]>
Commit | Line | Data |
---|---|---|
d07b00b7 MG |
1 | /* |
2 | * Builtin "git commit-commit" | |
3 | * | |
4 | * Copyright (c) 2014 Michael J Gruber <git@drmicha.warpmail.net> | |
5 | * | |
6 | * Based on git-verify-tag | |
7 | */ | |
8 | #include "cache.h" | |
9 | #include "builtin.h" | |
10 | #include "commit.h" | |
11 | #include "run-command.h" | |
12 | #include <signal.h> | |
13 | #include "parse-options.h" | |
14 | #include "gpg-interface.h" | |
15 | ||
16 | static const char * const verify_commit_usage[] = { | |
9c9b4f2f | 17 | N_("git verify-commit [-v | --verbose] <commit>..."), |
d07b00b7 MG |
18 | NULL |
19 | }; | |
20 | ||
aeff29dd | 21 | static int run_gpg_verify(const unsigned char *sha1, const char *buf, unsigned long size, unsigned flags) |
d07b00b7 MG |
22 | { |
23 | struct signature_check signature_check; | |
434060ec | 24 | int ret; |
d07b00b7 MG |
25 | |
26 | memset(&signature_check, 0, sizeof(signature_check)); | |
27 | ||
434060ec | 28 | ret = check_commit_signature(lookup_commit(sha1), &signature_check); |
aeff29dd | 29 | print_signature_buffer(&signature_check, flags); |
d07b00b7 MG |
30 | |
31 | signature_check_clear(&signature_check); | |
434060ec | 32 | return ret; |
d07b00b7 MG |
33 | } |
34 | ||
aeff29dd | 35 | static int verify_commit(const char *name, unsigned flags) |
d07b00b7 MG |
36 | { |
37 | enum object_type type; | |
38 | unsigned char sha1[20]; | |
39 | char *buf; | |
40 | unsigned long size; | |
41 | int ret; | |
42 | ||
43 | if (get_sha1(name, sha1)) | |
44 | return error("commit '%s' not found.", name); | |
45 | ||
46 | buf = read_sha1_file(sha1, &type, &size); | |
47 | if (!buf) | |
48 | return error("%s: unable to read file.", name); | |
49 | if (type != OBJ_COMMIT) | |
50 | return error("%s: cannot verify a non-commit object of type %s.", | |
51 | name, typename(type)); | |
52 | ||
aeff29dd | 53 | ret = run_gpg_verify(sha1, buf, size, flags); |
d07b00b7 MG |
54 | |
55 | free(buf); | |
56 | return ret; | |
57 | } | |
58 | ||
59 | static int git_verify_commit_config(const char *var, const char *value, void *cb) | |
60 | { | |
61 | int status = git_gpg_config(var, value, cb); | |
62 | if (status) | |
63 | return status; | |
64 | return git_default_config(var, value, cb); | |
65 | } | |
66 | ||
67 | int cmd_verify_commit(int argc, const char **argv, const char *prefix) | |
68 | { | |
69 | int i = 1, verbose = 0, had_error = 0; | |
aeff29dd | 70 | unsigned flags = 0; |
d07b00b7 MG |
71 | const struct option verify_commit_options[] = { |
72 | OPT__VERBOSE(&verbose, N_("print commit contents")), | |
aeff29dd | 73 | OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), GPG_VERIFY_RAW), |
d07b00b7 MG |
74 | OPT_END() |
75 | }; | |
76 | ||
77 | git_config(git_verify_commit_config, NULL); | |
78 | ||
79 | argc = parse_options(argc, argv, prefix, verify_commit_options, | |
80 | verify_commit_usage, PARSE_OPT_KEEP_ARGV0); | |
81 | if (argc <= i) | |
82 | usage_with_options(verify_commit_usage, verify_commit_options); | |
83 | ||
aeff29dd | 84 | if (verbose) |
85 | flags |= GPG_VERIFY_VERBOSE; | |
86 | ||
d07b00b7 MG |
87 | /* sometimes the program was terminated because this signal |
88 | * was received in the process of writing the gpg input: */ | |
89 | signal(SIGPIPE, SIG_IGN); | |
90 | while (i < argc) | |
aeff29dd | 91 | if (verify_commit(argv[i++], flags)) |
d07b00b7 MG |
92 | had_error = 1; |
93 | return had_error; | |
94 | } |