oppi.li / perf-test
loading up the forgejo repo on tangled to test page performance
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix: do not allow SSH url for migration (#7004)

- Add a new function `IsPushMirrorURLAllowed` that will allow `ssh://` url and make the existing `IsMigrateURLAllowed` not allow such URLs anymore.
- Resolves forgejo/forgejo#6960
- Existing integration tests make sure that SSH urls are still allowed for the push mirror feature and added unit test to ensure that `IsMigrateURLAllowed` no longer allows SSH urls.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7004
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>

authored by

Gusted
Gusted and committed by
Earl Warren e8ebb5d6 8910580d

+28 -4
+1 -1
routers/api/v1/repo/mirror.go
··· 363 363 364 364 address, err := forms.ParseRemoteAddr(mirrorOption.RemoteAddress, mirrorOption.RemoteUsername, mirrorOption.RemotePassword) 365 365 if err == nil { 366 - err = migrations.IsMigrateURLAllowed(address, ctx.ContextUser) 366 + err = migrations.IsPushMirrorURLAllowed(address, ctx.ContextUser) 367 367 } 368 368 if err != nil { 369 369 HandleRemoteAddressError(ctx, err)
+1 -1
routers/web/repo/setting/setting.go
··· 651 651 652 652 address, err := forms.ParseRemoteAddr(form.PushMirrorAddress, form.PushMirrorUsername, form.PushMirrorPassword) 653 653 if err == nil { 654 - err = migrations.IsMigrateURLAllowed(address, ctx.Doer) 654 + err = migrations.IsPushMirrorURLAllowed(address, ctx.Doer) 655 655 } 656 656 if err != nil { 657 657 ctx.Data["Err_PushMirrorAddress"] = true
+11 -2
services/migrations/migrate.go
··· 39 39 factories = append(factories, factory) 40 40 } 41 41 42 - // IsMigrateURLAllowed checks if an URL is allowed to be migrated from 42 + // IsPushMirrorURLAllowed checks if an URL is allowed to be pushed to. 43 + func IsPushMirrorURLAllowed(remoteURL string, doer *user_model.User) error { 44 + return isURLAllowed(remoteURL, doer, true) 45 + } 46 + 47 + // IsMigrateURLAllowed checks if an URL is allowed to be migrated from. 43 48 func IsMigrateURLAllowed(remoteURL string, doer *user_model.User) error { 49 + return isURLAllowed(remoteURL, doer, false) 50 + } 51 + 52 + func isURLAllowed(remoteURL string, doer *user_model.User, isPushMirror bool) error { 44 53 // Remote address can be HTTP/HTTPS/Git URL or local path. 45 54 u, err := url.Parse(remoteURL) 46 55 if err != nil { ··· 71 80 return &models.ErrInvalidCloneAddr{Host: u.Host, IsURLError: true} 72 81 } 73 82 74 - if u.Opaque != "" || u.Scheme != "" && u.Scheme != "http" && u.Scheme != "https" && u.Scheme != "git" && u.Scheme != "ssh" { 83 + if u.Opaque != "" || u.Scheme != "" && u.Scheme != "http" && u.Scheme != "https" && u.Scheme != "git" && u.Scheme != "ssh" || (!isPushMirror && u.Scheme == "ssh") { 75 84 return &models.ErrInvalidCloneAddr{Host: u.Host, IsProtocolInvalid: true, IsPermissionDenied: true, IsURLError: true} 76 85 } 77 86
+15
services/migrations/migrate_test.go
··· 113 113 // reset 114 114 init("", "", false) 115 115 } 116 + 117 + func TestURLAllowedSSH(t *testing.T) { 118 + require.NoError(t, unittest.PrepareTestDatabase()) 119 + 120 + user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"}) 121 + sshURL := "ssh://git@git.gay/gitgay/forgejo" 122 + 123 + t.Run("Migrate URL", func(t *testing.T) { 124 + require.Error(t, IsMigrateURLAllowed(sshURL, user)) 125 + }) 126 + 127 + t.Run("Pushmirror URL", func(t *testing.T) { 128 + require.NoError(t, IsPushMirrorURLAllowed(sshURL, user)) 129 + }) 130 + }