[thirdparty/git.git] / builtin / verify-commit.c

/*
 * Builtin "git commit-commit"
 *
 * Copyright (c) 2014 Michael J Gruber <git@drmicha.warpmail.net>
 *
 * Based on git-verify-tag
 */
#include "cache.h"
#include "builtin.h"
#include "commit.h"
#include "run-command.h"
#include <signal.h>
#include "parse-options.h"
#include "gpg-interface.h"

static const char * const verify_commit_usage[] = {
		N_("git verify-commit [-v | --verbose] <commit>..."),
		NULL
};

static int run_gpg_verify(const unsigned char *sha1, const char *buf, unsigned long size, unsigned flags)
{
	struct signature_check signature_check;
	int ret;

	memset(&signature_check, 0, sizeof(signature_check));

	ret = check_commit_signature(lookup_commit(sha1), &signature_check);
	print_signature_buffer(&signature_check, flags);

	signature_check_clear(&signature_check);
	return ret;
}

static int verify_commit(const char *name, unsigned flags)
{
	enum object_type type;
	unsigned char sha1[20];
	char *buf;
	unsigned long size;
	int ret;

	if (get_sha1(name, sha1))
		return error("commit '%s' not found.", name);

	buf = read_sha1_file(sha1, &type, &size);
	if (!buf)
		return error("%s: unable to read file.", name);
	if (type != OBJ_COMMIT)
		return error("%s: cannot verify a non-commit object of type %s.",
				name, typename(type));

	ret = run_gpg_verify(sha1, buf, size, flags);

	free(buf);
	return ret;
}

static int git_verify_commit_config(const char *var, const char *value, void *cb)
{
	int status = git_gpg_config(var, value, cb);
	if (status)
		return status;
	return git_default_config(var, value, cb);
}

int cmd_verify_commit(int argc, const char **argv, const char *prefix)
{
	int i = 1, verbose = 0, had_error = 0;
	unsigned flags = 0;
	const struct option verify_commit_options[] = {
		OPT__VERBOSE(&verbose, N_("print commit contents")),
		OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), GPG_VERIFY_RAW),
		OPT_END()
	};

	git_config(git_verify_commit_config, NULL);

	argc = parse_options(argc, argv, prefix, verify_commit_options,
			     verify_commit_usage, PARSE_OPT_KEEP_ARGV0);
	if (argc <= i)
		usage_with_options(verify_commit_usage, verify_commit_options);

	if (verbose)
		flags |= GPG_VERIFY_VERBOSE;

	/* sometimes the program was terminated because this signal
	 * was received in the process of writing the gpg input: */
	signal(SIGPIPE, SIG_IGN);
	while (i < argc)
		if (verify_commit(argv[i++], flags))
			had_error = 1;
	return had_error;
}
Commit	Line	Data
d07b00b7 MG	1	/*
	2	* Builtin "git commit-commit"
	3	*
	4	* Copyright (c) 2014 Michael J Gruber <git@drmicha.warpmail.net>
	5	*
	6	* Based on git-verify-tag
	7	*/
	8	#include "cache.h"
	9	#include "builtin.h"
	10	#include "commit.h"
	11	#include "run-command.h"
	12	#include <signal.h>
	13	#include "parse-options.h"
	14	#include "gpg-interface.h"
	15
	16	static const char * const verify_commit_usage[] = {
9c9b4f2f	17	N_("git verify-commit [-v \| --verbose] <commit>..."),
d07b00b7 MG	18	NULL
	19	};
	20
aeff29dd	21	static int run_gpg_verify(const unsigned char sha1, const char buf, unsigned long size, unsigned flags)
d07b00b7 MG	22	{
d07b00b7 MG	23	struct signature_check signature_check;
434060ec	24	int ret;
d07b00b7 MG	25
	26	memset(&signature_check, 0, sizeof(signature_check));
	27
434060ec	28	ret = check_commit_signature(lookup_commit(sha1), &signature_check);
aeff29dd	29	print_signature_buffer(&signature_check, flags);
d07b00b7 MG	30
d07b00b7 MG	31	signature_check_clear(&signature_check);
434060ec	32	return ret;
d07b00b7 MG	33	}
d07b00b7 MG	34
aeff29dd	35	static int verify_commit(const char *name, unsigned flags)
d07b00b7 MG	36	{
	37	enum object_type type;
	38	unsigned char sha1[20];
	39	char *buf;
	40	unsigned long size;
	41	int ret;
	42
	43	if (get_sha1(name, sha1))
	44	return error("commit '%s' not found.", name);
	45
	46	buf = read_sha1_file(sha1, &type, &size);
	47	if (!buf)
	48	return error("%s: unable to read file.", name);
	49	if (type != OBJ_COMMIT)
	50	return error("%s: cannot verify a non-commit object of type %s.",
	51	name, typename(type));
	52
aeff29dd	53	ret = run_gpg_verify(sha1, buf, size, flags);
d07b00b7 MG	54
	55	free(buf);
	56	return ret;
	57	}
	58
	59	static int git_verify_commit_config(const char var, const char value, void *cb)
	60	{
	61	int status = git_gpg_config(var, value, cb);
	62	if (status)
	63	return status;
	64	return git_default_config(var, value, cb);
	65	}
	66
	67	int cmd_verify_commit(int argc, const char *argv, const char prefix)
	68	{
	69	int i = 1, verbose = 0, had_error = 0;
aeff29dd	70	unsigned flags = 0;
d07b00b7 MG	71	const struct option verify_commit_options[] = {
d07b00b7 MG	72	OPT__VERBOSE(&verbose, N_("print commit contents")),
aeff29dd	73	OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), GPG_VERIFY_RAW),
d07b00b7 MG	74	OPT_END()
	75	};
	76
	77	git_config(git_verify_commit_config, NULL);
	78
	79	argc = parse_options(argc, argv, prefix, verify_commit_options,
	80	verify_commit_usage, PARSE_OPT_KEEP_ARGV0);
	81	if (argc <= i)
	82	usage_with_options(verify_commit_usage, verify_commit_options);
	83
aeff29dd	84	if (verbose)
	85	flags \|= GPG_VERIFY_VERBOSE;
	86
d07b00b7 MG	87	/* sometimes the program was terminated because this signal
	88	* was received in the process of writing the gpg input: */
	89	signal(SIGPIPE, SIG_IGN);
	90	while (i < argc)
aeff29dd	91	if (verify_commit(argv[i++], flags))
d07b00b7 MG	92	had_error = 1;
	93	return had_error;
	94	}