From: Junio C Hamano <gitster@pobox.com>
To: git@vger.kernel.org
Subject: [PATCH v3 13/21] gpg-interface: move parse_gpg_output() to where it should be
Date: Thu, 4 Sep 2014 13:04:49 -0700 [thread overview]
Message-ID: <1409861097-19151-14-git-send-email-gitster@pobox.com> (raw)
In-Reply-To: <1409861097-19151-1-git-send-email-gitster@pobox.com>
Earlier, ffb6d7d5 (Move commit GPG signature verification to
commit.c, 2013-03-31) moved this helper that used to be in pretty.c
(i.e. the output code path) to commit.c for better reusability.
It was a good first step in the right direction, but still suffers a
myopic view that commits will be the only thing we would ever want
to sign---we would actually want to be able to reuse it even wider.
The function interprets what GPG said; gpg-interface is obviously a
better place. Move it there.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
commit.c | 36 ------------------------------------
gpg-interface.c | 36 ++++++++++++++++++++++++++++++++++++
gpg-interface.h | 17 ++++++++++++-----
3 files changed, 48 insertions(+), 41 deletions(-)
diff --git a/commit.c b/commit.c
index ae7f2b1..01cdad2 100644
--- a/commit.c
+++ b/commit.c
@@ -1220,42 +1220,6 @@ free_return:
free(buf);
}
-static struct {
- char result;
- const char *check;
-} sigcheck_gpg_status[] = {
- { 'G', "\n[GNUPG:] GOODSIG " },
- { 'B', "\n[GNUPG:] BADSIG " },
- { 'U', "\n[GNUPG:] TRUST_NEVER" },
- { 'U', "\n[GNUPG:] TRUST_UNDEFINED" },
-};
-
-static void parse_gpg_output(struct signature_check *sigc)
-{
- const char *buf = sigc->gpg_status;
- int i;
-
- /* Iterate over all search strings */
- for (i = 0; i < ARRAY_SIZE(sigcheck_gpg_status); i++) {
- const char *found, *next;
-
- if (!skip_prefix(buf, sigcheck_gpg_status[i].check + 1, &found)) {
- found = strstr(buf, sigcheck_gpg_status[i].check);
- if (!found)
- continue;
- found += strlen(sigcheck_gpg_status[i].check);
- }
- sigc->result = sigcheck_gpg_status[i].result;
- /* The trust messages are not followed by key/signer information */
- if (sigc->result != 'U') {
- sigc->key = xmemdupz(found, 16);
- found += 17;
- next = strchrnul(found, '\n');
- sigc->signer = xmemdupz(found, next - found);
- }
- }
-}
-
void check_commit_signature(const struct commit* commit, struct signature_check *sigc)
{
struct strbuf payload = STRBUF_INIT;
diff --git a/gpg-interface.c b/gpg-interface.c
index ff07012..3c9624c 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -21,6 +21,42 @@ void signature_check_clear(struct signature_check *sigc)
sigc->key = NULL;
}
+static struct {
+ char result;
+ const char *check;
+} sigcheck_gpg_status[] = {
+ { 'G', "\n[GNUPG:] GOODSIG " },
+ { 'B', "\n[GNUPG:] BADSIG " },
+ { 'U', "\n[GNUPG:] TRUST_NEVER" },
+ { 'U', "\n[GNUPG:] TRUST_UNDEFINED" },
+};
+
+void parse_gpg_output(struct signature_check *sigc)
+{
+ const char *buf = sigc->gpg_status;
+ int i;
+
+ /* Iterate over all search strings */
+ for (i = 0; i < ARRAY_SIZE(sigcheck_gpg_status); i++) {
+ const char *found, *next;
+
+ if (!skip_prefix(buf, sigcheck_gpg_status[i].check + 1, &found)) {
+ found = strstr(buf, sigcheck_gpg_status[i].check);
+ if (!found)
+ continue;
+ found += strlen(sigcheck_gpg_status[i].check);
+ }
+ sigc->result = sigcheck_gpg_status[i].result;
+ /* The trust messages are not followed by key/signer information */
+ if (sigc->result != 'U') {
+ sigc->key = xmemdupz(found, 16);
+ found += 17;
+ next = strchrnul(found, '\n');
+ sigc->signer = xmemdupz(found, next - found);
+ }
+ }
+}
+
void set_signing_key(const char *key)
{
free(configured_signing_key);
diff --git a/gpg-interface.h b/gpg-interface.h
index 37c23da..8d677cc 100644
--- a/gpg-interface.h
+++ b/gpg-interface.h
@@ -5,16 +5,23 @@ struct signature_check {
char *payload;
char *gpg_output;
char *gpg_status;
- char result; /* 0 (not checked),
- * N (checked but no further result),
- * U (untrusted good),
- * G (good)
- * B (bad) */
+
+ /*
+ * possible "result":
+ * 0 (not checked)
+ * N (checked but no further result)
+ * U (untrusted good)
+ * G (good)
+ * B (bad)
+ */
+ char result;
char *signer;
char *key;
};
extern void signature_check_clear(struct signature_check *sigc);
+extern void parse_gpg_output(struct signature_check *);
+
extern int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key);
extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output, struct strbuf *gpg_status);
extern int git_gpg_config(const char *, const char *, void *);
--
2.1.0-399-g1364b4d
next prev parent reply other threads:[~2014-09-04 20:06 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-04 20:04 [PATCH v3 00/21] Signed push Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 01/21] receive-pack: do not overallocate command structure Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 02/21] receive-pack: parse feature request a bit earlier Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 03/21] receive-pack: do not reuse old_sha1[] for other things Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 04/21] receive-pack: factor out queueing of command Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 05/21] send-pack: move REF_STATUS_REJECT_NODELETE logic a bit higher Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 06/21] send-pack: refactor decision to send update per ref Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 07/21] send-pack: always send capabilities Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 08/21] send-pack: factor out capability string generation Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 09/21] receive-pack: " Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 10/21] send-pack: rename "new_refs" to "need_pack_data" Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 11/21] send-pack: refactor inspecting and resetting status and sending commands Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 12/21] send-pack: clarify that cmds_sent is a boolean Junio C Hamano
2014-09-04 20:04 ` Junio C Hamano [this message]
2014-09-04 20:04 ` [PATCH v3 14/21] gpg-interface: move parse_signature() to where it should be Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 15/21] pack-protocol doc: typofix for PKT-LINE Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 16/21] push: the beginning of "git push --signed" Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 17/21] receive-pack: GPG-validate push certificates Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 18/21] send-pack: send feature request on push-cert packet Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 19/21] signed push: remove duplicated protocol info Junio C Hamano
2014-09-04 20:04 ` [PATCH v3 20/21] signed push: add "pushee" header to push certificate Junio C Hamano
2014-09-04 21:13 ` Shawn Pearce
2014-09-04 20:04 ` [PATCH v3 21/21] signed push: fortify against replay attacks Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1409861097-19151-14-git-send-email-gitster@pobox.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).