From: Junio C Hamano <gitster@pobox.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>,
git@vger.kernel.org,
James Bottomley <James.Bottomley@hansenpartnership.com>,
Jeff Garzik <jeff@garzik.org>,
Andrew Morton <akpm@linux-foundation.org>,
linux-ide@vger.kernel.org, LKML <linux-kernel@vger.kernel.org>
Subject: Re: [git patches] libata updates, GPG signed (but see admin notes)
Date: Mon, 31 Oct 2011 16:09:09 -0700 [thread overview]
Message-ID: <7vlis0oj1m.fsf@alter.siamese.dyndns.org> (raw)
In-Reply-To: <7vvcr4ojvp.fsf@alter.siamese.dyndns.org> (Junio C. Hamano's message of "Mon, 31 Oct 2011 15:51:06 -0700")
Junio C Hamano <gitster@pobox.com> writes:
> Linus Torvalds <torvalds@linux-foundation.org> writes:
> ...
> As I already said, I do not think notes is a good match as a tool to do
> this.
>
>> matters is that "git push" and "git pull" would JustWork(tm), and
>> check the signature if one exists, without having to cut-and-paste
>> data that simply shouldn't be visible to the user.
>>
>> I abhor the interface Ingo suggested, for example....
>
> Some cut-and-paste (or piping the e-mail to a command) would be necessary
> evil, though, as you would have GPG keys from more than one trusted person
> in your keyring, and when you are responding to a pull-request from person
> A, finding a valid commit signed by person B should not be a success, but
> at least should raise a warning.
So here is a quick hack that does not involve cut-and-paste (it depends on
the signed-commit topic in 'next').
$ git pull --require-signature
would trigger signature verification and stops you after fetching but
before merging.
git-pull.sh | 25 ++++++++++++++++++++++++-
1 files changed, 24 insertions(+), 1 deletions(-)
diff --git a/git-pull.sh b/git-pull.sh
index 9868a0b..f3b4c93 100755
--- a/git-pull.sh
+++ b/git-pull.sh
@@ -39,7 +39,7 @@ test -z "$(git ls-files -u)" || die_conflict
test -f "$GIT_DIR/MERGE_HEAD" && die_merge
strategy_args= diffstat= no_commit= squash= no_ff= ff_only=
-log_arg= verbosity= progress= recurse_submodules=
+log_arg= verbosity= progress= recurse_submodules= must_be_signed=
merge_args=
curr_branch=$(git symbolic-ref -q HEAD)
curr_branch_short="${curr_branch#refs/heads/}"
@@ -60,6 +60,8 @@ do
diffstat=--no-stat ;;
--stat|--summary)
diffstat=--stat ;;
+ --require-signature)
+ must_be_signed=yes ;;
--log|--no-log)
log_arg=$1 ;;
--no-c|--no-co|--no-com|--no-comm|--no-commi|--no-commit)
@@ -208,6 +210,27 @@ orig_head=$(git rev-parse -q --verify HEAD)
git fetch $verbosity $progress $dry_run $recurse_submodules --update-head-ok "$@" || exit 1
test -z "$dry_run" || exit 0
+if test -n "$must_be_signed"
+then
+ signature=$(git show -s --format='%G?' FETCH_HEAD)
+ case "$signature" in
+ G)
+ case "$verbosity" in
+ *' '-v*)
+ git show -s --show-signature FETCH_HEAD ;;
+ esac
+ ;;
+ B)
+ echo >&2 "Bad signature on the tip commit"
+ exit 1
+ ;;
+ *)
+ echo >&2 "Tip commit must be signed"
+ exit 1
+ ;;
+ fi
+fi
+
curr_head=$(git rev-parse -q --verify HEAD)
if test -n "$orig_head" && test "$curr_head" != "$orig_head"
then
next prev parent reply other threads:[~2011-10-31 23:09 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-26 20:22 [git patches] libata updates, GPG signed (but see admin notes) Jeff Garzik
2011-10-29 19:13 ` Valdis.Kletnieks
2011-10-29 19:27 ` Jeff Garzik
2011-10-30 10:05 ` James Bottomley
2011-10-30 17:12 ` Linus Torvalds
2011-10-31 8:19 ` James Bottomley
2011-10-31 15:53 ` Linus Torvalds
2011-10-31 18:23 ` Junio C Hamano
