2005-04-28 16:46:33 +02:00
|
|
|
#include "cache.h"
|
2006-01-07 10:33:54 +01:00
|
|
|
#include "tag.h"
|
2007-02-26 20:56:00 +01:00
|
|
|
#include "commit.h"
|
|
|
|
#include "tree.h"
|
|
|
|
#include "blob.h"
|
2017-01-18 00:37:18 +01:00
|
|
|
#include "gpg-interface.h"
|
2005-04-28 16:46:33 +02:00
|
|
|
|
|
|
|
const char *tag_type = "tag";
|
|
|
|
|
2016-04-22 16:52:04 +02:00
|
|
|
static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags)
|
|
|
|
{
|
|
|
|
struct signature_check sigc;
|
|
|
|
size_t payload_size;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
memset(&sigc, 0, sizeof(sigc));
|
|
|
|
|
|
|
|
payload_size = parse_signature(buf, size);
|
|
|
|
|
|
|
|
if (size == payload_size) {
|
|
|
|
if (flags & GPG_VERIFY_VERBOSE)
|
|
|
|
write_in_full(1, buf, payload_size);
|
|
|
|
return error("no signature found");
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = check_signature(buf, payload_size, buf + payload_size,
|
|
|
|
size - payload_size, &sigc);
|
2017-01-18 00:37:18 +01:00
|
|
|
|
|
|
|
if (!(flags & GPG_VERIFY_OMIT_STATUS))
|
|
|
|
print_signature_buffer(&sigc, flags);
|
2016-04-22 16:52:04 +02:00
|
|
|
|
|
|
|
signature_check_clear(&sigc);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
int gpg_verify_tag(const unsigned char *sha1, const char *name_to_report,
|
|
|
|
unsigned flags)
|
|
|
|
{
|
|
|
|
enum object_type type;
|
|
|
|
char *buf;
|
|
|
|
unsigned long size;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
type = sha1_object_info(sha1, NULL);
|
|
|
|
if (type != OBJ_TAG)
|
|
|
|
return error("%s: cannot verify a non-tag object of type %s.",
|
|
|
|
name_to_report ?
|
|
|
|
name_to_report :
|
|
|
|
find_unique_abbrev(sha1, DEFAULT_ABBREV),
|
|
|
|
typename(type));
|
|
|
|
|
|
|
|
buf = read_sha1_file(sha1, &type, &size);
|
|
|
|
if (!buf)
|
|
|
|
return error("%s: unable to read file.",
|
|
|
|
name_to_report ?
|
|
|
|
name_to_report :
|
|
|
|
find_unique_abbrev(sha1, DEFAULT_ABBREV));
|
|
|
|
|
|
|
|
ret = run_gpg_verify(buf, size, flags);
|
|
|
|
|
|
|
|
free(buf);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2005-11-03 00:19:13 +01:00
|
|
|
struct object *deref_tag(struct object *o, const char *warn, int warnlen)
|
2005-08-05 09:47:56 +02:00
|
|
|
{
|
2006-07-12 05:45:31 +02:00
|
|
|
while (o && o->type == OBJ_TAG)
|
2008-02-18 08:31:55 +01:00
|
|
|
if (((struct tag *)o)->tagged)
|
2015-11-10 03:22:29 +01:00
|
|
|
o = parse_object(((struct tag *)o)->tagged->oid.hash);
|
2008-02-18 08:31:55 +01:00
|
|
|
else
|
|
|
|
o = NULL;
|
2005-11-03 00:19:13 +01:00
|
|
|
if (!o && warn) {
|
|
|
|
if (!warnlen)
|
|
|
|
warnlen = strlen(warn);
|
|
|
|
error("missing object referenced by '%.*s'", warnlen, warn);
|
|
|
|
}
|
2005-08-05 09:47:56 +02:00
|
|
|
return o;
|
|
|
|
}
|
|
|
|
|
upload-pack: avoid parsing tag destinations
When upload-pack advertises refs, it dereferences any tags
it sees, and shows the resulting sha1 to the client. It does
this by calling deref_tag. That function must load and parse
each tag object to find the sha1 of the tagged object.
