mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12238 Commits
17 Branches
Tree: 12938dd35f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '12938dd35f'
${ noResults }
gitea/models/repo_sign.go

repo_sign.go 7.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249 
  1. // Copyright 2019 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"strings"

  9. 

  10. 	"code.gitea.io/gitea/models/db"

  11. 	"code.gitea.io/gitea/models/login"

  12. 	"code.gitea.io/gitea/modules/git"

  13. 	"code.gitea.io/gitea/modules/log"

  14. 	"code.gitea.io/gitea/modules/process"

  15. 	"code.gitea.io/gitea/modules/setting"

  16. )

  17. 

  18. type signingMode string

  19. 

  20. const (

  21. 	never         signingMode = "never"

  22. 	always        signingMode = "always"

  23. 	pubkey        signingMode = "pubkey"

  24. 	twofa         signingMode = "twofa"

  25. 	parentSigned  signingMode = "parentsigned"

  26. 	baseSigned    signingMode = "basesigned"

  27. 	headSigned    signingMode = "headsigned"

  28. 	commitsSigned signingMode = "commitssigned"

  29. 	approved      signingMode = "approved"

  30. 	noKey         signingMode = "nokey"

  31. )

  32. 

  33. func signingModeFromStrings(modeStrings []string) []signingMode {

  34. 	returnable := make([]signingMode, 0, len(modeStrings))

  35. 	for _, mode := range modeStrings {

  36. 		signMode := signingMode(strings.ToLower(strings.TrimSpace(mode)))

  37. 		switch signMode {

  38. 		case never:

  39. 			return []signingMode{never}

  40. 		case always:

  41. 			return []signingMode{always}

  42. 		case pubkey:

  43. 			fallthrough

  44. 		case twofa:

  45. 			fallthrough

  46. 		case parentSigned:

  47. 			fallthrough

  48. 		case baseSigned:

  49. 			fallthrough

  50. 		case headSigned:

  51. 			fallthrough

  52. 		case approved:

  53. 			fallthrough

  54. 		case commitsSigned:

  55. 			returnable = append(returnable, signMode)

  56. 		}

  57. 	}

  58. 	if len(returnable) == 0 {

  59. 		return []signingMode{never}

  60. 	}

  61. 	return returnable

  62. }

  63. 

  64. // SigningKey returns the KeyID and git Signature for the repo

  65. func SigningKey(repoPath string) (string, *git.Signature) {

  66. 	if setting.Repository.Signing.SigningKey == "none" {

  67. 		return "", nil

  68. 	}

  69. 

  70. 	if setting.Repository.Signing.SigningKey == "default" || setting.Repository.Signing.SigningKey == "" {

  71. 		// Can ignore the error here as it means that commit.gpgsign is not set

  72. 		value, _ := git.NewCommand("config", "--get", "commit.gpgsign").RunInDir(repoPath)

  73. 		sign, valid := git.ParseBool(strings.TrimSpace(value))

  74. 		if !sign || !valid {

  75. 			return "", nil

  76. 		}

  77. 

  78. 		signingKey, _ := git.NewCommand("config", "--get", "user.signingkey").RunInDir(repoPath)

  79. 		signingName, _ := git.NewCommand("config", "--get", "user.name").RunInDir(repoPath)

  80. 		signingEmail, _ := git.NewCommand("config", "--get", "user.email").RunInDir(repoPath)

  81. 		return strings.TrimSpace(signingKey), &git.Signature{

  82. 			Name:  strings.TrimSpace(signingName),

  83. 			Email: strings.TrimSpace(signingEmail),

  84. 		}

  85. 	}

  86. 

  87. 	return setting.Repository.Signing.SigningKey, &git.Signature{

  88. 		Name:  setting.Repository.Signing.SigningName,

  89. 		Email: setting.Repository.Signing.SigningEmail,

  90. 	}

  91. }

  92. 

  93. // PublicSigningKey gets the public signing key within a provided repository directory

  94. func PublicSigningKey(repoPath string) (string, error) {

  95. 	signingKey, _ := SigningKey(repoPath)

  96. 	if signingKey == "" {

  97. 		return "", nil

  98. 	}

  99. 

  100. 	content, stderr, err := process.GetManager().ExecDir(-1, repoPath,

  101. 		"gpg --export -a", "gpg", "--export", "-a", signingKey)

  102. 	if err != nil {

  103. 		log.Error("Unable to get default signing key in %s: %s, %s, %v", repoPath, signingKey, stderr, err)

  104. 		return "", err

  105. 	}

  106. 	return content, nil

  107. }

  108. 

  109. // SignInitialCommit determines if we should sign the initial commit to this repository

  110. func SignInitialCommit(repoPath string, u *User) (bool, string, *git.Signature, error) {

  111. 	rules := signingModeFromStrings(setting.Repository.Signing.InitialCommit)

  112. 	signingKey, sig := SigningKey(repoPath)

  113. 	if signingKey == "" {

  114. 		return false, "", nil, &ErrWontSign{noKey}

  115. 	}

  116. 

