##// END OF EJS Templates
u » ewong » rhodecode-enterprise-ce-fork
RSS

Fork of rhodecode-enterprise-ce

release: merge back stable branch into default
marcink -
r2757:4b0930b4 merge default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,41 b''
1 |RCE| 4.12.2 |RNS|
2 ------------------
3
4 Release Date
5 ^^^^^^^^^^^^
6
7 - 2018-05-16
8
9
10 New Features
11 ^^^^^^^^^^^^
12
13
14
15 General
16 ^^^^^^^
17
18 - Jenkins: further improve handling of proxied Jenkins server.
19
20
21 Security
22 ^^^^^^^^
23
24 - SSH: fixed found problem with key-storage that could allow remote logins
25 performed by rhodecode authorized users with specially crafted SSH Keys.
26
27
28 Performance
29 ^^^^^^^^^^^
30
31
32
33 Fixes
34 ^^^^^
35
36
37
38 Upgrade notes
39 ^^^^^^^^^^^^^
40
41 - Unscheduled release addressing found security problem.
Show file before | Show file after | Hide comments
@@ -37,3 +37,4 b' 8fbd8b0c3ddc2fa4ac9e4ca16942a03eb593df2d'
37 37 f0609aa5d5d05a1ca2f97c3995542236131c9d8a v4.11.6
38 38 b5b30547d90d2e088472a70c84878f429ffbf40d v4.12.0
39 39 9072253aa8894d20c00b4a43dc61c2168c1eff94 v4.12.1
40 6a517543ea9ef9987d74371bd2a315eb0b232dc9 v4.12.2
Show file before | Show file after | Hide comments
@@ -32,7 +32,7 b' New Features'
32 32 prevent problems when connection to LDAP is not stable causing RhodeCode
33 33 instances to freeze waiting on LDAP connections.
34 34 - User groups: expose public user group profiles. Allows to see members of a user
35 groups by other team members, if they have proper permissions.
35 group by other team members, if they have proper permissions.
36 36 - UI: show pull request page in quick nav menu on my account for quicker access.
37 37 - UI: hidden/outdated comments now have visible markers next to line numbers.
38 38 This allows access to them without showing all hidden comments.
@@ -99,7 +99,7 b' Performance'
99 99 ^^^^^^^^^^^
100 100
101 101 - Diffs: don't use recurred diffset attachment in diffs. This makes
102 this structure much harder to garbage collect. Reduces memory usage.
102 this structure much harder to garbage collect. Reduces memory usage.
103 103 - Diff cache: added caching for better performance of large pull requests.
104 104
105 105
@@ -114,7 +114,7 b' Fixes'
114 114 - Pull requests: fixed cases with default expected refs are closed or unavailable.
115 115 For Mercurial with closed default branch a compare across forks could fail.
116 116 - Core: properly report 502 errors for gevent and gunicorn.
117 Gevent wtih Gunicorn doesn't raise normal pycurl errors.
117 Gevent with Gunicorn doesn't raise normal pycurl errors.
118 118 - Auth plugins: fixed problem with cache of settings in multi-worker mode.
119 119 The previous implementation had a bug that cached the settings in each class,
120 120 caused not refreshing the update of settings in multi-worker mode.
@@ -130,14 +130,15 b' Upgrade notes'
130 130 ^^^^^^^^^^^^^
131 131
132 132 - This release adds support for SVN hook. This required lots of changes on how we
133 handle SVN protocol. We did thoughtful tests for SVN compatibility.
134 Please be advised to check the behaviour of SVN repositories during this update.
133 handle SVN protocol. We did thoughtful tests for SVN compatibility.
134 Please be advised to check the behaviour of SVN repositories during this update.
135 135
136 136 A check and migrate of SVN hooks is required. In order to do so, please execute
137 137 `Rescan filesystem` from admin > settings > Remap and Rescan. This will migrate
138 138 all SVN hook to latest available version. To migrate single repository only,
139 139 please go to the following url: `your-rhodecode-server.com/REPO_NAME/settings/advanced/hooks`
140 140
141 - Diff caches are turned off by default for backward compatibility. We however recommend
142 turning them on either individually for bigger repositories or globally for every repository.
143 This setting can be found in admin > settings > vcs, or repository > settings > vcs
141 - Diff caches are turned off by default for backward compatibility.
142 We however recommend turning them on either individually for bigger
143 repositories or globally for every repository.