However, it also ends up parsing the tagged object itself,
which is not strictly necessary for upload-pack's use.
Each tag produces two object loads (assuming it is not a
recursive tag), when it could get away with only a single
one. Dropping the second load halves the effort we spend.
The downside is that we are no longer verifying the
resulting object by loading it. In particular:
1. We never cross-check the "type" field given in the tag
object with the type of the pointed-to object. If the
tag says it points to a tag but doesn't, then we will
keep peeling and realize the error. If the tag says it
points to a non-tag but actually points to a tag, we
will stop peeling and just advertise the pointed-to
tag.
2. If we are missing the pointed-to object, we will not
realize (because we never even look it up in the object
db).
However, both of these are errors in the object database,
and both will be detected if a client actually requests the
broken objects in question. So we are simply pushing the
verification away from the advertising stage, and down to
the actual fetching stage.
On my test repo with 120K refs, this drops the time to
advertise the refs from ~3.2s to ~2.0s.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-01-06 20:18:01 +01:00
|
|
|
struct object *deref_tag_noverify(struct object *o)
|
|
|
|
{
|
|
|
|
while (o && o->type == OBJ_TAG) {
|
2015-11-10 03:22:29 +01:00
|
|
|
o = parse_object(o->oid.hash);
|
upload-pack: avoid parsing tag destinations
When upload-pack advertises refs, it dereferences any tags
it sees, and shows the resulting sha1 to the client. It does
this by calling deref_tag. That function must load and parse
each tag object to find the sha1 of the tagged object.
However, it also ends up parsing the tagged object itself,
which is not strictly necessary for upload-pack's use.
Each tag produces two object loads (assuming it is not a
recursive tag), when it could get away with only a single
one. Dropping the second load halves the effort we spend.
The downside is that we are no longer verifying the
resulting object by loading it. In particular:
1. We never cross-check the "type" field given in the tag
object with the type of the pointed-to object. If the
tag says it points to a tag but doesn't, then we will
keep peeling and realize the error. If the tag says it
points to a non-tag but actually points to a tag, we
will stop peeling and just advertise the pointed-to
tag.
2. If we are missing the pointed-to object, we will not
realize (because we never even look it up in the object
db).
However, both of these are errors in the object database,
and both will be detected if a client actually requests the
broken objects in question. So we are simply pushing the
verification away from the advertising stage, and down to
the actual fetching stage.
On my test repo with 120K refs, this drops the time to
advertise the refs from ~3.2s to ~2.0s.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-01-06 20:18:01 +01:00
|
|
|
if (o && o->type == OBJ_TAG && ((struct tag *)o)->tagged)
|
|
|
|
o = ((struct tag *)o)->tagged;
|
|
|
|
else
|
|
|
|
o = NULL;
|
|
|
|
}
|
|
|
|
return o;
|
|
|
|
}
|
|
|
|
|
2005-06-03 17:05:39 +02:00
|
|
|
struct tag *lookup_tag(const unsigned char *sha1)
|
2005-04-28 16:46:33 +02:00
|
|
|
{
|
2007-04-17 07:11:43 +02:00
|
|
|
struct object *obj = lookup_object(sha1);
|
|
|
|
if (!obj)
|
2014-07-13 08:41:55 +02:00
|
|
|
return create_object(sha1, alloc_tag_node());
|
add object_as_type helper for casting objects
When we call lookup_commit, lookup_tree, etc, the logic goes
something like:
1. Look for an existing object struct. If we don't have
one, allocate and return a new one.
2. Double check that any object we have is the expected
type (and complain and return NULL otherwise).
3. Convert an object with type OBJ_NONE (from a prior
call to lookup_unknown_object) to the expected type.
We can encapsulate steps 2 and 3 in a helper function which
checks whether we have the expected object type, converts
OBJ_NONE as appropriate, and returns the object.
