Move commit GPG signature verification to commit.c
authorSebastian Götte <jaseg@physik.tu-berlin.de>
Sun, 31 Mar 2013 16:00:14 +0000 (18:00 +0200)
committerJunio C Hamano <gitster@pobox.com>
Mon, 1 Apr 2013 02:15:11 +0000 (19:15 -0700)
Signed-off-by: Sebastian Götte <jaseg@physik-pool.tu-berlin.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
commit.c
commit.h
gpg-interface.h
pretty.c
index b4512ab0b2ebd008aa90e0dfe00fbc1aa42a5c64..66a3f4e8f42069f23f25b04b10a6a6d46f6780c2 100644 (file)
--- a/commit.c
+++ b/commit.c
@@ -1041,6 +1041,65 @@ static void handle_signed_tag(struct commit *parent, struct commit_extra_header
        free(buf);
 }
 
+static struct {
+       char result;
+       const char *check;
+} sigcheck_gpg_status[] = {
+       { 'G', "\n[GNUPG:] GOODSIG " },
+       { 'B', "\n[GNUPG:] BADSIG " },
+};
+
+static void parse_gpg_output(struct signature_check *sigc)
+{
+       const char *buf = sigc->gpg_status;
+       int i;
+
+       for (i = 0; i < ARRAY_SIZE(sigcheck_gpg_status); i++) {
+               const char *found = strstr(buf, sigcheck_gpg_status[i].check);
+               const char *next;
+               if (!found)
+                       continue;
+               sigc->result = sigcheck_gpg_status[i].result;
+               found += strlen(sigcheck_gpg_status[i].check);
+               sigc->key = xmemdupz(found, 16);
+               found += 17;
+               next = strchrnul(found, '\n');
+               sigc->signer = xmemdupz(found, next - found);
+               break;
+       }
+}
+
+void check_commit_signature(const struct commit* commit, struct signature_check *sigc)
+{
+       struct strbuf payload = STRBUF_INIT;
+       struct strbuf signature = STRBUF_INIT;
+       struct strbuf gpg_output = STRBUF_INIT;
+       struct strbuf gpg_status = STRBUF_INIT;
+       int status;
+
+       sigc->result = 'N';
+
+       if (parse_signed_commit(commit->object.sha1,
+                               &payload, &signature) <= 0)
+               goto out;
+       status = verify_signed_buffer(payload.buf, payload.len,
+                                     signature.buf, signature.len,
+                                     &gpg_output, &gpg_status);
+       if (status && !gpg_output.len)
+               goto out;
+       sigc->gpg_output = strbuf_detach(&gpg_output, NULL);
+       sigc->gpg_status = strbuf_detach(&gpg_status, NULL);
+       parse_gpg_output(sigc);
+
+ out:
+       strbuf_release(&gpg_status);
+       strbuf_release(&gpg_output);
+       strbuf_release(&payload);
+       strbuf_release(&signature);
+}
+
+
+
 void append_merge_tag_headers(struct commit_list *parents,
                              struct commit_extra_header ***tail)
 {
index 2d90d9c27c8fb947e30a368cb5fb266f643b8bae..c24b844ad64167e88047d07198be273bba284663 100644 (file)
--- a/commit.h
+++ b/commit.h
@@ -5,6 +5,7 @@
 #include "tree.h"
 #include "strbuf.h"
 #include "decorate.h"
+#include "gpg-interface.h"
 
 struct commit_list {
        struct commit *item;
@@ -232,4 +233,13 @@ extern void print_commit_list(struct commit_list *list,
                              const char *format_cur,
                              const char *format_last);
 
+/*
+ * Check the signature of the given commit. The result of the check is stored in
+ * sig->result, 'G' for a good signature, 'B' for a bad signature and 'N'
+ * for no signature at all.
+ * This may allocate memory for sig->gpg_output, sig->gpg_status, sig->signer
+ * and sig->key.
+ */
+extern void check_commit_signature(const struct commit* commit, struct signature_check *sigc);
+
 #endif /* COMMIT_H */
index cf9902184272d20c6d5826cf9f10dcaebeb3e6e8..5884aa405293dcb9949c627fb630993dbb5ff857 100644 (file)
@@ -1,6 +1,17 @@
 #ifndef GPG_INTERFACE_H
 #define GPG_INTERFACE_H
 
