| | |
|---|
| | |
|
|---|
| | | import javax.mail.Message;
|
|---|
| | | import javax.mail.MessagingException;
|
|---|
| | | import javax.mail.internet.MimeBodyPart;
|
|---|
| | | import javax.mail.internet.MimeMultipart;
|
|---|
| | | import javax.servlet.ServletContext;
|
|---|
| | | import javax.servlet.ServletContextEvent;
|
|---|
| | | import javax.servlet.ServletContextListener;
|
|---|
| | |
|---|
| | | import org.eclipse.jgit.lib.RepositoryCache.FileKey;
|
|---|
| | | import org.eclipse.jgit.lib.StoredConfig;
|
|---|
| | | import org.eclipse.jgit.storage.file.FileBasedConfig;
|
|---|
| | | import org.eclipse.jgit.storage.file.WindowCache;
|
|---|
| | | import org.eclipse.jgit.storage.file.WindowCacheConfig;
|
|---|
| | | import org.eclipse.jgit.util.FS;
|
|---|
| | | import org.eclipse.jgit.util.FileUtils;
|
|---|
| | |
|---|
| | | import com.gitblit.fanout.FanoutNioService;
|
|---|
| | | import com.gitblit.fanout.FanoutService;
|
|---|
| | | import com.gitblit.fanout.FanoutSocketService;
|
|---|
| | | import com.gitblit.git.GitDaemon;
|
|---|
| | | import com.gitblit.models.FederationModel;
|
|---|
| | | import com.gitblit.models.FederationProposal;
|
|---|
| | | import com.gitblit.models.FederationSet;
|
|---|
| | |
|---|
| | |
|
|---|
| | | private FanoutService fanoutService;
|
|---|
| | |
|
|---|
| | | private GitDaemon gitDaemon;
|
|---|
| | | |
|---|
| | | public GitBlit() {
|
|---|
| | | if (gitblit == null) {
|
|---|
| | | // set the static singleton reference
|
|---|
| | |
|---|
| | | * advertise alternative urls for Git client repository access.
|
|---|
| | | *
|
|---|
| | | * @param repositoryName
|
|---|
| | | * @param userName
|
|---|
| | | * @return list of non-gitblit clone urls
|
|---|
| | | */
|
|---|
| | | public List<String> getOtherCloneUrls(String repositoryName) {
|
|---|
| | | public List<String> getOtherCloneUrls(String repositoryName, String username) {
|
|---|
| | | List<String> cloneUrls = new ArrayList<String>();
|
|---|
| | | for (String url : settings.getStrings(Keys.web.otherUrls)) {
|
|---|
| | | cloneUrls.add(MessageFormat.format(url, repositoryName));
|
|---|
| | | cloneUrls.add(MessageFormat.format(url, repositoryName, username));
|
|---|
| | | }
|
|---|
| | | return cloneUrls;
|
|---|
| | | }
|
|---|
| | |
|---|
| | | // try to authenticate by servlet container principal
|
|---|
| | | Principal principal = httpRequest.getUserPrincipal();
|
|---|
| | | if (principal != null) {
|
|---|
| | | UserModel user = getUserModel(principal.getName());
|
|---|
| | | if (user != null) {
|
|---|
| | | flagWicketSession(AuthenticationType.CONTAINER);
|
|---|
| | | logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}",
|
|---|
| | | user.username, httpRequest.getRemoteAddr()));
|
|---|
| | | return user;
|
|---|
| | | } else {
|
|---|
| | | logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted servlet container authentication from {1}",
|
|---|
| | | principal.getName(), httpRequest.getRemoteAddr()));
|
|---|
| | | String username = principal.getName();
|
|---|
| | | if (StringUtils.isEmpty(username)) {
|
|---|
| | | UserModel user = getUserModel(username);
|
|---|
| | | if (user != null) {
|
|---|
| | | flagWicketSession(AuthenticationType.CONTAINER);
|
|---|
| | | logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}",
|
|---|
| | | user.username, httpRequest.getRemoteAddr()));
