diff --git a/Makefile b/Makefile index 58505b07eb..08e44cbbc5 100644 --- a/Makefile +++ b/Makefile @@ -529,7 +529,6 @@ LIB_H += fmt-merge-msg.h LIB_H += fsck.h LIB_H += gettext.h LIB_H += git-compat-util.h -LIB_H += gpg-interface.h LIB_H += graph.h LIB_H += grep.h LIB_H += hash.h @@ -623,7 +622,6 @@ LIB_OBJS += entry.o LIB_OBJS += environment.o LIB_OBJS += exec_cmd.o LIB_OBJS += fsck.o -LIB_OBJS += gpg-interface.o LIB_OBJS += graph.o LIB_OBJS += grep.o LIB_OBJS += hash.o diff --git a/builtin/commit-tree.c b/builtin/commit-tree.c index a17811f958..d083795e26 100644 --- a/builtin/commit-tree.c +++ b/builtin/commit-tree.c @@ -8,9 +8,8 @@ #include "tree.h" #include "builtin.h" #include "utf8.h" -#include "gpg-interface.h" -static const char commit_tree_usage[] = "git commit-tree [-S] [(-p )...] < changelog"; +static const char commit_tree_usage[] = "git commit-tree [(-p )...] < changelog"; static void new_parent(struct commit *parent, struct commit_list **parents_p) { @@ -26,14 +25,6 @@ static void new_parent(struct commit *parent, struct commit_list **parents_p) commit_list_insert(parent, parents_p); } -static int commit_tree_config(const char *var, const char *value, void *cb) -{ - int status = git_gpg_config(var, value, NULL); - if (status) - return status; - return git_default_config(var, value, cb); -} - int cmd_commit_tree(int argc, const char **argv, const char *prefix) { int i; @@ -41,19 +32,11 @@ int cmd_commit_tree(int argc, const char **argv, const char *prefix) unsigned char tree_sha1[20]; unsigned char commit_sha1[20]; struct strbuf buffer = STRBUF_INIT; - const char *sign_commit = NULL; - git_config(commit_tree_config, NULL); + git_config(git_default_config, NULL); if (argc < 2 || !strcmp(argv[1], "-h")) usage(commit_tree_usage); - - if (!memcmp(argv[1], "-S", 2)) { - sign_commit = argv[1] + 2; - argv++; - argc--; - } - if (get_sha1(argv[1], tree_sha1)) die("Not a valid object name %s", argv[1]); @@ -73,8 +56,7 @@ int cmd_commit_tree(int argc, const char **argv, const char *prefix) if (strbuf_read(&buffer, 0, 0) < 0) die_errno("git commit-tree: failed to read"); - if (commit_tree(buffer.buf, tree_sha1, parents, commit_sha1, - NULL, sign_commit)) { + if (commit_tree(buffer.buf, tree_sha1, parents, commit_sha1, NULL)) { strbuf_release(&buffer); return 1; } diff --git a/builtin/commit.c b/builtin/commit.c index be196cc322..c46f2d18e1 100644 --- a/builtin/commit.c +++ b/builtin/commit.c @@ -26,7 +26,6 @@ #include "unpack-trees.h" #include "quote.h" #include "submodule.h" -#include "gpg-interface.h" static const char * const builtin_commit_usage[] = { "git commit [options] [--] ...", @@ -86,8 +85,6 @@ static int all, edit_flag, also, interactive, patch_interactive, only, amend, si static int quiet, verbose, no_verify, allow_empty, dry_run, renew_authorship; static int no_post_rewrite, allow_empty_message; static char *untracked_files_arg, *force_date, *ignore_submodule_arg; -static char *sign_commit; - /* * The default commit message cleanup mode will remove the lines * beginning with # (shell comments) and leading and trailing @@ -147,8 +144,6 @@ static struct option builtin_commit_options[] = { OPT_BOOLEAN('e', "edit", &edit_flag, "force edit of commit"), OPT_STRING(0, "cleanup", &cleanup_arg, "default", "how to strip spaces and #comments from message"), OPT_BOOLEAN(0, "status", &include_status, "include status in commit message