From: Junio C Hamano <gitster@pobox.com>
To: git@vger.kernel.org
Subject: [PATCH v3 15/17] log: --show-signature
Date: Tue, 8 Nov 2011 17:02:01 -0800 [thread overview]
Message-ID: <1320800523-5407-16-git-send-email-gitster@pobox.com> (raw)
In-Reply-To: <1320800523-5407-1-git-send-email-gitster@pobox.com>
This teaches the "log" family of commands to pass the GPG signature in the
commit objects to "gpg --verify" via the verify_signed_buffer() interface
used to verify signed tag objects. E.g.
$ git show --show-signature -s HEAD
shows GPG output in the header part of the output.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
commit.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
commit.h | 2 ++
log-tree.c | 39 +++++++++++++++++++++++++++++++++++++++
revision.c | 2 ++
revision.h | 1 +
5 files changed, 88 insertions(+), 0 deletions(-)
diff --git a/commit.c b/commit.c
index a5c53b3..7fb1830 100644
--- a/commit.c
+++ b/commit.c
@@ -877,6 +877,50 @@ static int do_sign_commit(struct strbuf *buf, const char *keyid)
return 0;
}
+int parse_signed_commit(const unsigned char *sha1,
+ struct strbuf *payload, struct strbuf *signature)
+{
+ unsigned long size;
+ enum object_type type;
+ char *buffer = read_sha1_file(sha1, &type, &size);
+ int in_signature, saw_signature = -1;
+ char *line, *tail;
+
+ if (!buffer || type != OBJ_COMMIT)
+ goto cleanup;
+
+ line = buffer;
+ tail = buffer + size;
+ in_signature = 0;
+ saw_signature = 0;
+ while (line < tail) {
+ const char *sig = NULL;
+ char *next = memchr(line, '\n', tail - line);
+
+ next = next ? next + 1 : tail;
+ if (in_signature && line[0] == ' ')
+ sig = line + 1;
+ else if (!prefixcmp(line, gpg_sig_header) &&
+ line[gpg_sig_header_len] == ' ')
+ sig = line + gpg_sig_header_len + 1;
+ if (sig) {
+ strbuf_add(signature, sig, next - sig);
+ saw_signature = 1;
+ in_signature = 1;
+ } else {
+ if (*line == '\n')
+ /* dump the whole remainder of the buffer */
+ next = tail;
+ strbuf_add(payload, line, next - line);
+ in_signature = 0;
+ }
+ line = next;
+ }
+ cleanup:
+ free(buffer);
+ return saw_signature;
+}
+
static void handle_signed_tag(struct commit *parent, struct commit_extra_header ***tail)
{
struct merge_remote_desc *desc;
diff --git a/commit.h b/commit.h
index d2c3e65..6107648 100644
--- a/commit.h
+++ b/commit.h
@@ -218,4 +218,6 @@ struct merge_remote_desc {
*/
struct commit *get_merge_parent(const char *name);
+extern int parse_signed_commit(const unsigned char *sha1,
+ struct strbuf *message, struct strbuf *signature);
#endif /* COMMIT_H */
diff --git a/log-tree.c b/log-tree.c
index e7694a3..142ba51 100644
--- a/log-tree.c
+++ b/log-tree.c
@@ -8,6 +8,7 @@
#include "refs.h"
#include "string-list.h"
#include "color.h"
+#include "gpg-interface.h"
struct decoration name_decoration = { "object names" };
@@ -403,6 +404,41 @@ void log_write_email_headers(struct rev_info *opt, struct commit *commit,
*extra_headers_p = extra_headers;
}
+static void show_signature(struct rev_info *opt, struct commit *commit)
+{
+ struct strbuf payload = STRBUF_INIT;
+ struct strbuf signature = STRBUF_INIT;
+ struct strbuf gpg_output = STRBUF_INIT;
+ int status;
+ const char *color, *reset, *bol, *eol;
+
+ if (parse_signed_commit(commit->object.sha1, &payload, &signature) <= 0)
+ goto out;
+
+ status = verify_signed_buffer(payload.buf, payload.len,
+ signature.buf, signature.len,
+ &gpg_output);
+ if (status && !gpg_output.len)
+ strbuf_addstr(&gpg_output, "No signature\n");
+
+ color = diff_get_color_opt(&opt->diffopt,
+ status ? DIFF_WHITESPACE : DIFF_FRAGINFO);
+ reset = diff_get_color_opt(&opt->diffopt, DIFF_RESET);
+
+ bol = gpg_output.buf;
+ while (*bol) {
+ eol = strchrnul(bol, '\n');
+ printf("%s%.*s%s%s", color, (int)(eol - bol), bol, reset,
+ *eol ? "\n" : "");
+ bol = (*eol) ? (eol + 1) : eol;
+ }
+
+ out:
+ strbuf_release(&gpg_output);
+ strbuf_release(&payload);
+ strbuf_release(&signature);
+}
+
void show_log(struct rev_info *opt)
{
struct strbuf msgbuf = STRBUF_INIT;
@@ -514,6 +550,9 @@ void show_log(struct rev_info *opt)
}
}
+ if (opt->show_signature)
+ show_signature(opt, commit);
+
if (!commit->buffer)
return;
diff --git a/revision.c b/revision.c
index 8764dde..064e351 100644
--- a/revision.c
+++ b/revision.c
@@ -1469,6 +1469,8 @@ static int handle_revision_opt(struct rev_info *revs, int argc, const char **arg
revs->show_notes = 1;
revs->show_notes_given = 1;
revs->notes_opt.use_default_notes = 1;
+ } else if (!strcmp(arg, "--show-signature")) {
+ revs->show_signature = 1;
} else if (!prefixcmp(arg, "--show-notes=") ||
!prefixcmp(arg, "--notes=")) {
struct strbuf buf = STRBUF_INIT;
diff --git a/revision.h b/revision.h
index 6aa53d1..b8e9223 100644
--- a/revision.h
+++ b/revision.h
@@ -110,6 +110,7 @@ struct rev_info {
show_merge:1,
show_notes:1,
show_notes_given:1,
+ show_signature:1,
pretty_given:1,
abbrev_commit:1,
abbrev_commit_given:1,
--
1.7.8.rc1.82.g90e080
next prev parent reply other threads:[~2011-11-09 1:02 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-09 1:01 [PATCH v3 00/17] Pulling signed tags Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 01/17] Split GPG interface into its own helper library Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 02/17] fetch: do not store peeled tag object names in FETCH_HEAD Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 03/17] merge: notice local merging of tags and keep it unwrapped Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 04/17] fetch: allow "git fetch $there v1.0" to fetch a tag Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 05/17] refs DWIMmery: use the same rule for both "git fetch" and others Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 06/17] fmt-merge-msg: avoid early returns Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 07/17] fmt-merge-msg: package options into a structure Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 08/17] fmt-merge-msg: Add contents of merged tag in the merge message Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 09/17] merge: make usage of commit->util more extensible Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 10/17] merge: record tag objects without peeling in MERGE_HEAD Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 11/17] commit: copy merged signed tags to headers of merge commit Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 12/17] merge: force edit mode when merging a tag object Junio C Hamano
2011-11-09 1:01 ` [PATCH v3 13/17] commit: teach --amend to carry forward extra headers Junio C Hamano
2011-11-09 1:02 ` [PATCH v3 14/17] commit: teach --gpg-sign option Junio C Hamano
2011-11-09 1:02 ` Junio C Hamano [this message]
2011-11-09 1:02 ` [PATCH v3 16/17] test "commit -S" and "log --show-signature" Junio C Hamano
2011-11-09 1:02 ` [PATCH v3 17/17] pretty: %G[?GS] placeholders Junio C Hamano
2011-11-09 10:32 ` [PATCH v3 00/17] Pulling signed tags Robin H. Johnson
2011-11-09 13:20 ` [PATCH 18/17] request-pull: use the annotated tag contents Junio C Hamano
2011-11-09 13:39 ` [PATCH 19/17] merge: do not fast-forward when merging a tag Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1320800523-5407-16-git-send-email-gitster@pobox.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).