Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details →
www.github.com/gitblit/gitblit.git
Advanced tools
www.github.com/gitblit/gitblit.git - npm Package Compare versions
| #!/bin/bash | ||
| java -cp gitblit.jar:ext/* com.gitblit.authority.GitblitAuthority --baseFolder data | ||
| java -cp "gitblit.jar:ext/*" com.gitblit.authority.GitblitAuthority --baseFolder data |
@@ -21,7 +21,7 @@ #!/bin/bash -x | ||
| Group=gitblit | ||
| Environment="ARGS=-server -Xmx1024M -Djava.awt.headless=true -jar" | ||
| Environment="ARGS=-server -Xmx1024M -Djava.awt.headless=true -cp" | ||
| EnvironmentFile=-/etc/sysconfig/gitblit | ||
| WorkingDirectory=/opt/gitblit | ||
| ExecStart=/usr/bin/java \$ARGS gitblit.jar --httpsPort \$GITBLIT_HTTPS_PORT --httpPort \$GITBLIT_HTTP_PORT --baseFolder \$GITBLIT_BASE_FOLDER --dailyLogFile | ||
| ExecStop=/usr/bin/java \$ARGS gitblit.jar --baseFolder \$GITBLIT_BASE_FOLDER --stop | ||
| ExecStart=/usr/bin/java \$ARGS gitblit.jar:ext/* com.gitblit.GitBlitServer --httpsPort \$GITBLIT_HTTPS_PORT --httpPort \$GITBLIT_HTTP_PORT --baseFolder \$GITBLIT_BASE_FOLDER --dailyLogFile | ||
| ExecStop=/usr/bin/java \$ARGS gitblit.jar:ext/* com.gitblit.GitBlitServer --baseFolder \$GITBLIT_BASE_FOLDER --stop | ||
@@ -33,3 +33,3 @@ [Install] | ||
| # Finally copy the files to the destination and register the systemd unit. | ||
| sudo su -c "cp /tmp/gitblit.defaults /etc/sysconfig/gitblit && cp /tmp/gitblit.service /etc/systemd/system/" | ||
| sudo su -c "systemctl daemon-reload && systemctl enable gitblit.service && systemctl start gitblit.service" | ||
| sudo sh -c "cp /tmp/gitblit.defaults /etc/sysconfig/gitblit && cp /tmp/gitblit.service /etc/systemd/system/" | ||
| sudo sh -c "systemctl daemon-reload && systemctl enable gitblit.service && systemctl start gitblit.service" |
@@ -11,3 +11,3 @@ #!/bin/bash | ||
| if [[ -z $1 || -z $2 ]]; then | ||
| if [ -z $1 ] || [ -z $2 ]; then | ||
| echo "Please specify the output ticket service and your baseFolder!"; | ||
@@ -21,3 +21,3 @@ echo ""; | ||
| java -cp gitblit.jar:./ext/* com.gitblit.MigrateTickets $1 --baseFolder $2 | ||
| java -cp "gitblit.jar:ext/*" com.gitblit.MigrateTickets $1 --baseFolder $2 | ||
@@ -14,3 +14,3 @@ #!/bin/bash | ||
| if [[ -z $1 ]]; then | ||
| if [ -z $1 ] ; then | ||
| echo "Please specify your baseFolder!"; | ||
@@ -24,3 +24,3 @@ echo ""; | ||
| java -cp gitblit.jar:./ext/* com.gitblit.ReindexTickets --baseFolder $1 | ||
| java -cp "gitblit.jar:ext/*" com.gitblit.ReindexTickets --baseFolder $1 | ||
@@ -14,3 +14,3 @@ #!/bin/bash | ||
| source ${GITBLIT_PATH}/java-proxy-config.sh | ||
| JAVA="java -server -Xmx1024M ${JAVA_PROXY_CONFIG} -Djava.awt.headless=true -jar" | ||
| JAVA="java -server -Xmx1024M ${JAVA_PROXY_CONFIG} -Djava.awt.headless=true -cp" | ||
@@ -25,3 +25,3 @@ RETVAL=0 | ||
| cd $GITBLIT_PATH | ||
| $JAVA $GITBLIT_PATH/gitblit.jar --httpsPort $GITBLIT_HTTPS_PORT --httpPort $GITBLIT_HTTP_PORT --baseFolder $GITBLIT_BASE_FOLDER --dailyLogFile & | ||
| $JAVA "$GITBLIT_PATH/gitblit.jar:$GITBLIT_PATH/ext/*" com.gitblit.GitBlitServer --httpsPort $GITBLIT_HTTPS_PORT --httpPort $GITBLIT_HTTP_PORT --baseFolder $GITBLIT_BASE_FOLDER --dailyLogFile & | ||
| echo "." | ||
@@ -37,3 +37,3 @@ exit $RETVAL | ||
| cd $GITBLIT_PATH | ||
| $JAVA $GITBLIT_PATH/gitblit.jar --baseFolder $GITBLIT_BASE_FOLDER --stop > /dev/null & | ||
| $JAVA "$GITBLIT_PATH/gitblit.jar:$GITBLIT_PATH/ext/*" com.gitblit.GitBlitServer --baseFolder $GITBLIT_BASE_FOLDER --stop > /dev/null & | ||
| echo "." | ||
@@ -40,0 +40,0 @@ exit $RETVAL |
@@ -22,3 +22,3 @@ #!/bin/bash | ||
| source ${GITBLIT_PATH}/java-proxy-config.sh | ||
| ARGS="-server -Xmx1024M ${JAVA_PROXY_CONFIG} -Djava.awt.headless=true -jar gitblit.jar --baseFolder $GITBLIT_BASE_FOLDER --dailyLogFile" | ||
