aboutsummaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.http.server/src
diff options
context:
space:
mode:
authorShawn O. Pearce <spearce@spearce.org>2011-03-16 13:46:53 -0700
committerShawn O. Pearce <spearce@spearce.org>2011-04-01 17:40:33 -0400
commit64b524e3ca3d1f66edaa49eda2d8863ddca779b5 (patch)
tree0990a54d8582e37a844c0a9fce020ac4db476e56 /org.eclipse.jgit.http.server/src
parentaf3562f7f70a9017f6f90d266f2b2a6fc3b361ad (diff)
downloadjgit-64b524e3ca3d1f66edaa49eda2d8863ddca779b5.tar.gz
jgit-64b524e3ca3d1f66edaa49eda2d8863ddca779b5.zip
UploadPack: Add a PreUploadHook to monitor and control behavior
Embedding applications can use this hook to watch actions within UploadPack and possibly reject them. This could be useful to prevent clones of a large repository from this server, or to stop abusive negotiation rounds that offer thousands of objects in a single batch. Change-Id: Id96f1885ac4d61f22c80b6418fff54184b7348ba Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
Diffstat (limited to 'org.eclipse.jgit.http.server/src')
-rw-r--r--org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/SmartServiceInfoRefs.java10
-rw-r--r--org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/UploadPackServlet.java7
2 files changed, 16 insertions, 1 deletions
diff --git a/org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/SmartServiceInfoRefs.java b/org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/SmartServiceInfoRefs.java
index 7152c88ed5..935867cef3 100644
--- a/org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/SmartServiceInfoRefs.java
+++ b/org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/SmartServiceInfoRefs.java
@@ -44,6 +44,7 @@
package org.eclipse.jgit.http.server;
import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
+import static javax.servlet.http.HttpServletResponse.SC_SERVICE_UNAVAILABLE;
import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
import static org.eclipse.jgit.http.server.ServletUtils.ATTRIBUTE_HANDLER;
import static org.eclipse.jgit.http.server.ServletUtils.getRepository;
@@ -63,6 +64,7 @@ import javax.servlet.http.HttpServletResponse;
import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.transport.PacketLineOut;
import org.eclipse.jgit.transport.RefAdvertiser.PacketLineOutRefAdvertiser;
+import org.eclipse.jgit.transport.UploadPackMayNotContinueException;
import org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException;
import org.eclipse.jgit.transport.resolver.ServiceNotEnabledException;
@@ -119,10 +121,10 @@ abstract class SmartServiceInfoRefs implements Filter {
throws IOException {
final HttpServletRequest req = (HttpServletRequest) request;
final HttpServletResponse rsp = (HttpServletResponse) response;
+ final SmartOutputStream buf = new SmartOutputStream(req, rsp);
try {
rsp.setContentType("application/x-" + svc + "-advertisement");
- final SmartOutputStream buf = new SmartOutputStream(req, rsp);
final PacketLineOut out = new PacketLineOut(buf);
out.writeString("# service=" + svc + "\n");
out.end();
@@ -133,6 +135,12 @@ abstract class SmartServiceInfoRefs implements Filter {
} catch (ServiceNotEnabledException e) {
rsp.sendError(SC_FORBIDDEN);
+
+ } catch (UploadPackMayNotContinueException e) {
+ if (e.isOutput())
+ buf.close();
+ else
+ rsp.sendError(SC_SERVICE_UNAVAILABLE);
}
}
diff --git a/org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/UploadPackServlet.java b/org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/UploadPackServlet.java
index 192adc56b4..e60c5068cf 100644
--- a/org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/UploadPackServlet.java
+++ b/org.eclipse.jgit.http.server/src/org/eclipse/jgit/http/server/UploadPackServlet.java
@@ -45,6 +45,7 @@ package org.eclipse.jgit.http.server;
import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
import static javax.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
+import static javax.servlet.http.HttpServletResponse.SC_SERVICE_UNAVAILABLE;
import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
import static javax.servlet.http.HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE;
import static org.eclipse.jgit.http.server.ServletUtils.ATTRIBUTE_HANDLER;
@@ -67,6 +68,7 @@ import javax.servlet.http.HttpServletResponse;
import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.transport.RefAdvertiser.PacketLineOutRefAdvertiser;
import org.eclipse.jgit.transport.UploadPack;
+import org.eclipse.jgit.transport.UploadPackMayNotContinueException;
import org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException;
import org.eclipse.jgit.transport.resolver.ServiceNotEnabledException;
import org.eclipse.jgit.transport.resolver.UploadPackFactory;
@@ -171,6 +173,11 @@ class UploadPackServlet extends HttpServlet {
up.upload(getInputStream(req), out, null);
out.close();
+ } catch (UploadPackMayNotContinueException e) {
+ if (!e.isOutput())
+ rsp.sendError(SC_SERVICE_UNAVAILABLE);
+ return;
+
} catch (IOException e) {
getServletContext().log(HttpServerText.get().internalErrorDuringUploadPack, e);
rsp.reset();