diff options
| author | Junio C Hamano <gitster@pobox.com> | 2018-11-18 10:23:54 +0100 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2018-11-18 10:23:54 +0100 |
| commit | 6d2035ee605980efa9915e10d35e7a355fc74077 (patch) | |
| tree | 5d33f09a10185d66398070e26bcaf864f55709bd /builtin/merge.c | |
| parent | Merge branch 'js/mingw-res-rebuild' (diff) | |
| parent | pull: handle --verify-signatures for unborn branch (diff) | |
| download | git-6d2035ee605980efa9915e10d35e7a355fc74077.tar.xz git-6d2035ee605980efa9915e10d35e7a355fc74077.zip | |
Merge branch 'jk/verify-sig-merge-into-void'
"git merge" and "git pull" that merges into an unborn branch used
to completely ignore "--verify-signatures", which has been
corrected.
* jk/verify-sig-merge-into-void:
pull: handle --verify-signatures for unborn branch
merge: handle --verify-signatures for unborn branch
merge: extract verify_merge_signature() helper
Diffstat (limited to 'builtin/merge.c')
| -rw-r--r-- | builtin/merge.c | 30 |
1 files changed, 5 insertions, 25 deletions
diff --git a/builtin/merge.c b/builtin/merge.c index adb0402e84..c3c976d471 100644 --- a/builtin/merge.c +++ b/builtin/merge.c @@ -1337,6 +1337,10 @@ int cmd_merge(int argc, const char **argv, const char *prefix) die(_("%s - not something we can merge"), argv[0]); if (remoteheads->next) die(_("Can merge only exactly one commit into empty head")); + + if (verify_signatures) + verify_merge_signature(remoteheads->item, verbosity); + remote_head_oid = &remoteheads->item->object.oid; read_empty(remote_head_oid, 0); update_ref("initial pull", "HEAD", remote_head_oid, NULL, 0, @@ -1358,31 +1362,7 @@ int cmd_merge(int argc, const char **argv, const char *prefix) if (verify_signatures) { for (p = remoteheads; p; p = p->next) { - struct commit *commit = p->item; - char hex[GIT_MAX_HEXSZ + 1]; - struct signature_check signature_check; - memset(&signature_check, 0, sizeof(signature_check)); - - check_commit_signature(commit, &signature_check); - - find_unique_abbrev_r(hex, &commit->object.oid, DEFAULT_ABBREV); - switch (signature_check.result) { - case 'G': - break; - case 'U': - die(_("Commit %s has an untrusted GPG signature, " - "allegedly by %s."), hex, signature_check.signer); - case 'B': - die(_("Commit %s has a bad GPG signature " - "allegedly by %s."), hex, signature_check.signer); - default: /* 'N' */ - die(_("Commit %s does not have a GPG signature."), hex); - } - if (verbosity >= 0 && signature_check.result == 'G') - printf(_("Commit %s has a good GPG signature by %s\n"), - hex, signature_check.signer); - - signature_check_clear(&signature_check); + verify_merge_signature(p->item, verbosity); } } |