gpg_interface: allow to request status return

Currently, verify_signed_buffer() returns the user facing output only.

Allow callers to request the status output also.

Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/builtin/fmt-merge-msg.c b/builtin/fmt-merge-msg.c
index d9af43c257150c957bf3bc3c3b7a7e43e370174c..69bf15a98105588f83dc5a755231ec311bac6b12 100644 (file)
--- a/builtin/fmt-merge-msg.c
+++ b/builtin/fmt-merge-msg.c
@@ -492,7 +492,7 @@ static void fmt_merge_msg_sigs(struct strbuf *out)
 
                if (size == len)
                        ; /* merely annotated */
-               else if (verify_signed_buffer(buf, len, buf + len, size - len, &sig)) {
+               else if (verify_signed_buffer(buf, len, buf + len, size - len, &sig, NULL)) {
                        if (!sig.len)
                                strbuf_addstr(&sig, "gpg verification failed.\n");
                }

diff --git a/builtin/verify-tag.c b/builtin/verify-tag.c
index a8eee886a5281965a0660308df9e94d14c1cb2b8..9cdf332333b95b3ab2ea6e133f345105bd67d019 100644 (file)
--- a/builtin/verify-tag.c
+++ b/builtin/verify-tag.c
@@ -29,7 +29,7 @@ static int run_gpg_verify(const char *buf, unsigned long size, int verbose)
        if (size == len)
                return error("no signature found");
 
-       return verify_signed_buffer(buf, len, buf + len, size - len, NULL);
+       return verify_signed_buffer(buf, len, buf + len, size - len, NULL, NULL);
 }
 
 static int verify_tag(const char *name, int verbose)

diff --git a/gpg-interface.c b/gpg-interface.c
index f700b4c30d2163291f7ef37daf9e9261099d1462..ce07cd5cbbf9e0aa32bc79a9ce128369a0ce2603 100644 (file)
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -100,13 +100,14 @@ int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *sig
  */
 int verify_signed_buffer(const char *payload, size_t payload_size,
                         const char *signature, size_t signature_size,
-                        struct strbuf *gpg_output)
+                        struct strbuf *gpg_output, struct strbuf *gpg_status)
 {
        struct child_process gpg;
        const char *args_gpg[] = {NULL, "--status-fd=1", "--verify", "FILE", "-", NULL};
        char path[PATH_MAX];
        int fd, ret;
        struct strbuf buf = STRBUF_INIT;
+       struct strbuf *pbuf = &buf;
 
        args_gpg[0] = gpg_program;
        fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX");
@@ -137,15 +138,17 @@ int verify_signed_buffer(const char *payload, size_t payload_size,
                strbuf_read(gpg_output, gpg.err, 0);
                close(gpg.err);
        }
-       strbuf_read(&buf, gpg.out, 0);
+       if (gpg_status)
+               pbuf = gpg_status;
+       strbuf_read(pbuf, gpg.out, 0);
        close(gpg.out);
 
        ret = finish_command(&gpg);
 
        unlink_or_warn(path);
 
-       ret |= !strstr(buf.buf, "\n[GNUPG:] GOODSIG ");
-       strbuf_release(&buf);
+       ret |= !strstr(pbuf->buf, "\n[GNUPG:] GOODSIG ");
+       strbuf_release(&buf); /* no matter it was used or not */
 
        return ret;
 }

diff --git a/gpg-interface.h b/gpg-interface.h
index b9c36088cea3c1d419c23354e095320ebebd90a4..cf9902184272d20c6d5826cf9f10dcaebeb3e6e8 100644 (file)
--- a/gpg-interface.h
+++ b/gpg-interface.h
@@ -2,7 +2,7 @@
 #define GPG_INTERFACE_H
 
 extern int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key);
-extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output);
+extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output, struct strbuf *gpg_status);
 extern int git_gpg_config(const char *, const char *, void *);
 extern void set_signing_key(const char *);
 extern const char *get_signing_key(void);

diff --git a/log-tree.c b/log-tree.c
index ff9522f3d48948146fc26e69f2d5f55654ef202f..9cb78d195ec91b21230ca938b7ea5f95ecd9684d 100644 (file)
--- a/log-tree.c
+++ b/log-tree.c
@@ -434,7 +434,7 @@ static void show_signature(struct rev_info *opt, struct commit *commit)
 
        status = verify_signed_buffer(payload.buf, payload.len,
                                      signature.buf, signature.len,
-                                     &gpg_output);
+                                     &gpg_output, NULL);
        if (status && !gpg_output.len)
                strbuf_addstr(&gpg_output, "No signature\n");
 
@@ -503,7 +503,7 @@ static void show_one_mergetag(struct rev_info *opt,
                if (verify_signed_buffer(extra->value, payload_size,
                                         extra->value + payload_size,
                                         extra->len - payload_size,
-                                        &verify_message)) {
+                                        &verify_message, NULL)) {
                        if (verify_message.len <= gpg_message_offset)
                                strbuf_addstr(&verify_message, "No signature\n");
                        else

diff --git a/pretty.c b/pretty.c
index 91bb2d3ef675b12ac5425ae71600e13c1adc34f9..1ca86dc7fd5911a578cf88f1256b7892706ba9a8 100644 (file)
--- a/pretty.c
+++ b/pretty.c
@@ -917,7 +917,7 @@ static void parse_commit_signature(struct format_commit_context *ctx)
                goto out;
        status = verify_signed_buffer(payload.buf, payload.len,
                                      signature.buf, signature.len,
-                                     &gpg_output);
+                                     &gpg_output, NULL);
        if (status && !gpg_output.len)
                goto out;
        ctx->signature.gpg_output = strbuf_detach(&gpg_output, NULL);