|
|---|
| | | return user;
|
|---|
| | | } else {
|
|---|
| | | logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted servlet container authentication from {1}",
|
|---|
| | | principal.getName(), httpRequest.getRemoteAddr()));
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | |
|---|
| | | FileBasedConfig config = (FileBasedConfig) getRepositoryConfig(r);
|
|---|
| | | if (config.isOutdated()) {
|
|---|
| | | // reload model
|
|---|
| | | logger.info(MessageFormat.format("Config for \"{0}\" has changed. Reloading model and updating cache.", repositoryName));
|
|---|
| | | logger.debug(MessageFormat.format("Config for \"{0}\" has changed. Reloading model and updating cache.", repositoryName));
|
|---|
| | | model = loadRepositoryModel(model.name);
|
|---|
| | | removeFromCachedRepositoryList(model.name);
|
|---|
| | | addToCachedRepositoryList(model);
|
|---|
| | |
|---|
| | | } else {
|
|---|
| | | model.name = com.gitblit.utils.FileUtils.getRelativePath(basePath, r.getDirectory().getParentFile());
|
|---|
| | | }
|
|---|
| | | if (StringUtils.isEmpty(model.name)) {
|
|---|
| | | // Repository is NOT located relative to the base folder because it
|
|---|
| | | // is symlinked. Use the provided repository name.
|
|---|
| | | model.name = repositoryName;
|
|---|
| | | }
|
|---|
| | | model.hasCommits = JGitUtils.hasCommits(r);
|
|---|
| | | model.lastChange = JGitUtils.getLastChange(r);
|
|---|
| | | model.projectPath = StringUtils.getFirstPathElement(repositoryName);
|
|---|
| | |
|---|
| | | model.addOwners(ArrayUtils.fromString(getConfig(config, "owner", "")));
|
|---|
| | | model.useTickets = getConfig(config, "useTickets", false);
|
|---|
| | | model.useDocs = getConfig(config, "useDocs", false);
|
|---|
| | | model.useIncrementalPushTags = getConfig(config, "useIncrementalPushTags", false);
|
|---|
| | | model.incrementalPushTagPrefix = getConfig(config, "incrementalPushTagPrefix", null);
|
|---|
| | | model.allowForks = getConfig(config, "allowForks", true);
|
|---|
| | | model.accessRestriction = AccessRestrictionType.fromName(getConfig(config,
|
|---|
| | | "accessRestriction", settings.getString(Keys.git.defaultAccessRestriction, null)));
|
|---|
| | |
|---|
| | | config.setString(Constants.CONFIG_GITBLIT, null, "owner", ArrayUtils.toString(repository.owners));
|
|---|
| | | config.setBoolean(Constants.CONFIG_GITBLIT, null, "useTickets", repository.useTickets);
|
|---|
| | | config.setBoolean(Constants.CONFIG_GITBLIT, null, "useDocs", repository.useDocs);
|
|---|
| | | config.setBoolean(Constants.CONFIG_GITBLIT, null, "useIncrementalPushTags", repository.useIncrementalPushTags);
|
|---|
| | | if (StringUtils.isEmpty(repository.incrementalPushTagPrefix) ||
|
|---|
| | | repository.incrementalPushTagPrefix.equals(settings.getString(Keys.git.defaultIncrementalPushTagPrefix, "r"))) {
|
|---|
| | | config.unset(Constants.CONFIG_GITBLIT, null, "incrementalPushTagPrefix");
|
|---|
| | | } else {
|
|---|
| | | config.setString(Constants.CONFIG_GITBLIT, null, "incrementalPushTagPrefix", repository.incrementalPushTagPrefix);
|
|---|
| | | }
|
|---|
| | | config.setBoolean(Constants.CONFIG_GITBLIT, null, "allowForks", repository.allowForks);
|
|---|
| | | config.setString(Constants.CONFIG_GITBLIT, null, "accessRestriction", repository.accessRestriction.name());
|
|---|
