able to allow insecure certification of webhook for #891

conf/app.ini

@@ -89,6 +89,8 @@ ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = false
 TASK_INTERVAL = 1
 ; Deliver timeout in seconds
 DELIVER_TIMEOUT = 5
+; Allow insecure certification
+ALLOW_INSECURE_CERTIFICATION = false
 
 [mailer]
 ENABLED = false

conf/locale/locale_en-US.ini

@@ -647,6 +647,7 @@ config.reset_password_code_lives = Reset Password Code Lives
 config.webhook_config = Webhook Configuration
 config.task_interval = Task Interval
 config.deliver_timeout = Deliver Timeout
+config.allow_insecure_certification = Allow Insecure Certification
 config.mailer_config = Mailer Configuration
 config.mailer_enabled = Enabled
 config.mailer_name = Name

gogs.go

@@ -17,7 +17,7 @@ import (
 	"github.com/gogits/gogs/modules/setting"
 )
 
-const APP_VER = "0.5.13.0209 Beta"
+const APP_VER = "0.5.13.0210 Beta"
 
 func init() {
 	runtime.GOMAXPROCS(runtime.NumCPU())

models/webhook.go

@@ -5,6 +5,7 @@
 package models
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"errors"
 	"io/ioutil"
@@ -307,13 +308,14 @@ func DeliverHooks() {
 	defer func() { isShooting = false }()
 
 	tasks := make([]*HookTask, 0, 10)
-	timeout := time.Duration(setting.WebhookDeliverTimeout) * time.Second
+	timeout := time.Duration(setting.Webhook.DeliverTimeout) * time.Second
 	x.Where("is_delivered=?", false).Iterate(new(HookTask),
 		func(idx int, bean interface{}) error {
 			t := bean.(*HookTask)
 			req := httplib.Post(t.Url).SetTimeout(timeout, timeout).
 				Header("X-Gogs-Delivery", t.Uuid).
-				Header("X-Gogs-Event", string(t.EventType))
+				Header("X-Gogs-Event", string(t.EventType)).
+				SetTLSClientConfig(&tls.Config{InsecureSkipVerify: setting.Webhook.AllowInsecureCertification})
 
 			switch t.ContentType {
 			case JSON:
@@ -329,7 +331,7 @@ func DeliverHooks() {
 			case GOGS:
 				{
 					if _, err := req.Response(); err != nil {
-						log.Error(4, "Delivery: %v", err)
+						log.Error(5, "Delivery: %v", err)
 					} else {
 						t.IsSucceed = true
 					}
@@ -337,15 +339,15 @@ func DeliverHooks() {
 			case SLACK:
 				{
 					if res, err := req.Response(); err != nil {
-						log.Error(4, "Delivery: %v", err)
+						log.Error(5, "Delivery: %v", err)
 					} else {
 						defer res.Body.Close()
 						contents, err := ioutil.ReadAll(res.Body)
 						if err != nil {
-							log.Error(4, "%s", err)
+							log.Error(5, "%s", err)
 						} else {
 							if string(contents) != "ok" {
-								log.Error(4, "slack failed with: %s", string(contents))
+								log.Error(5, "slack failed with: %s", string(contents))
 							} else {
 								t.IsSucceed = true
 							}

modules/cron/manager.go

@@ -15,7 +15,7 @@ var c = New()
 
 func NewCronContext() {
 	c.AddFunc("Update mirrors", "@every 1h", models.MirrorUpdate)
-	c.AddFunc("Deliver hooks", fmt.Sprintf("@every %dm", setting.WebhookTaskInterval), models.DeliverHooks)
+	c.AddFunc("Deliver hooks", fmt.Sprintf("@every %dm", setting.Webhook.TaskInterval), models.DeliverHooks)
 	if setting.Git.Fsck.Enable {
 		c.AddFunc("Repository health check", fmt.Sprintf("@every %dh", setting.Git.Fsck.Interval), models.GitFsck)
 	}

modules/setting/setting.go

@@ -68,8 +68,11 @@ var (
 	ReverseProxyAuthUser string
 
 	// Webhook settings.
-	WebhookTaskInterval   int
-	WebhookDeliverTimeout int
+	Webhook struct {
+		TaskInterval               int
+		DeliverTimeout             int
+		AllowInsecureCertification bool
+	}
 
 	// Repository settings.
 	RepoRootPath string
@@ -508,8 +511,10 @@ func newNotifyMailService() {
 }
 
 func newWebhookService() {
-	WebhookTaskInterval = Cfg.Section("webhook").Key("TASK_INTERVAL").MustInt(1)
-	WebhookDeliverTimeout = Cfg.Section("webhook").Key("DELIVER_TIMEOUT").MustInt(5)
+	sec := Cfg.Section("webhook")
+	Webhook.TaskInterval = sec.Key("TASK_INTERVAL").MustInt(1)
+	Webhook.DeliverTimeout = sec.Key("DELIVER_TIMEOUT").MustInt(5)
+	Webhook.AllowInsecureCertification = sec.Key("ALLOW_INSECURE_CERTIFICATION").MustBool()
 }
 
 func NewServices() {

routers/admin/admin.go

@@ -188,11 +188,8 @@ func Config(ctx *middleware.Context) {
 	ctx.Data["ReverseProxyAuthUser"] = setting.ReverseProxyAuthUser
 
 	ctx.Data["Service"] = setting.Service
-
 	ctx.Data["DbCfg"] = models.DbCfg
-
-	ctx.Data["WebhookTaskInterval"] = setting.WebhookTaskInterval
-	ctx.Data["WebhookDeliverTimeout"] = setting.WebhookDeliverTimeout
+	ctx.Data["Webhook"] = setting.Webhook
 
 	ctx.Data["MailerEnabled"] = false
 	if setting.MailService != nil {

templates/.VERSION

@@ -1 +1 @@
-0.5.13.0209 Beta
+0.5.13.0210 Beta

templates/admin/config.tmpl

@@ -102,9 +102,11 @@
                             <div class="panel-body">
                                 <dl class="dl-horizontal admin-dl-horizontal">
                                     <dt>{{.i18n.Tr "admin.config.task_interval"}}</dt>
-                                    <dd>{{.WebhookTaskInterval}} {{.i18n.Tr "tool.raw_minutes"}}</dd>
+                                    <dd>{{.Webhook.TaskInterval}} {{.i18n.Tr "tool.raw_minutes"}}</dd>
                                     <dt>{{.i18n.Tr "admin.config.deliver_timeout"}}</dt>
-                                    <dd>{{.WebhookDeliverTimeout}} {{.i18n.Tr "tool.raw_seconds"}}</dd>
+                                    <dd>{{.Webhook.DeliverTimeout}} {{.i18n.Tr "tool.raw_seconds"}}</dd>
+                                    <dt>{{.i18n.Tr "admin.config.allow_insecure_certification"}}</dt>
+                                    <dd><i class="fa fa{{if .Webhook.AllowInsecureCertification}}-check{{end}}-square-o"></i></dd>
                                 </dl>
                             </div>
                         </div>