verify-tag: move tag verification code to tag.c
The PGP verification routine for tags could be accessed by other modules that require to do so. Publish the verify_tag function in tag.c and rename it to gpg_verify_tag so it does not conflict with builtin/mktag's static function. Helped-by: Junio C Hamano <gitster@pobox.com> Signed-off-by: Santiago Torres <santiago@nyu.edu> Reviewed-by: Eric Sunshine <sunshine@sunshineco.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Santiago Torres
committed by
Junio C Hamano
Junio C Hamano
parent
78ccd44195
commit
45a227ef76
@ -18,59 +18,6 @@ static const char * const verify_tag_usage[] = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags)
|
|
||||||
{
|
|
||||||
struct signature_check sigc;
|
|
||||||
size_t payload_size;
|
|
||||||
int ret;
|
|
||||||
|
|
||||||
memset(&sigc, 0, sizeof(sigc));
|
|
||||||
|
|
||||||
payload_size = parse_signature(buf, size);
|
|
||||||
|
|
||||||
if (size == payload_size) {
|
|
||||||
if (flags & GPG_VERIFY_VERBOSE)
|
|
||||||
write_in_full(1, buf, payload_size);
|
|
||||||
return error("no signature found");
|
|
||||||
}
|
|
||||||
|
|
||||||
ret = check_signature(buf, payload_size, buf + payload_size,
|
|
||||||
size - payload_size, &sigc);
|
|
||||||
print_signature_buffer(&sigc, flags);
|
|
||||||
|
|
||||||
signature_check_clear(&sigc);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int verify_tag(const unsigned char *sha1, const char *name_to_report,
|
|
||||||
unsigned flags)
|
|
||||||
{
|
|
||||||
enum object_type type;
|
|
||||||
char *buf;
|
|
||||||
unsigned long size;
|
|
||||||
int ret;
|
|
||||||
|
|
||||||
type = sha1_object_info(sha1, NULL);
|
|
||||||
if (type != OBJ_TAG)
|
|
||||||
return error("%s: cannot verify a non-tag object of type %s.",
|
|
||||||
name_to_report ?
|
|
||||||
name_to_report :
|
|
||||||
find_unique_abbrev(sha1, DEFAULT_ABBREV),
|
|
||||||
typename(type));
|
|
||||||
|
|
||||||
buf = read_sha1_file(sha1, &type, &size);
|
|
||||||
if (!buf)
|
|
||||||
return error("%s: unable to read file.",
|
|
||||||
name_to_report ?
|
|
||||||
name_to_report :
|
|
||||||
find_unique_abbrev(sha1, DEFAULT_ABBREV));
|
|
||||||
|
|
||||||
ret = run_gpg_verify(buf, size, flags);
|
|
||||||
|
|
||||||
free(buf);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int git_verify_tag_config(const char *var, const char *value, void *cb)
|
static int git_verify_tag_config(const char *var, const char *value, void *cb)
|
||||||
{
|
{
|
||||||
int status = git_gpg_config(var, value, cb);
|
int status = git_gpg_config(var, value, cb);
|
||||||
@ -104,7 +51,7 @@ int cmd_verify_tag(int argc, const char **argv, const char *prefix)
|
|||||||
const char *name = argv[i++];
|
const char *name = argv[i++];
|
||||||
if (get_sha1(name, sha1))
|
if (get_sha1(name, sha1))
|
||||||
had_error = !!error("tag '%s' not found.", name);
|
had_error = !!error("tag '%s' not found.", name);
|
||||||
else if (verify_tag(sha1, name, flags))
|
else if (gpg_verify_tag(sha1, name, flags))
|
||||||
had_error = 1;
|
had_error = 1;
|
||||||
}
|
}
|
||||||
return had_error;
|
return had_error;
|
||||||
|
|||||||
53
tag.c
53
tag.c
@ -6,6 +6,59 @@
|
|||||||
|
|
||||||
const char *tag_type = "tag";
|
const char *tag_type = "tag";
|
||||||
|
|
||||||
|
static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags)
|
||||||
|
{
|
||||||
|
struct signature_check sigc;
|
||||||
|
size_t payload_size;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
memset(&sigc, 0, sizeof(sigc));
|
||||||
|
|
||||||
|
payload_size = parse_signature(buf, size);
|
||||||
|
|
||||||
|
if (size == payload_size) {
|
||||||
|
if (flags & GPG_VERIFY_VERBOSE)
|
||||||
|
write_in_full(1, buf, payload_size);
|
||||||
|
return error("no signature found");
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = check_signature(buf, payload_size, buf + payload_size,
|
||||||
|
size - payload_size, &sigc);
|
||||||
|
print_signature_buffer(&sigc, flags);
|
||||||
|
|
||||||
|
signature_check_clear(&sigc);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
int gpg_verify_tag(const unsigned char *sha1, const char *name_to_report,
|
||||||
|
unsigned flags)
|
||||||
|
{
|
||||||
|
enum object_type type;
|
||||||
|
char *buf;
|
||||||
|
unsigned long size;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
type = sha1_object_info(sha1, NULL);
|
||||||
|
if (type != OBJ_TAG)
|
||||||
|
return error("%s: cannot verify a non-tag object of type %s.",
|
||||||
|
name_to_report ?
|
||||||
|
name_to_report :
|
||||||
|
find_unique_abbrev(sha1, DEFAULT_ABBREV),
|
||||||
|
typename(type));
|
||||||
|
|
||||||
|
buf = read_sha1_file(sha1, &type, &size);
|
||||||
|
if (!buf)
|
||||||
|
return error("%s: unable to read file.",
|
||||||
|
name_to_report ?
|
||||||
|
name_to_report :
|
||||||
|
find_unique_abbrev(sha1, DEFAULT_ABBREV));
|
||||||
|
|
||||||
|
ret = run_gpg_verify(buf, size, flags);
|
||||||
|
|
||||||
|
free(buf);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
struct object *deref_tag(struct object *o, const char *warn, int warnlen)
|
struct object *deref_tag(struct object *o, const char *warn, int warnlen)
|
||||||
{
|
{
|
||||||
while (o && o->type == OBJ_TAG)
|
while (o && o->type == OBJ_TAG)
|
||||||
|
|||||||
2
tag.h
2
tag.h
@ -17,5 +17,7 @@ extern int parse_tag_buffer(struct tag *item, const void *data, unsigned long si
|
|||||||
extern int parse_tag(struct tag *item);
|
extern int parse_tag(struct tag *item);
|
||||||
extern struct object *deref_tag(struct object *, const char *, int);
|
extern struct object *deref_tag(struct object *, const char *, int);
|
||||||
extern struct object *deref_tag_noverify(struct object *);
|
extern struct object *deref_tag_noverify(struct object *);
|
||||||
|
extern int gpg_verify_tag(const unsigned char *sha1,
|
||||||
|
const char *name_to_report, unsigned flags);
|
||||||
|
|
||||||
#endif /* TAG_H */
|
#endif /* TAG_H */
|
||||||
|
|||||||
Reference in New Issue
Block a user