Commit Graph

1466 Commits

Author SHA1 Message Date
Kim "BKC" Carlbäcker d409d3ab57 Sanitation fix from Gogs (#1461)
* Santiation fix from Gogs

* Linting

* Fix build-errors

* still not working

* Fix all the things!

* gofmt

* Add code-injection checks
2017-04-13 10:52:24 +08:00
Jonas be6edaddcb Repo size in admin panel (#1482)
* Implementation of the feature to view repository size in admin panel
 * Move GetRepoSize to git module
 * Repository.RepoSize -> Repository.Size
 * RepoSize -> Size in template
 * Redo a few bits and pieces
 * Update size when syncing mirror or forking
 * Remove GetRepoSize
 * Changed fatal errors to error message

* Copy migration code from Gogs

* make fmt
2017-04-11 21:30:15 +08:00
Jonas 54f0293f0a Mirror sync interval specified as duration string (#1407)
* Sync interval specifed as duration string

* Changed mirror interval text

* make fmt

* Add MinInterval for mirror sync

* Use duration internally

* Changed min default to 10m

* make fmt

* Incorrect default

* Removed defaults in MustDuration()

* Add Mirror interval migration

* Default values corrected

* Use transaction during migration

* Change http 500 to page with error message

* Cleanup session.commit()
2017-04-08 23:27:26 +08:00
Mura Li b746757209 Remove unused mutex field (#1440) 2017-04-04 01:54:02 -07:00
Mura Li 93c25c9a35 Fix races in the log module by using syncmap (#1421) 2017-04-03 10:22:26 +08:00
Jonas 095e1f5155 Support for custom html meta (#1423)
* Support for custom html meta

* Changed html meta description default
2017-03-31 18:03:01 -07:00
Sandro Santilli 129b0d6a4b Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
* Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION

Omit the configuration variable (the default) to be dependent.
Fixes #1363

* Move OpenID settings under Service object

* Show OpenID SignUp and SignIn status in admin panel / configuration
2017-03-29 18:57:43 +08:00
Bo-Yi Wu 08f7fded3c refactor: remove workaround after the golang 1.7 release. (#1349)
* refactor: remove workaround after the golang 1.7 release.

* remove unused import.

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* refactor: Add remove function.

* refactor: rename

* refactor: update build flag
2017-03-29 10:05:23 +08:00
Sandro Santilli f73e734411 Run "make fmt" with go-1.6 (#1333) 2017-03-21 08:55:00 +08:00
caiwp dbabc35e71 Delete the useless code (#1335) 2017-03-20 21:17:07 +08:00
Lunny Xiao 8bcb643a03 remove empty file (#1326) 2017-03-19 21:43:04 +08:00
Bo-Yi Wu 1c3bd436cc feat: Only use issue and wiki on repo. (#1297) 2017-03-18 18:59:07 +08:00
Sandro Santilli 71d16f69ff Login via OpenID-2.0 (#618) 2017-03-17 15:16:08 +01:00
Lunny Xiao 3cf0e513e6 fix wrong log when push to a new branch (#1220) 2017-03-17 10:15:00 +08:00
Ethan Koenig 17f403fbcd Fix nil-dereference bug 2017-03-15 14:09:44 -04:00
Ethan Koenig 021904e4e6 Fix typos in models/ and modules/ (#1248) 2017-03-15 08:52:01 +08:00
Ethan Koenig ec0ae5d50c Refactor and fix incorrect comment (#1247) 2017-03-15 08:51:46 +08:00
Andrey Nering d2b2881306 Fix Git hooks not being executed on Windows when running as a service (#1149)
Closes #1139
2017-03-09 09:27:43 +08:00
Bo-Yi Wu 0afab87631 refactor: remove redundant slash. (#1109) 2017-03-03 20:47:24 +08:00
Bo-Yi Wu 28a5bc313a fix: gofmt errors. (#1106) 2017-03-03 16:21:31 +08:00
Schwobaland 2f7dc28b22 add ProxyFromEnvironment if none set (#1096) 2017-03-02 08:36:42 +08:00
Jonas f3bf409082 Log config pretty printer (#1097)
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
2017-03-02 08:25:44 +08:00
Lunny Xiao 0380ce269f add back the default setting values and fix #739 (#1093) 2017-03-01 23:10:12 +08:00
Thomas Boerger db6777d369 Fixed custom templates for static builds (#1087) 2017-03-01 09:45:21 +08:00
Lunny Xiao c2eef171ff fix some typos (#1082) 2017-02-28 12:56:15 +08:00
Jonas a201977590 Fix for #828: Embed build tags (#1051)
* Fix for #828
Add build tags to ldflags and print in version output

Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>

* Reworked formatBuiltWith function

Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>

* Add tags to version information in admin panel

Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>

* Added new variable for use on admin page.

Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>

* Fixed incorrect indentation
2017-02-28 08:40:02 +08:00
Andrey Nering f552b0a207 Remove test that touch network 2017-02-25 10:32:15 -03:00
Andrew Boyarshin 0602a44b27 Fix URL handling in the whole markdown module, improve test coverage (#1027)
Amended with string to bool change in API SDK.

Signed-off-by: Andrew Boyarshin <andrew.boyarshin@gmail.com>
2017-02-24 22:59:56 +08:00
puffybsd 8de8e11487 Fixes 1019, install page SMTP user is required to (#1020)
to be an email address.

Signed-off-by: P.B. <puffybsd@yahoo.com>
2017-02-24 09:37:13 +08:00
Lunny Xiao d6748284bd fix panic when push but the only log mode console is disabled by serv and update commands (#1007) 2017-02-22 19:44:51 +08:00
Willem van Dreumel 01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
Denis Denisov fd941db246 Protected branches system (#339)
* Protected branches system

* Moved default branch to branches section (`:org/:reponame/settings/branches`).
* Initial support Protected Branch.
  - Admin does not restrict
  - Owner not to limit
  - To write permission restrictions

* reformat tmpl

* finished the UI and add/delete protected branch response

* remove unused comment

* indent all the template files and remove ru translations since we use crowdin

* fix the push bug
2017-02-21 23:02:10 +08:00
Lunny Xiao 70ae6d197b disable console output xorm log on ssh (#993) 2017-02-21 21:34:05 +08:00
Lunny Xiao 04fdeb9d8d Make Xorm log configurable (#174)
* make xorm log configable

* bug fixed for other sub commands except web

* rebase and fix xorm log

* bug fix for TrimSpace
2017-02-20 16:11:13 +08:00
Unknwon 134f3e6e09 Security: prevent XSS attach on wiki page
Reported by Miguel Ángel Jimeno.
2017-02-16 04:06:20 +01:00
Lunny Xiao cf47532ebc fix ssh domain default value to domain (#930) 2017-02-15 00:07:37 +08:00
Bo-Yi Wu d67b278a0d feat: Able to disable non-admin to create new organization (#927) 2017-02-14 20:16:00 +08:00
Andrew Boyarshin dc8248f8a4 Markdown rendering overhaul (#186)
* Markdown rendering overhaul

Cleaned up and squashed commits into single one.

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>

* Fix markdown API, add markdown module and API tests, improve code coverage

Signed-off-by: Andrew Boyarshin <boyarshinand@gmail.com>
2017-02-14 09:13:59 +08:00
Bo-Yi Wu 5cc275b1de feat: add git version on admin panel. (#921) 2017-02-13 19:49:42 +08:00
Andrew a36a8f4d72 Add missing copyright header to status table test (#902) 2017-02-11 17:53:47 +08:00
Andrew 42835c7f82 Implement archive cleanup (#885)
* Implement archive cleanup

Fixes #769

Signed-off-by: Andrew <write@imaginarycode.com>

* Make sure to close the directory file

* Resolve issues noted by @strk

* edit cheatsheet app.ini [ci skip]

* oops [ci skip]
2017-02-11 12:00:46 +08:00
Andrew 1da7dd3da9 Improve status table implementation (#879)
* Remove superfluous defer calls

* Improve status table implementation as well

This would probably only help with large, high-traffic installs
2017-02-09 14:39:06 +08:00
Ethan Koenig d2329e1c26 Use assert in legacy unit tests (#867) 2017-02-08 14:29:07 +08:00
Ethan Koenig 027591a3a5 Redirects for renamed repos (#807)
* Redirects for renamed repos

