Limit maximum Git object size on git push.

Gerrit administrator may want to limit the maximum Git object size accepted by Gerrit in order to prevent users from pushing too large files. A new setting is introduced in the receive section: [receive] maxObjectSizeLimit = 40 m ... The setting is system wide as we don't want to allow project owners to change this setting for their project. Change-Id: Idbe3958f6e0739de9d99d9c5154d90fcb5cbdeb4 Signed-off-by: Sasa Zivkov <sasa.zivkov@sap.com>
2011-11-18 15:32:35 +01:00
parent 3b44b5c845
commit 59d89c3eb2
3 changed files with 26 additions and 3 deletions
--- a/Documentation/config-gerrit.txt
+++ b/Documentation/config-gerrit.txt
@@ -1653,14 +1653,16 @@ By default, 1.

 [[receive]]Section receive
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
-Sets the group of users allowed to execute 'receive-pack' on the
-server, 'receive-pack' is what runs on the server during a user's
-push or repo upload command.
+This section is used to set who can execute the 'receive-pack' and
+to limit the maximum Git object size that 'receive-pack' will accept.
+'receive-pack' is what runs on the server during a user's push or
+repo upload command.

 ----
 [receive]
  allowGroup = GROUP_ALLOWED_TO_EXECUTE
  allowGroup = YET_ANOTHER_GROUP_ALLOWED_TO_EXECUTE
+  maxObjectSizeLimit = 40 m
 ----

 [[receive.allowGroup]]receive.allowGroup::
@@ -1671,6 +1673,20 @@ Name of the groups of users that are allowed to execute
 If no groups are added, any user will be allowed to execute
 'receive-pack' on the server.

+[[receive.maxObjectSizeLimit]]receive.maxObjectSizeLimit::
+
+Maximum allowed Git object size that 'receive-pack' will accept.
+If an object is larger than the given size the pack-parsing will abort
+and the push operation will fail. If set to zero then there is no
+limit.
+
+Gerrit administrator can use this setting to prevent developers
+from pushing objects which are too large to Gerrit.
+
+Default is zero.
+
+Common unit suffixes of 'k', 'm', or 'g' are supported.
+

 [[repository]]Section repository
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- a/gerrit-server/src/main/java/com/google/gerrit/server/git/TransferConfig.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/git/TransferConfig.java
@@ -28,11 +28,13 @@ import java.util.concurrent.TimeUnit;
 public class TransferConfig {
  private final int timeout;
  private final PackConfig packConfig;
+  private final long maxObjectSizeLimit;

  @Inject
  TransferConfig(@GerritServerConfig final Config cfg) {
    timeout = (int) ConfigUtil.getTimeUnit(cfg, "transfer", null, "timeout", //
        0, TimeUnit.SECONDS);
+    maxObjectSizeLimit = cfg.getLong("receive", "maxObjectSizeLimit", 0);

    packConfig = new PackConfig();
    packConfig.setDeltaCompress(false);
@@ -48,4 +50,8 @@ public class TransferConfig {
  public PackConfig getPackConfig() {
    return packConfig;
  }
+
+  public long getMaxObjectSizeLimit() {
+    return maxObjectSizeLimit;
+  }
 }
--- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/Receive.java
+++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/Receive.java
@@ -85,6 +85,7 @@ final class Receive extends AbstractGitCommand {
    final ReceivePack rp = receive.getReceivePack();
    rp.setRefLogIdent(currentUser.newRefLogIdent());
    rp.setTimeout(config.getTimeout());
+    rp.setMaxObjectSizeLimit(config.getMaxObjectSizeLimit());
    try {
      receive.advertiseHistory();
      rp.receive(in, out, err);