This adds an OLD_GNUPG define to the Makefile which when activated will ensure git does not use the --keyid-format argument when calling the 'gpg' program. This is consistent with how 'gpg' was used in git < 2.10.0 and slightly decreases security. Signed-off-by: Tom G. Christensen <tgc@xxxxxxxxxxxxxxx> --- Makefile | 6 ++++++ gpg-interface.c | 2 ++ 2 files changed, 8 insertions(+) diff --git a/Makefile b/Makefile index ca9f16d19..f8f585d21 100644 --- a/Makefile +++ b/Makefile @@ -386,6 +386,8 @@ all:: # # to say "export LESS=FRX (and LV=-c) if the environment variable # LESS (and LV) is not set, respectively". +# +# Define OLD_GNUPG if you need support for gnupg < 1.4. GIT-VERSION-FILE: FORCE @$(SHELL_PATH) ./GIT-VERSION-GEN @@ -1529,6 +1531,10 @@ ifndef PAGER_ENV PAGER_ENV = LESS=FRX LV=-c endif +ifdef OLD_GNUPG + BASIC_CFLAGS += -DOLD_GNUPG +endif + QUIET_SUBDIR0 = +$(MAKE) -C # space to separate -C and subdir QUIET_SUBDIR1 = diff --git a/gpg-interface.c b/gpg-interface.c index e44cc27da..57f1ea792 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -224,7 +224,9 @@ int verify_signed_buffer(const char *payload, size_t payload_size, argv_array_pushl(&gpg.args, gpg_program, "--status-fd=1", +#ifndef OLD_GNUPG "--keyid-format=long", +#endif "--verify", temp.filename.buf, "-", NULL); -- 2.12.2