merge/pull: verify GPG signatures of commits being merged

diff --git a/commit.c b/commit.c
index 66a3f4e8f42069f23f25b04b10a6a6d46f6780c2..94029c949653693a78fd2ecfb15d98cbebd517c9 100644 (file)
--- a/commit.c
+++ b/commit.c
@@ -1054,13 +1054,20 @@ static void parse_gpg_output(struct signature_check *sigc)
        const char *buf = sigc->gpg_status;
        int i;
 
+       /* Iterate over all search strings */
        for (i = 0; i < ARRAY_SIZE(sigcheck_gpg_status); i++) {
-               const char *found = strstr(buf, sigcheck_gpg_status[i].check);
-               const char *next;
-               if (!found)
-                       continue;
+               const char *found, *next;
+
+               if (!prefixcmp(buf, sigcheck_gpg_status[i].check + 1)) {
+                       /* At the very beginning of the buffer */
+                       found = buf + strlen(sigcheck_gpg_status[i].check + 1);
+               } else {
+                       found = strstr(buf, sigcheck_gpg_status[i].check);
+                       if (!found)
+                               continue;
+                       found += strlen(sigcheck_gpg_status[i].check);
+               }
                sigc->result = sigcheck_gpg_status[i].result;
-               found += strlen(sigcheck_gpg_status[i].check);
                sigc->key = xmemdupz(found, 16);
                found += 17;
                next = strchrnul(found, '\n');