Package org.eclipse.jgit.transport
Class PushCertificateParser
java.lang.Object
org.eclipse.jgit.transport.PushCertificateParser
Parser for signed push certificates.
- Since:
- 4.0
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionprivate static class
private static class
private static interface
-
Field Summary
FieldsModifier and TypeFieldDescription(package private) static final String
private final List<ReceiveCommand>
private final Repository
Database we write the push certificate into.private final boolean
(package private) static final String
(package private) static final String
(package private) static final String
private final NonceGenerator
private final int
The maximum time difference which is acceptable between advertised nonce and received signed nonce.private PushCertificate.NonceStatus
private String
(package private) static final String
private PushCertificateIdent
(package private) static final String
private boolean
private String
The nonce the pusher signed.private String
The nonce that was sent to the client.private String
private String
(package private) static final String
private static final String
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprivate
PushCertificateParser
(Repository into, SignedPushConfig cfg) Constructor for PushCertificateParser. -
Method Summary
Modifier and TypeMethodDescriptionvoid
addCommand
(String line) Add a command to the signature.void
addCommand
(ReceiveCommand cmd) Add a command to the signature.build()
Build the parsed certificateboolean
enabled()
Whether the repository is configured to use signed pushes in this context.static PushCertificate
fromReader
(Reader r) Parse a push certificate from a reader.static PushCertificate
fromString
(String str) Parse a push certificate from a string.Get the whole string for the nonce to be included into the capability advertisementParse a push certificate from a reader.private static String
parseHeader
(String s, String header) private static String
parseHeader
(PushCertificateParser.StringReader reader, String header) void
receiveHeader
(PacketLineIn pckIn, boolean stateless) Receive a list of commands from the input encapsulated in a push certificate.private void
receiveHeader
(PushCertificateParser.StringReader reader, boolean stateless) void
receiveSignature
(PacketLineIn pckIn) Read the PGP signature.private void
private String
-
Field Details
-
BEGIN_SIGNATURE
- See Also:
-
END_SIGNATURE
- See Also:
-
VERSION
- See Also:
-
PUSHER
- See Also:
-
PUSHEE
- See Also:
-
NONCE
- See Also:
-
END_CERT
- See Also:
-
VERSION_0_1
- See Also:
-
received
private boolean received -
version
-
pusher
-
pushee
-
sentNonce
The nonce that was sent to the client. -
receivedNonce
The nonce the pusher signed.This may vary from
sentNonce
; see git-core documentation for reasons. -
nonceStatus
-
signature
-
db
Database we write the push certificate into. -
nonceSlopLimit
private final int nonceSlopLimitThe maximum time difference which is acceptable between advertised nonce and received signed nonce. -
enabled
private final boolean enabled -
nonceGenerator
-
commands
-
-
Constructor Details
-
PushCertificateParser
Constructor for PushCertificateParser.
- Parameters:
into
- destination repository for the push.cfg
- configuration for signed push.- Since:
- 4.1
-
PushCertificateParser
private PushCertificateParser()
-
-
Method Details
-
fromReader
Parse a push certificate from a reader.Differences from the
PacketLineIn
receiver methods:- Does not use pkt-line framing.
- Reads an entire cert in one call rather than depending on a loop in the caller.
- Does not assume a
"push-cert-end"
line.
- Parameters:
r
- input reader; consumed only up until the end of the next signature in the input.- Returns:
- the parsed certificate, or null if the reader was at EOF.
- Throws:
PackProtocolException
- if the certificate is malformed.IOException
- if there was an error reading from the input.- Since:
- 4.1
-
fromString
Parse a push certificate from a string.- Parameters:
str
- input string.- Returns:
- the parsed certificate.
- Throws:
PackProtocolException
- if the certificate is malformed.IOException
- if there was an error reading from the input.- Since:
- 4.1
- See Also:
-
parse
Parse a push certificate from a reader.- Parameters:
r
- input reader; consumed only up until the end of the next signature in the input.- Returns:
- the parsed certificate, or null if the reader was at EOF.
- Throws:
PackProtocolException
- if the certificate is malformed.IOException
- if there was an error reading from the input.- Since:
- 4.1
- See Also:
-
build
Build the parsed certificate- Returns:
- the parsed certificate, or null if push certificates are disabled.
- Throws:
IOException
- if the push certificate has missing or invalid fields.- Since:
- 4.1
-
enabled
public boolean enabled()Whether the repository is configured to use signed pushes in this context.- Returns:
- if the repository is configured to use signed pushes in this context.
- Since:
- 4.0
-
getAdvertiseNonce
Get the whole string for the nonce to be included into the capability advertisement- Returns:
- the whole string for the nonce to be included into the capability advertisement, or null if push certificates are disabled.
- Since:
- 4.0
-
sentNonce
-
parseHeader
private static String parseHeader(PushCertificateParser.StringReader reader, String header) throws IOException - Throws:
IOException
-
parseHeader
- Throws:
IOException
-
receiveHeader
Receive a list of commands from the input encapsulated in a push certificate.This method doesn't parse the first line
"push-cert \NUL <capabilities>"
, but assumes the first line including the capabilities has already been handled by the caller.- Parameters:
pckIn
- where we take the push certificate header from.stateless
- affects nonce verification. Whenstateless = true
theNonceGenerator
will allow for some time skew caused by clients disconnected and reconnecting in the stateless smart HTTP protocol.- Throws:
IOException
- if the certificate from the client is badly malformed or the client disconnects before sending the entire certificate.- Since:
- 4.0
-
receiveHeader
private void receiveHeader(PushCertificateParser.StringReader reader, boolean stateless) throws IOException - Throws:
IOException
-
receiveSignature
Read the PGP signature.This method assumes the line
"-----BEGIN PGP SIGNATURE-----"
has already been parsed, and continues parsing until an"-----END PGP SIGNATURE-----"
is found, followed by"push-cert-end"
.- Parameters:
pckIn
- where we read the signature from.- Throws:
IOException
- if the signature is invalid.- Since:
- 4.0
-
receiveSignature
- Throws:
IOException
-
addCommand
Add a command to the signature.- Parameters:
cmd
- the command.- Since:
- 4.1
-
addCommand
Add a command to the signature.- Parameters:
line
- the line read from the wire that produced this command, with optional trailing newline already trimmed.- Throws:
PackProtocolException
- if the raw line cannot be parsed to a command.- Since:
- 4.0
-