[libgit2.git] / src / signature.c

/*
 * This file is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License, version 2,
 * as published by the Free Software Foundation.
 *
 * In addition to the permissions in the GNU General Public License,
 * the authors give you unlimited permission to link the compiled
 * version of this file into combinations with other programs,
 * and to distribute those combinations without any restriction
 * coming from the use of this file.  (The General Public License
 * restrictions do apply in other respects; for example, they cover
 * modification of the file, and distribution when not linked into
 * a combined executable.)
 *
 * This file is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, 51 Franklin Street, Fifth Floor,
 * Boston, MA 02110-1301, USA.
 */

#include "common.h"
#include "signature.h"
#include "repository.h"
#include "git2/common.h"

void git_signature_free(git_signature *sig)
{
	if (sig == NULL)
		return;

	free(sig->name);
	free(sig->email);
	free(sig);
}

static const char *skip_leading_spaces(const char *buffer, const char *buffer_end)
{
	while (*buffer == ' ' && buffer < buffer_end)
		buffer++;

	return buffer;
}

static const char *skip_trailing_spaces(const char *buffer_start, const char *buffer_end)
{
	while (*buffer_end == ' ' && buffer_end > buffer_start)
		buffer_end--;

	return buffer_end;
}

static int process_trimming(const char *input, char **storage, const char *input_end, int fail_when_empty)
{
	const char *left, *right;
	int trimmed_input_length;

	left = skip_leading_spaces(input, input_end);
	right = skip_trailing_spaces(input, input_end - 1);

	if (right < left) {
		if (fail_when_empty)
			return git__throw(GIT_EINVALIDARGS, "Failed to trim. Input is either empty or only contains spaces");
		else
			right = left - 1;
	}

	trimmed_input_length = right - left + 1;

	*storage = git__malloc(trimmed_input_length + 1);
	if (*storage == NULL)
		return GIT_ENOMEM;

	memcpy(*storage, left, trimmed_input_length);
	(*storage)[trimmed_input_length] = 0;

	return GIT_SUCCESS;
}

git_signature *git_signature_new(const char *name, const char *email, git_time_t time, int offset)
{
	int error;
	git_signature *p = NULL;

	assert(name && email);

	if ((p = git__malloc(sizeof(git_signature))) == NULL)
		goto cleanup;

	memset(p, 0x0, sizeof(git_signature));

	error = process_trimming(name, &p->name, name + strlen(name), 1);
	if (error < GIT_SUCCESS) {
		git__rethrow(GIT_EINVALIDARGS, "Failed to create signature. 'name' argument is invalid");
		goto cleanup;
	}

	error = process_trimming(email, &p->email, email + strlen(email), 1);
	if (error < GIT_SUCCESS) {
		git__rethrow(GIT_EINVALIDARGS, "Failed to create signature. 'email' argument is invalid");
		goto cleanup;
	}

	p->when.time = time;
	p->when.offset = offset;

	return p;

cleanup:
	git_signature_free(p);
	return NULL;
}

git_signature *git_signature_dup(const git_signature *sig)
{
	return git_signature_new(sig->name, sig->email, sig->when.time, sig->when.offset);
}

git_signature *git_signature_now(const char *name, const char *email)
{
	time_t now;
	time_t offset;
	struct tm *utc_tm, *local_tm;

#ifndef GIT_WIN32
	struct tm _utc, _local;
#endif

	time(&now);

	/**
	 * On Win32, `gmtime_r` doesn't exist but
	 * `gmtime` is threadsafe, so we can use that
	 */
#ifdef GIT_WIN32
	utc_tm = gmtime(&now);
	local_tm = localtime(&now);
#else
	utc_tm = gmtime_r(&now, &_utc);
	local_tm = localtime_r(&now, &_local);
#endif

	offset = mktime(local_tm) - mktime(utc_tm);
	offset /= 60;

	/* mktime takes care of setting tm_isdst correctly */
	if (local_tm->tm_isdst)
		offset += 60;

	return git_signature_new(name, email, now, (int)offset);
}

static int parse_timezone_offset(const char *buffer, int *offset_out)
{
	long dec_offset;
	int mins, hours, offset;

	const char *offset_start;
	const char *offset_end;

	offset_start = buffer;

	if (*offset_start == '\n') {
		*offset_out = 0;
		return GIT_SUCCESS;
	}

	if (offset_start[0] != '-' && offset_start[0] != '+')
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. It doesn't start with '+' or '-'");

	if (offset_start[1] < '0' || offset_start[1] > '9')
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset.");

	if (git__strtol32(&dec_offset, offset_start + 1, &offset_end, 10) < GIT_SUCCESS)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. It isn't a number");

	if (offset_end - offset_start != 5)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. Invalid length");

	if (dec_offset > 1400)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. Value too large");

	hours = dec_offset / 100;
	mins = dec_offset % 100;

	if (hours > 14)	// see http://www.worldtimezone.com/faq.html
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. Hour value too large");

	if (mins > 59)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. Minute value too large");

	offset = (hours * 60) + mins;

	if (offset_start[0] == '-')
		offset *= -1;

