From 0e44acbb2fec928a1606dc60f427a148fff405c9 Mon Sep 17 00:00:00 2001
From: Mohamed Ragab <moragab@gmail.com>
Date: Wed, 02 May 2012 11:15:01 -0400
Subject: [PATCH] Added a script to facilitate setting the proxy host and port and no proxy hosts, and then it concatenates all the java system properties for setting the java proxy configurations and puts the resulting string in an environment variable JAVA_PROXY_CONFIG, modified the scirpts gitblit,  gitblit-ubuntu, and gitblit-centos to source the java-proxy-config.sh script and then include the resulting java proxy configuration in the java command

---
 src/com/gitblit/RpcFilter.java |   23 +++++++++++++++--------
 1 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/src/com/gitblit/RpcFilter.java b/src/com/gitblit/RpcFilter.java
index f92dd96..4c0f03d 100644
--- a/src/com/gitblit/RpcFilter.java
+++ b/src/com/gitblit/RpcFilter.java
@@ -59,8 +59,12 @@
 
 		String fullUrl = getFullUrl(httpRequest);
 		RpcRequest requestType = RpcRequest.fromName(httpRequest.getParameter("req"));
+		if (requestType == null) {
+			httpResponse.sendError(HttpServletResponse.SC_NOT_IMPLEMENTED);
+			return;
+		}
 
-		boolean adminRequest = requestType.exceeds(RpcRequest.LIST_REPOSITORIES);
+		boolean adminRequest = requestType.exceeds(RpcRequest.LIST_SETTINGS);
 
 		// conditionally reject all rpc requests
 		if (!GitBlit.getBoolean(Keys.web.enableRpcServlet, true)) {
@@ -71,22 +75,23 @@
 
 		boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, false);
 		boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true);
-		
-		// Wrap the HttpServletRequest with the RpcServletnRequest which
+
+		// Wrap the HttpServletRequest with the RpcServletRequest which
 		// overrides the servlet container user principal methods.
 		AuthenticatedRequest authenticatedRequest = new AuthenticatedRequest(httpRequest);
 		UserModel user = getUser(httpRequest);
 		if (user != null) {
 			authenticatedRequest.setUser(user);
 		}
-		
-		// conditionally reject rpc administration requests
-		if (adminRequest && !GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) {
-			logger.warn(Keys.web.enableRpcAdministration + " must be set TRUE for administrative rpc requests.");
+
+		// conditionally reject rpc management/administration requests
+		if (adminRequest && !GitBlit.getBoolean(Keys.web.enableRpcManagement, false)) {
+			logger.warn(MessageFormat.format("{0} must be set TRUE for {1} rpc requests.",
+					Keys.web.enableRpcManagement, requestType.toString()));
 			httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
 			return;
 		}
-		
+
 		// BASIC authentication challenge and response processing
 		if ((adminRequest && authenticateAdmin) || (!adminRequest && authenticateView)) {
 			if (user == null) {
@@ -130,6 +135,8 @@
 
 	private boolean canAccess(UserModel user, RpcRequest requestType) {
 		switch (requestType) {
+		case GET_PROTOCOL:
+			return true;
 		case LIST_REPOSITORIES:
 			return true;
 		default:

--
Gitblit v1.9.1