From ec7ed84b04cd3981ae01b104bd52fc010f31e6a7 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 25 Sep 2014 09:06:39 -0400
Subject: [PATCH] Restrict Gitblit cookie to the context path
---
src/main/java/com/gitblit/transport/ssh/git/BaseGitCommand.java | 20 +++++++++++++-------
1 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/src/main/java/com/gitblit/transport/ssh/git/BaseGitCommand.java b/src/main/java/com/gitblit/transport/ssh/git/BaseGitCommand.java
index 2e4fda5..c49d23b 100644
--- a/src/main/java/com/gitblit/transport/ssh/git/BaseGitCommand.java
+++ b/src/main/java/com/gitblit/transport/ssh/git/BaseGitCommand.java
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2009 The Android Open Source Project
* Copyright 2014 gitblit.com.
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,10 +30,6 @@
import com.gitblit.transport.ssh.SshDaemonClient;
import com.gitblit.transport.ssh.commands.BaseCommand;
-/**
- * @author Eric Myhre
- *
- */
abstract class BaseGitCommand extends BaseCommand {
@Argument(index = 0, metaVar = "REPOSITORY", required = true, usage = "repository name")
protected String repository;
@@ -42,6 +39,16 @@
protected UploadPackFactory<SshDaemonClient> uploadPackFactory;
protected Repository repo;
+
+ @Override
+ public void destroy() {
+ super.destroy();
+
+ repositoryResolver = null;
+ receivePackFactory = null;
+ uploadPackFactory = null;
+ repo = null;
+ }
@Override
public void start(final Environment env) {
@@ -79,10 +86,9 @@
repository = repository.replace('\\', '/');
// ssh://git@thishost/path should always be name="/path" here
//
- if (!repository.startsWith("/")) {
- throw new Failure(1, "fatal: '" + repository + "': not starts with / character");
+ if (repository.startsWith("/")) {
+ repository = repository.substring(1);
}
- repository = repository.substring(1);
try {
return repositoryResolver.open(getContext().getClient(), repository);
} catch (Exception e) {
--
Gitblit v1.9.1