e929
Allow RSA 2047 bit keys (#20272) (#20396)
Backport #20272

Unfortunately it appears that 2048 bit RSA keys can occasionally be created in such
a way that they appear to have 2047 bit length. This PR simply changes our defaults to
allow these.

Fix #20249

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-07-18 10:30:01 -04:00
silverwind
3f5d72709f
Fix commit status icon when in subdirectory (#20285) (#20385)
When viewing a subdirectory and the latest commit to that directory in
the table, the commit status icon incorrectly showed the status of the
HEAD commit instead of the latest for that directory.
2022-07-16 14:54:49 +02:00
6543
780b198997
Prevent context deadline error propagation in GetCommitsInfo (#20346) (#20361)
Backport #20346

Although `WalkGitLog` tries to test for `context.DeadlineExceededErr`
there is a small chance that the error will propagate to the reader
before it is recognised. This will cause the error to propagate up to
`renderDirectoryFiles` and cause a http status 500.

Here we check that the error passed is a `DeadlineExceededErr` via error.Is

Fix #20329

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2022-07-14 03:44:34 +01:00
wxiaoguang
54ef658861
Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306)
Backport #20299. Follow #20298. Only the `GlobalInitInstalled` function should prepare the SSH files for external server or starts the builtin server.
* `trustedUserCaKeys` is removed, use `SSH.TrustedUserCAKeys` directly
* introduce `ssh.Init`, move the SSH init code from `routers/init.go` to it
* `ssh.Init` will start builtin SSH server or prepare external SSH server files
2022-07-11 23:27:51 +08:00
wxiaoguang
317c565e77
Do not create empty ".ssh" directory when loading config (#20289) (#20298)
Backport #20289

The code is as old as back to 2016, creating the directory automatically is not correct IMO.

In other places for ssh key writing (RewriteAllPrincipalKeys / appendAuthorizedKeysToFile, etc), the directory will still be created when updating the keys.

This PR will resolve the confusing and annoying problem: the dummy and empty ".ssh" directory in new git home
2022-07-10 12:09:42 +02:00
wxiaoguang
5e5ff77ed7
Use git.HOME_PATH for Git HOME directory (#20114) (#20293)
Before, in #19732, the old home directory is not correct.
This PR introduces a new config option for git home: git.HOME_PATH,
which is default to %(APP_DATA_PATH)/home

And pass env GNUPGHOME to git command, force Gitea to use a stable GNUPGHOME directory
2022-07-08 21:44:36 +08:00
Gusted
654c173b9d
Fix NPE when using non-numeric (#20277) (#20278)
- Backport (#20277
  - This code is only valid when `refNumeric` exist(otherwise we didn't find such numeric PR and can skip that check) and give a free-pas to the  "BEFORE" check when `ref` is nil.
  - Resolves #20109
2022-07-07 20:56:50 +08:00
wxiaoguang
d22826a28e
Fix dump-repo git init, fix wrong error type for NullDownloader (#20182) (#20186)
* Fix `dump-repo` git init

* Fix wrong error type for NullDownloader
2022-07-01 18:01:05 +02:00
silverwind
1ffc700777
Update default allowed attachment types (#20193)
Synced the list to what is allowed on GitHub currently.
2022-07-01 19:37:52 +08:00
Gusted
761db4d53e
Disable federation by default (#20045) (#20046)
* Disable federation by default (#20045)

- Backport #20045
  - A Gitea instance should choose whetever they want to federate(as once it has more features also brings extra costs/moderation/unexpected behavior) with other AP/ForgeFed software.

* Fix tests
2022-06-20 14:44:55 +08:00
zeripath
ab9fcb0cf4
Backtick table name in generic orphan check (#20019) (#20037)
Backport #20019

- Resolves #20018
2022-06-19 19:41:12 +01:00
Wim
2a48833f93
Respond with a 401 on git push when password isn't changed yet (#20027)
Fixes #19090

If the user-agent starts with git and user must change password but
hasn't return a 401 with the message.

