From mboxrd@z Thu Jan 1 00:00:00 1970 From: list at eworm.de (Christian Hesse) Date: Thu, 7 Jun 2018 17:14:52 +0200 Subject: [PATCH v2 2/2] snapshot: support tar signature for compressed tar In-Reply-To: <20180607151452.24300-1-list@eworm.de> References: <20180607171302.5fedf42f@leda> <20180607151452.24300-1-list@eworm.de> Message-ID: <20180607151452.24300-2-list@eworm.de> From: Christian Hesse This adds support for kernel.org style signatures where the uncompressed tar archive is signed and compressed later. The signature is valid for all tar* snapshots. We have a filter which snapshots may be generated and downloaded. This has to allow tar signatures now even if tar itself is not allowed. To simplify things we allow all signatures. Signed-off-by: Christian Hesse --- ui-shared.c | 8 ++++++++ ui-snapshot.c | 4 ++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/ui-shared.c b/ui-shared.c index 8a786e0..72c0a33 100644 --- a/ui-shared.c +++ b/ui-shared.c @@ -1139,6 +1139,14 @@ void cgit_print_snapshot_links(const struct cgit_repo *repo, const char *ref, cgit_snapshot_link("sig", NULL, NULL, NULL, NULL, filename.buf); html(")"); + } else if (f->base == CGIT_SNAPSHOT_TAR && cgit_snapshot_get_sig(ref, &cgit_snapshot_formats[0])) { + int suf_len = strlen(f->suffix); + strbuf_remove(&filename, strlen(filename.buf) - suf_len, suf_len); + strbuf_addstr(&filename, ".tar.asc"); + html(" ("); + cgit_snapshot_link("sig", NULL, NULL, NULL, NULL, + filename.buf); + html(")"); } html(separator); } diff --git a/ui-snapshot.c b/ui-snapshot.c index c9ec1f3..07a6447 100644 --- a/ui-snapshot.c +++ b/ui-snapshot.c @@ -86,7 +86,7 @@ static int write_tar_xz_archive(const char *hex, const char *prefix) } const struct cgit_snapshot_format cgit_snapshot_formats[] = { - /* Keep tar the first! */ + /* Keep tar the first! Signature download relies on this. */ { ".tar", "application/x-tar", write_tar_archive, CGIT_SNAPSHOT_NONE, CGIT_SNAPSHOT_TAR }, { ".tar.gz", "application/x-gzip", write_tar_gzip_archive, @@ -269,7 +269,7 @@ void cgit_print_snapshot(const char *head, const char *hex, } f = get_format(filename); - if (!f || !(ctx.repo->snapshots & f->bit)) { + if (!f || (!sig_filename && !(ctx.repo->snapshots & f->bit))) { cgit_print_error_page(400, "Bad request", "Unsupported snapshot format: %s", filename); return;