From 6a23252edc36a3d99b35af69a310fd31f687f3cb Mon Sep 17 00:00:00 2001
From: Unknwon <joe2010xtmf@163.com>
Date: Tue, 10 Feb 2015 21:06:59 -0500
Subject: [PATCH] able to allow insecure certification of webhook for #891

---
 conf/app.ini                 |  2 ++
 conf/locale/locale_en-US.ini |  1 +
 gogs.go                      |  2 +-
 models/webhook.go            | 14 ++++++++------
 modules/cron/manager.go      |  2 +-
 modules/setting/setting.go   | 13 +++++++++----
 routers/admin/admin.go       |  5 +----
 templates/.VERSION           |  2 +-
 templates/admin/config.tmpl  |  6 ++++--
 9 files changed, 28 insertions(+), 19 deletions(-)

diff --git a/conf/app.ini b/conf/app.ini
index 782dc51c89c..e80d77a9ca5 100644
--- a/conf/app.ini
+++ b/conf/app.ini
@@ -89,6 +89,8 @@ ENABLE_REVERSE_PROXY_AUTO_REGISTERATION = false
 TASK_INTERVAL = 1
 ; Deliver timeout in seconds
 DELIVER_TIMEOUT = 5
+; Allow insecure certification
+ALLOW_INSECURE_CERTIFICATION = false
 
 [mailer]
 ENABLED = false
diff --git a/conf/locale/locale_en-US.ini b/conf/locale/locale_en-US.ini
index 8ea383f26bc..9e691171a41 100644
--- a/conf/locale/locale_en-US.ini
+++ b/conf/locale/locale_en-US.ini
@@ -647,6 +647,7 @@ config.reset_password_code_lives = Reset Password Code Lives
 config.webhook_config = Webhook Configuration
 config.task_interval = Task Interval
 config.deliver_timeout = Deliver Timeout
+config.allow_insecure_certification = Allow Insecure Certification
 config.mailer_config = Mailer Configuration
 config.mailer_enabled = Enabled
 config.mailer_name = Name
diff --git a/gogs.go b/gogs.go
index 0990391714b..b2f45b333f3 100644
--- a/gogs.go
+++ b/gogs.go
@@ -17,7 +17,7 @@ import (
 	"github.com/gogits/gogs/modules/setting"
 )
 
-const APP_VER = "0.5.13.0209 Beta"
+const APP_VER = "0.5.13.0210 Beta"
 
 func init() {
 	runtime.GOMAXPROCS(runtime.NumCPU())
diff --git a/models/webhook.go b/models/webhook.go
index 8e112ac572b..34349bb598c 100644
--- a/models/webhook.go
+++ b/models/webhook.go
@@ -5,6 +5,7 @@
 package models
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"errors"
 	"io/ioutil"
@@ -307,13 +308,14 @@ func DeliverHooks() {
 	defer func() { isShooting = false }()
 
 	tasks := make([]*HookTask, 0, 10)
-	timeout := time.Duration(setting.WebhookDeliverTimeout) * time.Second
+	timeout := time.Duration(setting.Webhook.DeliverTimeout) * time.Second
 	x.Where("is_delivered=?", false).Iterate(new(HookTask),
 		func(idx int, bean interface{}) error {
 			t := bean.(*HookTask)
 			req := httplib.Post(t.Url).SetTimeout(timeout, timeout).
 				Header("X-Gogs-Delivery", t.Uuid).
-				Header("X-Gogs-Event", string(t.EventType))
+				Header("X-Gogs-Event", string(t.EventType)).
+				SetTLSClientConfig(&tls.Config{InsecureSkipVerify: setting.Webhook.AllowInsecureCertification})
 
 			switch t.ContentType {
 			case JSON:
@@ -329,7 +331,7 @@ func DeliverHooks() {
 			case GOGS:
 				{
 					if _, err := req.Response(); err != nil {
-						log.Error(4, "Delivery: %v", err)
+						log.Error(5, "Delivery: %v", err)
 					} else {
 						t.IsSucceed = true
 					}
@@ -337,15 +339,15 @@ func DeliverHooks() {
 			case SLACK:
 				{
 					if res, err := req.Response(); err != nil {
-						log.Error(4, "Delivery: %v", err)
+						log.Error(5, "Delivery: %v", err)
 					} else {
 						defer res.Body.Close()
 						contents, err := ioutil.ReadAll(res.Body)
 						if err != nil {
-							log.Error(4, "%s", err)
+							log.Error(5, "%s", err)
 						} else {
 							if string(contents) != "ok" {
-								log.Error(4, "slack failed with: %s", string(contents))
+								log.Error(5, "slack failed with: %s", string(contents))
 							} else {
 								t.IsSucceed = true
 							}
diff --git a/modules/cron/manager.go b/modules/cron/manager.go
index 135fec4faa7..2990ab06044 100644
--- a/modules/cron/manager.go
+++ b/modules/cron/manager.go
@@ -15,7 +15,7 @@ var c = New()
 
