Config option [server] SSH_LISTEN_PORT to the port the builtin SSH server will be listen.
It can be different from SSH_PORT which is supposed to be exposed in the clone URL.
This should solve the problem when user runs Gogs inside Docker container
and still want to use builtin SSH server.
This is feature is workaround for #2628 (JumpCloud) and some other services
that allow LDAP search only under BindDN user account, but not allow any LDAP
search query in logged user DN context.
Such approach is an alternative to minimal permissions security pattern for
BindDN user.
According to RFC 4511 4.2.1. Processing of the Bind Request "Clients may send
multiple Bind requests to change the authentication and/or security
associations or to complete a multi-stage Bind process. Authentication from
earlier binds is subsequently ignored."
Therefore we should not use 2 connections, but single one just sending two bind
requests.
- s6 is in main in 3.3, so we no longer need to mangle the repos file
- official image is periodically updated, so it's not preferred to do
upgrades downstream (usually harmless, but inelegant)
- apk-tools in 3.3 supports --no-cache to avoid leaving the APKINDEX
files in the image
When <code> is nested inside <pre>, the next end tag token would not able to be the same
as outer-most start tag. So we only check outer-most start and end tag token to be the same.
Remove the possibility of using email as user name when user actually push
through combination of email and password with HTTP.
Also refactor update action function to replcae tons of arguments with
single PushUpdateOptions struct.
And define the user who pushes code as pusher, therefore variable names shouldn't
be confusing any more.