* Remove unused phrase from locales
2017-02-05 22:35:03 +08:00
Ethan Koenig e86d935175 Avoid duplicate queries in auth (#827)
Avoid identical making calls to GetUserByID(..) in SignedInUser(..)
2017-02-05 21:10:46 +08:00
Matthias Loibl 17c5e12e6e Add ENABLE_PPROF to app.ini and start pprof if true on localhost:6060 (#801)
* Add ENABLE_PPROF to app.ini and start pprof if true on localhost:6060

* Add comment for golint to blank pprof import
2017-02-05 21:06:25 +08:00
Lunny Xiao 8a421b1fd7 Add units concept for modulable functions of a repository (#742)
* Add units concept for modulable functions of a repository

* remove unused comment codes & fix lints and tests

* remove unused comment codes

* use struct config instead of map

* fix lint

* rm wrong files

* fix tests
2017-02-04 23:53:46 +08:00
ʿAhed ʿid 49fa03bf42 Allow using custom time format (#798)
* Allow using custom time format

I need to use custom time format in `conf/app.ini' like 

    FORMAT = 2006-01-02 15:04:05

so that Gitea will display '2017-01-30 08:41:49'
check this answer for more constants to format date  <http://stackoverflow.com/a/20234207/2570425> 

PS: First GO commit

* Refactor and validate TimeFormat (must have 2006, 01, 02, 15, 04 and 05)
2017-02-04 20:37:50 +08:00
Gabriel Jackson bf6f61cc69 Cleanup log messaging
This change corrects a few logging issues:

 * Standardized formatting errors with '%v'.
 * Standardized failure warning word usage.
 * Corrected an instance of using the standard log library when
   the gitea log library should be used instead.
2017-02-02 15:24:18 +01:00
Ethan Koenig 73d05a51e3 Remove unneeded database loads (#814)
Remove unnecessary calls to repo.GetOwner() in context handlers
2017-02-02 20:33:56 +08:00
Thomas Boerger 78535fb08e Allow custom public files (#782)
* Allow custom public files

* Gofmt code, lots of places not related to this pr
2017-01-28 23:14:56 +01:00
Bo-Yi Wu 25663b5816 refactor: Remove unnecessary type conversions (#772) 2017-01-27 23:03:32 +08:00
Andrey Nering e7c3be5f2f Merge pull request #736 from andreynering/fix-windows-ssh
Fix SSH server on Windows when running as service
2017-01-25 14:19:55 -02:00
Bwko 634ac9c5af Update Website binding MaxSize to 255 (#722) 2017-01-25 15:23:20 +08:00
Ethan Koenig 833f8b94c2 Search bar for issues/pulls (#530) 2017-01-25 10:43:02 +08:00
Andrey Nering bcee9b76dd Fix lint 2017-01-23 20:56:25 -02:00
Andrey Nering fda4476061 Fix SSH server on Windows when running as service
Closes #680
2017-01-23 20:44:23 -02:00
Andrey Nering 44d4863ecf Merge commit 'af636848622c8ad27cace63be5f9dd9aaa565502' as 'modules/minwinsvc' 2017-01-23 20:40:11 -02:00
DWE 8b87be63c5 fix logfile name (#731) 2017-01-23 19:19:12 +08:00
Bwko 74ed6dc3ad Add option to app.ini to enable local import paths (#724) 2017-01-23 09:19:50 +08:00
willemvd 8c2c7b802f Remove the default console logger when it is not set in the configuration (#602)
* Remove the default console logger when it is not set in the configuration

* Added comment to new function (lint failure)

* update based on PR comments (code style)

* code style fix (thanks bkcsoft)

* check if logger exists based on the l.outputs (like in l.DelLogger) instead of adapter, otherwise panic when reinstalling gitea (since the output adapter still exist, without outputs)
2017-01-17 14:02:35 +08:00
Matthias Loibl d1006150fb Refactor process package and introduce ProcessManager{} with tests (#75)
* Add a process.Manager singleton with process.GetManager()

* Use process.GetManager everywhere

* Fix godoc comments for process module

* Increment process counter id after locking the mutex
2017-01-17 13:58:58 +08:00
Andrew 6dd096b7f0 Two factor authentication support (#630)
* Initial commit for 2FA support

