Backport #18005
It appears that there are several places that password length, complexity and ispwned
are not currently been checked when changing passwords. This PR adds these.
Fix#17977
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991)
Unfortunately it appears that if git cat-file is run in an invalid
repository it will hang until stdin is closed. This will result in
deadlocked /pulls pages and dangling git cat-file calls if a broken
repository is tried to be reviewed or pulls exists for a broken
repository.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix compilation bug
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add the missing directories to the testrepos
* fixup! Add the missing directories to the testrepos
* and ensure that all of the other places have the objects directories too
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Check if column exist before rename if exist, just return with no error
* Also check if errors column exist
* Add comment for migration
* Fix sqlite test
Backport #17572
* Remove appSubUrl from pasted images
Since we fixed the url base for the links in repositories we no longer need to add
the appsuburl to pasted image links.
Fix#17057
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17482
* Only allow webhook to send requests to allowed hosts (backport #17482)
* use ALLOWED_HOST_LIST=* for default to keep the legacy behavior in 1.15.x
Backport #17498
The call to html.EscapeString in routers/web/repo/blame.go:renderBlame is extraneous
as the commit message is now rendered by the template. The template will correctly
escape strings - therefore we are currently double escaping.
This PR fixes this.
Fix#17492
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17487
CountOrphanedObjects needs to quote the table it is joining with as this table may
be `user`.
Fix#17485
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17475
The underlying problem in #17328 appears to be that users are re-running the install
page during upgrades. The function that tests and creates the db did not intend for
this and thus instead the migration scripts being run - a simple sync tables occurs.
This then causes a weird partially migrated DB which causes, in this release cycle,
the duplicate column in task table error. It is likely the cause of some weird
partial migration errors in other cycles too.
This PR simply ensures that the migration scripts are also run at this point too.
Fix#17328
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17456
modules/private/serv.go has two major functions that are missing testcases to ensure
that Deploy and normal SSH keys work correctly.
This PR adds some basic integration tests for these.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Backport #17460
There is a small bug in the way that repo access is checked in
repoAssignment: Accessibility is checked by checking if the user has a
marked access to the repository instead of checking if the user has any
team granted access.
This PR changes this permissions check to use HasAccess() which does the
correct test. There is also a fix in the release api ListReleases where
it should return draft releases if the user is a member of a team with
write access to the releases.
The PR also adds a testcase.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17434
Unfortunately there was a regression in #17373 which missed that the user is not
for deploy keys. This leads to a panic when pushing with deploy keys.
Fix#17412
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17406.
Closes#17378
Both errors from #17378 were caused by #15175.
Problem 1 (error with added file):
`ToUTF8WithFallbackReader` creates a `MultiReader` from a `byte[2048]` and the remaining reader. `CreateReaderAndGuessDelimiter` tries to read 10000 bytes from this reader but only gets 2048 because that's the first reader in the `MultiReader`. Then the `if size < 1e4` thinks the input is at EOF and just returns that.
Problem 2 (error with changed file):
The blob reader gets defer closed. That was fine because the old version reads the whole file into memory. Now with the streaming version the close needs to defer after the method.
Co-authored-by: zeripath <art27@cantab.net>
We allow to render empty check list item - [ ], while GitHub doesn't allow.
To make the rendering correct, we need tune the UI (the last PR #17413 uses absolute layout, which makes the empty checkbox item can not be displayed correctly)
* SECURITY
* Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
* Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
* BUGFIXES
* Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
* Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
* Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
* Ensure popup text is aligned left (backport for 1.15) (#17343)
* Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
* Disable core.protectNTFS (#17300) (#17302)
* Use pointer for wrappedConn methods (#17295) (#17296)
* AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
* Handle duplicate keys on GPG key ring (#17242) (#17284)
* Fix SVG side by side comparison link (#17375) (#17391)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #17375
Define unique names for image tabs in pull requests, in order to toggle tabs correctly when multiple are displayed on one page.
Fixes position of swipe-bar so it does not overlay other UI components when scrolling.
Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
Co-authored-by: Mario Lubenka <mario.lubenka@googlemail.com>
Backport #17281
There is a subtle bug in the SSH library x/crypto/ssh which makes the incorrect
assumption that the public key type is the same as the signature algorithm type.
This means that only ssh-rsa signatures are offered by default.
This PR adds a workaround around this problem.
Fix#17175
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>