int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key)
{
struct child_process gpg = CHILD_PROCESS_INIT;
- ssize_t len;
+ int ret;
size_t i, j, bottom;
+ struct strbuf gpg_status = STRBUF_INIT;
- gpg.in = -1;
- gpg.out = -1;
argv_array_pushl(&gpg.args,
gpg_program,
+ "--status-fd=2",
"-bsau", signing_key,
NULL);
- if (start_command(&gpg))
- return error(_("could not run gpg."));
+ bottom = signature->len;
/*
* When the username signingkey is bad, program could be terminated
* because gpg exits without reading and then write gets SIGPIPE.
*/
sigchain_push(SIGPIPE, SIG_IGN);
-
- if (write_in_full(gpg.in, buffer->buf, buffer->len) != buffer->len) {
- close(gpg.in);
- close(gpg.out);
- finish_command(&gpg);
- return error(_("gpg did not accept the data"));
- }
- close(gpg.in);
-
- bottom = signature->len;
- len = strbuf_read(signature, gpg.out, 1024);
- close(gpg.out);
-
+ ret = pipe_command(&gpg, buffer->buf, buffer->len,
+ signature, 1024, &gpg_status, 0);
sigchain_pop(SIGPIPE);
- if (finish_command(&gpg) || !len || len < 0)
+ ret |= !strstr(gpg_status.buf, "\n[GNUPG:] SIG_CREATED ");
+ strbuf_release(&gpg_status);
+ if (ret)
return error(_("gpg failed to sign the data"));
/* Strip CR from the line endings, in case we are on Windows. */
"--status-fd=1",
"--verify", temp.filename.buf, "-",
NULL);
- gpg.in = -1;
- gpg.out = -1;
- if (gpg_output)
- gpg.err = -1;
- if (start_command(&gpg)) {
- delete_tempfile(&temp);
- return error(_("could not run gpg."));
- }
- sigchain_push(SIGPIPE, SIG_IGN);
- write_in_full(gpg.in, payload, payload_size);
- close(gpg.in);
-
- if (gpg_output) {
- strbuf_read(gpg_output, gpg.err, 0);
- close(gpg.err);
- }
if (!gpg_status)
gpg_status = &buf;
- strbuf_read(gpg_status, gpg.out, 0);
- close(gpg.out);
- ret = finish_command(&gpg);
+ sigchain_push(SIGPIPE, SIG_IGN);
+ ret = pipe_command(&gpg, payload, payload_size,
+ gpg_status, 0, gpg_output, 0);
sigchain_pop(SIGPIPE);
delete_tempfile(&temp);