Merge branch 'bc/signed-objects-with-both-hashes'

Signed commits and tags now allow verification of objects, whose two object names (one in SHA-1, the other in SHA-256) are both signed. * bc/signed-objects-with-both-hashes: gpg-interface: remove other signature headers before verifying ref-filter: hoist signature parsing commit: allow parsing arbitrary buffers with headers gpg-interface: improve interface for parsing tags commit: ignore additional signatures when parsing signed commits ref-filter: switch some uses of unsigned long to size_t
author: Junio C Hamano <gitster@pobox.com> 2021-02-23 00:12:42 (GMT)
committer: Junio C Hamano <gitster@pobox.com> 2021-02-23 00:12:42 (GMT)
commit: 15af6e6fee54632358798bef548d89dd3764805d (patch)
tree: f4464996780c0c94bd0901bab9e161b9679fe05f /fmt-merge-msg.c
parent: b9554c03a0a8147109608b94feb32837a6e6a145 (diff)
parent: 9b27b49240f6bf760ff58d917491bec0981aaf9f (diff)
download: git-15af6e6fee54632358798bef548d89dd3764805d.zip
git-15af6e6fee54632358798bef548d89dd3764805d.tar.gz
git-15af6e6fee54632358798bef548d89dd3764805d.tar.bz2
1 files changed, 18 insertions, 11 deletions
diff --git a/fmt-merge-msg.c b/fmt-merge-msg.c
index 46f6015..1e51492 100644
--- a/fmt-merge-msg.c
+++ b/fmt-merge-msg.c
@@ -510,22 +510,28 @@ static void fmt_merge_msg_sigs(struct strbuf *out)
 	for (i = 0; i < origins.nr; i++) {
 		struct object_id *oid = origins.items[i].util;
 		enum object_type type;
-		unsigned long size, len;
+		unsigned long size;
 		char *buf = read_object_file(oid, &type, &size);
+		char *origbuf = buf;
+		unsigned long len = size;
 		struct signature_check sigc = { NULL };
-		struct strbuf sig = STRBUF_INIT;
+		struct strbuf payload = STRBUF_INIT, sig = STRBUF_INIT;
 
 		if (!buf || type != OBJ_TAG)
 			goto next;
-		len = parse_signature(buf, size);
 
-		if (size == len)
-			; /* merely annotated */
-		else if (check_signature(buf, len, buf + len, size - len, &sigc) &&
-			!sigc.gpg_output)
-			strbuf_addstr(&sig, "gpg verification failed.\n");
-		else
-			strbuf_addstr(&sig, sigc.gpg_output);
+		if (!parse_signature(buf, size, &payload, &sig))
+			;/* merely annotated */
+		else {
+			buf = payload.buf;
+			len = payload.len;
+			if (check_signature(payload.buf, payload.len, sig.buf,
+					 sig.len, &sigc) &&
+				!sigc.gpg_output)
+				strbuf_addstr(&sig, "gpg verification failed.\n");
+			else
+				strbuf_addstr(&sig, sigc.gpg_output);
+		}
 		signature_check_clear(&sigc);
 
 		if (!tag_number++) {
@@ -548,9 +554,10 @@ static void fmt_merge_msg_sigs(struct strbuf *out)
 					strlen(origins.items[i].string));
 			fmt_tag_signature(&tagbuf, &sig, buf, len);
 		}
+		strbuf_release(&payload);
 		strbuf_release(&sig);
 	next:
-		free(buf);
+		free(origbuf);
 	}
 	if (tagbuf.len) {
 		strbuf_addch(out, '\n');
author	Junio C Hamano <gitster@pobox.com>	2021-02-23 00:12:42 (GMT)
committer	Junio C Hamano <gitster@pobox.com>	2021-02-23 00:12:42 (GMT)
commit	15af6e6fee54632358798bef548d89dd3764805d (patch)
tree	f4464996780c0c94bd0901bab9e161b9679fe05f /fmt-merge-msg.c
parent	b9554c03a0a8147109608b94feb32837a6e6a145 (diff)
parent	9b27b49240f6bf760ff58d917491bec0981aaf9f (diff)
download	git-15af6e6fee54632358798bef548d89dd3764805d.zip git-15af6e6fee54632358798bef548d89dd3764805d.tar.gz git-15af6e6fee54632358798bef548d89dd3764805d.tar.bz2