1#include"cache.h" 2#include"tag.h" 3 4/* 5 * A signature file has a very simple fixed format: four lines 6 * of "object <sha1>" + "type <typename>" + "tag <tagname>" + 7 * "tagger <committer>", followed by a blank line, a free-form tag 8 * message and a signature block that git itself doesn't care about, 9 * but that can be verified with gpg or similar. 10 * 11 * The first three lines are guaranteed to be at least 63 bytes: 12 * "object <sha1>\n" is 48 bytes, "type tag\n" at 9 bytes is the 13 * shortest possible type-line, and "tag .\n" at 6 bytes is the 14 * shortest single-character-tag line. 15 */ 16 17/* 18 * We refuse to tag something we can't verify. Just because. 19 */ 20static intverify_object(unsigned char*sha1,const char*expected_type) 21{ 22int ret = -1; 23enum object_type type; 24unsigned long size; 25void*buffer =read_sha1_file(sha1, &type, &size); 26 27if(buffer) { 28if(type ==type_from_string(expected_type)) 29 ret =check_sha1_signature(sha1, buffer, size, expected_type); 30free(buffer); 31} 32return ret; 33} 34 35#ifdef NO_C99_FORMAT 36#define PD_FMT"%d" 37#else 38#define PD_FMT"%td" 39#endif 40 41static intverify_tag(char*buffer,unsigned long size) 42{ 43int typelen; 44char type[20]; 45unsigned char sha1[20]; 46const char*object, *type_line, *tag_line, *tagger_line; 47 48if(size <64) 49returnerror("wanna fool me ? you obviously got the size wrong !"); 50 51 buffer[size] =0; 52 53/* Verify object line */ 54 object = buffer; 55if(memcmp(object,"object ",7)) 56returnerror("char%d: does not start with\"object\"",0); 57 58if(get_sha1_hex(object +7, sha1)) 59returnerror("char%d: could not get SHA1 hash",7); 60 61/* Verify type line */ 62 type_line = object +48; 63if(memcmp(type_line -1,"\ntype ",6)) 64returnerror("char%d: could not find\"\\ntype\"",47); 65 66/* Verify tag-line */ 67 tag_line =strchr(type_line,'\n'); 68if(!tag_line) 69returnerror("char" PD_FMT ": could not find next\"\\n\"", type_line - buffer); 70 tag_line++; 71if(memcmp(tag_line,"tag ",4) || tag_line[4] =='\n') 72returnerror("char" PD_FMT ": no\"tag\"found", tag_line - buffer); 73 74/* Get the actual type */ 75 typelen = tag_line - type_line -strlen("type\n"); 76if(typelen >=sizeof(type)) 77returnerror("char" PD_FMT ": type too long", type_line+5- buffer); 78 79memcpy(type, type_line+5, typelen); 80 type[typelen] =0; 81 82/* Verify that the object matches */ 83if(verify_object(sha1, type)) 84returnerror("char%d: could not verify object%s",7,sha1_to_hex(sha1)); 85 86/* Verify the tag-name: we don't allow control characters or spaces in it */ 87 tag_line +=4; 88for(;;) { 89unsigned char c = *tag_line++; 90if(c =='\n') 91break; 92if(c >' ') 93continue; 94returnerror("char" PD_FMT ": could not verify tag name", tag_line - buffer); 95} 96 97/* Verify the tagger line */ 98 tagger_line = tag_line; 99 100if(memcmp(tagger_line,"tagger",6) || (tagger_line[6] =='\n')) 101returnerror("char" PD_FMT ": could not find\"tagger\"", tagger_line - buffer); 102 103/* TODO: check for committer info + blank line? */ 104/* Also, the minimum length is probably + "tagger .", or 63+8=71 */ 105 106/* The actual stuff afterwards we don't care about.. */ 107return0; 108} 109 110#undef PD_FMT 111 112intmain(int argc,char**argv) 113{ 114unsigned long size =4096; 115char*buffer =xmalloc(size); 116unsigned char result_sha1[20]; 117 118if(argc !=1) 119usage("git-mktag < signaturefile"); 120 121setup_git_directory(); 122 123if(read_pipe(0, &buffer, &size)) { 124free(buffer); 125die("could not read from stdin"); 126} 127 128/* Verify it for some basic sanity: it needs to start with 129 "object <sha1>\ntype\ntagger " */ 130if(verify_tag(buffer, size) <0) 131die("invalid tag signature file"); 132 133if(write_sha1_file(buffer, size, tag_type, result_sha1) <0) 134die("unable to write tag file"); 135 136free(buffer); 137 138printf("%s\n",sha1_to_hex(result_sha1)); 139return0; 140}