diff options
author | James Moger <james.moger@gitblit.com> | 2014-04-17 12:00:35 -0400 |
---|---|---|
committer | James Moger <james.moger@gitblit.com> | 2014-04-17 12:00:35 -0400 |
commit | 7baf2e4cd2ef8082b74937e26de75b01e630b5d4 (patch) | |
tree | 49f4fbd862a207be2c4ade49a61844c46ed6af77 /src | |
parent | 1669542eb84bb2d7692b04c1043af69f73933657 (diff) | |
download | gitblit-7baf2e4cd2ef8082b74937e26de75b01e630b5d4.tar.gz gitblit-7baf2e4cd2ef8082b74937e26de75b01e630b5d4.zip |
Expose JGit 3.x receive pack settings as Gitblit settings
Diffstat (limited to 'src')
-rw-r--r-- | src/main/distrib/data/gitblit.properties | 41 | ||||
-rw-r--r-- | src/main/java/com/gitblit/git/GitblitReceivePack.java | 11 |
2 files changed, 52 insertions, 0 deletions
diff --git a/src/main/distrib/data/gitblit.properties b/src/main/distrib/data/gitblit.properties index beeb965b..3215094e 100644 --- a/src/main/distrib/data/gitblit.properties +++ b/src/main/distrib/data/gitblit.properties @@ -126,6 +126,8 @@ git.sshKeysFolder= ${baseFolder}/ssh # SSH backend NIO2|MINA.
#
+# The Apache Mina project recommends using the NIO2 backend.
+#
# SINCE 1.5.0
git.sshBackend = NIO2
@@ -483,6 +485,45 @@ git.streamFileThreshold = 50m # RESTART REQUIRED
git.packedGitMmap = false
+# Validate all received (pushed) objects are valid.
+#
+# SINCE 1.5.0
+git.checkReceivedObjects = true
+
+# Validate all referenced but not supplied objects are reachable.
+#
+# If enabled, Gitblit will verify that references to objects not contained
+# within the received pack are already reachable through at least one other
+# reference advertised to clients.
+#
+# This feature is useful when Gitblit doesn't trust the client to not provide a
+# forged SHA-1 reference to an object, in an attempt to access parts of the DAG
+# that they aren't allowed to see and which have been hidden from them via the
+# configured AdvertiseRefsHook or RefFilter.
+#
+# Enabling this feature may imply at least some, if not all, of the same functionality
+# performed by git.checkReceivedObjects.
+#
+# SINCE 1.5.0
+git.checkReferencedObjectsAreReachable = true
+
+# Set the maximum allowed Git object size.
+#
+# If an object is larger than the given size the pack-parsing will throw an exception
+# aborting the receive-pack operation. The default value, 0, disables maximum
+# object size checking.
+#
+# SINCE 1.5.0
+git.maxObjectSizeLimit = 0
+
+# Set the maximum allowed pack size.
+#
+# A pack exceeding this size will be rejected. The default value, -1, disables
+# maximum pack size checking.
+#
+# SINCE 1.5.0
+git.maxPackSizeLimit = -1
+
# Use the Gitblit patch receive pack for processing contributions and tickets.
# This allows the user to push a patch using the familiar Gerrit syntax:
#
diff --git a/src/main/java/com/gitblit/git/GitblitReceivePack.java b/src/main/java/com/gitblit/git/GitblitReceivePack.java index 0cc41987..61f2d67d 100644 --- a/src/main/java/com/gitblit/git/GitblitReceivePack.java +++ b/src/main/java/com/gitblit/git/GitblitReceivePack.java @@ -119,6 +119,17 @@ public class GitblitReceivePack extends ReceivePack implements PreReceiveHook, P setAllowDeletes(user.canDeleteRef(repository));
setAllowNonFastForwards(user.canRewindRef(repository));
+ int maxObjectSz = settings.getInteger(Keys.git.maxObjectSizeLimit, -1);
+ if (maxObjectSz >= 0) {
+ setMaxObjectSizeLimit(maxObjectSz);
+ }
+ int maxPackSz = settings.getInteger(Keys.git.maxPackSizeLimit, -1);
+ if (maxPackSz >= 0) {
+ setMaxPackSizeLimit(maxPackSz);
+ }
+ setCheckReceivedObjects(settings.getBoolean(Keys.git.checkReceivedObjects, true));
+ setCheckReferencedObjectsAreReachable(settings.getBoolean(Keys.git.checkReferencedObjectsAreReachable, true));
+
// setup pre and post receive hook
setPreReceiveHook(this);
setPostReceiveHook(this);
|