signature.c 7.94 KB
Newer Older
1
/*
Edward Thomson committed
2
 * Copyright (C) the libgit2 contributors. All rights reserved.
3
 *
Vicent Marti committed
4 5
 * This file is part of libgit2, distributed under the GNU GPL v2 with
 * a Linking Exception. For full terms see the included COPYING file.
6 7
 */

8
#include "signature.h"
9

10
#include "repository.h"
11
#include "git2/common.h"
12
#include "posix.h"
13

14
void git_signature_free(git_signature *sig)
15
{
16
	if (sig == NULL)
17 18
		return;

19
	git__free(sig->name);
20
	sig->name = NULL;
21
	git__free(sig->email);
22
	sig->email = NULL;
23
	git__free(sig);
24 25
}

26 27 28 29 30 31
static int signature_parse_error(const char *msg)
{
	git_error_set(GIT_ERROR_INVALID, "failed to parse signature - %s", msg);
	return GIT_EINVALID;
}

32 33
static int signature_error(const char *msg)
{
34
	git_error_set(GIT_ERROR_INVALID, "failed to parse signature - %s", msg);
35 36 37
	return -1;
}

38
static bool contains_angle_brackets(const char *input)
39
{
40
	return strchr(input, '<') != NULL || strchr(input, '>') != NULL;
41 42
}

43 44 45 46 47 48 49 50 51 52 53 54 55 56
static bool is_crud(unsigned char c)
{
	return  c <= 32  ||
		c == '.' ||
		c == ',' ||
		c == ':' ||
		c == ';' ||
		c == '<' ||
		c == '>' ||
		c == '"' ||
		c == '\\' ||
		c == '\'';
}

57
static char *extract_trimmed(const char *ptr, size_t len)
58
{
59
	while (len && is_crud((unsigned char)ptr[0])) {
60 61
		ptr++; len--;
	}
62

63
	while (len && is_crud((unsigned char)ptr[len - 1])) {
64 65 66 67
		len--;
	}

	return git__substrdup(ptr, len);
68 69
}

70
int git_signature_new(git_signature **sig_out, const char *name, const char *email, git_time_t time, int offset)
71
{
72
	git_signature *p = NULL;
73

74 75
	GIT_ASSERT_ARG(name);
	GIT_ASSERT_ARG(email);
76

77 78
	*sig_out = NULL;

79 80 81 82 83 84
	if (contains_angle_brackets(name) ||
		contains_angle_brackets(email)) {
		return signature_error(
			"Neither `name` nor `email` should contain angle brackets chars.");
	}

85
	p = git__calloc(1, sizeof(git_signature));
86
	GIT_ERROR_CHECK_ALLOC(p);
87

88
	p->name = extract_trimmed(name, strlen(name));
89
	GIT_ERROR_CHECK_ALLOC(p->name);
90
	p->email = extract_trimmed(email, strlen(email));
91
	GIT_ERROR_CHECK_ALLOC(p->email);
92

93
	if (p->name[0] == '\0' || p->email[0] == '\0') {
94
		git_signature_free(p);
95
		return signature_error("Signature cannot have an empty name or email");
96
	}
97

98 99
	p->when.time = time;
	p->when.offset = offset;
100
	p->when.sign = (offset < 0) ? '-' : '+';
101

102
	*sig_out = p;
103
	return 0;
104 105
}

106
int git_signature_dup(git_signature **dest, const git_signature *source)
107
{
108
	git_signature *signature;
109

110 111 112 113
	if (source == NULL)
		return 0;

	signature = git__calloc(1, sizeof(git_signature));
114
	GIT_ERROR_CHECK_ALLOC(signature);
115 116

	signature->name = git__strdup(source->name);
117
	GIT_ERROR_CHECK_ALLOC(signature->name);
118

119
	signature->email = git__strdup(source->email);
120
	GIT_ERROR_CHECK_ALLOC(signature->email);
121

122 123
	signature->when.time = source->when.time;
	signature->when.offset = source->when.offset;
124
	signature->when.sign = source->when.sign;
125

126 127 128
	*dest = signature;

	return 0;
129 130
}

131 132 133 134 135 136 137 138
int git_signature__pdup(git_signature **dest, const git_signature *source, git_pool *pool)
{
	git_signature *signature;

	if (source == NULL)
		return 0;

	signature = git_pool_mallocz(pool, sizeof(git_signature));
139
	GIT_ERROR_CHECK_ALLOC(signature);
140 141

	signature->name = git_pool_strdup(pool, source->name);
142
	GIT_ERROR_CHECK_ALLOC(signature->name);
143 144

	signature->email = git_pool_strdup(pool, source->email);
145
	GIT_ERROR_CHECK_ALLOC(signature->email);
146 147 148

	signature->when.time = source->when.time;
	signature->when.offset = source->when.offset;
149
	signature->when.sign = source->when.sign;
150 151 152 153 154 155

	*dest = signature;

	return 0;
}

156
int git_signature_now(git_signature **sig_out, const char *name, const char *email)
157 158
{
	time_t now;
159
	time_t offset;
160
	struct tm *utc_tm;
161
	git_signature *sig;
162
	struct tm _utc;
163

164 165
	*sig_out = NULL;

166 167 168 169 170 171 172 173
	/*
	 * Get the current time as seconds since the epoch and
	 * transform that into a tm struct containing the time at
	 * UTC. Give that to mktime which considers it a local time
	 * (tm_isdst = -1 asks it to take DST into account) and gives
	 * us that time as seconds since the epoch. The difference
	 * between its return value and 'now' is our offset to UTC.
	 */
174
	time(&now);
175
	utc_tm = p_gmtime_r(&now, &_utc);
176
	utc_tm->tm_isdst = -1;
177
	offset = (time_t)difftime(now, mktime(utc_tm));
178
	offset /= 60;
179