It must be a 401, git doesn't seem to show the contents of the error message
when we return a 403

Co-authored-by: 6543 <6543@obermui.de>
2022-06-19 20:02:18 +03:00
wxiaoguang
8733f4b25a
use quoted regexp instead of git fixed-value (#20030)
Backport #20029
2022-06-19 12:55:59 +01:00
Wim
36ccb8829b
Return 404 when tag is broken (#20024)
Fixes #19979
2022-06-18 20:29:29 +02:00
zeripath
dd1ed35f75
Add dbconsistency checks for Stopwatches (#20010)
It appears possible that stopwatches can become orphaned or have been orphaned in
the past.

This PR adds Orphan checks for Stopwatches.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-18 11:31:00 +08:00
Mohamed Sekour
fd0d481de8
fix push mirrors URL are no longer displayed on the UI (#20011)
* fix push mirrors URL are no longer displayed on the UI

Signed-off-by: Mohamed Sekour <mohamed.sekour@exfo.com>

* Update modules/templates/helper.go

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-18 11:30:26 +08:00
zeripath
8eefe2af45
Empty log queue on flush and close (#19994)
* Empty log queue on flush and close

It is possible for log events to remain in the buffer off the multichannelledlog
and thus not be logged despite close or flush.

This PR simply adds a function to empty the queue before closing or flushing.
(Except when the logger is paused.)

Reference #19982

Signed-off-by: Andrew Thornton <art27@cantab.net>

* and do similar for ChannelledLog

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-18 10:33:13 +08:00
zeripath
ae446b13f9
Stop spurious APIFormat stopwatches logs (#20008)
If there are dangling stopwatches with missing issues there will be repeated
logging of Unable to APIFormat stopwatches. These are unhelpful and instead
we should only log if the error is not an issue not exist error.

And we should also prevent an error on missing issue in GetActiveStopwatch too

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-17 22:47:15 +01:00
zeripath
ea9997a9dd
Add fetch.writeCommitGraph to gitconfig (#20006)
Add fetch.writeCommitGraph to gitconfig to ensure that a commit-graph will be written
on git fetch calls.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-17 21:18:35 +01:00
singuliere
a036507204
gitconfig: set safe.directory = * (#19870)
Allow git push to work when networked file systems with mixed
ownership are used with Gitea docker images >= 1.16.6 or Gitea
binaries running alongside git versions published after 04/2022.

There are circumstances independent of Gitea (networked file systems
with various permission systems) by which the git repositories managed
by Gitea may have mixed owners. It is not a behavior that Gitea have
control over nor is it a problem as long as the permissions for Gitea to
operate are correct. Gitea instances have been operating under these
conditions for a number of years.

It is detected as a potential security risk ( see
GHSA-vw2c-22j4-2fh2
) by the most recent git versions. However, Gitea always runs git
commands with a current directory matching the repository on
which it operates. That makes Gitea immune from this security problem
and it is safe to ignore the mixed owner permission check.

This gitconfig modification is done on a file dedicated to the user
exclusively used by Gitea.

Fixes: #19455

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-06-17 06:49:38 +01:00
wxiaoguang
157b405753
Remove legacy git code (ver < 2.0), fine tune markup tests (#19930)
* clean git support for ver < 2.0

* fine tune tests for markup (which requires git module)

* remove unnecessary comments

* try to fix tests

* try test again

* use const for GitVersionRequired instead of var

* try to fix integration test

* Refactor CheckAttributeReader to make a *git.Repository version

* update document for commit signing with Gitea's internal gitconfig

* update document for commit signing with Gitea's internal gitconfig

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-16 23:47:44 +08:00
Lunny Xiao
b01dce2a6e
Allow render HTML with css/js external links (#19017)
* Allow render HTML with css/js external links

* Fix bug because of filename escape chars

* Fix lint

* Update docs about new configuration item

* Fix bug of render HTML in sub directory

* Add CSP head for displaying iframe in rendering file

* Fix test

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Some improvements

* some improvement

* revert change in SanitizerDisabled of external renderer

* Add sandbox for iframe and support allow-scripts and allow-same-origin

* refactor

* fix

* fix lint

* fine tune

* use single option RENDER_CONTENT_MODE, use sandbox=allow-scripts

* fine tune CSP

* Apply suggestions from code review

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-16 11:33:23 +08:00
Lauris BH
1f8f9c3826
Remove tab/TabName usage where it's not needed (#19973)
`tab` query argument and `TabName` in context is used only in profile so remove it from all other places where it's not used anymore.
2022-06-15 23:05:32 +08:00