Not only does this shorten the code, but it also provides
one central location for converting OBJ_NONE objects into
objects of other types. Future patches will use that to
enforce type-specific invariants.
Since this is a refactoring, we would want it to behave
exactly as the current code. It takes a little reasoning to
see that this is the case:
- for lookup_{commit,tree,etc} functions, we are just
pulling steps 2 and 3 into a function that does the same
thing.
- for the call in peel_object, we currently only do step 3
(but we want to consolidate it with the others, as
mentioned above). However, step 2 is a noop here, as the
surrounding conditional makes sure we have OBJ_NONE
(which we want to keep to avoid an extraneous call to
sha1_object_info).
- for the call in lookup_commit_reference_gently, we are
currently doing step 2 but not step 3. However, step 3
is a noop here. The object we got will have just come
from deref_tag, which must have figured out the type for
each object in order to know when to stop peeling.
Therefore the type will never be OBJ_NONE.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-07-13 08:42:03 +02:00
|
|
|
return object_as_type(obj, OBJ_TAG, 0);
|
2005-04-28 16:46:33 +02:00
|
|
|
}
|
|
|
|
|
2017-04-26 21:29:31 +02:00
|
|
|
static timestamp_t parse_tag_date(const char *buf, const char *tail)
|
2010-04-13 01:25:28 +02:00
|
|
|
{
|
|
|
|
const char *dateptr;
|
|
|
|
|
|
|
|
while (buf < tail && *buf++ != '>')
|
|
|
|
/* nada */;
|
|
|
|
if (buf >= tail)
|
|
|
|
return 0;
|
|
|
|
dateptr = buf;
|
|
|
|
while (buf < tail && *buf++ != '\n')
|
|
|
|
/* nada */;
|
|
|
|
if (buf >= tail)
|
|
|
|
return 0;
|
2017-04-21 12:45:44 +02:00
|
|
|
/* dateptr < buf && buf[-1] == '\n', so parsing will stop at buf-1 */
|
|
|
|
return parse_timestamp(dateptr, NULL, 10);
|
2010-04-13 01:25:28 +02:00
|
|
|
}
|
|
|
|
|
2011-02-05 11:52:20 +01:00
|
|
|
int parse_tag_buffer(struct tag *item, const void *data, unsigned long size)
|
2005-04-28 16:46:33 +02:00
|
|
|
{
|
2007-02-26 20:56:00 +01:00
|
|
|
unsigned char sha1[20];
|
2005-06-22 02:35:10 +02:00
|
|
|
char type[20];
|
2010-04-13 01:25:27 +02:00
|
|
|
const char *bufptr = data;
|
|
|
|
const char *tail = bufptr + size;
|
|
|
|
const char *nl;
|
2005-04-30 18:51:03 +02:00
|
|
|
|
2010-04-13 01:25:25 +02:00
|
|
|
if (item->object.parsed)
|
|
|
|
return 0;
|
|
|
|
item->object.parsed = 1;
|
2005-04-28 16:46:33 +02:00
|
|
|
|
|
|
|
if (size < 64)
|
2005-05-06 19:48:34 +02:00
|
|
|
return -1;
|
2010-04-13 01:25:27 +02:00
|
|
|
if (memcmp("object ", bufptr, 7) || get_sha1_hex(bufptr + 7, sha1) || bufptr[47] != '\n')
|
2005-05-06 19:48:34 +02:00
|
|
|
return -1;
|
2010-04-13 01:25:27 +02:00
|
|
|
bufptr += 48; /* "object " + sha1 + "\n" */
|
