summaryrefslogtreecommitdiff
path: root/builtin/push.c
diff options
context:
space:
mode:
authorDave Borowitz <dborowitz@google.com>2015-08-19 15:26:46 (GMT)
committerJunio C Hamano <gitster@pobox.com>2015-08-19 19:58:45 (GMT)
commit30261094b1f7fdcba3b7a1f396e43891cd998149 (patch)
tree1ad9cc07d3c3dc5fb1a07c878be7f9b0fe2d4dde /builtin/push.c
parent068c77a5189584de2a8d9c2ad29e2370159444ae (diff)
downloadgit-30261094b1f7fdcba3b7a1f396e43891cd998149.zip
git-30261094b1f7fdcba3b7a1f396e43891cd998149.tar.gz
git-30261094b1f7fdcba3b7a1f396e43891cd998149.tar.bz2
push: support signing pushes iff the server supports it
Add a new flag --sign=true (or --sign=false), which means the same thing as the original --signed (or --no-signed). Give it a third value --sign=if-asked to tell push and send-pack to send a push certificate if and only if the server advertised a push cert nonce. If not, warn the user that their push may not be as secure as they thought. Signed-off-by: Dave Borowitz <dborowitz@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'builtin/push.c')
-rw-r--r--builtin/push.c20
1 files changed, 19 insertions, 1 deletions
diff --git a/builtin/push.c b/builtin/push.c
index 57c138b..85a82cd 100644
--- a/builtin/push.c
+++ b/builtin/push.c
@@ -9,6 +9,7 @@
#include "transport.h"
#include "parse-options.h"
#include "submodule.h"
+#include "send-pack.h"
static const char * const push_usage[] = {
N_("git push [<options>] [<repository> [<refspec>...]]"),
@@ -495,6 +496,7 @@ int cmd_push(int argc, const char **argv, const char *prefix)
{
int flags = 0;
int tags = 0;
+ int push_cert = -1;
int rc;
const char *repo = NULL; /* default repository */
struct option options[] = {
@@ -526,7 +528,9 @@ int cmd_push(int argc, const char **argv, const char *prefix)
OPT_BIT(0, "no-verify", &flags, N_("bypass pre-push hook"), TRANSPORT_PUSH_NO_HOOK),
OPT_BIT(0, "follow-tags", &flags, N_("push missing but relevant tags"),
TRANSPORT_PUSH_FOLLOW_TAGS),
- OPT_BIT(0, "signed", &flags, N_("GPG sign the push"), TRANSPORT_PUSH_CERT),
+ { OPTION_CALLBACK,
+ 0, "signed", &push_cert, "yes|no|if-asked", N_("GPG sign the push"),
+ PARSE_OPT_OPTARG, option_parse_push_signed },
OPT_BIT(0, "atomic", &flags, N_("request atomic transaction on remote side"), TRANSPORT_PUSH_ATOMIC),
OPT_END()
};
@@ -548,6 +552,20 @@ int cmd_push(int argc, const char **argv, const char *prefix)
set_refspecs(argv + 1, argc - 1, repo);
}
+ switch (push_cert) {
+ case SEND_PACK_PUSH_CERT_NEVER:
+ flags &= ~(TRANSPORT_PUSH_CERT_ALWAYS | TRANSPORT_PUSH_CERT_IF_ASKED);
+ break;
+ case SEND_PACK_PUSH_CERT_ALWAYS:
+ flags |= TRANSPORT_PUSH_CERT_ALWAYS;
+ flags &= ~TRANSPORT_PUSH_CERT_IF_ASKED;
+ break;
+ case SEND_PACK_PUSH_CERT_IF_ASKED:
+ flags |= TRANSPORT_PUSH_CERT_IF_ASKED;
+ flags &= ~TRANSPORT_PUSH_CERT_ALWAYS;
+ break;
+ }
+
rc = do_push(repo, flags);
if (rc == -1)
usage_with_options(push_usage, options);