gpg-interface/gpgsm: fix for v2.3

Checking if signing was successful will now accept '[GNUPG]:
SIG_CREATED' on the beginning of the first or any subsequent line. Not
just explictly the second one anymore.

Gpgsm v2.3 changed its output when listing keys from `fingerprint` to
`sha1/2 fpr`. This leads to the gpgsm tests silently not being executed
because of a failed prerequisite.
Switch to gpg's `--with-colons` output format when evaluating test
prerequisites to make parsing more robust. This also allows us to
combine the existing grep/cut/tr/echo pipe for writing the trustlist.txt
into a single awk expression.

Adjust error message checking in test for v2.3 specific output changes.

Helped-By: Junio C Hamano <gitster@pobox.com>
Helped-By: Todd Zullinger <tmz@pobox.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/gpg-interface.c b/gpg-interface.c
index b52eb0e2e04b37c6868f7573d750b688a4ec0e68..4238e60dfaef733b23ef10780e30338e26069da5 100644 (file)
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -920,6 +920,7 @@ static int sign_buffer_gpg(struct strbuf *buffer, struct strbuf *signature,
        struct child_process gpg = CHILD_PROCESS_INIT;
        int ret;
        size_t bottom;
+       const char *cp;
        struct strbuf gpg_status = STRBUF_INIT;
 
        strvec_pushl(&gpg.args,
@@ -939,7 +940,13 @@ static int sign_buffer_gpg(struct strbuf *buffer, struct strbuf *signature,
                           signature, 1024, &gpg_status, 0);
        sigchain_pop(SIGPIPE);
 
-       ret |= !strstr(gpg_status.buf, "\n[GNUPG:] SIG_CREATED ");
+       for (cp = gpg_status.buf;
+            cp && (cp = strstr(cp, "[GNUPG:] SIG_CREATED "));
+            cp++) {
+               if (cp == gpg_status.buf || cp[-1] == '\n')
+                       break; /* found */
+       }
+       ret |= !cp;
        strbuf_release(&gpg_status);
        if (ret)
                return error(_("gpg failed to sign the data"));

diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh
index 3e7ee1386aa9fcb572652dc38768d099cdfc8368..6bc083ca77076149aaeddf4fc26e5ee256ca5c1e 100644 (file)
--- a/t/lib-gpg.sh
+++ b/t/lib-gpg.sh
@@ -72,12 +72,10 @@ test_lazy_prereq GPGSM '
                --passphrase-fd 0 --pinentry-mode loopback \
                --import "$TEST_DIRECTORY"/lib-gpg/gpgsm_cert.p12 &&
 
-       gpgsm --homedir "${GNUPGHOME}" -K |
-       grep fingerprint: |
-       cut -d" " -f4 |
-       tr -d "\\n" >"${GNUPGHOME}/trustlist.txt" &&
+       gpgsm --homedir "${GNUPGHOME}" -K --with-colons |
+       awk -F ":" "/^fpr:/ {printf \"%s S relax\\n\", \$10}" \
+               >"${GNUPGHOME}/trustlist.txt" &&
 
-       echo " S relax" >>"${GNUPGHOME}/trustlist.txt" &&
        echo hello | gpgsm --homedir "${GNUPGHOME}" >/dev/null \
               -u committer@example.com -o /dev/null --sign -
 '

diff --git a/t/t4202-log.sh b/t/t4202-log.sh
index 504955986197224ecc41c15e52fea98a021b9f00..6800afe5ef4657772df2dfeba27d8dc47ef002d5 100755 (executable)
--- a/t/t4202-log.sh
+++ b/t/t4202-log.sh
@@ -1931,7 +1931,8 @@ test_expect_success GPGSM 'log --graph --show-signature for merged tag x509 miss
        git merge --no-ff -m msg signed_tag_x509_nokey &&
        GNUPGHOME=. git log --graph --show-signature -n1 plain-x509-nokey >actual &&
        grep "^|\\\  merged tag" actual &&
-       grep "^| | gpgsm: certificate not found" actual
+       grep -e "^| | gpgsm: certificate not found" \
+            -e "^| | gpgsm: failed to find the certificate: Not found" actual
 '
 
 test_expect_success GPGSM 'log --graph --show-signature for merged tag x509 bad signature' '