mirror of
https://github.com/go-gitea/gitea.git
synced 2025-10-24 18:40:04 +02:00
https://github.com/go-fed/httpsig seems to be unmaintained. Switch to github.com/42wim/httpsig which has removed deprecated crypto and default sha256 signing for ssh rsa. No impact for those that use ed25519 ssh certificates. This is a breaking change for: - gitea.com/gitea/tea (go-sdk) - I'll be sending a PR there too - activitypub using deprecated crypto (is this actually used?)
52 lines
1.4 KiB
Go
52 lines
1.4 KiB
Go
// Copyright 2021 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package setting
|
|
|
|
import (
|
|
"code.gitea.io/gitea/modules/log"
|
|
|
|
"github.com/42wim/httpsig"
|
|
)
|
|
|
|
// Federation settings
|
|
var (
|
|
Federation = struct {
|
|
Enabled bool
|
|
ShareUserStatistics bool
|
|
MaxSize int64
|
|
Algorithms []string
|
|
DigestAlgorithm string
|
|
GetHeaders []string
|
|
PostHeaders []string
|
|
}{
|
|
Enabled: false,
|
|
ShareUserStatistics: true,
|
|
MaxSize: 4,
|
|
Algorithms: []string{"rsa-sha256", "rsa-sha512", "ed25519"},
|
|
DigestAlgorithm: "SHA-256",
|
|
GetHeaders: []string{"(request-target)", "Date"},
|
|
PostHeaders: []string{"(request-target)", "Date", "Digest"},
|
|
}
|
|
)
|
|
|
|
// HttpsigAlgs is a constant slice of httpsig algorithm objects
|
|
var HttpsigAlgs []httpsig.Algorithm
|
|
|
|
func loadFederationFrom(rootCfg ConfigProvider) {
|
|
if err := rootCfg.Section("federation").MapTo(&Federation); err != nil {
|
|
log.Fatal("Failed to map Federation settings: %v", err)
|
|
} else if !httpsig.IsSupportedDigestAlgorithm(Federation.DigestAlgorithm) {
|
|
log.Fatal("unsupported digest algorithm: %s", Federation.DigestAlgorithm)
|
|
return
|
|
}
|
|
|
|
// Get MaxSize in bytes instead of MiB
|
|
Federation.MaxSize = 1 << 20 * Federation.MaxSize
|
|
|
|
HttpsigAlgs = make([]httpsig.Algorithm, len(Federation.Algorithms))
|
|
for i, alg := range Federation.Algorithms {
|
|
HttpsigAlgs[i] = httpsig.Algorithm(alg)
|
|
}
|
|
}
|