 func NewCronContext() {
 	c.AddFunc("Update mirrors", "@every 1h", models.MirrorUpdate)
-	c.AddFunc("Deliver hooks", fmt.Sprintf("@every %dm", setting.WebhookTaskInterval), models.DeliverHooks)
+	c.AddFunc("Deliver hooks", fmt.Sprintf("@every %dm", setting.Webhook.TaskInterval), models.DeliverHooks)
 	if setting.Git.Fsck.Enable {
 		c.AddFunc("Repository health check", fmt.Sprintf("@every %dh", setting.Git.Fsck.Interval), models.GitFsck)
 	}
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index 55e0a79ab82..d71a8cda555 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -68,8 +68,11 @@ var (
 	ReverseProxyAuthUser string
 
 	// Webhook settings.
-	WebhookTaskInterval   int
-	WebhookDeliverTimeout int
+	Webhook struct {
+		TaskInterval               int
+		DeliverTimeout             int
+		AllowInsecureCertification bool
+	}
 
 	// Repository settings.
 	RepoRootPath string
@@ -508,8 +511,10 @@ func newNotifyMailService() {
 }
 
 func newWebhookService() {
-	WebhookTaskInterval = Cfg.Section("webhook").Key("TASK_INTERVAL").MustInt(1)
-	WebhookDeliverTimeout = Cfg.Section("webhook").Key("DELIVER_TIMEOUT").MustInt(5)
+	sec := Cfg.Section("webhook")
+	Webhook.TaskInterval = sec.Key("TASK_INTERVAL").MustInt(1)
+	Webhook.DeliverTimeout = sec.Key("DELIVER_TIMEOUT").MustInt(5)
+	Webhook.AllowInsecureCertification = sec.Key("ALLOW_INSECURE_CERTIFICATION").MustBool()
 }
 
 func NewServices() {
diff --git a/routers/admin/admin.go b/routers/admin/admin.go
index d54bb629fd2..316f1d4257c 100644
--- a/routers/admin/admin.go
+++ b/routers/admin/admin.go
@@ -188,11 +188,8 @@ func Config(ctx *middleware.Context) {
 	ctx.Data["ReverseProxyAuthUser"] = setting.ReverseProxyAuthUser
 
 	ctx.Data["Service"] = setting.Service
-
 	ctx.Data["DbCfg"] = models.DbCfg
-
-	ctx.Data["WebhookTaskInterval"] = setting.WebhookTaskInterval
-	ctx.Data["WebhookDeliverTimeout"] = setting.WebhookDeliverTimeout
+	ctx.Data["Webhook"] = setting.Webhook
 
 	ctx.Data["MailerEnabled"] = false
 	if setting.MailService != nil {
diff --git a/templates/.VERSION b/templates/.VERSION
index 1f077fbfcc6..8f04f6d0da7 100644
--- a/templates/.VERSION
+++ b/templates/.VERSION
@@ -1 +1 @@
-0.5.13.0209 Beta
\ No newline at end of file
+0.5.13.0210 Beta
\ No newline at end of file
diff --git a/templates/admin/config.tmpl b/templates/admin/config.tmpl
index f8b4be0b831..5cf84beb99f 100644
--- a/templates/admin/config.tmpl
+++ b/templates/admin/config.tmpl
@@ -102,9 +102,11 @@
                             <div class="panel-body">
                                 <dl class="dl-horizontal admin-dl-horizontal">
                                     <dt>{{.i18n.Tr "admin.config.task_interval"}}</dt>
-                                    <dd>{{.WebhookTaskInterval}} {{.i18n.Tr "tool.raw_minutes"}}</dd>
+                                    <dd>{{.Webhook.TaskInterval}} {{.i18n.Tr "tool.raw_minutes"}}</dd>
                                     <dt>{{.i18n.Tr "admin.config.deliver_timeout"}}</dt>
-                                    <dd>{{.WebhookDeliverTimeout}} {{.i18n.Tr "tool.raw_seconds"}}</dd>
+                                    <dd>{{.Webhook.DeliverTimeout}} {{.i18n.Tr "tool.raw_seconds"}}</dd>
+                                    <dt>{{.i18n.Tr "admin.config.allow_insecure_certification"}}</dt>
+                                    <dd><i class="fa fa{{if .Webhook.AllowInsecureCertification}}-check{{end}}-square-o"></i></dd>
                                 </dl>
                             </div>
                         </div>