static int run_gpg_verify(const unsigned char *sha1, const char *buf, unsigned long size, int verbose)
{
struct signature_check signature_check;
+ int ret;
memset(&signature_check, 0, sizeof(signature_check));
- check_commit_signature(lookup_commit(sha1), &signature_check);
+ ret = check_commit_signature(lookup_commit(sha1), &signature_check);
if (verbose && signature_check.payload)
fputs(signature_check.payload, stdout);
fputs(signature_check.gpg_output, stderr);
signature_check_clear(&signature_check);
- return signature_check.result != 'G';
+ return ret;
}
static int verify_commit(const char *name, int verbose)
{
struct signature_check sigc;
int len;
+ int ret;
memset(&sigc, 0, sizeof(sigc));
if (size == len)
return error("no signature found");
- check_signature(buf, len, buf + len, size - len, &sigc);
+ ret = check_signature(buf, len, buf + len, size - len, &sigc);
fputs(sigc.gpg_output, stderr);
signature_check_clear(&sigc);
- return sigc.result != 'G' && sigc.result != 'U';
+ return ret;
}
static int verify_tag(const char *name, int verbose)
free(buf);
}
-void check_commit_signature(const struct commit *commit, struct signature_check *sigc)
+int check_commit_signature(const struct commit *commit, struct signature_check *sigc)
{
struct strbuf payload = STRBUF_INIT;
struct strbuf signature = STRBUF_INIT;
+ int ret = 1;
sigc->result = 'N';
if (parse_signed_commit(commit, &payload, &signature) <= 0)
goto out;
- check_signature(payload.buf, payload.len, signature.buf, signature.len, sigc);
+ ret = check_signature(payload.buf, payload.len, signature.buf,
+ signature.len, sigc);
out:
strbuf_release(&payload);
strbuf_release(&signature);
+
+ return ret;
}
* at all. This may allocate memory for sig->gpg_output, sig->gpg_status,
* sig->signer and sig->key.
*/
-extern void check_commit_signature(const struct commit *commit, struct signature_check *sigc);
+extern int check_commit_signature(const struct commit *commit, struct signature_check *sigc);
int compare_commits_by_commit_date(const void *a_, const void *b_, void *unused);
}
}
-void check_signature(const char *payload, size_t plen, const char *signature,
+int check_signature(const char *payload, size_t plen, const char *signature,
size_t slen, struct signature_check *sigc)
{
struct strbuf gpg_output = STRBUF_INIT;
out:
strbuf_release(&gpg_status);
strbuf_release(&gpg_output);
+
+ return sigc->result != 'G' && sigc->result != 'U';
}
/*
extern int git_gpg_config(const char *, const char *, void *);
extern void set_signing_key(const char *);
extern const char *get_signing_key(void);
-extern void check_signature(const char *payload, size_t plen,
+extern int check_signature(const char *payload, size_t plen,
const char *signature, size_t slen, struct signature_check *sigc);
#endif
)
'
-test_expect_failure GPG 'verify-commit exits success on untrusted signature' '
+test_expect_success GPG 'verify-commit exits success on untrusted signature' '
git verify-commit eighth-signed-alt 2>actual &&
grep "Good signature from" actual &&
! grep "BAD signature from" actual &&