private X509Certificate2 GetCertificateFromFile(ITracer tracer, EventMetadata metadata, GitProcess gitProcess)
{
string certificatePassword = null;
if (this.isCertificatePasswordProtected)
{
certificatePassword = this.GetCertificatePassword(tracer, gitProcess);
if (string.IsNullOrEmpty(certificatePassword))
{
tracer.RelatedWarning(
metadata,
"Git config indicates, that certificate is password protected, but retrieved password was null or empty!");
}
metadata.Add("isPasswordSpecified", string.IsNullOrEmpty(certificatePassword));
}
if (this.fileSystem.FileExists(this.certificatePathOrSubjectCommonName))
{
try
{
byte[] certificateContent = this.fileSystem.ReadAllBytes(this.certificatePathOrSubjectCommonName);
X509Certificate2 cert = new X509Certificate2(certificateContent, certificatePassword);
if (this.ShouldVerify && cert != null && !this.certificateVerifier.Verify(cert))
{
tracer.RelatedWarning(metadata, "Certficate was found, but is invalid.");
return(null);
}
return(cert);
}
catch (CryptographicException cryptEx)
{
metadata.Add("Exception", cryptEx.ToString());
tracer.RelatedError(metadata, "Error, while loading certificate from disk");
return(null);
}
}
return(null);
}
public void ConfigureHttpClientHandlerSslIfNeeded(ITracer tracer, HttpClientHandler httpClientHandler, GitProcess gitProcess)
{
X509Certificate2 cert = this.GitSsl?.GetCertificate(tracer, gitProcess);
if (cert != null)
{
if (this.GitSsl != null && !this.GitSsl.ShouldVerify)
{
httpClientHandler.ServerCertificateCustomValidationCallback =
(httpRequestMessage, c, cetChain, policyErrors) =>
{
return(true);
};
}
httpClientHandler.ClientCertificateOptions = ClientCertificateOption.Manual;
httpClientHandler.ClientCertificates.Add(cert);
}
}
public virtual GitProcess.Result IndexPackFile(string packfilePath, GitProcess gitProcess)
{
string tempIdxPath = Path.ChangeExtension(packfilePath, TempIdxExtension);
string idxPath = Path.ChangeExtension(packfilePath, ".idx");
Exception indexPackException = null;
try
{
if (gitProcess == null)
{
gitProcess = new GitProcess(this.Enlistment);
}
GitProcess.Result result = gitProcess.IndexPack(packfilePath, tempIdxPath);
if (result.ExitCodeIsFailure)
{
Exception exception;
if (!this.fileSystem.TryDeleteFile(tempIdxPath, exception: out exception))
{
EventMetadata metadata = CreateEventMetadata(exception);
metadata.Add("tempIdxPath", tempIdxPath);
this.Tracer.RelatedWarning(metadata, $"{nameof(this.IndexPackFile)}: Failed to cleanup temp idx file after index pack failure");
}
}
else
{
if (this.Enlistment.FlushFileBuffersForPacks)
{
Exception exception;
string error;
if (!this.TryFlushFileBuffers(tempIdxPath, out exception, out error))
{
EventMetadata metadata = CreateEventMetadata(exception);
metadata.Add("packfilePath", packfilePath);
metadata.Add("tempIndexPath", tempIdxPath);
metadata.Add("error", error);
this.Tracer.RelatedWarning(metadata, $"{nameof(this.IndexPackFile)}: Failed to flush temp idx file buffers");
}
}
this.fileSystem.MoveAndOverwriteFile(tempIdxPath, idxPath);
}
return(result);
}
catch (Win32Exception e)
{
indexPackException = e;
}
catch (IOException e)
{
indexPackException = e;
}
catch (UnauthorizedAccessException e)
{
indexPackException = e;
}
EventMetadata failureMetadata = CreateEventMetadata(indexPackException);
failureMetadata.Add("packfilePath", packfilePath);
failureMetadata.Add("tempIdxPath", tempIdxPath);
failureMetadata.Add("idxPath", idxPath);
this.fileSystem.TryDeleteFile(tempIdxPath, metadataKey: nameof(tempIdxPath), metadata: failureMetadata);
this.fileSystem.TryDeleteFile(idxPath, metadataKey: nameof(idxPath), metadata: failureMetadata);
this.Tracer.RelatedWarning(failureMetadata, $"{nameof(this.IndexPackFile): Exception caught while trying to index pack file}");
return(new GitProcess.Result(
string.Empty,
indexPackException != null ? indexPackException.Message : "Failed to index pack file",
GitProcess.Result.GenericFailureCode));
}
