When pushing to an HTTP server using the C git client, I observed a certificate lacking a pushee field. Handle this gracefully in the parser. Change-Id: I7f3c5fa78f2e35172a93180036e679687415cac4tags/v4.1.0.201509280440-r
assertNull(PushCertificateParser.fromReader(reader)); | assertNull(PushCertificateParser.fromReader(reader)); | ||||
} | } | ||||
@Test | |||||
public void testMissingPusheeField() throws Exception { | |||||
// Omit pushee line from existing cert. (This means the signature would not | |||||
// match, but we're not verifying it here.) | |||||
String input = INPUT.replace("0024pushee git://localhost/repo.git\n", ""); | |||||
assertFalse(input.contains(PushCertificateParser.PUSHEE)); | |||||
PacketLineIn pckIn = newPacketLineIn(input); | |||||
PushCertificateParser parser = | |||||
new PushCertificateParser(db, newEnabledConfig()); | |||||
parser.receiveHeader(pckIn, false); | |||||
parser.addCommand(pckIn.readString()); | |||||
assertEquals(PushCertificateParser.BEGIN_SIGNATURE, pckIn.readString()); | |||||
parser.receiveSignature(pckIn); | |||||
PushCertificate cert = parser.build(); | |||||
assertEquals("0.1", cert.getVersion()); | |||||
assertNull(cert.getPushee()); | |||||
} | |||||
private static String concatPacketLines(String input, int begin, int end) | private static String concatPacketLines(String input, int begin, int end) | ||||
throws IOException { | throws IOException { | ||||
StringBuilder result = new StringBuilder(); | StringBuilder result = new StringBuilder(); |
throw new IllegalArgumentException(MessageFormat.format( | throw new IllegalArgumentException(MessageFormat.format( | ||||
JGitText.get().pushCertificateInvalidField, PUSHER)); | JGitText.get().pushCertificateInvalidField, PUSHER)); | ||||
} | } | ||||
if (pushee == null || pushee.isEmpty()) { | |||||
throw new IllegalArgumentException(MessageFormat.format( | |||||
JGitText.get().pushCertificateInvalidField, PUSHEE)); | |||||
} | |||||
if (nonce == null || nonce.isEmpty()) { | if (nonce == null || nonce.isEmpty()) { | ||||
throw new IllegalArgumentException(MessageFormat.format( | throw new IllegalArgumentException(MessageFormat.format( | ||||
JGitText.get().pushCertificateInvalidField, NONCE)); | JGitText.get().pushCertificateInvalidField, NONCE)); |
private static String parseHeader(StringReader reader, String header) | private static String parseHeader(StringReader reader, String header) | ||||
throws IOException { | throws IOException { | ||||
String s = reader.read(); | |||||
return parseHeader(reader.read(), header); | |||||
} | |||||
private static String parseHeader(String s, String header) | |||||
throws IOException { | |||||
if (s.isEmpty()) { | if (s.isEmpty()) { | ||||
throw new EOFException(); | throw new EOFException(); | ||||
} | } | ||||
JGitText.get().pushCertificateInvalidFieldValue, | JGitText.get().pushCertificateInvalidFieldValue, | ||||
PUSHER, rawPusher)); | PUSHER, rawPusher)); | ||||
} | } | ||||
pushee = parseHeader(reader, PUSHEE); | |||||
receivedNonce = parseHeader(reader, NONCE); | |||||
String next = reader.read(); | |||||
if (next.startsWith(PUSHEE)) { | |||||
pushee = parseHeader(next, PUSHEE); | |||||
receivedNonce = parseHeader(reader, NONCE); | |||||
} else { | |||||
receivedNonce = parseHeader(next, NONCE); | |||||
} | |||||
nonceStatus = nonceGenerator != null | nonceStatus = nonceGenerator != null | ||||
? nonceGenerator.verify( | ? nonceGenerator.verify( | ||||
receivedNonce, sentNonce(), db, stateless, nonceSlopLimit) | receivedNonce, sentNonce(), db, stateless, nonceSlopLimit) |