	*offset_out = offset;

	return GIT_SUCCESS;
}

int process_next_token(const char **buffer_out, char **storage,
	const char *token_end, const char *right_boundary)
{
	int error = process_trimming(*buffer_out, storage, token_end, 0);
	if (error < GIT_SUCCESS)
		return error;

	*buffer_out = token_end + 1;

	if (*buffer_out > right_boundary)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Signature too short");

	return GIT_SUCCESS;
}

const char *scan_for_previous_token(const char *buffer, const char *left_boundary)
{
	const char *start;

	if (buffer <= left_boundary)
		return NULL;

	start = skip_trailing_spaces(left_boundary, buffer);

	/* Search for previous occurence of space */
	while (start[-1] != ' ' && start > left_boundary)
		start--;

	return start;
}

int parse_time(git_time_t *time_out, const char *buffer)
{
	long time;
	int error;

	if (*buffer == '+' || *buffer == '-')
		return git__throw(GIT_ERROR, "Failed while parsing time. '%s' rather look like a timezone offset.", buffer);

	error = git__strtol32(&time, buffer, &buffer, 10);

	if (error < GIT_SUCCESS)
		return error;

	*time_out = (git_time_t)time;

	return GIT_SUCCESS;
}

int git_signature__parse(git_signature *sig, const char **buffer_out,
		const char *buffer_end, const char *header, char ender)
{
	const char *buffer = *buffer_out;
	const char *line_end, *name_end, *email_end, *tz_start, *time_start;
	int error = GIT_SUCCESS;

	memset(sig, 0x0, sizeof(git_signature));

	if ((line_end = memchr(buffer, ender, buffer_end - buffer)) == NULL)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. No newline given");

	if (header) {
		const size_t header_len = strlen(header);

		if (memcmp(buffer, header, header_len) != 0)
			return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Expected prefix '%s' doesn't match actual", header);

		buffer += header_len;
	}

	if (buffer > line_end)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Signature too short");

	if ((name_end = strchr(buffer, '<')) == NULL)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Cannot find '<' in signature");

	if ((email_end = strchr(buffer, '>')) == NULL)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Cannot find '>' in signature");

	if (email_end < name_end)
		return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Malformed e-mail");

	error = process_next_token(&buffer, &sig->name, name_end, line_end);
	if (error < GIT_SUCCESS)
		return error;

	error = process_next_token(&buffer, &sig->email, email_end, line_end);
	if (error < GIT_SUCCESS)
		return error;

	tz_start = scan_for_previous_token(line_end - 1, buffer);

	if (tz_start == NULL)
		goto clean_exit;	/* No timezone nor date */

	time_start = scan_for_previous_token(tz_start - 1, buffer);
	if (time_start == NULL || parse_time(&sig->when.time, time_start) < GIT_SUCCESS) {
		/* The tz_start might point at the time */
		parse_time(&sig->when.time, tz_start);
		goto clean_exit;
	}

	if (parse_timezone_offset(tz_start, &sig->when.offset) < GIT_SUCCESS) {
		sig->when.time = 0; /* Bogus timezone, we reset the time */
	}

clean_exit:
	*buffer_out = line_end + 1;
	return GIT_SUCCESS;
}

void git_signature__writebuf(git_buf *buf, const char *header, const git_signature *sig)
{
	int offset, hours, mins;
	char sign;

	offset = sig->when.offset;
	sign = (sig->when.offset < 0) ? '-' : '+';

	if (offset < 0)
		offset = -offset;

	hours = offset / 60;
	mins = offset % 60;

