From 7e0ce40e79a193426e8f7b6f22407422634dafe3 Mon Sep 17 00:00:00 2001
From: John Crygier <john.crygier@aon.com>
Date: Wed, 25 Apr 2012 08:37:52 -0400
Subject: [PATCH] Add logic to get display name & email (Simply stored in user model for now). Add code / test to defend against LDAP injection attacks.

---
 distrib/gitblit.properties |  319 +++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 308 insertions(+), 11 deletions(-)

diff --git a/distrib/gitblit.properties b/distrib/gitblit.properties
index 3de1475..62222d4 100644
--- a/distrib/gitblit.properties
+++ b/distrib/gitblit.properties
@@ -2,7 +2,9 @@
 # Git Servlet Settings
 #
 
-# Base folder for repositories
+# Base folder for repositories.
+# This folder may contain bare and non-bare repositories but Gitblit will only
+# allow you to push to bare repositories.
 # Use forward slashes even on Windows!!
 # e.g. c:/gitrepos
 #
@@ -28,6 +30,67 @@
 # SINCE 0.5.0
 git.enableGitServlet = true
 
+# Only serve/display bare repositories.
+# If there are non-bare repositories in git.repositoriesFolder and this setting
+# is true, they will be excluded from the ui. 
+#
+# SINCE 0.9.0
+git.onlyAccessBareRepositories = false
+
+#
+# Groovy Integration
+#
+
+# Location of Groovy scripts to use for Pre and Post receive hooks.
+# Use forward slashes even on Windows!!
+# e.g. c:/groovy
+#
+# RESTART REQUIRED
+# SINCE 0.8.0
+groovy.scriptsFolder = groovy
+
+# Scripts to execute on Pre-Receive.
+#
+# These scripts execute after an incoming push has been parsed and validated
+# but BEFORE the changes are applied to the repository.  You might reject a
+# push in this script based on the repository and branch the push is attempting
+# to change.
+#
+# Script names are case-sensitive on case-sensitive file systems.  You may omit
+# the traditional ".groovy" from this list if your file extension is ".groovy" 
+#
+# NOTE:
+# These scripts are only executed when pushing to *Gitblit*, not to other Git
+# tooling you may be using.  Also note that these scripts are shared between
+# repositories. These are NOT repository-specific scripts!  Within the script
+# you may customize the control-flow for a specific repository by checking the
+# *repository* variable.
+#
+# SPACE-DELIMITED
+# CASE-SENSITIVE
+# SINCE 0.8.0
+groovy.preReceiveScripts =
+
+# Scripts to execute on Post-Receive.
+#
+# These scripts execute AFTER an incoming push has been applied to a repository.
+# You might trigger a continuous-integration build here or send a notification.
+#
+# Script names are case-sensitive on case-sensitive file systems.  You may omit
+# the traditional ".groovy" from this list if your file extension is ".groovy" 
+#
+# NOTE:
+# These scripts are only executed when pushing to *Gitblit*, not to other Git
+# tooling you may be using.  Also note that these scripts are shared between
+# repositories. These are NOT repository-specific scripts!  Within the script
+# you may customize the control-flow for a specific repository by checking the
+# *repository* variable.
+# 
+# SPACE-DELIMITED
+# CASE-SENSITIVE
+# SINCE 0.8.0
+groovy.postReceiveScripts =
+
 #
 # Authentication Settings
 #
@@ -50,16 +113,19 @@
 # SINCE 0.5.0
 web.allowCookieAuthentication = true
 
-# Either the path to a simple user properties file
+# Either the full path to a user config file (users.conf)
+# OR the full path to a simple user properties file (users.properties)
 # OR a fully qualified class name that implements the IUserService interface.
 # Any custom implementation must have a public default constructor.
 #
 # SINCE 0.5.0
 # RESTART REQUIRED
-realm.userService = users.properties
+realm.userService = users.conf
 
