]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Builtin "git commit-commit" | |
3 | * | |
4 | * Copyright (c) 2014 Michael J Gruber <git@drmicha.warpmail.net> | |
5 | * | |
6 | * Based on git-verify-tag | |
7 | */ | |
8 | #include "cache.h" | |
9 | #include "config.h" | |
10 | #include "builtin.h" | |
11 | #include "object-store.h" | |
12 | #include "repository.h" | |
13 | #include "commit.h" | |
14 | #include "run-command.h" | |
15 | #include <signal.h> | |
16 | #include "parse-options.h" | |
17 | #include "gpg-interface.h" | |
18 | ||
19 | static const char * const verify_commit_usage[] = { | |
20 | N_("git verify-commit [-v | --verbose] <commit>..."), | |
21 | NULL | |
22 | }; | |
23 | ||
24 | static int run_gpg_verify(const struct object_id *oid, const char *buf, unsigned long size, unsigned flags) | |
25 | { | |
26 | struct signature_check signature_check; | |
27 | int ret; | |
28 | ||
29 | memset(&signature_check, 0, sizeof(signature_check)); | |
30 | ||
31 | ret = check_commit_signature(lookup_commit(the_repository, oid), | |
32 | &signature_check); | |
33 | print_signature_buffer(&signature_check, flags); | |
34 | ||
35 | signature_check_clear(&signature_check); | |
36 | return ret; | |
37 | } | |
38 | ||
39 | static int verify_commit(const char *name, unsigned flags) | |
40 | { | |
41 | enum object_type type; | |
42 | struct object_id oid; | |
43 | char *buf; | |
44 | unsigned long size; | |
45 | int ret; | |
46 | ||
47 | if (get_oid(name, &oid)) | |
48 | return error("commit '%s' not found.", name); | |
49 | ||
50 | buf = read_object_file(&oid, &type, &size); | |
51 | if (!buf) | |
52 | return error("%s: unable to read file.", name); | |
53 | if (type != OBJ_COMMIT) | |
54 | return error("%s: cannot verify a non-commit object of type %s.", | |
55 | name, type_name(type)); | |
56 | ||
57 | ret = run_gpg_verify(&oid, buf, size, flags); | |
58 | ||
59 | free(buf); | |
60 | return ret; | |
61 | } | |
62 | ||
63 | static int git_verify_commit_config(const char *var, const char *value, void *cb) | |
64 | { | |
65 | int status = git_gpg_config(var, value, cb); | |
66 | if (status) | |
67 | return status; | |
68 | return git_default_config(var, value, cb); | |
69 | } | |
70 | ||
71 | int cmd_verify_commit(int argc, const char **argv, const char *prefix) | |
72 | { | |
73 | int i = 1, verbose = 0, had_error = 0; | |
74 | unsigned flags = 0; | |
75 | const struct option verify_commit_options[] = { | |
76 | OPT__VERBOSE(&verbose, N_("print commit contents")), | |
77 | OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), GPG_VERIFY_RAW), | |
78 | OPT_END() | |
79 | }; | |
80 | ||
81 | git_config(git_verify_commit_config, NULL); | |
82 | ||
83 | argc = parse_options(argc, argv, prefix, verify_commit_options, | |
84 | verify_commit_usage, PARSE_OPT_KEEP_ARGV0); | |
85 | if (argc <= i) | |
86 | usage_with_options(verify_commit_usage, verify_commit_options); | |
87 | ||
88 | if (verbose) | |
89 | flags |= GPG_VERIFY_VERBOSE; | |
90 | ||
91 | /* sometimes the program was terminated because this signal | |
92 | * was received in the process of writing the gpg input: */ | |
93 | signal(SIGPIPE, SIG_IGN); | |
94 | while (i < argc) | |
95 | if (verify_commit(argv[i++], flags)) | |
96 | had_error = 1; | |
97 | return had_error; | |
98 | } |