When pushing to an HTTP server using the C git client, I observed a certificate lacking a pushee field. Handle this gracefully in the parser. Change-Id: I7f3c5fa78f2e35172a93180036e679687415cac4tags/v4.1.0.201509280440-r
@@ -334,6 +334,26 @@ public class PushCertificateParserTest { | |||
assertNull(PushCertificateParser.fromReader(reader)); | |||
} | |||
@Test | |||
public void testMissingPusheeField() throws Exception { | |||
// Omit pushee line from existing cert. (This means the signature would not | |||
// match, but we're not verifying it here.) | |||
String input = INPUT.replace("0024pushee git://localhost/repo.git\n", ""); | |||
assertFalse(input.contains(PushCertificateParser.PUSHEE)); | |||
PacketLineIn pckIn = newPacketLineIn(input); | |||
PushCertificateParser parser = | |||
new PushCertificateParser(db, newEnabledConfig()); | |||
parser.receiveHeader(pckIn, false); | |||
parser.addCommand(pckIn.readString()); | |||
assertEquals(PushCertificateParser.BEGIN_SIGNATURE, pckIn.readString()); | |||
parser.receiveSignature(pckIn); | |||
PushCertificate cert = parser.build(); | |||
assertEquals("0.1", cert.getVersion()); | |||
assertNull(cert.getPushee()); | |||
} | |||
private static String concatPacketLines(String input, int begin, int end) | |||
throws IOException { | |||
StringBuilder result = new StringBuilder(); |
@@ -98,10 +98,6 @@ public class PushCertificate { | |||
throw new IllegalArgumentException(MessageFormat.format( | |||
JGitText.get().pushCertificateInvalidField, PUSHER)); | |||
} | |||
if (pushee == null || pushee.isEmpty()) { | |||
throw new IllegalArgumentException(MessageFormat.format( | |||
JGitText.get().pushCertificateInvalidField, PUSHEE)); | |||
} | |||
if (nonce == null || nonce.isEmpty()) { | |||
throw new IllegalArgumentException(MessageFormat.format( | |||
JGitText.get().pushCertificateInvalidField, NONCE)); |
@@ -273,7 +273,11 @@ public class PushCertificateParser { | |||
private static String parseHeader(StringReader reader, String header) | |||
throws IOException { | |||
String s = reader.read(); | |||
return parseHeader(reader.read(), header); | |||
} | |||
private static String parseHeader(String s, String header) | |||
throws IOException { | |||
if (s.isEmpty()) { | |||
throw new EOFException(); | |||
} | |||
@@ -331,8 +335,13 @@ public class PushCertificateParser { | |||
JGitText.get().pushCertificateInvalidFieldValue, | |||
PUSHER, rawPusher)); | |||
} | |||
pushee = parseHeader(reader, PUSHEE); | |||
receivedNonce = parseHeader(reader, NONCE); | |||
String next = reader.read(); | |||
if (next.startsWith(PUSHEE)) { | |||
pushee = parseHeader(next, PUSHEE); | |||
receivedNonce = parseHeader(reader, NONCE); | |||
} else { | |||
receivedNonce = parseHeader(next, NONCE); | |||
} | |||
nonceStatus = nonceGenerator != null | |||
? nonceGenerator.verify( | |||
receivedNonce, sentNonce(), db, stateless, nonceSlopLimit) |