Package org.eclipse.jgit.transport
Class PushCertificateParser
- java.lang.Object
-
- org.eclipse.jgit.transport.PushCertificateParser
-
public class PushCertificateParser extends java.lang.Object
Parser for signed push certificates.- Since:
- 4.0
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private static class
PushCertificateParser.PacketLineReader
private static class
PushCertificateParser.StreamReader
private static interface
PushCertificateParser.StringReader
-
Field Summary
Fields Modifier and Type Field Description (package private) static java.lang.String
BEGIN_SIGNATURE
private java.util.List<ReceiveCommand>
commands
private Repository
db
Database we write the push certificate into.private boolean
enabled
(package private) static java.lang.String
END_CERT
(package private) static java.lang.String
END_SIGNATURE
(package private) static java.lang.String
NONCE
private NonceGenerator
nonceGenerator
private int
nonceSlopLimit
The maximum time difference which is acceptable between advertised nonce and received signed nonce.private PushCertificate.NonceStatus
nonceStatus
private java.lang.String
pushee
(package private) static java.lang.String
PUSHEE
private PushCertificateIdent
pusher
(package private) static java.lang.String
PUSHER
private boolean
received
private java.lang.String
receivedNonce
The nonce the pusher signed.private java.lang.String
sentNonce
The nonce that was sent to the client.private java.lang.String
signature
private java.lang.String
version
(package private) static java.lang.String
VERSION
private static java.lang.String
VERSION_0_1
-
Constructor Summary
Constructors Modifier Constructor Description private
PushCertificateParser()
PushCertificateParser(Repository into, SignedPushConfig cfg)
Constructor for PushCertificateParser.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addCommand(java.lang.String line)
Add a command to the signature.void
addCommand(ReceiveCommand cmd)
Add a command to the signature.PushCertificate
build()
Build the parsed certificateboolean
enabled()
Whether the repository is configured to use signed pushes in this context.static PushCertificate
fromReader(java.io.Reader r)
Parse a push certificate from a reader.static PushCertificate
fromString(java.lang.String str)
Parse a push certificate from a string.java.lang.String
getAdvertiseNonce()
Get the whole string for the nonce to be included into the capability advertisementPushCertificate
parse(java.io.Reader r)
Parse a push certificate from a reader.private static java.lang.String
parseHeader(java.lang.String s, java.lang.String header)
private static java.lang.String
parseHeader(PushCertificateParser.StringReader reader, java.lang.String header)
void
receiveHeader(PacketLineIn pckIn, boolean stateless)
Receive a list of commands from the input encapsulated in a push certificate.private void
receiveHeader(PushCertificateParser.StringReader reader, boolean stateless)
void
receiveSignature(PacketLineIn pckIn)
Read the PGP signature.private void
receiveSignature(PushCertificateParser.StringReader reader)
private java.lang.String
sentNonce()
-
-
-
Field Detail
-
BEGIN_SIGNATURE
static final java.lang.String BEGIN_SIGNATURE
- See Also:
- Constant Field Values
-
END_SIGNATURE
static final java.lang.String END_SIGNATURE
- See Also:
- Constant Field Values
-
VERSION
static final java.lang.String VERSION
- See Also:
- Constant Field Values
-
PUSHER
static final java.lang.String PUSHER
- See Also:
- Constant Field Values
-
PUSHEE
static final java.lang.String PUSHEE
- See Also:
- Constant Field Values
-
NONCE
static final java.lang.String NONCE
- See Also:
- Constant Field Values
-
END_CERT
static final java.lang.String END_CERT
- See Also:
- Constant Field Values
-
VERSION_0_1
private static final java.lang.String VERSION_0_1
- See Also:
- Constant Field Values
-
received
private boolean received
-
version
private java.lang.String version
-
pusher
private PushCertificateIdent pusher
-
pushee
private java.lang.String pushee
-
sentNonce
private java.lang.String sentNonce
The nonce that was sent to the client.
-
receivedNonce
private java.lang.String receivedNonce
The nonce the pusher signed.This may vary from
sentNonce
; see git-core documentation for reasons.
-
nonceStatus
private PushCertificate.NonceStatus nonceStatus
-
signature
private java.lang.String signature
-
db
private final Repository db
Database we write the push certificate into.
-
nonceSlopLimit
private final int nonceSlopLimit
The maximum time difference which is acceptable between advertised nonce and received signed nonce.
-
enabled
private final boolean enabled
-
nonceGenerator
private final NonceGenerator nonceGenerator
-
commands
private final java.util.List<ReceiveCommand> commands
-
-
Constructor Detail
-
PushCertificateParser
public PushCertificateParser(Repository into, SignedPushConfig cfg)
Constructor for PushCertificateParser.
