From 434060ec6d9bf50f095db901da3fb9b557e11df1 Mon Sep 17 00:00:00 2001 From: "brian m. carlson" Date: Sun, 21 Jun 2015 23:14:40 +0000 Subject: gpg: centralize signature check verify-commit and verify-tag both share a central codepath for verifying commits: check_signature. However, verify-tag exited successfully for untrusted signature, while verify-commit exited unsuccessfully. Centralize this signature check and make verify-commit adopt the older verify-tag behavior. This behavior is more logical anyway, as the signature is in fact valid, whether or not there's a path of trust to the author. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano --- builtin/verify-commit.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'builtin/verify-commit.c') diff --git a/builtin/verify-commit.c b/builtin/verify-commit.c index ec0c4e3d8..e30f7cfbc 100644 --- a/builtin/verify-commit.c +++ b/builtin/verify-commit.c @@ -21,10 +21,11 @@ static const char * const verify_commit_usage[] = { static int run_gpg_verify(const unsigned char *sha1, const char *buf, unsigned long size, int verbose) { struct signature_check signature_check; + int ret; memset(&signature_check, 0, sizeof(signature_check)); - check_commit_signature(lookup_commit(sha1), &signature_check); + ret = check_commit_signature(lookup_commit(sha1), &signature_check); if (verbose && signature_check.payload) fputs(signature_check.payload, stdout); @@ -33,7 +34,7 @@ static int run_gpg_verify(const unsigned char *sha1, const char *buf, unsigned l fputs(signature_check.gpg_output, stderr); signature_check_clear(&signature_check); - return signature_check.result != 'G'; + return ret; } static int verify_commit(const char *name, int verbose) -- cgit v1.2.1 From ca194d50b84b53a0b711fef46d1a47657ec5da41 Mon Sep 17 00:00:00 2001 From: "brian m. carlson" Date: Sun, 21 Jun 2015 23:14:41 +0000 Subject: gpg: centralize printing signature buffers The code to handle printing of signature data from a struct signature_check is very similar between verify-commit and verify-tag. Place this in a single function. verify-tag retains its special case behavior of printing the tag even when no valid signature is found. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano --- builtin/verify-commit.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'builtin/verify-commit.c') diff --git a/builtin/verify-commit.c b/builtin/verify-commit.c index e30f7cfbc..016319ada 100644 --- a/builtin/verify-commit.c +++ b/builtin/verify-commit.c @@ -26,12 +26,7 @@ static int run_gpg_verify(const unsigned char *sha1, const char *buf, unsigned l memset(&signature_check, 0, sizeof(signature_check)); ret = check_commit_signature(lookup_commit(sha1), &signature_check); - - if (verbose && signature_check.payload) - fputs(signature_check.payload, stdout); - - if (signature_check.gpg_output) - fputs(signature_check.gpg_output, stderr); + print_signature_buffer(&signature_check, verbose ? GPG_VERIFY_VERBOSE : 0); signature_check_clear(&signature_check); return ret; -- cgit v1.2.1 From aeff29dd4dab01b497b2a2cf73e982e846a5fe4c Mon Sep 17 00:00:00 2001 From: "brian m. carlson" Date: Sun, 21 Jun 2015 23:14:42 +0000 Subject: verify-commit: add option to print raw gpg status information verify-commit by default displays human-readable output on standard error. However, it can also be useful to get access to the raw gpg status information, which is machine-readable, allowing automated implementation of signing policy. Add a --raw option to make verify-commit produce the gpg status information on standard error instead of the human-readable format. Signed-off-by: brian m. carlson Signed-off-by: Junio C Hamano --- builtin/verify-commit.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'builtin/verify-commit.c') diff --git a/builtin/verify-commit.c b/builtin/verify-commit.c index 016319ada..38bedf8f9 100644 --- a/builtin/verify-commit.c +++ b/builtin/verify-commit.c @@ -18,7 +18,7 @@ static const char * const verify_commit_usage[] = { NULL }; -static int run_gpg_verify(const unsigned char *sha1, const char *buf, unsigned long size, int verbose) +static int run_gpg_verify(const unsigned char *sha1, const char *buf, unsigned long size, unsigned flags) { struct signature_check signature_check; int ret; @@ -26,13 +26,13 @@ static int run_gpg_verify(const unsigned char *sha1, const char *buf, unsigned l memset(&signature_check, 0, sizeof(signature_check)); ret = check_commit_signature(lookup_commit(sha1), &signature_check); - print_signature_buffer(&signature_check, verbose ? GPG_VERIFY_VERBOSE : 0); + print_signature_buffer(&signature_check, flags); signature_check_clear(&signature_check); return ret; } -static int verify_commit(const char *name, int verbose) +static int verify_commit(const char *name, unsigned flags) { enum object_type type; unsigned char sha1[20]; @@ -50,7 +50,7 @@ static int verify_commit(const char *name, int verbose) return error("%s: cannot verify a non-commit object of type %s.", name, typename(type)); - ret = run_gpg_verify(sha1, buf, size, verbose); + ret = run_gpg_verify(sha1, buf, size, flags); free(buf); return ret; @@ -67,8 +67,10 @@ static int git_verify_commit_config(const char *var, const char *value, void *cb int cmd_verify_commit(int argc, const char **argv, const char *prefix) { int i = 1, verbose = 0, had_error = 0; + unsigned flags = 0; const struct option verify_commit_options[] = { OPT__VERBOSE(&verbose, N_("print commit contents")), + OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), GPG_VERIFY_RAW), OPT_END() }; @@ -79,11 +81,14 @@ int cmd_verify_commit(int argc, const char **argv, const char *prefix) if (argc <= i) usage_with_options(verify_commit_usage, verify_commit_options); + if (verbose) + flags |= GPG_VERIFY_VERBOSE; + /* sometimes the program was terminated because this signal * was received in the process of writing the gpg input: */ signal(SIGPIPE, SIG_IGN); while (i < argc) - if (verify_commit(argv[i++], verbose)) + if (verify_commit(argv[i++], flags)) had_error = 1; return had_error; } -- cgit v1.2.1