From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: Michael J Gruber <git@drmicha.warpmail.net>, git@vger.kernel.org
Subject: Re: [PATCH] log: correctly identify mergetag signature verification status
Date: Thu, 10 Jul 2014 15:27:14 -0700 [thread overview]
Message-ID: <xmqq7g3k7su5.fsf@gitster.dls.corp.google.com> (raw)
In-Reply-To: <20140628004458.GB13228@sigill.intra.peff.net> (Jeff King's message of "Fri, 27 Jun 2014 20:44:59 -0400")
Jeff King <peff@peff.net> writes:
> Perhaps it would be easier to read (and would have made the logic error
> you are fixing more obvious) as:
>
> if (extra->len > payload_size) {
> if (!verify_signed_buffer(...))
> status = 0; /* good; all other code paths leave it as -1 */
> else if (verify_message.len <= gpg_message_offset)
> strbuf_addstr(&verify_message, "No signature\n");
> }
>
> That is, for each conditional to check one more thing needed for a good
> signature, and then know that all other code paths leave status as -1.
Thanks. Let's do it this way, then.
log-tree.c | 21 +++++++++++----------
1 file changed, 11 insertions(+), 10 deletions(-)
diff --git a/log-tree.c b/log-tree.c
index 1982631..b4bbfe1 100644
--- a/log-tree.c
+++ b/log-tree.c
@@ -446,16 +446,17 @@ static void show_one_mergetag(struct rev_info *opt,
payload_size = parse_signature(extra->value, extra->len);
status = -1;
- if (extra->len > payload_size)
- if (verify_signed_buffer(extra->value, payload_size,
- extra->value + payload_size,
- extra->len - payload_size,
- &verify_message, NULL)) {
- if (verify_message.len <= gpg_message_offset)
- strbuf_addstr(&verify_message, "No signature\n");
- else
- status = 0;
- }
+ if (extra->len > payload_size) {
+ /* could have a good signature */
+ if (!verify_signed_buffer(extra->value, payload_size,
+ extra->value + payload_size,
+ extra->len - payload_size,
+ &verify_message, NULL))
+ status = 0; /* good */
+ else if (verify_message.len <= gpg_message_offset)
+ strbuf_addstr(&verify_message, "No signature\n");
+ /* otherwise we couldn't verify, which is shown as bad */
+ }
show_sig_lines(opt, status, verify_message.buf);
strbuf_release(&verify_message);
next prev parent reply other threads:[~2014-07-10 22:27 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-06 14:15 [PATCH 0/3] verify-commit: verify commit signatures Michael J Gruber
2014-06-06 14:15 ` [PATCH 1/3] pretty: free the gpg status buf Michael J Gruber
2014-06-06 14:15 ` [PATCH 2/3] gpg-interface: provide access to the payload Michael J Gruber
2014-06-13 7:55 ` Jeff King
2014-06-13 9:44 ` Michael J Gruber
2014-06-13 10:34 ` Jeff King
2014-06-06 14:15 ` [PATCH 3/3] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-11 19:48 ` Michael J Gruber
2014-06-13 8:02 ` Jeff King
2014-06-13 9:55 ` Michael J Gruber
2014-06-13 11:09 ` Jeff King
2014-06-13 17:06 ` Junio C Hamano
2014-06-16 9:21 ` Michael J Gruber
2014-06-16 19:54 ` Jeff King
2014-06-16 20:34 ` Junio C Hamano
2014-06-16 20:39 ` Jeff King
2014-06-27 12:31 ` Michael J Gruber
2014-06-27 12:49 ` Michael J Gruber
2014-06-27 13:06 ` Michael J Gruber
2014-06-27 13:18 ` [PATCH] log: correctly identify mergetag signature verification status Michael J Gruber
2014-06-28 0:44 ` Jeff King
2014-07-10 22:27 ` Junio C Hamano [this message]
2014-06-27 13:50 ` [PATCH 3/3] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-27 18:55 ` Junio C Hamano
2014-06-27 18:36 ` Junio C Hamano
2014-06-28 0:32 ` Jeff King
2014-06-30 6:14 ` Junio C Hamano
2014-06-13 10:42 ` [PATCHv2 0/6] verify-commit: verify commit signatures Michael J Gruber
2014-06-13 10:42 ` [PATCHv2 1/6] pretty: free the gpg status buf Michael J Gruber
2014-06-13 11:39 ` Jeff King
2014-06-13 10:42 ` [PATCHv2 2/6] gpg-interface: provide access to the payload Michael J Gruber
2014-06-13 10:42 ` [PATCHv2 3/6] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-13 11:19 ` Jeff King
2014-06-13 11:45 ` Michael J Gruber
2014-06-13 11:50 ` Jeff King
2014-06-13 12:12 ` Michael J Gruber
2014-06-13 10:42 ` [PATCHv2 4/6] t7510: exit for loop with test result Michael J Gruber
2014-06-13 11:46 ` Jeff King
2014-06-13 12:04 ` Michael J Gruber
2014-06-13 12:22 ` Michael J Gruber
2014-06-13 12:33 ` Michael J Gruber
2014-06-13 12:45 ` Jeff King
2014-06-13 12:54 ` Johannes Sixt
2014-06-13 13:06 ` Michael J Gruber
2014-06-13 13:21 ` Johannes Sixt
2014-06-13 13:30 ` Jeff King
2014-06-13 13:31 ` Michael J Gruber
2014-06-13 13:42 ` Johannes Sixt
2014-06-13 18:23 ` Junio C Hamano
2014-06-13 10:42 ` [PATCHv2 5/6] t7510: test verify-commit Michael J Gruber
2014-06-13 11:51 ` Jeff King
2014-06-13 12:14 ` Michael J Gruber
2014-06-13 18:16 ` Junio C Hamano
2014-06-13 10:42 ` [PATCHv2 6/6] gpg-interface: provide clear helper for struct signature_check Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 0/5] verify-commit: verify commit signatures Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 1/5] gpg-interface: provide clear helper for struct signature_check Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 2/5] gpg-interface: provide access to the payload Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 3/5] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 4/5] t7510: exit for loop with test result Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 5/5] t7510: test verify-commit Michael J Gruber
2014-06-23 23:02 ` Junio C Hamano
2014-06-23 17:28 ` [PATCHv3 0/5] verify-commit: verify commit signatures Jeff King
2014-06-23 17:52 ` Junio C Hamano
2014-06-23 21:09 ` Jeff King
2014-06-23 21:23 ` Junio C Hamano
2014-06-27 14:13 ` [PATCHv4 0/4] " Michael J Gruber
2014-06-27 14:13 ` [PATCHv4 1/4] gpg-interface: provide clear helper for struct signature_check Michael J Gruber
2014-06-27 14:13 ` [PATCHv4 2/4] gpg-interface: provide access to the payload Michael J Gruber
2014-06-27 14:13 ` [PATCHv4 3/4] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-27 14:13 ` [PATCHv4 4/4] t7510: test verify-commit Michael J Gruber
2014-06-27 19:32 ` Junio C Hamano
2014-06-27 20:26 ` Michael J Gruber
2014-06-27 19:07 ` [PATCHv4 0/4] verify-commit: verify commit signatures Junio C Hamano
2014-06-28 0:48 ` Jeff King
2014-06-28 0:49 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq7g3k7su5.fsf@gitster.dls.corp.google.com \
--to=gitster@pobox.com \
--cc=git@drmicha.warpmail.net \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.