mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-26 09:09:36 -05:00
7b4d2f7a2a
* Add single sign-on support via SSPI on Windows * Ensure plugins implement interface * Ensure plugins implement interface * Move functions used only by the SSPI auth method to sspi_windows.go * Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected * Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links. * Update documentation for the new 'SPNEGO with SSPI' login source * Mention in documentation that ROOT_URL should contain the FQDN of the server * Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing) * Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources) * Add option in SSPIConfig for removing of domains from logon names * Update helper text for StripDomainNames option * Make sure handleSignIn() is called after a new user object is created by SSPI auth method * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Remove default value from text of form field helper Co-Authored-By: Lauris BH <lauris@nix.lv> * Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates * Remove code duplication * Log errors in ActiveLoginSources Co-Authored-By: Lauris BH <lauris@nix.lv> * Revert suffix of randomly generated E-mails for Reverse proxy authentication Co-Authored-By: Lauris BH <lauris@nix.lv> * Revert unneeded white-space change in template Co-Authored-By: Lauris BH <lauris@nix.lv> * Add copyright comments at the top of new files * Use loopback name for randomly generated emails * Add locale tag for the SSPISeparatorReplacement field with proper casing * Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields * Update docs/content/doc/features/authentication.en-us.md Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * Remove Priority() method and define the order in which SSO auth methods should be executed in one place * Log authenticated username only if it's not empty * Rephrase helper text for automatic creation of users * Return error if more than one active SSPI auth source is found * Change newUser() function to return error, letting caller log/handle the error * Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed * Refactor initialization of the list containing SSO auth methods * Validate SSPI settings on POST * Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page * Make 'Default language' in SSPI config empty, unless changed by admin * Show error if admin tries to add a second authentication source of type SSPI * Simplify declaration of global variable * Rebuild gitgraph.js on Linux * Make sure config values containing only whitespace are not accepted
162 lines
7.5 KiB
Go
162 lines
7.5 KiB
Go
// Copyright 2018 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// Package cpu implements processor feature detection for
|
|
// various CPU architectures.
|
|
package cpu
|
|
|
|
// Initialized reports whether the CPU features were initialized.
|
|
//
|
|
// For some GOOS/GOARCH combinations initialization of the CPU features depends
|
|
// on reading an operating specific file, e.g. /proc/self/auxv on linux/arm
|
|
// Initialized will report false if reading the file fails.
|
|
var Initialized bool
|
|
|
|
// CacheLinePad is used to pad structs to avoid false sharing.
|
|
type CacheLinePad struct{ _ [cacheLineSize]byte }
|
|
|
|
// X86 contains the supported CPU features of the
|
|
// current X86/AMD64 platform. If the current platform
|
|
// is not X86/AMD64 then all feature flags are false.
|
|
//
|
|
// X86 is padded to avoid false sharing. Further the HasAVX
|
|
// and HasAVX2 are only set if the OS supports XMM and YMM
|
|
// registers in addition to the CPUID feature bit being set.
|
|
var X86 struct {
|
|
_ CacheLinePad
|
|
HasAES bool // AES hardware implementation (AES NI)
|
|
HasADX bool // Multi-precision add-carry instruction extensions
|
|
HasAVX bool // Advanced vector extension
|
|
HasAVX2 bool // Advanced vector extension 2
|
|
HasBMI1 bool // Bit manipulation instruction set 1
|
|
HasBMI2 bool // Bit manipulation instruction set 2
|
|
HasERMS bool // Enhanced REP for MOVSB and STOSB
|
|
HasFMA bool // Fused-multiply-add instructions
|
|
HasOSXSAVE bool // OS supports XSAVE/XRESTOR for saving/restoring XMM registers.
|
|
HasPCLMULQDQ bool // PCLMULQDQ instruction - most often used for AES-GCM
|
|
HasPOPCNT bool // Hamming weight instruction POPCNT.
|
|
HasRDRAND bool // RDRAND instruction (on-chip random number generator)
|
|
HasRDSEED bool // RDSEED instruction (on-chip random number generator)
|
|
HasSSE2 bool // Streaming SIMD extension 2 (always available on amd64)
|
|
HasSSE3 bool // Streaming SIMD extension 3
|
|
HasSSSE3 bool // Supplemental streaming SIMD extension 3
|
|
HasSSE41 bool // Streaming SIMD extension 4 and 4.1
|
|
HasSSE42 bool // Streaming SIMD extension 4 and 4.2
|
|
_ CacheLinePad
|
|
}
|
|
|
|
// ARM64 contains the supported CPU features of the
|
|
// current ARMv8(aarch64) platform. If the current platform
|
|
// is not arm64 then all feature flags are false.
|
|
var ARM64 struct {
|
|
_ CacheLinePad
|
|
HasFP bool // Floating-point instruction set (always available)
|
|
HasASIMD bool // Advanced SIMD (always available)
|
|
HasEVTSTRM bool // Event stream support
|
|
HasAES bool // AES hardware implementation
|
|
HasPMULL bool // Polynomial multiplication instruction set
|
|
HasSHA1 bool // SHA1 hardware implementation
|
|
HasSHA2 bool // SHA2 hardware implementation
|
|
HasCRC32 bool // CRC32 hardware implementation
|
|
HasATOMICS bool // Atomic memory operation instruction set
|
|
HasFPHP bool // Half precision floating-point instruction set
|
|
HasASIMDHP bool // Advanced SIMD half precision instruction set
|
|
HasCPUID bool // CPUID identification scheme registers
|
|
HasASIMDRDM bool // Rounding double multiply add/subtract instruction set
|
|
HasJSCVT bool // Javascript conversion from floating-point to integer
|
|
HasFCMA bool // Floating-point multiplication and addition of complex numbers
|
|
HasLRCPC bool // Release Consistent processor consistent support
|
|
HasDCPOP bool // Persistent memory support
|
|
HasSHA3 bool // SHA3 hardware implementation
|
|
HasSM3 bool // SM3 hardware implementation
|
|
HasSM4 bool // SM4 hardware implementation
|
|
HasASIMDDP bool // Advanced SIMD double precision instruction set
|
|
HasSHA512 bool // SHA512 hardware implementation
|
|
HasSVE bool // Scalable Vector Extensions
|
|
HasASIMDFHM bool // Advanced SIMD multiplication FP16 to FP32
|
|
_ CacheLinePad
|
|
}
|
|
|
|
// ARM contains the supported CPU features of the current ARM (32-bit) platform.
