Merge branch 'mg/gpg-interface-using-status' into maint
Verification of signed tags were not done correctly when not in C or en/US locale. * mg/gpg-interface-using-status: pretty: make %GK output the signing key for signed commits pretty: parse the gpg status lines rather than the output gpg_interface: allow to request status return log-tree: rely upon the check in the gpg_interface gpg-interface: check good signature in a reliable way
This commit is contained in:
commit
b771d8d7cf
@ -133,6 +133,7 @@ The placeholders are:
|
|||||||
- '%GG': raw verification message from GPG for a signed commit
|
- '%GG': raw verification message from GPG for a signed commit
|
||||||
- '%G?': show either "G" for Good or "B" for Bad for a signed commit
|
- '%G?': show either "G" for Good or "B" for Bad for a signed commit
|
||||||
- '%GS': show the name of the signer for a signed commit
|
- '%GS': show the name of the signer for a signed commit
|
||||||
|
- '%GK': show the key used to sign a signed commit
|
||||||
- '%gD': reflog selector, e.g., `refs/stash@{1}`
|
- '%gD': reflog selector, e.g., `refs/stash@{1}`
|
||||||
- '%gd': shortened reflog selector, e.g., `stash@{1}`
|
- '%gd': shortened reflog selector, e.g., `stash@{1}`
|
||||||
- '%gn': reflog identity name
|
- '%gn': reflog identity name
|
||||||
|
@ -492,7 +492,7 @@ static void fmt_merge_msg_sigs(struct strbuf *out)
|
|||||||
|
|
||||||
if (size == len)
|
if (size == len)
|
||||||
; /* merely annotated */
|
; /* merely annotated */
|
||||||
else if (verify_signed_buffer(buf, len, buf + len, size - len, &sig)) {
|
else if (verify_signed_buffer(buf, len, buf + len, size - len, &sig, NULL)) {
|
||||||
if (!sig.len)
|
if (!sig.len)
|
||||||
strbuf_addstr(&sig, "gpg verification failed.\n");
|
strbuf_addstr(&sig, "gpg verification failed.\n");
|
||||||
}
|
}
|
||||||
|
@ -29,7 +29,7 @@ static int run_gpg_verify(const char *buf, unsigned long size, int verbose)
|
|||||||
if (size == len)
|
if (size == len)
|
||||||
return error("no signature found");
|
return error("no signature found");
|
||||||
|
|
||||||
return verify_signed_buffer(buf, len, buf + len, size - len, NULL);
|
return verify_signed_buffer(buf, len, buf + len, size - len, NULL, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int verify_tag(const char *name, int verbose)
|
static int verify_tag(const char *name, int verbose)
|
||||||
|
@ -96,15 +96,18 @@ int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *sig
|
|||||||
/*
|
/*
|
||||||
* Run "gpg" to see if the payload matches the detached signature.
|
* Run "gpg" to see if the payload matches the detached signature.
|
||||||
* gpg_output, when set, receives the diagnostic output from GPG.
|
* gpg_output, when set, receives the diagnostic output from GPG.
|
||||||
|
* gpg_status, when set, receives the status output from GPG.
|
||||||
*/
|
*/
|
||||||
int verify_signed_buffer(const char *payload, size_t payload_size,
|
int verify_signed_buffer(const char *payload, size_t payload_size,
|
||||||
const char *signature, size_t signature_size,
|
const char *signature, size_t signature_size,
|
||||||
struct strbuf *gpg_output)
|
struct strbuf *gpg_output, struct strbuf *gpg_status)
|
||||||
{
|
{
|
||||||
struct child_process gpg;
|
struct child_process gpg;
|
||||||
const char *args_gpg[] = {NULL, "--verify", "FILE", "-", NULL};
|
const char *args_gpg[] = {NULL, "--status-fd=1", "--verify", "FILE", "-", NULL};
|
||||||
char path[PATH_MAX];
|
char path[PATH_MAX];
|
||||||
int fd, ret;
|
int fd, ret;
|
||||||
|
struct strbuf buf = STRBUF_INIT;
|
||||||
|
struct strbuf *pbuf = &buf;
|
||||||
|
|
||||||
args_gpg[0] = gpg_program;
|
args_gpg[0] = gpg_program;
|
||||||
fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX");
|
fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX");
|
||||||
@ -119,9 +122,10 @@ int verify_signed_buffer(const char *payload, size_t payload_size,
|
|||||||
memset(&gpg, 0, sizeof(gpg));
