From d360b08b345c5abc86e21503839198e7304aacdd Mon Sep 17 00:00:00 2001 From: "Kyle J. McKay" Date: Sat, 15 Aug 2020 13:58:21 -0700 Subject: [PATCH] cloning: enforce $Girocco::Config::max_file_size512 When cloning a new project, enforce the new $Girocco::Config::max_file_size512 file size limit. Additionally, if the clone ends up failing because the limit was exceeded, immediately remove all files in the objects subdirectory hierarchy, include a "size exceeded" blurb in the failure message and always cc the configured admin address in such a case regardless of the admincc setting. Signed-off-by: Kyle J. McKay --- taskd/clone.sh | 48 +++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 41 insertions(+), 7 deletions(-) diff --git a/taskd/clone.sh b/taskd/clone.sh index 14e6733..69509f3 100755 --- a/taskd/clone.sh +++ b/taskd/clone.sh @@ -28,7 +28,7 @@ git_darcs_fetch() ( } | { _e2=0 - git fast-import \ + git_ulimit fast-import \ --export-marks="$(pwd)/gfi-marks" \ --export-pack-edges="$(pwd)/gfi-packs" \ --force 3>&- || _e2=$? @@ -60,7 +60,7 @@ git_bzr_fetch() ( } | { _e2=0 - git fast-import \ + git_ulimit fast-import \ --export-marks="$(pwd)/gfi-marks" \ --export-pack-edges="$(pwd)/gfi-packs" \ --force 3>&- || _e2=$? @@ -73,18 +73,52 @@ git_bzr_fetch() ( return $? ) +clear_all_objects_and_packs() { + if [ -d objects ]; then + # make sure the repository is not left broken + printf '%s\n' 'ref: refs/heads/master' >HEAD || : + rm -f packed-refs || : + find -H refs objects -type f -exec rm -f '{}' + >/dev/null 2>&1 || : + ! [ -d htmlcache ] || { >htmlcache/changed; } 2>/dev/null || : + fi +} + +exit_err=0 send_clone_failed() { trap "" EXIT # We must now close the .clonelog file that is open on stdout and stderr exec >/dev/null 2>&1 ! [ -d htmlcache ] || { >htmlcache/changed; } 2>/dev/null || : failaddrs="$(config_get owner)" || : - [ -z "$cfg_admincc" ] || [ "$cfg_admincc" = "0" ] || [ -z "$cfg_admin" ] || + ccadm="${cfg_admincc:-0}" + xfsz_err="" + if [ "${exit_err:-0}" = "${var_xfsz_err:-999}" ]; then + ccadm=1 + reposize="$(cd objects && du -sk . | LC_ALL=C awk '{print $1}')" || : + if [ -n "$reposize" ]; then + if [ $reposize -lt 5120 ]; then + reposize="$reposize KiB" + else + reposize="$(( $reposize / 1024 ))" + if [ $reposize -lt 5120 ]; then + reposize="$reposize MiB" + else + reposize="$(( $reposize / 1024 ))" + reposize="$reposize GiB" + fi + fi + fi + xfsz_err=" + +The source repository${reposize:+ ($reposize)} exceeds our maximum allowed repository size." + clear_all_objects_and_packs + fi + [ "$ccadm" = "0" ] || [ -z "$cfg_admin" ] || if [ -z "$failaddrs" ]; then failaddrs="$cfg_admin"; else failaddrs="$failaddrs,$cfg_admin"; fi [ -z "$failaddrs" ] || { cat <.allowgc || : -trap "echo '@OVER@'; touch .clone_failed; send_clone_failed" EXIT +trap "exit_err=$?; echo '@OVER@'; touch .clone_failed; send_clone_failed" EXIT echo "Project: $proj" echo " Date: $(TZ=UTC date '+%Y-%m-%d %T UTC')" echo "" @@ -386,7 +420,7 @@ case "$url" in git_add_config 'gc.auto=1' git_add_config 'gc.autoPackLimit=1' # Again, be careful to use GIT_DIR=. here or else new .git subdirectory! - GIT_DIR=. git svn fetch --log-window-size=$var_log_window_size --username="$svnuser" --quiet <"$mtlinesfile" || svn_err="$?" + GIT_DIR=. git_ulimit svn fetch --log-window-size=$var_log_window_size --username="$svnuser" --quiet <"$mtlinesfile" || svn_err="$?" GIROCCO_SUPPRESS_AUTO_GC_UPDATE=1 export GIROCCO_SUPPRESS_AUTO_GC_UPDATE unset GIROCCO_DIVERT_GIT_SVN_AUTO_GC @@ -570,7 +604,7 @@ case "$url" in >.gfipack sleep 1 fi - GIT_SSL_NO_VERIFY=1 git remote update $pruneopt + GIT_SSL_NO_VERIFY=1 git_ulimit remote update $pruneopt if [ -e .gfipack ] && is_gfi_mirror_url "$url"; then find -L objects/pack -type f -newer .gfipack -name "pack-$octet20*.pack" -print >>gfi-packs rm -f .gfipack -- 2.11.4.GIT