diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-20 14:34:42 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-20 14:34:42 +0000 |
commit | 9f46488805e86b1bc341ea1620b866016c2ce5ed (patch) | |
tree | f9748c7e287041e37d6da49e0a29c9511dc34768 /lib/gitlab/x509 | |
parent | dfc92d081ea0332d69c8aca2f0e745cb48ae5e6d (diff) | |
download | gitlab-ce-9f46488805e86b1bc341ea1620b866016c2ce5ed.tar.gz |
Add latest changes from gitlab-org/gitlab@13-0-stable-ee
Diffstat (limited to 'lib/gitlab/x509')
-rw-r--r-- | lib/gitlab/x509/signature.rb | 4 | ||||
-rw-r--r-- | lib/gitlab/x509/tag.rb | 41 |
2 files changed, 45 insertions, 0 deletions
diff --git a/lib/gitlab/x509/signature.rb b/lib/gitlab/x509/signature.rb index ed248e29211..7d4d4d9d13a 100644 --- a/lib/gitlab/x509/signature.rb +++ b/lib/gitlab/x509/signature.rb @@ -22,6 +22,10 @@ module Gitlab X509Certificate.safe_create!(certificate_attributes) unless verified_signature.nil? end + def user + User.find_by_any_email(@email) + end + def verified_signature strong_memoize(:verified_signature) { verified_signature? } end diff --git a/lib/gitlab/x509/tag.rb b/lib/gitlab/x509/tag.rb new file mode 100644 index 00000000000..48582c17764 --- /dev/null +++ b/lib/gitlab/x509/tag.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: true +require 'openssl' +require 'digest' + +module Gitlab + module X509 + class Tag + include Gitlab::Utils::StrongMemoize + + def initialize(raw_tag) + @raw_tag = raw_tag + end + + def signature + signature = X509::Signature.new(signature_text, signed_text, @raw_tag.tagger.email, Time.at(@raw_tag.tagger.date.seconds)) + + return if signature.verified_signature.nil? + + signature + end + + private + + def signature_text + @raw_tag.message.slice(@raw_tag.message.index("-----BEGIN SIGNED MESSAGE-----")..-1) + rescue + nil + end + + def signed_text + # signed text is reconstructed as long as there is no specific gitaly function + %{object #{@raw_tag.target_commit.id} +type commit +tag #{@raw_tag.name} +tagger #{@raw_tag.tagger.name} <#{@raw_tag.tagger.email}> #{@raw_tag.tagger.date.seconds} #{@raw_tag.tagger.timezone} + +#{@raw_tag.message.gsub(/-----BEGIN SIGNED MESSAGE-----(.*)-----END SIGNED MESSAGE-----/m, "")}} + end + end + end +end |