|
memset(&gpg, 0, sizeof(gpg));
|
||||||
gpg.argv = args_gpg;
|
gpg.argv = args_gpg;
|
||||||
gpg.in = -1;
|
gpg.in = -1;
|
||||||
|
gpg.out = -1;
|
||||||
if (gpg_output)
|
if (gpg_output)
|
||||||
gpg.err = -1;
|
gpg.err = -1;
|
||||||
args_gpg[2] = path;
|
args_gpg[3] = path;
|
||||||
if (start_command(&gpg)) {
|
if (start_command(&gpg)) {
|
||||||
unlink(path);
|
unlink(path);
|
||||||
return error(_("could not run gpg."));
|
return error(_("could not run gpg."));
|
||||||
@ -134,9 +138,17 @@ int verify_signed_buffer(const char *payload, size_t payload_size,
|
|||||||
strbuf_read(gpg_output, gpg.err, 0);
|
strbuf_read(gpg_output, gpg.err, 0);
|
||||||
close(gpg.err);
|
close(gpg.err);
|
||||||
}
|
}
|
||||||
|
if (gpg_status)
|
||||||
|
pbuf = gpg_status;
|
||||||
|
strbuf_read(pbuf, gpg.out, 0);
|
||||||
|
close(gpg.out);
|
||||||
|
|
||||||
ret = finish_command(&gpg);
|
ret = finish_command(&gpg);
|
||||||
|
|
||||||
unlink_or_warn(path);
|
unlink_or_warn(path);
|
||||||
|
|
||||||
|
ret |= !strstr(pbuf->buf, "\n[GNUPG:] GOODSIG ");
|
||||||
|
strbuf_release(&buf); /* no matter it was used or not */
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
#define GPG_INTERFACE_H
|
#define GPG_INTERFACE_H
|
||||||
|
|
||||||
extern int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key);
|
extern int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key);
|
||||||
extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output);
|
extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output, struct strbuf *gpg_status);
|
||||||
extern int git_gpg_config(const char *, const char *, void *);
|
extern int git_gpg_config(const char *, const char *, void *);
|
||||||
extern void set_signing_key(const char *);
|
extern void set_signing_key(const char *);
|
||||||
extern const char *get_signing_key(void);
|
extern const char *get_signing_key(void);
|
||||||
|
27
log-tree.c
27
log-tree.c
@ -444,7 +444,7 @@ static void show_signature(struct rev_info *opt, struct commit *commit)
|
|||||||
|
|
||||||
status = verify_signed_buffer(payload.buf, payload.len,
|
status = verify_signed_buffer(payload.buf, payload.len,
|
||||||
signature.buf, signature.len,
|
signature.buf, signature.len,
|
||||||
&gpg_output);
|
&gpg_output, NULL);
|
||||||
if (status && !gpg_output.len)
|
if (status && !gpg_output.len)
|
||||||
strbuf_addstr(&gpg_output, "No signature\n");
|
strbuf_addstr(&gpg_output, "No signature\n");
|
||||||
|
|
||||||
@ -508,20 +508,17 @@ static void show_one_mergetag(struct rev_info *opt,
|
|||||||
gpg_message_offset = verify_message.len;
|
gpg_message_offset = verify_message.len;
|
||||||
|
|
||||||
payload_size = parse_signature(extra->value, extra->len);
|
payload_size = parse_signature(extra->value, extra->len);
|
||||||
if ((extra->len <= payload_size) ||
|
status = -1;
|
||||||
(verify_signed_buffer(extra->value, payload_size,
|
if (extra->len > payload_size)
|
||||||
extra->value + payload_size,
|
if (verify_signed_buffer(extra->value, payload_size,
|
||||||
extra->len - payload_size,
|
extra->value + payload_size,
|
||||||
&verify_message) &&
|
extra->len - payload_size,
|
||||||
verify_message.len <= gpg_message_offset)) {
|
&verify_message, NULL)) {
|
||||||
strbuf_addstr(&verify_message, "No signature\n");
|
if (verify_message.len <= gpg_message_offset)
|
||||||
status = -1;
|
strbuf_addstr(&verify_message, "No signature\n");
|
||||||
}
|
else
|
||||||
else if (strstr(verify_message.buf + gpg_message_offset,
|
status = 0;
|
||||||
": Good signature from "))
|
}
|
||||||
status = 0;
|
|
||||||
else
|
|
||||||
status = -1;
|
|
||||||
|
|
||||||
show_sig_lines(opt, status, verify_message.buf);
|
show_sig_lines(opt, status, verify_message.buf);
|
||||||
strbuf_release(&verify_message);
|
strbuf_release(&verify_message);
|
||||||
|
19
pretty.c
19
pretty.c
@ -769,8 +769,10 @@ struct format_commit_context {
|
|||||||
unsigned commit_signature_parsed:1;
