1#include"cache.h" 2#include"tag.h" 3 4/* 5 * A signature file has a very simple fixed format: three lines 6 * of "object <sha1>" + "type <typename>" + "tag <tagname>", 7 * followed by some free-form signature that git itself doesn't 8 * care about, but that can be verified with gpg or similar. 9 * 10 * The first three lines are guaranteed to be at least 63 bytes: 11 * "object <sha1>\n" is 48 bytes, "type tag\n" at 9 bytes is the 12 * shortest possible type-line, and "tag .\n" at 6 bytes is the 13 * shortest single-character-tag line. 14 * 15 * We also artificially limit the size of the full object to 8kB. 16 * Just because I'm a lazy bastard, and if you can't fit a signature 17 * in that size, you're doing something wrong. 18 */ 19 20/* Some random size */ 21#define MAXSIZE (8192) 22 23/* 24 * We refuse to tag something we can't verify. Just because. 25 */ 26static intverify_object(unsigned char*sha1,const char*expected_type) 27{ 28int ret = -1; 29char type[100]; 30unsigned long size; 31void*buffer =read_sha1_file(sha1, type, &size); 32 33if(buffer) { 34if(!strcmp(type, expected_type)) 35 ret =check_sha1_signature(sha1, buffer, size, type); 36free(buffer); 37} 38return ret; 39} 40 41static intverify_tag(char*buffer,unsigned long size) 42{ 43int typelen; 44char type[20]; 45unsigned char sha1[20]; 46const char*object, *type_line, *tag_line, *tagger_line; 47 48if(size <64) 49returnerror("wanna fool me ? you obviously got the size wrong !\n"); 50 51 buffer[size] =0; 52 53/* Verify object line */ 54 object = buffer; 55if(memcmp(object,"object ",7)) 56returnerror("char%d: does not start with\"object\"\n",0); 57 58if(get_sha1_hex(object +7, sha1)) 59returnerror("char%d: could not get SHA1 hash\n",7); 60 61/* Verify type line */ 62 type_line = object +48; 63if(memcmp(type_line -1,"\ntype ",6)) 64returnerror("char%d: could not find\"\\ntype\"\n",47); 65 66/* Verify tag-line */ 67 tag_line =strchr(type_line,'\n'); 68if(!tag_line) 69returnerror("char%td: could not find next\"\\n\"\n", type_line - buffer); 70 tag_line++; 71if(memcmp(tag_line,"tag ",4) || tag_line[4] =='\n') 72returnerror("char%td: no\"tag\"found\n", tag_line - buffer); 73 74/* Get the actual type */ 75 typelen = tag_line - type_line -strlen("type\n"); 76if(typelen >=sizeof(type)) 77returnerror("char%td: type too long\n", type_line+5- buffer); 78 79memcpy(type, type_line+5, typelen); 80 type[typelen] =0; 81 82/* Verify that the object matches */ 83if(get_sha1_hex(object +7, sha1)) 84returnerror("char%d: could not get SHA1 hash but this is really odd since i got it before !\n",7); 85 86if(verify_object(sha1, type)) 87returnerror("char%d: could not verify object%s\n",7, sha1); 88 89/* Verify the tag-name: we don't allow control characters or spaces in it */ 90 tag_line +=4; 91for(;;) { 92unsigned char c = *tag_line++; 93if(c =='\n') 94break; 95if(c >' ') 96continue; 97returnerror("char%td: could not verify tag name\n", tag_line - buffer); 98} 99 100/* Verify the tagger line */ 101 tagger_line = tag_line; 102 103if(memcmp(tagger_line,"tagger",6) || (tagger_line[6] =='\n')) 104returnerror("char%td: could not find\"tagger\"\n", tagger_line - buffer); 105 106/* The actual stuff afterwards we don't care about.. */ 107return0; 108} 109 110intmain(int argc,char**argv) 111{ 112unsigned long size =4096; 113char*buffer =malloc(size); 114unsigned char result_sha1[20]; 115 116if(argc !=1) 117usage("cat <signaturefile> | git-mktag"); 118 119setup_git_directory(); 120 121if(read_pipe(0, &buffer, &size)) { 122free(buffer); 123die("could not read from stdin"); 124} 125 126/* Verify it for some basic sanity: it needs to start with 127 "object <sha1>\ntype\ntagger " */ 128if(verify_tag(buffer, size) <0) 129die("invalid tag signature file"); 130 131if(write_sha1_file(buffer, size, tag_type, result_sha1) <0) 132die("unable to write tag file"); 133 134free(buffer); 135 136printf("%s\n",sha1_to_hex(result_sha1)); 137return0; 138}