- Parameters:
into
- destination repository for the push.cfg
- configuration for signed push.- Since:
- 4.1
-
PushCertificateParser
private PushCertificateParser()
-
-
Method Detail
-
fromReader
public static PushCertificate fromReader(java.io.Reader r) throws PackProtocolException, java.io.IOException
Parse a push certificate from a reader.Differences from the
PacketLineIn
receiver methods:- Does not use pkt-line framing.
- Reads an entire cert in one call rather than depending on a loop in the caller.
- Does not assume a
"push-cert-end"
line.
- Parameters:
r
- input reader; consumed only up until the end of the next signature in the input.- Returns:
- the parsed certificate, or null if the reader was at EOF.
- Throws:
PackProtocolException
- if the certificate is malformed.java.io.IOException
- if there was an error reading from the input.- Since:
- 4.1
-
fromString
public static PushCertificate fromString(java.lang.String str) throws PackProtocolException, java.io.IOException
Parse a push certificate from a string.- Parameters:
str
- input string.- Returns:
- the parsed certificate.
- Throws:
PackProtocolException
- if the certificate is malformed.java.io.IOException
- if there was an error reading from the input.- Since:
- 4.1
- See Also:
fromReader(Reader)
-
parse
public PushCertificate parse(java.io.Reader r) throws PackProtocolException, java.io.IOException
Parse a push certificate from a reader.- Parameters:
r
- input reader; consumed only up until the end of the next signature in the input.- Returns:
- the parsed certificate, or null if the reader was at EOF.
- Throws:
PackProtocolException
- if the certificate is malformed.java.io.IOException
- if there was an error reading from the input.- Since:
- 4.1
- See Also:
fromReader(Reader)
-
build
public PushCertificate build() throws java.io.IOException
Build the parsed certificate- Returns:
- the parsed certificate, or null if push certificates are disabled.
- Throws:
java.io.IOException
- if the push certificate has missing or invalid fields.- Since:
- 4.1
-
enabled
public boolean enabled()
Whether the repository is configured to use signed pushes in this context.- Returns:
- if the repository is configured to use signed pushes in this context.
- Since:
- 4.0
-
getAdvertiseNonce
public java.lang.String getAdvertiseNonce()
Get the whole string for the nonce to be included into the capability advertisement- Returns:
- the whole string for the nonce to be included into the capability advertisement, or null if push certificates are disabled.
- Since:
- 4.0
-
sentNonce
private java.lang.String sentNonce()
-
parseHeader
private static java.lang.String parseHeader(PushCertificateParser.StringReader reader, java.lang.String header) throws java.io.IOException
- Throws:
java.io.IOException
-
parseHeader
private static java.lang.String parseHeader(java.lang.String s, java.lang.String header) throws java.io.IOException
- Throws:
java.io.IOException
-
receiveHeader
public void receiveHeader(PacketLineIn pckIn, boolean stateless) throws java.io.IOException
Receive a list of commands from the input encapsulated in a push certificate.This method doesn't parse the first line
"push-cert \NUL <capabilities>"
, but assumes the first line including the capabilities has already been handled by the caller.- Parameters:
pckIn
- where we take the push certificate header from.stateless
- affects nonce verification. Whenstateless = true
theNonceGenerator
will allow for some time skew caused by clients disconnected and reconnecting in the stateless smart HTTP protocol.- Throws:
java.io.IOException
- if the certificate from the client is badly malformed or the client disconnects before sending the entire certificate.- Since:
- 4.0
-
receiveHeader
private void receiveHeader(PushCertificateParser.StringReader reader, boolean stateless) throws java.io.IOException
- Throws:
java.io.IOException
-
receiveSignature
public void receiveSignature(PacketLineIn pckIn) throws java.io.IOException
Read the PGP signature.This method assumes the line
"-----BEGIN PGP SIGNATURE-----"
has already been parsed, and continues parsing until an"-----END PGP SIGNATURE-----"
is found, followed by"push-cert-end"
.- Parameters:
pckIn
- where we read the signature from.- Throws:
java.io.IOException
- if the signature is invalid.- Since:
- 4.0
-
receiveSignature
private void receiveSignature(PushCertificateParser.StringReader reader) throws java.io.IOException
- Throws:
java.io.IOException
-
addCommand
public void addCommand(ReceiveCommand cmd)
Add a command to the signature.- Parameters:
cmd
- the command.- Since:
- 4.1
-
addCommand
public void addCommand(java.lang.String line) throws PackProtocolException
Add a command to the signature.- Parameters:
line
- the line read from the wire that produced this command, with optional trailing newline already trimmed.- Throws:
PackProtocolException
- if the raw line cannot be parsed to a command.- Since:
- 4.0
-
-