library-mirrors/lazuscripts-githook
1
0
Fork 0
mirror of https://github.com/lazuscripts/githook.git synced 2024-11-18 03:04:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

added Gitea support, improved security of const_compare

Browse Source
This commit is contained in:
Paul Liverman III 2018-05-11 13:38:54 -07:00
parent 6158011da9
commit 8ed4675c87
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
githook.moon
View File

@ -13,7 +13,7 @@ import insert, concat from table
const_compare = (string1, string2) -> const_compare = (string1, string2) ->
local fail, dummy local fail, dummy
for i = 1, math.max #string1, #string2 for i = 1, math.max #string1, #string2, 100
if string1\sub(i,i) ~= string2\sub(i,i) if string1\sub(i,i) ~= string2\sub(i,i)
fail = true fail = true
else else
@ -126,6 +126,8 @@ class extends lapis.Application
authorized = const_compare "sha1=#{hex_dump hmac_sha1 config.githook_secret, body}", github_hash authorized = const_compare "sha1=#{hex_dump hmac_sha1 config.githook_secret, body}", github_hash
elseif gogs_hash = @req.headers["X-Gogs-Signature"] elseif gogs_hash = @req.headers["X-Gogs-Signature"]
authorized = const_compare gogs_hash, hex_dump hmac_sha256 config.githook_secret, body authorized = const_compare gogs_hash, hex_dump hmac_sha256 config.githook_secret, body
elseif @params.secret
authorized = const_compare @params.secret, config.githook_secret
unless authorized unless authorized
return unauthorized! return unauthorized!
if @params.ref == "refs/heads/#{@branch}" if @params.ref == "refs/heads/#{@branch}"