Fabian Stelzer <fs@xxxxxxxxxxxx> writes: > On 28.09.21 02:52, Junio C Hamano wrote > * fs/ssh-signing (2021-09-10) > 9 commits >> - ssh signing: test that gpg fails for unknown keys >> - ssh signing: tests for logs, tags & push certs >> - ssh signing: duplicate t7510 tests for commits >> - ssh signing: verify signatures using ssh-keygen >> - ssh signing: provide a textual signing_key_id >> - ssh signing: retrieve a default key from ssh-agent >> - ssh signing: add ssh key format and signing code >> - ssh signing: add test prereqs >> - ssh signing: preliminary refactoring and clean-up >> >> Use ssh public crypto for object and push-cert signing. >> >> On hold. >> cf. <pull.1041.v8.git.git.1631304462.gitgitgadget@xxxxxxxxx> >> cf. <532d97e7-8c91-df6a-6d90-70668256f513@xxxxxxxxxxxx> >> >> > Openssh 8.8 has been released a few days ago and includes the needed fix > for the find-principal segfault. > I ran the full git testsuite against it without issues. > > Also, we (~30developers) have been running this patch with > openssh-portable (2d678c5e3bdc2f5c99f7af5122e9d054925d560d / post 8.7 - > pre 8.8) in our organization for the last 2 weeks without problems. > ... > But vverall i think this is ready for some broader usage/testing via next. > > I'd suggest to send the additional patches for valid-before/after > functionality in a new patchset for review after. OK, so with the new OpenSSH, there wasn't anything that contradicts what the above set of patches wanted to do and the series is good to go? Let's merge it to 'next' for wider audience, then. Thanks.
