> if user.signingkey is not set and a ssh signature is requested we call
> ssh-add -L and use the first key we get
[snip]
> +/* Returns the first public key from an ssh-agent to use for signing */
> +static char *get_default_ssh_signing_key(void)
> +{
> + struct child_process ssh_add = CHILD_PROCESS_INIT;
> + int ret = -1;
> + struct strbuf key_stdout = STRBUF_INIT;
> + struct strbuf **keys;
> +
> + strvec_pushl(&ssh_add.args, "ssh-add", "-L", NULL);
> + ret = pipe_command(&ssh_add, NULL, 0, &key_stdout, 0, NULL, 0);
> + if (!ret) {
> + keys = strbuf_split_max(&key_stdout, '\n', 2);
> + if (keys[0])
> + return strbuf_detach(keys[0], NULL);
> + }
> +
> + strbuf_release(&key_stdout);
> + return "";
> +}
Could the commit message have a better explanation of why we need this?
(Also, I would think that the command being run needs to be configurable
instead of being just the first "ssh-add" in $PATH, and the parsing of
the output should be more rigorous. But this is moot if we don't need
this feature in the first place.)
