diff options
| author | Junio C Hamano <gitster@pobox.com> | 2019-12-10 13:11:45 -0800 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2019-12-10 13:11:45 -0800 |
| commit | 930078ba3995216193a18cf67ddfdc198e892fd5 (patch) | |
| tree | 79a75f9cf8a678f34701ddfd955d607b75641912 /log-tree.c | |
| parent | 08d2f46d0caf4125ef8f416b7bdc38af62233fb6 (diff) | |
| parent | 72b006f4bfd30b7c5037c163efaf279ab65bea9c (diff) | |
| download | git-930078ba3995216193a18cf67ddfdc198e892fd5.tar.gz | |
Merge branch 'hi/gpg-use-check-signature'
Hide lower-level verify_signed-buffer() API as a pure helper to
implement the public check_signature() function, in order to
encourage new callers to use the correct and more strict
validation.
* hi/gpg-use-check-signature:
gpg-interface: prefer check_signature() for GPG verification
Diffstat (limited to 'log-tree.c')
| -rw-r--r-- | log-tree.c | 30 |
1 files changed, 16 insertions, 14 deletions
diff --git a/log-tree.c b/log-tree.c index 151e12f415..4e32638de8 100644 --- a/log-tree.c +++ b/log-tree.c @@ -449,22 +449,22 @@ static void show_signature(struct rev_info *opt, struct commit *commit) { struct strbuf payload = STRBUF_INIT; struct strbuf signature = STRBUF_INIT; - struct strbuf gpg_output = STRBUF_INIT; + struct signature_check sigc = { 0 }; int status; if (parse_signed_commit(commit, &payload, &signature) <= 0) goto out; - status = verify_signed_buffer(payload.buf, payload.len, - signature.buf, signature.len, - &gpg_output, NULL); - if (status && !gpg_output.len) - strbuf_addstr(&gpg_output, "No signature\n"); - - show_sig_lines(opt, status, gpg_output.buf); + status = check_signature(payload.buf, payload.len, signature.buf, + signature.len, &sigc); + if (status && sigc.result == 'N') + show_sig_lines(opt, status, "No signature\n"); + else { + show_sig_lines(opt, status, sigc.gpg_output); + signature_check_clear(&sigc); + } out: - strbuf_release(&gpg_output); strbuf_release(&payload); strbuf_release(&signature); } @@ -497,6 +497,7 @@ static int show_one_mergetag(struct commit *commit, struct object_id oid; struct tag *tag; struct strbuf verify_message; + struct signature_check sigc = { 0 }; int status, nth; size_t payload_size, gpg_message_offset; @@ -525,12 +526,13 @@ static int show_one_mergetag(struct commit *commit, status = -1; if (extra->len > payload_size) { /* could have a good signature */ - if (!verify_signed_buffer(extra->value, payload_size, - extra->value + payload_size, - extra->len - payload_size, - &verify_message, NULL)) + if (!check_signature(extra->value, payload_size, + extra->value + payload_size, + extra->len - payload_size, &sigc)) { + strbuf_addstr(&verify_message, sigc.gpg_output); + signature_check_clear(&sigc); status = 0; /* good */ - else if (verify_message.len <= gpg_message_offset) + } else if (verify_message.len <= gpg_message_offset) strbuf_addstr(&verify_message, "No signature\n"); /* otherwise we couldn't verify, which is shown as bad */ } |