Merge branch 'master' into next

* master: (38 commits) Revert "DFS block cache: Refactor to enable parallel index loading" GitServlet: allow to override default error handlers Silence API error for new interface method ProtocolV2Hook#onObjectInfo transport: add object-info capability Ignore IllegalStateException if JVM is already shutting down Update orbit to R20210825222808 for 2021-09 Update spotbugs-maven-plugin to 4.3.0 Update ant to 1.10.11 also in pom.xml DFS block cache: add additional stats to DfsReaderIoStats Update Orbit to S20210817231813 [gpg] Better GPG home directory determination FS: cleanup use of final modifier Ensure FS#searchPath only selects executable files RevWalk: getMergedInto's result is wrong on the second call DFS block cache: Refactor to enable parallel index loading [test] Create keystore with the keytool of the running JDK [gpg] Update to Bouncy Castle 1.69 [test] Create keystore with the keytool of the running JDK [sshd] Minor code clean-up Support commit.template config property ... Change-Id: I9f99e9a513a23c0c0d252334e79c351512d7355e
author: Matthias Sohn <matthias.sohn@sap.com> 2021-09-09 14:41:30 +0200
committer: Matthias Sohn <matthias.sohn@sap.com> 2021-09-13 23:53:34 +0200
commit: a19494b735528b6eb678ac9dbc6a92b8db8560ab (patch)
tree: 29df569134d27876ad3b32a8f3f6daf4dffde5b5 /org.eclipse.jgit.gpg.bc
parent: b9653ccdad437c5449f8eaf0c4e9cfdd2afe4519 (diff)
parent: a3a8de310847963bd8fadba33de17abd974ae710 (diff)
download: jgit-a19494b735528b6eb678ac9dbc6a92b8db8560ab.tar.gz
jgit-a19494b735528b6eb678ac9dbc6a92b8db8560ab.zip
7 files changed, 74 insertions, 37 deletions
diff --git a/org.eclipse.jgit.gpg.bc/BUILD b/org.eclipse.jgit.gpg.bc/BUILD
index 4fe1e478cf..9b9ae5fef1 100644
--- a/org.eclipse.jgit.gpg.bc/BUILD
+++ b/org.eclipse.jgit.gpg.bc/BUILD
@@ -15,6 +15,7 @@ java_library(
         "//lib:bcpg",
         "//lib:bcpkix",
         "//lib:bcprov",
+        "//lib:bcutil",
         "//lib:slf4j-api",
         "//org.eclipse.jgit:jgit",
     ],
diff --git a/org.eclipse.jgit.gpg.bc/META-INF/MANIFEST.MF b/org.eclipse.jgit.gpg.bc/META-INF/MANIFEST.MF
index 48aad320dc..22622aec91 100644
--- a/org.eclipse.jgit.gpg.bc/META-INF/MANIFEST.MF
+++ b/org.eclipse.jgit.gpg.bc/META-INF/MANIFEST.MF
@@ -8,27 +8,27 @@ Bundle-Vendor: %Bundle-Vendor
 Bundle-Localization: plugin
 Bundle-Version: 6.0.0.qualifier
 Bundle-RequiredExecutionEnvironment: JavaSE-1.8
-Import-Package: org.bouncycastle.asn1;version="[1.65.0,2.0.0)",
- org.bouncycastle.asn1.cryptlib;version="[1.65.0,2.0.0)",
- org.bouncycastle.asn1.x9;version="[1.65.0,2.0.0)",
- org.bouncycastle.bcpg;version="[1.65.0,2.0.0)",
- org.bouncycastle.bcpg.sig;version="[1.65.0,2.0.0)",
- org.bouncycastle.crypto.ec;version="[1.65.0,2.0.0)",
- org.bouncycastle.gpg;version="[1.65.0,2.0.0)",
- org.bouncycastle.gpg.keybox;version="[1.65.0,2.0.0)",
- org.bouncycastle.gpg.keybox.jcajce;version="[1.65.0,2.0.0)",
- org.bouncycastle.jcajce.interfaces;version="[1.65.0,2.0.0)",
- org.bouncycastle.jcajce.util;version="[1.65.0,2.0.0)",
- org.bouncycastle.jce.provider;version="[1.65.0,2.0.0)",
- org.bouncycastle.math.ec;version="[1.65.0,2.0.0)",
- org.bouncycastle.math.field;version="[1.65.0,2.0.0)",
- org.bouncycastle.openpgp;version="[1.65.0,2.0.0)",
- org.bouncycastle.openpgp.jcajce;version="[1.65.0,2.0.0)",
- org.bouncycastle.openpgp.operator;version="[1.65.0,2.0.0)",
- org.bouncycastle.openpgp.operator.jcajce;version="[1.65.0,2.0.0)",
- org.bouncycastle.util;version="[1.65.0,2.0.0)",
- org.bouncycastle.util.encoders;version="[1.65.0,2.0.0)",
- org.bouncycastle.util.io;version="[1.65.0,2.0.0)",
+Import-Package: org.bouncycastle.asn1;version="[1.69.0,2.0.0)",
+ org.bouncycastle.asn1.cryptlib;version="[1.69.0,2.0.0)",
+ org.bouncycastle.asn1.x9;version="[1.69.0,2.0.0)",
+ org.bouncycastle.bcpg;version="[1.69.0,2.0.0)",
+ org.bouncycastle.bcpg.sig;version="[1.69.0,2.0.0)",
+ org.bouncycastle.crypto.ec;version="[1.69.0,2.0.0)",
+ org.bouncycastle.gpg;version="[1.69.0,2.0.0)",
+ org.bouncycastle.gpg.keybox;version="[1.69.0,2.0.0)",
+ org.bouncycastle.gpg.keybox.jcajce;version="[1.69.0,2.0.0)",
+ org.bouncycastle.jcajce.interfaces;version="[1.69.0,2.0.0)",
+ org.bouncycastle.jcajce.util;version="[1.69.0,2.0.0)",
+ org.bouncycastle.jce.provider;version="[1.69.0,2.0.0)",
+ org.bouncycastle.math.ec;version="[1.69.0,2.0.0)",
+ org.bouncycastle.math.field;version="[1.69.0,2.0.0)",
+ org.bouncycastle.openpgp;version="[1.69.0,2.0.0)",
+ org.bouncycastle.openpgp.jcajce;version="[1.69.0,2.0.0)",
+ org.bouncycastle.openpgp.operator;version="[1.69.0,2.0.0)",
+ org.bouncycastle.openpgp.operator.jcajce;version="[1.69.0,2.0.0)",
+ org.bouncycastle.util;version="[1.69.0,2.0.0)",
+ org.bouncycastle.util.encoders;version="[1.69.0,2.0.0)",
+ org.bouncycastle.util.io;version="[1.69.0,2.0.0)",
  org.eclipse.jgit.annotations;version="[6.0.0,6.1.0)",
  org.eclipse.jgit.api.errors;version="[6.0.0,6.1.0)",
  org.slf4j;version="[1.7.0,2.0.0)"
diff --git a/org.eclipse.jgit.gpg.bc/pom.xml b/org.eclipse.jgit.gpg.bc/pom.xml
index 833d23ceba..47d3e9b635 100644
--- a/org.eclipse.jgit.gpg.bc/pom.xml
+++ b/org.eclipse.jgit.gpg.bc/pom.xml
@@ -51,6 +51,11 @@
 
