From: Santiago Torres <santiago@xxxxxxx> The PGP verification routine for tags could be accessed by other modules that require to do so. Publish the verify_tag function in tag.c and rename it to gpg_verify_tag so it does not conflict with builtin/mktag's static function. Helped-by: Junio C Hamano <gitster@xxxxxxxxx> Signed-off-by: Santiago Torres <santiago@xxxxxxx> --- builtin/verify-tag.c | 55 +--------------------------------------------------- tag.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++ tag.h | 2 ++ 3 files changed, 56 insertions(+), 54 deletions(-) diff --git a/builtin/verify-tag.c b/builtin/verify-tag.c index 01e956f..714c899 100644 --- a/builtin/verify-tag.c +++ b/builtin/verify-tag.c @@ -18,59 +18,6 @@ static const char * const verify_tag_usage[] = { NULL }; -static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags) -{ - struct signature_check sigc; - size_t payload_size; - int ret; - - memset(&sigc, 0, sizeof(sigc)); - - payload_size = parse_signature(buf, size); - - if (size == payload_size) { - if (flags & GPG_VERIFY_VERBOSE) - write_in_full(1, buf, payload_size); - return error("no signature found"); - } - - ret = check_signature(buf, payload_size, buf + payload_size, - size - payload_size, &sigc); - print_signature_buffer(&sigc, flags); - - signature_check_clear(&sigc); - return ret; -} - -static int verify_tag(const unsigned char *sha1, const char *name_to_report, - unsigned flags) -{ - enum object_type type; - char *buf; - unsigned long size; - int ret; - - type = sha1_object_info(sha1, NULL); - if (type != OBJ_TAG) - return error("%s: cannot verify a non-tag object of type %s.", - name_to_report ? - name_to_report : - find_unique_abbrev(sha1, DEFAULT_ABBREV), - typename(type)); - - buf = read_sha1_file(sha1, &type, &size); - if (!buf) - return error("%s: unable to read file.", - name_to_report ? - name_to_report : - find_unique_abbrev(sha1, DEFAULT_ABBREV)); - - ret = run_gpg_verify(buf, size, flags); - - free(buf); - return ret; -} - static int git_verify_tag_config(const char *var, const char *value, void *cb) { int status = git_gpg_config(var, value, cb); @@ -105,7 +52,7 @@ int cmd_verify_tag(int argc, const char **argv, const char *prefix) name = argv[i++]; if (get_sha1(name, sha1)) had_error = !!error("tag '%s' not found.", name); - else if (verify_tag(sha1, name, flags)) + else if (gpg_verify_tag(sha1, name, flags)) had_error = 1; } return had_error; diff --git a/tag.c b/tag.c index d72f742..ace619a 100644 --- a/tag.c +++ b/tag.c @@ -6,6 +6,59 @@ const char *tag_type = "tag"; +static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags) +{ + struct signature_check sigc; + size_t payload_size; + int ret; + + memset(&sigc, 0, sizeof(sigc)); + + payload_size = parse_signature(buf, size); + + if (size == payload_size) { + if (flags & GPG_VERIFY_VERBOSE) + write_in_full(1, buf, payload_size); + return error("no signature found"); + } + + ret = check_signature(buf, payload_size, buf + payload_size, + size - payload_size, &sigc); + print_signature_buffer(&sigc, flags); + + signature_check_clear(&sigc); + return ret; +} + +extern int gpg_verify_tag(const unsigned char *sha1, + const char *name_to_report, unsigned flags) +{ + enum object_type type; + char *buf; + unsigned long size; + int ret; + + type = sha1_object_info(sha1, NULL); + if (type != OBJ_TAG) + return error("%s: cannot verify a non-tag object of type %s.", + name_to_report ? + name_to_report : + find_unique_abbrev(sha1, DEFAULT_ABBREV), + typename(type)); + + buf = read_sha1_file(sha1, &type, &size); + if (!buf) + return error("%s: unable to read file.", + name_to_report ? + name_to_report : + find_unique_abbrev(sha1, DEFAULT_ABBREV)); + + ret = run_gpg_verify(buf, size, flags); + + free(buf); + return ret; +} + struct object *deref_tag(struct object *o, const char *warn, int warnlen) { while (o && o->type == OBJ_TAG) diff --git a/tag.h b/tag.h index f4580ae..a5721b6 100644 --- a/tag.h +++ b/tag.h @@ -17,5 +17,7 @@ extern int parse_tag_buffer(struct tag *item, const void *data, unsigned long si extern int parse_tag(struct tag *item); extern struct object *deref_tag(struct object *, const char *, int); extern struct object *deref_tag_noverify(struct object *); +extern int gpg_verify_tag(const unsigned char *sha1, + const char *name_to_report, unsigned flags); #endif /* TAG_H */ -- 2.8.0 -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html