	git_buf_printf(buf, "%s%s <%s> %u %c%02d%02d\n",
			header ? header : "", sig->name, sig->email,
			(unsigned)sig->when.time, sign, hours, mins);
}
Commit	Line	Data
58519018 VM	1	/*
	2	* This file is free software; you can redistribute it and/or modify
	3	* it under the terms of the GNU General Public License, version 2,
	4	* as published by the Free Software Foundation.
	5	*
	6	* In addition to the permissions in the GNU General Public License,
	7	* the authors give you unlimited permission to link the compiled
	8	* version of this file into combinations with other programs,
	9	* and to distribute those combinations without any restriction
	10	* coming from the use of this file. (The General Public License
	11	* restrictions do apply in other respects; for example, they cover
	12	* modification of the file, and distribution when not linked into
	13	* a combined executable.)
	14	*
	15	* This file is distributed in the hope that it will be useful, but
	16	* WITHOUT ANY WARRANTY; without even the implied warranty of
	17	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	18	* General Public License for more details.
	19	*
	20	* You should have received a copy of the GNU General Public License
	21	* along with this program; see the file COPYING. If not, write to
	22	* the Free Software Foundation, 51 Franklin Street, Fifth Floor,
	23	* Boston, MA 02110-1301, USA.
	24	*/
	25
	26	#include "common.h"
638c2ca4	27	#include "signature.h"
58519018	28	#include "repository.h"
44908fe7	29	#include "git2/common.h"
58519018	30
638c2ca4	31	void git_signature_free(git_signature *sig)
58519018	32	{
638c2ca4	33	if (sig == NULL)
58519018 VM	34	return;
58519018 VM	35
9f86ec52 VM	36	free(sig->name);
9f86ec52 VM	37	free(sig->email);
638c2ca4	38	free(sig);
58519018 VM	39	}
58519018 VM	40
a01acc47	41	static const char skip_leading_spaces(const char buffer, const char *buffer_end)
	42	{
	43	while (*buffer == ' ' && buffer < buffer_end)
	44	buffer++;
	45
	46	return buffer;
	47	}
	48
	49	static const char skip_trailing_spaces(const char buffer_start, const char *buffer_end)
	50	{
	51	while (*buffer_end == ' ' && buffer_end > buffer_start)
	52	buffer_end--;
	53
	54	return buffer_end;
	55	}
	56
	57	static int process_trimming(const char input, char storage, const char input_end, int fail_when_empty)
	58	{
	59	const char left, right;
	60	int trimmed_input_length;
	61
	62	left = skip_leading_spaces(input, input_end);
	63	right = skip_trailing_spaces(input, input_end - 1);
	64
5274c31a	65	if (right < left) {
a01acc47	66	if (fail_when_empty)
	67	return git__throw(GIT_EINVALIDARGS, "Failed to trim. Input is either empty or only contains spaces");
	68	else
	69	right = left - 1;
9f86ec52	70	}
a01acc47	71
	72	trimmed_input_length = right - left + 1;
	73
	74	*storage = git__malloc(trimmed_input_length + 1);
	75	if (*storage == NULL)
	76	return GIT_ENOMEM;
	77
	78	memcpy(*storage, left, trimmed_input_length);
	79	(*storage)[trimmed_input_length] = 0;
	80
	81	return GIT_SUCCESS;
	82	}
	83
56d8ca26	84	git_signature git_signature_new(const char name, const char *email, git_time_t time, int offset)
58519018	85	{
a01acc47	86	int error;
638c2ca4	87	git_signature *p = NULL;
58519018	88
a01acc47	89	assert(name && email);
a01acc47	90
638c2ca4	91	if ((p = git__malloc(sizeof(git_signature))) == NULL)
58519018 VM	92	goto cleanup;
58519018 VM	93
a01acc47	94	memset(p, 0x0, sizeof(git_signature));
58519018	95
a01acc47	96	error = process_trimming(name, &p->name, name + strlen(name), 1);
	97	if (error < GIT_SUCCESS) {
	98	git__rethrow(GIT_EINVALIDARGS, "Failed to create signature. 'name' argument is invalid");
58519018	99	goto cleanup;
a01acc47	100	}
	101
	102	error = process_trimming(email, &p->email, email + strlen(email), 1);
	103	if (error < GIT_SUCCESS) {
	104	git__rethrow(GIT_EINVALIDARGS, "Failed to create signature. 'email' argument is invalid");
	105	goto cleanup;
	106	}
	107
	108	p->when.time = time;
