From: Junio C Hamano <gitster@pobox.com>
Date: Tue, 16 Aug 2016 22:04:13 +0000 (-0700)
Subject: Merge branch 'lt/gpg-show-long-key-in-signature-verification-maint' into lt/gpg-show-long-key-in-signature-verification
X-Git-Tag: v2.10.0-rc1~1^2
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/af2b21ec3cab346fcb19f5794eec6317330cd2a3?ds=inline;hp=-c

Merge branch 'lt/gpg-show-long-key-in-signature-verification-maint' into lt/gpg-show-long-key-in-signature-verification

Linus's original was rebased to apply to the maintenance track just
in case binary distributors that are stuck in the past want to take
it to their older codebase.  Let's merge it up to more modern
codebase that has Peff's gpg-interface clean-up topic that appeared
after Git 2.9 was tagged.

* lt/gpg-show-long-key-in-signature-verification-maint:
gpg-interface: prefer "long" key format output when verifying pgp signatures
---

af2b21ec3cab346fcb19f5794eec6317330cd2a3
diff --combined gpg-interface.c
index 08356f92e7,f6d9d87270..8672edaf48
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@@ -3,7 -3,6 +3,7 @@@
  #include "strbuf.h"
  #include "gpg-interface.h"
  #include "sigchain.h"
 +#include "tempfile.h"
  
  static char *configured_signing_key;
  static const char *gpg_program = "gpg";
@@@ -151,30 -150,42 +151,30 @@@ const char *get_signing_key(void
  int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *signing_key)
  {
  	struct child_process gpg = CHILD_PROCESS_INIT;
 -	const char *args[4];
 -	ssize_t len;
 +	int ret;
  	size_t i, j, bottom;
 +	struct strbuf gpg_status = STRBUF_INIT;
  
 -	gpg.argv = args;
 -	gpg.in = -1;
 -	gpg.out = -1;
 -	args[0] = gpg_program;
 -	args[1] = "-bsau";
 -	args[2] = signing_key;
 -	args[3] = NULL;
 +	argv_array_pushl(&gpg.args,
 +			 gpg_program,
 +			 "--status-fd=2",
 +			 "-bsau", signing_key,
 +			 NULL);
  
 -	if (start_command(&gpg))
 -		return error(_("could not run gpg."));
 +	bottom = signature->len;
  
  	/*
  	 * When the username signingkey is bad, program could be terminated
  	 * because gpg exits without reading and then write gets SIGPIPE.
  	 */
  	sigchain_push(SIGPIPE, SIG_IGN);
 -
 -	if (write_in_full(gpg.in, buffer->buf, buffer->len) != buffer->len) {
 -		close(gpg.in);
 -		close(gpg.out);
 -		finish_command(&gpg);
 -		return error(_("gpg did not accept the data"));
 -	}
 -	close(gpg.in);
 -
 -	bottom = signature->len;
 -	len = strbuf_read(signature, gpg.out, 1024);
 -	close(gpg.out);
 -
 +	ret = pipe_command(&gpg, buffer->buf, buffer->len,
 +			   signature, 1024, &gpg_status, 0);
  	sigchain_pop(SIGPIPE);
  
 -	if (finish_command(&gpg) || !len || len < 0)
 +	ret |= !strstr(gpg_status.buf, "\n[GNUPG:] SIG_CREATED ");
 +	strbuf_release(&gpg_status);
 +	if (ret)
  		return error(_("gpg failed to sign the data"));
  
  	/* Strip CR from the line endings, in case we are on Windows. */
@@@ -199,38 -210,50 +199,39 @@@ int verify_signed_buffer(const char *pa
  			 struct strbuf *gpg_output, struct strbuf *gpg_status)
  {
  	struct child_process gpg = CHILD_PROCESS_INIT;
 -	const char *args_gpg[] = {NULL, "--status-fd=1", "--keyid-format=long", "--verify", "FILE", "-", NULL};
 -	char path[PATH_MAX];
 +	static struct tempfile temp;
  	int fd, ret;
  	struct strbuf buf = STRBUF_INIT;
 -	struct strbuf *pbuf = &buf;
  
 -	args_gpg[0] = gpg_program;
 -	fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX");
 +	fd = mks_tempfile_t(&temp, ".git_vtag_tmpXXXXXX");
  	if (fd < 0)
 -		return error(_("could not create temporary file '%s': %s"),
 -			     path, strerror(errno));
 -	if (write_in_full(fd, signature, signature_size) < 0)
 -		return error(_("failed writing detached signature to '%s': %s"),
 -			     path, strerror(errno));
 +		return error_errno(_("could not create temporary file"));
 +	if (write_in_full(fd, signature, signature_size) < 0) {
 +		error_errno(_("failed writing detached signature to '%s'"),
 +			    temp.filename.buf);
 +		delete_tempfile(&temp);
 +		return -1;
 +	}
  	close(fd);
  
 -	gpg.argv = args_gpg;
 -	gpg.in = -1;
 -	gpg.out = -1;
 -	if (gpg_output)
 -		gpg.err = -1;
 -	args_gpg[4] = path;
 -	if (start_command(&gpg)) {
 -		unlink(path);
 -		return error(_("could not run gpg."));
 -	}
 +	argv_array_pushl(&gpg.args,
 +			 gpg_program,
 +			 "--status-fd=1",
++			 "--keyid-format=long",
 +			 "--verify", temp.filename.buf, "-",
 +			 NULL);
  
 -	write_in_full(gpg.in, payload, payload_size);
 -	close(gpg.in);
 +	if (!gpg_status)
 +		gpg_status = &buf;
  
 -	if (gpg_output) {
 -		strbuf_read(gpg_output, gpg.err, 0);
 -		close(gpg.err);
 -	}
 -	if (gpg_status)
 -		pbuf = gpg_status;
 -	strbuf_read(pbuf, gpg.out, 0);
 -	close(gpg.out);
 -
 -	ret = finish_command(&gpg);
 +	sigchain_push(SIGPIPE, SIG_IGN);
 +	ret = pipe_command(&gpg, payload, payload_size,
 +			   gpg_status, 0, gpg_output, 0);
 +	sigchain_pop(SIGPIPE);
  
 -	unlink_or_warn(path);
 +	delete_tempfile(&temp);
  
 -	ret |= !strstr(pbuf->buf, "\n[GNUPG:] GOODSIG ");
 +	ret |= !strstr(gpg_status->buf, "\n[GNUPG:] GOODSIG ");
  	strbuf_release(&buf); /* no matter it was used or not */
  
  	return ret;