@@ -43,6 +43,7 @@ r22: { | |||
- Added beginnings of a plugin framework for extending Gitblit (issue-381, ticket-23) | |||
- Added a French translation (pr-163) | |||
- Added a setting to control what transports may be used for pushes | |||
- Expose JGit 3.x receive pack settings (issue-408) | |||
dependencyChanges: | |||
- Java 7 | |||
- Jetty 9.1.4 | |||
@@ -64,6 +65,10 @@ r22: { | |||
- { name: 'realm.ldap.bindpattern', defaultValue: ' ' } | |||
- { name: 'tickets.closeOnPushCommitMessageRegex', defaultValue: '(?:fixes|closes)[\\s-]+#?(\\d+)' } | |||
- { name: 'git.acceptedPushTransports', defaultValue: ' ' } | |||
- { name: 'git.checkReceivedObjects', defaultValue: 'true' } | |||
- { name: 'git.checkReferencedObjectsAreReachable', defaultValue: 'true' } | |||
- { name: 'git.maxObjectSizeLimit', defaultValue: '0' } | |||
- { name: 'git.maxPackSizeLimit', defaultValue: '-1' } | |||
- { name: 'git.sshPort', defaultValue: '29418' } | |||
- { name: 'git.sshBindInterface', defaultValue: ' ' } | |||
- { name: 'git.sshKeysManager', defaultValue: 'com.gitblit.transport.ssh.FileKeyManager' } |
@@ -126,6 +126,8 @@ git.sshKeysFolder= ${baseFolder}/ssh | |||
# SSH backend NIO2|MINA. | |||
# | |||
# The Apache Mina project recommends using the NIO2 backend. | |||
# | |||
# SINCE 1.5.0 | |||
git.sshBackend = NIO2 | |||
@@ -483,6 +485,45 @@ git.streamFileThreshold = 50m | |||
# RESTART REQUIRED | |||
git.packedGitMmap = false | |||
# Validate all received (pushed) objects are valid. | |||
# | |||
# SINCE 1.5.0 | |||
git.checkReceivedObjects = true | |||
# Validate all referenced but not supplied objects are reachable. | |||
# | |||
# If enabled, Gitblit will verify that references to objects not contained | |||
# within the received pack are already reachable through at least one other | |||
# reference advertised to clients. | |||
# | |||
# This feature is useful when Gitblit doesn't trust the client to not provide a | |||
# forged SHA-1 reference to an object, in an attempt to access parts of the DAG | |||
# that they aren't allowed to see and which have been hidden from them via the | |||
# configured AdvertiseRefsHook or RefFilter. | |||
# | |||
# Enabling this feature may imply at least some, if not all, of the same functionality | |||
# performed by git.checkReceivedObjects. | |||
# | |||
# SINCE 1.5.0 | |||
git.checkReferencedObjectsAreReachable = true | |||
# Set the maximum allowed Git object size. | |||
# | |||
# If an object is larger than the given size the pack-parsing will throw an exception | |||
# aborting the receive-pack operation. The default value, 0, disables maximum | |||
# object size checking. | |||
# | |||
# SINCE 1.5.0 | |||
git.maxObjectSizeLimit = 0 | |||
# Set the maximum allowed pack size. | |||
# | |||
# A pack exceeding this size will be rejected. The default value, -1, disables | |||
# maximum pack size checking. | |||
# | |||
# SINCE 1.5.0 | |||
git.maxPackSizeLimit = -1 | |||
# Use the Gitblit patch receive pack for processing contributions and tickets. | |||
# This allows the user to push a patch using the familiar Gerrit syntax: | |||
# |
@@ -119,6 +119,17 @@ public class GitblitReceivePack extends ReceivePack implements PreReceiveHook, P | |||
setAllowDeletes(user.canDeleteRef(repository)); | |||
setAllowNonFastForwards(user.canRewindRef(repository)); | |||
int maxObjectSz = settings.getInteger(Keys.git.maxObjectSizeLimit, -1); | |||
if (maxObjectSz >= 0) { | |||
setMaxObjectSizeLimit(maxObjectSz); | |||
} | |||
int maxPackSz = settings.getInteger(Keys.git.maxPackSizeLimit, -1); | |||
if (maxPackSz >= 0) { | |||
setMaxPackSizeLimit(maxPackSz); | |||
} | |||
setCheckReceivedObjects(settings.getBoolean(Keys.git.checkReceivedObjects, true)); | |||
setCheckReferencedObjectsAreReachable(settings.getBoolean(Keys.git.checkReferencedObjectsAreReachable, true)); | |||
// setup pre and post receive hook | |||
setPreReceiveHook(this); | |||
setPostReceiveHook(this); |