| | | config.setString(Constants.CONFIG_GITBLIT, null, "authorizationControl", repository.authorizationControl.name());
|
|---|
| | |
|---|
| | | }
|
|---|
| | |
|
|---|
| | | // send an email, if possible
|
|---|
| | | try {
|
|---|
| | | Message message = mailExecutor.createMessageForAdministrators();
|
|---|
| | | if (message != null) {
|
|---|
| | | message.setSubject("Federation proposal from " + proposal.url);
|
|---|
| | | message.setText("Please review the proposal @ " + gitblitUrl + "/proposal/"
|
|---|
| | | + proposal.token);
|
|---|
| | | mailExecutor.queue(message);
|
|---|
| | | }
|
|---|
| | | } catch (Throwable t) {
|
|---|
| | | logger.error("Failed to notify administrators of proposal", t);
|
|---|
| | | }
|
|---|
| | | sendMailToAdministrators("Federation proposal from " + proposal.url,
|
|---|
| | | "Please review the proposal @ " + gitblitUrl + "/proposal/" + proposal.token);
|
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | |
|---|
| | | * @param message
|
|---|
| | | */
|
|---|
| | | public void sendMailToAdministrators(String subject, String message) {
|
|---|
| | | try {
|
|---|
| | | Message mail = mailExecutor.createMessageForAdministrators();
|
|---|
| | | if (mail != null) {
|
|---|
| | | mail.setSubject(subject);
|
|---|
| | | mail.setText(message);
|
|---|
| | | mailExecutor.queue(mail);
|
|---|
| | | }
|
|---|
| | | } catch (MessagingException e) {
|
|---|
| | | logger.error("Messaging error", e);
|
|---|
| | | }
|
|---|
| | | List<String> toAddresses = settings.getStrings(Keys.mail.adminAddresses);
|
|---|
| | | sendMail(subject, message, toAddresses);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | |
|---|
| | | * @param toAddresses
|
|---|
| | | */
|
|---|
| | | public void sendMail(String subject, String message, String... toAddresses) {
|
|---|
| | | if (toAddresses == null || toAddresses.length == 0) {
|
|---|
| | | logger.debug(MessageFormat.format("Dropping message {0} because there are no recipients", subject));
|
|---|
| | | return;
|
|---|
| | | }
|
|---|
| | | try {
|
|---|
| | | Message mail = mailExecutor.createMessage(toAddresses);
|
|---|
| | | if (mail != null) {
|
|---|
| | | mail.setSubject(subject);
|
|---|
| | | mail.setText(message);
|
|---|
| | | |
|---|
| | | MimeBodyPart messagePart = new MimeBodyPart(); |
|---|
| | | messagePart.setText(message, "utf-8");
|
|---|
| | | messagePart.setHeader("Content-Type", "text/plain; charset=\"utf-8\"");
|
|---|
| | | messagePart.setHeader("Content-Transfer-Encoding", "quoted-printable");
|
|---|
| | | |
|---|
| | | MimeMultipart multiPart = new MimeMultipart();
|
|---|
| | | multiPart.addBodyPart(messagePart);
|
|---|
| | | mail.setContent(multiPart);
|
|---|
| | | |
|---|
| | | mailExecutor.queue(mail);
|
|---|
| | | }
|
|---|
| | | } catch (MessagingException e) {
|
|---|
| | |
|---|
| | | * @param toAddresses
|
|---|
| | | */
|
|---|
| | | public void sendHtmlMail(String subject, String message, String... toAddresses) {
|
|---|
| | | if (toAddresses == null || toAddresses.length == 0) {
|
|---|
| | | logger.debug(MessageFormat.format("Dropping message {0} because there are no recipients", subject));
|
|---|
| | | return;
|
|---|
| | | }
|
|---|
| | | try {
|
|---|
| | | Message mail = mailExecutor.createMessage(toAddresses);
|
|---|
| | | if (mail != null) {
|
|---|
| | | mail.setSubject(subject);
|
