forgejo/modules
Gusted 07152e9a9d
[GITEA] Restrict certificate type for builtin SSH server
- While doing some sanity checks over OpenSSH's code for how they
handle certificates authentication. I stumbled on an condition that
checks the certificate type is really an user certificate on the
server-side authentication. This checks seems to be a formality and just
for the sake of good domain seperation, because an user and host
certificate don't differ in their generation, verification or flags that
can be included.
- Add this check to the builtin SSH server to stay close to the
unwritten SSH specification.
- This is an breaking change for setups where the builtin SSH server is
being used and for some reason host certificates were being used for
authentication.

(cherry picked from commit 74c88c3217)
(cherry picked from commit 40df1875da)
2023-08-14 12:43:56 +02:00
..
actions [CI] Search .forgejo/workflows first 2023-08-14 08:58:53 +02:00
activitypub Update tool dependencies, lock govulncheck and actionlint (#25655) 2023-07-09 11:58:06 +00:00
analyze Rename code_langauge.go to code_language.go (#26377) 2023-08-07 15:00:53 -04:00
assetfs Skip unuseful error message in dev mode when watching local filesystem (#25919) 2023-07-17 09:47:55 +00:00
auth [SECURITY] default to pbkdf2 with 320,000 iterations 2023-08-14 09:32:38 +02:00
avatar Remove nfnt/resize and oliamb/cutter (#25999) 2023-07-20 19:52:42 +08:00
base Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
cache improve unit test for caching (#26185) 2023-07-27 22:24:40 +02:00
charset Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
container Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
context Set commit id when ref used explicitly (#26447) 2023-08-12 07:33:12 +00:00
csv Refactor locale number (#24134) 2023-04-17 11:37:23 +08:00
doctor Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
emoji Update emoji set to Unicode 15 (#25595) 2023-06-29 16:29:48 +00:00
eventsource Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
generate Bump github.com/golang-jwt/jwt to v5 (#25975) 2023-07-19 09:57:10 +00:00
git Close stdout correctly for "git blame" (#26470) 2023-08-13 02:11:20 +00:00
gitgraph Add context cache as a request level cache (#22294) 2023-02-15 21:37:34 +08:00
graceful Allow the use of alternative net.Listener implementations by downstreams (#25855) 2023-07-24 07:18:17 +00:00
hcaptcha Consume hcaptcha and pwn deps (#22610) 2023-01-29 09:49:51 -06:00
highlight Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
hostmatcher Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
html Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
httpcache Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
httplib Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
indexer [CI] disable meilisearch/elasticsearch test, no server yet in CI 2023-08-14 08:58:53 +02:00
issue/template Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
json Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
label Make label templates have consistent behavior and priority (#23749) 2023-04-10 16:44:02 +08:00
lfs Rewrite logger system (#24726) 2023-05-21 22:35:11 +00:00
log Use stderr as fallback if the log file can't be opened (#26074) 2023-07-24 04:57:21 +00:00
markup Make user-content-* consistent with github (#26388) 2023-08-09 09:30:31 +00:00
mcaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
metrics Use a separate admin page to show global stats, remove actions stat (#25062) 2023-06-03 22:03:41 +08:00
migration Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
mirror Improve queue and logger context (#24924) 2023-05-26 07:31:55 +00:00
nosql Update tool dependencies, lock govulncheck and actionlint (#25655) 2023-07-09 11:58:06 +00:00
notification Refactor and enhance issue indexer to support both searching, filtering and paging (#26012) 2023-07-31 06:28:53 +00:00
options Use a general approach to access custom/static/builtin assets (#24022) 2023-04-12 18:16:45 +08:00
packages Prevent newline errors with Debian packages (#26332) 2023-08-05 10:59:52 +02:00
paginator Use more specific test methods (#24265) 2023-04-22 17:56:27 -04:00
pprof Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
private [CLI] implement forgejo-cli 2023-08-14 08:58:52 +02:00
process Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
proxy Use proxy for pull mirror (#22771) 2023-02-11 08:39:50 +08:00
proxyprotocol Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
public Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974) 2023-07-21 12:14:20 +00:00
queue [CI] disable redis test, no redis server yet in CI 2023-08-14 08:58:53 +02:00
recaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
references Use correct captured group range when parsing cross-reference (#22672) 2023-01-31 10:08:05 +01:00
regexplru Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
repository Refactor and enhance issue indexer to support both searching, filtering and paging (#26012) 2023-07-31 06:28:53 +00:00
secret Improve decryption failure message (#24573) 2023-05-07 19:29:43 +08:00
session Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
setting [GITEA] add option for banning dots in usernames 2023-08-14 11:23:01 +02:00
sitemap Fix sitemap (#22272) 2022-12-30 23:31:00 +08:00
ssh [GITEA] Restrict certificate type for builtin SSH server 2023-08-14 12:43:56 +02:00
storage [CI] disable minio test, no minio server yet in CI 2023-08-14 08:58:53 +02:00
structs [GITEA] Add Upload URL to release API 2023-08-14 11:23:01 +02:00
svg Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
sync Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
system Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
templates Use template context function for avatar rendering (#26385) 2023-08-10 11:19:39 +08:00
test Start using template context function (#26254) 2023-08-08 01:22:47 +00:00
testlogger Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
timeutil Fix incorrect webhook time and use relative-time to display it (#24477) 2023-05-03 19:53:43 -04:00
translation Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
turnstile Add new captcha: cloudflare turnstile (#22369) 2023-02-05 15:29:03 +08:00
typesniffer [GITEA] Recognize OGG as an audio format 2023-08-14 12:43:56 +02:00
updatechecker Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
upload Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
uri Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
user Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
util Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
validation [GITEA] add option for banning dots in usernames 2023-08-14 11:23:01 +02:00
web [GITEA] add option for banning dots in usernames 2023-08-14 11:23:01 +02:00
webhook New webhook trigger for receiving Pull Request review requests (#24481) 2023-05-24 22:06:27 -04:00