snapshot: support archive signatures

Read signatures from the notes refs refs/notes/signatures/$FORMAT where
FORMAT is one of our archive formats ("tar", "tar.gz", ...).  The note
is expected to simply contain the signature content to be returned when
the snapshot "${filename}.asc" is requested, so the signature for
cgit-1.1.tar.xz can be stored against the v1.1 tag with:

	git notes --ref=refs/notes/signatures/tar.xz add -C "$(
		gpg --output - --armor --detach-sign cgit-1.1.tar.xz |
		git hash-object -w --stdin
	)" v1.1

and then downloaded by simply appending ".asc" to the archive URL.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>

3 files changed, 84 insertions, 1 deletions

diff --git a/cgit.h b/cgit.h
index 847cd2e..a686390 100644
--- a/cgit.h
+++ b/cgit.h
@@ -374,6 +374,8 @@ extern void cgit_parse_url(const char *url);
 extern const char *cgit_repobasename(const char *reponame);
 
 extern int cgit_parse_snapshots_mask(const char *str);
+extern const struct object_id *cgit_snapshot_get_sig(const char *ref,
+                                                     const struct cgit_snapshot_format *f);
 
 extern int cgit_open_filter(struct cgit_filter *filter, ...);
 extern int cgit_close_filter(struct cgit_filter *filter);
diff --git a/ui-shared.c b/ui-shared.c
index 9d7ee3d..8a786e0 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -1133,6 +1133,13 @@ void cgit_print_snapshot_links(const struct cgit_repo *repo, const char *ref,
                 strbuf_addstr(&filename, f->suffix);
                 cgit_snapshot_link(filename.buf, NULL, NULL, NULL, NULL,
                                    filename.buf);
+                if (cgit_snapshot_get_sig(ref, f)) {
+                        strbuf_addstr(&filename, ".asc");
+                        html(" (");
+                        cgit_snapshot_link("sig", NULL, NULL, NULL, NULL,
+                                           filename.buf);
+                        html(")");
+                }
                 html(separator);
         }
         strbuf_release(&filename);
diff --git a/ui-snapshot.c b/ui-snapshot.c
index abf8399..c7611e8 100644
--- a/ui-snapshot.c
+++ b/ui-snapshot.c
@@ -94,6 +94,31 @@ const struct cgit_snapshot_format cgit_snapshot_formats[] = {
         { NULL }
 };
 
+static struct notes_tree snapshot_sig_notes[ARRAY_SIZE(cgit_snapshot_formats)];
+
+const struct object_id *cgit_snapshot_get_sig(const char *ref,
+                                              const struct cgit_snapshot_format *f)
+{
+        struct notes_tree *tree;
+        struct object_id oid;
+
+        if (get_oid(ref, &oid))
+                return NULL;
+
+        tree = &snapshot_sig_notes[f - &cgit_snapshot_formats[0]];
+        if (!tree->initialized) {
+                struct strbuf notes_ref = STRBUF_INIT;
+
+                strbuf_addf(&notes_ref, "refs/notes/signatures/%s",
+                            f->suffix + 1);
+
+                init_notes(tree, notes_ref.buf, combine_notes_ignore, 0);
+                strbuf_release(&notes_ref);
+        }
+
+        return get_note(tree, &oid);
+}
+
 static const struct cgit_snapshot_format *get_format(const char *filename)
 {
         const struct cgit_snapshot_format *fmt;
@@ -129,6 +154,39 @@ static int make_snapshot(const struct cgit_snapshot_format *format,
         return 0;
 }
 
+static int write_sig(const struct cgit_snapshot_format *format,
+                     const char *hex, const char *archive,
+                     const char *filename)
+{
+        const struct object_id *note = cgit_snapshot_get_sig(hex, format);
+        enum object_type type;
+        unsigned long size;
+        char *buf;
+
+        if (!note) {
+                cgit_print_error_page(404, "Not found",
+                                "No signature for %s", archive);
+                return 0;
+        }
+
+        buf = read_sha1_file(note->hash, &type, &size);
+        if (!buf) {
+                cgit_print_error_page(404, "Not found", "Not found");
+                return 0;
+        }
+
+        html("X-Content-Type-Options: nosniff\n");
+        html("Content-Security-Policy: default-src 'none'\n");
+        ctx.page.etag = oid_to_hex(note);
+        ctx.page.mimetype = xstrdup("application/pgp-signature");
+        ctx.page.filename = xstrdup(filename);
+        cgit_print_http_headers();
+
+        html_raw(buf, size);
+        free(buf);
+        return 0;
+}
+
 /* Try to guess the requested revision from the requested snapshot name.
  * First the format extension is stripped, e.g. "cgit-0.7.2.tar.gz" become
  * "cgit-0.7.2". If this is a valid commit object name we've got a winner.
@@ -185,6 +243,8 @@ void cgit_print_snapshot(const char *head, const char *hex,
                          const char *filename, int dwim)
 {
         const struct cgit_snapshot_format* f;
+        const char *sig_filename = NULL;
+        char *adj_filename = NULL;
         char *prefix = NULL;
 
         if (!filename) {
@@ -193,6 +253,15 @@ void cgit_print_snapshot(const char *head, const char *hex,
                 return;
         }
 
+        if (ends_with(filename, ".asc")) {
+                sig_filename = filename;
+
+                /* Strip ".asc" from filename for common format processing */
+                adj_filename = xstrdup(filename);
+                adj_filename[strlen(adj_filename) - 4] = '\0';
+                filename = adj_filename;
+        }
+
         f = get_format(filename);
         if (!f || !(ctx.repo->snapshots & f->bit)) {
                 cgit_print_error_page(400, "Bad request",
@@ -216,6 +285,11 @@ void cgit_print_snapshot(const char *head, const char *hex,
         if (!prefix)
                 prefix = xstrdup(cgit_snapshot_prefix(ctx.repo));
 
-        make_snapshot(f, hex, prefix, filename);
+        if (sig_filename)
+                write_sig(f, hex, filename, sig_filename);
+        else
+                make_snapshot(f, hex, prefix, filename);
+
         free(prefix);
+        free(adj_filename);
 }