From f6d27d2468ccf8e123f9bffde6466d673dba2317 Mon Sep 17 00:00:00 2001 From: "brian m. carlson" Date: Wed, 2 May 2018 00:25:53 +0000 Subject: builtin/receive-pack: avoid hard-coded constants for push certs Use the GIT_SHA1_RAWSZ and GIT_SHA1_HEXSZ macros instead of hard-coding the constants 20 and 40. Switch one use of 20 with a format specifier for a hex value to use the hex constant instead, as the original appears to have been a typo. At this point, avoid converting the hard-coded use of SHA-1 to use the_hash_algo. SHA-1, even if not collision resistant, is secure in the context in which it is used here, and the hash algorithm of the repo need not match what is used here. When we adopt a new hash algorithm, we can simply adopt the new algorithm wholesale here, as the nonce is opaque and its length and validity are entirely controlled by the server. Consequently, defer updating this code until that point. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano --- builtin/receive-pack.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'builtin/receive-pack.c') diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c index c4272fbc96..5f35596c14 100644 --- a/builtin/receive-pack.c +++ b/builtin/receive-pack.c @@ -454,21 +454,21 @@ static void hmac_sha1(unsigned char *out, /* RFC 2104 2. (6) & (7) */ git_SHA1_Init(&ctx); git_SHA1_Update(&ctx, k_opad, sizeof(k_opad)); - git_SHA1_Update(&ctx, out, 20); + git_SHA1_Update(&ctx, out, GIT_SHA1_RAWSZ); git_SHA1_Final(out, &ctx); } static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp) { struct strbuf buf = STRBUF_INIT; - unsigned char sha1[20]; + unsigned char sha1[GIT_SHA1_RAWSZ]; strbuf_addf(&buf, "%s:%"PRItime, path, stamp); hmac_sha1(sha1, buf.buf, buf.len, cert_nonce_seed, strlen(cert_nonce_seed));; strbuf_release(&buf); /* RFC 2104 5. HMAC-SHA1-80 */ - strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, 20, sha1_to_hex(sha1)); + strbuf_addf(&buf, "%"PRItime"-%.*s", stamp, GIT_SHA1_HEXSZ, sha1_to_hex(sha1)); return strbuf_detach(&buf, NULL); } -- cgit v1.2.3 From c00866a2cc94dd0db3306963fad38b5711e542a2 Mon Sep 17 00:00:00 2001 From: "brian m. carlson" Date: Wed, 2 May 2018 00:26:01 +0000 Subject: builtin/receive-pack: convert one use of EMPTY_TREE_SHA1_HEX Convert one use of EMPTY_TREE_SHA1_HEX to use empty_tree_oid_hex to avoid a dependency on a given hash algorithm. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano --- builtin/receive-pack.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'builtin/receive-pack.c') diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c index 5f35596c14..dca523f50f 100644 --- a/builtin/receive-pack.c +++ b/builtin/receive-pack.c @@ -968,7 +968,7 @@ static const char *push_to_deploy(unsigned char *sha1, return "Working directory has unstaged changes"; /* diff-index with either HEAD or an empty tree */ - diff_index[4] = head_has_history() ? "HEAD" : EMPTY_TREE_SHA1_HEX; + diff_index[4] = head_has_history() ? "HEAD" : empty_tree_oid_hex(); child_process_init(&child); child.argv = diff_index; -- cgit v1.2.3