Merge branch 'stable-3.0' into stable-3.1

* stable-3.0: Restore existing Base64 transcoder for private key Remove unused annotation @ChangeUpdateExecutor Change-Id: I911b54160e966ebc2a18e9762c494e2759aa7396
2020-05-01 14:22:58 +01:00
parent 584ce3bf29 b633dfc671
commit 46c0d503e9
5 changed files with 36 additions and 93 deletions
--- a/java/com/google/gerrit/server/config/ChangeUpdateExecutor.java
+++ b/java/com/google/gerrit/server/config/ChangeUpdateExecutor.java
@@ -1,29 +0,0 @@
-// Copyright (C) 2012 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package com.google.gerrit.server.config;
-
-import static java.lang.annotation.RetentionPolicy.RUNTIME;
-
-import com.google.common.util.concurrent.ListeningExecutorService;
-import com.google.gerrit.server.update.BatchUpdate;
-import com.google.inject.BindingAnnotation;
-import java.lang.annotation.Retention;
-
-/**
- * Marker on the global {@link ListeningExecutorService} used by asynchronous {@link BatchUpdate}s.
- */
-@Retention(RUNTIME)
-@BindingAnnotation
-public @interface ChangeUpdateExecutor {}
--- a/java/com/google/gerrit/server/config/SysExecutorModule.java
+++ b/java/com/google/gerrit/server/config/SysExecutorModule.java
@@ -14,19 +14,13 @@

 package com.google.gerrit.server.config;

-import com.google.common.util.concurrent.ListeningExecutorService;
 import com.google.common.util.concurrent.MoreExecutors;
-import com.google.common.util.concurrent.ThreadFactoryBuilder;
 import com.google.gerrit.server.FanOutExecutor;
 import com.google.gerrit.server.git.WorkQueue;
-import com.google.gerrit.server.logging.LoggingContextAwareExecutorService;
 import com.google.inject.AbstractModule;
 import com.google.inject.Provides;
 import com.google.inject.Singleton;
-import java.util.concurrent.ArrayBlockingQueue;
 import java.util.concurrent.ExecutorService;
-import java.util.concurrent.ThreadPoolExecutor;
-import java.util.concurrent.TimeUnit;
 import org.eclipse.jgit.lib.Config;

 /**
@@ -73,28 +67,4 @@ public class SysExecutorModule extends AbstractModule {
    }
    return queues.createQueue(poolSize, "FanOut");
  }
-
-  @Provides
-  @Singleton
-  @ChangeUpdateExecutor
-  public ListeningExecutorService createChangeUpdateExecutor(@GerritServerConfig Config config) {
-    int poolSize = config.getInt("receive", null, "changeUpdateThreads", 1);
-    if (poolSize <= 1) {
-      return MoreExecutors.newDirectExecutorService();
-    }
-    return MoreExecutors.listeningDecorator(
-        new LoggingContextAwareExecutorService(
-            MoreExecutors.getExitingExecutorService(
-                new ThreadPoolExecutor(
-                    1,
-                    poolSize,
-                    10,
-                    TimeUnit.MINUTES,
-                    new ArrayBlockingQueue<>(poolSize),
-                    new ThreadFactoryBuilder()
-                        .setNameFormat("ChangeUpdate-%d")
-                        .setDaemon(true)
-                        .build(),
-                    new ThreadPoolExecutor.CallerRunsPolicy()))));
-  }
 }
--- a/java/com/google/gerrit/server/mail/SignedToken.java
+++ b/java/com/google/gerrit/server/mail/SignedToken.java
@@ -22,6 +22,7 @@ import java.util.Arrays;
 import javax.crypto.Mac;
 import javax.crypto.ShortBufferException;
 import javax.crypto.spec.SecretKeySpec;
+import org.apache.commons.codec.binary.Base64;

 /**
 * Utility function to compute and verify XSRF tokens.
@@ -46,7 +47,7 @@ public class SignedToken {
  public static String generateRandomKey() {
    final byte[] r = new byte[26];
    new SecureRandom().nextBytes(r);
-    return encodeBase64(r);
+    return encodeBase64PrivateKey(r);
  }

  private final int maxAge;
@@ -63,7 +64,7 @@ public class SignedToken {
   */
  public SignedToken(final int age, final String keyBase64) throws XsrfException {
    maxAge = age > 5 ? age / 5 : age;
-    key = new SecretKeySpec(decodeBase64(keyBase64), MAC_ALG);
+    key = new SecretKeySpec(decodeBase64PrivateKey(keyBase64), MAC_ALG);
    rng = new SecureRandom();
    tokenLength = 2 * INT_SZ + newMac().getMacLength();
  }
@@ -169,6 +170,14 @@ public class SignedToken {
    return (int) (System.currentTimeMillis() / 5000L);
  }

+  private static byte[] decodeBase64PrivateKey(final String privateKeyBase64String) {
+    return Base64.decodeBase64(toBytes(privateKeyBase64String));
+  }
+
+  private static String encodeBase64PrivateKey(final byte[] buf) {
+    return toString(Base64.encodeBase64(buf));
+  }
+
  private static byte[] decodeBase64(final String s) {
    return BaseEncoding.base64Url().decode(s);
  }
@@ -208,4 +217,12 @@ public class SignedToken {
    }
    return r;
  }
+
+  private static String toString(final byte[] b) {
+    final StringBuilder r = new StringBuilder(b.length);
+    for (int i = 0; i < b.length; i++) {
+      r.append((char) b[i]);
+    }
+    return r.toString();
+  }
 }
--- a/java/com/google/gerrit/testing/InMemoryModule.java
+++ b/java/com/google/gerrit/testing/InMemoryModule.java
@@ -18,7 +18,6 @@ import static com.google.common.base.Preconditions.checkState;
 import static com.google.inject.Scopes.SINGLETON;

 import com.google.common.base.Strings;
-import com.google.common.util.concurrent.ListeningExecutorService;
 import com.google.common.util.concurrent.MoreExecutors;
 import com.google.gerrit.acceptance.testsuite.project.ProjectOperations;
 import com.google.gerrit.acceptance.testsuite.project.ProjectOperationsImpl;
@@ -48,7 +47,6 @@ import com.google.gerrit.server.config.AnonymousCowardName;
 import com.google.gerrit.server.config.AnonymousCowardNameProvider;
 import com.google.gerrit.server.config.CanonicalWebUrlModule;
 import com.google.gerrit.server.config.CanonicalWebUrlProvider;
-import com.google.gerrit.server.config.ChangeUpdateExecutor;
 import com.google.gerrit.server.config.DefaultUrlFormatter;
 import com.google.gerrit.server.config.GerritGlobalModule;
 import com.google.gerrit.server.config.GerritInstanceNameModule;
@@ -186,9 +184,6 @@ public class InMemoryModule extends FactoryModule {
    bind(GitRepositoryManager.class).to(InMemoryRepositoryManager.class);
    bind(InMemoryRepositoryManager.class).in(SINGLETON);
    bind(TrackingFooters.class).toProvider(TrackingFootersProvider.class).in(SINGLETON);
-    bind(ListeningExecutorService.class)
-        .annotatedWith(ChangeUpdateExecutor.class)
-        .toInstance(MoreExecutors.newDirectExecutorService());
    bind(SecureStore.class).to(DefaultSecureStore.class);

    install(new InMemorySchemaModule());