summaryrefslogtreecommitdiff
path: root/builtin/verify-tag.c
diff options
context:
space:
mode:
authorbrian m. carlson <sandals@crustytoothpaste.net>2015-06-21 23:14:40 (GMT)
committerJunio C Hamano <gitster@pobox.com>2015-06-22 21:20:46 (GMT)
commit434060ec6d9bf50f095db901da3fb9b557e11df1 (patch)
tree7a7dc99fb6b8e1e5eaa566ec4eb5e29ff807e8f2 /builtin/verify-tag.c
parent8e98e5f27aba812c0f095b7e546871e14a4139f6 (diff)
downloadgit-434060ec6d9bf50f095db901da3fb9b557e11df1.zip
git-434060ec6d9bf50f095db901da3fb9b557e11df1.tar.gz
git-434060ec6d9bf50f095db901da3fb9b557e11df1.tar.bz2
gpg: centralize signature check
verify-commit and verify-tag both share a central codepath for verifying commits: check_signature. However, verify-tag exited successfully for untrusted signature, while verify-commit exited unsuccessfully. Centralize this signature check and make verify-commit adopt the older verify-tag behavior. This behavior is more logical anyway, as the signature is in fact valid, whether or not there's a path of trust to the author. Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'builtin/verify-tag.c')
-rw-r--r--builtin/verify-tag.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/builtin/verify-tag.c b/builtin/verify-tag.c
index e1eb341..8750bef 100644
--- a/builtin/verify-tag.c
+++ b/builtin/verify-tag.c
@@ -22,6 +22,7 @@ static int run_gpg_verify(const char *buf, unsigned long size, int verbose)
{
struct signature_check sigc;
int len;
+ int ret;
memset(&sigc, 0, sizeof(sigc));
@@ -32,11 +33,11 @@ static int run_gpg_verify(const char *buf, unsigned long size, int verbose)
if (size == len)
return error("no signature found");
- check_signature(buf, len, buf + len, size - len, &sigc);
+ ret = check_signature(buf, len, buf + len, size - len, &sigc);
fputs(sigc.gpg_output, stderr);
signature_check_clear(&sigc);
- return sigc.result != 'G' && sigc.result != 'U';
+ return ret;
}
static int verify_tag(const char *name, int verbose)