Merge branch 'v16' into 16-18

Author: 6543

go.mod

@@ -90,6 +90,9 @@ require (
 	github.com/yuin/goldmark-meta v1.1.0
 	go.jolheiser.com/hcaptcha v0.0.4
 	go.jolheiser.com/pwn v0.0.3
+	go.uber.org/atomic v1.9.0 // indirect
+	go.uber.org/multierr v1.8.0 // indirect
+	go.uber.org/zap v1.21.0 // indirect
 	golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd
 	golang.org/x/net v0.0.0-20220225172249-27dd8689420f
 	golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b
@@ -265,9 +268,6 @@ require (
 	go.etcd.io/etcd/tests/v3 v3.5.0-alpha.0 // indirect
 	go.etcd.io/etcd/v3 v3.5.0-alpha.0 // indirect
 	go.mongodb.org/mongo-driver v1.8.2 // indirect
-	go.uber.org/atomic v1.9.0 // indirect
-	go.uber.org/multierr v1.8.0 // indirect
-	go.uber.org/zap v1.21.0 // indirect
 	golang.org/x/mod v0.5.1 // indirect
 	golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect

modules/ssh/ssh.go

@@ -317,64 +317,7 @@ func Listen(host string, port int, ciphers, keyExchanges, macs []string) {
 		}
 	}
 
-	// Workaround slightly broken behaviour in x/crypto/ssh/handshake.go:458-463
-	//
-	// Fundamentally the issue here is that HostKeyAlgos make the incorrect assumption
-	// that the PublicKey().Type() matches the signature algorithm.
-	//
-	// Therefore we need to add duplicates for the RSA with different signing algorithms.
-	signers := make([]ssh.Signer, 0, len(srv.HostSigners))
-	for _, signer := range srv.HostSigners {
-		if signer.PublicKey().Type() == "ssh-rsa" {
-			signers = append(signers,
-				&wrapSigner{
-					Signer:    signer,
-					algorithm: gossh.SigAlgoRSASHA2512,
-				},
-				&wrapSigner{
-					Signer:    signer,
-					algorithm: gossh.SigAlgoRSASHA2256,
-				},
-			)
-		}
-		signers = append(signers, signer)
-	}
-	srv.HostSigners = signers
-
 	go listen(&srv)
-
-}
-
-// wrapSigner wraps a signer and overrides its public key type with the provided algorithm
-type wrapSigner struct {
-	ssh.Signer
-	algorithm string
-}
-
-// PublicKey returns an associated PublicKey instance.
-func (s *wrapSigner) PublicKey() gossh.PublicKey {
-	return &wrapPublicKey{
-		PublicKey: s.Signer.PublicKey(),
-		algorithm: s.algorithm,
-	}
-}
-
-// Sign returns raw signature for the given data. This method
-// will apply the hash specified for the keytype to the data using
-// the algorithm assigned for this key
-func (s *wrapSigner) Sign(rand io.Reader, data []byte) (*gossh.Signature, error) {
-	return s.Signer.(gossh.AlgorithmSigner).SignWithAlgorithm(rand, data, s.algorithm)
-}
-
-// wrapPublicKey wraps a PublicKey and overrides its type
-type wrapPublicKey struct {
-	gossh.PublicKey
-	algorithm string
-}
-
-// Type returns the algorithm
-func (k *wrapPublicKey) Type() string {
-	return k.algorithm
 }
 
 // GenKeyPair make a pair of public and private keys for SSH access.

routers/web/auth/auth.go

@@ -621,6 +621,12 @@ func handleUserCreated(ctx *context.Context, u *user_model.User, gothUser *goth.
 
 	// Send confirmation email
 	if !u.IsActive && u.ID > 1 {
+		if setting.Service.RegisterManualConfirm {
+			ctx.Data["ManualActivationOnly"] = true
+			ctx.HTML(http.StatusOK, TplActivate)
+			return
+		}
+
 		mailer.SendActivateAccountMail(ctx.Locale, u)
 
 		ctx.Data["IsSendRegisterMail"] = true

templates/user/auth/activate.tmpl

@@ -32,6 +32,8 @@
 							<p>{{.i18n.Tr "auth.confirmation_mail_sent_prompt" (.Email|Escape) .ActiveCodeLives | Str2html}}</p>
 						{{else if .IsActivateFailed}}
 							<p>{{.i18n.Tr "auth.invalid_code"}}</p>
+						{{else if .ManualActivationOnly}}
+							<p class="center">{{.i18n.Tr "auth.disable_register_mail"}}</p>
 						{{else}}
 							<p>{{.i18n.Tr "auth.has_unconfirmed_mail" (.SignedUser.Name|Escape) (.SignedUser.Email|Escape) | Str2html}}</p>
 							<div class="ui divider"></div>