	109	p->when.offset = offset;
58519018 VM	110
	111	return p;
	112
	113	cleanup:
638c2ca4	114	git_signature_free(p);
58519018 VM	115	return NULL;
	116	}
	117
638c2ca4	118	git_signature git_signature_dup(const git_signature sig)
58519018	119	{
638c2ca4	120	return git_signature_new(sig->name, sig->email, sig->when.time, sig->when.offset);
58519018 VM	121	}
58519018 VM	122
8416c9ad	123	git_signature git_signature_now(const char name, const char *email)
9e9e6ae1 CMN	124	{
9e9e6ae1 CMN	125	time_t now;
53b7560b	126	time_t offset;
14eb94ee	127	struct tm utc_tm, local_tm;
9e9e6ae1	128
14eb94ee VM	129	#ifndef GIT_WIN32
	130	struct tm _utc, _local;
	131	#endif
9e9e6ae1	132
14eb94ee	133	time(&now);
9e9e6ae1	134
14eb94ee VM	135	/**
	136	* On Win32, `gmtime_r` doesn't exist but
	137	* `gmtime` is threadsafe, so we can use that
	138	*/
	139	#ifdef GIT_WIN32
	140	utc_tm = gmtime(&now);
	141	local_tm = localtime(&now);
	142	#else
	143	utc_tm = gmtime_r(&now, &_utc);
	144	local_tm = localtime_r(&now, &_local);
	145	#endif
	146
	147	offset = mktime(local_tm) - mktime(utc_tm);
9e9e6ae1	148	offset /= 60;
14eb94ee	149
9e9e6ae1	150	/* mktime takes care of setting tm_isdst correctly */
14eb94ee	151	if (local_tm->tm_isdst)
9e9e6ae1 CMN	152	offset += 60;
9e9e6ae1 CMN	153
53b7560b	154	return git_signature_new(name, email, now, (int)offset);
9e9e6ae1	155	}
58519018	156
42a1b5e1	157	static int parse_timezone_offset(const char buffer, int offset_out)
13710f1e	158	{
42a1b5e1	159	long dec_offset;
42a1b5e1	160	int mins, hours, offset;
13710f1e	161
c6e65aca VM	162	const char *offset_start;
c6e65aca VM	163	const char *offset_end;
13710f1e	164
42a1b5e1	165	offset_start = buffer;
13710f1e	166
638c2ca4	167	if (*offset_start == '\n') {
fee065a0	168	*offset_out = 0;
	169	return GIT_SUCCESS;
	170	}
	171
13710f1e	172	if (offset_start[0] != '-' && offset_start[0] != '+')
5de24ec7	173	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. It doesn't start with '+' or '-'");
13710f1e	174
fbfc7580	175	if (offset_start[1] < '0' \|\| offset_start[1] > '9')
fea400f8	176	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset.");
fbfc7580	177
c6e65aca	178	if (git__strtol32(&dec_offset, offset_start + 1, &offset_end, 10) < GIT_SUCCESS)
5de24ec7	179	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. It isn't a number");
13710f1e	180
13710f1e	181	if (offset_end - offset_start != 5)
5de24ec7	182	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. Invalid length");
13710f1e	183
fbfc7580 DG	184	if (dec_offset > 1400)
	185	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. Value too large");
	186
13710f1e	187	hours = dec_offset / 100;
	188	mins = dec_offset % 100;
	189
932d1baf	190	if (hours > 14) // see http://www.worldtimezone.com/faq.html
fbfc7580	191	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. Hour value too large");
13710f1e	192
638c2ca4	193	if (mins > 59)
5de24ec7	194	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse TZ offset. Minute value too large");
13710f1e	195
	196	offset = (hours * 60) + mins;
	197
	198	if (offset_start[0] == '-')
13710f1e	199	offset *= -1;
932d1baf	200
13710f1e	201	*offset_out = offset;
	202
	203	return GIT_SUCCESS;
	204	}
	205
42a1b5e1	206	int process_next_token(const char buffer_out, char storage,
a01acc47	207	const char token_end, const char right_boundary)
42a1b5e1	208	{
a01acc47	209	int error = process_trimming(*buffer_out, storage, token_end, 0);
	210	if (error < GIT_SUCCESS)
	211	return error;
42a1b5e1	212
a01acc47	213	*buffer_out = token_end + 1;
42a1b5e1	214
a01acc47	215	if (*buffer_out > right_boundary)
42a1b5e1	216	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Signature too short");
42a1b5e1	217
42a1b5e1	218	return GIT_SUCCESS;
	219	}
	220
a01acc47	221	const char scan_for_previous_token(const char buffer, const char *left_boundary)
42a1b5e1	222	{
a01acc47	223	const char *start;
42a1b5e1	224
a01acc47	225	if (buffer <= left_boundary)