144 This setting can be found in admin > settings > vcs, or repository > settings > vcs
Show file before | Show file after | Hide comments
@@ -9,6 +9,7 b' Release Notes'
9 9 .. toctree::
10 10 :maxdepth: 1
11 11
12 release-notes-4.12.2.rst
12 13 release-notes-4.12.1.rst
13 14 release-notes-4.12.0.rst
14 15 release-notes-4.11.6.rst
Show file before | Show file after | Hide comments
@@ -835,7 +835,7 b' class UsersView(UserAppView):'
835 835 fingerprint = key.hash_md5()
836 836
837 837 ssh_key = SshKeyModel().create(
838 c.user.user_id, fingerprint, key_data, description)
838 c.user.user_id, fingerprint, key.keydata, description)
839 839 ssh_key_data = ssh_key.get_api_data()
840 840
841 841 audit_logger.store_web(
Show file before | Show file after | Hide comments
@@ -98,7 +98,7 b' class MyAccountSshKeysView(BaseAppView, '
98 98 fingerprint = key.hash_md5()
99 99
100 100 ssh_key = SshKeyModel().create(
101 c.user.user_id, fingerprint, key_data, description)
101 c.user.user_id, fingerprint, key.keydata, description)
102 102 ssh_key_data = ssh_key.get_api_data()
103 103
104 104 audit_logger.store_web(
Show file before | Show file after | Hide comments
@@ -84,16 +84,23 b' def _generate_ssh_authorized_keys_file('
84 84 for user_key in all_active_keys:
85 85 username = user_key.user.username
86 86 user_id = user_key.user.user_id
87 # replace all newline from ends and inside
88 safe_key_data = user_key.ssh_key_data\
89 .strip()\
90 .replace('\n', ' ') \
91 .replace('\t', ' ') \
92 .replace('\r', ' ')
87 93
88 keys_file.write(
89 line_tmpl.format(
90 ssh_opts=ssh_opts or SSH_OPTS,
91 wrapper_command=ssh_wrapper_cmd,
92 ini_path=ini_path,
93 user_id=user_id,
94 user=username,
95 user_key_id=user_key.ssh_key_id,
96 key=user_key.ssh_key_data))
94 line = line_tmpl.format(
95 ssh_opts=ssh_opts or SSH_OPTS,
96 wrapper_command=ssh_wrapper_cmd,
97 ini_path=ini_path,
98 user_id=user_id,
99 user=username,
100 user_key_id=user_key.ssh_key_id,
101 key=safe_key_data)
102
103 keys_file.write(line)
97 104 log.debug('addkey: Key added for user: `%s`', username)
98 105 keys_file.close()
99 106
Show file before | Show file after | Hide comments
@@ -8,13 +8,13 b''
8 8 </p>
9 9 <h4>${_('Private key')}</h4>
10 10 <pre>
11 # Save the content as
12 # Windows: /Users/<username>/.ssh/id_rsa_rhodecode_access_priv.key
13 # macOS: /Users/<yourname>/.ssh/id_rsa_rhodecode_access_priv.key
14 # Linux: /home/<username>/.ssh/id_rsa_rhodecode_access_priv.key
11 # Save the below content as
12 # Windows: /Users/{username}/.ssh/id_rsa_rhodecode_access_priv.key
13 # macOS: /Users/{yourname}/.ssh/id_rsa_rhodecode_access_priv.key
14 # Linux: /home/{username}/.ssh/id_rsa_rhodecode_access_priv.key
15 15
16 16 # Change permissions to 0600 to make it secure, and usable.
17 e.g chmod 0600 /home/<username>/.ssh/id_rsa_rhodecode_access_priv.key
17 e.g chmod 0600 /home/{username}/.ssh/id_rsa_rhodecode_access_priv.key
18 18 </pre>
19 19
20 20 <div>
@@ -24,10 +24,10 b' e.g chmod 0600 /home/<username>/.ssh/id_'
24 24
25 25 <h4>${_('Public key')}</h4>
26 26 <pre>
27 # Save the content as
28 # Windows: /Users/<username>/.ssh/id_rsa_rhodecode_access_pub.key
29 # macOS: /Users/<yourname>/.ssh/id_rsa_rhodecode_access_pub.key
30 # Linux: /home/<username>/.ssh/id_rsa_rhodecode_access_pub.key
27 # Save the below content as
28 # Windows: /Users/{username}/.ssh/id_rsa_rhodecode_access_pub.key
29 # macOS: /Users/{yourname}/.ssh/id_rsa_rhodecode_access_pub.key
30 # Linux: /home/{username}/.ssh/id_rsa_rhodecode_access_pub.key
31 31 </pre>
32 32
33 33 <input type="text" value="${c.public}" class="large text" size="100"/>
General Comments 0
You need to be logged in to leave comments. Login now