template"), - { OPTION_STRING, 'S', "gpg-sign", &sign_commit, "key id", - "GPG sign commit", PARSE_OPT_OPTARG, NULL, (intptr_t) "" }, /* end commit message options */ OPT_GROUP("Commit contents options"), @@ -1329,7 +1324,6 @@ static void print_summary(const char *prefix, const unsigned char *sha1, static int git_commit_config(const char *k, const char *v, void *cb) { struct wt_status *s = cb; - int status; if (!strcmp(k, "commit.template")) return git_config_pathname(&template_file, k, v); @@ -1337,9 +1331,7 @@ static int git_commit_config(const char *k, const char *v, void *cb) include_status = git_config_bool(k, v); return 0; } - status = git_gpg_config(k, v, NULL); - if (status) - return status; + return git_status_config(k, v, s); } @@ -1492,7 +1484,7 @@ int cmd_commit(int argc, const char **argv, const char *prefix) } if (commit_tree(sb.buf, active_cache_tree->sha1, parents, sha1, - author_ident.buf, sign_commit)) { + author_ident.buf)) { rollback_index_files(); die(_("failed to write commit object")); } diff --git a/builtin/merge.c b/builtin/merge.c index bec09c3124..98cf65f57b 100644 --- a/builtin/merge.c +++ b/builtin/merge.c @@ -27,7 +27,6 @@ #include "resolve-undo.h" #include "remote.h" #include "fmt-merge-msg.h" -#include "gpg-interface.h" #define DEFAULT_TWOHEAD (1<<0) #define DEFAULT_OCTOPUS (1<<1) @@ -64,7 +63,6 @@ static int allow_rerere_auto; static int abort_current_merge; static int show_progress = -1; static int default_to_upstream; -static const char *sign_commit; static struct strategy all_strategy[] = { { "recursive", DEFAULT_TWOHEAD | NO_TRIVIAL }, @@ -210,8 +208,6 @@ static struct option builtin_merge_options[] = { OPT_BOOLEAN(0, "abort", &abort_current_merge, "abort the current in-progress merge"), OPT_SET_INT(0, "progress", &show_progress, "force progress reporting", 1), - { OPTION_STRING, 'S', "gpg-sign", &sign_commit, "key id", - "GPG sign commit", PARSE_OPT_OPTARG, NULL, (intptr_t) "" }, OPT_END() }; @@ -574,11 +570,7 @@ static int git_merge_config(const char *k, const char *v, void *cb) default_to_upstream = git_config_bool(k, v); return 0; } - status = fmt_merge_msg_config(k, v, cb); - if (status) - return status; - status = git_gpg_config(k, v, NULL); if (status) return status; return git_diff_ui_config(k, v, cb); @@ -913,8 +905,7 @@ static int merge_trivial(struct commit *head) parent->next->item = remoteheads->item; parent->next->next = NULL; prepare_to_commit(); - commit_tree(merge_msg.buf, result_tree, parent, result_commit, NULL, - sign_commit); + commit_tree(merge_msg.buf, result_tree, parent, result_commit, NULL); finish(head, result_commit, "In-index merge"); drop_save(); return 0; @@ -945,8 +936,7 @@ static int finish_automerge(struct commit *head, strbuf_addch(&merge_msg, '\n'); prepare_to_commit(); free_commit_list(remoteheads); - commit_tree(merge_msg.buf, result_tree, parents, result_commit, - NULL, sign_commit); + commit_tree(merge_msg.buf, result_tree, parents, result_commit, NULL); strbuf_addf(&buf, "Merge made by the '%s' strategy.", wt_strategy); finish(head, result_commit, buf.buf); strbuf_release(&buf); diff --git a/builtin/tag.c b/builtin/tag.c index cca120552a..9b6fd95494 100644 --- a/builtin/tag.c +++ b/builtin/tag.c @@ -14,7 +14,6 @@ #include "parse-options.h" #include "diff.h" #include "revision.h" -#include "gpg-interface.h" static const char * const git_tag_usage[] = { "git tag [-a|-s|-u ] [-f] [-m |-F ] []", @@ -24,6 +23,8 @@ static const char * const git_tag_usage[] = { NULL }; +static char signingkey[1000]; + struct tag_filter { const char **patterns; int lines; @@ -207,7 +208,60 @@ static int verify_tag(const char *name, const char *ref, static int do_sign(struct strbuf *buffer) { - return sign_buffer(buffer, buffer, get_signing_key()); + struct child_process gpg; + const char *args[4]; + char *bracket; + int len; + int i, j; + + if (!