+struct signature_check {
+       char *gpg_output;
+       char *gpg_status;
+       char result; /* 0 (not checked),
+                     * N (checked but no further result),
+                     * G (good)
+                     * B (bad) */
+       char *signer;
+       char *key;
+};
+
 extern int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key);
 extern int verify_signed_buffer(const char *payload, size_t payload_size, const char *signature, size_t signature_size, struct strbuf *gpg_output, struct strbuf *gpg_status);
 extern int git_gpg_config(const char *, const char *, void *);
index 41f04e669d3b9c38f49e0853053a6ba27b97357a..35b592ad837b0e0394b6aa3036d6062043ae469f 100644 (file)
--- a/pretty.c
+++ b/pretty.c
@@ -766,14 +766,7 @@ struct format_commit_context {
        const struct pretty_print_context *pretty_ctx;
        unsigned commit_header_parsed:1;
        unsigned commit_message_parsed:1;
-       unsigned commit_signature_parsed:1;
-       struct {
-               char *gpg_output;
-               char *gpg_status;
-               char good_bad;
-               char *signer;
-               char *key;
-       } signature;
+       struct signature_check signature_check;
        char *message;
        size_t width, indent1, indent2;
 
@@ -956,64 +949,6 @@ static void rewrap_message_tail(struct strbuf *sb,
        c->indent2 = new_indent2;
 }
 
-static struct {
-       char result;
-       const char *check;
-} signature_check[] = {
-       { 'G', "\n[GNUPG:] GOODSIG " },
-       { 'B', "\n[GNUPG:] BADSIG " },
-};
-
-static void parse_signature_lines(struct format_commit_context *ctx)
-{
-       const char *buf = ctx->signature.gpg_status;
-       int i;
-
-       for (i = 0; i < ARRAY_SIZE(signature_check); i++) {
-               const char *found = strstr(buf, signature_check[i].check);
-               const char *next;
-               if (!found)
-                       continue;
-               ctx->signature.good_bad = signature_check[i].result;
-               found += strlen(signature_check[i].check);
-               ctx->signature.key = xmemdupz(found, 16);
-               found += 17;
-               next = strchrnul(found, '\n');
-               ctx->signature.signer = xmemdupz(found, next - found);
-               break;
-       }
-}
-
-static void parse_commit_signature(struct format_commit_context *ctx)
-{
-       struct strbuf payload = STRBUF_INIT;
-       struct strbuf signature = STRBUF_INIT;
-       struct strbuf gpg_output = STRBUF_INIT;
-       struct strbuf gpg_status = STRBUF_INIT;
-       int status;
-
-       ctx->commit_signature_parsed = 1;
-
-       if (parse_signed_commit(ctx->commit->object.sha1,
-                               &payload, &signature) <= 0)
-               goto out;
-       status = verify_signed_buffer(payload.buf, payload.len,
-                                     signature.buf, signature.len,
-                                     &gpg_output, &gpg_status);
-       if (status && !gpg_output.len)
-               goto out;
-       ctx->signature.gpg_output = strbuf_detach(&gpg_output, NULL);
-       ctx->signature.gpg_status = strbuf_detach(&gpg_status, NULL);
-       parse_signature_lines(ctx);
-
- out:
-       strbuf_release(&gpg_status);
-       strbuf_release(&gpg_output);
-       strbuf_release(&payload);
-       strbuf_release(&signature);
-}
-
-
 static int format_reflog_person(struct strbuf *sb,
                                char part,
                                struct reflog_walk_info *log,
@@ -1199,27 +1134,27 @@ static size_t format_commit_one(struct strbuf *sb, const char *placeholder,
        }
 
        if (placeholder[0] == 'G') {
-               if (!c->commit_signature_parsed)
-                       parse_commit_signature(c);
+               if (!c->signature_check.result)
+                       check_commit_signature(c->commit, &(c->signature_check));
                switch (placeholder[1]) {
                case 'G':
-                       if (c->signature.gpg_output)
-                               strbuf_addstr(sb, c->signature.gpg_output);
+                       if (c->signature_check.gpg_output)
+                               strbuf_addstr(sb, c->signature_check.gpg_output);
                        break;
                case '?':
-                       switch (c->signature.good_bad) {
+                       switch (c->signature_check.result) {
                        case 'G':
                        case 'B':
-                               strbuf_addch(sb, c->signature.good_bad);
+                               strbuf_addch(sb, c->signature_check.result);
                        }
                        break;
                case 'S':
-                       if (c->signature.signer)
-                               strbuf_addstr(sb, c->signature.signer);
+                       if (c->signature_check.signer)
+                               strbuf_addstr(sb, c->signature_check.signer);
                        break;
                case 'K':
-                       if (c->signature.key)
-                               strbuf_addstr(sb, c->signature.key);
+                       if (c->signature_check.key)
+                               strbuf_addstr(sb, c->signature_check.key);
                        break;
                }
                return 2;
@@ -1357,8 +1292,8 @@ void format_commit_message(const struct commit *commit,
        rewrap_message_tail(sb, &context, 0, 0, 0);
 
        logmsg_free(context.message, commit);
-       free(context.signature.gpg_output);
-       free(context.signature.signer);
+       free(context.signature_check.gpg_output);
+       free(context.signature_check.signer);
 }
 
 static void pp_header(const struct pretty_print_context *pp,