signed-commit remote shell (see also https://github.com/dyne/scorsh)
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
213 lines
5.2 KiB
213 lines
5.2 KiB
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"github.com/KatolaZ/git2go"
|
|
"github.com/go-yaml/yaml"
|
|
"golang.org/x/crypto/openpgp"
|
|
"log"
|
|
"os"
|
|
"strings"
|
|
// "log"
|
|
)
|
|
|
|
func CommitToString(commit *git.Commit) string {
|
|
|
|
var ret string
|
|
|
|
ret += fmt.Sprintf("type: %s\n", commit.Type())
|
|
ret += fmt.Sprintf("Id: %s\n", commit.Id())
|
|
ret += fmt.Sprintf("Author: %s\n", commit.Author())
|
|
ret += fmt.Sprintf("Message: %s\n", commit.Message())
|
|
ret += fmt.Sprintf("Parent-count: %d\n", commit.ParentCount())
|
|
|
|
return ret
|
|
}
|
|
|
|
// FIXME: RETURN THE ENTITY PROVIDED BY THE CHECK, OR nil
|
|
func check_signature(commit *git.Commit, keyring *openpgp.KeyRing) (signature, signed string, err error) {
|
|
|
|
signature, signed, err = commit.ExtractSignature()
|
|
|
|
if err == nil {
|
|
_, err_sig :=
|
|
openpgp.CheckArmoredDetachedSignature(*keyring, strings.NewReader(signed),
|
|
strings.NewReader(signature))
|
|
|
|
if err_sig == nil {
|
|
fmt.Printf("Good signature \n")
|
|
return signature, signed, nil
|
|
}
|
|
err = err_sig
|
|
}
|
|
|
|
return "", "", err
|
|
}
|
|
|
|
func find_scorsh_message(commit *git.Commit) (string, error) {
|
|
|
|
sep := "---\n"
|
|
|
|
msg := commit.RawMessage()
|
|
debug.log("[find_scorsg_msg] found message:\n %s\n", msg)
|
|
|
|
// FIXME!!! replace the following with a proper regexp.Match
|
|
idx := strings.Index(msg, sep)
|
|
|
|
return msg[idx:], nil
|
|
}
|
|
|
|
// return a list of keyring names which verify the signature of this commit
|
|
func get_valid_keys(commit *git.Commit, keys *map[string]openpgp.KeyRing) []string {
|
|
|
|
var ret []string
|
|
|
|
for k_name, k_val := range *keys {
|
|
_, _, err := check_signature(commit, &k_val)
|
|
if err == nil {
|
|
ret = append(ret, k_name)
|
|
}
|
|
}
|
|
return ret
|
|
}
|
|
|
|
func intersect_keys(ref map[string]bool, keys []string) []string {
|
|
|
|
var ret []string
|
|
|
|
for _, k := range keys {
|
|
|
|
if _, ok := ref[k]; ok {
|
|
ret = append(ret, k)
|
|
}
|
|
}
|
|
return ret
|
|
}
|
|
|
|
func find_tag_config(tag_name string, w *SCORSHworker) (*SCORSHtag_cfg, bool) {
|
|
|
|
for _, c := range w.Tags {
|
|
if c.Name == tag_name {
|
|
return &c, true
|
|
}
|
|
}
|
|
return nil, false
|
|
}
|
|
|
|
func exec_tag(tag *SCORSHtag_cfg) []error {
|
|
|
|
var ret []error
|
|
|
|
for _, c := range tag.Commands {
|
|
debug.log("[tag: %s] attempting command: %s\n", tag.Name, c.URL)
|
|
ret = append(ret, nil)
|
|
}
|
|
return ret
|
|
}
|
|
|
|
// traverse all the commits between two references, looking for scorsh
|
|
// commands
|
|
// fixme: we don't have just one keyring here....
