diff options
| -rw-r--r-- | builtin/receive-pack.c | 6 | ||||
| -rw-r--r-- | commit.c | 5 | ||||
| -rw-r--r-- | fmt-merge-msg.c | 4 | ||||
| -rw-r--r-- | gpg-interface.c | 37 | ||||
| -rw-r--r-- | gpg-interface.h | 6 | ||||
| -rw-r--r-- | log-tree.c | 8 | ||||
| -rw-r--r-- | tag.c | 4 |
7 files changed, 35 insertions, 35 deletions
diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c index 49b846d960..61ab63c2ea 100644 --- a/builtin/receive-pack.c +++ b/builtin/receive-pack.c @@ -769,8 +769,10 @@ static void prepare_push_cert_sha1(struct child_process *proc) memset(&sigcheck, '\0', sizeof(sigcheck)); bogs = parse_signed_buffer(push_cert.buf, push_cert.len); - check_signature(push_cert.buf, bogs, push_cert.buf + bogs, - push_cert.len - bogs, &sigcheck); + sigcheck.payload = xmemdupz(push_cert.buf, bogs); + sigcheck.payload_len = bogs; + check_signature(&sigcheck, push_cert.buf + bogs, + push_cert.len - bogs); nonce_status = check_nonce(push_cert.buf, bogs); } @@ -1212,8 +1212,9 @@ int check_commit_signature(const struct commit *commit, struct signature_check * if (parse_signed_commit(commit, &payload, &signature, the_hash_algo) <= 0) goto out; - ret = check_signature(payload.buf, payload.len, signature.buf, - signature.len, sigc); + + sigc->payload = strbuf_detach(&payload, &sigc->payload_len); + ret = check_signature(sigc, signature.buf, signature.len); out: strbuf_release(&payload); diff --git a/fmt-merge-msg.c b/fmt-merge-msg.c index 5216191488..deca1ea3a3 100644 --- a/fmt-merge-msg.c +++ b/fmt-merge-msg.c @@ -533,8 +533,8 @@ static void fmt_merge_msg_sigs(struct strbuf *out) else { buf = payload.buf; len = payload.len; - if (check_signature(payload.buf, payload.len, sig.buf, - sig.len, &sigc) && + sigc.payload = strbuf_detach(&payload, &sigc.payload_len); + if (check_signature(&sigc, sig.buf, sig.len) && !sigc.output) strbuf_addstr(&sig, "gpg verification failed.\n"); else diff --git a/gpg-interface.c b/gpg-interface.c index 3e7255a2a9..75ab6faacb 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -19,8 +19,8 @@ struct gpg_format { const char **verify_args; const char **sigs; int (*verify_signed_buffer)(struct signature_check *sigc, - struct gpg_format *fmt, const char *payload, - size_t payload_size, const char *signature, + struct gpg_format *fmt, + const char *signature, size_t signature_size); int (*sign_buffer)(struct strbuf *buffer, struct strbuf *signature, const char *signing_key); @@ -53,12 +53,12 @@ static const char *ssh_sigs[] = { }; static int verify_gpg_signed_buffer(struct signature_check *sigc, - struct gpg_format *fmt, const char *payload, - size_t payload_size, const char *signature, + struct gpg_format *fmt, + const char *signature, size_t signature_size); static int verify_ssh_signed_buffer(struct signature_check *sigc, - struct gpg_format *fmt, const char *payload, - size_t payload_size, const char *signature, + struct gpg_format *fmt, + const char *signature, size_t signature_size); static int sign_buffer_gpg(struct strbuf *buffer, struct strbuf *signature, const char *signing_key); @@ -314,8 +314,8 @@ error: } static int verify_gpg_signed_buffer(struct signature_check *sigc, - struct gpg_format *fmt, const char *payload, - size_t payload_size, const char *signature, + struct gpg_format *fmt, + const char *signature, size_t signature_size) { struct child_process gpg = CHILD_PROCESS_INIT; @@ -343,14 +343,13 @@ static int verify_gpg_signed_buffer(struct signature_check *sigc, NULL); sigchain_push(SIGPIPE, SIG_IGN); - ret = pipe_command(&gpg, payload, payload_size, &gpg_stdout, 0, + ret = pipe_command(&gpg, sigc->payload, sigc->payload_len, &gpg_stdout, 0, &gpg_stderr, 0); sigchain_pop(SIGPIPE); delete_tempfile(&temp); ret |= !strstr(gpg_stdout.buf, "\n[GNUPG:] GOODSIG "); - sigc->payload = xmemdupz(payload, payload_size); sigc->output = strbuf_detach(&gpg_stderr, NULL); sigc->gpg_status = strbuf_detach(&gpg_stdout, NULL); @@ -426,8 +425,8 @@ cleanup: } static int verify_ssh_signed_buffer(struct signature_check *sigc, - struct gpg_format *fmt, const char *payload, - size_t payload_size, const char *signature, + struct