summaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
authorCarlos Rica <jasampler@gmail.com>2007-07-27 06:07:34 +0200
committerJunio C Hamano <gitster@pobox.com>2007-07-26 22:51:27 -0700
commit2ae68fcb785a617793813abcea19893e13e436b0 (patch)
tree0331683998a34e0ece52ba17c40e21703f3d79fe /contrib
parente317cfafd247b279055e9ee64a6a982043bd06e7 (diff)
downloadgit-2ae68fcb785a617793813abcea19893e13e436b0.tar.gz
Make verify-tag a builtin.
This replaces "git-verify-tag.sh" with "builtin-verify-tag.c". Testing relies on the "git tag -v" tests calling this command. A temporary file is needed when calling to gpg, because git is already creating detached signatures (gpg option -b) to sign tags (instead of leaving gpg to add the signature to the file by itself), and those signatures need to be supplied in a separate file to be verified by gpg. The program uses git_mkstemp to create that temporary file needed by gpg, instead of the previously used "$GIT_DIR/.tmp-vtag", in order to allow the command to be used in read-only repositories, and also prevent other instances of git to read or remove the same file. Signal SIGPIPE is ignored because the program sometimes was terminated because that signal when writing the input for gpg. The command now can receive many tag names to be verified. Documentation is also updated here to reflect this new behaviour. Signed-off-by: Carlos Rica <jasampler@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'contrib')
-rwxr-xr-xcontrib/examples/git-verify-tag.sh45
1 files changed, 45 insertions, 0 deletions
diff --git a/contrib/examples/git-verify-tag.sh b/contrib/examples/git-verify-tag.sh
new file mode 100755
index 0000000000..37b0023b27
--- /dev/null
+++ b/contrib/examples/git-verify-tag.sh
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+USAGE='<tag>'
+SUBDIRECTORY_OK='Yes'
+. git-sh-setup
+
+verbose=
+while case $# in 0) break;; esac
+do
+ case "$1" in
+ -v|--v|--ve|--ver|--verb|--verbo|--verbos|--verbose)
+ verbose=t ;;
+ *)
+ break ;;
+ esac
+ shift
+done
+
+if [ "$#" != "1" ]
+then
+ usage
+fi
+
+type="$(git cat-file -t "$1" 2>/dev/null)" ||
+ die "$1: no such object."
+
+test "$type" = tag ||
+ die "$1: cannot verify a non-tag object of type $type."
+
+case "$verbose" in
+t)
+ git cat-file -p "$1" |
+ sed -n -e '/^-----BEGIN PGP SIGNATURE-----/q' -e p
+ ;;
+esac
+
+trap 'rm -f "$GIT_DIR/.tmp-vtag"' 0
+
+git cat-file tag "$1" >"$GIT_DIR/.tmp-vtag" || exit 1
+sed -n -e '
+ /^-----BEGIN PGP SIGNATURE-----$/q
+ p
+' <"$GIT_DIR/.tmp-vtag" |
+gpg --verify "$GIT_DIR/.tmp-vtag" - || exit 1
+rm -f "$GIT_DIR/.tmp-vtag"