 # How to store passwords.
-# Valid values are plain or md5.  Default is md5.
+# Valid values are plain, md5, or combined-md5.  md5 is the hash of password.
+# combined-md5 is the hash of username.toLowerCase()+password.
+# Default is md5.
 #
 # SINCE 0.5.0 
 realm.passwordStorage = md5
@@ -69,6 +135,113 @@
 #
 # SINCE 0.5.0 
 realm.minPasswordLength = 5
+
+# URL of the LDAP server.
+#
+# SINCE 1.0.0
+realm.ldap.server = ldap://localhost
+
+# Login username for LDAP searches.
+# The domain prefix may be omitted if it matches the domain specified in
+# *realm.ldap.domain*. If this value is unspecified, anonymous LDAP login will
+# be used.
+# 
+# e.g. mydomain\\username
+#
+# SINCE 1.0.0
+realm.ldap.username = cn=Directory Manager
+
+# Login password for LDAP searches.
+#
+# SINCE 1.0.0
+realm.ldap.password = password
+
+# The LdapUserService must be backed by another user service for standard user
+# and team management.
+# default: users.conf
+#
+# SINCE 1.0.0
+# RESTART REQUIRED
+realm.ldap.backingUserService = users.conf
+
+# Delegate team membership control to LDAP.
+#
+# If true, team user memberships will be specified by LDAP groups.  This will
+# disable team selection in Edit User and user selection in Edit Team.
+#
+# If false, LDAP will only be used for authentication and Gitblit will maintain
+# team memberships with the *realm.ldap.backingUserService*.
+#
+# SINCE 1.0.0
+realm.ldap.maintainTeams = false
+
+# Root node that all Users sit under in LDAP
+#
+# This is the root node that searches for user information will begin from in LDAP
+# If blank, it will search ALL of ldap.  
+#
+# SINCE 1.0.0
+realm.ldap.accountBase = OU=Users,OU=UserControl,OU=MyOrganization,DC=MyDomain
+
+# Filter Criteria for Users in LDAP
+#
+# Query pattern to use when searching for a user account. This may be any valid 
+# LDAP query expression, including the standard (&) and (|) operators.  Variables may
+# be injected via the ${variableName} syntax.  Recognized variables are:
+#    ${username} - The text entered as the user name
+#
+# SINCE 1.0.0
+realm.ldap.accountPattern = (&(objectClass=person)(sAMAccountName=${username}))
+
+# Root node that all Teams sit under in LDAP
+#
+# This is the node that searches for team information will begin from in LDAP
+# If blank, it will search ALL of ldap.  
+#
+# SINCE 1.0.0
+realm.ldap.groupBase = OU=Groups,OU=UserControl,OU=MyOrganization,DC=MyDomain
+
+# Filter Criteria for Teams in LDAP
+#
+# Query pattern to use when searching for a team. This may be any valid 
+# LDAP query expression, including the standard (&) and (|) operators. Variables may
+# be injected via the ${variableName} syntax.  Recognized variables are:
+#    ${username} - The text entered as the user name
+#    ${dn} - The Distinguished Name of the user logged in
+# All attributes on the User's record are also passed in.  For example, if a user has an
+# attribute "fullName" set to "John", "(fn=${fullName})" will be translated to "(fn=John)".
+#
+# SINCE 1.0.0
+realm.ldap.groupMemberPattern = (&(objectClass=group)(member=${dn}))
+
+# Users and or teams that are Admins, read from LDAP
+#
+# This is a space delimited list.  If it starts with @, it indicates a Team Name  
+#
+# SINCE 1.0.0
+realm.ldap.admins= @Git_Admins
+
+# Attribute(s) on the USER record that indicate their display (or full) name. Leave blank
+# for no mapping available in LDAP
+#
+# This may be a single attribute, or a string of multiple attributes.  Examples:
+#  displayName - Uses the attribute 'displayName' on the user record
+#  ${personalTitle}. ${givenName} ${surname} - Will concatenate the 3 
+#       attributes together, with a '.' after personalTitle 
+#
+# SINCE 1.0.0
+realm.ldap.displayName= displayName
+
+# Attribute(s) on the USER record that indicate their email address.  Leave blank
+# for no mapping available in LDAP
+#
+# This may be a single attribute, or a string of multiple attributes.  Examples:
+#  email - Uses the attribute 'email' on the user record
+#  ${givenName}.${surname}@gitblit.com -Will concatenate the 2 attributes
+#       together with a '.' and '@' creating something like first.last@gitblit.com 
+#
+# SINCE 1.0.0
+realm.ldap.email = email
 