| ARGS="-server -Xmx1024M ${JAVA_PROXY_CONFIG} -Djava.awt.headless=true -cp gitblit.jar:ext/* com.gitblit.GitBlitServer --baseFolder $GITBLIT_BASE_FOLDER --dailyLogFile" | ||
@@ -25,0 +25,0 @@ RETVAL=0 |
@@ -21,6 +21,3 @@ /* | ||
| import java.text.MessageFormat; | ||
| import java.util.ArrayList; | ||
| import java.util.HashMap; | ||
| import java.util.List; | ||
| import java.util.Map; | ||
| import java.util.*; | ||
| import java.util.concurrent.TimeUnit; | ||
@@ -459,3 +456,2 @@ | ||
| * | ||
| * @see IUserService.authenticate(String, char[]) | ||
| * @param username | ||
@@ -479,4 +475,3 @@ * @param password | ||
| String usernameDecoded = StringUtils.decodeUsername(username); | ||
| String pw = new String(password); | ||
| if (StringUtils.isEmpty(pw)) { | ||
| if (StringUtils.isEmpty(password)) { | ||
| // can not authenticate empty password | ||
@@ -488,18 +483,20 @@ return null; | ||
| // try local authentication | ||
| if (user != null && user.isLocalAccount()) { | ||
| UserModel returnedUser = authenticateLocal(user, password); | ||
| if (returnedUser != null) { | ||
| // user authenticated | ||
| return returnedUser; | ||
| } | ||
| } else { | ||
| // try registered external authentication providers | ||
| for (AuthenticationProvider provider : authenticationProviders) { | ||
| if (provider instanceof UsernamePasswordAuthenticationProvider) { | ||
| UserModel returnedUser = provider.authenticate(usernameDecoded, password); | ||
| if (returnedUser != null) { | ||
| // user authenticated | ||
| returnedUser.accountType = provider.getAccountType(); | ||
| return validateAuthentication(returnedUser, AuthenticationType.CREDENTIALS); | ||
| try { | ||
| // try local authentication | ||
| if (user != null && user.isLocalAccount()) { | ||
| UserModel returnedUser = authenticateLocal(user, password); | ||
| if (returnedUser != null) { | ||
| // user authenticated | ||
| return returnedUser; | ||
| } | ||
| } else { | ||
| // try registered external authentication providers | ||
| for (AuthenticationProvider provider : authenticationProviders) { | ||
| if (provider instanceof UsernamePasswordAuthenticationProvider) { | ||
| UserModel returnedUser = provider.authenticate(usernameDecoded, password); | ||
| if (returnedUser != null) { | ||
| // user authenticated | ||
| returnedUser.accountType = provider.getAccountType(); | ||
| return validateAuthentication(returnedUser, AuthenticationType.CREDENTIALS); | ||
| } | ||
| } | ||
@@ -509,2 +506,6 @@ } | ||
| } | ||
| finally { | ||
| // Zero out password array to delete password from memory | ||
| Arrays.fill(password, Character.MIN_VALUE); | ||
| } | ||
@@ -528,18 +529,30 @@ // could not authenticate locally or with a provider | ||
| PasswordHash pwdHash = PasswordHash.instanceFor(user.password); | ||
| if (pwdHash != null) { | ||
| if (pwdHash.matches(user.password, password, user.username)) { | ||
| // Create a copy of the password that we can use to rehash to upgrade to a more secure hashing method. | ||
| // This is done to be independent from the implementation of the PasswordHash, which might already clear out | ||
| // the password it gets passed in. This looks a bit stupid, as we could simply clean up the mess, but this | ||
| // falls under "better safe than sorry". | ||
| char[] pwdToUpgrade = Arrays.copyOf(password, password.length); | ||
| try { | ||
| PasswordHash pwdHash = PasswordHash.instanceFor(user.password); | ||
| if (pwdHash != null) { | ||
| if (pwdHash.matches(user.password, password, user.username)) { | ||
| returnedUser = user; | ||
| } | ||
| } else if (user.password.equals(new String(password))) { | ||
| // plain-text password | ||
| returnedUser = user; | ||
| } | ||
