From: Michael J Gruber <git@drmicha.warpmail.net>
Date: Thu, 14 Feb 2013 16:04:42 +0000 (+0100)
Subject: gpg-interface: check good signature in a reliable way
X-Git-Tag: v1.8.2.1~9^2~4
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/b60b7566c04e5f54c0e40229c1716d99d834ab68?hp=b60b7566c04e5f54c0e40229c1716d99d834ab68

gpg-interface: check good signature in a reliable way

Currently, verify_signed_buffer() only checks the return code of gpg,
and some callers implement additional unreliable checks for "Good
signature" in the gpg output meant for the user.

Use the status output instead and parse for a line beinning with
"[GNUPG:] GOODSIG ". This is the only reliable way of checking for a
good gpg signature.

If needed we can change this easily to "[GNUPG:] VALIDSIG " if we want
to take into account the trust model.

Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---