|---|
| | | mail.setContent(message, "text/html");
|
|---|
| | | |
|---|
| | | MimeBodyPart messagePart = new MimeBodyPart(); |
|---|
| | | messagePart.setText(message, "utf-8");
|
|---|
| | | messagePart.setHeader("Content-Type", "text/html; charset=\"utf-8\"");
|
|---|
| | | messagePart.setHeader("Content-Transfer-Encoding", "quoted-printable");
|
|---|
| | | |
|---|
| | | MimeMultipart multiPart = new MimeMultipart();
|
|---|
| | | multiPart.addBodyPart(messagePart);
|
|---|
| | | mail.setContent(multiPart);
|
|---|
| | |
|
|---|
| | | mailExecutor.queue(mail);
|
|---|
| | | }
|
|---|
| | | } catch (MessagingException e) {
|
|---|
| | |
|---|
| | | * Parse the properties file and aggregate all the comments by the setting
|
|---|
| | | * key. A setting model tracks the current value, the default value, the
|
|---|
| | | * description of the setting and and directives about the setting.
|
|---|
| | | * @param referencePropertiesInputStream
|
|---|
| | | *
|
|---|
| | | * @return Map<String, SettingModel>
|
|---|
| | | */
|
|---|
| | | private ServerSettings loadSettingModels(InputStream referencePropertiesInputStream) {
|
|---|
| | | private ServerSettings loadSettingModels() {
|
|---|
| | | ServerSettings settingsModel = new ServerSettings();
|
|---|
| | | settingsModel.supportsCredentialChanges = userService.supportsCredentialChanges();
|
|---|
| | | settingsModel.supportsDisplayNameChanges = userService.supportsDisplayNameChanges();
|
|---|
| | |
|---|
| | | // Read bundled Gitblit properties to extract setting descriptions.
|
|---|
| | | // This copy is pristine and only used for populating the setting
|
|---|
| | | // models map.
|
|---|
| | | InputStream is = referencePropertiesInputStream;
|
|---|
| | | InputStream is = getClass().getResourceAsStream("/reference.properties");
|
|---|
| | | BufferedReader propertiesReader = new BufferedReader(new InputStreamReader(is));
|
|---|
| | | StringBuilder description = new StringBuilder();
|
|---|
| | | SettingModel setting = new SettingModel();
|
|---|
| | |
|---|
| | | projectConfigs = new FileBasedConfig(getFileOrFolder(Keys.web.projectsFile, "${baseFolder}/projects.conf"), FS.detect());
|
|---|
| | | getProjectConfigs();
|
|---|
| | |
|
|---|
| | | // schedule mail engine
|
|---|
| | | configureMailExecutor(); |
|---|
| | | configureLuceneIndexing();
|
|---|
| | | configureGarbageCollector();
|
|---|
| | | if (startFederation) {
|
|---|
| | | configureFederation();
|
|---|
| | | }
|
|---|
| | | configureJGit();
|
|---|
| | | configureFanout();
|
|---|
| | | configureGitDaemon();
|
|---|
| | | |
|---|
| | | ContainerUtils.CVE_2007_0450.test();
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | protected void configureMailExecutor() {
|
|---|
| | | if (mailExecutor.isReady()) {
|
|---|
| | | logger.info("Mail executor is scheduled to process the message queue every 2 minutes.");
|
|---|
| | | scheduledExecutor.scheduleAtFixedRate(mailExecutor, 1, 2, TimeUnit.MINUTES);
|
|---|
| | | } else {
|
|---|
| | | logger.warn("Mail server is not properly configured. Mail services disabled.");
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | // schedule lucene engine
|
|---|
| | | enableLuceneIndexing();
|
|---|
| | |
|
|---|
| | | |
|---|
| | | }
|
|---|
| | | |
|---|
| | | protected void configureLuceneIndexing() {
|
|---|
