From: Junio C Hamano Date: Tue, 16 Aug 2016 22:04:13 +0000 (-0700) Subject: Merge branch 'lt/gpg-show-long-key-in-signature-verification-maint' into lt/gpg-show-long-key-in-signature-verification X-Git-Tag: v2.10.0-rc1~1^2 X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/af2b21ec3cab346fcb19f5794eec6317330cd2a3?hp=--cc Merge branch 'lt/gpg-show-long-key-in-signature-verification-maint' into lt/gpg-show-long-key-in-signature-verification Linus's original was rebased to apply to the maintenance track just in case binary distributors that are stuck in the past want to take it to their older codebase. Let's merge it up to more modern codebase that has Peff's gpg-interface clean-up topic that appeared after Git 2.9 was tagged. * lt/gpg-show-long-key-in-signature-verification-maint: gpg-interface: prefer "long" key format output when verifying pgp signatures --- af2b21ec3cab346fcb19f5794eec6317330cd2a3 diff --cc gpg-interface.c index 08356f92e7,f6d9d87270..8672edaf48 --- a/gpg-interface.c +++ b/gpg-interface.c @@@ -199,38 -210,50 +199,39 @@@ int verify_signed_buffer(const char *pa struct strbuf *gpg_output, struct strbuf *gpg_status) { struct child_process gpg = CHILD_PROCESS_INIT; - const char *args_gpg[] = {NULL, "--status-fd=1", "--keyid-format=long", "--verify", "FILE", "-", NULL}; - char path[PATH_MAX]; + static struct tempfile temp; int fd, ret; struct strbuf buf = STRBUF_INIT; - struct strbuf *pbuf = &buf; - args_gpg[0] = gpg_program; - fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX"); + fd = mks_tempfile_t(&temp, ".git_vtag_tmpXXXXXX"); if (fd < 0) - return error(_("could not create temporary file '%s': %s"), - path, strerror(errno)); - if (write_in_full(fd, signature, signature_size) < 0) - return error(_("failed writing detached signature to '%s': %s"), - path, strerror(errno)); + return error_errno(_("could not create temporary file")); + if (write_in_full(fd, signature, signature_size) < 0) { + error_errno(_("failed writing detached signature to '%s'"), + temp.filename.buf); + delete_tempfile(&temp); + return -1; + } close(fd); - gpg.argv = args_gpg; - gpg.in = -1; - gpg.out = -1; - if (gpg_output) - gpg.err = -1; - args_gpg[4] = path; - if (start_command(&gpg)) { - unlink(path); - return error(_("could not run gpg.")); - } + argv_array_pushl(&gpg.args, + gpg_program, + "--status-fd=1", ++ "--keyid-format=long", + "--verify", temp.filename.buf, "-", + NULL); - write_in_full(gpg.in, payload, payload_size); - close(gpg.in); + if (!gpg_status) + gpg_status = &buf; - if (gpg_output) { - strbuf_read(gpg_output, gpg.err, 0); - close(gpg.err); - } - if (gpg_status) - pbuf = gpg_status; - strbuf_read(pbuf, gpg.out, 0); - close(gpg.out); - - ret = finish_command(&gpg); + sigchain_push(SIGPIPE, SIG_IGN); + ret = pipe_command(&gpg, payload, payload_size, + gpg_status, 0, gpg_output, 0); + sigchain_pop(SIGPIPE); - unlink_or_warn(path); + delete_tempfile(&temp); - ret |= !strstr(pbuf->buf, "\n[GNUPG:] GOODSIG "); + ret |= !strstr(gpg_status->buf, "\n[GNUPG:] GOODSIG "); strbuf_release(&buf); /* no matter it was used or not */ return ret;