gpg: centralize signature check

verify-commit and verify-tag both share a central codepath for verifying commits: check_signature. However, verify-tag exited successfully for untrusted signature, while verify-commit exited unsuccessfully. Centralize this signature check and make verify-commit adopt the older verify-tag behavior. This behavior is more logical anyway, as the signature is in fact valid, whether or not there's a path of trust to the author. Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: brian m. carlson <sandals@crustytoothpaste.net> 2015-06-22 02:14:40 +0300
committer: Junio C Hamano <gitster@pobox.com> 2015-06-23 00:20:46 +0300
commit: 434060ec6d9bf50f095db901da3fb9b557e11df1 (patch)
tree: 7a7dc99fb6b8e1e5eaa566ec4eb5e29ff807e8f2 /gpg-interface.h
parent: 8e98e5f27aba812c0f095b7e546871e14a4139f6 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/gpg-interface.h b/gpg-interface.h
index 043bcaa630..e2aabde305 100644
--- a/gpg-interface.h
+++ b/gpg-interface.h
@@ -27,7 +27,7 @@ extern int verify_signed_buffer(const char *payload, size_t payload_size, const
 extern int git_gpg_config(const char *, const char *, void *);
 extern void set_signing_key(const char *);
 extern const char *get_signing_key(void);
-extern void check_signature(const char *payload, size_t plen,
+extern int check_signature(const char *payload, size_t plen,
 	const char *signature, size_t slen, struct signature_check *sigc);
 
 #endif
author	brian m. carlson <sandals@crustytoothpaste.net>	2015-06-22 02:14:40 +0300
committer	Junio C Hamano <gitster@pobox.com>	2015-06-23 00:20:46 +0300
commit	434060ec6d9bf50f095db901da3fb9b557e11df1 (patch)
tree	7a7dc99fb6b8e1e5eaa566ec4eb5e29ff807e8f2 /gpg-interface.h
parent	8e98e5f27aba812c0f095b7e546871e14a4139f6 (diff)