From 3517a7a6d44673e7944808ce464bcf1b037cd471 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Mon, 23 Sep 2013 11:36:27 -0400
Subject: [PATCH] Synchronize critical ConfigUserService methods
---
src/main/java/com/gitblit/utils/JGitUtils.java | 51 ++++++++++++++++++++++++++++++++++++++++++++++-----
1 files changed, 46 insertions(+), 5 deletions(-)
diff --git a/src/main/java/com/gitblit/utils/JGitUtils.java b/src/main/java/com/gitblit/utils/JGitUtils.java
index 49b3ad7..3c1173c 100644
--- a/src/main/java/com/gitblit/utils/JGitUtils.java
+++ b/src/main/java/com/gitblit/utils/JGitUtils.java
@@ -266,7 +266,7 @@
/**
* Creates a bare, shared repository.
- *
+ *
* @param repositoriesFolder
* @param name
* @param shared
@@ -353,7 +353,10 @@
}
String getValue() {
- if ( enumValue == GitConfigSharedRepositoryValue.Oxxx ) return Integer.toOctalString(intValue);
+ if ( enumValue == GitConfigSharedRepositoryValue.Oxxx ) {
+ if (intValue == 0) return "0";
+ return String.format("0%o", intValue);
+ }
return enumValue.getConfigValue();
}
@@ -372,17 +375,50 @@
}
+ /**
+ * Adjust file permissions of a file/directory for shared repositories
+ *
+ * @param path
+ * File that should get its permissions changed.
+ * @param configShared
+ * Configuration string value for the shared mode.
+ * @return Upon successful completion, a value of 0 is returned. Otherwise, a value of -1 is returned.
+ */
public static int adjustSharedPerm(File path, String configShared) {
return adjustSharedPerm(path, new GitConfigSharedRepository(configShared));
}
+ /**
+ * Adjust file permissions of a file/directory for shared repositories
+ *
+ * @param path
+ * File that should get its permissions changed.
+ * @param configShared
+ * Configuration setting for the shared mode.
+ * @return Upon successful completion, a value of 0 is returned. Otherwise, a value of -1 is returned.
+ */
public static int adjustSharedPerm(File path, GitConfigSharedRepository configShared) {
if (! configShared.isShared()) return 0;
+ if (! path.exists()) return -1;
int perm = configShared.getPerm();
- int mode = JnaUtils.getFilemode(path);
+ JnaUtils.Filestat stat = JnaUtils.getFilestat(path);
+ if (stat == null) return -1;
+ int mode = stat.mode;
if (mode < 0) return -1;
+
+ // Now, here is the kicker: Under Linux, chmod'ing a sgid file whose guid is different from the process'
+ // effective guid will reset the sgid flag of the file. Since there is no way to get the sgid flag back in
+ // that case, we decide to rather not touch is and getting the right permissions will have to be achieved
+ // in a different way, e.g. by using an appropriate umask for the Gitblit process.
+ if (System.getProperty("os.name").toLowerCase().startsWith("linux")) {
+ if ( ((mode & (JnaUtils.S_ISGID | JnaUtils.S_ISUID)) != 0)
+ && stat.gid != JnaUtils.getegid() ) {
+ LOGGER.debug("Not adjusting permissions to prevent clearing suid/sgid bits for '" + path + "'" );
+ return 0;
+ }
+ }
// If the owner has no write access, delete it from group and other, too.
if ((mode & JnaUtils.S_IWUSR) == 0) perm &= ~0222;
@@ -391,7 +427,7 @@
if (configShared.isCustom()) {
// Use the custom value for access permissions.
- mode |= (mode & ~0777) | perm;
+ mode = (mode & ~0777) | perm;
}
else {
// Just add necessary bits to existing permissions.
@@ -706,6 +742,8 @@
try {
if (tree == null) {
ObjectId object = getDefaultBranch(repository);
+ if (object == null)
+ return null;
RevCommit commit = rw.parseCommit(object);
tree = commit.getTree();
}
@@ -1304,14 +1342,17 @@
*/
public static List<RevCommit> searchRevlogs(Repository repository, String objectId,
String value, final com.gitblit.Constants.SearchType type, int offset, int maxCount) {
- final String lcValue = value.toLowerCase();
List<RevCommit> list = new ArrayList<RevCommit>();
+ if (StringUtils.isEmpty(value)) {
+ return list;
+ }
if (maxCount == 0) {
return list;
}
if (!hasCommits(repository)) {
return list;
}
+ final String lcValue = value.toLowerCase();
try {
// resolve branch
ObjectId branchObject;
--
Gitblit v1.9.1