From 00e3ef17287395b894daa02a064f24531eb714e7 Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Tue, 8 Nov 2011 16:05:43 -0800 Subject: [PATCH] Revert the previous "signed commit" attempt Signed-off-by: Junio C Hamano --- Makefile | 2 - builtin/commit-tree.c | 24 +----- builtin/commit.c | 12 +-- builtin/merge.c | 16 +--- builtin/tag.c | 76 +++++++++++++++-- builtin/verify-tag.c | 35 ++++++-- commit.c | 77 +---------------- commit.h | 5 +- gpg-interface.c | 138 ------------------------------- gpg-interface.h | 10 --- log-tree.c | 39 --------- notes-cache.c | 2 +- notes-merge.c | 2 +- pretty.c | 86 ------------------- revision.c | 2 - revision.h | 1 - t/lib-gpg.sh | 29 ------- t/t7004-tag.sh | 29 ++++++- t/{lib-gpg => t7004}/pubring.gpg | Bin t/{lib-gpg => t7004}/random_seed | Bin t/{lib-gpg => t7004}/secring.gpg | Bin t/{lib-gpg => t7004}/trustdb.gpg | Bin t/t7510-signed-commit.sh | 71 ---------------- tag.c | 5 -- 24 files changed, 139 insertions(+), 522 deletions(-) delete mode 100644 gpg-interface.c delete mode 100644 gpg-interface.h delete mode 100644 t/lib-gpg.sh rename t/{lib-gpg => t7004}/pubring.gpg (100%) rename t/{lib-gpg => t7004}/random_seed (100%) rename t/{lib-gpg => t7004}/secring.gpg (100%) rename t/{lib-gpg => t7004}/trustdb.gpg (100%) delete mode 100755 t/t7510-signed-commit.sh diff --git a/Makefile b/Makefile index 2183223759..8d6d4515d2 100644 --- a/Makefile +++ b/Makefile @@ -530,7 +530,6 @@ LIB_H += exec_cmd.h LIB_H += fsck.h LIB_H += gettext.h LIB_H += git-compat-util.h -LIB_H += gpg-interface.h LIB_H += graph.h LIB_H += grep.h LIB_H += hash.h @@ -621,7 +620,6 @@ LIB_OBJS += entry.o LIB_OBJS += environment.o LIB_OBJS += exec_cmd.o LIB_OBJS += fsck.o -LIB_OBJS += gpg-interface.o LIB_OBJS += graph.o LIB_OBJS += grep.o LIB_OBJS += hash.o diff --git a/builtin/commit-tree.c b/builtin/commit-tree.c index a17811f958..d083795e26 100644 --- a/builtin/commit-tree.c +++ b/builtin/commit-tree.c @@ -8,9 +8,8 @@ #include "tree.h" #include "builtin.h" #include "utf8.h" -#include "gpg-interface.h" -static const char commit_tree_usage[] = "git commit-tree [-S] [(-p )...] < changelog"; +static const char commit_tree_usage[] = "git commit-tree [(-p )...] < changelog"; static void new_parent(struct commit *parent, struct commit_list **parents_p) { @@ -26,14 +25,6 @@ static void new_parent(struct commit *parent, struct commit_list **parents_p) commit_list_insert(parent, parents_p); } -static int commit_tree_config(const char *var, const char *value, void *cb) -{ - int status = git_gpg_config(var, value, NULL); - if (status) - return status; - return git_default_config(var, value, cb); -} - int cmd_commit_tree(int argc, const char **argv, const char *prefix) { int i; @@ -41,19 +32,11 @@ int cmd_commit_tree(int argc, const char **argv, const char *prefix) unsigned char tree_sha1[20]; unsigned char commit_sha1[20]; struct strbuf buffer = STRBUF_INIT; - const char *sign_commit = NULL; - git_config(commit_tree_config, NULL); + git_config(git_default_config, NULL); if (argc < 2 || !strcmp(argv[1], "-h")) usage(commit_tree_usage); - - if (!memcmp(argv[1], "-S", 2)) { - sign_commit = argv[1] + 2; - argv++; - argc--; - } - if (get_sha1(argv[1], tree_sha1)) die("Not a valid object name %s", argv[1]); @@ -73,8 +56,7 @@ int cmd_commit_tree(int argc, const char **argv, const char *prefix) if (strbuf_read(&buffer, 0, 0) < 0) die_errno("git commit-tree: failed to read"); - if (commit_tree(buffer.buf, tree_sha1, parents, commit_sha1, - NULL, sign_commit)) { + if (commit_tree(buffer.buf, tree_sha1, parents, commit_sha1, NULL)) { strbuf_release(&buffer); return 1; } diff --git a/builtin/commit.c b/builtin/commit.c index 90cf7e812b..cbc9613ec6 100644 --- a/builtin/commit.c +++ b/builtin/commit.c @@ -26,7 +26,6 @@ #include "unpack-trees.h" #include "quote.h" #include "submodule.h" -#include "gpg-interface.h" static const char * const builtin_commit_usage[] = { "git commit [options] [--] ...", @@ -86,8 +85,6 @@ static int all, edit_flag, also, interactive, patch_interactive, only, amend, si static int quiet, verbose, no_verify, allow_empty, dry_run, renew_authorship; static int no_post_rewrite, allow_empty_message; static char *untracked_files_arg, *force_date, *ignore_submodule_arg; -static char *sign_commit; - /* * The default commit message cleanup mode will remove the lines * beginning with # (shell comments) and leading and trailing @@ -147,8 +144,6 @@ static struct option builtin_commit_options[] = { OPT_BOOLEAN('e', "edit", &edit_flag, "force edit of commit"), OPT_STRING(0, "cleanup", &cleanup_arg, "default", "how to strip spaces and #comments from message"), OPT_BOOLEAN(0, "status", &include_status, "include status in commit message template"), - { OPTION_STRING, 'S', "gpg-sign", &sign_commit, "key id", - "GPG sign commit", PARSE_OPT_OPTARG, NULL, (intptr_t) "" }, /* end commit message options */ OPT_GROUP("Commit contents options"), @@ -1328,7 +1323,6 @@ static void print_summary(const char *prefix, const unsigned char *sha1, static int git_commit_config(const char *k, const char *v, void *cb) { struct wt_status *s = cb; - int status; if (!strcmp(k, "commit.template")) return git_config_pathname(&template_file, k, v); @@ -1336,9 +1330,7 @@ static int git_commit_config(const char *k, const char *v, void *cb) include_status = git_config_bool(k, v); return 0; } - status = git_gpg_config(k, v, NULL); - if (status) - return status; + return git_status_config(k, v, s); } @@ -1489,7 +1481,7 @@ int cmd_commit(int argc, const char **argv, const char *prefix) } if (commit_tree(sb.buf, active_cache_tree->sha1, parents, sha1, - author_ident.buf, sign_commit)) { + author_ident.buf)) { rollback_index_files(); die(_("failed to write commit object")); } diff --git a/builtin/merge.c b/builtin/merge.c index 53cff0266c..ab4077f272 100644 --- a/builtin/merge.c +++ b/builtin/merge.c @@ -26,7 +26,6 @@ #include "merge-recursive.h" #include "resolve-undo.h" #include "remote.h" -#include "gpg-interface.h" #define DEFAULT_TWOHEAD (1<<0) #define DEFAULT_OCTOPUS (1<<1) @@ -64,7 +63,6 @@ static int allow_rerere_auto; static int abort_current_merge; static int show_progress = -1; static int default_to_upstream; -static const char *sign_commit; static struct strategy all_strategy[] = { { "recursive", DEFAULT_TWOHEAD | NO_TRIVIAL }, @@ -208,8 +206,6 @@ static struct option builtin_merge_options[] = { OPT_BOOLEAN(0, "abort", &abort_current_merge, "abort the current in-progress merge"), OPT_SET_INT(0, "progress", &show_progress, "force progress reporting", 1), - { OPTION_STRING, 'S', "gpg-sign", &sign_commit, "key id", - "GPG sign commit", PARSE_OPT_OPTARG, NULL, (intptr_t) "" }, OPT_END() }; @@ -529,8 +525,6 @@ static void parse_branch_merge_options(char *bmo) static int git_merge_config(const char *k, const char *v, void *cb) { - int status; - if (branch && !prefixcmp(k, "branch.") && !prefixcmp(k + 7, branch) && !strcmp(k + 7 + strlen(branch), ".mergeoptions")) { @@ -568,10 +562,6 @@ static int git_merge_config(const char *k, const char *v, void *cb) default_to_upstream = git_config_bool(k, v); return 0; } - - status = git_gpg_config(k, v, NULL); - if (status) - return status; return git_diff_ui_config(k, v, cb); } @@ -880,8 +870,7 @@ static int merge_trivial(void) parent->next->item = remoteheads->item; parent->next->next = NULL; run_prepare_commit_msg(); - commit_tree(merge_msg.buf, result_tree, parent, result_commit, NULL, - sign_commit); + commit_tree(merge_msg.buf, result_tree, parent, result_commit, NULL); finish(result_commit, "In-index merge"); drop_save(); return 0; @@ -911,8 +900,7 @@ static int finish_automerge(struct commit_list *common, free_commit_list(remoteheads); strbuf_addch(&merge_msg, '\n'); run_prepare_commit_msg(); - commit_tree(merge_msg.buf, result_tree, parents, result_commit, - NULL, sign_commit); + commit_tree(merge_msg.buf, result_tree, parents, result_commit, NULL); strbuf_addf(&buf, "Merge made by the '%s' strategy.", wt_strategy); finish(result_commit, buf.buf); strbuf_release(&buf); diff --git a/builtin/tag.c b/builtin/tag.c index fb0d4a1648..667515e527 100644 --- a/builtin/tag.c +++ b/builtin/tag.c @@ -14,7 +14,6 @@ #include "parse-options.h" #include "diff.h" #include "revision.h" -#include "gpg-interface.h" static const char * const git_tag_usage[] = { "git tag [-a|-s|-u ] [-f] [-m |-F ] []", @@ -24,6 +23,8 @@ static const char * const git_tag_usage[] = { NULL }; +static char signingkey[1000]; + struct tag_filter { const char **patterns; int lines; @@ -207,7 +208,60 @@ static int verify_tag(const char *name, const char *ref, static int do_sign(struct strbuf *buffer) { - return sign_buffer(buffer, buffer, get_signing_key()); + struct child_process gpg; + const char *args[4]; + char *bracket; + int len; + int i, j; + + if (!*signingkey) { + if (strlcpy(signingkey, git_committer_info(IDENT_ERROR_ON_NO_NAME), + sizeof(signingkey)) > sizeof(signingkey) - 1) + return error(_("committer info too long.")); + bracket = strchr(signingkey, '>'); + if (bracket) + bracket[1] = '\0'; + } + + /* When the username signingkey is bad, program could be terminated + * because gpg exits without reading and then write gets SIGPIPE. */ + signal(SIGPIPE, SIG_IGN); + + memset(&gpg, 0, sizeof(gpg)); + gpg.argv = args; + gpg.in = -1; + gpg.out = -1; + args[0] = "gpg"; + args[1] = "-bsau"; + args[2] = signingkey; + args[3] = NULL; + + if (start_command(&gpg)) + return error(_("could not run gpg.")); + + if (write_in_full(gpg.in, buffer->buf, buffer->len) != buffer->len) { + close(gpg.in); + close(gpg.out); + finish_command(&gpg); + return error(_("gpg did not accept the tag data")); + } + close(gpg.in); + len = strbuf_read(buffer, gpg.out, 1024); + close(gpg.out); + + if (finish_command(&gpg) || !len || len < 0) + return error(_("gpg failed to sign the tag")); + + /* Strip CR from the line endings, in case we are on Windows. */ + for (i = j = 0; i < buffer->len; i++) + if (buffer->buf[i] != '\r') { + if (i != j) + buffer->buf[j] = buffer->buf[i]; + j++; + } + strbuf_setlen(buffer, j); + + return 0; } static const char tag_template[] = @@ -216,11 +270,21 @@ static const char tag_template[] = "# Write a tag message\n" "#\n"); +static void set_signingkey(const char *value) +{ + if (strlcpy(signingkey, value, sizeof(signingkey)) >= sizeof(signingkey)) + die(_("signing key value too long (%.10s...)"), value); +} + static int git_tag_config(const char *var, const char *value, void *cb) { - int status = git_gpg_config(var, value, cb); - if (status) - return status; + if (!strcmp(var, "user.signingkey")) { + if (!value) + return config_error_nonbool(var); + set_signingkey(value); + return 0; + } + return git_default_config(var, value, cb); } @@ -399,7 +463,7 @@ int cmd_tag(int argc, const char **argv, const char *prefix) if (keyid) { sign = 1; - set_signing_key(keyid); + set_signingkey(keyid); } if (sign) annotate = 1; diff --git a/builtin/verify-tag.c b/builtin/verify-tag.c index 28c2174338..3134766049 100644 --- a/builtin/verify-tag.c +++ b/builtin/verify-tag.c @@ -11,7 +11,6 @@ #include "run-command.h" #include #include "parse-options.h" -#include "gpg-interface.h" static const char * const verify_tag_usage[] = { "git verify-tag [-v|--verbose] ...", @@ -20,16 +19,42 @@ static const char * const verify_tag_usage[] = { static int run_gpg_verify(const char *buf, unsigned long size, int verbose) { - int len; + struct child_process gpg; + const char *args_gpg[] = {"gpg", "--verify", "FILE", "-", NULL}; + char path[PATH_MAX]; + size_t len; + int fd, ret; + fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX"); + if (fd < 0) + return error("could not create temporary file '%s': %s", + path, strerror(errno)); + if (write_in_full(fd, buf, size) < 0) + return error("failed writing temporary file '%s': %s", + path, strerror(errno)); + close(fd); + + /* find the length without signature */ len = parse_signature(buf, size); if (verbose) write_in_full(1, buf, len); - if (size == len) - return error("no signature found"); + memset(&gpg, 0, sizeof(gpg)); + gpg.argv = args_gpg; + gpg.in = -1; + args_gpg[2] = path; + if (start_command(&gpg)) { + unlink(path); + return error("could not run gpg."); + } - return verify_signed_buffer(buf, len, buf + len, size - len, NULL); + write_in_full(gpg.in, buf, len); + close(gpg.in); + ret = finish_command(&gpg); + + unlink_or_warn(path); + + return ret; } static int verify_tag(const char *name, int verbose) diff --git a/commit.c b/commit.c index 09693f78d9..97b43279cd 100644 --- a/commit.c +++ b/commit.c @@ -6,7 +6,6 @@ #include "diff.h" #include "revision.h" #include "notes.h" -#include "gpg-interface.h" int save_commit_buffer = 1; @@ -815,77 +814,6 @@ struct commit_list *reduce_heads(struct commit_list *heads) return result; } -static const char gpg_sig_header[] = "gpgsig "; -static const int gpg_sig_header_len = sizeof(gpg_sig_header) - 1; - -static int do_sign_commit(struct strbuf *buf, const char *keyid) -{ - struct strbuf sig = STRBUF_INIT; - int inspos, copypos; - - /* find the end of the header */ - inspos = strstr(buf->buf, "\n\n") - buf->buf + 1; - - if (!keyid || !*keyid) - keyid = get_signing_key(); - if (sign_buffer(buf, &sig, keyid)) { - strbuf_release(&sig); - return -1; - } - - for (copypos = 0; sig.buf[copypos]; ) { - const char *bol = sig.buf + copypos; - const char *eol = strchrnul(bol, '\n'); - int len = (eol - bol) + !!*eol; - - strbuf_insert(buf, inspos, gpg_sig_header, gpg_sig_header_len); - inspos += gpg_sig_header_len; - strbuf_insert(buf, inspos, bol, len); - inspos += len; - copypos += len; - } - strbuf_release(&sig); - return 0; -} - -int parse_signed_commit(const unsigned char *sha1, - struct strbuf *payload, struct strbuf *signature) -{ - unsigned long size; - enum object_type type; - char *buffer = read_sha1_file(sha1, &type, &size); - int saw_signature = -1; - char *line, *tail; - - if (!buffer || type != OBJ_COMMIT) - goto cleanup; - - line = buffer; - tail = buffer + size; - saw_signature = 0; - while (line < tail) { - char *next = memchr(line, '\n', tail - line); - if (!next) - next = tail; - else - next++; - if (!prefixcmp(line, gpg_sig_header)) { - const char *sig = line + gpg_sig_header_len; - strbuf_add(signature, sig, next - sig); - saw_signature = 1; - } else { - if (*line == '\n') - /* dump the whole remainder of the buffer */ - next = tail; - strbuf_add(payload, line, next - line); - } - line = next; - } - cleanup: - free(buffer); - return saw_signature; -} - static const char commit_utf8_warn[] = "Warning: commit message does not conform to UTF-8.\n" "You may want to amend it after fixing the message, or set the config\n" @@ -893,7 +821,7 @@ static const char commit_utf8_warn[] = int commit_tree(const char *msg, unsigned char *tree, struct commit_list *parents, unsigned char *ret, - const char *author, const char *sign_commit) + const char *author) { int result; int encoding_is_utf8; @@ -936,9 +864,6 @@ int commit_tree(const char *msg, unsigned char *tree, if (encoding_is_utf8 && !is_utf8(buffer.buf)) fprintf(stderr, commit_utf8_warn); - if (sign_commit && do_sign_commit(&buffer, sign_commit)) - return -1; - result = write_sha1_file(buffer.buf, buffer.len, commit_type, ret); strbuf_release(&buffer); return result; diff --git a/commit.h b/commit.h index 1885471b8b..12d100b8b6 100644 --- a/commit.h +++ b/commit.h @@ -175,9 +175,6 @@ struct commit_list *reduce_heads(struct commit_list *heads); extern int commit_tree(const char *msg, unsigned char *tree, struct commit_list *parents, unsigned char *ret, - const char *author, const char *sign_commit); - -extern int parse_signed_commit(const unsigned char *sha1, - struct strbuf *message, struct strbuf *signature); + const char *author); #endif /* COMMIT_H */ diff --git a/gpg-interface.c b/gpg-interface.c deleted file mode 100644 index ff232c8c5d..0000000000 --- a/gpg-interface.c +++ /dev/null @@ -1,138 +0,0 @@ -#include "cache.h" -#include "run-command.h" -#include "strbuf.h" -#include "gpg-interface.h" -#include "sigchain.h" - -static char *configured_signing_key; - -void set_signing_key(const char *key) -{ - free(configured_signing_key); - configured_signing_key = xstrdup(key); -} - -int git_gpg_config(const char *var, const char *value, void *cb) -{ - if (!strcmp(var, "user.signingkey")) { - if (!value) - return config_error_nonbool(var); - set_signing_key(value); - } - return 0; -} - -const char *get_signing_key(void) -{ - if (configured_signing_key) - return configured_signing_key; - return git_committer_info(IDENT_ERROR_ON_NO_NAME|IDENT_NO_DATE); -} - -/* - * Create a detached signature for the contents of "buffer" and append - * it after "signature"; "buffer" and "signature" can be the same - * strbuf instance, which would cause the detached signature appended - * at the end. - */ -int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key) -{ - struct child_process gpg; - const char *args[4]; - ssize_t len; - size_t i, j, bottom; - - memset(&gpg, 0, sizeof(gpg)); - gpg.argv = args; - gpg.in = -1; - gpg.out = -1; - args[0] = "gpg"; - args[1] = "-bsau"; - args[2] = signing_key; - args[3] = NULL; - - if (start_command(&gpg)) - return error(_("could not run gpg.")); - - /* - * When the username signingkey is bad, program could be terminated - * because gpg exits without reading and then write gets SIGPIPE. - */ - sigchain_push(SIGPIPE, SIG_IGN); - - if (write_in_full(gpg.in, buffer->buf, buffer->len) != buffer->len) { - close(gpg.in); - close(gpg.out); - finish_command(&gpg); - return error(_("gpg did not accept the data")); - } - close(gpg.in); - - bottom = signature->len; - len = strbuf_read(signature, gpg.out, 1024); - close(gpg.out); - - sigchain_pop(SIGPIPE); - - if (finish_command(&gpg) || !len || len < 0) - return error(_("gpg failed to sign the data")); - - /* Strip CR from the line endings, in case we are on Windows. */ - for (i = j = bottom; i < signature->len; i++) - if (signature->buf[i] != '\r') { - if (i != j) - signature->buf[j] = signature->buf[i]; - j++; - } - strbuf_setlen(signature, j); - - return 0; -} - -/* - * Run "gpg" to see if the payload matches the detached signature. - * gpg_output_to tells where the output from "gpg" should go: - * < 0: /dev/null - * = 0: standard error of the calling process - * > 0: the specified file descriptor - */ -int verify_signed_buffer(const char *payload, size_t payload_size, - const char *signature, size_t signature_size, - struct strbuf *gpg_output) -{ - struct child_process gpg; - const char *args_gpg[] = {"gpg", "--verify", "FILE", "-", NULL}; - char path[PATH_MAX]; - int fd, ret; - - fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX"); - if (fd < 0) - return error("could not create temporary file '%s': %s", - path, strerror(errno)); - if (write_in_full(fd, signature, signature_size) < 0) - return error("failed writing detached signature to '%s': %s", - path, strerror(errno)); - close(fd); - - memset(&gpg, 0, sizeof(gpg)); - gpg.argv = args_gpg; - gpg.in = -1; - if (gpg_output) - gpg.err = -1; - args_gpg[2] = path; - if (start_command(&gpg)) { - unlink(path); - return error("could not run gpg."); - } - - write_in_full(gpg.in, payload, payload_size); - close(gpg.in); - - if (gpg_output) - strbuf_read(gpg_output, gpg.err, 0); - ret = finish_command(&gpg); - - unlink_or_warn(path); - - return ret; -} diff --git a/gpg-interface.h b/gpg-interface.h deleted file mode 100644 index b9c36088ce..0000000000 --- a/gpg-interface.h +++ /dev/null @@ -1,10 +0,0 @@ -#ifndef GPG_INTERFACE_H -#define GPG_INTERFACE_H - -extern int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key); -extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output); -extern int git_gpg_config(const char *, const char *, void *); -extern void set_signing_key(const char *); -extern const char *get_signing_key(void); - -#endif diff --git a/log-tree.c b/log-tree.c index f7b6976d9f..24c295ea1d 100644 --- a/log-tree.c +++ b/log-tree.c @@ -8,7 +8,6 @@ #include "refs.h" #include "string-list.h" #include "color.h" -#include "gpg-interface.h" struct decoration name_decoration = { "object names" }; @@ -396,41 +395,6 @@ void log_write_email_headers(struct rev_info *opt, struct commit *commit, *extra_headers_p = extra_headers; } -static void show_signature(struct rev_info *opt, struct commit *commit) -{ - struct strbuf payload = STRBUF_INIT; - struct strbuf signature = STRBUF_INIT; - struct strbuf gpg_output = STRBUF_INIT; - int status; - const char *color, *reset, *bol, *eol; - - if (parse_signed_commit(commit->object.sha1, &payload, &signature) <= 0) - goto out; - - status = verify_signed_buffer(payload.buf, payload.len, - signature.buf, signature.len, - &gpg_output); - if (status && !gpg_output.len) - strbuf_addstr(&gpg_output, "No signature\n"); - - color = diff_get_color_opt(&opt->diffopt, - status ? DIFF_WHITESPACE : DIFF_FRAGINFO); - reset = diff_get_color_opt(&opt->diffopt, DIFF_RESET); - - bol = gpg_output.buf; - while (*bol) { - eol = strchrnul(bol, '\n'); - printf("%s%.*s%s%s", color, (int)(eol - bol), bol, reset, - *eol ? "\n" : ""); - bol = (*eol) ? (eol + 1) : eol; - } - - out: - strbuf_release(&gpg_output); - strbuf_release(&payload); - strbuf_release(&signature); -} - void show_log(struct rev_info *opt) { struct strbuf msgbuf = STRBUF_INIT; @@ -538,9 +502,6 @@ void show_log(struct rev_info *opt) } } - if (opt->show_signature) - show_signature(opt, commit); - if (!commit->buffer) return; diff --git a/notes-cache.c b/notes-cache.c index c36a960bc3..4c8984ede1 100644 --- a/notes-cache.c +++ b/notes-cache.c @@ -56,7 +56,7 @@ int notes_cache_write(struct notes_cache *c) if (write_notes_tree(&c->tree, tree_sha1)) return -1; - if (commit_tree(c->validity, tree_sha1, NULL, commit_sha1, NULL, NULL) < 0) + if (commit_tree(c->validity, tree_sha1, NULL, commit_sha1, NULL) < 0) return -1; if (update_ref("update notes cache", c->tree.ref, commit_sha1, NULL, 0, QUIET_ON_ERR) < 0) diff --git a/notes-merge.c b/notes-merge.c index c29c434156..e1aaf43b43 100644 --- a/notes-merge.c +++ b/notes-merge.c @@ -546,7 +546,7 @@ void create_notes_commit(struct notes_tree *t, struct commit_list *parents, /* else: t->ref points to nothing, assume root/orphan commit */ } - if (commit_tree(msg, tree_sha1, parents, result_sha1, NULL, NULL)) + if (commit_tree(msg, tree_sha1, parents, result_sha1, NULL)) die("Failed to commit notes tree to database"); } diff --git a/pretty.c b/pretty.c index 392d656595..f45eb54e4c 100644 --- a/pretty.c +++ b/pretty.c @@ -9,7 +9,6 @@ #include "notes.h" #include "color.h" #include "reflog-walk.h" -#include "gpg-interface.h" static char *user_format; static struct cmt_fmt_map { @@ -641,12 +640,6 @@ struct format_commit_context { const struct pretty_print_context *pretty_ctx; unsigned commit_header_parsed:1; unsigned commit_message_parsed:1; - unsigned commit_signature_parsed:1; - struct { - char *gpg_output; - char good_bad; - char *signer; - } signature; char *message; size_t width, indent1, indent2; @@ -829,59 +822,6 @@ static void rewrap_message_tail(struct strbuf *sb, c->indent2 = new_indent2; } -static struct { - char result; - const char *check; -} signature_check[] = { - { 'G', ": Good signature from " }, - { 'B', ": BAD signature from " }, -}; - -static void parse_signature_lines(struct format_commit_context *ctx) -{ - const char *buf = ctx->signature.gpg_output; - int i; - - for (i = 0; i < ARRAY_SIZE(signature_check); i++) { - const char *found = strstr(buf, signature_check[i].check); - const char *next; - if (!found) - continue; - ctx->signature.good_bad = signature_check[i].result; - found += strlen(signature_check[i].check); - next = strchrnul(found, '\n'); - ctx->signature.signer = xmemdupz(found, next - found); - break; - } -} - -static void parse_commit_signature(struct format_commit_context *ctx) -{ - struct strbuf payload = STRBUF_INIT; - struct strbuf signature = STRBUF_INIT; - struct strbuf gpg_output = STRBUF_INIT; - int status; - - ctx->commit_signature_parsed = 1; - - if (parse_signed_commit(ctx->commit->object.sha1, - &payload, &signature) <= 0) - goto out; - status = verify_signed_buffer(payload.buf, payload.len, - signature.buf, signature.len, - &gpg_output); - if (status && !gpg_output.len) - goto out; - ctx->signature.gpg_output = strbuf_detach(&gpg_output, NULL); - parse_signature_lines(ctx); - - out: - strbuf_release(&gpg_output); - strbuf_release(&payload); - strbuf_release(&signature); -} - - static size_t format_commit_one(struct strbuf *sb, const char *placeholder, void *context) { @@ -1034,30 +974,6 @@ static size_t format_commit_one(struct strbuf *sb, const char *placeholder, return 0; } - if (placeholder[0] == 'G') { - if (!c->commit_signature_parsed) - parse_commit_signature(c); - switch (placeholder[1]) { - case 'G': - if (c->signature.gpg_output) - strbuf_addstr(sb, c->signature.gpg_output); - break; - case '?': - switch (c->signature.good_bad) { - case 'G': - case 'B': - strbuf_addch(sb, c->signature.good_bad); - } - break; - case 'S': - if (c->signature.signer) - strbuf_addstr(sb, c->signature.signer); - break; - } - return 2; - } - - /* For the rest we have to parse the commit header. */ if (!c->commit_header_parsed) parse_commit_header(c); @@ -1198,8 +1114,6 @@ void format_commit_message(const struct commit *commit, if (context.message != commit->buffer) free(context.message); - free(context.signature.gpg_output); - free(context.signature.signer); } static void pp_header(const struct pretty_print_context *pp, diff --git a/revision.c b/revision.c index 860a3128a3..c46cfaa3e4 100644 --- a/revision.c +++ b/revision.c @@ -1381,8 +1381,6 @@ static int handle_revision_opt(struct rev_info *revs, int argc, const char **arg revs->show_notes = 1; revs->show_notes_given = 1; revs->notes_opt.use_default_notes = 1; - } else if (!strcmp(arg, "--show-signature")) { - revs->show_signature = 1; } else if (!prefixcmp(arg, "--show-notes=") || !prefixcmp(arg, "--notes=")) { struct strbuf buf = STRBUF_INIT; diff --git a/revision.h b/revision.h index 198bb95894..3d64adad18 100644 --- a/revision.h +++ b/revision.h @@ -89,7 +89,6 @@ struct rev_info { show_merge:1, show_notes:1, show_notes_given:1, - show_signature:1, pretty_given:1, abbrev_commit:1, abbrev_commit_given:1, diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh deleted file mode 100644 index eb09027175..0000000000 --- a/t/lib-gpg.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/sh - -# Check if gpg is available -gpg --version >/dev/null 2>/dev/null -if [ $? -eq 127 ]; then - say "# gpg not found - skipping tag signing and verification tests" -else - # As said here: http://www.gnupg.org/documentation/faqs.html#q6.19 - # the gpg version 1.0.6 didn't parse trust packets correctly, so for - # that version, creation of signed tags using the generated key fails. - case "$(gpg --version)" in - 'gpg (GnuPG) 1.0.6'*) - say "Skipping signed tag tests, because a bug in 1.0.6 version" - ;; - *) - test_set_prereq GPG - ;; - esac -fi - -# key generation info: gpg --homedir t/t7004 --gen-key -# Type DSA and Elgamal, size 2048 bits, no expiration date. -# Name and email: C O Mitter -# No password given, to enable non-interactive operation. - -cp -R "$TEST_DIRECTORY"/lib-gpg ./gpghome -chmod 0700 gpghome -GNUPGHOME="$(pwd)/gpghome" -export GNUPGHOME diff --git a/t/t7004-tag.sh b/t/t7004-tag.sh index ded5c86c30..097ce2bc83 100755 --- a/t/t7004-tag.sh +++ b/t/t7004-tag.sh @@ -8,7 +8,6 @@ test_description='git tag Tests for operations with tags.' . ./test-lib.sh -. "$TEST_DIRECTORY/lib-gpg.sh" # creating and listing lightweight tags: @@ -586,6 +585,24 @@ test_expect_success \ test_cmp expect actual ' +# subsequent tests require gpg; check if it is available +gpg --version >/dev/null 2>/dev/null +if [ $? -eq 127 ]; then + say "# gpg not found - skipping tag signing and verification tests" +else + # As said here: http://www.gnupg.org/documentation/faqs.html#q6.19 + # the gpg version 1.0.6 didn't parse trust packets correctly, so for + # that version, creation of signed tags using the generated key fails. + case "$(gpg --version)" in + 'gpg (GnuPG) 1.0.6'*) + say "Skipping signed tag tests, because a bug in 1.0.6 version" + ;; + *) + test_set_prereq GPG + ;; + esac +fi + # trying to verify annotated non-signed tags: test_expect_success GPG \ @@ -608,6 +625,16 @@ test_expect_success GPG \ # creating and verifying signed tags: +# key generation info: gpg --homedir t/t7004 --gen-key +# Type DSA and Elgamal, size 2048 bits, no expiration date. +# Name and email: C O Mitter +# No password given, to enable non-interactive operation. + +cp -R "$TEST_DIRECTORY"/t7004 ./gpghome +chmod 0700 gpghome +GNUPGHOME="$(pwd)/gpghome" +export GNUPGHOME + get_tag_header signed-tag $commit commit $time >expect echo 'A signed tag message' >>expect echo '-----BEGIN PGP SIGNATURE-----' >>expect diff --git a/t/lib-gpg/pubring.gpg b/t/t7004/pubring.gpg similarity index 100% rename from t/lib-gpg/pubring.gpg rename to t/t7004/pubring.gpg diff --git a/t/lib-gpg/random_seed b/t/t7004/random_seed similarity index 100% rename from t/lib-gpg/random_seed rename to t/t7004/random_seed diff --git a/t/lib-gpg/secring.gpg b/t/t7004/secring.gpg similarity index 100% rename from t/lib-gpg/secring.gpg rename to t/t7004/secring.gpg diff --git a/t/lib-gpg/trustdb.gpg b/t/t7004/trustdb.gpg similarity index 100% rename from t/lib-gpg/trustdb.gpg rename to t/t7004/trustdb.gpg diff --git a/t/t7510-signed-commit.sh b/t/t7510-signed-commit.sh deleted file mode 100755 index 30401ced07..0000000000 --- a/t/t7510-signed-commit.sh +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/sh - -test_description='signed commit tests' -. ./test-lib.sh -. "$TEST_DIRECTORY/lib-gpg.sh" - -test_expect_success GPG 'create signed commits' ' - echo 1 >file && git add file && - test_tick && git commit -S -m initial && - git tag initial && - git branch side && - - echo 2 >file && test_tick && git commit -a -S -m second && - git tag second && - - git checkout side && - echo 3 >elif && git add elif && - test_tick && git commit -m "third on side" && - - git checkout master && - test_tick && git merge -S side && - git tag merge && - - echo 4 >file && test_tick && git commit -a -m "fourth unsigned" && - git tag fourth-unsigned && - - test_tick && git commit --amend -S -m "fourth signed" -' - -test_expect_success GPG 'show signatures' ' - ( - for commit in initial second merge master - do - git show --pretty=short --show-signature $commit >actual && - grep "Good signature from" actual || exit 1 - ! grep "BAD signature from" actual || exit 1 - echo $commit OK - done - ) && - ( - for commit in merge^2 fourth-unsigned - do - git show --pretty=short --show-signature $commit >actual && - grep "Good signature from" actual && exit 1 - ! grep "BAD signature from" actual || exit 1 - echo $commit OK - done - ) -' - -test_expect_success GPG 'detect fudged signature' ' - git cat-file commit master >raw && - - sed -e "s/fourth signed/4th forged/" raw >forged1 && - git hash-object -w -t commit forged1 >forged1.commit && - git show --pretty=short --show-signature $(cat forged1.commit) >actual1 && - grep "BAD signature from" actual1 && - ! grep "Good signature from" actual1 -' - -test_expect_success GPG 'detect fudged signature with NUL' ' - git cat-file commit master >raw && - cat raw >forged2 && - echo Qwik | tr "Q" "\000" >>forged2 && - git hash-object -w -t commit forged2 >forged2.commit && - git show --pretty=short --show-signature $(cat forged2.commit) >actual2 && - grep "BAD signature from" actual2 && - ! grep "Good signature from" actual2 -' - -test_done diff --git a/tag.c b/tag.c index 3aa186df62..7d38cc0f4d 100644 --- a/tag.c +++ b/tag.c @@ -139,11 +139,6 @@ int parse_tag(struct tag *item) return ret; } -/* - * Look at a signed tag object, and return the offset where - * the embedded detached signature begins, or the end of the - * data when there is no such signature. - */ size_t parse_signature(const char *buf, unsigned long size) { char *eol;