Once #16449 is merged I think we should release 1.14.5. There are a couple of
security fixes and the broken #16268 is annoying enough that we should just release
things.
Fix crash following ldap authentication update (#16447) (#16449)
Backport #16447
Unfortunately #16268 contained a terrible error, whereby there was a double
indirection taken when unmarshalling the source data. This fatally breaks
authentication configuration reading.
Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)
The current CSRF handler is a bit harsh with bad CSRF tokens on webpages
I think we can be a little kinder and redirect to base page with a flash error
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
Fix relative links in postprocessed images (#16334) (#16340)
* Fix relative links in postprocessed images (#16334)
If a pre-post-processed file contains relative img tags these need to be updated
and joined correctly with the prefix. Finally, the node attributes need to be updated.
Fix #16308
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
zeripath [Sun, 27 Jun 2021 21:33:25 +0000 (22:33 +0100)]
Handle misencoding of login_source cfg in mssql (#16268) (#16275)
Backport #16268
Unfortunately due a bug in xorm (see https://gitea.com/xorm/xorm/pulls/1957) updating
loginsources on MSSQL causes them to become corrupted. (#16252)
Whilst waiting for the referenced PR to be merged and to handle the corrupted
loginsources correctly we need to add a wrapper to the `FromDB()` methods to look
for and ignore the misplaced BOMs that have been added.
zeripath [Sat, 26 Jun 2021 07:31:03 +0000 (08:31 +0100)]
Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
* Improve efficiency in FindRenderizableReferenceNumeric and getReferences (#16251)
* The Fuzzer is running on a non-repo urlprefix which is incorrect for RenderRaw
* Make FindRenderizableReferenceNumeric and getReferences more efficient
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* as per comment on original pr
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
zeripath [Thu, 17 Jun 2021 20:59:28 +0000 (21:59 +0100)]
Encrypt migration credentials at rest (#15895) (#16187)
Backport #15895
Storing these credentials is a liability.
* Encrypt credentials with SECRET_KEY before persisting to task queue table (they need to be persisted due to the nature of the task queue)
- security in depth: helps when attacker has access to DB only, but not app.ini
* Delete all credentials (even encrypted) from the task table, once the migration is done, for safety
- security in depth: minimizes leaked data if attacker gains access to snapshot of both DB and app.ini
zeripath [Thu, 17 Jun 2021 18:01:33 +0000 (19:01 +0100)]
Run processors on whole of text (#16155) (#16185)
Backport #16155
There is an inefficiency in the design of our processors which means that Emoji
and other processors run in order n^2 time.
This PR forces the processors to process the entirety of text node before passing
back up. The fundamental inefficiency remains but it should be significantly
ameliorated.
Andrei Yankovich [Sat, 12 Jun 2021 19:27:16 +0000 (22:27 +0300)]
Removable media support (#16138)
Add support removable media for snap version of gitia.
for get more info about removable media interface see the snapcraft [documentation](https://snapcraft.io/docs/removable-media-interface)
zeripath [Thu, 10 Jun 2021 21:26:32 +0000 (22:26 +0100)]
Set self-adjusting deadline for connection writing (#16068) (#16123)
In #16055 it appears that the simple 5s deadline doesn't work for large
file writes. Now we can't - or at least shouldn't just set no deadline
as go will happily let these connections block indefinitely. However,
what seems reasonable is to set some minimum rate we expect for writing.
This PR suggests the following algorithm:
* Every write has a minimum timeout of 5s (adjustable at compile time.)
* If there has been a previous write - then consider its previous
deadline, add half of the minimum timeout + 2s per kb about to written.
* If that new deadline is after the minimum timeout use that.
Fix #16055
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
zeripath [Wed, 19 May 2021 14:42:36 +0000 (15:42 +0100)]
Restore PAM user autocreation functionality (#15825) (#15867)
Backport #15825
* Restore PAM user autocreation functionality
PAM autoregistration of users currently fails due to email invalidity.
This PR adds a new setting to PAM to allow an email domain to be set
or just sets the email to the noreply address and if that fails falls
back to uuid@localhost
Fix #15702
Signed-off-by: Andrew Thornton <art27@cantab.net>
* As per KN4CKER
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
zeripath [Sun, 16 May 2021 13:42:12 +0000 (14:42 +0100)]
Move sans-serif fallback font higher than emoji fonts (#15855) (#15892)
Backport #15855
The Tor browser does not use the system-ui font and no other fonts in the stack match
its default fonts. In fact it is possible that it will in future only
match generic fonts. This means that all rendering will first try the
emoji fonts before falling back to the sans-serif font for glyphs.
In this case has the emoji fall back fonts for Tor contains empty glyphs
for numbers - in order to protect privacy - and leads to numbers being
rendered as empty glyphs. This is clearly not ideal and whilst we could
use the Arimo font - as I state above I suspect that Tor will eventually
ban detecting this and we should instead move the sans-serif font higher
in the stack so that it matches before the emoji fonts.
zeripath [Fri, 14 May 2021 16:42:27 +0000 (17:42 +0100)]
Add timeout to writing to responses (#15831) (#15872)
Backport #15831
In #15826 it has become apparent that there are a few occasions when a response can
hang during writing, and because there is no timeout go will happily just block
interminably. This PR adds a fixed 5 second timeout to all writes to a connection.
zeripath [Wed, 12 May 2021 19:09:16 +0000 (20:09 +0100)]
Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839)
Backport #15835
Unfortunately some old repositories can have tags with empty Tagger, Commit
or Author. Go-Git variants will always have empty values for these whereas
the native git variant leaves them at nil. The simplest solution is just to
always have these set to empty Signatures.
v156 migration also makes the incorrect assumption that these cannot be empty.
Therefore add some handling to this and add logging and adjust broken
logging elsewhere in this migration.
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
zeripath [Sun, 9 May 2021 02:32:48 +0000 (03:32 +0100)]
Display conflict-free merge messages for pull requests (#15773) (#15796)
Backport #15773
Repositories using external issue tracker tend to use numeric issues in
commits. To prevent conflicts during issue reference parsing or inside
commit hooks, this change respects these configuration and uses the !
character to refer to pull requests in merge commit messages.
For repositories using squash merges, this was already handled.
Signed-off-by: JustusBunsi <61625851+justusbunsi@users.noreply.github.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Steven <61625851+justusbunsi@users.noreply.github.com>
6543 [Sat, 8 May 2021 18:27:00 +0000 (20:27 +0200)]
Exponential Backoff for ByteFIFO (#15724) (#15793)
This PR is another in the vein of queue improvements. It suggests an
exponential backoff for bytefifo queues to reduce the load from queue
polling. This will mostly be useful for redis queues.
a1012112796 [Thu, 6 May 2021 19:23:26 +0000 (03:23 +0800)]
fix some ui bug about draft release (#15137) (#15745)
* fix some ui bug about draft release
- should not show draft release in tag list because
it will't create real tag
- still show draft release without tag and commit message
for draft release instead of 404 error
- remove tag load for attachement links because it's useless
Signed-off-by: a1012112796 <1012112796@qq.com>
* add test code
* fix test
That's because has added a new release in relaese test database.