summaryrefslogtreecommitdiff
path: root/log-tree.c
diff options
context:
space:
mode:
authorJunio C Hamano <gitster@pobox.com>2020-03-05 10:43:05 -0800
committerJunio C Hamano <gitster@pobox.com>2020-03-05 10:43:05 -0800
commite63cefb024895fcff4b692cad84cb33ac4c81dcc (patch)
tree75658b419b1a097b7bdce369262361323e6c8b7e /log-tree.c
parent5da7329e29db93a93099bfee2a81171392341ac8 (diff)
parent0106b1d4be166fd4f7bcf0b901d50940c9f539e2 (diff)
downloadgit-e63cefb024895fcff4b692cad84cb33ac4c81dcc.tar.gz
Merge branch 'hi/gpg-use-check-signature'
"git merge signed-tag" while lacking the public key started to say "No signature", which was utterly wrong. This regression has been reverted. * hi/gpg-use-check-signature: Revert "gpg-interface: prefer check_signature() for GPG verification"
Diffstat (limited to 'log-tree.c')
-rw-r--r--log-tree.c30
1 files changed, 14 insertions, 16 deletions
diff --git a/log-tree.c b/log-tree.c
index cae38dcc66..5425ae931f 100644
--- a/log-tree.c
+++ b/log-tree.c
@@ -449,22 +449,22 @@ static void show_signature(struct rev_info *opt, struct commit *commit)
{
struct strbuf payload = STRBUF_INIT;
struct strbuf signature = STRBUF_INIT;
- struct signature_check sigc = { 0 };
+ struct strbuf gpg_output = STRBUF_INIT;
int status;
if (parse_signed_commit(commit, &payload, &signature) <= 0)
goto out;
- status = check_signature(payload.buf, payload.len, signature.buf,
- signature.len, &sigc);
- if (status && sigc.result == 'N')
- show_sig_lines(opt, status, "No signature\n");
- else {
- show_sig_lines(opt, status, sigc.gpg_output);
- signature_check_clear(&sigc);
- }
+ status = verify_signed_buffer(payload.buf, payload.len,
+ signature.buf, signature.len,
+ &gpg_output, NULL);
+ if (status && !gpg_output.len)
+ strbuf_addstr(&gpg_output, "No signature\n");
+
+ show_sig_lines(opt, status, gpg_output.buf);
out:
+ strbuf_release(&gpg_output);
strbuf_release(&payload);
strbuf_release(&signature);
}
@@ -497,7 +497,6 @@ static int show_one_mergetag(struct commit *commit,
struct object_id oid;
struct tag *tag;
struct strbuf verify_message;
- struct signature_check sigc = { 0 };
int status, nth;
size_t payload_size, gpg_message_offset;
@@ -527,13 +526,12 @@ static int show_one_mergetag(struct commit *commit,
status = -1;
if (extra->len > payload_size) {
/* could have a good signature */
- if (!check_signature(extra->value, payload_size,
- extra->value + payload_size,
- extra->len - payload_size, &sigc)) {
- strbuf_addstr(&verify_message, sigc.gpg_output);
- signature_check_clear(&sigc);
+ if (!verify_signed_buffer(extra->value, payload_size,
+ extra->value + payload_size,
+ extra->len - payload_size,
+ &verify_message, NULL))
status = 0; /* good */
- } else if (verify_message.len <= gpg_message_offset)
+ else if (verify_message.len <= gpg_message_offset)
strbuf_addstr(&verify_message, "No signature\n");
/* otherwise we couldn't verify, which is shown as bad */
}