Package org.eclipse.jgit.transport

Class PushCertificateParser

  • public class PushCertificateParser
extends java.lang.Object
    Parser for signed push certificates.
    Since:
    4.0

    • Field Detail

      • received

        private boolean received

      • version

        private java.lang.String version

      • pushee

        private java.lang.String pushee

      • sentNonce

        private java.lang.String sentNonce
        The nonce that was sent to the client.

      • receivedNonce

        private java.lang.String receivedNonce
        The nonce the pusher signed.

        This may vary from sentNonce; see git-core documentation for reasons.

      • signature

        private java.lang.String signature

      • db

        private final Repository db
        Database we write the push certificate into.

      • nonceSlopLimit

        private final int nonceSlopLimit
        The maximum time difference which is acceptable between advertised nonce and received signed nonce.

      • enabled

        private final boolean enabled

    • Constructor Detail

      • PushCertificateParser

        public PushCertificateParser​(Repository into,
                             SignedPushConfig cfg)

        Constructor for PushCertificateParser.

        Parameters:
        into - destination repository for the push.
        cfg - configuration for signed push.
        Since:
        4.1

      • PushCertificateParser

        private PushCertificateParser()

    • Method Detail

      • fromReader

        public static PushCertificate fromReader​(java.io.Reader r)
                                  throws PackProtocolException,
                                         java.io.IOException
        Parse a push certificate from a reader.

        Differences from the PacketLineIn receiver methods:

        • Does not use pkt-line framing.
        • Reads an entire cert in one call rather than depending on a loop in the caller.
        • Does not assume a "push-cert-end" line.
        Parameters:
        r - input reader; consumed only up until the end of the next signature in the input.
        Returns:
        the parsed certificate, or null if the reader was at EOF.
        Throws:
        PackProtocolException - if the certificate is malformed.
        java.io.IOException - if there was an error reading from the input.
        Since:
        4.1

      • fromString

        public static PushCertificate fromString​(java.lang.String str)
                                  throws PackProtocolException,
                                         java.io.IOException
        Parse a push certificate from a string.
        Parameters:
        str - input string.
        Returns:
        the parsed certificate.
        Throws:
        PackProtocolException - if the certificate is malformed.
        java.io.IOException - if there was an error reading from the input.
        Since:
        4.1
        See Also:
        fromReader(Reader)

      • parse

        public PushCertificate parse​(java.io.Reader r)
                      throws PackProtocolException,
                             java.io.IOException
        Parse a push certificate from a reader.
        Parameters:
        r - input reader; consumed only up until the end of the next signature in the input.
        Returns:
        the parsed certificate, or null if the reader was at EOF.
        Throws:
        PackProtocolException - if the certificate is malformed.
        java.io.IOException - if there was an error reading from the input.
        Since:
        4.1
        See Also:
        fromReader(Reader)

      • build

        public PushCertificate build()
                      throws java.io.IOException
        Build the parsed certificate
        Returns:
        the parsed certificate, or null if push certificates are disabled.
        Throws:
        java.io.IOException - if the push certificate has missing or invalid fields.
        Since:
        4.1

      • enabled

        public boolean enabled()
        Whether the repository is configured to use signed pushes in this context.
        Returns:
        if the repository is configured to use signed pushes in this context.
        Since:
        4.0

      • getAdvertiseNonce

        public java.lang.String getAdvertiseNonce()
        Get the whole string for the nonce to be included into the capability advertisement
        Returns:
        the whole string for the nonce to be included into the capability advertisement, or null if push certificates are disabled.
        Since:
        4.0

      • sentNonce

        private java.lang.String sentNonce()

      • parseHeader

        private static java.lang.String parseHeader​(PushCertificateParser.StringReader reader,
                                            java.lang.String header)
                                     throws java.io.IOException
        Throws:
        java.io.IOException

      • parseHeader

        private static java.lang.String parseHeader​(java.lang.String s,
                                            java.lang.String header)
                                     throws java.io.IOException
        Throws:
        java.io.IOException

      • receiveHeader

        public void receiveHeader​(PacketLineIn pckIn,
                          boolean stateless)
                   throws java.io.IOException
        Receive a list of commands from the input encapsulated in a push certificate.

        This method doesn't parse the first line "push-cert \NUL <capabilities>", but assumes the first line including the capabilities has already been handled by the caller.

        Parameters:
        pckIn - where we take the push certificate header from.
        stateless - affects nonce verification. When stateless = true the NonceGenerator will allow for some time skew caused by clients disconnected and reconnecting in the stateless smart HTTP protocol.
        Throws:
        java.io.IOException - if the certificate from the client is badly malformed or the client disconnects before sending the entire certificate.
        Since:
        4.0

      • receiveSignature

        public void receiveSignature​(PacketLineIn pckIn)
                      throws java.io.IOException
        Read the PGP signature.

        This method assumes the line "-----BEGIN PGP SIGNATURE-----" has already been parsed, and continues parsing until an "-----END PGP SIGNATURE-----" is found, followed by "push-cert-end".

        Parameters:
        pckIn - where we read the signature from.
        Throws:
        java.io.IOException - if the signature is invalid.
        Since:
        4.0

      • addCommand

        public void addCommand​(ReceiveCommand cmd)
        Add a command to the signature.
        Parameters:
        cmd - the command.
        Since:
        4.1

      • addCommand

        public void addCommand​(java.lang.String line)
                throws PackProtocolException
        Add a command to the signature.
        Parameters:
        line - the line read from the wire that produced this command, with optional trailing newline already trimmed.
        Throws:
        PackProtocolException - if the raw line cannot be parsed to a command.
        Since:
        4.0