2011-10-31 22:18 ` Linus Torvalds
2011-10-31 22:20 ` H. Peter Anvin
2011-10-31 22:30 ` Linus Torvalds
2011-10-31 22:33 ` H. Peter Anvin
2011-10-31 22:38 ` Linus Torvalds
2011-10-31 22:51 ` Junio C Hamano
2011-10-31 22:56 ` Linus Torvalds
2011-11-02 9:11 ` Ingo Molnar
2011-11-02 11:20 ` Jochen Striepe
2011-10-31 23:09 ` Junio C Hamano [this message]
2011-10-31 22:44 ` Junio C Hamano
2011-10-31 22:47 ` H. Peter Anvin
2011-10-31 22:49 ` Ted Ts'o
2011-10-31 22:51 ` H. Peter Anvin
2011-10-31 22:52 ` Linus Torvalds
2011-10-31 22:54 ` H. Peter Anvin
2011-10-31 23:03 ` Linus Torvalds
2011-11-01 5:39 ` James Bottomley
2011-10-31 23:55 ` Jeff Garzik
2011-11-01 0:42 ` H. Peter Anvin
2011-10-31 22:33 ` Jiri Kosina
2011-11-01 19:47 ` Junio C Hamano
2011-11-01 21:21 ` Linus Torvalds
2011-11-01 21:56 ` Junio C Hamano
2011-11-02 20:04 ` Linus Torvalds
2011-11-02 21:13 ` Junio C Hamano
2011-11-03 1:02 ` Shawn Pearce
2011-11-03 1:19 ` Linus Torvalds
2011-11-03 1:45 ` Linus Torvalds
2011-11-03 2:14 ` Shawn Pearce
2011-11-03 2:25 ` Linus Torvalds
2011-11-03 3:22 ` Jochen Striepe
2011-11-03 4:13 ` Linus Torvalds
2011-11-10 13:51 ` David Woodhouse
2011-11-10 15:23 ` Marc Branchaud
2011-11-03 2:31 ` Linus Torvalds
2011-11-03 2:19 ` Linus Torvalds
2011-11-04 20:16 ` Junio C Hamano
2011-11-04 21:22 ` Junio C Hamano
2011-11-04 23:10 ` Linus Torvalds
2011-11-05 3:55 ` Jeff King
2011-11-05 4:37 ` Junio C Hamano
2011-11-03 18:16 ` Junio C Hamano
2011-11-03 18:52 ` Junio C Hamano
2011-11-03 19:09 ` Linus Torvalds
2011-11-04 14:59 ` Ted Ts'o
2011-11-04 15:14 ` Linus Torvalds
2011-11-07 7:52 ` Valdis.Kletnieks
2011-11-07 16:24 ` Linus Torvalds
2011-11-05 6:36 ` Junio C Hamano
2011-11-05 16:41 ` Linus Torvalds
2011-11-05 23:49 ` Junio C Hamano
2011-11-06 0:53 ` Linus Torvalds
2011-11-09 17:26 ` Junio C Hamano
2011-11-10 8:02 ` Johan Herland
2011-11-10 15:15 ` Junio C Hamano
2011-11-10 16:03 ` Johan Herland
2011-11-10 17:18 ` Junio C Hamano
2011-11-11 1:17 ` Johan Herland
2011-11-11 5:26 ` Junio C Hamano
2011-11-03 19:06 ` Linus Torvalds
2011-11-04 21:12 ` Junio C Hamano
2011-11-04 23:45 ` Linus Torvalds
2011-11-03 2:55 ` Jeff King
2011-11-03 3:16 ` Robin H. Johnson
2011-11-03 18:29 ` Junio C Hamano
2011-11-01 22:39 ` Ted Ts'o
2011-11-02 23:34 ` Junio C Hamano
2011-11-02 23:41 ` david
2011-11-02 23:42 ` Linus Torvalds
2011-11-10 13:52 ` David Woodhouse
2011-11-02 10:53 ` Michael J Gruber
2011-11-02 18:58 ` Junio C Hamano
2011-11-02 21:05 ` Michael J Gruber
2011-10-31 8:40 ` Ingo Molnar
2011-10-31 21:46 ` H. Peter Anvin
2011-10-31 22:21 ` Linus Torvalds
2011-10-31 22:23 ` H. Peter Anvin
2011-10-31 22:34 ` Linus Torvalds
2011-11-01 2:17 ` david
2011-11-01 3:25 ` H. Peter Anvin
2011-11-01 3:42 ` Linus Torvalds
2011-11-01 4:25 ` hpanvin@gmail.com
2011-11-01 5:19 ` James Bottomley
2011-11-01 13:13 ` Henrique de Moraes Holschuh
2011-11-01 17:06 ` Tony Luck
2011-11-01 17:15 ` Linus Torvalds
2011-11-12 19:31 ` Felipe Contreras
2011-11-01 5:03 ` david
2011-11-01 13:32 ` Theodore Tso
2011-11-01 3:31 ` Linus Torvalds
2011-11-01 4:58 ` david
[not found] ` <20111031084048.GA11807__21610.4542407722$1320051469$gmane$org@elte.hu>
2011-10-31 22:03 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7vlis0oj1m.fsf@alter.siamese.dyndns.org \
--to=gitster@pobox.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=akpm@linux-foundation.org \
--cc=git@vger.kernel.org \
--cc=hpa@zytor.com \
--cc=jeff@garzik.org \
--cc=linux-ide@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).