| } else if (user.password.equals(new String(password))) { | ||
| // plain-text password | ||
| returnedUser = user; | ||
| } | ||
| // validate user | ||
| returnedUser = validateAuthentication(returnedUser, AuthenticationType.CREDENTIALS); | ||
| // try to upgrade the stored password hash to a stronger hash, if necessary | ||
| upgradeStoredPassword(returnedUser, password, pwdHash); | ||
| // validate user | ||
| returnedUser = validateAuthentication(returnedUser, AuthenticationType.CREDENTIALS); | ||
| // try to upgrade the stored password hash to a stronger hash, if necessary | ||
| upgradeStoredPassword(returnedUser, pwdToUpgrade, pwdHash); | ||
| } | ||
| finally { | ||
| // Now we make sure that the password is zeroed out in any case. | ||
| Arrays.fill(password, Character.MIN_VALUE); | ||
| Arrays.fill(pwdToUpgrade, Character.MIN_VALUE); | ||
| } | ||
| return returnedUser; | ||
@@ -546,0 +559,0 @@ } |
@@ -60,2 +60,17 @@ /* | ||
| /** | ||
| * Returns true if the character array represents an empty String. | ||
| * An empty character sequence is defined as a sequence that | ||
| * either has no characters at all, or no characters above | ||
| * '\u0020' (space). | ||
| * | ||
| * @param value | ||
| * @return true if value is null or represents an empty String | ||
| */ | ||
| public static boolean isEmpty(char[] value) { | ||
| if (value == null || value.length == 0) return true; | ||
| for ( char c : value) if (c > '\u0020') return false; | ||
| return true; | ||
| } | ||
| /** | ||
| * Replaces carriage returns and line feeds with html line breaks. | ||
@@ -62,0 +77,0 @@ * |
@@ -22,9 +22,3 @@ /* | ||
| import java.security.Principal; | ||
| import java.util.Collection; | ||
| import java.util.Collections; | ||
| import java.util.Enumeration; | ||
| import java.util.HashMap; | ||
| import java.util.List; | ||
| import java.util.Locale; | ||
| import java.util.Map; | ||
| import java.util.*; | ||
@@ -658,12 +652,34 @@ import javax.servlet.AsyncContext; | ||
| String password = "pass word"; | ||
| UserModel user = new UserModel("sunnyjim"); | ||
| user.password = "password"; | ||
| user.password = password; | ||
| users.updateUserModel(user); | ||
| assertNotNull(auth.authenticate(user.username, user.password.toCharArray(), null)); | ||
| char[] pwd = password.toCharArray(); | ||
| assertNotNull(auth.authenticate(user.username, pwd, null)); | ||
| // validate that the passed in password has been zeroed out in memory | ||
| char[] zeroes = new char[pwd.length]; | ||
| Arrays.fill(zeroes, Character.MIN_VALUE); | ||
| assertArrayEquals(zeroes, pwd); | ||
| } | ||
| @Test | ||
| public void testAuthenticateDisabledUser() throws Exception { | ||
| IAuthenticationManager auth = newAuthenticationManager(); | ||
| String password = "password"; | ||
| UserModel user = new UserModel("sunnyjim"); | ||
| user.password = password; | ||
| user.disabled = true; | ||
| users.updateUserModel(user); | ||
| assertNull(auth.authenticate(user.username, password.toCharArray(), null)); | ||
| user.disabled = false; | ||
| users.updateUserModel(user); | ||
| assertNull(auth.authenticate(user.username, user.password.toCharArray(), null)); | ||
| users.deleteUserModel(user); | ||
| assertNotNull(auth.authenticate(user.username, password.toCharArray(), null)); | ||
| } | ||
@@ -673,13 +689,63 @@ | ||
| @Test | ||
| public void testAuthenticateEmptyPassword() throws Exception { | ||
| IAuthenticationManager auth = newAuthenticationManager(); | ||
| String password = "password"; | ||
| UserModel user = new UserModel("sunnyjim"); | ||
| user.password = password; | ||
| users.updateUserModel(user); | ||
| assertNull(auth.authenticate(user.username, "".toCharArray(), null)); | ||
| assertNull(auth.authenticate(user.username, " ".toCharArray(), null)); | ||
