mirrors/git
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

commit: ignore additional signatures when parsing signed commits

Browse Source 
When we create a commit with multiple signatures, neither of these
signatures includes the other.  Consequently, when we produce the
payload which has been signed so we can verify the commit, we must strip
off any other signatures, or the payload will differ from what was
signed.  Do so, and in preparation for verifying with multiple
algorithms, pass the algorithm we want to verify into
parse_signed_commit.

Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
brian m. carlson
2021-01-18 23:49:11 +00:00
committed by Junio C Hamano
parent 83dff3eb2e
commit 1fb5cf0da6
4 changed files with 79 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
log-tree.c
View File

@ -502,7 +502,7 @@ static void show_signature(struct rev_info *opt, struct commit *commit)
struct signature_check sigc = { 0 };
int status;
if (parse_signed_commit(commit, &payload, &signature) <= 0)
if (parse_signed_commit(commit, &payload, &signature, the_hash_algo) <= 0)
goto out;
status = check_signature(payload.buf, payload.len, signature.buf,