From b07332d62c347326baade26e3a3c281b83172615 Mon Sep 17 00:00:00 2001 From: Rutger Broekhoff Date: Tue, 9 Jan 2024 23:22:34 +0100 Subject: Fix makehextag in git-lfs-authenticate (C) --- cmd/git-lfs-authenticate/main.c | 22 +++++++++++----------- cmd/git-lfs-authenticate/main.go | 11 +++++++---- 2 files changed, 18 insertions(+), 15 deletions(-) diff --git a/cmd/git-lfs-authenticate/main.c b/cmd/git-lfs-authenticate/main.c index 0f45e49..71481e9 100644 --- a/cmd/git-lfs-authenticate/main.c +++ b/cmd/git-lfs-authenticate/main.c @@ -62,15 +62,15 @@ void printescjson(const char *str) { void checkrepopath(const char *path) { if (strstr(path, "//") || strstr(path, "/./") || strstr(path, "/../") || hasprefix(path, "./") || hasprefix(path, "../") || hasprefix(path, "/../")) - die("Bad repository name: is unresolved path"); + die("Bad repository name: Is unresolved path"); if (strlen(path) > 100) - die("Bad repository name: longer than 100 characters"); + die("Bad repository name: Longer than 100 characters"); if (hassuffix(path, "/")) - die("Bad repositry name: unexpected trailing slash"); + die("Bad repositry name: Unexpected trailing slash"); if (hasprefix(path, "/")) - die("Bad repository name: unexpected absolute path"); + die("Bad repository name: Unexpected absolute path"); if (!hassuffix(path, ".git")) - die("Bad repository name: expected '.git' repo path suffix"); + die("Bad repository name: Expected '.git' repo path suffix"); struct stat statbuf; if (stat(path, &statbuf)) { @@ -203,8 +203,8 @@ void makehextag(const taginfo_t info, uint8_t key[KEYSIZE], char dest[MAX_HEXTAG memset(dest, 0, MAX_HEXTAG_STRLEN + 1); for (size_t i = 0; i < rawtag_len; i++) { uint8_t b = rawtag[i]; - dest[i] = (b >> 4) + ((b >> 4) < 10 ? '0' : 'a'); - dest[i + 1] = (b & 0x0F) + ((b & 0x0F) < 10 ? '0' : 'a'); + dest[i * 2] = (b >> 4) + ((b >> 4) < 10 ? '0' : 'a'); + dest[i*2 + 1] = (b & 0x0F) + ((b & 0x0F) < 10 ? '0' : 'a'); } } @@ -223,14 +223,14 @@ int main(int argc, char *argv[]) { checkrepopath(repopath); const char *hrefbase = getenv("GITOLFS3_HREF_BASE"); - const char *keypath = getenv("GITOLFS3_KEY_PATH"); + const char *keypath = getenv("GITOLFS3_KEY_PATH"); if (!hrefbase || strlen(hrefbase) == 0) - die("Incomplete configuration: base URL not provided"); + die("Incomplete configuration: Base URL not provided"); if (hrefbase[strlen(hrefbase) - 1] != '/') - die("Bad configuration: base URL should end with slash"); + die("Bad configuration: Base URL should end with slash"); if (!keypath || strlen(keypath) == 0) - die("Incomplete configuration: key path not provided"); + die("Incomplete configuration: Key path not provided"); uint8_t key[64]; readkey(keypath, key); diff --git a/cmd/git-lfs-authenticate/main.go b/cmd/git-lfs-authenticate/main.go index 3db0efe..59ed978 100644 --- a/cmd/git-lfs-authenticate/main.go +++ b/cmd/git-lfs-authenticate/main.go @@ -59,7 +59,7 @@ func main() { os.Exit(1) } - repo := strings.TrimPrefix(path.Clean(strings.TrimSuffix(os.Args[1], ".git")), "/") + repo := strings.TrimPrefix(path.Clean(os.Args[1]), "/") operation := os.Args[2] if operation != "download" && operation != "upload" { fmt.Println(usage) @@ -68,8 +68,11 @@ func main() { if repo == ".." || strings.HasPrefix(repo, "../") { die("highly illegal repo name (Anzeige ist raus)") } + if !strings.HasSuffix(repo, ".git") { + die("expected repo name to have '.git' suffix") + } - repoDir := path.Join(repo + ".git") + repoDir := path.Join(repo) finfo, err := os.Stat(repoDir) if err != nil { if errors.Is(err, fs.ErrNotExist) { @@ -125,12 +128,12 @@ func main() { response := authenticateResponse{ Header: map[string]string{ - "Authorization": "Tag " + tagStr, + "Authorization": "Gitolfs3-Hmac-Sha256 " + tagStr, }, ExpiresIn: int64(expiresIn.Seconds()), HRef: fmt.Sprintf("%s%s?p=1&te=%d", hrefBase, - path.Join(repo+".git", "/info/lfs"), + path.Join(repo, "/info/lfs"), expiresAtUnix, ), } -- cgit v1.2.3