2005-04-28 16:46:33 +02:00
|
|
|
|
2013-11-30 21:55:40 +01:00
|
|
|
if (!starts_with(bufptr, "type "))
|
2005-05-06 19:48:34 +02:00
|
|
|
return -1;
|
2010-04-13 01:25:27 +02:00
|
|
|
bufptr += 5;
|
|
|
|
nl = memchr(bufptr, '\n', tail - bufptr);
|
|
|
|
if (!nl || sizeof(type) <= (nl - bufptr))
|
2005-05-06 19:48:34 +02:00
|
|
|
return -1;
|
2015-09-24 23:08:26 +02:00
|
|
|
memcpy(type, bufptr, nl - bufptr);
|
2010-04-13 01:25:27 +02:00
|
|
|
type[nl - bufptr] = '\0';
|
|
|
|
bufptr = nl + 1;
|
2005-04-28 16:46:33 +02:00
|
|
|
|
2007-02-26 20:56:00 +01:00
|
|
|
if (!strcmp(type, blob_type)) {
|
|
|
|
item->tagged = &lookup_blob(sha1)->object;
|
|
|
|
} else if (!strcmp(type, tree_type)) {
|
|
|
|
item->tagged = &lookup_tree(sha1)->object;
|
|
|
|
} else if (!strcmp(type, commit_type)) {
|
|
|
|
item->tagged = &lookup_commit(sha1)->object;
|
|
|
|
} else if (!strcmp(type, tag_type)) {
|
|
|
|
item->tagged = &lookup_tag(sha1)->object;
|
|
|
|
} else {
|
|
|
|
error("Unknown type %s", type);
|
|
|
|
item->tagged = NULL;
|
|
|
|
}
|
|
|
|
|
2013-11-30 21:55:40 +01:00
|
|
|
if (bufptr + 4 < tail && starts_with(bufptr, "tag "))
|
2011-02-14 14:02:51 +01:00
|
|
|
; /* good */
|
|
|
|
else
|
2010-04-13 01:25:27 +02:00
|
|
|
return -1;
|
|
|
|
bufptr += 4;
|
|
|
|
nl = memchr(bufptr, '\n', tail - bufptr);
|
|
|
|
if (!nl)
|
|
|
|
return -1;
|
|
|
|
item->tag = xmemdupz(bufptr, nl - bufptr);
|
|
|
|
bufptr = nl + 1;
|
|
|
|
|
2013-11-30 21:55:40 +01:00
|
|
|
if (bufptr + 7 < tail && starts_with(bufptr, "tagger "))
|
2010-04-13 01:25:28 +02:00
|
|
|
item->date = parse_tag_date(bufptr, tail);
|
|
|
|
else
|
|
|
|
item->date = 0;
|
|
|
|
|
2005-04-28 16:46:33 +02:00
|
|
|
return 0;
|
2005-05-06 19:48:34 +02:00
|
|
|
}
|
2005-05-04 19:44:15 +02:00
|
|
|
|
2005-05-06 19:48:34 +02:00
|
|
|
int parse_tag(struct tag *item)
|
|
|
|
{
|
2007-02-26 20:55:59 +01:00
|
|
|
enum object_type type;
|
2005-05-06 19:48:34 +02:00
|
|
|
void *data;
|
|
|
|
unsigned long size;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
if (item->object.parsed)
|
|
|
|
return 0;
|
2015-11-10 03:22:29 +01:00
|
|
|
data = read_sha1_file(item->object.oid.hash, &type, &size);
|
2005-05-06 19:48:34 +02:00
|
|
|
if (!data)
|
|
|
|
return error("Could not read %s",
|
2015-11-10 03:22:28 +01:00
|
|
|
oid_to_hex(&item->object.oid));
|
2007-02-26 20:55:59 +01:00
|
|
|
if (type != OBJ_TAG) {
|
2005-05-06 19:48:34 +02:00
|
|
|
free(data);
|
|
|
|
return error("Object %s not a tag",
|
2015-11-10 03:22:28 +01:00
|
|
|
oid_to_hex(&item->object.oid));
|
2005-05-06 19:48:34 +02:00
|
|
|
}
|
|
|
|
ret = parse_tag_buffer(item, data, size);
|
2005-05-04 19:44:15 +02:00
|
|
|
free(data);
|
2005-05-06 19:48:34 +02:00
|
|
|
return ret;
|
2005-04-28 16:46:33 +02:00
|
|
|
}
|