[PATCH v5 0/8] ssh signing: verify key lifetime

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

changes since v4:
 - removed unneccessary io redir in merge-msg tests
 - added grep for merged tag to gpgssh merge-msg tests

changes since v3:
 - improve readability of prereq setup code by using heredoc and some
   variables

changes since v2:
 - fix swich/case indentation
 - BUG() on unknown payload types
 - improve test prereq by actually validating ssh-keygen functionality

changes since v1:
 - struct signature_check is now used to input payload data into
   check_function
 - payload metadata parsing is completely internal to check_signature.
   the caller only need to set the payload type in the sigc struct
 - small nits and readability fixes
 - removed payload_signer parameter. since we now use the struct we can
   extend
   this later.

Fabian Stelzer (8):
  ssh signing: use sigc struct to pass payload
  ssh signing: add key lifetime test prereqs
  ssh signing: make verify-commit consider key lifetime
  ssh signing: make git log verify key lifetime
  ssh signing: make verify-tag consider key lifetime
  ssh signing: make fmt-merge-msg consider key lifetime
  ssh signing: verify ssh-keygen in test prereq
  t/fmt-merge-msg: make gpg/ssh tests more specific

 Documentation/config/gpg.txt     |  5 ++
 builtin/receive-pack.c           |  6 ++-
 commit.c                         |  6 ++-
 fmt-merge-msg.c                  |  5 +-
 gpg-interface.c                  | 90 +++++++++++++++++++++++++-------
 gpg-interface.h                  | 15 ++++--
 log-tree.c                       | 10 ++--
 t/lib-gpg.sh                     | 62 ++++++++++++++++++----
 t/t4202-log.sh                   | 43 +++++++++++++++
 t/t6200-fmt-merge-msg.sh         | 67 ++++++++++++++++++++++--
 t/t7031-verify-tag-signed-ssh.sh | 42 +++++++++++++++
 t/t7528-signed-commit-ssh.sh     | 42 +++++++++++++++
 tag.c                            |  5 +-
 13 files changed, 350 insertions(+), 48 deletions(-)

Range-diff against v4:
1:  c4447d30f2 = 1:  c4447d30f2 ssh signing: use sigc struct to pass payload
2:  0bb1617529 = 2:  0bb1617529 ssh signing: add key lifetime test prereqs
3:  f60bd1efd0 = 3:  f60bd1efd0 ssh signing: make verify-commit consider key lifetime
4:  5fc0ad5c37 = 4:  5fc0ad5c37 ssh signing: make git log verify key lifetime
5:  f1c225871f = 5:  f1c225871f ssh signing: make verify-tag consider key lifetime
6:  1cbd4dbb6b = 6:  1cbd4dbb6b ssh signing: make fmt-merge-msg consider key lifetime
7:  d60f4ec82c = 7:  d60f4ec82c ssh signing: verify ssh-keygen in test prereq
-:  ---------- > 8:  679a02d1fe t/fmt-merge-msg: make gpg/ssh tests more specific
-- 
2.31.1
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux