gpg-interface: use more status letters
According to gpg2's doc/DETAILS:
    For each signature only one of the codes GOODSIG, BADSIG,
    EXPSIG, EXPKEYSIG, REVKEYSIG or ERRSIG will be emitted.
gpg1 ("classic") behaves the same (although doc/DETAILS differs).
Currently, we parse gpg's status output for GOODSIG, BADSIG and
trust information and translate that into status codes G, B, U, N
for the %G?  format specifier.
git-verify-* returns success in the GOODSIG case only. This is
somewhat in disagreement with gpg, which considers the first 5 of
the 6 above as VALIDSIG, but we err on the very safe side.
Introduce additional status codes E, X, Y, R for ERRSIG, EXPSIG,
EXPKEYSIG, and REVKEYSIG so that a user of %G? gets more information
about the absence of a 'G' on first glance.
Requested-by: Alex <agrambot@gmail.com>
Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
			
			
This commit is contained in:
		 Michael J Gruber
					Michael J Gruber
				
			
				
					committed by
					
						 Junio C Hamano
						Junio C Hamano
					
				
			
			
				
	
			
			
			 Junio C Hamano
						Junio C Hamano
					
				
			
						parent
						
							21f862b498
						
					
				
				
					commit
					661a180681
				
			| @ -143,8 +143,14 @@ ifndef::git-rev-list[] | ||||
| - '%N': commit notes | ||||
| endif::git-rev-list[] | ||||
| - '%GG': raw verification message from GPG for a signed commit | ||||
| - '%G?': show "G" for a good (valid) signature, "B" for a bad signature, | ||||
|   "U" for a good signature with unknown validity and "N" for no signature | ||||
| - '%G?': show "G" for a good (valid) signature, | ||||
|   "B" for a bad signature, | ||||
|   "U" for a good signature with unknown validity, | ||||
|   "X" for a good signature that has expired, | ||||
|   "Y" for a good signature made by an expired key, | ||||
|   "R" for a good signature made by a revoked key, | ||||
|   "E" if the signature cannot be checked (e.g. missing key) | ||||
|   and "N" for no signature | ||||
| - '%GS': show the name of the signer for a signed commit | ||||
| - '%GK': show the key used to sign a signed commit | ||||
| - '%gD': reflog selector, e.g., `refs/stash@{1}` or | ||||
|  | ||||
| @ -33,6 +33,10 @@ static struct { | ||||
| 	{ 'B', "\n[GNUPG:] BADSIG " }, | ||||
| 	{ 'U', "\n[GNUPG:] TRUST_NEVER" }, | ||||
| 	{ 'U', "\n[GNUPG:] TRUST_UNDEFINED" }, | ||||
| 	{ 'E', "\n[GNUPG:] ERRSIG "}, | ||||
| 	{ 'X', "\n[GNUPG:] EXPSIG "}, | ||||
| 	{ 'Y', "\n[GNUPG:] EXPKEYSIG "}, | ||||
| 	{ 'R', "\n[GNUPG:] REVKEYSIG "}, | ||||
| }; | ||||
|  | ||||
| void parse_gpg_output(struct signature_check *sigc) | ||||
| @ -54,9 +58,12 @@ void parse_gpg_output(struct signature_check *sigc) | ||||
| 		/* The trust messages are not followed by key/signer information */ | ||||
| 		if (sigc->result != 'U') { | ||||
| 			sigc->key = xmemdupz(found, 16); | ||||
| 			found += 17; | ||||
| 			next = strchrnul(found, '\n'); | ||||
| 			sigc->signer = xmemdupz(found, next - found); | ||||
| 			/* The ERRSIG message is not followed by signer information */ | ||||
| 			if (sigc-> result != 'E') { | ||||
| 				found += 17; | ||||
| 				next = strchrnul(found, '\n'); | ||||
| 				sigc->signer = xmemdupz(found, next - found); | ||||
| 			} | ||||
| 		} | ||||
| 	} | ||||
| } | ||||
|  | ||||
							
								
								
									
										4
									
								
								pretty.c
									
									
									
									
									
								
							
							
						
						
									
										4
									
								
								pretty.c
									
									
									
									
									
								
							| @ -1232,8 +1232,12 @@ static size_t format_commit_one(struct strbuf *sb, /* in UTF-8 */ | ||||
| 			switch (c->signature_check.result) { | ||||
| 			case 'G': | ||||
| 			case 'B': | ||||
| 			case 'E': | ||||
| 			case 'U': | ||||
| 			case 'N': | ||||
| 			case 'X': | ||||
| 			case 'Y': | ||||
| 			case 'R': | ||||
| 				strbuf_addch(sb, c->signature_check.result); | ||||
| 			} | ||||
| 			break; | ||||
|  | ||||
| @ -2,6 +2,7 @@ | ||||
|  | ||||
| test_description='signed commit tests' | ||||
| . ./test-lib.sh | ||||
| GNUPGHOME_NOT_USED=$GNUPGHOME | ||||
| . "$TEST_DIRECTORY/lib-gpg.sh" | ||||
|  | ||||
| test_expect_success GPG 'create signed commits' ' | ||||
| @ -190,7 +191,7 @@ test_expect_success GPG 'show bad signature with custom format' ' | ||||
| 	test_cmp expect actual | ||||
| ' | ||||
|  | ||||
| test_expect_success GPG 'show unknown signature with custom format' ' | ||||
| test_expect_success GPG 'show untrusted signature with custom format' ' | ||||
| 	cat >expect <<-\EOF && | ||||
| 	U | ||||
| 	61092E85B7227189 | ||||
| @ -200,6 +201,16 @@ test_expect_success GPG 'show unknown signature with custom format' ' | ||||
| 	test_cmp expect actual | ||||
| ' | ||||
|  | ||||
| test_expect_success GPG 'show unknown signature with custom format' ' | ||||
| 	cat >expect <<-\EOF && | ||||
| 	E | ||||
| 	61092E85B7227189 | ||||
|  | ||||
| 	EOF | ||||
| 	GNUPGHOME="$GNUPGHOME_NOT_USED" git log -1 --format="%G?%n%GK%n%GS" eighth-signed-alt >actual && | ||||
| 	test_cmp expect actual | ||||
| ' | ||||
|  | ||||
| test_expect_success GPG 'show lack of signature with custom format' ' | ||||
| 	cat >expect <<-\EOF && | ||||
| 	N | ||||
|  | ||||
		Reference in New Issue
	
	Block a user