summaryrefslogtreecommitdiff
path: root/log-tree.c
diff options
context:
space:
mode:
authorJunio C Hamano <gitster@pobox.com>2020-02-28 17:43:17 (GMT)
committerJunio C Hamano <gitster@pobox.com>2020-02-28 17:43:17 (GMT)
commit0106b1d4be166fd4f7bcf0b901d50940c9f539e2 (patch)
treeced58695d6c423f4ae0db505d095dbd3463fe592 /log-tree.c
parent72b006f4bfd30b7c5037c163efaf279ab65bea9c (diff)
downloadgit-0106b1d4be166fd4f7bcf0b901d50940c9f539e2.zip
git-0106b1d4be166fd4f7bcf0b901d50940c9f539e2.tar.gz
git-0106b1d4be166fd4f7bcf0b901d50940c9f539e2.tar.bz2
Revert "gpg-interface: prefer check_signature() for GPG verification"
This reverts commit 72b006f4bfd30b7c5037c163efaf279ab65bea9c, which breaks the end-user experience when merging a signed tag without having the public key. We should report "can't check because we have no public key", but the code with this change claimed that there was no signature.
Diffstat (limited to 'log-tree.c')
-rw-r--r--log-tree.c30
1 files changed, 14 insertions, 16 deletions
diff --git a/log-tree.c b/log-tree.c
index aa6b038..1e56df6 100644
--- a/log-tree.c
+++ b/log-tree.c
@@ -448,22 +448,22 @@ static void show_signature(struct rev_info *opt, struct commit *commit)
{
struct strbuf payload = STRBUF_INIT;
struct strbuf signature = STRBUF_INIT;
- struct signature_check sigc = { 0 };
+ struct strbuf gpg_output = STRBUF_INIT;
int status;
if (parse_signed_commit(commit, &payload, &signature) <= 0)
goto out;
- status = check_signature(payload.buf, payload.len, signature.buf,
- signature.len, &sigc);
- if (status && sigc.result == 'N')
- show_sig_lines(opt, status, "No signature\n");
- else {
- show_sig_lines(opt, status, sigc.gpg_output);
- signature_check_clear(&sigc);
- }
+ status = verify_signed_buffer(payload.buf, payload.len,
+ signature.buf, signature.len,
+ &gpg_output, NULL);
+ if (status && !gpg_output.len)
+ strbuf_addstr(&gpg_output, "No signature\n");
+
+ show_sig_lines(opt, status, gpg_output.buf);
out:
+ strbuf_release(&gpg_output);
strbuf_release(&payload);
strbuf_release(&signature);
}
@@ -496,7 +496,6 @@ static int show_one_mergetag(struct commit *commit,
struct object_id oid;
struct tag *tag;
struct strbuf verify_message;
- struct signature_check sigc = { 0 };
int status, nth;
size_t payload_size, gpg_message_offset;
@@ -525,13 +524,12 @@ static int show_one_mergetag(struct commit *commit,
status = -1;
if (extra->len > payload_size) {
/* could have a good signature */
- if (!check_signature(extra->value, payload_size,
- extra->value + payload_size,
- extra->len - payload_size, &sigc)) {
- strbuf_addstr(&verify_message, sigc.gpg_output);
- signature_check_clear(&sigc);
+ if (!verify_signed_buffer(extra->value, payload_size,
+ extra->value + payload_size,
+ extra->len - payload_size,
+ &verify_message, NULL))
status = 0; /* good */
- } else if (verify_message.len <= gpg_message_offset)
+ else if (verify_message.len <= gpg_message_offset)
strbuf_addstr(&verify_message, "No signature\n");
/* otherwise we couldn't verify, which is shown as bad */
}
generated by cgit v0.10.2-6-g49f6 at 2024-04-25 13:34:53 (GMT)