Rolf Eike Beer <eb@xxxxxxxxx> writes:
> I use this one:
>
> [format]
> pretty = %C(yellow)commit %H%C(auto)%d%Creset%nAuthor: %an <%ae>
> %C(yellow)% GK %GS %C(auto)[%GT% G?]%Creset%nDate: %ad%n%n%w(0,4,4)%s%n%w(0,
> 4,4)%+b
>
> When I now run "git log" in a repository that contains commits signed by
> people not in my keyring (e.g. the Gentoo git) I get this backtrace:
Thanks for a clearly described report. GPG reports something like
[GNUPG:] NEWSIG
[GNUPG:] ERRSIG B0B5E88696AFE6CB 1 8 00 1681831898 9 E1F036B1FEE7221FC778ECEFB0B5E88696AFE6CB
[GNUPG:] NO_PUBKEY B0B5E88696AFE6CB
but parse_gpg_output() that is responsible for setting the
trust_level member of sigc structure never responds to this report
because none among NEWSIG, ERRSIG, and NO_PUBKEY begins with
"TRUST_" that triggers a call to parse_gpg_trust_level() to set the
member.
The caller of parse_gpg_output() initializes the member to -1 and
that is left intact. Of course, it is not one of the values that
gpg_trust_level_to_str() knows about.
The absolute minimum fix is to initialize the member to TRUST_NEVER
which is one of the values gpg_trust_level_to_str() knows about. It
seems that SSH based signature verification codepath uses the same
approach.
gpg-interface.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git c/gpg-interface.c w/gpg-interface.c
index aceeb08336..2044e00205 100644
--- c/gpg-interface.c
+++ w/gpg-interface.c
@@ -650,7 +650,7 @@ int check_signature(struct signature_check *sigc,
gpg_interface_lazy_init();
sigc->result = 'N';
- sigc->trust_level = -1;
+ sigc->trust_level = TRUST_NEVER;
fmt = get_format_by_sig(signature);
if (!fmt)