     <dependency>
       <groupId>org.bouncycastle</groupId>
+      <artifactId>bcutil-jdk15on</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
       <artifactId>bcpkix-jdk15on</artifactId>
     </dependency>
 
diff --git a/org.eclipse.jgit.gpg.bc/resources/org/eclipse/jgit/gpg/bc/internal/BCText.properties b/org.eclipse.jgit.gpg.bc/resources/org/eclipse/jgit/gpg/bc/internal/BCText.properties
index e4b1baba1f..ab83298c15 100644
--- a/org.eclipse.jgit.gpg.bc/resources/org/eclipse/jgit/gpg/bc/internal/BCText.properties
+++ b/org.eclipse.jgit.gpg.bc/resources/org/eclipse/jgit/gpg/bc/internal/BCText.properties
@@ -13,6 +13,8 @@ gpgNoSuchAlgorithm=Cannot decrypt encrypted secret key: encryption algorithm {0}
 gpgNotASigningKey=Secret key ({0}) is not suitable for signing
 gpgKeyInfo=GPG Key (fingerprint {0})
 gpgSigningCancelled=Signing was cancelled
+logWarnGnuPGHome=Cannot access GPG home directory given by environment variable GNUPGHOME={}
+logWarnGpgHomeProperty=Cannot access GPG home directory given by Java system property jgit.gpg.home={}
 nonSignatureError=Signature does not decode into a signature object
 secretKeyTooShort=Secret key file corrupt; only {0} bytes read
 sexprHexNotClosed=Hex number in s-expression not closed
diff --git a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BCText.java b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BCText.java
index aedf8a5be5..68ee2fd5de 100644
--- a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BCText.java
+++ b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BCText.java
@@ -42,6 +42,8 @@ public final class BCText extends TranslationBundle {
 	/***/ public String gpgNotASigningKey;
 	/***/ public String gpgKeyInfo;
 	/***/ public String gpgSigningCancelled;
+	/***/ public String logWarnGnuPGHome;
+	/***/ public String logWarnGpgHomeProperty;
 	/***/ public String nonSignatureError;
 	/***/ public String secretKeyTooShort;
 	/***/ public String sexprHexNotClosed;
diff --git a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgKeyLocator.java b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgKeyLocator.java
index cf4d3d2340..8cd03bd36f 100644
--- a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgKeyLocator.java
+++ b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgKeyLocator.java
@@ -29,6 +29,8 @@ import java.security.NoSuchProviderException;
 import java.text.MessageFormat;
 import java.util.Iterator;
 import java.util.Locale;
+import java.util.function.Consumer;
+import java.util.function.Function;
 
