search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
git-p4: auto-size the block
[git.git] / builtin / mktag.c
blob82a6e860775f872a9145e32ee9d8f315b70ad2ea
1 #include "builtin.h"
2 #include "tag.h"
3 #include "replace-object.h"
4
5 /*
6 * A signature file has a very simple fixed format: four lines
7 * of "object <sha1>" + "type <typename>" + "tag <tagname>" +
8 * "tagger <committer>", followed by a blank line, a free-form tag
9 * message and a signature block that git itself doesn't care about,
10 * but that can be verified with gpg or similar.
11 *
12 * The first four lines are guaranteed to be at least 83 bytes:
13 * "object <sha1>\n" is 48 bytes, "type tag\n" at 9 bytes is the
14 * shortest possible type-line, "tag .\n" at 6 bytes is the shortest
15 * single-character-tag line, and "tagger . <> 0 +0000\n" at 20 bytes is
16 * the shortest possible tagger-line.
17 */
18
19 /*
20 * We refuse to tag something we can't verify. Just because.
21 */
22 static int verify_object(const struct object_id *oid, const char *expected_type)
23 {
24 int ret = -1;
25 enum object_type type;
26 unsigned long size;
27 void *buffer = read_object_file(oid, &type, &size);
28 const struct object_id *repl = lookup_replace_object(the_repository, oid);
29
30 if (buffer) {
31 if (type == type_from_string(expected_type))
32 ret = check_object_signature(repl, buffer, size, expected_type);
33 free(buffer);
34 }
35 return ret;
36 }
37
38 static int verify_tag(char *buffer, unsigned long size)
39 {
40 int typelen;
41 char type[20];
42 struct object_id oid;
43 const char *object, *type_line, *tag_line, *tagger_line, *lb, *rb, *p;
44 size_t len;
45
46 if (size < 84)
47 return error("wanna fool me ? you obviously got the size wrong !");
48
49 buffer[size] = 0;
50
51 /* Verify object line */
52 object = buffer;
53 if (memcmp(object, "object ", 7))
54 return error("char%d: does not start with \"object \"", 0);
55
56 if (parse_oid_hex(object + 7, &oid, &p))
57 return error("char%d: could not get SHA1 hash", 7);
58
59 /* Verify type line */
60 type_line = p + 1;
61 if (memcmp(type_line - 1, "\ntype ", 6))
62 return error("char%d: could not find \"\\ntype \"", 47);
63
64 /* Verify tag-line */
65 tag_line = strchr(type_line, '\n');
66 if (!tag_line)
67 return error("char%"PRIuMAX": could not find next \"\\n\"",
68 (uintmax_t) (type_line - buffer));
69 tag_line++;
70 if (memcmp(tag_line, "tag ", 4) || tag_line[4] == '\n')
71 return error("char%"PRIuMAX": no \"tag \" found",
72 (uintmax_t) (tag_line - buffer));
73
74 /* Get the actual type */
75 typelen = tag_line - type_line - strlen("type \n");
76 if (typelen >= sizeof(type))
77 return error("char%"PRIuMAX": type too long",
78 (uintmax_t) (type_line+5 - buffer));
79
80 memcpy(type, type_line+5, typelen);
81 type[typelen] = 0;
82
83 /* Verify that the object matches */
84 if (verify_object(&oid, type))
85 return error("char%d: could not verify object %s", 7, oid_to_hex(&oid));
86
87 /* Verify the tag-name: we don't allow control characters or spaces in it */
88 tag_line += 4;
89 for (;;) {
90 unsigned char c = *tag_line++;
91 if (c == '\n')
92 break;
93 if (c > ' ')
94 continue;
95 return error("char%"PRIuMAX": could not verify tag name",
96 (uintmax_t) (tag_line - buffer));
97 }
98
99 /* Verify the tagger line */
100 tagger_line = tag_line;
101
102 if (memcmp(tagger_line, "tagger ", 7))
103 return error("char%"PRIuMAX": could not find \"tagger \"",
104 (uintmax_t) (tagger_line - buffer));
105
106 /*
107 * Check for correct form for name and email
108 * i.e. " <" followed by "> " on _this_ line
109 * No angle brackets within the name or email address fields.
110 * No spaces within the email address field.
111 */
112 tagger_line += 7;
113 if (!(lb = strstr(tagger_line, " <")) || !(rb = strstr(lb+2, "> ")) ||
114 strpbrk(tagger_line, "<>\n") != lb+1 ||
115 strpbrk(lb+2, "><\n ") != rb)
116 return error("char%"PRIuMAX": malformed tagger field",
117 (uintmax_t) (tagger_line - buffer));
118
119 /* Check for author name, at least one character, space is acceptable */
120 if (lb == tagger_line)
121 return error("char%"PRIuMAX": missing tagger name",
122 (uintmax_t) (tagger_line - buffer));
123
124 /* timestamp, 1 or more digits followed by space */
125 tagger_line = rb + 2;
126 if (!(len = strspn(tagger_line, "0123456789")))
127 return error("char%"PRIuMAX": missing tag timestamp",
128 (uintmax_t) (tagger_line - buffer));
129 tagger_line += len;
130 if (*tagger_line != ' ')
131 return error("char%"PRIuMAX": malformed tag timestamp",
132 (uintmax_t) (tagger_line - buffer));
133 tagger_line++;
134
135 /* timezone, 5 digits [+-]hhmm, max. 1400 */
136 if (!((tagger_line[0] == '+' || tagger_line[0] == '-') &&
137 strspn(tagger_line+1, "0123456789") == 4 &&
138 tagger_line[5] == '\n' && atoi(tagger_line+1) <= 1400))
139 return error("char%"PRIuMAX": malformed tag timezone",
140 (uintmax_t) (tagger_line - buffer));
141 tagger_line += 6;
142
143 /* Verify the blank line separating the header from the body */
144 if (*tagger_line != '\n')
145 return error("char%"PRIuMAX": trailing garbage in tag header",
146 (uintmax_t) (tagger_line - buffer));
147
148 /* The actual stuff afterwards we don't care about.. */
149 return 0;
150 }
151
152 int cmd_mktag(int argc, const char **argv, const char *prefix)
153 {
154 struct strbuf buf = STRBUF_INIT;
155 struct object_id result;
156
157 if (argc != 1)
158 usage("git mktag");
159
160 if (strbuf_read(&buf, 0, 4096) < 0) {
161 die_errno("could not read from stdin");
162 }
163
164 /* Verify it for some basic sanity: it needs to start with
165 "object <sha1>\ntype\ntagger " */
166 if (verify_tag(buf.buf, buf.len) < 0)
167 die("invalid tag signature file");
168
169 if (write_object_file(buf.buf, buf.len, tag_type, &result) < 0)
170 die("unable to write tag file");
171
172 strbuf_release(&buf);
173 printf("%s\n", oid_to_hex(&result));
174 return 0;
175 }
The Best VCS Around