|
|
// All feature flags are false if:
|
|
// 1. the current platform is not arm, or
|
|
// 2. the current operating system is not Linux.
|
|
var ARM struct {
|
|
_ CacheLinePad
|
|
HasSWP bool // SWP instruction support
|
|
HasHALF bool // Half-word load and store support
|
|
HasTHUMB bool // ARM Thumb instruction set
|
|
Has26BIT bool // Address space limited to 26-bits
|
|
HasFASTMUL bool // 32-bit operand, 64-bit result multiplication support
|
|
HasFPA bool // Floating point arithmetic support
|
|
HasVFP bool // Vector floating point support
|
|
HasEDSP bool // DSP Extensions support
|
|
HasJAVA bool // Java instruction set
|
|
HasIWMMXT bool // Intel Wireless MMX technology support
|
|
HasCRUNCH bool // MaverickCrunch context switching and handling
|
|
HasTHUMBEE bool // Thumb EE instruction set
|
|
HasNEON bool // NEON instruction set
|
|
HasVFPv3 bool // Vector floating point version 3 support
|
|
HasVFPv3D16 bool // Vector floating point version 3 D8-D15
|
|
HasTLS bool // Thread local storage support
|
|
HasVFPv4 bool // Vector floating point version 4 support
|
|
HasIDIVA bool // Integer divide instruction support in ARM mode
|
|
HasIDIVT bool // Integer divide instruction support in Thumb mode
|
|
HasVFPD32 bool // Vector floating point version 3 D15-D31
|
|
HasLPAE bool // Large Physical Address Extensions
|
|
HasEVTSTRM bool // Event stream support
|
|
HasAES bool // AES hardware implementation
|
|
HasPMULL bool // Polynomial multiplication instruction set
|
|
HasSHA1 bool // SHA1 hardware implementation
|
|
HasSHA2 bool // SHA2 hardware implementation
|
|
HasCRC32 bool // CRC32 hardware implementation
|
|
_ CacheLinePad
|
|
}
|
|
|
|
// PPC64 contains the supported CPU features of the current ppc64/ppc64le platforms.
|
|
// If the current platform is not ppc64/ppc64le then all feature flags are false.
|
|
//
|
|
// For ppc64/ppc64le, it is safe to check only for ISA level starting on ISA v3.00,
|
|
// since there are no optional categories. There are some exceptions that also
|
|
// require kernel support to work (DARN, SCV), so there are feature bits for
|
|
// those as well. The minimum processor requirement is POWER8 (ISA 2.07).
|
|
// The struct is padded to avoid false sharing.
|
|
var PPC64 struct {
|
|
_ CacheLinePad
|
|
HasDARN bool // Hardware random number generator (requires kernel enablement)
|
|
HasSCV bool // Syscall vectored (requires kernel enablement)
|
|
IsPOWER8 bool // ISA v2.07 (POWER8)
|
|
IsPOWER9 bool // ISA v3.00 (POWER9)
|
|
_ CacheLinePad
|
|
}
|
|
|
|
// S390X contains the supported CPU features of the current IBM Z
|
|
// (s390x) platform. If the current platform is not IBM Z then all
|
|
// feature flags are false.
|
|
//
|
|
// S390X is padded to avoid false sharing. Further HasVX is only set
|
|
// if the OS supports vector registers in addition to the STFLE
|
|
// feature bit being set.
|
|
var S390X struct {
|
|
_ CacheLinePad
|
|
HasZARCH bool // z/Architecture mode is active [mandatory]
|
|
HasSTFLE bool // store facility list extended
|
|
HasLDISP bool // long (20-bit) displacements
|
|
HasEIMM bool // 32-bit immediates
|
|
HasDFP bool // decimal floating point
|
|
HasETF3EH bool // ETF-3 enhanced
|
|
HasMSA bool // message security assist (CPACF)
|
|
HasAES bool // KM-AES{128,192,256} functions
|
|
HasAESCBC bool // KMC-AES{128,192,256} functions
|
|
HasAESCTR bool // KMCTR-AES{128,192,256} functions
|
|
HasAESGCM bool // KMA-GCM-AES{128,192,256} functions
|
|
HasGHASH bool // KIMD-GHASH function
|
|
HasSHA1 bool // K{I,L}MD-SHA-1 functions
|
|
HasSHA256 bool // K{I,L}MD-SHA-256 functions
|
|
HasSHA512 bool // K{I,L}MD-SHA-512 functions
|
|
HasSHA3 bool // K{I,L}MD-SHA3-{224,256,384,512} and K{I,L}MD-SHAKE-{128,256} functions
|
|
HasVX bool // vector facility
|
|
HasVXE bool // vector-enhancements facility 1
|
|
_ CacheLinePad
|
|
}
|