Fix disabling of git ssh 'download' scheme within DefaultCommandModule

Without this fix, corporate /global gerrit users (like ours) can still
use ssh despite the latter commands being disabled by instance admins.
That keeps the ssh door wide open, while only the http one shall work.
(Such deployments are then unable to restrain ssh traffic.)

Change Daemon and WebAppInitializer so they construct
DefaultCommandModule with the DownloadConfig singleton.

DefaultCommandModule can then use the latter to skip the binding of the
git ssh (receive and upload) commands, if ssh [download] scheme is
not enabled in gerrit.config.

Change-Id: Ica4e0ffeea1f34bc5411b6863a90fb0450c9e874

gerrit-war/src/main/java/com/google/gerrit/httpd/WebAppInitializer.java

@@ -31,6 +31,7 @@ import com.google.gerrit.server.cache.h2.DefaultCacheFactory;
 import com.google.gerrit.server.config.AuthConfig;
 import com.google.gerrit.server.config.AuthConfigModule;
 import com.google.gerrit.server.config.CanonicalWebUrlModule;
+import com.google.gerrit.server.config.DownloadConfig;
 import com.google.gerrit.server.config.GerritGlobalModule;
 import com.google.gerrit.server.config.GerritServerConfig;
 import com.google.gerrit.server.config.GerritServerConfigModule;
@@ -329,7 +330,8 @@ public class WebAppInitializer extends GuiceServletContextListener
     final List<Module> modules = new ArrayList<>();
     modules.add(sysInjector.getInstance(SshModule.class));
     modules.add(new SshHostKeyModule());
-    modules.add(new DefaultCommandModule(false));
+    modules.add(new DefaultCommandModule(false,
+        sysInjector.getInstance(DownloadConfig.class)));
     return sysInjector.createChildInjector(modules);
   }