diff --git a/Gemfile b/Gemfile
index faa7f362be46629e5bd3b8af96cbc1cb33ef9074..a86b7dcd4e05486a4a8b36254fe7de415b175011 100644
--- a/Gemfile
+++ b/Gemfile
@@ -24,7 +24,7 @@ gem 'omniauth-github'
# Extracting information from a git repository
# Provide access to Gitlab::Git library
-gem "gitlab_git", "~> 3.0.0.rc1"
+gem "gitlab_git", "~> 3.0.0.rc2"
# Ruby/Rack Git Smart-HTTP Server Handler
gem 'gitlab-grack', '~> 1.0.1', require: 'grack'
diff --git a/Gemfile.lock b/Gemfile.lock
index 38d53eca14ea5f23db6146f3780fde4237c4f613..f919e6eb5bc555d8586e4b84f00d27f47c7c0a64 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -171,7 +171,7 @@ GEM
stringex (~> 1.5.1)
gitlab-grack (1.0.1)
rack (~> 1.4.1)
- gitlab-grit (2.6.0)
+ gitlab-grit (2.6.1)
charlock_holmes (~> 0.6.9)
diff-lcs (~> 1.1)
mime-types (~> 1.15)
@@ -179,10 +179,10 @@ GEM
gitlab-pygments.rb (0.3.2)
posix-spawn (~> 0.3.6)
yajl-ruby (~> 1.1.0)
- gitlab_git (3.0.0.rc1)
+ gitlab_git (3.0.0.rc2)
activesupport (~> 3.2.13)
github-linguist (~> 2.3.4)
- gitlab-grit (~> 2.6.0)
+ gitlab-grit (~> 2.6.1)
gitlab_meta (6.0)
gitlab_omniauth-ldap (1.0.3)
net-ldap (~> 0.3.1)
@@ -581,7 +581,7 @@ DEPENDENCIES
gitlab-gollum-lib (~> 1.0.1)
gitlab-grack (~> 1.0.1)
gitlab-pygments.rb (~> 0.3.2)
- gitlab_git (~> 3.0.0.rc1)
+ gitlab_git (~> 3.0.0.rc2)
gitlab_meta (= 6.0)
gitlab_omniauth-ldap (= 1.0.3)
gon
diff --git a/VERSION b/VERSION
index 6abaeb2f90723ba328101fc117a1f19e93407e47..42cc526d6ca74da89eb907cd7d37da04212cad9a 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-6.2.0
+6.2.4
diff --git a/app/contexts/search_context.rb b/app/contexts/search_context.rb
index 48def0784fdba884f21753e954638b18046b8482..c07fdfe4c39a6021745d93ef19508a045fbd3ff3 100644
--- a/app/contexts/search_context.rb
+++ b/app/contexts/search_context.rb
@@ -7,6 +7,7 @@ class SearchContext
def execute
query = params[:search]
+ query = Shellwords.shellescape(query) if query.present?
return result unless query.present?
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index dccbfa2f70907fb413d7f9d9081511f007ad591e..c9875b96321d7a18db63eb94512207ae3cb1b6c2 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -47,6 +47,7 @@ class Admin::UsersController < Admin::ApplicationController
@user = User.build_user(params[:user].merge(opts), as: :admin)
@user.admin = (admin && admin.to_i > 0)
@user.created_by_id = current_user.id
+ @user.generate_password
@user.confirm!
respond_to do |format|
diff --git a/doc/install/installation.md b/doc/install/installation.md
index d0be2325aac6fa429cc695220272965aab836c56..1daf34508f60335c9a5f62879866a299245b46d6 100644
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -91,8 +91,8 @@ Remove the old Ruby 1.8 if present
Download Ruby and compile it:
mkdir /tmp/ruby && cd /tmp/ruby
- curl --progress ftp://ftp.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p247.tar.gz | tar xz
- cd ruby-2.0.0-p247
+ curl --progress ftp://ftp.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p353.tar.gz | tar xz
+ cd ruby-2.0.0-p353
./configure --disable-install-rdoc
make
sudo make install
@@ -122,7 +122,7 @@ GitLab Shell is an ssh access and repository management software developed speci
cd gitlab-shell
# switch to right version
- sudo -u git -H git checkout v1.7.1
+ sudo -u git -H git checkout v1.7.9
sudo -u git -H cp config.yml.example config.yml
@@ -153,10 +153,10 @@ To setup the MySQL/PostgreSQL database and dependencies please see [`doc/install
cd /home/git/gitlab
# Checkout to stable release
- sudo -u git -H git checkout 6-1-stable
+ sudo -u git -H git checkout 6-2-stable
**Note:**
-You can change `6-1-stable` to `master` if you want the *bleeding edge* version, but never install master on a production server!