| | | scheduledExecutor.scheduleAtFixedRate(luceneExecutor, 1, 2, TimeUnit.MINUTES);
|
|---|
| | | logger.info("Lucene executor is scheduled to process indexed branches every 2 minutes.");
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | protected void configureGarbageCollector() {
|
|---|
| | | // schedule gc engine
|
|---|
| | | if (gcExecutor.isReady()) {
|
|---|
| | | logger.info("GC executor is scheduled to scan repositories every 24 hours.");
|
|---|
| | |
|---|
| | | logger.info(MessageFormat.format("Next scheculed GC scan is in {0}", when));
|
|---|
| | | scheduledExecutor.scheduleAtFixedRate(gcExecutor, delay, 60*24, TimeUnit.MINUTES);
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | if (startFederation) {
|
|---|
| | | configureFederation();
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | }
|
|---|
| | | |
|---|
| | | protected void configureJGit() {
|
|---|
| | | // Configure JGit
|
|---|
| | | WindowCacheConfig cfg = new WindowCacheConfig();
|
|---|
| | | |
|---|
| | |
|
|---|
| | | cfg.setPackedGitWindowSize(settings.getFilesize(Keys.git.packedGitWindowSize, cfg.getPackedGitWindowSize()));
|
|---|
| | | cfg.setPackedGitLimit(settings.getFilesize(Keys.git.packedGitLimit, cfg.getPackedGitLimit()));
|
|---|
| | | cfg.setDeltaBaseCacheLimit(settings.getFilesize(Keys.git.deltaBaseCacheLimit, cfg.getDeltaBaseCacheLimit()));
|
|---|
| | | cfg.setPackedGitOpenFiles(settings.getFilesize(Keys.git.packedGitOpenFiles, cfg.getPackedGitOpenFiles()));
|
|---|
| | | cfg.setStreamFileThreshold(settings.getFilesize(Keys.git.streamFileThreshold, cfg.getStreamFileThreshold()));
|
|---|
| | | cfg.setPackedGitMMAP(settings.getBoolean(Keys.git.packedGitMmap, cfg.isPackedGitMMAP()));
|
|---|
| | | |
|---|
| | |
|
|---|
| | | try {
|
|---|
| | | WindowCache.reconfigure(cfg);
|
|---|
| | | cfg.install();
|
|---|
| | | logger.debug(MessageFormat.format("{0} = {1,number,0}", Keys.git.packedGitWindowSize, cfg.getPackedGitWindowSize()));
|
|---|
| | | logger.debug(MessageFormat.format("{0} = {1,number,0}", Keys.git.packedGitLimit, cfg.getPackedGitLimit()));
|
|---|
| | | logger.debug(MessageFormat.format("{0} = {1,number,0}", Keys.git.deltaBaseCacheLimit, cfg.getDeltaBaseCacheLimit()));
|
|---|
| | |
|---|
| | | } catch (IllegalArgumentException e) {
|
|---|
| | | logger.error("Failed to configure JGit parameters!", e);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | ContainerUtils.CVE_2007_0450.test();
|
|---|
| | | |
|---|
| | | }
|
|---|
| | | |
|---|
| | | protected void configureFanout() {
|
|---|
| | | // startup Fanout PubSub service
|
|---|
| | | if (settings.getInteger(Keys.fanout.port, 0) > 0) {
|
|---|
| | | String bindInterface = settings.getString(Keys.fanout.bindInterface, null);
|
|---|
| | | int port = settings.getInteger(Keys.fanout.port, FanoutService.DEFAULT_PORT);
|
|---|
| | | boolean useNio = settings.getBoolean(Keys.fanout.useNio, true);
|
|---|
| | | int limit = settings.getInteger(Keys.fanout.connectionLimit, 0);
|
|---|
| | | |
|---|
| | |
|
|---|
| | | if (useNio) {
|
|---|
| | | if (StringUtils.isEmpty(bindInterface)) {
|
|---|
| | | fanoutService = new FanoutNioService(port);
|
|---|
| | |
|---|
| | | fanoutService = new FanoutSocketService(bindInterface, port);
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | |
|---|
| | |
|
|---|
| | | fanoutService.setConcurrentConnectionLimit(limit);
|