 #
 # Gitblit Web Settings
@@ -87,16 +260,52 @@
 # SINCE 0.5.0 
 web.allowAdministration = true
 
-# Allows remote clients to list repositories and administer the Gitblit instance
-# if they have administrator permissions.
+# Allows rpc clients to list repositories and possibly manage or administer the 
+# Gitblit server, if the authenticated account has administrator permissions.
+# See *web.enableRpcManagement* and *web.enableRpcAdministration*.
 #
-# SINCE 0.6.1 
-web.enableRpcServlet = false
+# SINCE 0.7.0 
+web.enableRpcServlet = true
+
+# Allows rpc clients to manage repositories and users of the Gitblit instance,
+# if the authenticated account has administrator permissions.
+# Requires *web.enableRpcServlet=true*.
+#
+# SINCE 0.7.0 
+web.enableRpcManagement = false
+
+# Allows rpc clients to control the server settings and monitor the health of this
+# this Gitblit instance, if the authenticated account has administrator permissions.
+# Requires *web.enableRpcServlet=true* and *web.enableRpcManagement*.
+#
+# SINCE 0.7.0 
+web.enableRpcAdministration = false
+
+# Allow Gravatar images to be displayed in Gitblit pages.
+#
+# SINCE 0.8.0
+web.allowGravatar = true
 
 # Allow dynamic zip downloads.
 #
 # SINCE 0.5.0   
 web.allowZipDownloads = true
+
+# Allow optional Lucene integration. Lucene indexing is an opt-in feature.
+# A repository may specify branches to index with Lucene instead of using Git
+# commit traversal. There are scenarios where you may want to completely disable
+# Lucene indexing despite a repository specifying indexed branches.  One such
+# scenario is on a resource-constrained federated Gitblit mirror.
+#
+# SINCE 0.9.0
+web.allowLuceneIndexing = true
+
+# Use Clippy (Flash solution) to provide a copy-to-clipboard button.
+# If false, a button with a more primitive JavaScript-based prompt box will
+# offer a 3-step (click, ctrl+c, enter) copy-to-clipboard alternative.
+#
+# SINCE 0.8.0
+web.allowFlashCopyToClipboard = true
 
 # Default number of entries to include in RSS Syndication links
 #
@@ -110,6 +319,15 @@
 # SINCE 0.5.2
 web.showRepositorySizes = true
 
+# List of custom regex expressions that can be displayed in the Filters menu
+# of the Repositories and Activity pages.  Keep them very simple because you
+# are likely to run into encoding issues if they are too complex.
+#
+# Use !!! to separate the filters 
+#
+# SINCE 0.8.0
+web.customFilters =
+
 # Show federation registrations (without token) and the current pull status
 # to non-administrator users. 
 #
@@ -120,7 +338,7 @@
 # This can point to a file with Markdown content.
 # Specifying "gitblit" uses the internal login message.
 #
-# SINCE 0.6.1
+# SINCE 0.7.0
 web.loginMessage = gitblit
 
 # This is the message displayed above the repositories table.
@@ -129,6 +347,15 @@
 #
 # SINCE 0.5.0
 web.repositoriesMessage = gitblit
+
+# Manually set the default timezone to be used by Gitblit for display in the 
+# web ui.  This value is independent of the JVM timezone.  Specifying a blank
+# value will default to the JVM timezone.
+# e.g. America/New_York, US/Pacific, UTC, Europe/Berlin
+#
+# SINCE 0.9.0
+# RESTART REQUIRED
+web.timezone =
 
 # Use the client timezone when formatting dates.
 # This uses AJAX to determine the browser's timezone and may require more
@@ -139,17 +366,28 @@
 # RESTART REQUIRED
 web.useClientTimezone = false
 
+# Time format
+# <http://download.oracle.com/javase/6/docs/api/java/text/SimpleDateFormat.html>
+#
+# SINCE 0.8.0
+web.timeFormat = HH:mm
+
 # Short date format
 # <http://download.oracle.com/javase/6/docs/api/java/text/SimpleDateFormat.html>
 #
 # SINCE 0.5.0
 web.datestampShortFormat = yyyy-MM-dd
 
+# Long date format
+#
+# SINCE 0.8.0
+web.datestampLongFormat = EEEE, MMMM d, yyyy
+
 # Long timestamp format
 # <http://download.oracle.com/javase/6/docs/api/java/text/SimpleDateFormat.html>
 #
 # SINCE 0.5.0
-web.datetimestampLongFormat = EEEE, MMMM d, yyyy h:mm a z
+web.datetimestampLongFormat = EEEE, MMMM d, yyyy HH:mm Z
 
 # Mount URL parameters
 # This setting controls if pretty or parameter URLs are used.
@@ -168,7 +406,9 @@
 # to preemptively replace '/' with '*' or '!' for url string parameters.
 #
 # <https://issues.apache.org/jira/browse/WICKET-1303>
-# <http://tomcat.apache.org/security-6.html>
+# <http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.10>
+# Add *-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true* to your
+# *CATALINA_OPTS* or to your JVM launch parameters
 #
 # SINCE 0.5.2
 web.forwardSlashCharacter = /
@@ -195,6 +435,12 @@
 # SINCE 0.5.0
 web.repositoryRootGroupName = main
 