|
unsigned commit_signature_parsed:1;
|
||||||
struct {
|
struct {
|
||||||
char *gpg_output;
|
char *gpg_output;
|
||||||
|
char *gpg_status;
|
||||||
char good_bad;
|
char good_bad;
|
||||||
char *signer;
|
char *signer;
|
||||||
|
char *key;
|
||||||
} signature;
|
} signature;
|
||||||
char *message;
|
char *message;
|
||||||
size_t width, indent1, indent2;
|
size_t width, indent1, indent2;
|
||||||
@ -958,13 +960,13 @@ static struct {
|
|||||||
char result;
|
char result;
|
||||||
const char *check;
|
const char *check;
|
||||||
} signature_check[] = {
|
} signature_check[] = {
|
||||||
{ 'G', ": Good signature from " },
|
{ 'G', "\n[GNUPG:] GOODSIG " },
|
||||||
{ 'B', ": BAD signature from " },
|
{ 'B', "\n[GNUPG:] BADSIG " },
|
||||||
};
|
};
|
||||||
|
|
||||||
static void parse_signature_lines(struct format_commit_context *ctx)
|
static void parse_signature_lines(struct format_commit_context *ctx)
|
||||||
{
|
{
|
||||||
const char *buf = ctx->signature.gpg_output;
|
const char *buf = ctx->signature.gpg_status;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
for (i = 0; i < ARRAY_SIZE(signature_check); i++) {
|
for (i = 0; i < ARRAY_SIZE(signature_check); i++) {
|
||||||
@ -974,6 +976,8 @@ static void parse_signature_lines(struct format_commit_context *ctx)
|
|||||||
continue;
|
continue;
|
||||||
ctx->signature.good_bad = signature_check[i].result;
|
ctx->signature.good_bad = signature_check[i].result;
|
||||||
found += strlen(signature_check[i].check);
|
found += strlen(signature_check[i].check);
|
||||||
|
ctx->signature.key = xmemdupz(found, 16);
|
||||||
|
found += 17;
|
||||||
next = strchrnul(found, '\n');
|
next = strchrnul(found, '\n');
|
||||||
ctx->signature.signer = xmemdupz(found, next - found);
|
ctx->signature.signer = xmemdupz(found, next - found);
|
||||||
break;
|
break;
|
||||||
@ -985,6 +989,7 @@ static void parse_commit_signature(struct format_commit_context *ctx)
|
|||||||
struct strbuf payload = STRBUF_INIT;
|
struct strbuf payload = STRBUF_INIT;
|
||||||
struct strbuf signature = STRBUF_INIT;
|
struct strbuf signature = STRBUF_INIT;
|
||||||
struct strbuf gpg_output = STRBUF_INIT;
|
struct strbuf gpg_output = STRBUF_INIT;
|
||||||
|
struct strbuf gpg_status = STRBUF_INIT;
|
||||||
int status;
|
int status;
|
||||||
|
|
||||||
ctx->commit_signature_parsed = 1;
|
ctx->commit_signature_parsed = 1;
|
||||||
@ -994,13 +999,15 @@ static void parse_commit_signature(struct format_commit_context *ctx)
|
|||||||
goto out;
|
goto out;
|
||||||
status = verify_signed_buffer(payload.buf, payload.len,
|
status = verify_signed_buffer(payload.buf, payload.len,
|
||||||
signature.buf, signature.len,
|
signature.buf, signature.len,
|
||||||
&gpg_output);
|
&gpg_output, &gpg_status);
|
||||||
if (status && !gpg_output.len)
|
if (status && !gpg_output.len)
|
||||||
goto out;
|
goto out;
|
||||||
ctx->signature.gpg_output = strbuf_detach(&gpg_output, NULL);
|
ctx->signature.gpg_output = strbuf_detach(&gpg_output, NULL);
|
||||||
|
ctx->signature.gpg_status = strbuf_detach(&gpg_status, NULL);
|
||||||
parse_signature_lines(ctx);
|
parse_signature_lines(ctx);
|
||||||
|
|
||||||
out:
|
out:
|
||||||
|
strbuf_release(&gpg_status);
|
||||||
strbuf_release(&gpg_output);
|
strbuf_release(&gpg_output);
|
||||||
strbuf_release(&payload);
|
strbuf_release(&payload);
|
||||||
strbuf_release(&signature);
|
strbuf_release(&signature);
|
||||||
@ -1210,6 +1217,10 @@ static size_t format_commit_one(struct strbuf *sb, const char *placeholder,
|
|||||||
if (c->signature.signer)
|
if (c->signature.signer)
|
||||||
strbuf_addstr(sb, c->signature.signer);
|
strbuf_addstr(sb, c->signature.signer);
|
||||||
break;
|
break;
|
||||||
|
case 'K':
|
||||||
|
if (c->signature.key)
|
||||||
|
strbuf_addstr(sb, c->signature.key);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
return 2;
|
return 2;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user