private X509Certificate2 GetCertificateFromFile(ITracer tracer, EventMetadata metadata, GitProcess gitProcess) { string certificatePassword = null; if (this.isCertificatePasswordProtected) { certificatePassword = this.GetCertificatePassword(tracer, gitProcess); if (string.IsNullOrEmpty(certificatePassword)) { tracer.RelatedWarning( metadata, "Git config indicates, that certificate is password protected, but retrieved password was null or empty!"); } metadata.Add("isPasswordSpecified", string.IsNullOrEmpty(certificatePassword)); } if (this.fileSystem.FileExists(this.certificatePathOrSubjectCommonName)) { try { byte[] certificateContent = this.fileSystem.ReadAllBytes(this.certificatePathOrSubjectCommonName); X509Certificate2 cert = new X509Certificate2(certificateContent, certificatePassword); if (this.ShouldVerify && cert != null && !this.certificateVerifier.Verify(cert)) { tracer.RelatedWarning(metadata, "Certficate was found, but is invalid."); return(null); } return(cert); } catch (CryptographicException cryptEx) { metadata.Add("Exception", cryptEx.ToString()); tracer.RelatedError(metadata, "Error, while loading certificate from disk"); return(null); } } return(null); }
public void ConfigureHttpClientHandlerSslIfNeeded(ITracer tracer, HttpClientHandler httpClientHandler, GitProcess gitProcess) { X509Certificate2 cert = this.GitSsl?.GetCertificate(tracer, gitProcess); if (cert != null) { if (this.GitSsl != null && !this.GitSsl.ShouldVerify) { httpClientHandler.ServerCertificateCustomValidationCallback = (httpRequestMessage, c, cetChain, policyErrors) => { return(true); }; } httpClientHandler.ClientCertificateOptions = ClientCertificateOption.Manual; httpClientHandler.ClientCertificates.Add(cert); } }
public virtual GitProcess.Result IndexPackFile(string packfilePath, GitProcess gitProcess) { string tempIdxPath = Path.ChangeExtension(packfilePath, TempIdxExtension); string idxPath = Path.ChangeExtension(packfilePath, ".idx"); Exception indexPackException = null; try { if (gitProcess == null) { gitProcess = new GitProcess(this.Enlistment); } GitProcess.Result result = gitProcess.IndexPack(packfilePath, tempIdxPath); if (result.ExitCodeIsFailure) { Exception exception; if (!this.fileSystem.TryDeleteFile(tempIdxPath, exception: out exception)) { EventMetadata metadata = CreateEventMetadata(exception); metadata.Add("tempIdxPath", tempIdxPath); this.Tracer.RelatedWarning(metadata, $"{nameof(this.IndexPackFile)}: Failed to cleanup temp idx file after index pack failure"); } } else { if (this.Enlistment.FlushFileBuffersForPacks) { Exception exception; string error; if (!this.TryFlushFileBuffers(tempIdxPath, out exception, out error)) { EventMetadata metadata = CreateEventMetadata(exception); metadata.Add("packfilePath", packfilePath); metadata.Add("tempIndexPath", tempIdxPath); metadata.Add("error", error); this.Tracer.RelatedWarning(metadata, $"{nameof(this.IndexPackFile)}: Failed to flush temp idx file buffers"); } } this.fileSystem.MoveAndOverwriteFile(tempIdxPath, idxPath); } return(result); } catch (Win32Exception e) { indexPackException = e; } catch (IOException e) { indexPackException = e; } catch (UnauthorizedAccessException e) { indexPackException = e; } EventMetadata failureMetadata = CreateEventMetadata(indexPackException); failureMetadata.Add("packfilePath", packfilePath); failureMetadata.Add("tempIdxPath", tempIdxPath); failureMetadata.Add("idxPath", idxPath); this.fileSystem.TryDeleteFile(tempIdxPath, metadataKey: nameof(tempIdxPath), metadata: failureMetadata); this.fileSystem.TryDeleteFile(idxPath, metadataKey: nameof(idxPath), metadata: failureMetadata); this.Tracer.RelatedWarning(failureMetadata, $"{nameof(this.IndexPackFile): Exception caught while trying to index pack file}"); return(new GitProcess.Result( string.Empty, indexPackException != null ? indexPackException.Message : "Failed to index pack file", GitProcess.Result.GenericFailureCode)); }