diff options
author | Dave Borowitz <dborowitz@google.com> | 2015-08-19 11:26:46 -0400 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2015-08-19 12:58:45 -0700 |
commit | 30261094b1f7fdcba3b7a1f396e43891cd998149 (patch) | |
tree | 1ad9cc07d3c3dc5fb1a07c878be7f9b0fe2d4dde /builtin/push.c | |
parent | 068c77a5189584de2a8d9c2ad29e2370159444ae (diff) | |
download | git-30261094b1f7fdcba3b7a1f396e43891cd998149.tar.gz |
push: support signing pushes iff the server supports it
Add a new flag --sign=true (or --sign=false), which means the same
thing as the original --signed (or --no-signed). Give it a third
value --sign=if-asked to tell push and send-pack to send a push
certificate if and only if the server advertised a push cert nonce.
If not, warn the user that their push may not be as secure as they
thought.
Signed-off-by: Dave Borowitz <dborowitz@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'builtin/push.c')
-rw-r--r-- | builtin/push.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/builtin/push.c b/builtin/push.c index 57c138bd7b..85a82cd21d 100644 --- a/builtin/push.c +++ b/builtin/push.c @@ -9,6 +9,7 @@ #include "transport.h" #include "parse-options.h" #include "submodule.h" +#include "send-pack.h" static const char * const push_usage[] = { N_("git push [<options>] [<repository> [<refspec>...]]"), @@ -495,6 +496,7 @@ int cmd_push(int argc, const char **argv, const char *prefix) { int flags = 0; int tags = 0; + int push_cert = -1; int rc; const char *repo = NULL; /* default repository */ struct option options[] = { @@ -526,7 +528,9 @@ int cmd_push(int argc, const char **argv, const char *prefix) OPT_BIT(0, "no-verify", &flags, N_("bypass pre-push hook"), TRANSPORT_PUSH_NO_HOOK), OPT_BIT(0, "follow-tags", &flags, N_("push missing but relevant tags"), TRANSPORT_PUSH_FOLLOW_TAGS), - OPT_BIT(0, "signed", &flags, N_("GPG sign the push"), TRANSPORT_PUSH_CERT), + { OPTION_CALLBACK, + 0, "signed", &push_cert, "yes|no|if-asked", N_("GPG sign the push"), + PARSE_OPT_OPTARG, option_parse_push_signed }, OPT_BIT(0, "atomic", &flags, N_("request atomic transaction on remote side"), TRANSPORT_PUSH_ATOMIC), OPT_END() }; @@ -548,6 +552,20 @@ int cmd_push(int argc, const char **argv, const char *prefix) set_refspecs(argv + 1, argc - 1, repo); } + switch (push_cert) { + case SEND_PACK_PUSH_CERT_NEVER: + flags &= ~(TRANSPORT_PUSH_CERT_ALWAYS | TRANSPORT_PUSH_CERT_IF_ASKED); + break; + case SEND_PACK_PUSH_CERT_ALWAYS: + flags |= TRANSPORT_PUSH_CERT_ALWAYS; + flags &= ~TRANSPORT_PUSH_CERT_IF_ASKED; + break; + case SEND_PACK_PUSH_CERT_IF_ASKED: + flags |= TRANSPORT_PUSH_CERT_IF_ASKED; + flags &= ~TRANSPORT_PUSH_CERT_ALWAYS; + break; + } + rc = do_push(repo, flags); if (rc == -1) usage_with_options(push_usage, options); |