go-gitea · milahu · Dec 6, 2021 · Dec 7, 2021 · wxiaoguang · Dec 7, 2021
diff --git a/integrations/repo_download_test.go b/integrations/repo_download_test.go
@@ -0,0 +1,51 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+// based on repo_commits_test.go
+
+package integrations
+
+import (
+	"net/http"
+	"path"
+	"testing"
+	"encoding/base64"
+
+	"github.com/stretchr/testify/assert"
+	// gitea/integrations/integration_test.go -> NewRequest
+)
+
+// gitea/routers/web/repo/repo.go: addCommitObjectResponseHeader
+func TestRepoDownloadWithCommitObject(t *testing.T) {
+	defer prepareTestEnv(t)()
+
+	// Request repository commits page
+	req := NewRequest(t, "GET", "/user2/repo1/commits/branch/master")
+	resp := MakeRequest(t, req, http.StatusOK)
+
+	doc := NewHTMLParser(t, resp.Body)
+	// Get first commit URL
+	commitURL, exists := doc.doc.Find("#commits-table tbody tr td.sha a").Attr("href")
+	assert.True(t, exists)
+	assert.NotEmpty(t, commitURL)
+
+	commitHash := path.Base(commitURL)
+
+	q2 := NewRequest(t, "GET", "/user2/repo1/archive/"+commitHash+".tar.gz")
+	assert.NotNil(t, q2)
+	q2.Header.Set("X-Commit-Object", "1") // request the commit object
+	r2 := MakeRequest(t, q2, http.StatusOK)
+	// decode the commit object
+	str64 := r2.Header().Get("X-Commit-Object")
+	bytes, err := base64.StdEncoding.DecodeString(str64)
+	assert.NoError(t, err)
+	str := string(bytes)
+	strExpected := (
+		"tree 2a2f1d4670728a2e10049e345bd7a276468beab6\n" +
+		"author user1 <address1@example.com> 1489956479 -0400\n" +
+		"committer Ethan Koenig <ethantkoenig@gmail.com> 1489956479 -0400\n" +
+		"\n" +
+		"Initial commit\n")
+	assert.Equal(t, str, strExpected)
+}
diff --git a/modules/git/repo_commit.go b/modules/git/repo_commit.go
@@ -85,6 +85,17 @@ func (repo *Repository) GetCommitByPath(relpath string) (*Commit, error) {
 	return commits[0], nil
 }
 
+// GetCommitObject returns the raw commit object.
+func (repo *Repository) GetCommitObject(commitID string) ([]byte, error) {
+	// we need a bit-exact copy of the commit object for hash calculation
+	// -p = print
+	stdout, err := NewCommandContext(repo.Ctx, "cat-file", "-p", commitID).RunInDirBytes(repo.Path)
+	if err != nil {
+		return nil, err
+	}
+	return stdout, nil
+}
+
 func (repo *Repository) commitsByRange(id SHA1, page, pageSize int) ([]*Commit, error) {
 	stdout, err := NewCommandContext(repo.Ctx, "log", id.String(), "--skip="+strconv.Itoa((page-1)*pageSize),
 		"--max-count="+strconv.Itoa(pageSize), prettyLogFormat).RunInDirBytes(repo.Path)

diff --git a/routers/web/repo/repo.go b/routers/web/repo/repo.go
@@ -11,6 +11,7 @@ import (
 	"net/http"
 	"strings"
 	"time"
+	"encoding/base64"
 
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/db"
@@ -443,6 +444,7 @@ func download(ctx *context.Context, archiveName string, archiver *repo_model.Rep
 		//If we have a signed url (S3, object storage), redirect to this directly.
 		u, err := storage.RepoArchives.URL(rPath, downloadName)
 		if u != nil && err == nil {
+			addCommitObjectResponseHeader(ctx, archiver)
 			ctx.Redirect(u.String())
 			return
 		}
@@ -455,9 +457,30 @@ func download(ctx *context.Context, archiveName string, archiver *repo_model.Rep
 		return
 	}
 	defer fr.Close()
+	addCommitObjectResponseHeader(ctx, archiver)
 	ctx.ServeStream(fr, downloadName)
 }
 
+// Add X-Commit-Object response header if it was requested.
+// The commit object is needed to verify a downloaded archive by commit hash.
+// We use base64 to ensure a lossless encoding of binary data.
+// test: gitea/integrations/repo_download_test.go
+func addCommitObjectResponseHeader(ctx *context.Context, archiver *repo_model.RepoArchiver) {
+	if ctx.Req.Header.Get("X-Commit-Object") != "1" {
+		return
+	}
+	gitrepo := ctx.Repo.GitRepo
+	bytes, err := gitrepo.GetCommitObject(archiver.CommitID)
+	if err != nil {
+		// CommitID should be valid here, but still, errors can happen
+		ctx.Resp.Header().Set("X-Commit-Object", "")
+		ctx.Resp.Header().Set("X-Commit-Object-Error", "1")
+		return
+	}
+	str64 := base64.StdEncoding.EncodeToString(bytes)
+	ctx.Resp.Header().Set("X-Commit-Object", str64)
+}
+
 // InitiateDownload will enqueue an archival request, as needed.  It may submit
 // a request that's already in-progress, but the archiver service will just
 // kind of drop it on the floor if this is the case.