From: Junio C Hamano <gitster@pobox.com>
To: git@vger.kernel.org
Subject: [PATCH v3 3/3] log: --show-signature
Date: Tue, 18 Oct 2011 17:20:45 -0700 [thread overview]
Message-ID: <1318983645-18897-4-git-send-email-gitster@pobox.com> (raw)
In-Reply-To: <1318983645-18897-1-git-send-email-gitster@pobox.com>
This teaches the "log" family of commands to pass the GPG signature in the
commit objects to "gpg --verify" via the verify_signed_buffer() interface
used to verify signed tag objects. E.g.
$ git show --show-signature -s HEAD
would show GPG output in the header part of the output.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
* We may want to capture good/bad/untrusted signature information from
GPG and teach userformat to show that, but this code is not there yet.
commit.c | 34 ++++++++++++++++++++++++++++++++++
commit.h | 3 +++
log-tree.c | 17 +++++++++++++++++
revision.c | 2 ++
revision.h | 1 +
5 files changed, 57 insertions(+), 0 deletions(-)
diff --git a/commit.c b/commit.c
index 4bff3cd..93045a2 100644
--- a/commit.c
+++ b/commit.c
@@ -848,6 +848,40 @@ static int do_sign_commit(struct strbuf *buf, const char *keyid)
return 0;
}
+int parse_signed_commit(const unsigned char *sha1,
+ struct strbuf *payload, struct strbuf *signature)
+{
+ unsigned long size;
+ enum object_type type;
+ char *buffer = read_sha1_file(sha1, &type, &size);
+ int in_header, saw_signature = -1;
+ char *line;
+
+ if (!buffer || type != OBJ_COMMIT)
+ goto cleanup;
+
+ line = buffer;
+ in_header = 1;
+ saw_signature = 0;
+ while (*line) {
+ char *next = strchrnul(line, '\n');
+ if (*next)
+ next++;
+ if (in_header && !prefixcmp(line, gpg_sig_header)) {
+ const char *sig = line + gpg_sig_header_len;
+ strbuf_add(signature, sig, next - sig);
+ saw_signature = 1;
+ } else {
+ strbuf_add(payload, line, next - line);
+ }
+ if (*line == '\n')
+ in_header = 0;
+ line = next;
+ }
+ cleanup:
+ free(buffer);
+ return saw_signature;
+}
static const char commit_utf8_warn[] =
"Warning: commit message does not conform to UTF-8.\n"
diff --git a/commit.h b/commit.h
index 8c2419b..1885471 100644
--- a/commit.h
+++ b/commit.h
@@ -177,4 +177,7 @@ extern int commit_tree(const char *msg, unsigned char *tree,
struct commit_list *parents, unsigned char *ret,
const char *author, const char *sign_commit);
+extern int parse_signed_commit(const unsigned char *sha1,
+ struct strbuf *message, struct strbuf *signature);
+
#endif /* COMMIT_H */
diff --git a/log-tree.c b/log-tree.c
index 24c295e..749bb65 100644
--- a/log-tree.c
+++ b/log-tree.c
@@ -8,6 +8,7 @@
#include "refs.h"
#include "string-list.h"
#include "color.h"
+#include "gpg-interface.h"
struct decoration name_decoration = { "object names" };
@@ -395,6 +396,19 @@ void log_write_email_headers(struct rev_info *opt, struct commit *commit,
*extra_headers_p = extra_headers;
}
+static void show_signature(struct rev_info *opt, struct commit *commit)
+{
+ struct strbuf payload = STRBUF_INIT;
+ struct strbuf signature = STRBUF_INIT;
+
+ if (parse_signed_commit(commit->object.sha1, &payload, &signature) >= 0) {
+ verify_signed_buffer(payload.buf, payload.len,
+ signature.buf, signature.len, 0);
+ }
+ strbuf_release(&payload);
+ strbuf_release(&signature);
+}
+
void show_log(struct rev_info *opt)
{
struct strbuf msgbuf = STRBUF_INIT;
@@ -502,6 +516,9 @@ void show_log(struct rev_info *opt)
}
}
+ if (opt->show_signature)
+ show_signature(opt, commit);
+
if (!commit->buffer)
return;
diff --git a/revision.c b/revision.c
index c46cfaa..860a312 100644
--- a/revision.c
+++ b/revision.c
@@ -1381,6 +1381,8 @@ static int handle_revision_opt(struct rev_info *revs, int argc, const char **arg
revs->show_notes = 1;
revs->show_notes_given = 1;
revs->notes_opt.use_default_notes = 1;
+ } else if (!strcmp(arg, "--show-signature")) {
+ revs->show_signature = 1;
} else if (!prefixcmp(arg, "--show-notes=") ||
!prefixcmp(arg, "--notes=")) {
struct strbuf buf = STRBUF_INIT;
diff --git a/revision.h b/revision.h
index 3d64ada..198bb95 100644
--- a/revision.h
+++ b/revision.h
@@ -89,6 +89,7 @@ struct rev_info {
show_merge:1,
show_notes:1,
show_notes_given:1,
+ show_signature:1,
pretty_given:1,
abbrev_commit:1,
abbrev_commit_given:1,
--
1.7.7.388.g3a4b7
next prev parent reply other threads:[~2011-10-19 0:21 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-06 0:56 [PATCH] commit: teach --gpg-sign option Junio C Hamano
2011-10-06 15:50 ` Shawn Pearce
2011-10-06 17:11 ` Jonathan Nieder
2011-10-06 17:22 ` Matthieu Moy
2011-10-06 18:44 ` Michael J Gruber
2011-10-06 21:29 ` Junio C Hamano
2011-10-06 22:24 ` Robin H. Johnson
2011-10-07 8:40 ` Michael J Gruber
2011-10-07 11:18 ` Nguyen Thai Ngoc Duy
2011-10-09 16:32 ` Michael J Gruber
2011-10-09 22:57 ` Robin H. Johnson
2011-10-09 23:18 ` Junio C Hamano
2011-10-11 0:38 ` Robin H. Johnson
2011-10-09 20:00 ` Michael J Gruber
2011-10-09 21:22 ` Junio C Hamano
2011-10-10 6:33 ` Michael J Gruber
2011-10-10 16:35 ` Junio C Hamano
2011-10-09 22:27 ` Junio C Hamano
2011-10-10 6:33 ` Michael J Gruber
2011-10-10 16:45 ` Junio C Hamano
2011-10-11 6:39 ` Michael J Gruber
[not found] ` <CACBZZX6xsnAv4S8zAqi08bcqrghZ8nKdzFP=UNCqZOqrEeLFnA@mail.gmail.com>
2011-10-10 4:58 ` Junio C Hamano
2011-10-19 0:20 ` [PATCH v3 0/3] Signed-commit Junio C Hamano
2011-10-19 0:20 ` [PATCH v3 1/3] Split GPG interface into its own helper library Junio C Hamano
2011-10-19 0:20 ` [PATCH v3 2/3] commit: teach --gpg-sign option Junio C Hamano
2011-10-19 0:20 ` Junio C Hamano [this message]
2011-10-20 0:36 ` [PATCH v4 0/5] Signed-commit Junio C Hamano
2011-10-20 0:36 ` [PATCH v4 1/5] Split GPG interface into its own helper library Junio C Hamano
2011-10-20 0:37 ` [PATCH v4 2/5] commit: teach --gpg-sign option Junio C Hamano
2011-10-20 0:37 ` [PATCH v4 3/5] log: --show-signature Junio C Hamano
2011-10-20 0:37 ` [PATCH v4 4/5] t7004: extract generic "GPG testing" bits Junio C Hamano
2011-10-20 0:37 ` [PATCH v4 5/5] test "commit -S" and "log --show-signature" Junio C Hamano
2011-10-22 5:01 ` [PATCH 7/5] pretty: %G[?GS] placeholders Junio C Hamano
2011-10-22 10:47 ` Elia Pinto
2011-10-22 17:55 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1318983645-18897-4-git-send-email-gitster@pobox.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.