*signingkey) { + if (strlcpy(signingkey, git_committer_info(IDENT_ERROR_ON_NO_NAME), + sizeof(signingkey)) > sizeof(signingkey) - 1) + return error(_("committer info too long.")); + bracket = strchr(signingkey, '>'); + if (bracket) + bracket[1] = '\0'; + } + + /* When the username signingkey is bad, program could be terminated + * because gpg exits without reading and then write gets SIGPIPE. */ + signal(SIGPIPE, SIG_IGN); + + memset(&gpg, 0, sizeof(gpg)); + gpg.argv = args; + gpg.in = -1; + gpg.out = -1; + args[0] = "gpg"; + args[1] = "-bsau"; + args[2] = signingkey; + args[3] = NULL; + + if (start_command(&gpg)) + return error(_("could not run gpg.")); + + if (write_in_full(gpg.in, buffer->buf, buffer->len) != buffer->len) { + close(gpg.in); + close(gpg.out); + finish_command(&gpg); + return error(_("gpg did not accept the tag data")); + } + close(gpg.in); + len = strbuf_read(buffer, gpg.out, 1024); + close(gpg.out); + + if (finish_command(&gpg) || !len || len < 0) + return error(_("gpg failed to sign the tag")); + + /* Strip CR from the line endings, in case we are on Windows. */ + for (i = j = 0; i < buffer->len; i++) + if (buffer->buf[i] != '\r') { + if (i != j) + buffer->buf[j] = buffer->buf[i]; + j++; + } + strbuf_setlen(buffer, j); + + return 0; } static const char tag_template[] = @@ -216,11 +270,21 @@ static const char tag_template[] = "# Write a tag message\n" "#\n"); +static void set_signingkey(const char *value) +{ + if (strlcpy(signingkey, value, sizeof(signingkey)) >= sizeof(signingkey)) + die(_("signing key value too long (%.10s...)"), value); +} + static int git_tag_config(const char *var, const char *value, void *cb) { - int status = git_gpg_config(var, value, cb); - if (status) - return status; + if (!strcmp(var, "user.signingkey")) { + if (!value) + return config_error_nonbool(var); + set_signingkey(value); + return 0; + } + return git_default_config(var, value, cb); } @@ -399,7 +463,7 @@ int cmd_tag(int argc, const char **argv, const char *prefix) if (keyid) { sign = 1; - set_signing_key(keyid); + set_signingkey(keyid); } if (sign) annotate = 1; diff --git a/builtin/verify-tag.c b/builtin/verify-tag.c index 28c2174338..3134766049 100644 --- a/builtin/verify-tag.c +++ b/builtin/verify-tag.c @@ -11,7 +11,6 @@ #include "run-command.h" #include #include "parse-options.h" -#include "gpg-interface.h" static const char * const verify_tag_usage[] = { "git verify-tag [-v|--verbose] ...", @@ -20,16 +19,42 @@ static const char * const verify_tag_usage[] = { static int run_gpg_verify(const char *buf, unsigned long size, int verbose) { - int len; + struct child_process gpg; + const char *args_gpg[] = {"gpg", "--verify", "FILE", "-", NULL}; + char path[PATH_MAX]; + size_t len; + int fd, ret; + fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX"); + if (fd < 0) + return error("could not create temporary file '%s': %s", + path, strerror(errno)); + if (write_in_full(fd, buf, size) < 0) + return