|
|
func walk_commits(msg SCORSHmsg, w *SCORSHworker) error {
|
|
|
|
var tags SCORSHclient_msg
|
|
var commit_msg string
|
|
|
|
fmt.Printf("Inside parse_commits\n")
|
|
|
|
reponame := msg.Repo
|
|
old_rev := msg.Old_rev
|
|
new_rev := msg.New_rev
|
|
|
|
repo, err := git.OpenRepository(reponame)
|
|
if err != nil {
|
|
fmt.Fprintf(os.Stderr, "Error while opening repository %s (%s)\n",
|
|
reponame, err)
|
|
return SCORSHerr(SCORSH_ERR_NO_REPO)
|
|
}
|
|
|
|
old_rev_oid, err := git.NewOid(old_rev)
|
|
|
|
oldrev_commit, err := repo.LookupCommit(old_rev_oid)
|
|
if err != nil {
|
|
fmt.Fprintf(os.Stderr, "Commit: %s does not exist\n", old_rev)
|
|
return SCORSHerr(SCORSH_ERR_NO_COMMIT)
|
|
}
|
|
|
|
new_rev_oid, err := git.NewOid(new_rev)
|
|
|
|
newrev_commit, err := repo.LookupCommit(new_rev_oid)
|
|
if err != nil {
|
|
fmt.Fprintf(os.Stderr, "Commit: %s does not exist\n", new_rev)
|
|
return SCORSHerr(SCORSH_ERR_NO_COMMIT)
|
|
}
|
|
|
|
cur_commit := newrev_commit
|
|
|
|
for cur_commit.Id().String() != oldrev_commit.Id().String() {
|
|
|
|
commit, err := repo.LookupCommit(cur_commit.Id())
|
|
if err == nil {
|
|
|
|
//debug.log("commit: %s", CommitToString(commit))
|
|
// We should look for scorsh-tags, and if the commit has any,
|
|
// check if it can be verified by any of the keyrings associated
|
|
// with that specific scorsh-tag
|
|
|
|
// check if the commit contains a scorsh command
|
|
|
|
commit_msg, err = find_scorsh_message(commit)
|
|
if err != nil {
|
|
log.Printf("[worker: %s] %s\n", w.Name, SCORSHerr(SCORSH_ERR_SIGNATURE))
|
|
}
|
|
|
|
// Check if is the comment contains a valid scorsh message
|
|
err = yaml.Unmarshal([]byte(commit_msg), &tags)
|
|
|
|
if err != nil {
|
|
// no scorsh message found
|
|
log.Printf("[worker: %s] no scorsh message found: %s", err)
|
|
} else {
|
|
// there is a scorsh message there so
|
|
|
|
// 1) get the list of all the keys which verify the message
|
|
valid_keys := get_valid_keys(commit, &(w.Keys))
|
|
debug.log("[worker: %s] validated keyrings on commit: %s\n", w.Name, valid_keys)
|
|
|
|
// 2) then for each tag in the message
|
|
for _, t := range tags.Tags {
|
|
// a) check that the tag is among those accepted by the worker
|
|
tag_cfg, good_tag := find_tag_config(t.Tag, w)
|
|
debug.log("[worker: %s] good_tag: %s\n", w.Name, good_tag)
|
|
|
|
if !good_tag {
|
|
continue
|
|
}
|
|
|
|
// b) check that at least one of the accepted tag keys is in valid_keys
|
|
good_keys := intersect_keys(w.TagKeys[t.Tag], valid_keys) != nil
|
|
debug.log("[worker: %s] good_keys: %s\n", w.Name, good_keys)
|
|
|
|
if !good_keys {
|
|
continue
|
|
}
|
|
|
|
// c) If everything is OK, execute the tag
|
|
if good_tag && good_keys {
|
|
errs := exec_tag(tag_cfg)
|
|
debug.log("[worker: %s] errors in tag %s: %s\n", w.Name, t.Tag, errs)
|
|
}
|
|
}
|
|
}
|
|
|
|
//signature, signed, err := check_signature(commit, &w.Keys)
|
|
//_, _, err := check_signature(commit, w.keys)
|
|
|
|
cur_commit = commit.Parent(0)
|
|
} else {
|
|
fmt.Printf("Commit %x not found!\n", cur_commit.Id())
|
|
return SCORSHerr(SCORSH_ERR_NO_COMMIT)
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|