From: Jacob Sarvis<jsarvis@xxxxxxxxxxxx> log: Read gpg settings for signed commit verification Commit signature verification fails when alternative gpg.program signs the commit, but gpg attempts to verify the signature. "show --show-signature" and "log --show-signature" do not read the gpg.program setting from git config. Commit signing, tag signing, and tag verification use this setting properly. Make log and show commands pass through settings to gpg interface. Signed-off-by: Hans Brigman <hbrigman@xxxxxxxxxxxx> --- builtin/log.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/builtin/log.c b/builtin/log.c index 8f0b2e8..31f5a9e 100644 --- a/builtin/log.c +++ b/builtin/log.c @@ -23,6 +23,7 @@ #include "streaming.h" #include "version.h" #include "mailmap.h" +#include "gpg-interface.h" /* Set a default date-time format for git log ("log.date" config variable) */ static const char *default_date_mode = NULL; @@ -364,7 +365,8 @@ static int git_log_config(const char *var, const char *value, void *cb) use_mailmap_config = git_config_bool(var, value); return 0; } - + if (git_gpg_config(var, value, cb) < 0) + return -1; if (grep_config(var, value, cb) < 0) return -1; return git_diff_ui_config(var, value, cb); -- 1.7.11.msysgit.0 On Mon, Mar 25, 2013 at 01:03:52PM -0500, Hans Brigman wrote: > "show --show-signature" doesn't currently use the gpg.program setting. Commit signing, tag signing, and tag verification currently use this setting properly, so the logic has been added to handle it here as well. Please wrap your commit messages at something reasonable (70 is probably as high as you want to go, given that log output is often shown indented). > @@ -364,7 +365,8 @@ static int git_log_config(const char *var, const char *value, void *cb) > use_mailmap_config = git_config_bool(var, value); > return 0; > } > - > + if (!prefixcmp(var, "gpg.")) > + return git_gpg_config(var, value, NULL); > if (grep_config(var, value, cb) < 0) > return -1; The gpg config can also be other places than "gpg.*". Right now it is just user.signingkey, which log would not care about, but it feels like we are depending an unnecessary detail here. We also don't know whether it would care about the callback data. Is there a reason not to do: if (git_gpg_config(var, value, cb) < 0) return -1; just like the grep_config call below? -Peff
Attachment:
0001-log-Read-gpg-settings-for-signed-commit-verification.patch
Description: 0001-log-Read-gpg-settings-for-signed-commit-verification.patch