Merge branch 'main' into xormigrate

2024-08-08 18:39:34 +02:00 · 2024-08-08 18:39:34 +02:00 · a88372f543
parent b62a5dbb4b 3862b31abb
commit a88372f543
6 changed files with 60 additions and 38 deletions
--- a/2
+++ b/2
@ -137,7 +137,7 @@ TAGS ?=
 TAGS_SPLIT := $(subst $(COMMA), ,$(TAGS))
 TAGS_EVIDENCE := $(MAKE_EVIDENCE_DIR)/tags

-TEST_TAGS ?= sqlite sqlite_unlock_notify
+TEST_TAGS ?= $(TAGS_SPLIT) sqlite sqlite_unlock_notify

 TAR_EXCLUDES := .git data indexers queues log node_modules $(EXECUTABLE) $(FOMANTIC_WORK_DIR)/node_modules $(DIST) $(MAKE_EVIDENCE_DIR) $(AIR_TMP_DIR) $(GO_LICENSE_TMP_DIR)

--- a/modules/git/blame_sha256_test.go
+++ b/modules/git/blame_sha256_test.go
@ -14,6 +14,11 @@ func TestReadingBlameOutputSha256(t *testing.T) {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()

+	if isGogit {
+		t.Skip("Skipping test since gogit does not support sha256")
+		return
+	}
+
 	t.Run("Without .git-blame-ignore-revs", func(t *testing.T) {
 		repo, err := OpenRepository(ctx, "./tests/repos/repo5_pulls_sha256")
 		assert.NoError(t, err)
--- a/modules/git/repo_tree_gogit.go
+++ b/modules/git/repo_tree_gogit.go
@ -6,11 +6,20 @@

 package git

-import "github.com/go-git/go-git/v5/plumbing"
+import (
+	"errors"
+
+	"github.com/go-git/go-git/v5/plumbing"
+)

 func (repo *Repository) getTree(id ObjectID) (*Tree, error) {
 	gogitTree, err := repo.gogitRepo.TreeObject(plumbing.Hash(id.RawValue()))
 	if err != nil {
+		if errors.Is(err, plumbing.ErrObjectNotFound) {
+			return nil, ErrNotExist{
+				ID: id.String(),
+			}
+		}
 		return nil, err
 	}

--- a/routers/api/packages/rpm/rpm.go
+++ b/routers/api/packages/rpm/rpm.go
@ -133,19 +133,20 @@ func UploadPackageFile(ctx *context.Context) {
 	}
 	defer buf.Close()

-	// if rpm sign enabled
 	if setting.Packages.DefaultRPMSignEnabled || ctx.FormBool("sign") {
-		pri, _, err := rpm_service.GetOrCreateKeyPair(ctx, ctx.Package.Owner.ID)
+		priv, _, err := rpm_service.GetOrCreateKeyPair(ctx, ctx.Package.Owner.ID)
 		if err != nil {
 			apiError(ctx, http.StatusInternalServerError, err)
 			return
 		}
-		buf, err = rpm_service.SignPackage(buf, pri)
+		signedBuf, err := rpm_service.SignPackage(buf, priv)
 		if err != nil {
-			// Not in rpm format, parsing failed.
 			apiError(ctx, http.StatusBadRequest, err)
 			return
 		}
+		defer signedBuf.Close()
+
+		buf = signedBuf
 	}

 	pck, err := rpm_module.ParsePackage(buf)
--- a/services/packages/rpm/repository.go
+++ b/services/packages/rpm/repository.go
@ -21,7 +21,6 @@ import (
 	rpm_model "code.gitea.io/gitea/models/packages/rpm"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/json"
-	"code.gitea.io/gitea/modules/log"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	rpm_module "code.gitea.io/gitea/modules/packages/rpm"
 	"code.gitea.io/gitea/modules/util"
@ -30,7 +29,6 @@ import (
 	"github.com/ProtonMail/go-crypto/openpgp"
 	"github.com/ProtonMail/go-crypto/openpgp/armor"
 	"github.com/ProtonMail/go-crypto/openpgp/packet"
-	"github.com/sassoftware/go-rpmutils"
 )

 // GetOrCreateRepositoryVersion gets or creates the internal repository package
@ -643,33 +641,3 @@ func addDataAsFileToRepo(ctx context.Context, pv *packages_model.PackageVersion,
 		OpenSize:  wc.Written(),
 	}, nil
 }
-
-func SignPackage(rpm *packages_module.HashedBuffer, privateKey string) (*packages_module.HashedBuffer, error) {
-	keyring, err := openpgp.ReadArmoredKeyRing(bytes.NewReader([]byte(privateKey)))
-	if err != nil {
-		// failed to parse key
-		return nil, err
-	}
-	entity := keyring[0]
-	h, err := rpmutils.SignRpmStream(rpm, entity.PrivateKey, nil)
-	if err != nil {
-		// error signing rpm
-		return nil, err
-	}
-	signBlob, err := h.DumpSignatureHeader(false)
-	if err != nil {
-		// error writing sig header
-		return nil, err
-	}
-	if len(signBlob)%8 != 0 {
-		log.Info("incorrect padding: got %d bytes, expected a multiple of 8", len(signBlob))
-		return nil, err
-	}
-
-	// move fp to sign end
-	if _, err := rpm.Seek(int64(h.OriginalSignatureHeaderSize()), io.SeekStart); err != nil {
-		return nil, err
-	}
-	// create signed rpm buf
-	return packages_module.CreateHashedBufferFromReader(io.MultiReader(bytes.NewReader(signBlob), rpm))
-}
--- a/services/packages/rpm/sign.go
+++ b/services/packages/rpm/sign.go
@ -0,0 +1,39 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package rpm
+
+import (
+	"bytes"
+	"io"
+	"strings"
+
+	packages_module "code.gitea.io/gitea/modules/packages"
+
+	"github.com/ProtonMail/go-crypto/openpgp"
+	"github.com/sassoftware/go-rpmutils"
+)
+
+func SignPackage(buf *packages_module.HashedBuffer, privateKey string) (*packages_module.HashedBuffer, error) {
+	keyring, err := openpgp.ReadArmoredKeyRing(strings.NewReader(privateKey))
+	if err != nil {
+		return nil, err
+	}
+
+	h, err := rpmutils.SignRpmStream(buf, keyring[0].PrivateKey, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	signBlob, err := h.DumpSignatureHeader(false)
+	if err != nil {
+		return nil, err
+	}
+
+	if _, err := buf.Seek(int64(h.OriginalSignatureHeaderSize()), io.SeekStart); err != nil {
+		return nil, err
+	}
+
+	// create new buf with signature prefix
+	return packages_module.CreateHashedBufferFromReader(io.MultiReader(bytes.NewReader(signBlob), buf))
+}