| assertNull(auth.authenticate(user.username, new char[]{' ', '\u0010', '\u0015'}, null)); | ||
| } | ||
| @Test | ||
| public void testAuthenticateWrongPassword() throws Exception { | ||
| IAuthenticationManager auth = newAuthenticationManager(); | ||
| String password = "password"; | ||
| UserModel user = new UserModel("sunnyjim"); | ||
| user.password = password; | ||
| users.updateUserModel(user); | ||
| assertNull(auth.authenticate(user.username, "helloworld".toCharArray(), null)); | ||
| } | ||
| @Test | ||
| public void testAuthenticateNoSuchUser() throws Exception { | ||
| IAuthenticationManager auth = newAuthenticationManager(); | ||
| String password = "password"; | ||
| UserModel user = new UserModel("sunnyjim"); | ||
| user.password = password; | ||
| users.updateUserModel(user); | ||
| assertNull(auth.authenticate("rainyjoe", password.toCharArray(), null)); | ||
| } | ||
| @Test | ||
| public void testAuthenticateUpgradePlaintext() throws Exception { | ||
| IAuthenticationManager auth = newAuthenticationManager(); | ||
| String password = "topsecret"; | ||
| UserModel user = new UserModel("sunnyjim"); | ||
| user.password = "password"; | ||
| user.password = password; | ||
| users.updateUserModel(user); | ||
| assertNotNull(auth.authenticate(user.username, user.password.toCharArray(), null)); | ||
| assertNotNull(auth.authenticate(user.username, password.toCharArray(), null)); | ||
| // validate that plaintext password was automatically updated to hashed one | ||
| assertTrue(user.password.startsWith(PasswordHash.getDefaultType().name() + ":")); | ||
| // validate that the password is still valid and the user can log in | ||
| assertNotNull(auth.authenticate(user.username, password.toCharArray(), null)); | ||
| } | ||
@@ -692,10 +758,14 @@ | ||
| String password = "secretAndHashed"; | ||
| UserModel user = new UserModel("sunnyjim"); | ||
| user.password = "MD5:5F4DCC3B5AA765D61D8327DEB882CF99"; | ||
| user.password = "MD5:BD95A1CFD00868B59B3564112D1E5847"; | ||
| users.updateUserModel(user); | ||
| assertNotNull(auth.authenticate(user.username, "password".toCharArray(), null)); | ||
| assertNotNull(auth.authenticate(user.username, password.toCharArray(), null)); | ||
| // validate that MD5 password was automatically updated to hashed one | ||
| assertTrue(user.password.startsWith(PasswordHash.getDefaultType().name() + ":")); | ||
| // validate that the password is still valid and the user can log in | ||
| assertNotNull(auth.authenticate(user.username, password.toCharArray(), null)); | ||
| } | ||
@@ -702,0 +772,0 @@ |
@@ -29,3 +29,3 @@ /* | ||
| public void testIsEmpty() throws Exception { | ||
| assertTrue(StringUtils.isEmpty(null)); | ||
| assertTrue(StringUtils.isEmpty((String)null)); | ||
| assertTrue(StringUtils.isEmpty("")); | ||
@@ -37,2 +37,15 @@ assertTrue(StringUtils.isEmpty(" ")); | ||
| @Test | ||
| public void testIsEmptyCharArray() throws Exception { | ||
| assertTrue(StringUtils.isEmpty((char[])null)); | ||
| assertTrue(StringUtils.isEmpty(new char[0])); | ||
| assertTrue(StringUtils.isEmpty(new char[]{ ' ' })); | ||
| assertTrue(StringUtils.isEmpty(new char[]{ ' '})); | ||
| assertTrue(StringUtils.isEmpty(new char[]{ ' ', ' ' })); | ||
| assertTrue(StringUtils.isEmpty(new char[]{ ' ', ' ', ' ' })); | ||
| assertFalse(StringUtils.isEmpty(new char[]{ '\u0020', 'f' })); | ||
| assertFalse(StringUtils.isEmpty(new char[]{ '\u0148', '\u0020' })); | ||
| assertFalse(StringUtils.isEmpty(new char[]{ 'A' })); | ||
| } | ||
| @Test | ||
| public void testBreakLinesForHtml() throws Exception { | ||
@@ -39,0 +52,0 @@ String input = "this\nis\r\na\rtest\r\n\r\nof\n\nline\r\rbreaking"; |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
No alert changes
No metric changes