+You can change `6-2-stable` to `master` if you want the *bleeding edge* version, but never install master on a production server!
## Configure it
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index edc662eaaabc6cc69f2b7629f17ffb2d41655895..b0f8d5a6da96714ea48661ef3c8a883e6e15f292 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -6,19 +6,23 @@ module API
SUDO_PARAM = :sudo
def current_user
- @current_user ||= User.find_by_authentication_token(params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER])
+ private_token = (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]).to_s
+ @current_user ||= User.find_by_authentication_token(private_token)
identifier = sudo_identifier()
+
# If the sudo is the current user do nothing
if (identifier && !(@current_user.id == identifier || @current_user.username == identifier))
render_api_error!('403 Forbidden: Must be admin to use sudo', 403) unless @current_user.is_admin?
@current_user = User.by_username_or_id(identifier)
not_found!("No user id or username for: #{identifier}") if @current_user.nil?
end
+
@current_user
end
def sudo_identifier()
identifier ||= params[SUDO_PARAM] ||= env[SUDO_HEADER]
+
# Regex for integers
if (!!(identifier =~ /^[0-9]+$/))
identifier.to_i
@@ -29,6 +33,7 @@ module API
def set_current_user_for_thread
Thread.current[:current_user] = current_user
+
begin
yield
ensure
diff --git a/lib/gitlab/ldap/user.rb b/lib/gitlab/ldap/user.rb
index 78fc5dab9cbe439caa4f2e8de1ad7e691963ea3f..3d57f3a2e357b4009a92e10126c861a7339b7464 100644
--- a/lib/gitlab/ldap/user.rb
+++ b/lib/gitlab/ldap/user.rb
@@ -78,7 +78,7 @@ module Gitlab
# * when ldap account was deactivated by change of OU membership in 'dn'
def blocked?(dn)
ldap = OmniAuth::LDAP::Adaptor.new(ldap_conf)
- ldap.connection.search(base: dn, size: 1).blank?
+ ldap.connection.search(base: dn, scope: Net::LDAP::SearchScope_BaseObject, size: 1).blank?
end
private
diff --git a/lib/tasks/gitlab/check.rake b/lib/tasks/gitlab/check.rake
index e01f3b23d039ee48e00a49483c64aa8f6cb9bc36..04f044c388a91ead5d4c3df47a554d7106147e07 100644
--- a/lib/tasks/gitlab/check.rake
+++ b/lib/tasks/gitlab/check.rake
@@ -736,7 +736,7 @@ namespace :gitlab do
end
def check_gitlab_shell
- required_version = Gitlab::VersionInfo.new(1, 7, 1)
+ required_version = Gitlab::VersionInfo.new(1, 7, 9)
current_version = Gitlab::VersionInfo.parse(gitlab_shell_version)
print "GitLab Shell version >= #{required_version} ? ... "
diff --git a/lib/tasks/sidekiq.rake b/lib/tasks/sidekiq.rake
index 23d41f8ed24dae1f47775d44e64fb40fa08a89ee..e91678473a8a5eabd5b5e2fc93090287f3e4a949 100644
--- a/lib/tasks/sidekiq.rake
+++ b/lib/tasks/sidekiq.rake
@@ -4,11 +4,13 @@ namespace :sidekiq do
system "script/background_jobs stop"
end
- desc "GITLAB | Start sidekiq" do
+ desc "GITLAB | Start sidekiq"
+ task :start do
system "script/background_jobs start"
end
- desc 'GitLab | Restart sidekiq' do
+ desc 'GitLab | Restart sidekiq'
+ task :restart do
system "script/background_jobs restart"
end
diff --git a/script/background_jobs b/script/background_jobs
index e0beb3df8155d4fb0e89f1a4b94e2d4143925c9e..623e26a28312c830637c11677fdb8349b87c96ea 100755
--- a/script/background_jobs
+++ b/script/background_jobs
@@ -8,7 +8,7 @@ gitlab_user=$(ls -l config.ru | awk '{print $3}')
function stop
{
- bundle exec sidekiqctl stop $sidekiq_pidfile &>> $sidekiq_logfile
+ bundle exec sidekiqctl stop $sidekiq_pidfile >> $sidekiq_logfile 2>&1
}
function killall
@@ -32,7 +32,7 @@ function start_no_deamonize
function start_sidekiq
{
- bundle exec sidekiq -q post_receive,mailer,system_hook,project_web_hook,gitlab_shell,common,default -e $RAILS_ENV -P $sidekiq_pidfile $@ &>> $sidekiq_logfile
+ bundle exec sidekiq -q post_receive,mailer,system_hook,project_web_hook,gitlab_shell,common,default -e $RAILS_ENV -P $sidekiq_pidfile $@ >> $sidekiq_logfile 2>&1
}
case "$1" in