Signed-off-by: Andrew <write@imaginarycode.com>

* Add vendored files

* Add missing depends

* A few clean ups

* Added improvements, proper encryption

* Better encryption key

* Simplify "key" generation

* Make 2FA enrollment page more robust

* Fix typo

* Rename twofa/2FA to TwoFactor

* UNIQUE INDEX -> UNIQUE
2017-01-16 10:14:29 +08:00
Philip Couling 64375d875b Attach to release (#673)
* Moved attachaments POST url from /issues/attachments to /attachments

* Implemented attachment upload on release page

* Implemented downloading attachments on the release page

* Added zip and gzip files to default allowed attachments

* Implemented uploading attachments on edit release

* Renamed UploadIssueAttachment to UploadAttachment
2017-01-15 22:57:00 +08:00
Bwko 4a1f36c3cc Don't create a default pid file (#637) 2017-01-14 10:15:43 +08:00
Bo-Yi Wu 0af9a24087 docs: update translation on homepage for zh-tw (#634) 2017-01-11 09:23:42 +01:00
Bo-Yi Wu f91b8c5f53 refactor: check the error returned by os.MkdirAll() 2017-01-09 22:36:23 +08:00
Bo-Yi Wu 9f575986d8 feat: support pid file. 2017-01-09 19:54:57 +08:00
Manuel Kuhlmann 56614b2cbe Add default SSH_LISTEN_PORT config value (#603) (#607) 2017-01-08 11:14:45 +08:00
derSuessmann 51d578ff33 Add Keep email private (see issue #571). (#571)
- Add site-wide option DEFAULT_KEEP_EMAIL_PRIVATE.
- Add the new option to the install and admin/config pages.
- Add the new option to app.ini in the service section.
- Add the new option to the settings struct.
- Add English text strings to i18n.
- Add field KeepEmailPrivate to user struct.
- Add field KeepEmailPrivate to user form.
- Add option to UI.
- Add using noreply email address if user has "Keep Email Private".
An email address <LowerName>@<NO_REPLY_ADDRESS> is now used in commit
messages (and hopefully all other git log relevant places). The
change relies on the fact that git commands should use
user.NetGitSig().
- Add hiding of email address in UI, if user has set "Keep Email Private".
- Add condition to show email address only on explore/users and user
pages, if user has not set "Keep Email Private".
- Add noreply email in API if set "Keep Email Private".
- Add a new service setting NO_REPLY_ADDRESS. The value of this
setting is used as the domain part for the user's email address in
git log, iff he decides to keep his email address private.
If the user decides to keep his email address private and this
option is not set 'noreply.example.org' is used, which no MTA
should send email to.

Add NO_REPLY_ADDRESS to conf/app.ini.
2017-01-08 11:12:03 +08:00
Thiago Avelino 787fda53ef UI config to toggle whether user email shows up in Explore Users (#336)
* UI config to toggle whether user email shows up in Explore Users

* Recommendation made by @tboerger
66a1c59fe7 (r94122732)

* fixed typo, rename ShowUserEmailInExplore to ShowUserEmail

* Fixed typo merged conflict

* Hide email in the user profile page

if you are active ShowUserEmail
ref https://github.com/go-gitea/gitea/pull/336#issuecomment-269843725

* Please replace MustBool() with MustBool(true)
2017-01-01 10:51:10 +08:00
Schwobaland c0904f1942 Restrict creating organisations by user (#193)
* restrict creating organizations based on right on user

* revert bindata.go

* reverse vendor lib

* revert goimports change

* set AllowCreateOrganization default value to true

* revert locale

* added default value for AllowCreateOrganization

* fix typo in migration-comment

* fix comment

* add coments in migration
2016-12-31 10:33:30 +08:00
Bo-Yi Wu 6510e57758 fix gofmt error
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2016-12-30 20:41:10 +01:00
Andrey Nering 42904cb98a Notification - Step 1 (#523)
* Notification - Step 1

* Add copyright headers

* Cache issue and repository on notification model
2016-12-31 00:44:54 +08:00
Ethan Koenig 6f4ba6884c Repo permission bug fixes (#513) 2016-12-29 21:17:32 +08:00
Lunny Xiao ac51caa517 add default values for SSH settings (#500) 2016-12-29 11:51:15 +01:00
Sl@ny c22f9114c7 Implementation of Folder Jumping 2016-12-28 18:09:52 +01:00
Joubert RedRat a0f5471e21 Fix default cookie name 2016-12-27 13:02:24 -02:00
Sandro Santilli 71634452e1 Improve issue references in markdown (#471)
* Improve issue references in markdown. (#3436)

