From 557a1fa25a0a1d60bdb71ea3ad0e4e9a9cd9cc61 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 17 Sep 2013 17:39:10 -0400
Subject: [PATCH] Ignore the contents of a default .git/description file

---
 src/main/java/com/gitblit/utils/JGitUtils.java |   46 ++++++++++++++++++++++++++++++++++++++++++----
 1 files changed, 42 insertions(+), 4 deletions(-)

diff --git a/src/main/java/com/gitblit/utils/JGitUtils.java b/src/main/java/com/gitblit/utils/JGitUtils.java
index 49b3ad7..cf6ec26 100644
--- a/src/main/java/com/gitblit/utils/JGitUtils.java
+++ b/src/main/java/com/gitblit/utils/JGitUtils.java
@@ -266,7 +266,7 @@
 
 	/**
 	 * Creates a bare, shared repository.
-	 * 
+	 *
 	 * @param repositoriesFolder
 	 * @param name
 	 * @param shared
@@ -353,7 +353,10 @@
 		}
 
 		String getValue() {
-			if ( enumValue == GitConfigSharedRepositoryValue.Oxxx ) return Integer.toOctalString(intValue);
+			if ( enumValue == GitConfigSharedRepositoryValue.Oxxx ) {
+				if (intValue == 0) return "0";
+				return String.format("0%o", intValue);
+			}
 			return enumValue.getConfigValue();
 		}
 
@@ -372,17 +375,50 @@
 	}
 
 
+	/**
+	 * Adjust file permissions of a file/directory for shared repositories
+	 *
+	 * @param path
+	 * 			File that should get its permissions changed.
+	 * @param configShared
+	 * 			Configuration string value for the shared mode.
+	 * @return Upon successful completion, a value of 0 is returned. Otherwise, a value of -1 is returned.
+	 */
 	public static int adjustSharedPerm(File path, String configShared) {
 		return adjustSharedPerm(path, new GitConfigSharedRepository(configShared));
 	}
 
 
+	/**
+	 * Adjust file permissions of a file/directory for shared repositories
+	 *
+	 * @param path
+	 * 			File that should get its permissions changed.
+	 * @param configShared
+	 * 			Configuration setting for the shared mode.
+	 * @return Upon successful completion, a value of 0 is returned. Otherwise, a value of -1 is returned.
+	 */
 	public static int adjustSharedPerm(File path, GitConfigSharedRepository configShared) {
 		if (! configShared.isShared()) return 0;
+		if (! path.exists()) return -1;
 
 		int perm = configShared.getPerm();
-		int mode = JnaUtils.getFilemode(path);
+		JnaUtils.Filestat stat = JnaUtils.getFilestat(path);
+		if (stat == null) return -1;
+		int mode = stat.mode;
 		if (mode < 0) return -1;
+
+		// Now, here is the kicker: Under Linux, chmod'ing a sgid file whose guid is different from the process'
+		// effective guid will reset the sgid flag of the file. Since there is no way to get the sgid flag back in
+		// that case, we decide to rather not touch is and getting the right permissions will have to be achieved
+		// in a different way, e.g. by using an appropriate umask for the Gitblit process.
+		if (System.getProperty("os.name").toLowerCase().startsWith("linux")) {
+			if ( ((mode & (JnaUtils.S_ISGID | JnaUtils.S_ISUID)) != 0)
+				&& stat.gid != JnaUtils.getegid() ) {
+				LOGGER.debug("Not adjusting permissions to prevent clearing suid/sgid bits for '" + path + "'" );
+				return 0;
+			}
+		}
 
 		// If the owner has no write access, delete it from group and other, too.
 		if ((mode & JnaUtils.S_IWUSR) == 0) perm &= ~0222;
@@ -391,7 +427,7 @@
 
 		if (configShared.isCustom()) {
 			// Use the custom value for access permissions.
-			mode |= (mode & ~0777) | perm;
+			mode = (mode & ~0777) | perm;
 		}
 		else {
 			// Just add necessary bits to existing permissions.
@@ -706,6 +742,8 @@
 		try {
 			if (tree == null) {
 				ObjectId object = getDefaultBranch(repository);
+				if (object == null)
+					return null;
 				RevCommit commit = rw.parseCommit(object);
 				tree = commit.getTree();
 			}

--
Gitblit v1.9.1