Expose JGit 3.x receive pack settings as Gitblit settings

releases.moxie

@@ -43,6 +43,7 @@ r22: {
     - Added beginnings of a plugin framework for extending Gitblit (issue-381, ticket-23)
     - Added a French translation (pr-163)
     - Added a setting to control what transports may be used for pushes
+    - Expose JGit 3.x receive pack settings (issue-408)
     dependencyChanges:
     - Java 7
     - Jetty 9.1.4
@@ -64,6 +65,10 @@ r22: {
     - { name: 'realm.ldap.bindpattern', defaultValue: ' ' }
     - { name: 'tickets.closeOnPushCommitMessageRegex', defaultValue: '(?:fixes|closes)[\\s-]+#?(\\d+)' }
     - { name: 'git.acceptedPushTransports', defaultValue: ' ' }
+    - { name: 'git.checkReceivedObjects', defaultValue: 'true' }
+    - { name: 'git.checkReferencedObjectsAreReachable', defaultValue: 'true' }
+    - { name: 'git.maxObjectSizeLimit', defaultValue: '0' }
+    - { name: 'git.maxPackSizeLimit', defaultValue: '-1' }
     - { name: 'git.sshPort', defaultValue: '29418' }
     - { name: 'git.sshBindInterface', defaultValue: ' ' }
     - { name: 'git.sshKeysManager', defaultValue: 'com.gitblit.transport.ssh.FileKeyManager' }

src/main/distrib/data/gitblit.properties

@@ -126,6 +126,8 @@ git.sshKeysFolder= ${baseFolder}/ssh
 
 # SSH backend NIO2|MINA.
 #
+# The Apache Mina project recommends using the NIO2 backend.
+#
 # SINCE 1.5.0
 git.sshBackend = NIO2
 
@@ -483,6 +485,45 @@ git.streamFileThreshold = 50m
 # RESTART REQUIRED
 git.packedGitMmap = false
 
+# Validate all received (pushed) objects are valid.
+#
+# SINCE 1.5.0
+git.checkReceivedObjects = true
+
+# Validate all referenced but not supplied objects are reachable.
+#
+# If enabled, Gitblit will verify that references to objects not contained
+# within the received pack are already reachable through at least one other
+# reference advertised to clients.
+#
+# This feature is useful when Gitblit doesn't trust the client to not provide a
+# forged SHA-1 reference to an object, in an attempt to access parts of the DAG
+# that they aren't allowed to see and which have been hidden from them via the
+# configured AdvertiseRefsHook or RefFilter.
+#
+# Enabling this feature may imply at least some, if not all, of the same functionality
+# performed by git.checkReceivedObjects. 
+#
+# SINCE 1.5.0
+git.checkReferencedObjectsAreReachable = true
+
+# Set the maximum allowed Git object size.
+#
+# If an object is larger than the given size the pack-parsing will throw an exception
+# aborting the receive-pack operation.  The default value, 0, disables maximum
+# object size checking.
+#
+# SINCE 1.5.0
+git.maxObjectSizeLimit = 0
+
+# Set the maximum allowed pack size.
+#
+# A pack exceeding this size will be rejected. The default value, -1, disables
+# maximum pack size checking.
+#
+# SINCE 1.5.0
+git.maxPackSizeLimit = -1
+
 # Use the Gitblit patch receive pack for processing contributions and tickets.
 # This allows the user to push a patch using the familiar Gerrit syntax:
 #

src/main/java/com/gitblit/git/GitblitReceivePack.java

@@ -119,6 +119,17 @@ public class GitblitReceivePack extends ReceivePack implements PreReceiveHook, P
 		setAllowDeletes(user.canDeleteRef(repository));
 		setAllowNonFastForwards(user.canRewindRef(repository));
 
+		int maxObjectSz = settings.getInteger(Keys.git.maxObjectSizeLimit, -1);
+		if (maxObjectSz >= 0) {
+			setMaxObjectSizeLimit(maxObjectSz);
+		}
+		int maxPackSz = settings.getInteger(Keys.git.maxPackSizeLimit, -1);
+		if (maxPackSz >= 0) {
+			setMaxPackSizeLimit(maxPackSz);
+		}
+		setCheckReceivedObjects(settings.getBoolean(Keys.git.checkReceivedObjects, true));
+		setCheckReferencedObjectsAreReachable(settings.getBoolean(Keys.git.checkReferencedObjectsAreReachable, true));
+
 		// setup pre and post receive hook
 		setPreReceiveHook(this);
 		setPostReceiveHook(this);