gpg_format *fmt, + const char *signature, size_t signature_size) { struct child_process ssh_keygen = CHILD_PROCESS_INIT; @@ -480,7 +479,7 @@ static int verify_ssh_signed_buffer(struct signature_check *sigc, "-n", "git", "-s", buffer_file->filename.buf, NULL); - pipe_command(&ssh_keygen, payload, payload_size, + pipe_command(&ssh_keygen, sigc->payload, sigc->payload_len, &ssh_keygen_out, 0, &ssh_keygen_err, 0); /* @@ -526,7 +525,7 @@ static int verify_ssh_signed_buffer(struct signature_check *sigc, } sigchain_push(SIGPIPE, SIG_IGN); - ret = pipe_command(&ssh_keygen, payload, payload_size, + ret = pipe_command(&ssh_keygen, sigc->payload, sigc->payload_len, &ssh_keygen_out, 0, &ssh_keygen_err, 0); sigchain_pop(SIGPIPE); @@ -540,7 +539,6 @@ static int verify_ssh_signed_buffer(struct signature_check *sigc, } } - sigc->payload = xmemdupz(payload, payload_size); strbuf_stripspace(&ssh_keygen_out, 0); strbuf_stripspace(&ssh_keygen_err, 0); /* Add stderr outputs to show the user actual ssh-keygen errors */ @@ -562,8 +560,8 @@ out: return ret; } -int check_signature(const char *payload, size_t plen, const char *signature, - size_t slen, struct signature_check *sigc) +int check_signature(struct signature_check *sigc, + const char *signature, size_t slen) { struct gpg_format *fmt; int status; @@ -575,8 +573,7 @@ int check_signature(const char *payload, size_t plen, const char *signature, if (!fmt) die(_("bad/incompatible signature '%s'"), signature); - status = fmt->verify_signed_buffer(sigc, fmt, payload, plen, signature, - slen); + status = fmt->verify_signed_buffer(sigc, fmt, signature, slen); if (status && !sigc->output) return !!status; @@ -593,7 +590,7 @@ void print_signature_buffer(const struct signature_check *sigc, unsigned flags) sigc->output; if (flags & GPG_VERIFY_VERBOSE && sigc->payload) - fputs(sigc->payload, stdout); + fwrite(sigc->payload, 1, sigc->payload_len, stdout); if (output) fputs(output, stderr); diff --git a/gpg-interface.h b/gpg-interface.h index beefacbb1e..5ee7d8b6b9 100644 --- a/gpg-interface.h +++ b/gpg-interface.h @@ -17,6 +17,7 @@ enum signature_trust_level { struct signature_check { char *payload; + size_t payload_len; char *output; char *gpg_status; @@ -70,9 +71,8 @@ const char *get_signing_key(void); * Either a GPG KeyID or a SSH Key Fingerprint */ const char *get_signing_key_id(void); -int check_signature(const char *payload, size_t plen, - const char *signature, size_t slen, - struct signature_check *sigc); +int check_signature(struct signature_check *sigc, + const char *signature, size_t slen); void print_signature_buffer(const struct signature_check *sigc, unsigned flags); diff --git a/log-tree.c b/log-tree.c index 644893fd8c..a46cf60e1e 100644 --- a/log-tree.c +++ b/log-tree.c @@ -513,8 +513,8 @@ static void show_signature(struct rev_info *opt, struct commit *commit) if (parse_signed_commit(commit, &payload, &signature, the_hash_algo) <= 0) goto out; - status = check_signature(payload.buf, payload.len, signature.buf, - signature.len, &sigc); + sigc.payload = strbuf_detach(&payload, &sigc.payload_len); + status = check_signature(&sigc, signature.buf, signature.len); if (status && !sigc.output) show_sig_lines(opt, status, "No signature\n"); else @@ -583,8 +583,8 @@ static int show_one_mergetag(struct commit *commit, status = -1; if (parse_signature(extra->value, extra->len, &payload, &signature)) { /* could have a good signature */ - status = check_signature(payload.buf, payload.len, - signature.buf, signature.len, &sigc); + sigc.payload = strbuf_detach(&payload, &sigc.payload_len); + status = check_signature(&sigc, signature.buf, signature.len); if (sigc.output) strbuf_addstr(&verify_message, sigc.output); else @@ -25,8 +25,8 @@ static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags) return error("no signature found"); } - ret = check_signature(payload.buf, payload.len, signature.buf, - signature.len, &sigc); + sigc.payload = strbuf_detach(&payload, &sigc.payload_len); + ret = check_signature(&sigc, signature.buf, signature.len); if (!(flags & GPG_VERIFY_OMIT_STATUS)) print_signature_buffer(&sigc, flags); |