diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-07 00:10:00 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-07 00:10:00 +0300 |
commit | 5f0e3773e9695fd0c9e92ea9180c8a1f5cfaa5c5 (patch) | |
tree | 64fc0ecbf508a24345ffe11d856fd13124c2e464 /lib/gitlab/x509 | |
parent | 73886079f3f877ffb8f8938d700643a5e99bc849 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/x509')
-rw-r--r-- | lib/gitlab/x509/signature.rb | 4 | ||||
-rw-r--r-- | lib/gitlab/x509/tag.rb | 41 |
2 files changed, 45 insertions, 0 deletions
diff --git a/lib/gitlab/x509/signature.rb b/lib/gitlab/x509/signature.rb index ed248e29211..7d4d4d9d13a 100644 --- a/lib/gitlab/x509/signature.rb +++ b/lib/gitlab/x509/signature.rb @@ -22,6 +22,10 @@ module Gitlab X509Certificate.safe_create!(certificate_attributes) unless verified_signature.nil? end + def user + User.find_by_any_email(@email) + end + def verified_signature strong_memoize(:verified_signature) { verified_signature? } end diff --git a/lib/gitlab/x509/tag.rb b/lib/gitlab/x509/tag.rb new file mode 100644 index 00000000000..48582c17764 --- /dev/null +++ b/lib/gitlab/x509/tag.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: true +require 'openssl' +require 'digest' + +module Gitlab + module X509 + class Tag + include Gitlab::Utils::StrongMemoize + + def initialize(raw_tag) + @raw_tag = raw_tag + end + + def signature + signature = X509::Signature.new(signature_text, signed_text, @raw_tag.tagger.email, Time.at(@raw_tag.tagger.date.seconds)) + + return if signature.verified_signature.nil? + + signature + end + + private + + def signature_text + @raw_tag.message.slice(@raw_tag.message.index("-----BEGIN SIGNED MESSAGE-----")..-1) + rescue + nil + end + + def signed_text + # signed text is reconstructed as long as there is no specific gitaly function + %{object #{@raw_tag.target_commit.id} +type commit +tag #{@raw_tag.name} +tagger #{@raw_tag.tagger.name} <#{@raw_tag.tagger.email}> #{@raw_tag.tagger.date.seconds} #{@raw_tag.tagger.timezone} + +#{@raw_tag.message.gsub(/-----BEGIN SIGNED MESSAGE-----(.*)-----END SIGNED MESSAGE-----/m, "")}} + end + end + end +end |