summaryrefslogtreecommitdiff
path: root/builtin
diff options
context:
space:
mode:
authorLibravatar Junio C Hamano <gitster@pobox.com>2021-02-22 16:12:42 -0800
committerLibravatar Junio C Hamano <gitster@pobox.com>2021-02-22 16:12:42 -0800
commit15af6e6fee54632358798bef548d89dd3764805d (patch)
treef4464996780c0c94bd0901bab9e161b9679fe05f /builtin
parentMerge branch 'dl/stash-cleanup' (diff)
parentgpg-interface: remove other signature headers before verifying (diff)
downloadtgif-15af6e6fee54632358798bef548d89dd3764805d.tar.xz
Merge branch 'bc/signed-objects-with-both-hashes'
Signed commits and tags now allow verification of objects, whose two object names (one in SHA-1, the other in SHA-256) are both signed. * bc/signed-objects-with-both-hashes: gpg-interface: remove other signature headers before verifying ref-filter: hoist signature parsing commit: allow parsing arbitrary buffers with headers gpg-interface: improve interface for parsing tags commit: ignore additional signatures when parsing signed commits ref-filter: switch some uses of unsigned long to size_t
Diffstat (limited to 'builtin')
-rw-r--r--builtin/receive-pack.c4
-rw-r--r--builtin/tag.c16
2 files changed, 14 insertions, 6 deletions
diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c
index d49d050e6e..b89ce31bf2 100644
--- a/builtin/receive-pack.c
+++ b/builtin/receive-pack.c
@@ -764,7 +764,7 @@ static void prepare_push_cert_sha1(struct child_process *proc)
memset(&sigcheck, '\0', sizeof(sigcheck));
- bogs = parse_signature(push_cert.buf, push_cert.len);
+ bogs = parse_signed_buffer(push_cert.buf, push_cert.len);
check_signature(push_cert.buf, bogs, push_cert.buf + bogs,
push_cert.len - bogs, &sigcheck);
@@ -2050,7 +2050,7 @@ static void queue_commands_from_cert(struct command **tail,
die("malformed push certificate %.*s", 100, push_cert->buf);
else
boc += 2;
- eoc = push_cert->buf + parse_signature(push_cert->buf, push_cert->len);
+ eoc = push_cert->buf + parse_signed_buffer(push_cert->buf, push_cert->len);
while (boc < eoc) {
const char *eol = memchr(boc, '\n', eoc - boc);
diff --git a/builtin/tag.c b/builtin/tag.c
index e8b85eefd8..4237dc724c 100644
--- a/builtin/tag.c
+++ b/builtin/tag.c
@@ -198,11 +198,17 @@ static void write_tag_body(int fd, const struct object_id *oid)
{
unsigned long size;
enum object_type type;
- char *buf, *sp;
+ char *buf, *sp, *orig;
+ struct strbuf payload = STRBUF_INIT;
+ struct strbuf signature = STRBUF_INIT;
- buf = read_object_file(oid, &type, &size);
+ orig = buf = read_object_file(oid, &type, &size);
if (!buf)
return;
+ if (parse_signature(buf, size, &payload, &signature)) {
+ buf = payload.buf;
+ size = payload.len;
+ }
/* skip header */
sp = strstr(buf, "\n\n");
@@ -211,9 +217,11 @@ static void write_tag_body(int fd, const struct object_id *oid)
return;
}
sp += 2; /* skip the 2 LFs */
- write_or_die(fd, sp, parse_signature(sp, buf + size - sp));
+ write_or_die(fd, sp, buf + size - sp);
- free(buf);
+ free(orig);
+ strbuf_release(&payload);
+ strbuf_release(&signature);
}
static int build_tag_object(struct strbuf *buf, int sign, struct object_id *result)