* Fix build

* Fix lint

* Fix comment typo
2016-12-26 18:52:04 +08:00
Fabian Zaremba 2e7ccecfe6 Git LFS support v2 (#122)
* Import github.com/git-lfs/lfs-test-server as lfs module base

Imported commit is 3968aac269a77b73924649b9412ae03f7ccd3198

Removed:

Dockerfile CONTRIBUTING.md mgmt* script/ vendor/ kvlogger.go
.dockerignore .gitignore README.md

* Remove config, add JWT support from github.com/mgit-at/lfs-test-server

Imported commit f0cdcc5a01599c5a955dc1bbf683bb4acecdba83

* Add LFS settings

* Add LFS meta object model

* Add LFS routes and initialization

* Import github.com/dgrijalva/jwt-go into vendor/

* Adapt LFS module: handlers, routing, meta store

* Move LFS routes to /user/repo/info/lfs/*

* Add request header checks to LFS BatchHandler / PostHandler

* Implement LFS basic authentication

* Rework JWT secret generation / load

* Implement LFS SSH token authentication with JWT

Specification: https://github.com/github/git-lfs/tree/master/docs/api

* Integrate LFS settings into install process

* Remove LFS objects when repository is deleted

Only removes objects from content store when deleted repo is the only
referencing repository

* Make LFS module stateless

Fixes bug where LFS would not work after installation without
restarting Gitea

* Change 500 'Internal Server Error' to 400 'Bad Request'

* Change sql query to xorm call

* Remove unneeded type from LFS module

* Change internal imports to code.gitea.io/gitea/

* Add Gitea authors copyright

* Change basic auth realm to "gitea-lfs"

* Add unique indexes to LFS model

* Use xorm count function in LFS check on repository delete

* Return io.ReadCloser from content store and close after usage

* Add LFS info to runWeb()

* Export LFS content store base path

* LFS file download from UI

* Work around git-lfs client issue with unauthenticated requests

Returning a dummy Authorization header for unauthenticated requests
lets git-lfs client skip asking for auth credentials
See: https://github.com/github/git-lfs/issues/1088

* Fix unauthenticated UI downloads from public repositories

* Authentication check order, Finish LFS file view logic

* Ignore LFS hooks if installed for current OS user

Fixes Gitea UI actions for repositories tracking LFS files.
Checks for minimum needed git version by parsing the semantic version
string.

* Hide LFS metafile diff from commit view, marking as binary

* Show LFS notice if file in commit view is tracked

* Add notbefore/nbf JWT claim

* Correct lint suggestions - comments for structs and functions

- Add comments to LFS model
- Function comment for GetRandomBytesAsBase64
- LFS server function comments and lint variable suggestion

* Move secret generation code out of conditional

Ensures no LFS code may run with an empty secret

* Do not hand out JWT tokens if LFS server support is disabled
2016-12-26 09:16:37 +08:00
Philip Couling d4924d45d6 Implement sendmail (#355)
* Implemented sendmail. This piggybacks on existing configuration to keep the change simple

* Changed privicy of new sendSMTP and sendSendmail functions

* Fixed Lint errors

* Seperated SMTP and sendmail into their own senders

* Making new structs private as they should not be used externally now

* Added sendmail setting to ini file

* Minor code cleanup
2016-12-25 14:55:22 +01:00
Bwko c1e92eeb72 Simplified MinPasswordLength check (#475) 2016-12-24 22:42:11 +08:00
Bwko f27d87d93b Added minimum password length to app.ini (#223) 2016-12-24 21:40:44 +08:00
btrepp 25b5ffb6af Enables mssql support (#383)
* Enables mssql support

Port of dlobs work in gogs.
Enables options in index.js
Enables MSSQL as a database option in go.
Sets ID to 0 on initial migration. Required for
MSSQL insert statements.

