0bb58ff885
Merge branch 'dm-large-push-performance' into 'master'
...
Load and process at most 100 commits when pushing into default branch
Closes #35531
See merge request !13132
2017-07-28 17:03:17 +00:00
0e355e5c92
Load and process at most 100 commits when pushing into default branch
2017-07-28 17:23:13 +02:00
bd2b68d73e
Merge branch 'dm-api-csrf-token-verification' into 'master'
...
Add log messages to clarify log messages about API CSRF token verification failure
Closes #35705
See merge request !13158
2017-07-28 14:39:36 +00:00
d020eabf29
Add log messages to clarify log messages about API CSRF token verification failure
2017-07-28 15:39:39 +02:00
da3100254f
Merge branch 'backport-2844-ldap-ee-license-checks' into 'master'
...
Backport some recent changes related to LDAP from EE
See merge request !13119
2017-07-28 09:13:50 +00:00
8e3f2ecfa9
Incorporate RefsService.FindAllBranches Gitaly RPC
2017-07-27 15:40:54 -04:00
432bb22308
Remove unused Gitlab::Git operations
2017-07-27 15:39:31 -04:00
cd5ae5cb2b
Migrate Repository#tags to Gitaly
...
Closes gitaly#411
2017-07-27 20:07:40 +02:00
066f4d8b71
Merge branch 'remove_custom_devise_failure_app' into 'master'
...
Remove GitLab custom failure app for Devise
See merge request !13136
2017-07-27 16:22:52 +00:00
ac0cbe6970
Merge branch 'feature/gpg-signed-commits' into 'master'
...
GPG signed commits
Closes #20268
See merge request !9546
2017-07-27 15:29:39 +00:00
3d83181b81
Remove GitLab custom fealure app for devise
2017-07-27 18:14:09 +03:00
842bcfa777
Merge branch 'pawel/ensure_temp_files_are_deleted_in_fs_metrics-35457' into 'master'
...
Ensure test files are deleted after fs metrics gathering run
Closes #35457
See merge request !13080
2017-07-27 14:45:02 +00:00
9488b7780e
optimize query, only select relevant db columns
2017-07-27 15:46:04 +02:00
ef97cb54ae
Backport some recent changes related to LDAP from EE
2017-07-27 08:45:16 -05:00
cd01e82873
store gpg user name and email on the signature
2017-07-27 15:44:39 +02:00
9be1732296
add comment explaining use of shell commands and file operations in the same methods
2017-07-27 15:44:13 +02:00
deb474b413
extract common method
2017-07-27 15:43:37 +02:00
b66e3726dc
also update gpg_signatures when gpg_key is null
2017-07-27 15:43:37 +02:00
7f03282f0f
remove duplicate statement
2017-07-27 15:43:37 +02:00
a7d2ebe508
simplify fetching of commit
2017-07-27 15:43:37 +02:00
4f7ba8f286
fix memoization
2017-07-27 15:43:37 +02:00
ee7468e786
we need to update the gpg_key as well
2017-07-27 15:43:36 +02:00
a01eabc19f
update rugged
...
the rugged versions up to 0.26.0b3 had a bug concerning the signature
extraction. The extracted signature was not always the same, probably
due to a buffer (overflow) issue in libgit.
see https://github.com/libgit2/rugged/issues/608
2017-07-27 15:43:36 +02:00
028ecb081b
need to wrap the raw commit in a commit model
2017-07-27 15:42:53 +02:00
d7f4264368
no need for passing parameter
...
we introduced memoizing, so it's safe to call the method multiple times.
2017-07-27 15:42:53 +02:00
24671cd601
update invalid gpg signatures when key is created
2017-07-27 15:42:53 +02:00
d48eb77a96
allow updating of gpg signature through gpg commit
2017-07-27 15:42:53 +02:00
502e31bec9
memoize verified_signature call
2017-07-27 15:42:53 +02:00
5d5fd4babe
store gpg_key_primary_keyid for unknown gpg keys
...
we need to store the keyid to be able to update the signature later in
case the missing key is added later.
2017-07-27 15:42:53 +02:00
34810acd6c
move signature cache read to Gpg::Commit
...
as we write the cache in the gpg commit class already the read should
also happen there.
This also removes all logic from the main commit class, which just
proxies the call to the Gpg::Commit now.
2017-07-27 15:42:53 +02:00
7b616d39ef
gpg signature is only valid when key is verified
2017-07-27 15:42:53 +02:00
8c4b6a32fc
bail if the commit has no signature
2017-07-27 15:42:53 +02:00
69e511c4c2
cache the gpg commit signature
...
we store the result of the gpg commit verification in the db because the
gpg verification is an expensive operation.
2017-07-27 15:42:53 +02:00
2f956fae03
verify gpg commit using tmp keyring and db query
2017-07-27 15:42:53 +02:00
3c42d73098
add primary keyid attribute to gpg keys
2017-07-27 15:42:53 +02:00
7e13d96715
don't sync to keychain file
2017-07-27 15:42:53 +02:00
8bd94a7304
remove gpg from keychain when user's email changes
2017-07-27 15:42:04 +02:00
0668521b2b
move current keychain methods to namespace
2017-07-27 15:40:41 +02:00
0e3d3d60ba
email handling for gpg keys
2017-07-27 15:40:41 +02:00
87c0fd3455
add / remove gpg keys to / from system keychain
2017-07-27 15:40:41 +02:00
e34cef0cd2
extract gpg functionality to lib class
2017-07-27 15:40:41 +02:00
28bb5e3d53
commit signature with spec
2017-07-27 15:40:40 +02:00
817d9558fe
Prototype key verification
2017-07-27 15:40:40 +02:00
ef50875d3a
Merge branch '33601-add-csrf-token-verification-to-api' into 'master'
...
Resolve "Add CSRF token verification to API"
Closes #33601
See merge request !12154
2017-07-27 10:20:52 +00:00
a5d2ce8e61
Use LDAP-attributes configured in gitlab.yml in lookup instead of just hard-coded attributes.
2017-07-26 16:48:13 +00:00
6ac0a142e0
Remove unnecessary begin/end
2017-07-26 17:16:59 +02:00
d29598e691
Merge remote-tracking branch 'dev/master'
...
# Conflicts:
# Gemfile
# Gemfile.lock
2017-07-26 14:47:50 +02:00
7ce0a61a99
use `.zero?` instead of `== 0`
2017-07-26 13:23:27 +02:00
96dba2ca17
Merge branch 'post-upload-pack-opt-out' into 'master'
...
Enable gitaly_post_upload_pack by default
See merge request !13078
2017-07-26 10:39:15 +00:00
7f92a36a36
Fix plain LDAP (no encryption)
2017-07-26 02:43:40 -07:00
Robert Speicher
Douwe Maan
Sean McGivern
Douwe Maan
Alejandro Rodríguez
Ahmad Sherif
Dmitriy Zaporozhets
Valery Sizov
Alexis Reigel
Rubén Dávila
Pawel Chojnacki
Kevin O'Connor
Casper
Michael Kozono