+# Display the repository swatch color next to the repository name link in the 
+# repositories list. 
+#
+# SINCE 0.8.0
+web.repositoryListSwatches = true
+
 # Choose the diff presentation style: gitblt, gitweb, or plain
 #
 # SINCE 0.5.0
@@ -217,6 +463,12 @@
 # SINCE 0.5.0 
 web.generateActivityGraph = true
 
+# The number of days to show on the activity page.
+# Value must exceed 0 else default of 14 is used
+#
+# SINCE 0.8.0
+web.activityDuration = 14
+
 # The number of commits to display on the summary page
 # Value must exceed 0 else default of 20 is used
 #
@@ -236,6 +488,12 @@
 #
 # SINCE 0.5.0
 web.itemsPerPage = 50
+
+# Registered file extensions to ignore during Lucene indexing
+#
+# SPACE-DELIMITED
+# SINCE 0.9.0
+web.luceneIgnoreExtensions = 7z arc arj bin bmp dll doc docx exe gif gz jar jpg lib lzh odg odf odt pdf ppt png so swf xcf xls xlsx zip
 
 # Registered extensions for google-code-prettify
 #
@@ -282,10 +540,13 @@
 # Example global regex substitutions
 # Use !!! to separate the search pattern and the replace pattern
 # searchpattern!!!replacepattern
+# SINCE 0.5.0
 regex.global.bug = \\b(Bug:)(\\s*[#]?|-){0,1}(\\d+)\\b!!!<a href="http://somehost/bug/$3">Bug-Id: $3</a>
+# SINCE 0.5.0
 regex.global.changeid = \\b(Change-Id:\\s*)([A-Za-z0-9]*)\\b!!!<a href="http://somehost/changeid/$2">Change-Id: $2</a>
 
 # Example per-repository regex substitutions overrides global
+# SINCE 0.5.0
 regex.myrepository.bug = \\b(Bug:)(\\s*[#]?|-){0,1}(\\d+)\\b!!!<a href="http://elsewhere/bug/$3">Bug-Id: $3</a>
 
 #
@@ -314,6 +575,7 @@
 #
 # SINCE 0.6.0
 mail.username =
+# SINCE 0.6.0
 mail.password =
 
 # from address for generated emails
@@ -326,6 +588,17 @@
 # SPACE-DELIMITED
 # SINCE 0.6.0
 mail.adminAddresses = 
+
+# List of email addresses for sending push email notifications.
+#
+# This key currently requires use of the sendemail.groovy hook script.
+# If you set sendemail.groovy in *groovy.postReceiveScripts* then email
+# notifications for all repositories (regardless of access restrictions!)
+# will be sent to these addresses.
+#
+# SPACE-DELIMITED
+# SINCE 0.8.0
+mail.mailingLists =
 
 #
 # Federation Settings
@@ -459,6 +732,13 @@
 # RESTART REQUIRED
 server.useNio = true
 
+# Context path for the GO application.  You might want to change the context
+# path if running Gitblit behind a proxy layer such as mod_proxy.
+#
+# SINCE 0.7.0
+# RESTART REQUIRED
+server.contextPath = /
+
 # Standard http port to serve.  <= 0 disables this connector.
 # On Unix/Linux systems, ports < 1024 require root permissions.
 # Recommended value: 80 or 8080
@@ -474,6 +754,14 @@
 # SINCE 0.5.0
 # RESTART REQUIRED
 server.httpsPort = 8443
+
+# Port for serving an Apache JServ Protocol (AJP) 1.3 connector for integrating
+# Gitblit GO into an Apache HTTP server setup.  <= 0 disables this connector.
+# Recommended value: 8009
+#
+# SINCE 0.9.0
+# RESTART REQUIRED
+server.ajpPort = 0
 
 # Specify the interface for Jetty to bind the standard connector.
 # You may specify an ip or an empty value to bind to all interfaces.
@@ -493,6 +781,15 @@
 # RESTART REQUIRED
 server.httpsBindInterface = localhost
 
+# Specify the interface for Jetty to bind the AJP connector.
+# You may specify an ip or an empty value to bind to all interfaces.
+# Specifying localhost will result in Gitblit ONLY listening to requests to
+# localhost.
+#
+# SINCE 0.9.0
+# RESTART REQUIRED
+server.ajpBindInterface = localhost
+
 # Password for SSL keystore.
 # Keystore password and certificate password must match.
 # This is provided for convenience, its probably more secure to set this value

--
Gitblit v1.9.1