error("failed writing temporary file '%s': %s", + path, strerror(errno)); + close(fd); + + /* find the length without signature */ len = parse_signature(buf, size); if (verbose) write_in_full(1, buf, len); - if (size == len) - return error("no signature found"); + memset(&gpg, 0, sizeof(gpg)); + gpg.argv = args_gpg; + gpg.in = -1; + args_gpg[2] = path; + if (start_command(&gpg)) { + unlink(path); + return error("could not run gpg."); + } - return verify_signed_buffer(buf, len, buf + len, size - len, NULL); + write_in_full(gpg.in, buf, len); + close(gpg.in); + ret = finish_command(&gpg); + + unlink_or_warn(path); + + return ret; } static int verify_tag(const char *name, int verbose) diff --git a/commit.c b/commit.c index 2792c47adc..73b7e00292 100644 --- a/commit.c +++ b/commit.c @@ -6,7 +6,6 @@ #include "diff.h" #include "revision.h" #include "notes.h" -#include "gpg-interface.h" int save_commit_buffer = 1; @@ -841,77 +840,6 @@ struct commit_list *reduce_heads(struct commit_list *heads) return result; } -static const char gpg_sig_header[] = "gpgsig "; -static const int gpg_sig_header_len = sizeof(gpg_sig_header) - 1; - -static int do_sign_commit(struct strbuf *buf, const char *keyid) -{ - struct strbuf sig = STRBUF_INIT; - int inspos, copypos; - - /* find the end of the header */ - inspos = strstr(buf->buf, "\n\n") - buf->buf + 1; - - if (!keyid || !*keyid) - keyid = get_signing_key(); - if (sign_buffer(buf, &sig, keyid)) { - strbuf_release(&sig); - return -1; - } - - for (copypos = 0; sig.buf[copypos]; ) { - const char *bol = sig.buf + copypos; - const char *eol = strchrnul(bol, '\n'); - int len = (eol - bol) + !!*eol; - - strbuf_insert(buf, inspos, gpg_sig_header, gpg_sig_header_len); - inspos += gpg_sig_header_len; - strbuf_insert(buf, inspos, bol, len); - inspos += len; - copypos += len; - } - strbuf_release(&sig); - return 0; -} - -int parse_signed_commit(const unsigned char *sha1, - struct strbuf *payload, struct strbuf *signature) -{ - unsigned long size; - enum object_type type; - char *buffer = read_sha1_file(sha1, &type, &size); - int saw_signature = -1; - char *line, *tail; - - if (!buffer || type != OBJ_COMMIT) - goto cleanup; - - line = buffer; - tail = buffer + size; - saw_signature = 0; - while (line < tail) { - char *next = memchr(line, '\n', tail - line); - if (!next) - next = tail; - else - next++; - if (!prefixcmp(line, gpg_sig_header)) { - const char *sig = line + gpg_sig_header_len; - strbuf_add(signature, sig, next - sig); - saw_signature = 1; - } else { - if (*line == '\n') - /* dump the whole remainder of the buffer */ - next = tail; - strbuf_add(payload, line, next - line); - } - line = next; - } - cleanup: - free(buffer); - return saw_signature; -} - static const char commit_utf8_warn[] = "Warning: commit message does not conform to UTF-8.\n" "You may want to amend it after fixing the message, or set the config\n" @@ -919,7 +847,7 @@ static const char commit_utf8_warn[] = int commit_tree(const char *msg, unsigned char *tree, struct commit_list *parents, unsigned char *ret, - const char *author, const char *sign_commit) + const char *author) { int result; int encoding_is_utf8; @@ -962,9 +890,6 @@ int commit_tree(const char *msg, unsigned char *tree, if (encoding_is_utf8 && !is_utf8(buffer.buf)) fprintf(stderr, commit_utf8_warn); - if (sign_commit && do_sign_commit(&buffer, sign_commit)) - return -1; - result = write_sha1_file(buffer.buf, buffer.len, commit_type, ret); strbuf_release(&buffer); return result; diff --git a/commit.h b/commit.h index f92916e0a3..009b113e5b 100644 --- a/commit.h +++ b/commit.h @@ -183,9 +183,6 @@ struct commit_list *reduce_heads(struct commit_list *heads); extern int commit_tree(const char *msg, unsigned char *tree, struct commit_list *parents, unsigned char *ret, - const char *author, const char *sign_commit); - -extern int parse_signed_commit(const unsigned char *sha1, - struct strbuf *message, struct strbuf *signature); + const char *author); #endif /* COMMIT_H */ diff --git a/gpg-interface.c b/gpg-interface.c deleted file mode 100644 index ff232c8c5d..0000000000 --- a/gpg-interface.c +++ /dev/null @@ -1,138 +0,0 @@ -#include "cache.h" -#include "run-command.h" -#include "strbuf.h" -#include "gpg-interface.h" -#include "sigchain.h" - -static char *configured_signing_key; - -void set_signing_key(const char *key) -{ - free(configured_signing_key); - configured_signing_key = xstrdup(key); -} - -int git_gpg_config(const char *var, const char *value, void *cb) -{ - if (!strcmp(var, "user.signingkey")) { - if (!value) - return config_error_nonbool(var); - set_signing_key(value); - } - return 0; -} - -const char *get_signing_key(void) -{ - if (configured_signing_key) - return configured_signing_key; - return git_committer_info(IDENT_ERROR_ON_NO_NAME|IDENT_NO_DATE); -} - -/* - * Create a detached signature for the contents of "buffer" and append - * it after "signature"; "buffer" and "signature" can be the same - * strbuf instance, which would cause the detached signature appended - * at the end. - */ -int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key) -{ - struct child_process gpg; - const char *args[4]; - ssize_t len; - size_t i, j, bottom; - - memset(&gpg, 0, sizeof(gpg)); - gpg.argv = args; - gpg.in = -1; - gpg.out = -1; - args[0] = "gpg"; - args[1] = "-bsau"; - args[2] = signing_key; - args[3] = NULL; - - if (start_command(&gpg)) - return error(_("could not run gpg.")); - - /* - * When the username signingkey is bad, program could be terminated - * because gpg exits without reading and then write gets SIGPIPE. - */ - sigchain_push(SIGPIPE, SIG_IGN); - - if (write_in_full(gpg.in, buffer->buf, buffer->len) != buffer->len) { - close(gpg.in); - close(gpg.out); - finish_command(&gpg); - return error(_("gpg did not accept the data")); - } - close(gpg.in); - - bottom = signature->len; - len = strbuf_read(signature, gpg.out, 1024); - close(gpg.out); - - sigchain_pop(SIGPIPE); - - if (finish_command(&gpg) || !len || len < 0) - return error(_("gpg failed to sign the data")); - - /* Strip CR from the line endings, in case we are on Windows. */ - for (i = j = bottom; i < signature->len; i++) - if (signature->buf[i] != '\r') { - if (i != j) - signature->buf[j] = signature->buf[i]; - j++; - } - strbuf_setlen(signature, j); - - return 0; -} - -/* - * Run "gpg" to see if the payload matches the detached signature. - * gpg_output_to tells where the output from "gpg" should go: - * < 0: /dev/null - * = 0: standard error of the calling process - * > 0: the specified file descriptor - */ -int verify_signed_buffer(const char *payload, size_t payload_size, - const char *signature, size_t signature_size, - struct strbuf *gpg_output) -{ - struct child_process gpg; - const char *args_gpg[] = {"gpg", "--verify", "FILE", "-", NULL}; - char path[PATH_MAX]; - int