180 181
	if (git_signature_new(&sig, name, email, now, (int)offset) < 0)
		return -1;
182 183 184

	*sig_out = sig;

185 186 187
	return 0;
}

188 189 190
int git_signature_default(git_signature **out, git_repository *repo)
{
	int error;
191
	git_config *cfg;
192 193
	const char *user_name, *user_email;

194
	if ((error = git_repository_config_snapshot(&cfg, repo)) < 0)
195 196 197 198 199 200 201 202 203 204
		return error;

	if (!(error = git_config_get_string(&user_name, cfg, "user.name")) &&
		!(error = git_config_get_string(&user_email, cfg, "user.email")))
		error = git_signature_now(out, user_name, user_email);

	git_config_free(cfg);
	return error;
}

205
int git_signature__parse(git_signature *sig, const char **buffer_out,
206
		const char *buffer_end, const char *header, char ender)
207
{
208
	const char *buffer = *buffer_out;
209
	const char *email_start, *email_end;
210

211
	memset(sig, 0, sizeof(git_signature));
212

213 214
	if (ender &&
		(buffer_end = memchr(buffer, ender, buffer_end - buffer)) == NULL)
215
		return signature_parse_error("no newline given");
216

217 218
	if (header) {
		const size_t header_len = strlen(header);
219

220
		if (buffer + header_len >= buffer_end || memcmp(buffer, header, header_len) != 0)
221
			return signature_parse_error("expected prefix doesn't match actual");
222

223 224
		buffer += header_len;
	}
225

226 227
	email_start = git__memrchr(buffer, '<', buffer_end - buffer);
	email_end = git__memrchr(buffer, '>', buffer_end - buffer);
228

229
	if (!email_start || !email_end || email_end <= email_start)
230
		return signature_parse_error("malformed e-mail");
231

232
	email_start += 1;
Vicent Marti committed
233
	sig->name = extract_trimmed(buffer, email_start - buffer - 1);
234
	sig->email = extract_trimmed(email_start, email_end - email_start);
235

236 237 238 239
	/* Do we even have a time at the end of the signature? */
	if (email_end + 2 < buffer_end) {
		const char *time_start = email_end + 2;
		const char *time_end;
240

241 242
		if (git__strntol64(&sig->when.time, time_start,
				   buffer_end - time_start, &time_end, 10) < 0) {
243 244
			git__free(sig->name);
			git__free(sig->email);
245
			sig->name = sig->email = NULL;
246
			return signature_parse_error("invalid Unix timestamp");
247
		}
248

Vicent Marti committed
249
		/* do we have a timezone? */
250 251 252 253 254 255
		if (time_end + 1 < buffer_end) {
			int offset, hours, mins;
			const char *tz_start, *tz_end;

			tz_start = time_end + 1;

nulltoken committed
256
			if ((tz_start[0] != '-' && tz_start[0] != '+') ||
257
			    git__strntol32(&offset, tz_start + 1,
258
					   buffer_end - tz_start - 1, &tz_end, 10) < 0) {
259
				/* malformed timezone, just assume it's zero */
260 261
				offset = 0;
			}
262 263 264

			hours = offset / 100;
			mins = offset % 100;
265

266 267 268 269
			/*
			 * only store timezone if it's not overflowing;
			 * see http://www.worldtimezone.com/faq.html
			 */
270
			if (hours <= 14 && mins <= 59) {
271
				sig->when.offset = (hours * 60) + mins;
272
				sig->when.sign = tz_start[0];
273 274 275 276
				if (tz_start[0] == '-')
					sig->when.offset = -sig->when.offset;
			}
		}
277
	}
278

279
	*buffer_out = buffer_end + 1;
280
	return 0;
281 282
}

283 284 285 286 287 288
int git_signature_from_buffer(git_signature **out, const char *buf)
{
	git_signature *sig;
	const char *buf_end;
	int error;

289 290
	GIT_ASSERT_ARG(out);
	GIT_ASSERT_ARG(buf);
291 292 293 294

	*out = NULL;

	sig = git__calloc(1, sizeof(git_signature));
295
	GIT_ERROR_CHECK_ALLOC(sig);
296 297 298 299 300 301 302 303 304 305 306 307

	buf_end = buf + strlen(buf);
	error = git_signature__parse(sig, &buf, buf_end, NULL, '\0');

	if (error)
		git__free(sig);
	else
		*out = sig;

	return error;
}

308
void git_signature__writebuf(git_str *buf, const char *header, const git_signature *sig)
309 310 311 312 313
{
	int offset, hours, mins;
	char sign;

	offset = sig->when.offset;
314
	sign = (sig->when.offset < 0 || sig->when.sign == '-') ? '-' : '+';
315 316 317 318 319 320 321

	if (offset < 0)
		offset = -offset;

	hours = offset / 60;
	mins = offset % 60;

322
	git_str_printf(buf, "%s%s <%s> %u %c%02d%02d\n",
323 324 325
			header ? header : "", sig->name, sig->email,
			(unsigned)sig->when.time, sign, hours, mins);
}
326

327 328
bool git_signature__equal(const git_signature *one, const git_signature *two)
{
329 330
	GIT_ASSERT_ARG(one);
	GIT_ASSERT_ARG(two);
331 332 333 334 335

	return
		git__strcmp(one->name, two->name) == 0 &&
		git__strcmp(one->email, two->email) == 0 &&
		one->when.time == two->when.time &&
336 337
		one->when.offset == two->when.offset &&
		one->when.sign == two->when.sign;
338 339
}