42a1b5e1	226	return NULL;
42a1b5e1	227
a01acc47	228	start = skip_trailing_spaces(left_boundary, buffer);
42a1b5e1	229
	230	/* Search for previous occurence of space */
	231	while (start[-1] != ' ' && start > left_boundary)
	232	start--;
	233
	234	return start;
	235	}
	236
	237	int parse_time(git_time_t time_out, const char buffer)
	238	{
	239	long time;
	240	int error;
	241
	242	if (buffer == '+' \|\| buffer == '-')
	243	return git__throw(GIT_ERROR, "Failed while parsing time. '%s' rather look like a timezone offset.", buffer);
	244
	245	error = git__strtol32(&time, buffer, &buffer, 10);
	246
	247	if (error < GIT_SUCCESS)
	248	return error;
	249
	250	*time_out = (git_time_t)time;
	251
	252	return GIT_SUCCESS;
	253	}
13710f1e	254
720d5472	255	int git_signature__parse(git_signature sig, const char *buffer_out,
7757be33	256	const char buffer_end, const char header, char ender)
58519018	257	{
720d5472	258	const char buffer = buffer_out;
42a1b5e1	259	const char line_end, name_end, email_end, tz_start, *time_start;
42a1b5e1	260	int error = GIT_SUCCESS;
58519018	261
638c2ca4	262	memset(sig, 0x0, sizeof(git_signature));
58519018	263
7757be33	264	if ((line_end = memchr(buffer, ender, buffer_end - buffer)) == NULL)
8b2c913a	265	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. No newline given");
58519018	266
8b2c913a MS	267	if (header) {
8b2c913a MS	268	const size_t header_len = strlen(header);
58519018	269
8b2c913a MS	270	if (memcmp(buffer, header, header_len) != 0)
8b2c913a MS	271	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Expected prefix '%s' doesn't match actual", header);
58519018	272
8b2c913a MS	273	buffer += header_len;
8b2c913a MS	274	}
58519018	275
8b2c913a MS	276	if (buffer > line_end)
8b2c913a MS	277	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Signature too short");
58519018	278
8b2c913a MS	279	if ((name_end = strchr(buffer, '<')) == NULL)
8b2c913a MS	280	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Cannot find '<' in signature");
fbfc7580	281
8b2c913a MS	282	if ((email_end = strchr(buffer, '>')) == NULL)
8b2c913a MS	283	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Cannot find '>' in signature");
58519018	284
42a1b5e1	285	if (email_end < name_end)
42a1b5e1	286	return git__throw(GIT_EOBJCORRUPTED, "Failed to parse signature. Malformed e-mail");
076141a1	287
42a1b5e1	288	error = process_next_token(&buffer, &sig->name, name_end, line_end);
	289	if (error < GIT_SUCCESS)
	290	return error;
58519018	291
42a1b5e1	292	error = process_next_token(&buffer, &sig->email, email_end, line_end);
	293	if (error < GIT_SUCCESS)
	294	return error;
58519018	295
42a1b5e1	296	tz_start = scan_for_previous_token(line_end - 1, buffer);
58519018	297
42a1b5e1	298	if (tz_start == NULL)
42a1b5e1	299	goto clean_exit; /* No timezone nor date */
c6e65aca	300
42a1b5e1	301	time_start = scan_for_previous_token(tz_start - 1, buffer);
	302	if (time_start == NULL \|\| parse_time(&sig->when.time, time_start) < GIT_SUCCESS) {
	303	/* The tz_start might point at the time */
	304	parse_time(&sig->when.time, tz_start);
	305	goto clean_exit;
	306	}
932d1baf	307
42a1b5e1	308	if (parse_timezone_offset(tz_start, &sig->when.offset) < GIT_SUCCESS) {
	309	sig->when.time = 0; /* Bogus timezone, we reset the time */
	310	}
13710f1e	311
42a1b5e1	312	clean_exit:
8b2c913a	313	*buffer_out = line_end + 1;
6f02c3ba	314	return GIT_SUCCESS;
58519018 VM	315	}
58519018 VM	316
afeecf4f VM	317	void git_signature__writebuf(git_buf buf, const char header, const git_signature *sig)
	318	{
	319	int offset, hours, mins;
	320	char sign;
	321
	322	offset = sig->when.offset;
	323	sign = (sig->when.offset < 0) ? '-' : '+';
	324
	325	if (offset < 0)
	326	offset = -offset;
	327
	328	hours = offset / 60;
	329	mins = offset % 60;
	330
	331	git_buf_printf(buf, "%s%s <%s> %u %c%02d%02d\n",
	332	header ? header : "", sig->name, sig->email,
	333	(unsigned)sig->when.time, sign, hours, mins);
	334	}
58519018	335