fd, ret; - - fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX"); - if (fd < 0) - return error("could not create temporary file '%s': %s", - path, strerror(errno)); - if (write_in_full(fd, signature, signature_size) < 0) - return error("failed writing detached signature to '%s': %s", - path, strerror(errno)); - close(fd); - - memset(&gpg, 0, sizeof(gpg)); - gpg.argv = args_gpg; - gpg.in = -1; - if (gpg_output) - gpg.err = -1; - args_gpg[2] = path; - if (start_command(&gpg)) { - unlink(path); - return error("could not run gpg."); - } - - write_in_full(gpg.in, payload, payload_size); - close(gpg.in); - - if (gpg_output) - strbuf_read(gpg_output, gpg.err, 0); - ret = finish_command(&gpg); - - unlink_or_warn(path); - - return ret; -} diff --git a/gpg-interface.h b/gpg-interface.h deleted file mode 100644 index b9c36088ce..0000000000 --- a/gpg-interface.h +++ /dev/null @@ -1,10 +0,0 @@ -#ifndef GPG_INTERFACE_H -#define GPG_INTERFACE_H - -extern int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key); -extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output); -extern int git_gpg_config(const char *, const char *, void *); -extern void set_signing_key(const char *); -extern const char *get_signing_key(void); - -#endif diff --git a/log-tree.c b/log-tree.c index 142ba51427..e7694a3a4c 100644 --- a/log-tree.c +++ b/log-tree.c @@ -8,7 +8,6 @@ #include "refs.h" #include "string-list.h" #include "color.h" -#include "gpg-interface.h" struct decoration name_decoration = { "object names" }; @@ -404,41 +403,6 @@ void log_write_email_headers(struct rev_info *opt, struct commit *commit, *extra_headers_p = extra_headers; } -static void show_signature(struct rev_info *opt, struct commit *commit) -{ - struct strbuf payload = STRBUF_INIT; - struct strbuf signature = STRBUF_INIT; - struct strbuf gpg_output = STRBUF_INIT; - int status; - const char *color, *reset, *bol, *eol; - - if (parse_signed_commit(commit->object.sha1, &payload, &signature) <= 0) - goto out; - - status = verify_signed_buffer(payload.buf, payload.len, - signature.buf, signature.len, - &gpg_output); - if (status && !gpg_output.len) - strbuf_addstr(&gpg_output, "No signature\n"); - - color = diff_get_color_opt(&opt->diffopt, - status ? DIFF_WHITESPACE : DIFF_FRAGINFO); - reset = diff_get_color_opt(&opt->diffopt, DIFF_RESET); - - bol = gpg_output.buf; - while (*bol) { - eol = strchrnul(bol, '\n'); - printf("%s%.*s%s%s", color, (int)(eol - bol), bol, reset, - *eol ? "\n" : ""); - bol = (*eol) ? (eol + 1) : eol; - } - - out: - strbuf_release(&gpg_output); - strbuf_release(&payload); - strbuf_release(&signature); -} - void show_log(struct rev_info *opt) { struct strbuf msgbuf = STRBUF_INIT; @@ -550,9 +514,6 @@ void show_log(struct rev_info *opt) } } - if (opt->show_signature) - show_signature(opt, commit); - if (!commit->buffer) return; diff --git a/notes-cache.c b/notes-cache.c index c36a960bc3..4c8984ede1 100644 --- a/notes-cache.c +++ b/notes-cache.c @@ -56,7 +56,7 @@ int notes_cache_write(struct notes_cache *c) if (write_notes_tree(&c->tree, tree_sha1)) return -1; - if (commit_tree(c->validity, tree_sha1, NULL, commit_sha1, NULL, NULL) < 0) + if (commit_tree(c->validity, tree_sha1, NULL, commit_sha1, NULL) < 0) return -1; if (update_ref("update notes cache", c->tree.ref, commit_sha1, NULL, 0, QUIET_ON_ERR) < 0) diff --git a/notes-merge.c b/notes-merge.c index 61cf18eeab..e9e4199311 