  117. Loop:

  118. 	for _, rule := range rules {

  119. 		switch rule {

  120. 		case never:

  121. 			return false, "", nil, &ErrWontSign{never}

  122. 		case always:

  123. 			break Loop

  124. 		case pubkey:

  125. 			keys, err := ListGPGKeys(u.ID, db.ListOptions{})

  126. 			if err != nil {

  127. 				return false, "", nil, err

  128. 			}

  129. 			if len(keys) == 0 {

  130. 				return false, "", nil, &ErrWontSign{pubkey}

  131. 			}

  132. 		case twofa:

  133. 			twofaModel, err := login.GetTwoFactorByUID(u.ID)

  134. 			if err != nil && !login.IsErrTwoFactorNotEnrolled(err) {

  135. 				return false, "", nil, err

  136. 			}

  137. 			if twofaModel == nil {

  138. 				return false, "", nil, &ErrWontSign{twofa}

  139. 			}

  140. 		}

  141. 	}

  142. 	return true, signingKey, sig, nil

  143. }

  144. 

  145. // SignWikiCommit determines if we should sign the commits to this repository wiki

  146. func (repo *Repository) SignWikiCommit(u *User) (bool, string, *git.Signature, error) {

  147. 	rules := signingModeFromStrings(setting.Repository.Signing.Wiki)

  148. 	signingKey, sig := SigningKey(repo.WikiPath())

  149. 	if signingKey == "" {

  150. 		return false, "", nil, &ErrWontSign{noKey}

  151. 	}

  152. 

  153. Loop:

  154. 	for _, rule := range rules {

  155. 		switch rule {

  156. 		case never:

  157. 			return false, "", nil, &ErrWontSign{never}

  158. 		case always:

  159. 			break Loop

  160. 		case pubkey:

  161. 			keys, err := ListGPGKeys(u.ID, db.ListOptions{})

  162. 			if err != nil {

  163. 				return false, "", nil, err

  164. 			}

  165. 			if len(keys) == 0 {

  166. 				return false, "", nil, &ErrWontSign{pubkey}

  167. 			}

  168. 		case twofa:

  169. 			twofaModel, err := login.GetTwoFactorByUID(u.ID)

  170. 			if err != nil && !login.IsErrTwoFactorNotEnrolled(err) {

  171. 				return false, "", nil, err

  172. 			}

  173. 			if twofaModel == nil {

  174. 				return false, "", nil, &ErrWontSign{twofa}

  175. 			}

  176. 		case parentSigned:

  177. 			gitRepo, err := git.OpenRepository(repo.WikiPath())

  178. 			if err != nil {

  179. 				return false, "", nil, err

  180. 			}

  181. 			defer gitRepo.Close()

  182. 			commit, err := gitRepo.GetCommit("HEAD")

  183. 			if err != nil {

  184. 				return false, "", nil, err

  185. 			}

  186. 			if commit.Signature == nil {

  187. 				return false, "", nil, &ErrWontSign{parentSigned}

  188. 			}

  189. 			verification := ParseCommitWithSignature(commit)

  190. 			if !verification.Verified {

  191. 				return false, "", nil, &ErrWontSign{parentSigned}

  192. 			}

  193. 		}

  194. 	}

  195. 	return true, signingKey, sig, nil

  196. }

  197. 

  198. // SignCRUDAction determines if we should sign a CRUD commit to this repository

  199. func (repo *Repository) SignCRUDAction(u *User, tmpBasePath, parentCommit string) (bool, string, *git.Signature, error) {

  200. 	rules := signingModeFromStrings(setting.Repository.Signing.CRUDActions)

  201. 	signingKey, sig := SigningKey(repo.RepoPath())

  202. 	if signingKey == "" {

  203. 		return false, "", nil, &ErrWontSign{noKey}

  204. 	}

  205. 

  206. Loop:

  207. 	for _, rule := range rules {

  208. 		switch rule {

  209. 		case never:

  210. 			return false, "", nil, &ErrWontSign{never}

  211. 		case always:

  212. 			break Loop

  213. 		case pubkey:

  214. 			keys, err := ListGPGKeys(u.ID, db.ListOptions{})

  215. 			if err != nil {

  216. 				return false, "", nil, err

  217. 			}

  218. 			if len(keys) == 0 {

  219. 				return false, "", nil, &ErrWontSign{pubkey}

  220. 			}

  221. 		case twofa:

  222. 			twofaModel, err := login.GetTwoFactorByUID(u.ID)

  223. 			if err != nil && !login.IsErrTwoFactorNotEnrolled(err) {

  224. 				return false, "", nil, err

  225. 			}

  226. 			if twofaModel == nil {

  227. 				return false, "", nil, &ErrWontSign{twofa}

  228. 			}

  229. 		case parentSigned:

  230. 			gitRepo, err := git.OpenRepository(tmpBasePath)

  231. 			if err != nil {

  232. 				return false, "", nil, err

  233. 			}

  234. 			defer gitRepo.Close()

  235. 			commit, err := gitRepo.GetCommit(parentCommit)

  236. 			if err != nil {

  237. 				return false, "", nil, err

  238. 			}

  239. 			if commit.Signature == nil {

  240. 				return false, "", nil, &ErrWontSign{parentSigned}

  241. 			}

  242. 			verification := ParseCommitWithSignature(commit)

  243. 			if !verification.Verified {

  244. 				return false, "", nil, &ErrWontSign{parentSigned}

  245. 			}

  246. 		}

  247. 	}

  248. 	return true, signingKey, sig, nil

  249. }