[thirdparty/git.git] / builtin / verify-commit.c

/*
 * Builtin "git commit-commit"
 *
 * Copyright (c) 2014 Michael J Gruber <git@drmicha.warpmail.net>
 *
 * Based on git-verify-tag
 */
#include "cache.h"
#include "config.h"
#include "builtin.h"
#include "object-store.h"
#include "commit.h"
#include "run-command.h"
#include <signal.h>
#include "parse-options.h"
#include "gpg-interface.h"

static const char * const verify_commit_usage[] = {
		N_("git verify-commit [-v | --verbose] <commit>..."),
		NULL
};

static int run_gpg_verify(const struct object_id *oid, const char *buf, unsigned long size, unsigned flags)
{
	struct signature_check signature_check;
	int ret;

	memset(&signature_check, 0, sizeof(signature_check));

	ret = check_commit_signature(lookup_commit(oid), &signature_check);
	print_signature_buffer(&signature_check, flags);

	signature_check_clear(&signature_check);
	return ret;
}

static int verify_commit(const char *name, unsigned flags)
{
	enum object_type type;
	struct object_id oid;
	char *buf;
	unsigned long size;
	int ret;

	if (get_oid(name, &oid))
		return error("commit '%s' not found.", name);

	buf = read_object_file(&oid, &type, &size);
	if (!buf)
		return error("%s: unable to read file.", name);
	if (type != OBJ_COMMIT)
		return error("%s: cannot verify a non-commit object of type %s.",
				name, type_name(type));

	ret = run_gpg_verify(&oid, buf, size, flags);

	free(buf);
	return ret;
}

static int git_verify_commit_config(const char *var, const char *value, void *cb)
{
	int status = git_gpg_config(var, value, cb);
	if (status)
		return status;
	return git_default_config(var, value, cb);
}

int cmd_verify_commit(int argc, const char **argv, const char *prefix)
{
	int i = 1, verbose = 0, had_error = 0;
	unsigned flags = 0;
	const struct option verify_commit_options[] = {
		OPT__VERBOSE(&verbose, N_("print commit contents")),
		OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), GPG_VERIFY_RAW),
		OPT_END()
	};

	git_config(git_verify_commit_config, NULL);

	argc = parse_options(argc, argv, prefix, verify_commit_options,
			     verify_commit_usage, PARSE_OPT_KEEP_ARGV0);
	if (argc <= i)
		usage_with_options(verify_commit_usage, verify_commit_options);

	if (verbose)
		flags |= GPG_VERIFY_VERBOSE;

	/* sometimes the program was terminated because this signal
	 * was received in the process of writing the gpg input: */
	signal(SIGPIPE, SIG_IGN);
	while (i < argc)
		if (verify_commit(argv[i++], flags))
			had_error = 1;
	return had_error;
}
Commit	Line	Data
d07b00b7 MG	1	/*
	2	* Builtin "git commit-commit"
	3	*
	4	* Copyright (c) 2014 Michael J Gruber <git@drmicha.warpmail.net>
	5	*
	6	* Based on git-verify-tag
	7	*/
	8	#include "cache.h"
b2141fc1	9	#include "config.h"
d07b00b7	10	#include "builtin.h"
cbd53a21	11	#include "object-store.h"
d07b00b7 MG	12	#include "commit.h"
	13	#include "run-command.h"
	14	#include <signal.h>
	15	#include "parse-options.h"
	16	#include "gpg-interface.h"
	17
	18	static const char * const verify_commit_usage[] = {
9c9b4f2f	19	N_("git verify-commit [-v \| --verbose] <commit>..."),
d07b00b7 MG	20	NULL
	21	};
	22
eee886cf	23	static int run_gpg_verify(const struct object_id oid, const char buf, unsigned long size, unsigned flags)
d07b00b7 MG	24	{
d07b00b7 MG	25	struct signature_check signature_check;
434060ec	26	int ret;
d07b00b7 MG	27
	28	memset(&signature_check, 0, sizeof(signature_check));
	29
bc83266a	30	ret = check_commit_signature(lookup_commit(oid), &signature_check);
aeff29dd	31	print_signature_buffer(&signature_check, flags);
d07b00b7 MG	32
d07b00b7 MG	33	signature_check_clear(&signature_check);
434060ec	34	return ret;
d07b00b7 MG	35	}
d07b00b7 MG	36
aeff29dd	37	static int verify_commit(const char *name, unsigned flags)
d07b00b7 MG	38	{
d07b00b7 MG	39	enum object_type type;
eee886cf	40	struct object_id oid;
d07b00b7 MG	41	char *buf;
	42	unsigned long size;
	43	int ret;
	44
eee886cf	45	if (get_oid(name, &oid))
d07b00b7 MG	46	return error("commit '%s' not found.", name);
d07b00b7 MG	47
b4f5aca4	48	buf = read_object_file(&oid, &type, &size);
d07b00b7 MG	49	if (!buf)
	50	return error("%s: unable to read file.", name);
	51	if (type != OBJ_COMMIT)
	52	return error("%s: cannot verify a non-commit object of type %s.",
debca9d2	53	name, type_name(type));
d07b00b7	54
eee886cf	55	ret = run_gpg_verify(&oid, buf, size, flags);
d07b00b7 MG	56
	57	free(buf);
	58	return ret;
	59	}
	60
	61	static int git_verify_commit_config(const char var, const char value, void *cb)
	62	{
	63	int status = git_gpg_config(var, value, cb);
	64	if (status)
	65	return status;
	66	return git_default_config(var, value, cb);
	67	}
	68
	69	int cmd_verify_commit(int argc, const char *argv, const char prefix)
	70	{
	71	int i = 1, verbose = 0, had_error = 0;
aeff29dd	72	unsigned flags = 0;
d07b00b7 MG	73	const struct option verify_commit_options[] = {
d07b00b7 MG	74	OPT__VERBOSE(&verbose, N_("print commit contents")),
aeff29dd	75	OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), GPG_VERIFY_RAW),
d07b00b7 MG	76	OPT_END()
	77	};
	78
	79	git_config(git_verify_commit_config, NULL);
	80
	81	argc = parse_options(argc, argv, prefix, verify_commit_options,
	82	verify_commit_usage, PARSE_OPT_KEEP_ARGV0);
	83	if (argc <= i)
	84	usage_with_options(verify_commit_usage, verify_commit_options);
	85
aeff29dd	86	if (verbose)
	87	flags \|= GPG_VERIFY_VERBOSE;
	88
d07b00b7 MG	89	/* sometimes the program was terminated because this signal
	90	* was received in the process of writing the gpg input: */
	91	signal(SIGPIPE, SIG_IGN);
	92	while (i < argc)
aeff29dd	93	if (verify_commit(argv[i++], flags))
d07b00b7 MG	94	had_error = 1;
	95	return had_error;
	96	}