100644 --- a/notes-merge.c +++ b/notes-merge.c @@ -546,7 +546,7 @@ void create_notes_commit(struct notes_tree *t, struct commit_list *parents, /* else: t->ref points to nothing, assume root/orphan commit */ } - if (commit_tree(msg, tree_sha1, parents, result_sha1, NULL, NULL)) + if (commit_tree(msg, tree_sha1, parents, result_sha1, NULL)) die("Failed to commit notes tree to database"); } diff --git a/pretty.c b/pretty.c index 094bc7ddd3..230fe1cc82 100644 --- a/pretty.c +++ b/pretty.c @@ -9,7 +9,6 @@ #include "notes.h" #include "color.h" #include "reflog-walk.h" -#include "gpg-interface.h" static char *user_format; static struct cmt_fmt_map { @@ -641,12 +640,6 @@ struct format_commit_context { const struct pretty_print_context *pretty_ctx; unsigned commit_header_parsed:1; unsigned commit_message_parsed:1; - unsigned commit_signature_parsed:1; - struct { - char *gpg_output; - char good_bad; - char *signer; - } signature; char *message; size_t width, indent1, indent2; @@ -829,59 +822,6 @@ static void rewrap_message_tail(struct strbuf *sb, c->indent2 = new_indent2; } -static struct { - char result; - const char *check; -} signature_check[] = { - { 'G', ": Good signature from " }, - { 'B', ": BAD signature from " }, -}; - -static void parse_signature_lines(struct format_commit_context *ctx) -{ - const char *buf = ctx->signature.gpg_output; - int i; - - for (i = 0; i < ARRAY_SIZE(signature_check); i++) { - const char *found = strstr(buf, signature_check[i].check); - const char *next; - if (!found) - continue; - ctx->signature.good_bad = signature_check[i].result; - found += strlen(signature_check[i].check); - next = strchrnul(found, '\n'); - ctx->signature.signer = xmemdupz(found, next - found); - break; - } -} - -static void parse_commit_signature(struct format_commit_context *ctx) -{ - struct strbuf payload = STRBUF_INIT; - struct strbuf signature = STRBUF_INIT; - struct strbuf gpg_output = STRBUF_INIT; - int status; - - ctx->commit_signature_parsed = 1; - - if (parse_signed_commit(ctx->commit->object.sha1, - &payload, &signature) <= 0) - goto out; - status = verify_signed_buffer(payload.buf, payload.len, - signature.buf, signature.len, - &gpg_output); - if (status && !gpg_output.len) - goto out; - ctx->signature.gpg_output = strbuf_detach(&gpg_output, NULL); - parse_signature_lines(ctx); - - out: - strbuf_release(&gpg_output); - strbuf_release(&payload); - strbuf_release(&signature); -} - - static size_t format_commit_one(struct strbuf *sb, const char *placeholder, void *context) { @@ -1034,30 +974,6 @@ static size_t format_commit_one(struct strbuf *sb, const char *placeholder, return 0; } - if (placeholder[0] == 'G') { - if (!c->commit_signature_parsed) - parse_commit_signature(c); - switch (placeholder[1]) { - case 'G': - if (c->signature.gpg_output) - strbuf_addstr(sb, c->signature.gpg_output); - break; - case '?': - switch (c->signature.good_bad) { - case 'G': - case 'B': - strbuf_addch(sb, c->signature.good_bad); - } - break; - case 'S': - if (c->signature.signer) - strbuf_addstr(sb, c->signature.signer); - break; - } - return 2; - } - - /* For the rest we have to parse the commit header. */ if (!c->commit_header_parsed) parse_commit_header(c); @@ -1200,8 +1116,6 @@ void format_commit_message(const struct commit *commit, if (context.message != commit->buffer) free(context.message); - free(context.signature.gpg_output); - free(context.signature.signer); } static void pp_header(const struct pretty_print_context *pp, diff --git a/revision.c b/revision.c index 064e351084..8764dde381 100644 --- a/revision.c +++ b/revision.c @@ -1469,8 +1469,6 @@ static int handle_revision_opt(struct rev_info *revs, int argc, const char **arg revs->show_notes = 1; revs->show_notes_given = 1; revs->notes_opt.use_default_notes = 1; - } else if (!strcmp(arg, "--show-signature")) { - revs->show_signature = 1; } else if (!prefixcmp(arg, "--show-notes=") || !prefixcmp(arg, "--notes=")) { struct strbuf buf = STRBUF_INIT; diff --git a/revision.h b/revision.h index b8e9223954..6aa53d1aa7 100644 --- a/revision.h +++ b/revision.h @@ -110,7 +110,6 @@ struct rev_info { show_merge:1, show_notes:1, show_notes_given:1, - show_signature:1, pretty_given:1, abbrev_commit:1, abbrev_commit_given:1, diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh deleted file mode 100755 index 30401ced07..0000000000 --- a/t/t7510-signed-commit.sh +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/sh - -test_description='signed commit tests' -. ./test-lib.sh -. "$TEST_DIRECTORY/lib-gpg.sh" - -test_expect_success GPG 'create signed commits' ' - echo 1 >file && git add file && - test_tick && git commit -S -m initial && - git tag initial && - git branch side && - - echo 2 >file && test_tick && git commit -a -S -m second && - git tag second && - - git checkout side && - echo 3 >elif && git add elif && - test_tick && git commit -m "third on side" && - - git checkout master && - test_tick && git merge -S side && - git tag merge && - - echo 4 >file && test_tick && git commit -a -m "fourth unsigned" && - git tag fourth-unsigned && - - test_tick && git commit --amend -S -m "fourth signed" -' - -test_expect_success GPG 'show signatures' ' - ( - for commit in initial second merge master - do - git show --pretty=short --show-signature $commit >actual && - grep "Good signature from" actual || exit 1 - ! grep "BAD signature from" actual || exit 1 - echo $commit OK - done - ) && - ( - for commit in merge^2 fourth-unsigned - do - git show --pretty=short --show-signature $commit >actual && - grep "Good signature from" actual && exit 1 - ! grep "BAD signature from" actual || exit 1 - echo $commit OK - done - ) -' - -test_expect_success GPG 'detect fudged signature' ' - git cat-file commit master >raw && - - sed -e "s/fourth signed/4th forged/" raw >forged1 && - git hash-object -w -t commit forged1 >forged1.commit && - git show --pretty=short --show-signature $(cat forged1.commit) >actual1 && - grep "BAD signature from" actual1 && - ! grep "Good signature from" actual1 -' - -test_expect_success GPG 'detect fudged signature with NUL' ' - git cat-file commit master >raw && - cat raw >forged2 && - echo Qwik | tr "Q" "\000" >>forged2 && - git hash-object -w -t commit forged2 >forged2.commit && - git show --pretty=short --show-signature $(cat forged2.commit) >actual2 && - grep "BAD signature from" actual2 && - ! grep "Good signature from" actual2 -' - -test_done diff --git a/tag.c b/tag.c index 3aa186df62..7d38cc0f4d 100644 --- a/tag.c +++ b/tag.c @@ -139,11 +139,6 @@ int parse_tag(struct tag *item) return ret; } -/* - * Look at a signed tag object, and return the offset where - * the embedded detached signature begins, or the end of the - * data when there is no such signature. - */ size_t parse_signature(const char *buf, unsigned long size) { char *eol;