Merge branch 'hi/gpg-use-check-signature'

Hide lower-level verify_signed-buffer() API as a pure helper to implement the public check_signature() function, in order to encourage new callers to use the correct and more strict validation. * hi/gpg-use-check-signature: gpg-interface: prefer check_signature() for GPG verification
author: Junio C Hamano <gitster@pobox.com> 2019-12-10 22:11:45 +0100
committer: Junio C Hamano <gitster@pobox.com> 2019-12-10 22:11:45 +0100
commit: 930078ba3995216193a18cf67ddfdc198e892fd5 (patch)
tree: 79a75f9cf8a678f34701ddfd955d607b75641912 /builtin/fmt-merge-msg.c
parent: Merge branch 'bc/t9001-zsh-in-posix-emulation-mode' (diff)
parent: gpg-interface: prefer check_signature() for GPG verification (diff)
download: git-930078ba3995216193a18cf67ddfdc198e892fd5.tar.xz
git-930078ba3995216193a18cf67ddfdc198e892fd5.zip
1 files changed, 7 insertions, 4 deletions
diff --git a/builtin/fmt-merge-msg.c b/builtin/fmt-merge-msg.c
index 736f666f64..05a92c59d8 100644
--- a/builtin/fmt-merge-msg.c
+++ b/builtin/fmt-merge-msg.c
@@ -494,6 +494,7 @@ static void fmt_merge_msg_sigs(struct strbuf *out)
 		enum object_type type;
 		unsigned long size, len;
 		char *buf = read_object_file(oid, &type, &size);
+		struct signature_check sigc = { 0 };
 		struct strbuf sig = STRBUF_INIT;
 
 		if (!buf || type != OBJ_TAG)
@@ -502,10 +503,12 @@ static void fmt_merge_msg_sigs(struct strbuf *out)
 
 		if (size == len)
 			; /* merely annotated */
-		else if (verify_signed_buffer(buf, len, buf + len, size - len, &sig, NULL)) {
-			if (!sig.len)
-				strbuf_addstr(&sig, "gpg verification failed.\n");
-		}
+		else if (!check_signature(buf, len, buf + len, size - len,
+					  &sigc)) {
+			strbuf_addstr(&sig, sigc.gpg_output);
+			signature_check_clear(&sigc);
+		} else
+			strbuf_addstr(&sig, "gpg verification failed.\n");
 
 		if (!tag_number++) {
 			fmt_tag_signature(&tagbuf, &sig, buf, len);
author	Junio C Hamano <gitster@pobox.com>	2019-12-10 22:11:45 +0100
committer	Junio C Hamano <gitster@pobox.com>	2019-12-10 22:11:45 +0100
commit	930078ba3995216193a18cf67ddfdc198e892fd5 (patch)
tree	79a75f9cf8a678f34701ddfd955d607b75641912 /builtin/fmt-merge-msg.c
parent	Merge branch 'bc/t9001-zsh-in-posix-emulation-mode' (diff)
parent	gpg-interface: prefer check_signature() for GPG verification (diff)
download	git-930078ba3995216193a18cf67ddfdc198e892fd5.tar.xz git-930078ba3995216193a18cf67ddfdc198e892fd5.zip