From dfc4ece4083bbbb98f55291d05e7d2b1513464b7 Mon Sep 17 00:00:00 2001
From: Thomas Pummer <dev@nullpointer.at>
Date: Fri, 22 Feb 2013 11:10:11 -0500
Subject: [PATCH] the display-name in web.xml now shows the actual version of Gitblit
---
src/com/gitblit/utils/HttpUtils.java | 65 +++++++++++++++++++-------------
1 files changed, 38 insertions(+), 27 deletions(-)
diff --git a/src/com/gitblit/utils/HttpUtils.java b/src/com/gitblit/utils/HttpUtils.java
index 68a3506..86f53cf 100644
--- a/src/com/gitblit/utils/HttpUtils.java
+++ b/src/com/gitblit/utils/HttpUtils.java
@@ -20,14 +20,13 @@
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.LoggerFactory;
import com.gitblit.models.UserModel;
+import com.gitblit.utils.X509Utils.X509Metadata;
/**
* Collection of utility methods for http requests.
@@ -145,21 +144,11 @@
* @return
*/
public static UserModel getUserModelFromCertificate(X509Certificate cert, String... usernameOIDs) {
- UserModel user = new UserModel(null);
- user.isAuthenticated = false;
+ X509Metadata metadata = X509Utils.getMetadata(cert);
- // manually split DN into OID components
- // this is instead of parsing with LdapName which:
- // (1) I don't trust the order of values
- // (2) it filters out values like EMAILADDRESS
- String dn = cert.getSubjectDN().getName();
- Map<String, String> oids = new HashMap<String, String>();
- for (String kvp : dn.split(",")) {
- String [] val = kvp.trim().split("=");
- String oid = val[0].toUpperCase().trim();
- String data = val[1].trim();
- oids.put(oid, data);
- }
+ UserModel user = new UserModel(metadata.commonName);
+ user.emailAddress = metadata.emailAddress;
+ user.isAuthenticated = false;
if (usernameOIDs == null || usernameOIDs.length == 0) {
// use default usename<->CN mapping
@@ -169,25 +158,47 @@
// determine username from OID fingerprint
StringBuilder an = new StringBuilder();
for (String oid : usernameOIDs) {
- String val = getOIDValue(oid.toUpperCase(), oids);
+ String val = metadata.getOID(oid.toUpperCase(), null);
if (val != null) {
an.append(val).append(' ');
}
}
- user.username = an.toString().trim();
-
- // extract email address, if available
- user.emailAddress = getOIDValue("E", oids);
- if (user.emailAddress == null) {
- user.emailAddress = getOIDValue("EMAILADDRESS", oids);
- }
+ user.username = an.toString().trim();
return user;
}
- private static String getOIDValue(String oid, Map<String, String> oids) {
- if (oids.containsKey(oid)) {
- return oids.get(oid);
+ public static X509Metadata getCertificateMetadata(HttpServletRequest httpRequest) {
+ if (httpRequest.getAttribute("javax.servlet.request.X509Certificate") != null) {
+ X509Certificate[] certChain = (X509Certificate[]) httpRequest
+ .getAttribute("javax.servlet.request.X509Certificate");
+ if (certChain != null) {
+ X509Certificate cert = certChain[0];
+ return X509Utils.getMetadata(cert);
+ }
}
return null;
}
+
+ public static boolean isIpAddress(String address) {
+ if (StringUtils.isEmpty(address)) {
+ return false;
+ }
+ String [] fields = address.split("\\.");
+ if (fields.length == 4) {
+ // IPV4
+ for (String field : fields) {
+ try {
+ int value = Integer.parseInt(field);
+ if (value < 0 || value > 255) {
+ return false;
+ }
+ } catch (Exception e) {
+ return false;
+ }
+ }
+ return true;
+ }
+ // TODO IPV6?
+ return false;
+ }
}
--
Gitblit v1.9.1