export certificateCheckCallback
( errorMessage **C.char, _cert *C.git_cert, _valid C.int, _host *C.char, handle unsafe.Pointer, )
| 447 | |
| 448 | //export certificateCheckCallback |
| 449 | func certificateCheckCallback( |
| 450 | errorMessage **C.char, |
| 451 | _cert *C.git_cert, |
| 452 | _valid C.int, |
| 453 | _host *C.char, |
| 454 | handle unsafe.Pointer, |
| 455 | ) C.int { |
| 456 | data := pointerHandles.Get(handle).(*remoteCallbacksData) |
| 457 | // if there's no callback set, we need to make sure we fail if the library didn't consider this cert valid |
| 458 | if data.callbacks.CertificateCheckCallback == nil { |
| 459 | if _valid == 0 { |
| 460 | return C.int(ErrorCodeCertificate) |
| 461 | } |
| 462 | return C.int(ErrorCodeOK) |
| 463 | } |
| 464 | |
| 465 | host := C.GoString(_host) |
| 466 | valid := _valid != 0 |
| 467 | |
| 468 | var cert Certificate |
| 469 | if _cert.cert_type == C.GIT_CERT_X509 { |
| 470 | cert.Kind = CertificateX509 |
| 471 | ccert := (*C.git_cert_x509)(unsafe.Pointer(_cert)) |
| 472 | x509_certs, err := x509.ParseCertificates(C.GoBytes(ccert.data, C.int(ccert.len))) |
| 473 | if err != nil { |
| 474 | if data.errorTarget != nil { |
| 475 | *data.errorTarget = err |
| 476 | } |
| 477 | return setCallbackError(errorMessage, err) |
| 478 | } |
| 479 | if len(x509_certs) < 1 { |
| 480 | err := errors.New("empty certificate list") |
| 481 | if data.errorTarget != nil { |
| 482 | *data.errorTarget = err |
| 483 | } |
| 484 | return setCallbackError(errorMessage, err) |
| 485 | } |
| 486 | |
| 487 | // we assume there's only one, which should hold true for any web server we want to talk to |
| 488 | cert.X509 = x509_certs[0] |
| 489 | } else if _cert.cert_type == C.GIT_CERT_HOSTKEY_LIBSSH2 { |
| 490 | cert.Kind = CertificateHostkey |
| 491 | ccert := (*C.git_cert_hostkey)(unsafe.Pointer(_cert)) |
| 492 | cert.Hostkey.Kind = HostkeyKind(ccert._type) |
| 493 | C.memcpy(unsafe.Pointer(&cert.Hostkey.HashMD5[0]), unsafe.Pointer(&ccert.hash_md5[0]), C.size_t(len(cert.Hostkey.HashMD5))) |
| 494 | C.memcpy(unsafe.Pointer(&cert.Hostkey.HashSHA1[0]), unsafe.Pointer(&ccert.hash_sha1[0]), C.size_t(len(cert.Hostkey.HashSHA1))) |
| 495 | C.memcpy(unsafe.Pointer(&cert.Hostkey.HashSHA256[0]), unsafe.Pointer(&ccert.hash_sha256[0]), C.size_t(len(cert.Hostkey.HashSHA256))) |
| 496 | if (cert.Hostkey.Kind & HostkeyRaw) == HostkeyRaw { |
| 497 | cert.Hostkey.Hostkey = C.GoBytes(unsafe.Pointer(ccert.hostkey), C.int(ccert.hostkey_len)) |
| 498 | var err error |
| 499 | cert.Hostkey.SSHPublicKey, err = ssh.ParsePublicKey(cert.Hostkey.Hostkey) |
| 500 | if err != nil { |
| 501 | if data.errorTarget != nil { |
| 502 | *data.errorTarget = err |
| 503 | } |
| 504 | return setCallbackError(errorMessage, err) |
| 505 | } |
| 506 | } |
no test coverage detected
searching dependent graphs…