Henning Schild <henning.schild@xxxxxxxxxxx> writes: > The combination of verify_signed_buffer followed by parse_gpg_output is > available as check_signature. Use that instead of implementing it again. > > Signed-off-by: Henning Schild <henning.schild@xxxxxxxxxxx> > --- Makes sense. When d05b9618 ("receive-pack: GPG-validate push certificates", 2014-08-14) implemented the check, there wasn't check_signature() available. The commit probably should have done what a4cc18f2 ("verify-tag: share code with verify-commit", 2015-06-21) later did to introduce the check_signature() function by factoring it out of commit.c::check_commit_signature() as a preparatory step. Will queue. Thanks. > builtin/receive-pack.c | 17 ++--------------- > 1 file changed, 2 insertions(+), 15 deletions(-) > > diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c > index 68d36e0a5..9f0583deb 100644 > --- a/builtin/receive-pack.c > +++ b/builtin/receive-pack.c > @@ -629,8 +629,6 @@ static void prepare_push_cert_sha1(struct child_process *proc) > return; > > if (!already_done) { > - struct strbuf gpg_output = STRBUF_INIT; > - struct strbuf gpg_status = STRBUF_INIT; > int bogs /* beginning_of_gpg_sig */; > > already_done = 1; > @@ -639,22 +637,11 @@ static void prepare_push_cert_sha1(struct child_process *proc) > oidclr(&push_cert_oid); > > memset(&sigcheck, '\0', sizeof(sigcheck)); > - sigcheck.result = 'N'; > > bogs = parse_signature(push_cert.buf, push_cert.len); > - if (verify_signed_buffer(push_cert.buf, bogs, > - push_cert.buf + bogs, push_cert.len - bogs, > - &gpg_output, &gpg_status) < 0) { > - ; /* error running gpg */ > - } else { > - sigcheck.payload = push_cert.buf; > - sigcheck.gpg_output = gpg_output.buf; > - sigcheck.gpg_status = gpg_status.buf; > - parse_gpg_output(&sigcheck); > - } > + check_signature(push_cert.buf, bogs, push_cert.buf + bogs, > + push_cert.len - bogs, &sigcheck); > > - strbuf_release(&gpg_output); > - strbuf_release(&gpg_status); > nonce_status = check_nonce(push_cert.buf, bogs); > } > if (!is_null_oid(&push_cert_oid)) {