diff options
| author | Junio C Hamano <gitster@pobox.com> | 2020-03-05 21:43:05 +0300 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2020-03-05 21:43:05 +0300 |
| commit | e63cefb024895fcff4b692cad84cb33ac4c81dcc (patch) | |
| tree | 75658b419b1a097b7bdce369262361323e6c8b7e /log-tree.c | |
| parent | 5da7329e29db93a93099bfee2a81171392341ac8 (diff) | |
| parent | 0106b1d4be166fd4f7bcf0b901d50940c9f539e2 (diff) | |
Merge branch 'hi/gpg-use-check-signature'
"git merge signed-tag" while lacking the public key started to say
"No signature", which was utterly wrong. This regression has been
reverted.
* hi/gpg-use-check-signature:
Revert "gpg-interface: prefer check_signature() for GPG verification"
Diffstat (limited to 'log-tree.c')
| -rw-r--r-- | log-tree.c | 30 |
1 files changed, 14 insertions, 16 deletions
diff --git a/log-tree.c b/log-tree.c index cae38dcc66..5425ae931f 100644 --- a/log-tree.c +++ b/log-tree.c @@ -449,22 +449,22 @@ static void show_signature(struct rev_info *opt, struct commit *commit) { struct strbuf payload = STRBUF_INIT; struct strbuf signature = STRBUF_INIT; - struct signature_check sigc = { 0 }; + struct strbuf gpg_output = STRBUF_INIT; int status; if (parse_signed_commit(commit, &payload, &signature) <= 0) goto out; - status = check_signature(payload.buf, payload.len, signature.buf, - signature.len, &sigc); - if (status && sigc.result == 'N') - show_sig_lines(opt, status, "No signature\n"); - else { - show_sig_lines(opt, status, sigc.gpg_output); - signature_check_clear(&sigc); - } + status = verify_signed_buffer(payload.buf, payload.len, + signature.buf, signature.len, + &gpg_output, NULL); + if (status && !gpg_output.len) + strbuf_addstr(&gpg_output, "No signature\n"); + + show_sig_lines(opt, status, gpg_output.buf); out: + strbuf_release(&gpg_output); strbuf_release(&payload); strbuf_release(&signature); } @@ -497,7 +497,6 @@ static int show_one_mergetag(struct commit *commit, struct object_id oid; struct tag *tag; struct strbuf verify_message; - struct signature_check sigc = { 0 }; int status, nth; size_t payload_size, gpg_message_offset; @@ -527,13 +526,12 @@ static int show_one_mergetag(struct commit *commit, status = -1; if (extra->len > payload_size) { /* could have a good signature */ - if (!check_signature(extra->value, payload_size, - extra->value + payload_size, - extra->len - payload_size, &sigc)) { - strbuf_addstr(&verify_message, sigc.gpg_output); - signature_check_clear(&sigc); + if (!verify_signed_buffer(extra->value, payload_size, + extra->value + payload_size, + extra->len - payload_size, + &verify_message, NULL)) status = 0; /* good */ - } else if (verify_message.len <= gpg_message_offset) + else if (verify_message.len <= gpg_message_offset) strbuf_addstr(&verify_message, "No signature\n"); /* otherwise we couldn't verify, which is shown as bad */ } |