MCPcopy Create free account
hub / github.com/libgit2/git2go / certificateCheckCallback

Function certificateCheckCallback

remote.go:449–523  ·  view source on GitHub ↗

export certificateCheckCallback

(
	errorMessage **C.char,
	_cert *C.git_cert,
	_valid C.int,
	_host *C.char,
	handle unsafe.Pointer,
)

Source from the content-addressed store, hash-verified

447
448//export certificateCheckCallback
449func certificateCheckCallback(
450 errorMessage **C.char,
451 _cert *C.git_cert,
452 _valid C.int,
453 _host *C.char,
454 handle unsafe.Pointer,
455) C.int {
456 data := pointerHandles.Get(handle).(*remoteCallbacksData)
457 // if there's no callback set, we need to make sure we fail if the library didn't consider this cert valid
458 if data.callbacks.CertificateCheckCallback == nil {
459 if _valid == 0 {
460 return C.int(ErrorCodeCertificate)
461 }
462 return C.int(ErrorCodeOK)
463 }
464
465 host := C.GoString(_host)
466 valid := _valid != 0
467
468 var cert Certificate
469 if _cert.cert_type == C.GIT_CERT_X509 {
470 cert.Kind = CertificateX509
471 ccert := (*C.git_cert_x509)(unsafe.Pointer(_cert))
472 x509_certs, err := x509.ParseCertificates(C.GoBytes(ccert.data, C.int(ccert.len)))
473 if err != nil {
474 if data.errorTarget != nil {
475 *data.errorTarget = err
476 }
477 return setCallbackError(errorMessage, err)
478 }
479 if len(x509_certs) < 1 {
480 err := errors.New("empty certificate list")
481 if data.errorTarget != nil {
482 *data.errorTarget = err
483 }
484 return setCallbackError(errorMessage, err)
485 }
486
487 // we assume there's only one, which should hold true for any web server we want to talk to
488 cert.X509 = x509_certs[0]
489 } else if _cert.cert_type == C.GIT_CERT_HOSTKEY_LIBSSH2 {
490 cert.Kind = CertificateHostkey
491 ccert := (*C.git_cert_hostkey)(unsafe.Pointer(_cert))
492 cert.Hostkey.Kind = HostkeyKind(ccert._type)
493 C.memcpy(unsafe.Pointer(&cert.Hostkey.HashMD5[0]), unsafe.Pointer(&ccert.hash_md5[0]), C.size_t(len(cert.Hostkey.HashMD5)))
494 C.memcpy(unsafe.Pointer(&cert.Hostkey.HashSHA1[0]), unsafe.Pointer(&ccert.hash_sha1[0]), C.size_t(len(cert.Hostkey.HashSHA1)))
495 C.memcpy(unsafe.Pointer(&cert.Hostkey.HashSHA256[0]), unsafe.Pointer(&ccert.hash_sha256[0]), C.size_t(len(cert.Hostkey.HashSHA256)))
496 if (cert.Hostkey.Kind & HostkeyRaw) == HostkeyRaw {
497 cert.Hostkey.Hostkey = C.GoBytes(unsafe.Pointer(ccert.hostkey), C.int(ccert.hostkey_len))
498 var err error
499 cert.Hostkey.SSHPublicKey, err = ssh.ParsePublicKey(cert.Hostkey.Hostkey)
500 if err != nil {
501 if data.errorTarget != nil {
502 *data.errorTarget = err
503 }
504 return setCallbackError(errorMessage, err)
505 }
506 }

Callers 1

Calls 3

setCallbackErrorFunction · 0.85
HostkeyKindTypeAlias · 0.85
GetMethod · 0.80

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…