|---|
| | | fanoutService.setAllowAllChannelAnnouncements(false);
|
|---|
| | | fanoutService.start();
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | protected void enableLuceneIndexing() {
|
|---|
| | | scheduledExecutor.scheduleAtFixedRate(luceneExecutor, 1, 2, TimeUnit.MINUTES);
|
|---|
| | | logger.info("Lucene executor is scheduled to process indexed branches every 2 minutes.");
|
|---|
| | | protected void configureGitDaemon() {
|
|---|
| | | String bindInterface = settings.getString(Keys.git.daemonBindInterface, "localhost");
|
|---|
| | | int port = settings.getInteger(Keys.git.daemonPort, GitDaemon.DEFAULT_PORT);
|
|---|
| | | if (port > 0) {
|
|---|
| | | try {
|
|---|
| | | gitDaemon = new GitDaemon(bindInterface, port, getRepositoriesFolder());
|
|---|
| | | gitDaemon.start();
|
|---|
| | | logger.info(MessageFormat.format("Git daemon is listening on {0}:{1,number,0}", bindInterface, port));
|
|---|
| | | } catch (IOException e) {
|
|---|
| | | logger.error(MessageFormat.format("Failed to start Git daemon on {0}:{1,number,0}", bindInterface, port), e);
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | protected final Logger getLogger() {
|
|---|
| | |
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | | public void contextInitialized(ServletContextEvent contextEvent) {
|
|---|
| | | contextInitialized(contextEvent, contextEvent.getServletContext().getResourceAsStream("/WEB-INF/reference.properties"));
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | public void contextInitialized(ServletContextEvent contextEvent, InputStream referencePropertiesInputStream) {
|
|---|
| | | servletContext = contextEvent.getServletContext();
|
|---|
| | | if (settings == null) {
|
|---|
| | | // Gitblit is running in a servlet container
|
|---|
| | |
|---|
| | | if (!StringUtils.isEmpty(openShift)) {
|
|---|
| | | // Gitblit is running in OpenShift/JBoss
|
|---|
| | | File base = new File(openShift);
|
|---|
| | | logger.info("EXPRESS contextFolder is " + contextFolder.getAbsolutePath());
|
|---|
| | |
|
|---|
| | | // gitblit.properties setting overrides
|
|---|
| | | File overrideFile = new File(base, "gitblit.properties");
|
|---|
| | | webxmlSettings.applyOverrides(overrideFile);
|
|---|
| | |
|
|---|
| | | // Copy the included scripts to the configured groovy folder
|
|---|
| | | File localScripts = new File(base, webxmlSettings.getString(Keys.groovy.scriptsFolder, "groovy"));
|
|---|
| | | String path = webxmlSettings.getString(Keys.groovy.scriptsFolder, "groovy");
|
|---|
| | | File localScripts = com.gitblit.utils.FileUtils.resolveParameter(Constants.baseFolder$, base, path);
|
|---|
| | | if (!localScripts.exists()) {
|
|---|
| | | File warScripts = new File(contextFolder, "/WEB-INF/data/groovy");
|
|---|
| | | if (!warScripts.equals(localScripts)) {
|
|---|
| | |
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | settingsModel = loadSettingModels(referencePropertiesInputStream);
|
|---|
| | | settingsModel = loadSettingModels();
|
|---|
| | | serverStatus.servletContainer = servletContext.getServerInfo();
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | |
|---|
| | | if (fanoutService != null) {
|
|---|
| | | fanoutService.stop();
|
|---|
| | | }
|
|---|
| | | if (gitDaemon != null) {
|
|---|
| | | gitDaemon.stop();
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
