##// END OF EJS Templates
release: merge back stable branch into default
marcink -
r2343:33e1a76f merge default
parent child Browse files
Show More
@@ -0,0 +1,45 b''
1 |RCE| 4.10.3 |RNS|
2 ------------------
3
4 Release Date
5 ^^^^^^^^^^^^
6
7 - 2017-11-11
8
9
10 New Features
11 ^^^^^^^^^^^^
12
13
14
15 General
16 ^^^^^^^
17
18 - ldap: increase timeouts and timelimits for operations
19
20
21 Security
22 ^^^^^^^^
23
24 - security(low): fix self xss on repo downloads picker for svn case.
25
26
27 Performance
28 ^^^^^^^^^^^
29
30
31
32 Fixes
33 ^^^^^
34
35
36 - Pull requests: loosen permissions on creation of PR, fixing regression.
37 - LDAP: fix regression in ldap search filter implementation after upgrade to
38 newer version of python-ldap library.
39
40
41 Upgrade notes
42 ^^^^^^^^^^^^^
43
44 - Changes helpers to support regression in PR creation and increase
45 LDAP server timeouts, no potential problems with upgrade.
@@ -24,3 +24,4 b' d9aa3b27ac9f7e78359775c75fedf7bfece232f1'
24 24 4ba4d74981cec5d6b28b158f875a2540952c2f74 v4.10.0
25 25 0a6821cbd6b0b3c21503002f88800679fa35ab63 v4.10.1
26 26 434ad90ec8d621f4416074b84f6e9ce03964defb v4.10.2
27 68baee10e698da2724c6e0f698c03a6abb993bf2 v4.10.3
@@ -9,6 +9,7 b' Release Notes'
9 9 .. toctree::
10 10 :maxdepth: 1
11 11
12 release-notes-4.10.3.rst
12 13 release-notes-4.10.2.rst
13 14 release-notes-4.10.1.rst
14 15 release-notes-4.10.0.rst
@@ -790,9 +790,10 b' class RepoPullRequestsView(RepoAppView, '
790 790 h.route_path('pullrequest_new', repo_name=self.db_repo_name,
791 791 _query=org_query))
792 792
793 # target repo we must have write permissions, and also later on
793 # target repo we must have read permissions, and also later on
794 794 # we want to check branch permissions here
795 795 target_perm = HasRepoPermissionAny(
796 'repository.read',
796 797 'repository.write', 'repository.admin')(target_db_repo.repo_name)
797 798 if not target_perm:
798 799 msg = _('Not Enough permissions to target repo `{}`.'.format(
@@ -218,7 +218,10 b' class RhodeCodeAuthPluginBase(object):'
218 218 else:
219 219 plugin_settings = SettingsModel().get_all_settings()
220 220
221 return plugin_settings.get(full_name) or default
221 if full_name in plugin_settings:
222 return plugin_settings[full_name]
223 else:
224 return default
222 225
223 226 def create_or_update_setting(self, name, value):
224 227 """
@@ -195,7 +195,7 b' class AuthLdap(object):'
195 195 def __init__(self, server, base_dn, port=389, bind_dn='', bind_pass='',
196 196 tls_kind='PLAIN', tls_reqcert='DEMAND', ldap_version=3,
197 197 search_scope='SUBTREE', attr_login='uid',
198 ldap_filter=None):
198 ldap_filter=''):
199 199 if ldap == Missing:
200 200 raise LdapImportError("Missing or incompatible ldap library")
201 201
@@ -234,9 +234,9 b' class AuthLdap(object):'
234 234 '/etc/openldap/cacerts')
235 235 ldap.set_option(ldap.OPT_REFERRALS, ldap.OPT_OFF)
236 236 ldap.set_option(ldap.OPT_RESTART, ldap.OPT_ON)
237 ldap.set_option(ldap.OPT_TIMEOUT, 20)
238 ldap.set_option(ldap.OPT_NETWORK_TIMEOUT, 10)
239 ldap.set_option(ldap.OPT_TIMELIMIT, 15)
237 ldap.set_option(ldap.OPT_NETWORK_TIMEOUT, 60 * 10)
238 ldap.set_option(ldap.OPT_TIMEOUT, 60 * 10)
239
240 240 if self.TLS_KIND != 'PLAIN':
241 241 ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, self.TLS_REQCERT)
242 242 server = ldap.initialize(self.LDAP_SERVER)
General Comments 0
You need to be logged in to leave comments. Login now