 import org.bouncycastle.gpg.keybox.BlobType;
 import org.bouncycastle.gpg.keybox.KeyBlob;
@@ -98,29 +100,54 @@ public class BouncyCastleGpgKeyLocator {
 
 	private static Path findGpgDirectory() {
 		SystemReader system = SystemReader.getInstance();
+		Function<String, Path> resolveTilde = s -> {
+			if (s.startsWith("~/") || s.startsWith("~" + File.separatorChar)) { //$NON-NLS-1$ //$NON-NLS-2$
+				return new File(FS.DETECTED.userHome(), s.substring(2))
+						.getAbsoluteFile().toPath();
+			}
+			return Paths.get(s);
+		};
+		Path path = checkDirectory(system.getProperty("jgit.gpg.home"), //$NON-NLS-1$
+				resolveTilde,
+				s -> log.warn(BCText.get().logWarnGpgHomeProperty, s));
+		if (path != null) {
+			return path;
+		}
+		path = checkDirectory(system.getenv("GNUPGHOME"), resolveTilde, //$NON-NLS-1$
+				s -> log.warn(BCText.get().logWarnGnuPGHome, s));
+		if (path != null) {
+			return path;
+		}
 		if (system.isWindows()) {
 			// On Windows prefer %APPDATA%\gnupg if it exists, even if Cygwin is
 			// used.
-			String appData = system.getenv("APPDATA"); //$NON-NLS-1$
-			if (appData != null && !appData.isEmpty()) {
-				try {
-					Path directory = Paths.get(appData).resolve("gnupg"); //$NON-NLS-1$
-					if (Files.isDirectory(directory)) {
-						return directory;
-					}
-				} catch (SecurityException | InvalidPathException e) {
-					// Ignore and return the default location below.
-				}
+			path = checkDirectory(system.getenv("APPDATA"), //$NON-NLS-1$
+					s -> Paths.get(s).resolve("gnupg"), null); //$NON-NLS-1$
+			if (path != null) {
+				return path;
 			}
 		}
 		// All systems, including Cygwin and even Windows if
 		// %APPDATA%\gnupg doesn't exist: ~/.gnupg
-		File home = FS.DETECTED.userHome();
-		if (home == null) {
-			// Oops. What now?
-			home = new File(".").getAbsoluteFile(); //$NON-NLS-1$
+		return resolveTilde.apply("~/.gnupg"); //$NON-NLS-1$
+	}
+
+	private static Path checkDirectory(String dir,
+			Function<String, Path> toPath, Consumer<String> warn) {
+		if (!StringUtils.isEmptyOrNull(dir)) {
+			try {
+				Path directory = toPath.apply(dir);
+				if (Files.isDirectory(directory)) {
+					return directory;
+				}
+			} catch (SecurityException | InvalidPathException e) {
+				// Ignore, warn, and try other known directories
+			}
+			if (warn != null) {
+				warn.accept(dir);
+			}
 		}
-		return home.toPath().resolve(".gnupg"); //$NON-NLS-1$
+		return null;
 	}
 
 	/**
diff --git a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java
index 211bd7bd20..763b7f7526 100644
--- a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java
+++ b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java
@@ -195,7 +195,7 @@ public class BouncyCastleGpgSigner extends GpgSigner
 				}
 			}
 			if (userId != null) {
-				subpackets.setSignerUserID(false, userId);
+				subpackets.addSignerUserID(false, userId);
 			}
 			signatureGenerator
 					.setHashedSubpackets(subpackets.generate());
author	Matthias Sohn <matthias.sohn@sap.com>	2021-09-09 14:41:30 +0200
committer	Matthias Sohn <matthias.sohn@sap.com>	2021-09-13 23:53:34 +0200
commit	a19494b735528b6eb678ac9dbc6a92b8db8560ab (patch)
tree	29df569134d27876ad3b32a8f3f6daf4dffde5b5 /org.eclipse.jgit.gpg.bc
parent	b9653ccdad437c5449f8eaf0c4e9cfdd2afe4519 (diff)
parent	a3a8de310847963bd8fadba33de17abd974ae710 (diff)
download	jgit-a19494b735528b6eb678ac9dbc6a92b8db8560ab.tar.gz jgit-a19494b735528b6eb678ac9dbc6a92b8db8560ab.zip