forgejo/modules
Gusted 7bc135732d
[GITEA] Restrict certificate type for builtin SSH server
- While doing some sanity checks over OpenSSH's code for how they
handle certificates authentication. I stumbled on an condition that
checks the certificate type is really an user certificate on the
server-side authentication. This checks seems to be a formality and just
for the sake of good domain seperation, because an user and host
certificate don't differ in their generation, verification or flags that
can be included.
- Add this check to the builtin SSH server to stay close to the
unwritten SSH specification.
- This is an breaking change for setups where the builtin SSH server is
being used and for some reason host certificates were being used for
authentication.

(cherry picked from commit 74c88c3217)
(cherry picked from commit 40df1875da)
(cherry picked from commit 07152e9a9d)
2023-08-22 13:57:02 +02:00
..
actions [CI] Search .forgejo/workflows first 2023-08-22 08:01:54 +02:00
activitypub Update tool dependencies, lock govulncheck and actionlint (#25655) 2023-07-09 11:58:06 +00:00
analyze Rename code_langauge.go to code_language.go (#26377) 2023-08-07 15:00:53 -04:00
assetfs Skip unuseful error message in dev mode when watching local filesystem (#25919) 2023-07-17 09:47:55 +00:00
auth [SECURITY] default to pbkdf2 with 320,000 iterations 2023-08-22 08:41:55 +02:00
avatar Remove nfnt/resize and oliamb/cutter (#25999) 2023-07-20 19:52:42 +08:00
base Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
cache improve unit test for caching (#26185) 2023-07-27 22:24:40 +02:00
charset Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
container Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
context Fix display problems of members and teams unit (#26363) 2023-08-15 16:00:35 +02:00
csv Refactor locale number (#24134) 2023-04-17 11:37:23 +08:00
doctor Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
emoji Update emoji set to Unicode 15 (#25595) 2023-06-29 16:29:48 +00:00
eventsource Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
generate Handle base64 decoding correctly to avoid panic (#26483) 2023-08-14 10:30:16 +00:00
git Sync repo's IsEmpty status correctly (#26517) 2023-08-17 04:43:39 +00:00
gitgraph Add context cache as a request level cache (#22294) 2023-02-15 21:37:34 +08:00
graceful Allow the use of alternative net.Listener implementations by downstreams (#25855) 2023-07-24 07:18:17 +00:00
hcaptcha Consume hcaptcha and pwn deps (#22610) 2023-01-29 09:49:51 -06:00
highlight Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
hostmatcher Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
html Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
httpcache Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
httplib Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
indexer [CI] disable meilisearch/elasticsearch test, no server yet in CI 2023-08-22 08:01:54 +02:00
issue/template Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
json Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
label Make label templates have consistent behavior and priority (#23749) 2023-04-10 16:44:02 +08:00
lfs Rewrite logger system (#24726) 2023-05-21 22:35:11 +00:00
log Use stderr as fallback if the log file can't be opened (#26074) 2023-07-24 04:57:21 +00:00
markup Make user-content-* consistent with github (#26388) 2023-08-09 09:30:31 +00:00
mcaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
metrics Use a separate admin page to show global stats, remove actions stat (#25062) 2023-06-03 22:03:41 +08:00
migration Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
mirror Improve queue and logger context (#24924) 2023-05-26 07:31:55 +00:00
nosql Update tool dependencies, lock govulncheck and actionlint (#25655) 2023-07-09 11:58:06 +00:00
notification Add missing triggers to update issue indexer (#26539) 2023-08-16 17:36:05 +08:00
options Use a general approach to access custom/static/builtin assets (#24022) 2023-04-12 18:16:45 +08:00
packages Fix NPM packages name validation (#26595) 2023-08-20 15:06:42 +00:00
paginator Use more specific test methods (#24265) 2023-04-22 17:56:27 -04:00
pprof Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
private [CLI] implement forgejo-cli 2023-08-22 07:54:39 +02:00
process Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
proxy Use proxy for pull mirror (#22771) 2023-02-11 08:39:50 +08:00
proxyprotocol Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
public Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974) 2023-07-21 12:14:20 +00:00
queue [CI] disable redis test, no redis server yet in CI 2023-08-22 08:01:54 +02:00
recaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
references Use correct captured group range when parsing cross-reference (#22672) 2023-01-31 10:08:05 +01:00
regexplru Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
repository Refactor and enhance issue indexer to support both searching, filtering and paging (#26012) 2023-07-31 06:28:53 +00:00
secret Improve decryption failure message (#24573) 2023-05-07 19:29:43 +08:00
session Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
setting [GITEA] add option for banning dots in usernames 2023-08-22 10:01:20 +02:00
sitemap Fix sitemap (#22272) 2022-12-30 23:31:00 +08:00
ssh [GITEA] Restrict certificate type for builtin SSH server 2023-08-22 13:57:02 +02:00
storage [CI] disable minio test, no minio server yet in CI 2023-08-22 08:01:54 +02:00
structs [GITEA] Add Upload URL to release API 2023-08-22 10:01:20 +02:00
svg Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
sync Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
system Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
templates Remove avatarHTML from template helpers (#26598) 2023-08-21 15:00:14 +00:00
test Start using template context function (#26254) 2023-08-08 01:22:47 +00:00
testlogger Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
timeutil Fix incorrect webhook time and use relative-time to display it (#24477) 2023-05-03 19:53:43 -04:00
translation Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
turnstile Add new captcha: cloudflare turnstile (#22369) 2023-02-05 15:29:03 +08:00
typesniffer Detect ogg mime-type as audio or video (#26494) 2023-08-15 10:31:25 +08:00
updatechecker Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
upload Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
uri Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
user Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
util Handle base64 decoding correctly to avoid panic (#26483) 2023-08-14 10:30:16 +00:00
validation [GITEA] add option for banning dots in usernames 2023-08-22 10:01:20 +02:00
web [GITEA] add option for banning dots in usernames 2023-08-22 10:01:20 +02:00
webhook New webhook trigger for receiving Pull Request review requests (#24481) 2023-05-24 22:06:27 -04:00