diff options
| author | brian m. carlson <sandals@crustytoothpaste.net> | 2015-06-21 23:14:40 (GMT) |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2015-06-22 21:20:46 (GMT) |
| commit | 434060ec6d9bf50f095db901da3fb9b557e11df1 (patch) | |
| tree | 7a7dc99fb6b8e1e5eaa566ec4eb5e29ff807e8f2 /gpg-interface.c | |
| parent | 8e98e5f27aba812c0f095b7e546871e14a4139f6 (diff) | |
| download | git-434060ec6d9bf50f095db901da3fb9b557e11df1.zip git-434060ec6d9bf50f095db901da3fb9b557e11df1.tar.gz git-434060ec6d9bf50f095db901da3fb9b557e11df1.tar.bz2 | |
gpg: centralize signature check
verify-commit and verify-tag both share a central codepath for verifying
commits: check_signature. However, verify-tag exited successfully for
untrusted signature, while verify-commit exited unsuccessfully.
Centralize this signature check and make verify-commit adopt the older
verify-tag behavior. This behavior is more logical anyway, as the
signature is in fact valid, whether or not there's a path of trust to
the author.
Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'gpg-interface.c')
| -rw-r--r-- | gpg-interface.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/gpg-interface.c b/gpg-interface.c index 66dbee2..77a4da6 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -60,7 +60,7 @@ void parse_gpg_output(struct signature_check *sigc) } } -void check_signature(const char *payload, size_t plen, const char *signature, +int check_signature(const char *payload, size_t plen, const char *signature, size_t slen, struct signature_check *sigc) { struct strbuf gpg_output = STRBUF_INIT; @@ -81,6 +81,8 @@ void check_signature(const char *payload, size_t plen, const char *signature, out: strbuf_release(&gpg_status); strbuf_release(&gpg_output); + + return sigc->result != 'G' && sigc->result != 'U'; } /* |