Merge branch 'main' into issue-163

2025-04-25 06:16:58 +00:00 · 2023-03-21 01:33:13 +00:00 · 2023-03-21 01:33:13 +00:00 · 54bff210e0
commit 54bff210e0
parent 8c8128ee4b 970c13cf5c
7 changed files with 36 additions and 8 deletions
--- a/server/certificates/acme_client.go
+++ b/server/certificates/acme_client.go
@ -89,7 +89,7 @@ func NewAcmeClient(acmeAccountConf, acmeAPI, acmeMail, acmeEabHmac, acmeEabKID,
 		acmeClientRequestLimit: equalizer.NewTokenBucket(5, 1*time.Second),
 		// rate limit is 5 / hour https://letsencrypt.org/docs/failed-validation-limit/
 		acmeClientFailLimit: equalizer.NewTokenBucket(5, 1*time.Hour),
-		// checkUserLimit() use this to rate als per user
+		// checkUserLimit() use this to rate also per user
 		acmeClientCertificateLimitPerUser: map[string]*equalizer.TokenBucket{},
 	}, nil
 }
--- a/server/database/xorm.go
+++ b/server/database/xorm.go
@ -37,7 +37,7 @@ func NewXormDB(dbType, dbConn string) (CertDB, error) {
 	}

 	if err := e.Sync2(new(Cert)); err != nil {
-		return nil, fmt.Errorf("cound not sync db model :%w", err)
+		return nil, fmt.Errorf("could not sync db model :%w", err)
 	}

 	return &xDB{
@ -64,7 +64,7 @@ func (x xDB) Put(domain string, cert *certificate.Resource) error {
 	}
 	defer sess.Close()

-	if exist, _ := sess.ID(c.Domain).Exist(); exist {
+	if exist, _ := sess.ID(c.Domain).Exist(new(Cert)); exist {
 		if _, err := sess.ID(c.Domain).Update(c); err != nil {
 			return err
 		}
--- a/server/database/xorm_test.go
+++ b/server/database/xorm_test.go
@ -37,7 +37,7 @@ func TestSanitizeWildcardCerts(t *testing.T) {
 	}))

 	// update existing cert
-	assert.Error(t, certDB.Put(".wildcard.de", &certificate.Resource{
+	assert.NoError(t, certDB.Put(".wildcard.de", &certificate.Resource{
 		Domain:      "*.wildcard.de",
 		Certificate: localhost_mock_directory_certificate,
 	}))
--- a/server/gitea/client.go
+++ b/server/gitea/client.go
@ -112,7 +112,7 @@ func (client *Client) ServeRawContent(targetOwner, targetRepo, ref, resource str
 	if cache, ok := client.responseCache.Get(cacheKey); ok {
 		cache := cache.(FileResponse)
 		cachedHeader, cachedStatusCode := cache.createHttpResponse(cacheKey)
-		// TODO: check against some timestamp missmatch?!?
+		// TODO: check against some timestamp mismatch?!?
 		if cache.Exists {
 			if cache.IsSymlink {
 				linkDest := string(cache.Body)
@ -145,6 +145,10 @@ func (client *Client) ServeRawContent(targetOwner, targetRepo, ref, resource str
 					}
 					linkDest := strings.TrimSpace(string(linkDestBytes))

+					// handle relative links
+					// we first remove the link from the path, and make a relative join (resolve parent paths like "/../" too)
+					linkDest = path.Join(path.Dir(resource), linkDest)
+
 					// we store symlink not content to reduce duplicates in cache
 					if err := client.responseCache.Set(cacheKey, FileResponse{
 						Exists:    true,