mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-09-03 20:28:35 +02:00
feat: relax email requirements (#7829)
Some checks are pending
Integration tests for the release process / release-simulation (push) Waiting to run
/ release (push) Waiting to run
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
Some checks are pending
Integration tests for the release process / release-simulation (push) Waiting to run
/ release (push) Waiting to run
testing / test-remote-cacher (redis) (push) Blocked by required conditions
testing / backend-checks (push) Waiting to run
testing / frontend-checks (push) Waiting to run
testing / test-unit (push) Blocked by required conditions
testing / test-e2e (push) Blocked by required conditions
testing / test-remote-cacher (valkey) (push) Blocked by required conditions
testing / test-remote-cacher (garnet) (push) Blocked by required conditions
testing / test-remote-cacher (redict) (push) Blocked by required conditions
testing / test-mysql (push) Blocked by required conditions
testing / test-pgsql (push) Blocked by required conditions
testing / test-sqlite (push) Blocked by required conditions
testing / security-check (push) Blocked by required conditions
The current email restrictions were put in place because of a security issue with sendmail (https://github.com/go-gitea/gitea/pull/17688). Remove this restriction and instead ensure that this security issue cannot happen with sendmail. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7829 Reviewed-by: Ellen Εμιλία Άννα Zscheile <fogti@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: famfo <famfo@famfo.xyz> Co-committed-by: famfo <famfo@famfo.xyz>
This commit is contained in:
famfo
Gusted
parent
de1adf224d
commit
dda37e86bd
11 changed files with 45 additions and 46 deletions
|
|
@ -215,6 +215,11 @@ func loadMailerFrom(rootCfg ConfigProvider) {
|
|||
if err != nil {
|
||||
log.Error("Failed to parse Sendmail args: '%s' with error %v", sec.Key("SENDMAIL_ARGS").String(), err)
|
||||
}
|
||||
|
||||
if len(MailService.SendmailArgs) == 0 || MailService.SendmailArgs[len(MailService.SendmailArgs)-1] != "--" {
|
||||
log.Warn("SENDMAIL_ARGS setting does not end in \"--\", appending it to prevent argument injection")
|
||||
MailService.SendmailArgs = append(MailService.SendmailArgs, "--")
|
||||
}
|
||||
case "smtp", "smtps", "smtp+starttls", "smtp+unix":
|
||||
ips := tryResolveAddr(MailService.SMTPAddr)
|
||||
if MailService.Protocol == "smtp" {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue