sha1dc: update from upstream
[gitweb.git] / gpg-interface.c
index 74f08a2a0e3b196f907aa13928bcd1f1275c6e21..e44cc27da15f03629989ee0083664d0af09c55b3 100644 (file)
@@ -33,6 +33,10 @@ static struct {
        { 'B', "\n[GNUPG:] BADSIG " },
        { 'U', "\n[GNUPG:] TRUST_NEVER" },
        { 'U', "\n[GNUPG:] TRUST_UNDEFINED" },
+       { 'E', "\n[GNUPG:] ERRSIG "},
+       { 'X', "\n[GNUPG:] EXPSIG "},
+       { 'Y', "\n[GNUPG:] EXPKEYSIG "},
+       { 'R', "\n[GNUPG:] REVKEYSIG "},
 };
 
 void parse_gpg_output(struct signature_check *sigc)
@@ -54,9 +58,12 @@ void parse_gpg_output(struct signature_check *sigc)
                /* The trust messages are not followed by key/signer information */
                if (sigc->result != 'U') {
                        sigc->key = xmemdupz(found, 16);
-                       found += 17;
-                       next = strchrnul(found, '\n');
-                       sigc->signer = xmemdupz(found, next - found);
+                       /* The ERRSIG message is not followed by signer information */
+                       if (sigc-> result != 'E') {
+                               found += 17;
+                               next = strchrnul(found, '\n');
+                               sigc->signer = xmemdupz(found, next - found);
+                       }
                }
        }
 }
@@ -153,9 +160,11 @@ int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *sig
        struct child_process gpg = CHILD_PROCESS_INIT;
        int ret;
        size_t i, j, bottom;
+       struct strbuf gpg_status = STRBUF_INIT;
 
        argv_array_pushl(&gpg.args,
                         gpg_program,
+                        "--status-fd=2",
                         "-bsau", signing_key,
                         NULL);
 
@@ -167,10 +176,12 @@ int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *sig
         */
        sigchain_push(SIGPIPE, SIG_IGN);
        ret = pipe_command(&gpg, buffer->buf, buffer->len,
-                          signature, 1024, NULL, 0);
+                          signature, 1024, &gpg_status, 0);
        sigchain_pop(SIGPIPE);
 
-       if (ret || signature->len == bottom)
+       ret |= !strstr(gpg_status.buf, "\n[GNUPG:] SIG_CREATED ");
+       strbuf_release(&gpg_status);
+       if (ret)
                return error(_("gpg failed to sign the data"));
 
        /* Strip CR from the line endings, in case we are on Windows. */
@@ -213,6 +224,7 @@ int verify_signed_buffer(const char *payload, size_t payload_size,
        argv_array_pushl(&gpg.args,
                         gpg_program,
                         "--status-fd=1",
+                        "--keyid-format=long",
                         "--verify", temp.filename.buf, "-",
                         NULL);