Signed-off-by: Beau Trepp <beautrepp@gmail.com>

* Vendors in denisenkom/go-mssqldb

Includes golang.org/x/crypto/md4
as this is required by go-msssqldb

Signed-off-by: Beau Trepp <beautrepp@gmail.com>
2016-12-24 09:37:35 +08:00
Lunny Xiao a822bba3e1 Add default values for settings (#455)
* add default values for settings

* more default values

* more default settings and labels resource

* mv locale to options
2016-12-23 15:18:05 +08:00
Ethan Koenig ec1fe1183d Fix race condition in unit test (#456) 2016-12-23 14:31:22 +08:00
Thomas Boerger b33078fa33 Bindata is optional and over-writable on restart (#354)
* Moved conf assets into options folder

* Dropped old bindata

* Started to integrate options bindata and accessors

* Do not enforce a builtin app.ini

* Replaced bindata calls with options

* Dropped bindata task from makefile, it's the generate task now

* Always embedd app.ini to provide sane config defaults

* Use sane defaults for the configuration

* Defined default value for SSH_KEYGEN_PATH

* Dropped "NEVER EVER MODIFY THIS FILE" header from app.ini

* Fixed new paths in latest test additions

* Drop bindata with make clean task

* Set more proper default values
2016-12-22 19:12:23 +01:00
Lunny Xiao e0ecd9fd93 fix bug #1122 log.smtp receiver configure error (#3602) (#451) 2016-12-22 13:27:13 +01:00
Lunny Xiao 65b1875d2b New settings option for a custom SSH host (#3763) (#446)
* New settings option for a custom SSH host (#3763)

* let default ssh listen addr empty
2016-12-22 13:26:43 +01:00
Lunny Xiao 47a7529d96 update code.gitea.io/git (#450) 2016-12-22 10:30:52 +01:00
Ethan Koenig 4c89a9c33c Bug fixes and tests for modules/base (#442)
Also address other TODOs
2016-12-22 16:58:04 +08:00
Joubert RedRat ce21ed6c34 Remove remaining Gogs reference on locales and cmd (#430) 2016-12-21 20:13:17 +08:00
Andrey Nering 235eb4c3d2 Merge pull request #412 from strk/libravatar-source
Add support for using "libravatar" as the GravatarSource
2016-12-20 10:32:45 -02:00
Denis Denisov 380e32e129 Fix random string generator (#384)
* Remove unused custom-alphabet feature of random string generator

Fix random string generator

Random string generator should return error if it fails to read random data via crypto/rand

* Fixes variable (un)initialization mixed assign
Update test GetRandomString
2016-12-20 13:32:02 +01:00
Nico Mandery 6ade13e86e serve video files using the HTML5 video tag (#418)
* serve video files using the HTML5 video tag

* lint fix: add comment to IsVideoFile
2016-12-20 16:09:11 +08:00
Sandro Santilli 608a60fb94 Add support for using "libravatar" as the GravatarSource
Just to make it easier for administrator to configure libre avatar,
as it is done for "duoshuo" and "gravatar"
2016-12-19 17:05:30 +01:00
Lunny Xiao d771e978a1 Don't use custom PBKDF2 function (#382) 2016-12-15 09:24:27 +08:00
Kim "BKC" Carlbäcker 1d1c01875d Autogenerate Version on build (#190)
* Autogenerate Version On Build

* Fixes

* Changed Version to v0.9.0

* balls

* I hate newlines

* Don't remove .VERSION-file on `make clean`

* v0.9.0 => 1.0.0

* damn new-lines...

* Always rebuild templates/.VERSION

* Delete .VERSION

* Update Makefile
2016-12-13 12:48:58 +08:00
Denis Denisov f0a989c1d0 Correction LDAP validation (#342)
* Correction LDAP username validation

As https://msdn.microsoft.com/en-us/library/aa366101(v=vs.85).aspx describe spaces should not be in start or at the end of username but they can be inside the username. So please check my solution for it.

* Check for zero length passwords in LDAP module.

According to https://tools.ietf.org/search/rfc4513#section-5.1.2 LDAP client should always check before bind whether a password is an empty value. There are at least one LDAP implementation which does not return error if you try to bind with DN set and empty password - AD.

* Clearing the login/email spaces at the [start/end]
2016-12-12 08:46:51 +08:00
Henning Henkel bab737bf02 Fix alignment of tooltip and add bindata - related to #359 (#364) 2016-12-08 20:59:47 +08:00