diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/disable_email_interceptor.rb | 8 | ||||
| -rw-r--r-- | lib/gitlab/ldap/authentication.rb | 4 | ||||
| -rw-r--r-- | lib/gitlab/ldap/config.rb | 27 | ||||
| -rw-r--r-- | lib/gitlab/markdown.rb | 2 | ||||
| -rw-r--r-- | lib/gitlab/url_builder.rb | 2 | ||||
| -rw-r--r-- | lib/support/nginx/gitlab-ssl | 14 | ||||
| -rw-r--r-- | lib/tasks/gitlab/import.rake | 17 | ||||
| -rw-r--r-- | lib/tasks/gitlab/shell.rake | 8 | 
8 files changed, 42 insertions, 40 deletions
| diff --git a/lib/disable_email_interceptor.rb b/lib/disable_email_interceptor.rb new file mode 100644 index 00000000000..1b80be112a4 --- /dev/null +++ b/lib/disable_email_interceptor.rb @@ -0,0 +1,8 @@ +# Read about interceptors in http://guides.rubyonrails.org/action_mailer_basics.html#intercepting-emails +class DisableEmailInterceptor + +  def self.delivering_email(message) +    message.perform_deliveries = false +    Rails.logger.info "Emails disabled! Interceptor prevented sending mail #{message.subject}" +  end +end diff --git a/lib/gitlab/ldap/authentication.rb b/lib/gitlab/ldap/authentication.rb index a5944f96983..8af2c74e959 100644 --- a/lib/gitlab/ldap/authentication.rb +++ b/lib/gitlab/ldap/authentication.rb @@ -42,7 +42,7 @@ module Gitlab        end        def adapter -        OmniAuth::LDAP::Adaptor.new(config.options) +        OmniAuth::LDAP::Adaptor.new(config.options.symbolize_keys)        end        def config @@ -68,4 +68,4 @@ module Gitlab        end      end    end -end
\ No newline at end of file +end diff --git a/lib/gitlab/ldap/config.rb b/lib/gitlab/ldap/config.rb index d41bfba9b0f..0cb24d0ccc1 100644 --- a/lib/gitlab/ldap/config.rb +++ b/lib/gitlab/ldap/config.rb @@ -16,10 +16,23 @@ module Gitlab          servers.map {|server| server['provider_name'] }        end +      def self.valid_provider?(provider) +        providers.include?(provider) +      end + +      def self.invalid_provider(provider) +        raise "Unknown provider (#{provider}). Available providers: #{providers}" +      end +        def initialize(provider) -        @provider = provider -        invalid_provider unless valid_provider? -        @options = config_for(provider) +        if self.class.valid_provider?(provider) +          @provider = provider +        elsif provider == 'ldap' +          @provider = self.class.providers.first +        else +          self.class.invalid_provider(provider) +        end +        @options = config_for(@provider) # Use @provider, not provider        end        def enabled? @@ -89,14 +102,6 @@ module Gitlab          end        end -      def valid_provider? -        self.class.providers.include?(provider) -      end - -      def invalid_provider -        raise "Unknown provider (#{provider}). Available providers: #{self.class.providers}" -      end -        def auth_options          {            auth: { diff --git a/lib/gitlab/markdown.rb b/lib/gitlab/markdown.rb index ddcce7557a0..068c342398b 100644 --- a/lib/gitlab/markdown.rb +++ b/lib/gitlab/markdown.rb @@ -202,7 +202,7 @@ module Gitlab        if identifier == "all"          link_to("@all", project_url(project), options) -      elsif user = User.find_by(username: identifier) +      elsif User.find_by(username: identifier)          link_to("@#{identifier}", user_url(identifier), options)        end      end diff --git a/lib/gitlab/url_builder.rb b/lib/gitlab/url_builder.rb index de7e0404086..877488d8471 100644 --- a/lib/gitlab/url_builder.rb +++ b/lib/gitlab/url_builder.rb @@ -19,7 +19,7 @@ module Gitlab        issue = Issue.find(id)        project_issue_url(id: issue.iid,                          project_id: issue.project, -                        host: Settings.gitlab['url']) +                        host: Gitlab.config.gitlab['url'])      end    end  end diff --git a/lib/support/nginx/gitlab-ssl b/lib/support/nginx/gitlab-ssl index fd4f93c2f92..cbb198086b5 100644 --- a/lib/support/nginx/gitlab-ssl +++ b/lib/support/nginx/gitlab-ssl @@ -60,18 +60,16 @@ server {    client_max_body_size 20m;    ## Strong SSL Security -  ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html +  ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/    ssl on;    ssl_certificate /etc/nginx/ssl/gitlab.crt;    ssl_certificate_key /etc/nginx/ssl/gitlab.key;    # GitLab needs backwards compatible ciphers to retain compatibility with Java IDEs -  ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4'; - -  ssl_protocols  TLSv1 TLSv1.1 TLSv1.2; -  ssl_session_cache  builtin:1000  shared:SSL:10m; - -  ssl_prefer_server_ciphers   on; +  ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; +  ssl_protocols TLSv1 TLSv1.1 TLSv1.2; +  ssl_prefer_server_ciphers on; +  ssl_session_cache shared:SSL:10m;    ## [WARNING] The following header states that the browser should only communicate    ## with your server over a secure connection for the next 24 months. @@ -88,7 +86,7 @@ server {    # ssl_stapling_verify on;    # ssl_trusted_certificate /etc/nginx/ssl/stapling.trusted.crt;    # resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your DNS resolver if desired -  # resolver_timeout 10s; +  # resolver_timeout 5s;    ## [Optional] Generate a stronger DHE parameter:    ##   sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 diff --git a/lib/tasks/gitlab/import.rake b/lib/tasks/gitlab/import.rake index b6ed874e11a..3c693546c09 100644 --- a/lib/tasks/gitlab/import.rake +++ b/lib/tasks/gitlab/import.rake @@ -15,26 +15,17 @@ namespace :gitlab do        git_base_path = Gitlab.config.gitlab_shell.repos_path        repos_to_import = Dir.glob(git_base_path + '/**/*.git') -      namespaces = Namespace.pluck(:path) -        repos_to_import.each do |repo_path|          # strip repo base path          repo_path[0..git_base_path.length] = ''          path = repo_path.sub(/\.git$/, '') -        name = File.basename path -        group_name = File.dirname path +        group_name, name = File.split(path)          group_name = nil if group_name == '.' -        # Skip if group or user -        if namespaces.include?(name) -          puts "Skipping #{project.name} due to namespace conflict with group or user".yellow -          next -        end -          puts "Processing #{repo_path}".yellow -        if path =~ /.wiki\Z/ +        if path =~ /\.wiki\Z/            puts " * Skipping wiki repo"            next          end @@ -53,9 +44,9 @@ namespace :gitlab do            # find group namespace            if group_name -            group = Group.find_by(path: group_name) +            group = Namespace.find_by(path: group_name)              # create group namespace -            if !group +            unless group                group = Group.new(:name => group_name)                group.path = group_name                group.owner = user diff --git a/lib/tasks/gitlab/shell.rake b/lib/tasks/gitlab/shell.rake index c3d1aa0125d..55f338add6a 100644 --- a/lib/tasks/gitlab/shell.rake +++ b/lib/tasks/gitlab/shell.rake @@ -7,9 +7,9 @@ namespace :gitlab do        default_version = File.read(File.join(Rails.root, "GITLAB_SHELL_VERSION")).strip        args.with_defaults(tag: 'v' + default_version, repo: "https://gitlab.com/gitlab-org/gitlab-shell.git") -      user = Settings.gitlab.user -      home_dir = Rails.env.test? ? Rails.root.join('tmp/tests') : Settings.gitlab.user_home -      gitlab_url = Settings.gitlab.url +      user = Gitlab.config.gitlab.user +      home_dir = Rails.env.test? ? Rails.root.join('tmp/tests') : Gitlab.config.gitlab.user_home +      gitlab_url = Gitlab.config.gitlab.url        # gitlab-shell requires a / at the end of the url        gitlab_url += '/' unless gitlab_url.end_with?('/')        repos_path = Gitlab.config.gitlab_shell.repos_path @@ -17,7 +17,7 @@ namespace :gitlab do        # Clone if needed        unless File.directory?(target_dir) -        sh "git clone '#{args.repo}' '#{target_dir}'" +        sh(*%W(git clone #{args.repo} #{target_dir}))        end        # Make sure we're on the right tag | 
